2 files changed, 1 insertions, 134 deletions

diff --git a/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch b/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch
deleted file mode 100644
index dfd1f98759..0000000000
--- a/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-CVE: CVE-2023-35789
-Upstream-Status: Backport [ https://github.com/alanxz/rabbitmq-c/commit/463054383fbeef889b409a7f843df5365288e2a0 ]
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
-
-From 463054383fbeef889b409a7f843df5365288e2a0 Mon Sep 17 00:00:00 2001
-From: Christian Kastner <ckk@kvr.at>
-Date: Tue, 13 Jun 2023 14:21:52 +0200
-Subject: [PATCH] Add option to read username/password from file (#781)
-
-* Add option to read username/password from file
----
- tools/common.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 66 insertions(+)
-
-diff --git a/tools/common.c b/tools/common.c
-index 73b47e25..7efe557b 100644
---- a/tools/common.c
-+++ b/tools/common.c
-@@ -18,6 +18,11 @@
- #include "compat.h"
- #endif
- 
-+/* For when reading auth data from a file */
-+#define MAXAUTHTOKENLEN 128
-+#define USERNAMEPREFIX "username:"
-+#define PASSWORDPREFIX "password:"
-+
- void die(const char *fmt, ...) {
-   va_list ap;
-   va_start(ap, fmt);
-@@ -125,6 +130,7 @@ static char *amqp_vhost;
- static char *amqp_username;
- static char *amqp_password;
- static int amqp_heartbeat = 0;
-+static char *amqp_authfile;
- #ifdef WITH_SSL
- static int amqp_ssl = 0;
- static char *amqp_cacert = "/etc/ssl/certs/cacert.pem";
-@@ -147,6 +153,8 @@ struct poptOption connect_options[] = {
-      "the password to login with", "password"},
-     {"heartbeat", 0, POPT_ARG_INT, &amqp_heartbeat, 0,
-      "heartbeat interval, set to 0 to disable", "heartbeat"},
-+    {"authfile", 0, POPT_ARG_STRING, &amqp_authfile, 0,
-+     "path to file containing username/password for authentication", "file"},
- #ifdef WITH_SSL
-     {"ssl", 0, POPT_ARG_NONE, &amqp_ssl, 0, "connect over SSL/TLS", NULL},
-     {"cacert", 0, POPT_ARG_STRING, &amqp_cacert, 0,
-@@ -158,6 +166,50 @@ struct poptOption connect_options[] = {
- #endif /* WITH_SSL */
-     {NULL, '\0', 0, NULL, 0, NULL, NULL}};
- 
-+void read_authfile(const char *path) {
-+  size_t n;
-+  FILE *fp = NULL;
-+  char token[MAXAUTHTOKENLEN];
-+
-+  if ((amqp_username = malloc(MAXAUTHTOKENLEN)) == NULL ||
-+      (amqp_password = malloc(MAXAUTHTOKENLEN)) == NULL) {
-+    die("Out of memory");
-+  } else if ((fp = fopen(path, "r")) == NULL) {
-+    die("Could not read auth data file %s", path);
-+  }
-+
-+  if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL ||
-+      strncmp(token, USERNAMEPREFIX, strlen(USERNAMEPREFIX))) {
-+    die("Malformed auth file (missing username)");
-+  }
-+  strncpy(amqp_username, &token[strlen(USERNAMEPREFIX)], MAXAUTHTOKENLEN);
-+  /* Missing newline means token was cut off */
-+  n = strlen(amqp_username);
-+  if (amqp_username[n - 1] != '\n') {
-+    die("Username too long");
-+  } else {
-+    amqp_username[n - 1] = '\0';
-+  }
-+
-+  if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL ||
-+      strncmp(token, PASSWORDPREFIX, strlen(PASSWORDPREFIX))) {
-+    die("Malformed auth file (missing password)");
-+  }
-+  strncpy(amqp_password, &token[strlen(PASSWORDPREFIX)], MAXAUTHTOKENLEN);
-+  /* Missing newline means token was cut off */
-+  n = strlen(amqp_password);
-+  if (amqp_password[n - 1] != '\n') {
-+    die("Password too long");
-+  } else {
-+    amqp_password[n - 1] = '\0';
-+  }
-+
-+  (void)fgetc(fp);
-+  if (!feof(fp)) {
-+    die("Malformed auth file (trailing data)");
-+  }
-+}
-+
- static void init_connection_info(struct amqp_connection_info *ci) {
-   ci->user = NULL;
-   ci->password = NULL;
-@@ -237,6 +289,8 @@ static void init_connection_info(struct amqp_connection_info *ci) {
-   if (amqp_username) {
-     if (amqp_url) {
-       die("--username and --url options cannot be used at the same time");
-+    } else if (amqp_authfile) {
-+      die("--username and --authfile options cannot be used at the same time");
-     }
- 
-     ci->user = amqp_username;
-@@ -245,11 +299,23 @@ static void init_connection_info(struct amqp_connection_info *ci) {
-   if (amqp_password) {
-     if (amqp_url) {
-       die("--password and --url options cannot be used at the same time");
-+    } else if (amqp_authfile) {
-+      die("--password and --authfile options cannot be used at the same time");
-     }
- 
-     ci->password = amqp_password;
-   }
- 
-+  if (amqp_authfile) {
-+    if (amqp_url) {
-+      die("--authfile and --url options cannot be used at the same time");
-+    }
-+
-+    read_authfile(amqp_authfile);
-+    ci->user = amqp_username;
-+    ci->password = amqp_password;
-+  }
-+
-   if (amqp_vhost) {
-     if (amqp_url) {
-       die("--vhost and --url options cannot be used at the same time");
diff --git a/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb b/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.14.0.bb
index ea80ec3344..b0556ffc0b 100644
--- a/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb
+++ b/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.14.0.bb
@@ -4,10 +4,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=7e12f6e40e662e039e2f02b4893011ec"
 LICENSE = "MIT"
 
 SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https \
-           file://CVE-2023-35789.patch \
 "
-# v0.13.0-master
-SRCREV = "974d71adceae6d742ae20a4c880d99c131f1460a"
+SRCREV = "124722b5045baa41a24ce2e2d7c52a47467e7ac0"
 
 S = "${WORKDIR}/git"