Date: Wednesday, August 1, 2012 @ 00:02:33
Author: bisson
Revision: 164390
archrelease: copy trunk to extra-i686, extra-x86_64
Added:
rssh/repos/extra-i686/PKGBUILD
(from rev 164389, rssh/trunk/PKGBUILD)
rssh/repos/extra-i686/destdir.patch
(from rev 164389, rssh/trunk/destdir.patch)
rssh/repos/extra-i686/env-breach.patch
(from rev 164389, rssh/trunk/env-breach.patch)
rssh/repos/extra-i686/rsync.patch
(from rev 164389, rssh/trunk/rsync.patch)
rssh/repos/extra-x86_64/PKGBUILD
(from rev 164389, rssh/trunk/PKGBUILD)
rssh/repos/extra-x86_64/destdir.patch
(from rev 164389, rssh/trunk/destdir.patch)
rssh/repos/extra-x86_64/env-breach.patch
(from rev 164389, rssh/trunk/env-breach.patch)
rssh/repos/extra-x86_64/rsync.patch
(from rev 164389, rssh/trunk/rsync.patch)
Deleted:
rssh/repos/extra-i686/PKGBUILD
rssh/repos/extra-i686/destdir.patch
rssh/repos/extra-i686/rsync.patch
rssh/repos/extra-x86_64/PKGBUILD
rssh/repos/extra-x86_64/destdir.patch
rssh/repos/extra-x86_64/rsync.patch
-------------------------------+
extra-i686/PKGBUILD | 83 +++++++-------
extra-i686/destdir.patch | 48 ++++----
extra-i686/env-breach.patch | 228 ++++++++++++++++++++++++++++++++++++++++
extra-i686/rsync.patch | 111 +++++++++----------
extra-x86_64/PKGBUILD | 83 +++++++-------
extra-x86_64/destdir.patch | 48 ++++----
extra-x86_64/env-breach.patch | 228 ++++++++++++++++++++++++++++++++++++++++
extra-x86_64/rsync.patch | 111 +++++++++----------
8 files changed, 698 insertions(+), 242 deletions(-)
Deleted: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-i686/PKGBUILD 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,40 +0,0 @@
-# $Id$
-# Contributor: Judd Vinet <[email protected]>
-# Maintainer: Gaetan Bisson <[email protected]>
-
-pkgname=rssh
-pkgver=2.3.3
-pkgrel=3
-pkgdesc='Restricted shell for use with OpenSSH, allowing only scp and/or sftp'
-url='http://www.pizzashack.org/rssh/'
-license=('custom:rssh')
-arch=('i686' 'x86_64')
-backup=('etc/rssh.conf')
-depends=('openssh')
-source=("http://downloads.sourceforge.net/sourceforge/rssh/rssh-${pkgver}.tar.gz";
- 'destdir.patch'
- 'rsync.patch')
-sha1sums=('0a6dd80b5e6059e0db12c9f1276121dd966b610a'
- '85bd1694decae5872cbeeafd578b147eb13313c6'
- '41f32f8a77b3a2b924ede6044ab67846e06b5d20')
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
-
- patch -p1 -i ../destdir.patch
- patch -p1 -i ../rsync.patch # FS#21783, debian patch
-
- ./configure \
- --prefix=/usr \
- --libexecdir=/usr/lib/rssh \
- --mandir=/usr/share/man \
- --sysconfdir=/etc \
-
- make
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/rssh/LICENSE
-}
Copied: rssh/repos/extra-i686/PKGBUILD (from rev 164389, rssh/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,43 @@
+# $Id$
+# Contributor: Judd Vinet <[email protected]>
+# Maintainer: Gaetan Bisson <[email protected]>
+
+pkgname=rssh
+pkgver=2.3.3
+pkgrel=4
+pkgdesc='Restricted shell for use with OpenSSH, allowing only scp and/or sftp'
+url='http://www.pizzashack.org/rssh/'
+license=('custom:rssh')
+arch=('i686' 'x86_64')
+backup=('etc/rssh.conf')
+depends=('openssh')
+source=("http://downloads.sourceforge.net/sourceforge/rssh/rssh-${pkgver}.tar.gz";
+ 'env-breach.patch'
+ 'destdir.patch'
+ 'rsync.patch')
+sha1sums=('0a6dd80b5e6059e0db12c9f1276121dd966b610a'
+ '434712f82f24c60834a10142ca5c49b8a57555a7'
+ '85bd1694decae5872cbeeafd578b147eb13313c6'
+ '86564eab4493f4b4502a022e5938babb31450a00')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ patch -p1 -i ../env-breach.patch # FS#30950
+ patch -p1 -i ../rsync.patch # FS#21783
+ patch -p1 -i ../destdir.patch
+
+ ./configure \
+ --prefix=/usr \
+ --libexecdir=/usr/lib/rssh \
+ --mandir=/usr/share/man \
+ --sysconfdir=/etc \
+
+ make
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/rssh/LICENSE
+}
Deleted: extra-i686/destdir.patch
===================================================================
--- extra-i686/destdir.patch 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-i686/destdir.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,24 +0,0 @@
-diff -aur old//Makefile.am new//Makefile.am
---- old//Makefile.am 2006-12-21 23:22:37.000000000 +0100
-+++ new//Makefile.am 2010-11-25 18:15:29.253376150 +0100
-@@ -16,7 +16,7 @@
- $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
-
- install-exec-hook:
-- chmod u+s $(libexecdir)/rssh_chroot_helper
-+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
-
- rpm: dist
- rpmbuild -ta --sign $(base).tar.gz
-diff -aur old//Makefile.in new//Makefile.in
---- old//Makefile.in 2010-08-01 15:59:54.000000000 +0200
-+++ new//Makefile.in 2010-11-25 18:15:29.253376150 +0100
-@@ -830,7 +830,7 @@
- $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
-
- install-exec-hook:
-- chmod u+s $(libexecdir)/rssh_chroot_helper
-+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
-
- rpm: dist
- rpmbuild -ta --sign $(base).tar.gz
Copied: rssh/repos/extra-i686/destdir.patch (from rev 164389,
rssh/trunk/destdir.patch)
===================================================================
--- extra-i686/destdir.patch (rev 0)
+++ extra-i686/destdir.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,24 @@
+diff -aur old//Makefile.am new//Makefile.am
+--- old//Makefile.am 2006-12-21 23:22:37.000000000 +0100
++++ new//Makefile.am 2010-11-25 18:15:29.253376150 +0100
+@@ -16,7 +16,7 @@
+ $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
+
+ install-exec-hook:
+- chmod u+s $(libexecdir)/rssh_chroot_helper
++ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
+
+ rpm: dist
+ rpmbuild -ta --sign $(base).tar.gz
+diff -aur old//Makefile.in new//Makefile.in
+--- old//Makefile.in 2010-08-01 15:59:54.000000000 +0200
++++ new//Makefile.in 2010-11-25 18:15:29.253376150 +0100
+@@ -830,7 +830,7 @@
+ $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
+
+ install-exec-hook:
+- chmod u+s $(libexecdir)/rssh_chroot_helper
++ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
+
+ rpm: dist
+ rpmbuild -ta --sign $(base).tar.gz
Copied: rssh/repos/extra-i686/env-breach.patch (from rev 164389,
rssh/trunk/env-breach.patch)
===================================================================
--- extra-i686/env-breach.patch (rev 0)
+++ extra-i686/env-breach.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,228 @@
+--- rssh-2.3.3/main.c.in 2010-08-01 15:43:30.000000000 -0400
++++ rssh-2.3.3/main.c.in 2012-05-11 16:44:39.000000000 -0400
+@@ -184,7 +184,7 @@
+ * determine if the command in cmdline is acceptable to run, and store
+ * name of program to exec in cmd
+ */
+- if ( !(*cmd = check_command_line(cmdline, opts)) ) return NULL;
++ if ( !(*cmd = get_command(cmdline, opts)) ) return NULL;
+
+ /* if we need to do chroot processing, do it */
+ if ( opts->shell_flags & RSSH_USE_CHROOT ){
+@@ -252,7 +252,9 @@
+ }
+
+ /* return vector of pointers to command line arguments */
+- return build_arg_vector(cmdline, 0);
++ argvec = build_arg_vector(cmdline, 0);
++ if (check_command_line(argvec, opts)) return argvec;
++ else return NULL;
+ }
+
+ void vers_info( void )
+--- rssh-2.3.3/util.c 2010-08-01 09:07:00.000000000 -0400
++++ rssh-2.3.3/util.c 2012-05-11 16:43:10.000000000 -0400
+@@ -106,7 +106,7 @@
+ /* print error message to user and log attempt */
+ fprintf(stderr, "\nThis account is restricted by rssh.\n"
+ "%s\n\nIf you believe this is in error, please contact "
+- "your system administrator.\n\n", cmd);
++ "your system administrator.\n\n", cmd);
+ if ( argc < 3 )
+ log_msg("user %s attempted to log in with a shell",
+ username);
+@@ -132,31 +132,35 @@
+ */
+ bool opt_exist(char *cl, char opt)
+ {
+- int i = 0;
++ int i = 1;
+ int len;
+- char *token;
+- bool optstring = FALSE;
+-
+
+ len = strlen(cl);
+
+ /* process command line character by character */
+- while ( i < (len - 2) ){
+- if ( cl[i] == ' ' || cl[i] == '\t' ){
+- if ( cl[i+1] == '-' ){
+- optstring = TRUE;
+- i+=2;
+- }
+- }
+- if ( cl[i] == opt && optstring ) return TRUE;
+- if ( cl[i] == ' ' || cl[i] == '\t' || cl[i] == '-' )
+- optstring = FALSE;
++ if (!(cl[0] == '-')) return FALSE;
++ while ( i < (len) ){
++ if ( cl[i] == opt ) return TRUE;
+ i++;
+ }
+ return FALSE;
+ }
+
+
++bool opt_filter(char **vec, const char opt)
++{
++ while (vec && *vec){
++ if (opt_exist(*vec, opt)){
++ fprintf(stderr, "\nillegal insecure %c option", opt);
++ log_msg("insecure %c option in scp command line!", opt);
++ return TRUE;
++ }
++ vec++;
++ }
++ return FALSE;
++}
++
++
+ bool check_command( char *cl, ShellOptions_t *opts, char *cmd, int cmdflag )
+ {
+ int cl_len; /* length of command line */
+@@ -186,69 +190,78 @@
+ return FALSE;
+ }
+
++
+ /*
+ * check_command_line() - take the command line passed to rssh, and verify
+- * that the specified command is one the user is
+- * allowed to run. Return the path of the command
+- * which will be run if it is ok, or return NULL if it
+- * is not.
++ * that the specified command is one the user is
++ * allowed to run and validate the arguments. Return the
++ * path of the command which will be run if it is ok, or
++ * return NULL if it is not.
+ */
+-char *check_command_line( char *cl, ShellOptions_t *opts )
++char *check_command_line( char **cl, ShellOptions_t *opts )
+ {
+
+- if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
++ if ( check_command(*cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
+ return PATH_SFTP_SERVER;
+
+- if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){
++ if ( check_command(*cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){
+ /* filter -S option */
+- if ( opt_exist(cl, 'S') ){
+- fprintf(stderr, "\ninsecure -S option not allowed.");
+- log_msg("insecure -S option in scp command line!");
+- return NULL;
+- }
++ if ( opt_filter(cl, 'S') ) return NULL;
+ return PATH_SCP;
+ }
+
+- if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
+- if ( opt_exist(cl, 'e') ){
+- fprintf(stderr, "\ninsecure -e option not allowed.");
+- log_msg("insecure -e option in cvs command line!");
+- return NULL;
+- }
++ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
++ if ( opt_filter(cl, 'e') ) return NULL;
+ return PATH_CVS;
+ }
+
+- if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){
++ if ( check_command(*cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){
+ /* filter -P option */
+- if ( opt_exist(cl, 'P') ){
+- fprintf(stderr, "\ninsecure -P option not allowed.");
+- log_msg("insecure -P option in rdist command line!");
+- return NULL;
+- }
++ if ( opt_filter(cl, 'P') ) return NULL;
+ return PATH_RDIST;
+ }
+
+- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
++ if ( check_command(*cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
+ /* filter -e option */
+- if ( opt_exist(cl, 'e') ){
+- fprintf(stderr, "\ninsecure -e option not allowed.");
+- log_msg("insecure -e option in rdist command line!");
+- return NULL;
+- }
+-
+- if ( strstr(cl, "--rsh=" ) ){
+- fprintf(stderr, "\ninsecure --rsh= not allowed.");
+- log_msg("insecure --rsh option in rsync command line!");
+- return NULL;
++ if ( opt_filter(cl, 'e') ) return NULL;
++ while (cl && *cl){
++ if ( strstr(*cl, "--rsh=" ) ){
++ fprintf(stderr, "\ninsecure --rsh= not
allowed.");
++ log_msg("insecure --rsh option in rsync command
line!");
++ return NULL;
++ }
+ }
+-
+ return PATH_RSYNC;
+ }
++ /* No match, return NULL */
++ return NULL;
++}
++
++
++/*
++ * get_command() - take the command line passed to rssh, and verify
++ * that the specified command is one the user is allowed to run.
++ * Return the path of the command which will be run if it is ok,
++ * or return NULL if it is not.
++ */
++char *get_command( char *cl, ShellOptions_t *opts )
++{
+
++ if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
++ return PATH_SFTP_SERVER;
++ if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) )
++ return PATH_SCP;
++ if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) )
++ return PATH_CVS;
++ if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) )
++ return PATH_RDIST;
++ if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) )
++ return PATH_RSYNC;
+ return NULL;
+ }
+
+
++
+ /*
+ * extract_root() - takes a root directory and the full path to some other
+ * directory, and returns a pointer to a string which
+@@ -264,7 +277,7 @@
+ len = strlen(root);
+ /* get rid of a trailing / from the root path */
+ if ( root[len - 1] == '/' ){
+- root[len - 1] = '\0';
++ root[len - 1] = '\0';
+ len--;
+ }
+ if ( (strncmp(root, path, len)) ) return NULL;
+@@ -309,7 +322,7 @@
+ * same name, and returns FALSE if the bits are not valid
+ */
+ int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp,
+- bool *allow_cvs, bool *allow_rdist, bool *allow_rsync )
++ bool *allow_cvs, bool *allow_rdist, bool *allow_rsync )
+ {
+ int i;
+
+--- rssh-2.3.3/util.h 2006-12-21 17:22:38.000000000 -0500
++++ rssh-2.3.3/util.h 2012-05-11 16:21:12.000000000 -0400
+@@ -33,7 +33,8 @@
+ #include "rsshconf.h"
+
+ void fail( int flags, int argc, char **argv );
+-char *check_command_line( char *cl, ShellOptions_t *opts );
++char *check_command_line( char **cl, ShellOptions_t *opts );
++char *get_command( char *cl, ShellOptions_t *opts);
+ char *extract_root( char *root, char *path );
+ int validate_umask( const char *temp, int *mask );
+ int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp,
Deleted: extra-i686/rsync.patch
===================================================================
--- extra-i686/rsync.patch 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-i686/rsync.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,57 +0,0 @@
-diff -aur old//util.c new//util.c
---- old//util.c 2010-08-01 15:07:00.000000000 +0200
-+++ new//util.c 2010-11-25 18:16:24.086709600 +0100
-@@ -56,6 +56,7 @@
- #ifdef HAVE_LIBGEN_H
- #include <libgen.h>
- #endif /* HAVE_LIBGEN_H */
-+#include <regex.h>
-
- /* LOCAL INCLUDES */
- #include "pathnames.h"
-@@ -187,6 +188,33 @@
- }
-
- /*
-+ * check_rsync_e() - take the command line passed to rssh and look for a -e
-+ * option. If one is found, make sure --server is provided
-+ * and the option contains only the protocol information.
-+ * Returns 1 if the command line is safe; 0 otherwise.
-+ */
-+static int check_rsync_e( char *cl )
-+{
-+ int status;
-+ regex_t re;
-+
-+ /*
-+ * This is more complicated than it looks because we don't want to
-+ * trigger on the e in --server, but we do want to catch the common
-+ * case of -ltpre.iL (which contains -e.).
-+ */
-+ static const char pattern[] = "[ \t\v\f]-([^-][^ ]*)?e[^.0-9]";
-+
-+ if ( strstr(cl, "--server") == NULL ) return 0;
-+ if ( regcomp(&re, pattern, REG_EXTENDED | REG_NOSUB) != 0 ){
-+ return 0;
-+ }
-+ status = regexec(&re, cl, 0, NULL, 0);
-+ regfree(&re);
-+ return (status == 0) ? 0 : 1;
-+}
-+
-+/*
- * check_command_line() - take the command line passed to rssh, and verify
- * that the specified command is one the user is
- * allowed to run. Return the path of the command
-@@ -230,9 +258,9 @@
-
- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
- /* filter -e option */
-- if ( opt_exist(cl, 'e') ){
-+ if ( opt_exist(cl, 'e') && !check_rsync_e(cl) ){
- fprintf(stderr, "\ninsecure -e option not allowed.");
-- log_msg("insecure -e option in rdist command line!");
-+ log_msg("insecure -e option in rsync command line!");
- return NULL;
- }
-
Copied: rssh/repos/extra-i686/rsync.patch (from rev 164389,
rssh/trunk/rsync.patch)
===================================================================
--- extra-i686/rsync.patch (rev 0)
+++ extra-i686/rsync.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,54 @@
+diff -Naur old/util.c new/util.c
+--- old/util.c 2012-08-01 13:48:47.803620731 +1000
++++ new/util.c 2012-08-01 13:55:13.622614598 +1000
+@@ -56,6 +56,7 @@
+ #ifdef HAVE_LIBGEN_H
+ #include <libgen.h>
+ #endif /* HAVE_LIBGEN_H */
++#include <regex.h>
+
+ /* LOCAL INCLUDES */
+ #include "pathnames.h"
+@@ -192,6 +193,33 @@
+
+
+ /*
++ * check_rsync_e() - take the command line passed to rssh and look for a -e
++ * option. If one is found, make sure --server is provided
++ * and the option contains only the protocol information.
++ * Returns 1 if the command line is safe; 0 otherwise.
++ */
++static int check_rsync_e( char *cl )
++{
++ int status;
++ regex_t re;
++
++ /*
++ * This is more complicated than it looks because we don't want to
++ * trigger on the e in --server, but we do want to catch the common
++ * case of -ltpre.iL (which contains -e.).
++ */
++ static const char pattern[] = "[ \t\v\f]-([^-][^ ]*)?e[^.0-9]";
++
++ if ( strstr(cl, "--server") == NULL ) return 0;
++ if ( regcomp(&re, pattern, REG_EXTENDED | REG_NOSUB) != 0 ){
++ return 0;
++ }
++ status = regexec(&re, cl, 0, NULL, 0);
++ regfree(&re);
++ return (status == 0) ? 0 : 1;
++}
++
++/*
+ * check_command_line() - take the command line passed to rssh, and verify
+ * that the specified command is one the user is
+ * allowed to run and validate the arguments. Return the
+@@ -211,7 +239,7 @@
+ }
+
+ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
+- if ( opt_filter(cl, 'e') ) return NULL;
++ if ( opt_filter(cl, 'e') && !check_rsync_e(cl) ) return NULL;
+ return PATH_CVS;
+ }
+
Deleted: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-x86_64/PKGBUILD 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,40 +0,0 @@
-# $Id$
-# Contributor: Judd Vinet <[email protected]>
-# Maintainer: Gaetan Bisson <[email protected]>
-
-pkgname=rssh
-pkgver=2.3.3
-pkgrel=3
-pkgdesc='Restricted shell for use with OpenSSH, allowing only scp and/or sftp'
-url='http://www.pizzashack.org/rssh/'
-license=('custom:rssh')
-arch=('i686' 'x86_64')
-backup=('etc/rssh.conf')
-depends=('openssh')
-source=("http://downloads.sourceforge.net/sourceforge/rssh/rssh-${pkgver}.tar.gz";
- 'destdir.patch'
- 'rsync.patch')
-sha1sums=('0a6dd80b5e6059e0db12c9f1276121dd966b610a'
- '85bd1694decae5872cbeeafd578b147eb13313c6'
- '41f32f8a77b3a2b924ede6044ab67846e06b5d20')
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
-
- patch -p1 -i ../destdir.patch
- patch -p1 -i ../rsync.patch # FS#21783, debian patch
-
- ./configure \
- --prefix=/usr \
- --libexecdir=/usr/lib/rssh \
- --mandir=/usr/share/man \
- --sysconfdir=/etc \
-
- make
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/rssh/LICENSE
-}
Copied: rssh/repos/extra-x86_64/PKGBUILD (from rev 164389, rssh/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD (rev 0)
+++ extra-x86_64/PKGBUILD 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,43 @@
+# $Id$
+# Contributor: Judd Vinet <[email protected]>
+# Maintainer: Gaetan Bisson <[email protected]>
+
+pkgname=rssh
+pkgver=2.3.3
+pkgrel=4
+pkgdesc='Restricted shell for use with OpenSSH, allowing only scp and/or sftp'
+url='http://www.pizzashack.org/rssh/'
+license=('custom:rssh')
+arch=('i686' 'x86_64')
+backup=('etc/rssh.conf')
+depends=('openssh')
+source=("http://downloads.sourceforge.net/sourceforge/rssh/rssh-${pkgver}.tar.gz";
+ 'env-breach.patch'
+ 'destdir.patch'
+ 'rsync.patch')
+sha1sums=('0a6dd80b5e6059e0db12c9f1276121dd966b610a'
+ '434712f82f24c60834a10142ca5c49b8a57555a7'
+ '85bd1694decae5872cbeeafd578b147eb13313c6'
+ '86564eab4493f4b4502a022e5938babb31450a00')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ patch -p1 -i ../env-breach.patch # FS#30950
+ patch -p1 -i ../rsync.patch # FS#21783
+ patch -p1 -i ../destdir.patch
+
+ ./configure \
+ --prefix=/usr \
+ --libexecdir=/usr/lib/rssh \
+ --mandir=/usr/share/man \
+ --sysconfdir=/etc \
+
+ make
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/rssh/LICENSE
+}
Deleted: extra-x86_64/destdir.patch
===================================================================
--- extra-x86_64/destdir.patch 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-x86_64/destdir.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,24 +0,0 @@
-diff -aur old//Makefile.am new//Makefile.am
---- old//Makefile.am 2006-12-21 23:22:37.000000000 +0100
-+++ new//Makefile.am 2010-11-25 18:15:29.253376150 +0100
-@@ -16,7 +16,7 @@
- $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
-
- install-exec-hook:
-- chmod u+s $(libexecdir)/rssh_chroot_helper
-+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
-
- rpm: dist
- rpmbuild -ta --sign $(base).tar.gz
-diff -aur old//Makefile.in new//Makefile.in
---- old//Makefile.in 2010-08-01 15:59:54.000000000 +0200
-+++ new//Makefile.in 2010-11-25 18:15:29.253376150 +0100
-@@ -830,7 +830,7 @@
- $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
-
- install-exec-hook:
-- chmod u+s $(libexecdir)/rssh_chroot_helper
-+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
-
- rpm: dist
- rpmbuild -ta --sign $(base).tar.gz
Copied: rssh/repos/extra-x86_64/destdir.patch (from rev 164389,
rssh/trunk/destdir.patch)
===================================================================
--- extra-x86_64/destdir.patch (rev 0)
+++ extra-x86_64/destdir.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,24 @@
+diff -aur old//Makefile.am new//Makefile.am
+--- old//Makefile.am 2006-12-21 23:22:37.000000000 +0100
++++ new//Makefile.am 2010-11-25 18:15:29.253376150 +0100
+@@ -16,7 +16,7 @@
+ $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
+
+ install-exec-hook:
+- chmod u+s $(libexecdir)/rssh_chroot_helper
++ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
+
+ rpm: dist
+ rpmbuild -ta --sign $(base).tar.gz
+diff -aur old//Makefile.in new//Makefile.in
+--- old//Makefile.in 2010-08-01 15:59:54.000000000 +0200
++++ new//Makefile.in 2010-11-25 18:15:29.253376150 +0100
+@@ -830,7 +830,7 @@
+ $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $<
+
+ install-exec-hook:
+- chmod u+s $(libexecdir)/rssh_chroot_helper
++ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper
+
+ rpm: dist
+ rpmbuild -ta --sign $(base).tar.gz
Copied: rssh/repos/extra-x86_64/env-breach.patch (from rev 164389,
rssh/trunk/env-breach.patch)
===================================================================
--- extra-x86_64/env-breach.patch (rev 0)
+++ extra-x86_64/env-breach.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,228 @@
+--- rssh-2.3.3/main.c.in 2010-08-01 15:43:30.000000000 -0400
++++ rssh-2.3.3/main.c.in 2012-05-11 16:44:39.000000000 -0400
+@@ -184,7 +184,7 @@
+ * determine if the command in cmdline is acceptable to run, and store
+ * name of program to exec in cmd
+ */
+- if ( !(*cmd = check_command_line(cmdline, opts)) ) return NULL;
++ if ( !(*cmd = get_command(cmdline, opts)) ) return NULL;
+
+ /* if we need to do chroot processing, do it */
+ if ( opts->shell_flags & RSSH_USE_CHROOT ){
+@@ -252,7 +252,9 @@
+ }
+
+ /* return vector of pointers to command line arguments */
+- return build_arg_vector(cmdline, 0);
++ argvec = build_arg_vector(cmdline, 0);
++ if (check_command_line(argvec, opts)) return argvec;
++ else return NULL;
+ }
+
+ void vers_info( void )
+--- rssh-2.3.3/util.c 2010-08-01 09:07:00.000000000 -0400
++++ rssh-2.3.3/util.c 2012-05-11 16:43:10.000000000 -0400
+@@ -106,7 +106,7 @@
+ /* print error message to user and log attempt */
+ fprintf(stderr, "\nThis account is restricted by rssh.\n"
+ "%s\n\nIf you believe this is in error, please contact "
+- "your system administrator.\n\n", cmd);
++ "your system administrator.\n\n", cmd);
+ if ( argc < 3 )
+ log_msg("user %s attempted to log in with a shell",
+ username);
+@@ -132,31 +132,35 @@
+ */
+ bool opt_exist(char *cl, char opt)
+ {
+- int i = 0;
++ int i = 1;
+ int len;
+- char *token;
+- bool optstring = FALSE;
+-
+
+ len = strlen(cl);
+
+ /* process command line character by character */
+- while ( i < (len - 2) ){
+- if ( cl[i] == ' ' || cl[i] == '\t' ){
+- if ( cl[i+1] == '-' ){
+- optstring = TRUE;
+- i+=2;
+- }
+- }
+- if ( cl[i] == opt && optstring ) return TRUE;
+- if ( cl[i] == ' ' || cl[i] == '\t' || cl[i] == '-' )
+- optstring = FALSE;
++ if (!(cl[0] == '-')) return FALSE;
++ while ( i < (len) ){
++ if ( cl[i] == opt ) return TRUE;
+ i++;
+ }
+ return FALSE;
+ }
+
+
++bool opt_filter(char **vec, const char opt)
++{
++ while (vec && *vec){
++ if (opt_exist(*vec, opt)){
++ fprintf(stderr, "\nillegal insecure %c option", opt);
++ log_msg("insecure %c option in scp command line!", opt);
++ return TRUE;
++ }
++ vec++;
++ }
++ return FALSE;
++}
++
++
+ bool check_command( char *cl, ShellOptions_t *opts, char *cmd, int cmdflag )
+ {
+ int cl_len; /* length of command line */
+@@ -186,69 +190,78 @@
+ return FALSE;
+ }
+
++
+ /*
+ * check_command_line() - take the command line passed to rssh, and verify
+- * that the specified command is one the user is
+- * allowed to run. Return the path of the command
+- * which will be run if it is ok, or return NULL if it
+- * is not.
++ * that the specified command is one the user is
++ * allowed to run and validate the arguments. Return the
++ * path of the command which will be run if it is ok, or
++ * return NULL if it is not.
+ */
+-char *check_command_line( char *cl, ShellOptions_t *opts )
++char *check_command_line( char **cl, ShellOptions_t *opts )
+ {
+
+- if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
++ if ( check_command(*cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
+ return PATH_SFTP_SERVER;
+
+- if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){
++ if ( check_command(*cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){
+ /* filter -S option */
+- if ( opt_exist(cl, 'S') ){
+- fprintf(stderr, "\ninsecure -S option not allowed.");
+- log_msg("insecure -S option in scp command line!");
+- return NULL;
+- }
++ if ( opt_filter(cl, 'S') ) return NULL;
+ return PATH_SCP;
+ }
+
+- if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
+- if ( opt_exist(cl, 'e') ){
+- fprintf(stderr, "\ninsecure -e option not allowed.");
+- log_msg("insecure -e option in cvs command line!");
+- return NULL;
+- }
++ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
++ if ( opt_filter(cl, 'e') ) return NULL;
+ return PATH_CVS;
+ }
+
+- if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){
++ if ( check_command(*cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){
+ /* filter -P option */
+- if ( opt_exist(cl, 'P') ){
+- fprintf(stderr, "\ninsecure -P option not allowed.");
+- log_msg("insecure -P option in rdist command line!");
+- return NULL;
+- }
++ if ( opt_filter(cl, 'P') ) return NULL;
+ return PATH_RDIST;
+ }
+
+- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
++ if ( check_command(*cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
+ /* filter -e option */
+- if ( opt_exist(cl, 'e') ){
+- fprintf(stderr, "\ninsecure -e option not allowed.");
+- log_msg("insecure -e option in rdist command line!");
+- return NULL;
+- }
+-
+- if ( strstr(cl, "--rsh=" ) ){
+- fprintf(stderr, "\ninsecure --rsh= not allowed.");
+- log_msg("insecure --rsh option in rsync command line!");
+- return NULL;
++ if ( opt_filter(cl, 'e') ) return NULL;
++ while (cl && *cl){
++ if ( strstr(*cl, "--rsh=" ) ){
++ fprintf(stderr, "\ninsecure --rsh= not
allowed.");
++ log_msg("insecure --rsh option in rsync command
line!");
++ return NULL;
++ }
+ }
+-
+ return PATH_RSYNC;
+ }
++ /* No match, return NULL */
++ return NULL;
++}
++
++
++/*
++ * get_command() - take the command line passed to rssh, and verify
++ * that the specified command is one the user is allowed to run.
++ * Return the path of the command which will be run if it is ok,
++ * or return NULL if it is not.
++ */
++char *get_command( char *cl, ShellOptions_t *opts )
++{
+
++ if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) )
++ return PATH_SFTP_SERVER;
++ if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) )
++ return PATH_SCP;
++ if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) )
++ return PATH_CVS;
++ if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) )
++ return PATH_RDIST;
++ if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) )
++ return PATH_RSYNC;
+ return NULL;
+ }
+
+
++
+ /*
+ * extract_root() - takes a root directory and the full path to some other
+ * directory, and returns a pointer to a string which
+@@ -264,7 +277,7 @@
+ len = strlen(root);
+ /* get rid of a trailing / from the root path */
+ if ( root[len - 1] == '/' ){
+- root[len - 1] = '\0';
++ root[len - 1] = '\0';
+ len--;
+ }
+ if ( (strncmp(root, path, len)) ) return NULL;
+@@ -309,7 +322,7 @@
+ * same name, and returns FALSE if the bits are not valid
+ */
+ int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp,
+- bool *allow_cvs, bool *allow_rdist, bool *allow_rsync )
++ bool *allow_cvs, bool *allow_rdist, bool *allow_rsync )
+ {
+ int i;
+
+--- rssh-2.3.3/util.h 2006-12-21 17:22:38.000000000 -0500
++++ rssh-2.3.3/util.h 2012-05-11 16:21:12.000000000 -0400
+@@ -33,7 +33,8 @@
+ #include "rsshconf.h"
+
+ void fail( int flags, int argc, char **argv );
+-char *check_command_line( char *cl, ShellOptions_t *opts );
++char *check_command_line( char **cl, ShellOptions_t *opts );
++char *get_command( char *cl, ShellOptions_t *opts);
+ char *extract_root( char *root, char *path );
+ int validate_umask( const char *temp, int *mask );
+ int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp,
Deleted: extra-x86_64/rsync.patch
===================================================================
--- extra-x86_64/rsync.patch 2012-08-01 04:00:10 UTC (rev 164389)
+++ extra-x86_64/rsync.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -1,57 +0,0 @@
-diff -aur old//util.c new//util.c
---- old//util.c 2010-08-01 15:07:00.000000000 +0200
-+++ new//util.c 2010-11-25 18:16:24.086709600 +0100
-@@ -56,6 +56,7 @@
- #ifdef HAVE_LIBGEN_H
- #include <libgen.h>
- #endif /* HAVE_LIBGEN_H */
-+#include <regex.h>
-
- /* LOCAL INCLUDES */
- #include "pathnames.h"
-@@ -187,6 +188,33 @@
- }
-
- /*
-+ * check_rsync_e() - take the command line passed to rssh and look for a -e
-+ * option. If one is found, make sure --server is provided
-+ * and the option contains only the protocol information.
-+ * Returns 1 if the command line is safe; 0 otherwise.
-+ */
-+static int check_rsync_e( char *cl )
-+{
-+ int status;
-+ regex_t re;
-+
-+ /*
-+ * This is more complicated than it looks because we don't want to
-+ * trigger on the e in --server, but we do want to catch the common
-+ * case of -ltpre.iL (which contains -e.).
-+ */
-+ static const char pattern[] = "[ \t\v\f]-([^-][^ ]*)?e[^.0-9]";
-+
-+ if ( strstr(cl, "--server") == NULL ) return 0;
-+ if ( regcomp(&re, pattern, REG_EXTENDED | REG_NOSUB) != 0 ){
-+ return 0;
-+ }
-+ status = regexec(&re, cl, 0, NULL, 0);
-+ regfree(&re);
-+ return (status == 0) ? 0 : 1;
-+}
-+
-+/*
- * check_command_line() - take the command line passed to rssh, and verify
- * that the specified command is one the user is
- * allowed to run. Return the path of the command
-@@ -230,9 +258,9 @@
-
- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){
- /* filter -e option */
-- if ( opt_exist(cl, 'e') ){
-+ if ( opt_exist(cl, 'e') && !check_rsync_e(cl) ){
- fprintf(stderr, "\ninsecure -e option not allowed.");
-- log_msg("insecure -e option in rdist command line!");
-+ log_msg("insecure -e option in rsync command line!");
- return NULL;
- }
-
Copied: rssh/repos/extra-x86_64/rsync.patch (from rev 164389,
rssh/trunk/rsync.patch)
===================================================================
--- extra-x86_64/rsync.patch (rev 0)
+++ extra-x86_64/rsync.patch 2012-08-01 04:02:33 UTC (rev 164390)
@@ -0,0 +1,54 @@
+diff -Naur old/util.c new/util.c
+--- old/util.c 2012-08-01 13:48:47.803620731 +1000
++++ new/util.c 2012-08-01 13:55:13.622614598 +1000
+@@ -56,6 +56,7 @@
+ #ifdef HAVE_LIBGEN_H
+ #include <libgen.h>
+ #endif /* HAVE_LIBGEN_H */
++#include <regex.h>
+
+ /* LOCAL INCLUDES */
+ #include "pathnames.h"
+@@ -192,6 +193,33 @@
+
+
+ /*
++ * check_rsync_e() - take the command line passed to rssh and look for a -e
++ * option. If one is found, make sure --server is provided
++ * and the option contains only the protocol information.
++ * Returns 1 if the command line is safe; 0 otherwise.
++ */
++static int check_rsync_e( char *cl )
++{
++ int status;
++ regex_t re;
++
++ /*
++ * This is more complicated than it looks because we don't want to
++ * trigger on the e in --server, but we do want to catch the common
++ * case of -ltpre.iL (which contains -e.).
++ */
++ static const char pattern[] = "[ \t\v\f]-([^-][^ ]*)?e[^.0-9]";
++
++ if ( strstr(cl, "--server") == NULL ) return 0;
++ if ( regcomp(&re, pattern, REG_EXTENDED | REG_NOSUB) != 0 ){
++ return 0;
++ }
++ status = regexec(&re, cl, 0, NULL, 0);
++ regfree(&re);
++ return (status == 0) ? 0 : 1;
++}
++
++/*
+ * check_command_line() - take the command line passed to rssh, and verify
+ * that the specified command is one the user is
+ * allowed to run and validate the arguments. Return the
+@@ -211,7 +239,7 @@
+ }
+
+ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){
+- if ( opt_filter(cl, 'e') ) return NULL;
++ if ( opt_filter(cl, 'e') && !check_rsync_e(cl) ) return NULL;
+ return PATH_CVS;
+ }
+
