!25 fix obsoletes in spec

From: @panxh_purple 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1

Add-libidn2_register_fuzzer-and-corpora.patch

@@ -1,174 +0,0 @@
-From a35e324d9245835abb07166910ffc9ec9d690038 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
-Date: Sat, 5 Jan 2019 21:10:04 +0100
-Subject: [PATCH] Add libidn2_register_fuzzer and corpora
-
----
- fuzz/Makefile.am               |  4 +-
- fuzz/libidn2_register_fuzzer.c | 68 ++++++++++++++++++++++++++++++++++
- lib/context.c                  | 24 ++++++++----
- 3 files changed, 87 insertions(+), 9 deletions(-)
- create mode 100644 fuzz/libidn2_register_fuzzer.c
-
-diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
-index bc55d30..6f6d7c8 100644
---- a/fuzz/Makefile.am
-+++ b/fuzz/Makefile.am
-@@ -6,12 +6,14 @@ LDADD = ../lib/libidn2.la ../gl/libgnu.la $(LTLIBUNISTRING)
- 
- IDN_TESTS = \
-  libidn2_to_ascii_8z_fuzzer$(EXEEXT) \
-- libidn2_to_unicode_8z8z_fuzzer$(EXEEXT)
-+ libidn2_to_unicode_8z8z_fuzzer$(EXEEXT) \
-+ libidn2_register_fuzzer$(EXEEXT)
- 
- check_PROGRAMS = $(IDN_TESTS)
- 
- libidn2_to_ascii_8z_fuzzer_SOURCES = libidn2_to_ascii_8z_fuzzer.c main.c fuzzer.h
- libidn2_to_unicode_8z8z_fuzzer_SOURCES = libidn2_to_unicode_8z8z_fuzzer.c main.c fuzzer.h
-+libidn2_register_fuzzer_SOURCES = libidn2_register_fuzzer.c main.c fuzzer.h
- 
- dist-hook:
- 	find . -name '*.options' -exec cp -v '{}' $(distdir) ';'
-diff --git a/fuzz/libidn2_register_fuzzer.c b/fuzz/libidn2_register_fuzzer.c
-new file mode 100644
-index 0000000..7164a93
---- /dev/null
-+++ b/fuzz/libidn2_register_fuzzer.c
-@@ -0,0 +1,68 @@
-+/*
-+ * Copyright(c) 2019 Tim Ruehsen
-+ *
-+ * Permission is hereby granted, free of charge, to any person obtaining a
-+ * copy of this software and associated documentation files (the "Software"),
-+ * to deal in the Software without restriction, including without limitation
-+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
-+ * and/or sell copies of the Software, and to permit persons to whom the
-+ * Software is furnished to do so, subject to the following conditions:
-+ *
-+ * The above copyright notice and this permission notice shall be included in
-+ * all copies or substantial portions of the Software.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
-+ * DEALINGS IN THE SOFTWARE.
-+ *
-+ * This file is part of libidn2.
-+ */
-+
-+#include <config.h>
-+
-+#include <assert.h> /* assert */
-+#include <stdlib.h> /* malloc, free */
-+#include <string.h> /* memcpy */
-+
-+#include "idn2.h"
-+#include "fuzzer.h"
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-+{
-+	char *ulabel, *alabel;
-+	char *out;
-+
-+	if (size > 1024)
-+		return 0;
-+
-+	ulabel = (char *) malloc(size + 1);
-+	assert(ulabel != NULL);
-+
-+	/* 0 terminate */
-+	memcpy(ulabel, data, size);
-+	ulabel[size] = 0;
-+
-+	if (idn2_register_ul(ulabel, NULL, &out, 0) == IDNA_SUCCESS)
-+		idn2_free(out);
-+
-+	free(ulabel);
-+
-+	alabel = (char *) malloc(size + 4 + 1);
-+	assert(alabel != NULL);
-+
-+	/* 0 terminate */
-+	memcpy(alabel, "xn--", 4);
-+	memcpy(alabel + 4, data, size);
-+	alabel[size] = 0;
-+
-+	if (idn2_register_ul(NULL, alabel, &out, 0) == IDNA_SUCCESS)
-+		idn2_free(out);
-+
-+	free(alabel);
-+
-+	return 0;
-+}
-diff --git a/lib/context.c b/lib/context.c
-index 991ec9f..1ee9ba3 100644
---- a/lib/context.c
-+++ b/lib/context.c
-@@ -29,11 +29,8 @@
- #include <config.h>
- 
- #include "idn2.h"
--
- #include "tables.h"
--
- #include <unictype.h>		/* uc_combining_class, UC_CCC_VR */
--
- #include "context.h"
- 
- int
-@@ -115,6 +112,17 @@ _idn2_contextj_rule (const uint32_t * label, size_t llen, size_t pos)
-   return IDN2_CONTEXTJ_NO_RULE;
- }
- 
-+static inline const char *
-+_uc_script_name (ucs4_t uc)
-+{
-+  const uc_script_t *ucs = uc_script(uc);
-+
-+  if (!ucs)
-+    return "";
-+
-+  return ucs->name;
-+}
-+
- int
- _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos)
- {
-@@ -140,7 +148,7 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos)
-       /* GREEK LOWER NUMERAL SIGN (KERAIA) */
-       if (pos == llen - 1)
- 	return IDN2_CONTEXTO;
--      if (strcmp (uc_script (label[pos + 1])->name, "Greek") == 0)
-+      if (strcmp (_uc_script_name (label[pos + 1]), "Greek") == 0)
- 	return IDN2_OK;
-       return IDN2_CONTEXTO;
-       break;
-@@ -151,7 +159,7 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos)
-       /* HEBREW PUNCTUATION GERSHAYIM */
-       if (pos == 0)
- 	return IDN2_CONTEXTO;
--      if (strcmp (uc_script (label[pos - 1])->name, "Hebrew") == 0)
-+      if (strcmp (_uc_script_name (label[pos - 1]), "Hebrew") == 0)
- 	return IDN2_OK;
-       return IDN2_CONTEXTO;
-       break;
-@@ -202,9 +210,9 @@ _idn2_contexto_rule (const uint32_t * label, size_t llen, size_t pos)
- 	bool script_ok = false;
- 
- 	for (i = 0; !script_ok && i < llen; i++)
--	  if (strcmp (uc_script (label[i])->name, "Hiragana") == 0
--	      || strcmp (uc_script (label[i])->name, "Katakana") == 0
--	      || strcmp (uc_script (label[i])->name, "Han") == 0)
-+	  if (strcmp (_uc_script_name (label[i]), "Hiragana") == 0
-+	      || strcmp (_uc_script_name (label[i]), "Katakana") == 0
-+	      || strcmp (_uc_script_name (label[i]), "Han") == 0)
- 	    script_ok = true;
- 
- 	if (script_ok)
--- 
-2.19.1
-

Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch

@@ -1,28 +0,0 @@
-From dfedd4024b01bf08d5b55ed8fb29c009b887f083 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
-Date: Sat, 5 Jan 2019 22:49:13 +0100
-Subject: [PATCH] Fix free of random (stack) value in idn2_to_ascii_4i()
-
----
- lib/lookup.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/lookup.c b/lib/lookup.c
-index 14e87da..7c5b52b 100644
---- a/lib/lookup.c
-+++ b/lib/lookup.c
-@@ -619,9 +619,10 @@ idn2_to_ascii_4i (const uint32_t * input, size_t inlen, char * output, int flags
-        */
-       if (output)
- 	strcpy (output, (const char *) output_u8);
-+
-+      free(output_u8);
-     }
- 
--  free(output_u8);
-   return rc;
- }
- 
--- 
-1.7.12.4
-

Implement-full-roundtrip-for-lookup-functionality.patch

@@ -0,0 +1,122 @@
+From c7b33a418d9426ee311db45473cb20bad94df26a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Mon, 10 Feb 2020 15:10:54 +0100
+Subject: [PATCH] Implement full roundtrip for lookup functionality
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+With TR64 enabled (default), '☺i' was converted to 'xn-- o-oia59s'.
+The output contains an illegal space and thus could not be decoded any more.
+
+References:
+https://gitlab.com/libidn/libidn2/issues/78
+https://gitlab.isc.org/isc-projects/bind9/issues/1610
+
+Reported-by: Chris Malton
+---
+ lib/lookup.c        | 33 +++++++++++++++++++++++----------
+ tests/test-lookup.c |  5 +++++
+ 3 files changed, 29 insertions(+), 10 deletions(-)
+ 
+diff --git a/lib/lookup.c b/lib/lookup.c
+index a55f82b..5e5ff12 100644
+--- a/lib/lookup.c
++++ b/lib/lookup.c
+@@ -1,5 +1,6 @@
+ /* lookup.c - implementation of IDNA2008 lookup functions
+    Copyright (C) 2011-2017 Simon Josefsson
++   Copyright (C) 2017-2020 Tim Ruehsen
+ 
+    Libidn2 is free software: you can redistribute it and/or modify it
+    under the terms of either:
+@@ -123,7 +124,7 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen,
+        int flags)
+ {
+   size_t plen;
+-  uint32_t *p;
++  uint32_t *p = NULL;
+   const uint8_t *src_org = NULL;
+   uint8_t *src_allocated = NULL;
+   int rc, check_roundtrip = 0;
+@@ -187,10 +188,7 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen,
+ 	p, plen);
+ 
+       if (rc != IDN2_OK)
+-	{
+-	  free (p);
+-	  goto out;
+-	}
++	goto out;
+     }
+ 
+   dst[0] = 'x';
+@@ -200,7 +198,6 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen,
+ 
+   tmpl = *dstlen - 4;
+   rc = _idn2_punycode_encode_internal (plen, p, &tmpl, (char *) dst + 4);
+-  free (p);
+   if (rc != IDN2_OK)
+     goto out;
+ 
+@@ -210,15 +207,31 @@ label (const uint8_t * src, size_t srclen, uint8_t * dst, size_t * dstlen,
+   if (check_roundtrip)
+     {
+       if (srclen_org != *dstlen || c_strncasecmp ((char *) src_org, (char *) dst, srclen_org))
+-      {
+-        rc = IDN2_ALABEL_ROUNDTRIP_FAILED;
+-	goto out;
+-      }
++        {
++	  rc = IDN2_ALABEL_ROUNDTRIP_FAILED;
++	  goto out;
++        }
++    }
++  else if (!(flags & IDN2_NO_ALABEL_ROUNDTRIP))
++    {
++      rc = _idn2_punycode_decode_internal (*dstlen - 4, (char *) dst + 4, &label32_len, label_u32);
++      if (rc)
++        {
++	  rc = IDN2_ALABEL_ROUNDTRIP_FAILED;
++	  goto out;
++        }
++
++      if (plen != label32_len || u32_cmp (p, label_u32, label32_len))
++        {
++	  rc = IDN2_ALABEL_ROUNDTRIP_FAILED;
++	  goto out;
++        }
+     }
+ 
+   rc = IDN2_OK;
+ 
+ out:
++  free (p);
+   free (src_allocated);
+   return rc;
+ }
+diff --git a/tests/test-lookup.c b/tests/test-lookup.c
+index aa75e18..2b49cb1 100644
+--- a/tests/test-lookup.c
++++ b/tests/test-lookup.c
+@@ -1,5 +1,6 @@
+ /* test-lookup.c --- Self tests for IDNA processing
+    Copyright (C) 2011-2017 Simon Josefsson
++   Copyright (C) 2017-2020 Tim Ruehsen
+ 
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+@@ -838,6 +839,10 @@ static const struct idna idna[] = {
+   {"\xc3\xa4_x", "xn--_x-uia", IDN2_OK, IDN2_TRANSITIONAL},
+   /* failing lookup round-trip */
+   {"xn--te_", "", IDN2_ALABEL_ROUNDTRIP_FAILED},
++  /* failing lookup round-trip: ☺ -> xn-- o-oia59s (illegal space in output, see https://gitlab.com/libidn/libidn2/issues/78) */
++  {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_DISALLOWED, IDN2_NO_TR46},
++  {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_ALABEL_ROUNDTRIP_FAILED, IDN2_TRANSITIONAL},
++  {"\xc3\xa2\xcb\x9c\xc2\xba", "", IDN2_ALABEL_ROUNDTRIP_FAILED, IDN2_NONTRANSITIONAL},
+ };
+ 
+ static int ok = 0, failed = 0;
+-- 
+1.8.3.1
+

Restrict-output-length-to-63.patch

@@ -1,37 +0,0 @@
-From e4d1558aa2c1c04a05066ee8600f37603890ba8c Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
-Date: Wed, 9 Jan 2019 14:36:16 +0100
-Subject: [PATCH] idn2_to_ascii_4i(): Restrict output length to 63
-
----
- lib/lookup.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/lib/lookup.c b/lib/lookup.c
-index 7c5b52bb..cc918d95 100644
---- a/lib/lookup.c
-+++ b/lib/lookup.c
-@@ -617,10 +617,18 @@ idn2_to_ascii_4i (const uint32_t * input, size_t inlen, char * output, int flags
-        * char * out  output zero terminated string that must have room for at
-        * least 63 characters plus the terminating zero.
-        */
-+      size_t len = strlen ((char *) output_u8);
-+
-+      if (len > 63)
-+        {
-+	  free (output_u8);
-+	  return IDN2_TOO_BIG_DOMAIN;
-+        }
-+
-       if (output)
--	strcpy (output, (const char *) output_u8);
-+	strcpy (output, (char *) output_u8);
- 
--      free(output_u8);
-+      free (output_u8);
-     }
- 
-   return rc;
--- 
-2.22.0
-

fix-compile-error-about-missing-aclocal.patch

@@ -1,26 +0,0 @@
-From c178e8f982802db37fcf6173331bcc7a8128f4ee Mon Sep 17 00:00:00 2001
-From: wangjia <wangjia55@huawei.com>
-Date: Thu, 20 Dec 2018 03:04:48 +0000
-Subject: [PATCH] libidn2: fix compile error about missing aclocal
-
-reason: fix compile error about missing aclocal
----
- configure | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure b/configure
-index 8651a7a..31a5ed9 100755
---- a/configure
-+++ b/configure
-@@ -3285,7 +3285,7 @@ ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
- ac_config_headers="$ac_config_headers config.h"
- 
- 
--am__api_version='1.15'
-+am__api_version='1.16'
- 
- # Find a good install program.  We prefer a C program (faster),
- # so one script is as good as another.  But avoid the broken or
--- 
-2.19.1
-

libidn2.spec

@@ -1,22 +1,19 @@
 Name:           libidn2
-Version:        2.0.5
-Release:        7
+Version:        2.3.0
+Release:        4
 Summary:        GNU IDN Library
 License:        (GPLv2+ or LGPLv3+) and GPLv3+
 URL:            https://www.gnu.org/software/libidn/#libidn2
 Source0:        https://ftp.gnu.org/gnu/libidn/%{name}-%{version}.tar.gz
 
 Patch0:         bugfix-libidn2-change-rpath.patch
-Patch6000:      Fix-free-of-random-stack-value-in-idn2_to_ascii_4i.patch
-Patch6001:      Add-libidn2_register_fuzzer-and-corpora.patch
-Patch6002:      Restrict-output-length-to-63.patch
-Patch9000:      fix-compile-error-about-missing-aclocal.patch
+Patch1:         Implement-full-roundtrip-for-lookup-functionality.patch
 
 #Dependency
-BuildRequires:  gcc gettext libunistring-devel autoconf texinfo
+BuildRequires:  gcc gettext libunistring-devel autoconf texinfo automake
 Provides:       bundled(gnulib)
 Provides:       idn2
-Obsoletes:      idn2
+Obsoletes:      idn2 < %{version}-%{release}
 
 %description
 Libidn2 is a free software implementation of IDNA2008, Punycode and TR46.
@@ -78,6 +75,33 @@ make %{?_smp_mflags} -C tests check
 %{_datadir}/gtk-doc/
 
 %changelog
+* Thu Sep 8 2022 panxiaohe <panxh.life@foxmail.com> - 2.3.0-4
+- fix obsoletes in spec
+
+* Wed Jun 24 2020 wangchen <wangchen137@huawei.com> - 2.3.0-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:Implement full roundtrip for lookup functionality
+
+* Wed Jun 17 2020 Liquor <lirui130@huawei.com> - 2.3.0-2
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:add Buildrequires:automake
+
+* Mon May 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.3.0-1
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:update to 2.3.0
+
+* Wed Mar 18 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.0.5-8
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:fix CVE-2019-12290
+
 * Wed Jan 1 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.0.5-7
 - Fix bug in patched