libsoup-2.4: fix do_compile failure

Remove test code for fixing do_compile failure: ../libsoup-2.74.3/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'? 1554 | SoupServerMessage *msg, | (From OE-Core rev: f14a6c98e4cbf4ee2a243387b018e29beab3b56a) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Changqing Li <changqing.li@windriver.com> 2025-06-03 17:21:05 +0800
committer: Steve Sakoman <steve@sakoman.com> 2025-06-11 08:17:34 -0700
commit: dd4312d0800c5b0cb348a12344bb9488b5561809 (patch)
tree: 614cb80ef3e48f58029bb30dc4d74550a3bdacdd
parent: 24f024f0420db94c052121fec18342d84c05d325 (diff)
download: poky-dd4312d0800c5b0cb348a12344bb9488b5561809.tar.gz
3 files changed, 24 insertions, 135 deletions
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch
index de4faf5380..847c76c2b7 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch
@@ -8,10 +8,17 @@ Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-tea
 Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe]
 CVE: CVE-2025-32910
 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+Remove test code for fixing do_compile failure of libsoup-2.4, test codes include
+new type added in 3.x version
+../libsoup-2.74.3/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
+ 1554 |                                       SoupServerMessage *msg,
+      |                                       ^~~~~~~~~~~~~~~~~
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
 ---
 libsoup/soup-auth-digest.c |  3 +++
- tests/auth-test.c          | 50 ++++++++++++++++++++++++++++++++++++++++++++++
+ 1 files changed, 3 insertions(+)
- 2 files changed, 53 insertions(+)
 diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
 index e8ba990..263a15a 100644
@@ -27,71 +34,3 @@ index e8ba990..263a15a 100644
        g_free (priv->domain);
        g_free (priv->nonce);
        g_free (priv->opaque);
-diff --git a/tests/auth-test.c b/tests/auth-test.c
-index 8295ec3..dfc6b09 100644
--- a/tests/auth-test.c
-+++ b/tests/auth-test.c
-@@ -1549,6 +1549,55 @@ do_cancel_after_retry_test (void)
-         soup_test_session_abort_unref (session);
- }
- 
-+static void
-+on_request_read_for_missing_realm (SoupServer        *server,
-+                                   SoupServerMessage *msg,
-+                                   gpointer           user_data)
-+{
-+        SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
-+        soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\"");
-+}
-+
-+static void
-+do_missing_realm_test (void)
-+{
-+        SoupSession *session;
-+        SoupMessage *msg;
-+        SoupServer *server;
-+        SoupAuthDomain *digest_auth_domain;
-+        gint status;
-+        GUri *uri;
-+
-+        server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
-+       soup_server_add_handler (server, NULL,
-+                                server_callback, NULL, NULL);
-+       uri = soup_test_server_get_uri (server, "http", NULL);
-+
-+       digest_auth_domain = soup_auth_domain_digest_new (
-+               "realm", "auth-test",
-+               "auth-callback", server_digest_auth_callback,
-+               NULL);
-+        soup_auth_domain_add_path (digest_auth_domain, "/");
-+       soup_server_add_auth_domain (server, digest_auth_domain);
-+        g_object_unref (digest_auth_domain);
-+
-+        g_signal_connect (server, "request-read",
-+                          G_CALLBACK (on_request_read_for_missing_realm),
-+                          NULL);
-+
-+        session = soup_test_session_new (NULL);
-+        msg = soup_message_new_from_uri ("GET", uri);
-+        g_signal_connect (msg, "authenticate",
-+                          G_CALLBACK (on_digest_authenticate),
-+                          NULL);
-+
-+        status = soup_test_session_send_message (session, msg);
-+
-+        g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
-+       g_uri_unref (uri);
-+       soup_test_server_quit_unref (server);
-+}
-+
- int
- main (int argc, char **argv)
- {
-@@ -1576,6 +1625,7 @@ main (int argc, char **argv)
-        g_test_add_func ("/auth/async-message-do-not-use-auth-cache", do_async_message_do_not_use_auth_cache_test);
-        g_test_add_func ("/auth/authorization-header-request", do_message_has_authorization_header_test);
-        g_test_add_func ("/auth/cancel-after-retry", do_cancel_after_retry_test);
-+        g_test_add_func ("/auth/missing-realm", do_missing_realm_test);
- 
-        ret = g_test_run ();
- 
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch
index 0d72afa1d6..a2168177a4 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch
@@ -8,10 +8,17 @@ Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-tea
 Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/405a8a34597a44bd58c4759e7d5e23f02c3b556a]
 CVE: CVE-2025-32910
 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+Remove test code for fixing do_compile failure of libsoup-2.4, test codes include
+new type added in 3.x version
+../libsoup-2.74.3/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
+ 1554 |                                       SoupServerMessage *msg,
+      |                                       ^~~~~~~~~~~~~~~~~
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
 ---
 libsoup/soup-auth-digest.c | 45 +++++++++++++++++++++++++++++++++++----------
- tests/auth-test.c          | 19 +++++++++++--------
+ 1 files changed, 35 insertions(+), 10 deletions(-)
- 2 files changed, 46 insertions(+), 18 deletions(-)
 diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
 index 263a15a..393adb6 100644
@@ -97,52 +104,3 @@ index 263a15a..393adb6 100644
        soup_auth_digest_compute_response (msg->method, url, priv->hex_a1,
                                           priv->qop, priv->nonce,
                                           priv->cnonce, priv->nc,
-diff --git a/tests/auth-test.c b/tests/auth-test.c
-index dfc6b09..6fb1e4a 100644
--- a/tests/auth-test.c
-+++ b/tests/auth-test.c
-@@ -1550,16 +1550,17 @@ do_cancel_after_retry_test (void)
- }
- 
- static void
-on_request_read_for_missing_realm (SoupServer        *server,
-                                   SoupServerMessage *msg,
-                                   gpointer           user_data)
-+on_request_read_for_missing_params (SoupServer        *server,
-+                                      SoupServerMessage *msg,
-+                                      gpointer           user_data)
- {
-+        const char *auth_header = user_data;
-         SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
-        soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\"");
-+        soup_message_headers_replace (response_headers, "WWW-Authenticate", auth_header);
- }
- 
- static void
-do_missing_realm_test (void)
-+do_missing_params_test (gconstpointer auth_header)
- {
-         SoupSession *session;
-         SoupMessage *msg;
-@@ -1582,8 +1583,8 @@ do_missing_realm_test (void)
-         g_object_unref (digest_auth_domain);
- 
-         g_signal_connect (server, "request-read",
-                          G_CALLBACK (on_request_read_for_missing_realm),
-                          NULL);
-+                          G_CALLBACK (on_request_read_for_missing_params),
-+                          (gpointer)auth_header);
- 
-         session = soup_test_session_new (NULL);
-         msg = soup_message_new_from_uri ("GET", uri);
-@@ -1625,7 +1626,9 @@ main (int argc, char **argv)
-        g_test_add_func ("/auth/async-message-do-not-use-auth-cache", do_async_message_do_not_use_auth_cache_test);
-        g_test_add_func ("/auth/authorization-header-request", do_message_has_authorization_header_test);
-        g_test_add_func ("/auth/cancel-after-retry", do_cancel_after_retry_test);
-        g_test_add_func ("/auth/missing-realm", do_missing_realm_test);
-+        g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
-+        g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
-+        g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
- 
-        ret = g_test_run ();
- 
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch
index 2a6f37cb58..906a889c13 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch
@@ -6,10 +6,14 @@ Subject: [PATCH 1/2] auth-digest: Handle missing nonce
 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992]
 CVE: CVE-2025-32912
 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+The test codes is based on CVE-2025-32910, test code in CVE-2025-32910
+is removed for fixing do_compile failure. So also remove this test code
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
 ---
 libsoup/soup-auth-digest.c | 2 +-
- tests/auth-test.c          | 1 +
+ 1 files changed, 1 insertions(+), 1 deletion(-)
- 2 files changed, 2 insertions(+), 1 deletion(-)
 diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
 index a1db188..f0edb81 100644
@@ -24,18 +28,6 @@ index a1db188..f0edb81 100644
                 return FALSE;
 
        g_free (priv->domain);
-diff --git a/tests/auth-test.c b/tests/auth-test.c
-index 6fb1e4a..343d7a5 100644
--- a/tests/auth-test.c
-+++ b/tests/auth-test.c
-@@ -1629,6 +1629,7 @@ main (int argc, char **argv)
-         g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
-         g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
-         g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
-+       g_test_add_data_func ("/auth/missing-params/nonce-and-qop", "Digest realm=\"auth-test\"", do_missing_params_test);
- 
-        ret = g_test_run ();
- 
 -- 
 2.25.1
author	Changqing Li <changqing.li@windriver.com>	2025-06-03 17:21:05 +0800
committer	Steve Sakoman <steve@sakoman.com>	2025-06-11 08:17:34 -0700
commit	dd4312d0800c5b0cb348a12344bb9488b5561809 (patch)
tree	614cb80ef3e48f58029bb30dc4d74550a3bdacdd
parent	24f024f0420db94c052121fec18342d84c05d325 (diff)
download	poky-dd4312d0800c5b0cb348a12344bb9488b5561809.tar.gz

diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch index de4faf5380..847c76c2b7 100644 --- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch +++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-1.patch
@@ -8,10 +8,17 @@ Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-tea
8	Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe]	8	Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe]
9	CVE: CVE-2025-32910	9	CVE: CVE-2025-32910
10	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>	10	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		11
		12	Remove test code for fixing do_compile failure of libsoup-2.4, test codes include
		13	new type added in 3.x version
		14	../libsoup-2.74.3/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
		15	1554 \| SoupServerMessage *msg,
		16	\| ^~~~~~~~~~~~~~~~~
		17
		18	Signed-off-by: Changqing Li <changqing.li@windriver.com>
11	---	19	---
12	libsoup/soup-auth-digest.c \| 3 +++	20	libsoup/soup-auth-digest.c \| 3 +++
13	tests/auth-test.c \| 50 ++++++++++++++++++++++++++++++++++++++++++++++	21	1 files changed, 3 insertions(+)
14	2 files changed, 53 insertions(+)
15		22
16	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c	23	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
17	index e8ba990..263a15a 100644	24	index e8ba990..263a15a 100644
@@ -27,71 +34,3 @@ index e8ba990..263a15a 100644
27	g_free (priv->domain);	34	g_free (priv->domain);
28	g_free (priv->nonce);	35	g_free (priv->nonce);
29	g_free (priv->opaque);	36	g_free (priv->opaque);
30	diff --git a/tests/auth-test.c b/tests/auth-test.c
31	index 8295ec3..dfc6b09 100644
32	--- a/tests/auth-test.c
33	+++ b/tests/auth-test.c
34	@@ -1549,6 +1549,55 @@ do_cancel_after_retry_test (void)
35	soup_test_session_abort_unref (session);
36	}
37
38	+static void
39	+on_request_read_for_missing_realm (SoupServer *server,
40	+ SoupServerMessage *msg,
41	+ gpointer user_data)
42	+{
43	+ SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
44	+ soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\"");
45	+}
46	+
47	+static void
48	+do_missing_realm_test (void)
49	+{
50	+ SoupSession *session;
51	+ SoupMessage *msg;
52	+ SoupServer *server;
53	+ SoupAuthDomain *digest_auth_domain;
54	+ gint status;
55	+ GUri *uri;
56	+
57	+ server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
58	+ soup_server_add_handler (server, NULL,
59	+ server_callback, NULL, NULL);
60	+ uri = soup_test_server_get_uri (server, "http", NULL);
61	+
62	+ digest_auth_domain = soup_auth_domain_digest_new (
63	+ "realm", "auth-test",
64	+ "auth-callback", server_digest_auth_callback,
65	+ NULL);
66	+ soup_auth_domain_add_path (digest_auth_domain, "/");
67	+ soup_server_add_auth_domain (server, digest_auth_domain);
68	+ g_object_unref (digest_auth_domain);
69	+
70	+ g_signal_connect (server, "request-read",
71	+ G_CALLBACK (on_request_read_for_missing_realm),
72	+ NULL);
73	+
74	+ session = soup_test_session_new (NULL);
75	+ msg = soup_message_new_from_uri ("GET", uri);
76	+ g_signal_connect (msg, "authenticate",
77	+ G_CALLBACK (on_digest_authenticate),
78	+ NULL);
79	+
80	+ status = soup_test_session_send_message (session, msg);
81	+
82	+ g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
83	+ g_uri_unref (uri);
84	+ soup_test_server_quit_unref (server);
85	+}
86	+
87	int
88	main (int argc, char **argv)
89	{
90	@@ -1576,6 +1625,7 @@ main (int argc, char **argv)
91	g_test_add_func ("/auth/async-message-do-not-use-auth-cache", do_async_message_do_not_use_auth_cache_test);
92	g_test_add_func ("/auth/authorization-header-request", do_message_has_authorization_header_test);
93	g_test_add_func ("/auth/cancel-after-retry", do_cancel_after_retry_test);
94	+ g_test_add_func ("/auth/missing-realm", do_missing_realm_test);
95
96	ret = g_test_run ();
97


diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch index 0d72afa1d6..a2168177a4 100644 --- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch +++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32910-2.patch
@@ -8,10 +8,17 @@ Upstream-Status: Backport [import from debian https://salsa.debian.org/gnome-tea
8	Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/405a8a34597a44bd58c4759e7d5e23f02c3b556a]	8	Upstream commit https://gitlab.gnome.org/GNOME/libsoup/-/commit/405a8a34597a44bd58c4759e7d5e23f02c3b556a]
9	CVE: CVE-2025-32910	9	CVE: CVE-2025-32910
10	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>	10	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		11
		12	Remove test code for fixing do_compile failure of libsoup-2.4, test codes include
		13	new type added in 3.x version
		14	../libsoup-2.74.3/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
		15	1554 \| SoupServerMessage *msg,
		16	\| ^~~~~~~~~~~~~~~~~
		17
		18	Signed-off-by: Changqing Li <changqing.li@windriver.com>
11	---	19	---
12	libsoup/soup-auth-digest.c \| 45 +++++++++++++++++++++++++++++++++++----------	20	libsoup/soup-auth-digest.c \| 45 +++++++++++++++++++++++++++++++++++----------
13	tests/auth-test.c \| 19 +++++++++++--------	21	1 files changed, 35 insertions(+), 10 deletions(-)
14	2 files changed, 46 insertions(+), 18 deletions(-)
15		22
16	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c	23	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
17	index 263a15a..393adb6 100644	24	index 263a15a..393adb6 100644
@@ -97,52 +104,3 @@ index 263a15a..393adb6 100644
97	soup_auth_digest_compute_response (msg->method, url, priv->hex_a1,	104	soup_auth_digest_compute_response (msg->method, url, priv->hex_a1,
98	priv->qop, priv->nonce,	105	priv->qop, priv->nonce,
99	priv->cnonce, priv->nc,	106	priv->cnonce, priv->nc,
100	diff --git a/tests/auth-test.c b/tests/auth-test.c
101	index dfc6b09..6fb1e4a 100644
102	--- a/tests/auth-test.c
103	+++ b/tests/auth-test.c
104	@@ -1550,16 +1550,17 @@ do_cancel_after_retry_test (void)
105	}
106
107	static void
108	-on_request_read_for_missing_realm (SoupServer *server,
109	- SoupServerMessage *msg,
110	- gpointer user_data)
111	+on_request_read_for_missing_params (SoupServer *server,
112	+ SoupServerMessage *msg,
113	+ gpointer user_data)
114	{
115	+ const char *auth_header = user_data;
116	SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
117	- soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\"");
118	+ soup_message_headers_replace (response_headers, "WWW-Authenticate", auth_header);
119	}
120
121	static void
122	-do_missing_realm_test (void)
123	+do_missing_params_test (gconstpointer auth_header)
124	{
125	SoupSession *session;
126	SoupMessage *msg;
127	@@ -1582,8 +1583,8 @@ do_missing_realm_test (void)
128	g_object_unref (digest_auth_domain);
129
130	g_signal_connect (server, "request-read",
131	- G_CALLBACK (on_request_read_for_missing_realm),
132	- NULL);
133	+ G_CALLBACK (on_request_read_for_missing_params),
134	+ (gpointer)auth_header);
135
136	session = soup_test_session_new (NULL);
137	msg = soup_message_new_from_uri ("GET", uri);
138	@@ -1625,7 +1626,9 @@ main (int argc, char **argv)
139	g_test_add_func ("/auth/async-message-do-not-use-auth-cache", do_async_message_do_not_use_auth_cache_test);
140	g_test_add_func ("/auth/authorization-header-request", do_message_has_authorization_header_test);
141	g_test_add_func ("/auth/cancel-after-retry", do_cancel_after_retry_test);
142	- g_test_add_func ("/auth/missing-realm", do_missing_realm_test);
143	+ g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
144	+ g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
145	+ g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
146
147	ret = g_test_run ();
148


diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch index 2a6f37cb58..906a889c13 100644 --- a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch +++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912-1.patch
@@ -6,10 +6,14 @@ Subject: [PATCH 1/2] auth-digest: Handle missing nonce
6	Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992]	6	Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992]
7	CVE: CVE-2025-32912	7	CVE: CVE-2025-32912
8	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>	8	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		9
		10	The test codes is based on CVE-2025-32910, test code in CVE-2025-32910
		11	is removed for fixing do_compile failure. So also remove this test code
		12
		13	Signed-off-by: Changqing Li <changqing.li@windriver.com>
9	---	14	---
10	libsoup/soup-auth-digest.c \| 2 +-	15	libsoup/soup-auth-digest.c \| 2 +-
11	tests/auth-test.c \| 1 +	16	1 files changed, 1 insertions(+), 1 deletion(-)
12	2 files changed, 2 insertions(+), 1 deletion(-)
13		17
14	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c	18	diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
15	index a1db188..f0edb81 100644	19	index a1db188..f0edb81 100644
@@ -24,18 +28,6 @@ index a1db188..f0edb81 100644
24	return FALSE;	28	return FALSE;
25		29
26	g_free (priv->domain);	30	g_free (priv->domain);
27	diff --git a/tests/auth-test.c b/tests/auth-test.c
28	index 6fb1e4a..343d7a5 100644
29	--- a/tests/auth-test.c
30	+++ b/tests/auth-test.c
31	@@ -1629,6 +1629,7 @@ main (int argc, char **argv)
32	g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test);
33	g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test);
34	g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test);
35	+ g_test_add_data_func ("/auth/missing-params/nonce-and-qop", "Digest realm=\"auth-test\"", do_missing_params_test);
36
37	ret = g_test_run ();
38
39	--	31	--
40	2.25.1	32	2.25.1
41		33