Add upstream patch to fix DoS with postgresql backend, thanks Thomas Beutin <tb@laokoon.IN-Berlin.DE> in bug #444163

(Portage version: 2.2.0_alpha142/cvs/Linux x86_64, signed Manifest commit with key C74525F2)

3 files changed, 41 insertions, 3 deletions

diff --git a/www-apps/owncloud/ChangeLog b/www-apps/owncloud/ChangeLog
index 9f05b3814926..36f111d93e3b 100644
--- a/www-apps/owncloud/ChangeLog
+++ b/www-apps/owncloud/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for www-apps/owncloud
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/ChangeLog,v 1.19 2012/11/15 09:02:19 voyageur Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/ChangeLog,v 1.20 2012/11/22 16:03:52 voyageur Exp $
+
+*owncloud-4.5.2-r1 (22 Nov 2012)
+
+  22 Nov 2012; Bernard Cafarelli <voyageur@gentoo.org> -owncloud-4.5.2.ebuild,
+  +owncloud-4.5.2-r1.ebuild, +files/owncloud-4.5.2-fix_sabre_connector.patch:
+  Add upstream patch to fix DoS with postgresql backend, thanks Thomas Beutin
+  <tb@laokoon.IN-Berlin.DE> in bug #444163
 
 *owncloud-4.5.2 (15 Nov 2012)
 *owncloud-4.0.9 (15 Nov 2012)
diff --git a/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch b/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch
new file mode 100644
index 000000000000..c769006e9bbe
--- /dev/null
+++ b/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch
@@ -0,0 +1,26 @@
+From bfff3d3f9baf5baaf9ea247d0a5d17ac498f8077 Mon Sep 17 00:00:00 2001
+From: Brice Maron <brice@bmaron.net>
+Date: Wed, 14 Nov 2012 20:10:24 +0000
+Subject: [PATCH] Correct quoting error with Sabre connector. Fix critical pg
+ pbms
+
+---
+ lib/connector/sabre/node.php |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php
+index 6a2ad22..bac4418 100644
+--- a/lib/connector/sabre/node.php
++++ b/lib/connector/sabre/node.php
+@@ -278,7 +278,7 @@ static public function removeETagPropertyForPath($path) {
+ 		
+ 		//remove etag for all Shared folders
+ 		$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties`'

+-				.' WHERE `propertypath` = "/Shared"'

++				.' WHERE `propertypath` = \'/Shared\' '

+ 		);

+ 		$query->execute(array());
+ 		
+-- 
+1.7.10
+
diff --git a/www-apps/owncloud/owncloud-4.5.2.ebuild b/www-apps/owncloud/owncloud-4.5.2-r1.ebuild
index f37c15387a47..48474b792ce3 100644
--- a/www-apps/owncloud/owncloud-4.5.2.ebuild
+++ b/www-apps/owncloud/owncloud-4.5.2-r1.ebuild
@@ -1,10 +1,10 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/owncloud-4.5.2.ebuild,v 1.1 2012/11/15 09:02:19 voyageur Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/owncloud-4.5.2-r1.ebuild,v 1.1 2012/11/22 16:03:52 voyageur Exp $
 
 EAPI=4
 
-inherit webapp depend.php
+inherit eutils webapp depend.php
 
 DESCRIPTION="Web-based storage application where all your data is under your own control"
 HOMEPAGE="http://owncloud.org"
@@ -27,6 +27,11 @@ pkg_setup() {
 	webapp_pkg_setup
 }
 
+src_prepare() {
+	# Fix DoS with postgres backend
+	epatch "${FILESDIR}"/${P}-fix_sabre_connector.patch
+}
+
 src_install() {
 	webapp_src_preinst