kumba 14/08/13 05:47:27
Added: ncpfs-2.2.6-no-suid-root.patch
ncpfs-2.2.6-remove-libncp_atomic-header.patch
ncpfs-2.2.6-drop-mtab-support.patch
ncpfs-2.2.6-align-fix.patch
ncpfs-2.2.6-servername-array-fix.patch
ncpfs-2.2.6-makefile-fix-soname-link.patch
ncpfs-2.2.6-pam_ncp_auth-fix.patch
ncpfs-2.2.6-getuid-fix.patch
ncpfs-2.2.6-cve-2011-1679-1680.patch
ncpfs-2.2.6-pie-fix.patch
ncpfs-2.2.6-drop-kernel-check.patch
ncpfs-2.2.6-ldflags-support.patch
Log:
Added 2.2.6-r3 that contains patches from Mageia and Debian that address
several issues, including bugs #371477, #497278, & #446696.
(Portage version: 2.2.12/cvs/Linux x86_64, signed Manifest commit with key
D25D95E3)
Revision Changes Path
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-no-suid-root.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-no-suid-root.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-no-suid-root.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-no-suid-root.patch
===================================================================
Description: Don't install utils as suid root
Author: Bastian Blank <wa...@debian.org>
Bug-Debian: http://bugs.debian.org/692929
--- ncpfs-2.2.6.orig/sutil/Makefile.in
+++ ncpfs-2.2.6/sutil/Makefile.in
@@ -51,7 +51,7 @@ all: $(UTILS)
install: all
${INSTALL} -d $(DESTDIR)$(bindir)
${INSTALL} -d $(DESTDIR)/sbin
- ${INSTALL} -m 4755 $(UTILS) $(DESTDIR)$(bindir)
+ ${INSTALL} $(UTILS) $(DESTDIR)$(bindir)
ifeq ($(USE_KERNEL),1)
ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncp
ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncpfs
1.1
net-fs/ncpfs/files/ncpfs-2.2.6-remove-libncp_atomic-header.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-remove-libncp_atomic-header.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-remove-libncp_atomic-header.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-remove-libncp_atomic-header.patch
===================================================================
Description: Remove another generated file
Author: Bastian Blank <wa...@debian.org>
Bug-Debian: http://bugs.debian.org/692471
--- ncpfs-2.2.6.orig/Makefile.in
+++ ncpfs-2.2.6/Makefile.in
@@ -71,6 +71,7 @@ distclean:
rm -f intl/Makefile po/Makefile po/Makefile.in
rm -f lib/Makefile man/Makefile sutil/Makefile util/Makefile
rm -f include/config.h
+ rm -f include/private/libncp-atomic.h
rm -f include/ncp/ext/socket.h include/ncp/ext/stdint.h
rm -f include/ncp/kernel/fs.h
rm -f include/ncp/kernel/if.h include/ncp/kernel/route.h
include/ncp/kernel/types.h
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-drop-mtab-support.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-drop-mtab-support.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-drop-mtab-support.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-drop-mtab-support.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
--- ncpfs-2.2.6.orig/sutil/ncplogin.c 2014-08-12 22:03:48.059170406 -0400
+++ ncpfs-2.2.6/sutil/ncplogin.c 2014-08-12 22:08:09.029168854 -0400
@@ -111,7 +111,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <sys/ioctl.h>
#ifdef CONFIG_NATIVE_UNIX
@@ -935,12 +934,6 @@ ncpipx:;
}
NWCCCloseConn(conn);
NWDSFreeContext(ctx);
- /* ncpmap, ncplogin must write in /etc/mtab */
- {
- block_sigs();
- add_mnt_entry(mount_name, mount_point, info.flags);
- unblock_sigs();
- }
free(mount_name);
if (info.echo_mnt_pnt) {
printf(_("mounted on:%s\n"),mount_point);
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c 2014-08-12 22:03:48.149170405
-0400
+++ ncpfs-2.2.6/sutil/ncpm_common.c 2014-08-12 22:08:09.029168854 -0400
@@ -104,7 +104,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <sys/ioctl.h>
#if MOUNT3
@@ -1423,80 +1422,6 @@ static const struct smntflags {
{MS_NODIRATIME, "nodiratime"},
{0, NULL}};
-void add_mnt_entry(char* mount_name, char* mpnt, unsigned long flags) {
- const struct smntflags* sf;
- char mnt_opts[80];
- char* p;
- struct mntent ment;
- int fd;
- FILE* mtab;
- off_t goodoffset;
-
- if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
- errexit(107, _("Illegal character in mount entry\n"));
-
- ment.mnt_fsname = mount_name;
- ment.mnt_dir = mpnt;
- ment.mnt_type = (char*)"ncpfs";
- ment.mnt_opts = mnt_opts;
- ment.mnt_freq = 0;
- ment.mnt_passno = 0;
-
- p = mnt_opts;
- *p++ = 'r';
- *p++ = (flags & MS_RDONLY)?'o':'w';
- for (sf = mntflags; sf->flag; sf++) {
- if (flags & sf->flag) {
- *p++ = ',';
- strcpy(p, sf->name);
- p += strlen(p);
- }
- }
- *p = 0;
-
- if (ncpm_suser()) {
- errexit(91, _("Cannot switch to superuser: %s\n"),
strerror(errno));
- }
- if ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1)
- {
- errexit(58, _("Can't get %s~ lock file\n"), MOUNTED);
- }
- close(fd);
-
- if ((mtab = setmntent(MOUNTED, "a+")) == NULL)
- {
- unlink(MOUNTED "~");
- errexit(59, _("Can't open %s\n"), MOUNTED);
- }
- fseek (mtab, 0, SEEK_END);
- goodoffset = ftell(mtab);
- if (addmntent(mtab, &ment) == 1)
- {
- /* restore good state */
- ftruncate(fileno(mtab), goodoffset);
- endmntent(mtab);
- unlink(MOUNTED "~");
- errexit(60, _("Can't write mount entry\n"));
- }
- if (fchmod(fileno(mtab), 0644) == -1)
- {
- /* restore good state */
- ftruncate(fileno(mtab), goodoffset);
- endmntent(mtab);
- unlink(MOUNTED "~");
- errexit(61, _("Can't set perms on %s\n"), MOUNTED);
- }
- endmntent(mtab);
-
- if (unlink(MOUNTED "~") == -1)
- {
- errexit(62, _("Can't remove %s~\n"), MOUNTED);
- }
- if (ncpm_normal()) {
- errexit(90, _("Cannot relinquish superuser rights: %s\n"),
strerror(EPERM));
- }
-}
-
static int __proc_option(const struct optinfo* opts, struct ncp_mount_info*
info, const char* opt, const char* param) {
const struct optinfo* optr;
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpm_common.h ncpfs-2.2.6/sutil/ncpm_common.h
--- ncpfs-2.2.6.orig/sutil/ncpm_common.h 2014-08-12 22:03:47.919170406
-0400
+++ ncpfs-2.2.6/sutil/ncpm_common.h 2014-08-12 22:08:09.029168854 -0400
@@ -60,7 +60,6 @@ void verify_argv(int argc, char* argv[])
int ncp_mount_specific(struct ncp_conn* conn, int pathNS, const unsigned char*
NWpath, int pathlen);
int mount_ok(struct stat *st);
void mycom_err(int, const char*, ...);
-void add_mnt_entry(char* mount_name, char* mpoint, unsigned long flags);
struct ncp_mount_info {
struct ncp_mount_data_independent mdata;
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpmount.c ncpfs-2.2.6/sutil/ncpmount.c
--- ncpfs-2.2.6.orig/sutil/ncpmount.c 2014-08-12 22:03:47.919170406 -0400
+++ ncpfs-2.2.6/sutil/ncpmount.c 2014-08-12 22:08:09.029168854 -0400
@@ -114,7 +114,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <ncp/nwclient.h>
#include <sys/ioctl.h>
@@ -719,11 +718,6 @@ ncpipx:;
}
ncp_close(conn);
- if (!opt_n) {
- block_sigs();
- add_mnt_entry(mount_name, mount_point, info.flags);
- unblock_sigs();
- }
return 0;
}
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
--- ncpfs-2.2.6.orig/sutil/ncpumount.c 2014-08-12 22:03:47.949170406 -0400
+++ ncpfs-2.2.6/sutil/ncpumount.c 2014-08-12 22:09:30.179168372 -0400
@@ -179,113 +179,6 @@ static void enableAlarm(void) {
sigprocmask(SIG_UNBLOCK, &sa.sa_mask, NULL);
}
-static int __clearMtab (const char* mount_points[], unsigned int numEntries) {
-// main logic from ncpumount.c
- struct mntent *mnt;
- FILE *mtab;
- FILE *new_mtab;
-
-#define MOUNTED_TMP MOUNTED".tmp"
-
- if ((mtab = setmntent(MOUNTED, "r")) == NULL){
- eprintf(_("Can't open %s: %s\n"), MOUNTED,
- strerror(errno));
- return 1;
- }
-
- if ((new_mtab = setmntent(MOUNTED_TMP, "w")) == NULL){
- eprintf(_("Can't open %s: %s\n"), MOUNTED_TMP,
- strerror(errno));
- endmntent(mtab);
- return 1;
- }
- while ((mnt = getmntent(mtab)) != NULL) {
- unsigned int i=0;
- int found=0;
-
- while (i<numEntries && !found) {
- found=!strcmp(mnt->mnt_dir, mount_points[i]);
- i++;
- }
- if (!found) {
- if (addmntent(new_mtab, mnt)) {
- eprintf(_("Can't addmntent to %s: %s\n"),
MOUNTED_TMP,
- strerror(errno));
- endmntent(mtab);
- return 1;
- }
- }
- }
-
- endmntent(mtab);
-
- if (fchmod(fileno(new_mtab), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) <
0){
- eprintf(_("Error changing mode of %s: %s\n"),
- MOUNTED_TMP, strerror(errno));
- return 1;
- }
- endmntent(new_mtab);
-
- if (rename(MOUNTED_TMP, MOUNTED) < 0){
- eprintf(_("Cannot rename %s to %s: %s\n"),
- MOUNTED, MOUNTED_TMP, strerror(errno));
- return 1;
- }
- return 0;
-}
-
-static int clearMtab (const char* mount_points[], unsigned int numEntries) {
- int fd;
- int err;
- int retries = 10;
-
- if (!numEntries)
- return 0; /* don't waste time ! */
-
- block_sigs();
-
- while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1)
{
- struct timespec tm;
-
- if (errno != EEXIST || retries == 0) {
- unblock_sigs();
- eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED,
strerror(errno));
- return 1;
- }
- fd = open(MOUNTED "~", O_RDWR);
- if (fd != -1) {
- alarm(10);
- err = lockf(fd, F_LOCK, 0);
- alarm(0);
- close(fd);
- if (err) {
- unblock_sigs();
- eprintf(_("Can't lock lock file %s~: %s\n"),
MOUNTED, _("Lock timed out"));
- return 1;
- }
- tm.tv_sec = 0;
- tm.tv_nsec = 20000000;
- nanosleep(&tm, NULL);
- }
- retries--;
- }
- alarm(1);
- lockf(fd, F_LOCK, 0);
- alarm(0);
- close(fd);
-
- err = __clearMtab(mount_points, numEntries);
-
- if ((unlink(MOUNTED "~") == -1) && (err == 0)){
- unblock_sigs();
- eprintf(_("Can't remove %s~"), MOUNTED);
- return 1;
- }
- unblock_sigs();
- return err;
-}
-
-
int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt)
{
if (umount(rel_mnt) != 0) {
@@ -622,10 +515,6 @@ static int old_ncpumount(int argc, char
ret = 1;
continue;
}
- if (clearMtab(&mount_point, 1)) {
- ret = 1;
- continue;
- }
}
return ret;
}
@@ -744,7 +633,6 @@ main(int argc, char *argv[])
if (serverName || allConns) {
processBindServers(conns,curEntries,serverName,umountTable,&mountEntries);
}
- clearMtab(umountTable, mountEntries);
} else if (treeName) {
eprintf(_("No NCP connections to tree %s.\n"),treeName);
} else if (serverName) {
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-align-fix.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-align-fix.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-align-fix.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-align-fix.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/lib/ndslib.c ncpfs-2.2.6/lib/ndslib.c
--- ncpfs-2.2.6.orig/lib/ndslib.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/ndslib.c 2014-08-12 21:07:35.559190454 -0400
@@ -957,7 +957,7 @@ static NWDSCCODE nds_beginauth2(
NWDSCCODE err;
int n1, n3;
u_int16_t n3a;
- char rpb_b[DEFAULT_MESSAGE_LEN];
+ char rpb_b[DEFAULT_MESSAGE_LEN] __attribute__ ((aligned (4)));
Buf_T rpb;
size_t k1tl;
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-servername-array-fix.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-servername-array-fix.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-servername-array-fix.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-servername-array-fix.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/include/ncp/ncplib.h
ncpfs-2.2.6/include/ncp/ncplib.h
--- ncpfs-2.2.6.orig/include/ncp/ncplib.h 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/include/ncp/ncplib.h 2014-08-12 21:01:01.159192798 -0400
@@ -485,9 +485,9 @@ struct ncp_file_server_info
struct ncp_file_server_info_2 {
#ifdef SWIG
- fixedArray ServerName[49];
+ fixedArray ServerName[50];
#else
- u_int8_t ServerName[49];
+ u_int8_t ServerName[50];
#endif
u_int8_t FileServiceVersion;
u_int8_t FileServiceSubVersion;
1.1
net-fs/ncpfs/files/ncpfs-2.2.6-makefile-fix-soname-link.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-makefile-fix-soname-link.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-makefile-fix-soname-link.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-makefile-fix-soname-link.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/lib/Makefile.in ncpfs-2.2.6/lib/Makefile.in
--- ncpfs-2.2.6.orig/lib/Makefile.in 2014-08-12 23:23:27.149141996 -0400
+++ ncpfs-2.2.6/lib/Makefile.in 2014-08-12 23:23:55.969141824 -0400
@@ -99,9 +99,10 @@ distclean: mrproper
install_shared: $(SHARED_NCPLIB_BIN)
$(INSTALL) -d $(DESTDIR)$(libsodir)
$(INSTALL) $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)
+ ln -sf $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB)
+ ln -sf $(SHARED_NCPLIB_BIN)
$(DESTDIR)$(libsodir)/$(SHARED_NCPLIB_SONAME)
install-dev: install_shared install_static
- ln -sf $(SHARED_NCPLIB_SONAME) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB)
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp/ext
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp/kernel
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-pam_ncp_auth-fix.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-pam_ncp_auth-fix.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-pam_ncp_auth-fix.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-pam_ncp_auth-fix.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/contrib/pam/pam_ncp_auth.c
ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c
--- ncpfs-2.2.6.orig/contrib/pam/pam_ncp_auth.c 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c 2014-08-12 21:02:33.229192251
-0400
@@ -2534,7 +2534,7 @@ nw_retrieve_nds_user_info(struct nw_user
bailoutctx:;
NWDSFreeContext(ctx);
bailout:;
- if (!err & (ui->qflag & QF_DEBUG))
+ if ((!err) && (ui->qflag & QF_DEBUG))
syslog(LOG_NOTICE, "%u %u %s %s %s\n", ui->uid, ui->gid,
ui->dir, ui->gecos, ui->shell);
return err;
}
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-getuid-fix.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-getuid-fix.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-getuid-fix.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-getuid-fix.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/chgpwd.c
ncpfs-2.2.6/contrib/tcl-utils/chgpwd.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/chgpwd.c 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/contrib/tcl-utils/chgpwd.c 2014-08-12 21:08:25.779190155
-0400
@@ -292,12 +292,12 @@ int main(int argc, char *argv[]) {
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+
dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
fprintf(stderr,"failed: You must specify a server or a
tree\n");
- dserr=114;
+ /*dserr=114;*/
goto finished;
}
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncplist.c
ncpfs-2.2.6/contrib/tcl-utils/ncplist.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncplist.c 2005-01-27
12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncplist.c 2014-08-12 21:08:25.779190155
-0400
@@ -299,7 +299,12 @@ int main(int argc, char *argv[]) {
}else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+
dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ if (dserr){
+ fprintf(stderr, "failed: Cannot get preffered DS
tree: %s\n",
+ strnwerror(dserr);
+ exit(106);
+ }
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprop.c
ncpfs-2.2.6/contrib/tcl-utils/ncpreadprop.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprop.c 2005-01-27
12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncpreadprop.c 2014-08-12 21:08:25.779190155
-0400
@@ -470,7 +470,7 @@ main(int argc, char *argv[])
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+
dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprops.c
ncpfs-2.2.6/contrib/tcl-utils/ncpreadprops.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprops.c 2005-01-27
12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncpreadprops.c 2014-08-12
21:08:25.779190155 -0400
@@ -507,7 +507,7 @@ main(int argc, char *argv[])
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+
dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/lib/nwclient.c ncpfs-2.2.6/lib/nwclient.c
--- ncpfs-2.2.6.orig/lib/nwclient.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/nwclient.c 2014-08-12 21:08:25.779190155 -0400
@@ -481,6 +481,10 @@ static char* readnwinfosfile (char * use
*err = EACCES;
return NULL;
}
+ if (st.st_uid != getuid()) {
+ *err = EACCES;
+ return NULL;
+ }
if ((st.st_mode & (S_IRWXO | S_IRWXG)) != 0) {
*err = NCPLIB_INVALID_MODE;
return NULL;
@@ -560,7 +564,7 @@ NWDSCCODE NWCXGetPreferredDSTree (NWD
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_TREE,NULL, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(preferTree,res);
@@ -581,7 +585,7 @@ NWDSCCODE NWCXGetDefaultNameContext (con
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_NAME_CTX,forTree,&err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(nameContext,res);
@@ -603,7 +607,7 @@ NWDSCCODE NWCXGetPreferredServer (con
res=readnwinfosfile (NULL, NDS_PREFERRED_SERVER, forTree, &err);
if (!res) {
- return -1;
+ return err;
}
}
/* test that this server DO belongs to tree forTree*/
@@ -644,7 +648,7 @@ NWDSCCODE NWCXGetDefaultUserName (const
if (!res)
res=readnwinfosfile (NULL,NDS_USER,forTree, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(defaultName,res);
diff -Naurp ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
--- ncpfs-2.2.6.orig/sutil/ncplogin.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncplogin.c 2014-08-12 21:08:25.779190155 -0400
@@ -588,7 +588,10 @@ main(int argc, char *argv[])
int flags = 0;
if (!info.tree) {
- NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ err=NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ if (err){
+ errexit(104, _("Cannot get preffered DS tree:
%s\n"),strnwerror(err));
+ }
info.tree = ntree;
}
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-cve-2011-1679-1680.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-cve-2011-1679-1680.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-cve-2011-1679-1680.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-cve-2011-1679-1680.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/sutil/ncpm_common.c 2014-08-12 20:55:00.349194943 -0400
@@ -1415,6 +1415,7 @@ void add_mnt_entry(char* mount_name, cha
struct mntent ment;
int fd;
FILE* mtab;
+ off_t goodoffset;
ment.mnt_fsname = mount_name;
ment.mnt_dir = mpnt;
@@ -1446,14 +1447,25 @@ void add_mnt_entry(char* mount_name, cha
if ((mtab = setmntent(MOUNTED, "a+")) == NULL)
{
+ unlink(MOUNTED "~");
errexit(59, _("Can't open %s\n"), MOUNTED);
}
+ fseek (mtab, 0, SEEK_END);
+ goodoffset = ftell(mtab);
if (addmntent(mtab, &ment) == 1)
{
+ /* restore good state */
+ ftruncate(fileno(mtab), goodoffset);
+ endmntent(mtab);
+ unlink(MOUNTED "~");
errexit(60, _("Can't write mount entry\n"));
}
if (fchmod(fileno(mtab), 0644) == -1)
{
+ /* restore good state */
+ ftruncate(fileno(mtab), goodoffset);
+ endmntent(mtab);
+ unlink(MOUNTED "~");
errexit(61, _("Can't set perms on %s\n"), MOUNTED);
}
endmntent(mtab);
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
--- ncpfs-2.2.6.orig/sutil/ncpumount.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncpumount.c 2014-08-12 20:55:00.349194943 -0400
@@ -163,7 +163,12 @@ static int __clearMtab (const char* moun
i++;
}
if (!found) {
- addmntent(new_mtab, mnt);
+ if (addmntent(new_mtab, mnt)) {
+ eprintf(_("Can't addmntent to %s: %s\n"),
MOUNTED_TMP,
+ strerror(errno));
+ endmntent(mtab);
+ return 1;
+ }
}
}
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-pie-fix.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-pie-fix.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-pie-fix.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-pie-fix.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/lib/Makefile.in ncpfs-2.2.6/lib/Makefile.in
--- ncpfs-2.2.6.orig/lib/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/Makefile.in 2014-08-12 21:05:24.349191234 -0400
@@ -57,7 +57,7 @@ NDS_CFLAGS := $(BASE_CFLAGS) -DPORTABLE
CFLAGS_ncplib.o := -DNWSFIND=\"$(bindir)/nwsfind\"
CFLAGS_cfgfile.o := -DGLOBALCFGFILE=\"$(sysconfdir)/ncpfs.conf\"
-STATIC_CFLAGS := $(CFLAGS) $(CCFLAGS) $(REENTRANT_CFLAGS)
@FFUNCTION_SECTIONS@
+STATIC_CFLAGS := $(CFLAGS) $(CCFLAGS) $(REENTRANT_CFLAGS) $(PIC_FLAGS)
@FFUNCTION_SECTIONS@
SHARED_CFLAGS := $(CFLAGS) $(CCFLAGS) $(REENTRANT_CFLAGS) $(PIC_FLAGS)
$(SHARED_VLINK_CFLAGS)
.PHONY : all dep install install-dev clean mrproper distclean
diff -Naurp ncpfs-2.2.6.orig/sutil/Makefile.in ncpfs-2.2.6/sutil/Makefile.in
--- ncpfs-2.2.6.orig/sutil/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/Makefile.in 2014-08-12 21:05:24.349191234 -0400
@@ -34,11 +34,12 @@ endif
CFLAGS_ncpmount.o = -DNCPMOUNT=1 -DMAKE_NCPLIB
CFLAGS_ncpmap.o = -DNCPMAP=1 -DMAKE_NCPLIB
-CFLAGS_ncplogin.o = -DMAKE_NCPLIB
+CFLAGS_ncplogin.o = -DMAKE_NCPLIB
CFLAGS_ncpm_common.o = -DNWMSG=\"$(sbindir)/nwmsg\"
LDFLAGS_ncpmount = ncpm_common.o mount_login.o
-LDFLAGS_ncplogin = ncpm_common.o mount_login.o
-LDFLAGS_ncpmap = ncpm_common.o
+LDFLAGS_ncplogin = -pie ncpm_common.o mount_login.o
+LDFLAGS_ncpmap = -pie ncpm_common.o
+LDFLAGS_nwsfind = -pie
.PHONY : all install install-dev dep clean mrproper distclean
.PHONY : default
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-drop-kernel-check.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-drop-kernel-check.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-drop-kernel-check.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-drop-kernel-check.patch
===================================================================
Description: Drop kernel version check
Author: Bastian Blank <wa...@debian.org>
Bug-Debian: http://bugs.debian.org/692472
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c
+++ ncpfs-2.2.6/sutil/ncpm_common.c
@@ -243,23 +243,6 @@ static int load_ncpfs(void)
#endif /* MOUNT2 */
static int getmountver(void) {
- struct utsname name;
- int maj, mid, rev;
- int ver;
-
- if (uname(&name)) {
- errexit(1, _("Cannot get kernel release\n"));
- }
- if (sscanf(name.release, "%d.%d.%d", &maj, &mid, &rev) != 3) {
- errexit(2, _("Cannot convert kernel release \"%s\" to
number\n"), name.release);
- }
- ver = maj*0x10000 + mid*0x100 + rev;
- if (ver < 0x20100)
- return 2;
- if (ver < 0x20328)
- return 3;
- if (ver < 0x2051F)
- return 4;
return 5;
}
1.1 net-fs/ncpfs/files/ncpfs-2.2.6-ldflags-support.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-ldflags-support.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/ncpfs/files/ncpfs-2.2.6-ldflags-support.patch?rev=1.1&content-type=text/plain
Index: ncpfs-2.2.6-ldflags-support.patch
===================================================================
diff -Naurp ncpfs-2.2.6.orig/contrib/pam/Makefile.in
ncpfs-2.2.6/contrib/pam/Makefile.in
--- ncpfs-2.2.6.orig/contrib/pam/Makefile.in 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/contrib/pam/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -17,6 +17,7 @@ PAM_LIBRARY = pam_ncp_auth.so
PAM_OBJECTS = pam_ncp_auth.do support.do
CFLAGS_pam_ncp_auth.do := -DNCPMOUNT_PATH=\"$(bindir)/ncpmount\"
-DNCPUMOUNT_PATH=\"$(bindir)/ncpumount\"
+LDFLAGS = @LDFLAGS@
.PHONY : all install install-dev dep clean mrproper distclean
.PHONY : default
@@ -45,7 +46,7 @@ $(PAM_OBJECTS): %.do: %.c
$(PAM_LIBRARY): $(PAM_OBJECTS)
- $(CC) $(CFLAGS) -shared -o $@ $(PAM_OBJECTS) -L$(NCPLIB_DIR) -lncp
-lpam ${LIBS}
+ $(CC) $(CFLAGS) -shared $(LDFLAGS) -o $@ $(PAM_OBJECTS) -L$(NCPLIB_DIR)
-lncp -lpam ${LIBS}
dep:
diff -Naurp ncpfs-2.2.6.orig/ipx-1.0/Makefile.in ncpfs-2.2.6/ipx-1.0/Makefile.in
--- ncpfs-2.2.6.orig/ipx-1.0/Makefile.in 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/ipx-1.0/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -9,6 +9,7 @@ vpath %.c ${this_srcdir}
vpath %.8 ${this_srcdir}
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS = @LDFLAGS@
O_UTILS = ipx_configure.o ipx_cmd.o
O_UTIIPX = ipx_interface.o ipx_internal_net.o ipx_route.o
@@ -33,7 +34,7 @@ $(ALL_OBJECTS): %.o: %.c
[ -s $@ ] || rm -f $@
$(UTIIPX): %: %.o ipxutil.o
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
$(UTILS): %: %.o
$(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ${LIBS}
diff -Naurp ncpfs-2.2.6.orig/ipxdump/Makefile.in ncpfs-2.2.6/ipxdump/Makefile.in
--- ncpfs-2.2.6.orig/ipxdump/Makefile.in 2005-01-27 12:35:59.000000000
-0500
+++ ncpfs-2.2.6/ipxdump/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -11,6 +11,7 @@ ncp_if_ether_support = @ncp_if_ether_sup
OBJECTS= ipxutil.o
ALL_OBJECTS := $(EXEC:%=%.o) $(OBJECTS)
+LDFLAGS = @LDFLAGS@
.PHONY : all install dep clean mrproper distclean
.PHONY : dist tgz
@@ -24,7 +25,7 @@ install: $(EXEC)
ifeq ($(ncp_if_ether_support),yes)
$(EXEC): %: %.o $(OBJECTS)
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
else
.PHONY ipxdump ipxparse
diff -Naurp ncpfs-2.2.6.orig/lib/Makefile.in ncpfs-2.2.6/lib/Makefile.in
--- ncpfs-2.2.6.orig/lib/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -23,6 +23,7 @@ STATIC_NCPLIB_BIN := $(STATIC_NCPLIB)
CCFLAGS += -I.
PIC_FLAGS := -fPIC
NWCOMPAT := 1
+LDFLAGS := @LDFLAGS@
SHARED_VLINK :=
SHARED_VLINK_CFLAGS :=
@@ -122,7 +123,7 @@ $(SHARED_NCPLIB): $(SHARED_NCPLIB_BIN)
ln -sf $< $@
$(SHARED_NCPLIB_BIN): $(SHARED_O_OBJ) ${this_srcdir}/libncp.vers
- $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(SHARED_VLINK)
$(SHARED_O_OBJ) ${LIBS} -lc
+ $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(LDFLAGS)
$(SHARED_VLINK) $(SHARED_O_OBJ) ${LIBS} -lc
install_static: $(STATIC_NCPLIB_BIN)
$(INSTALL) -d $(DESTDIR)$(libadir)
diff -Naurp ncpfs-2.2.6.orig/Make.rules.in ncpfs-2.2.6/Make.rules.in
--- ncpfs-2.2.6.orig/Make.rules.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/Make.rules.in 2014-08-12 21:06:42.369190770 -0400
@@ -42,6 +42,7 @@ CFLAGS_OPTIONS += $(CWARN)
CFLAGS_DEFINES := -DN_PLAT_LINUX -DLOCALEDIR=\"${localedir}\"
-DNCPFS_VERSION=\"${VERSION}\" -DNCPFS_PACKAGE=\"${PACKAGE}\"
CCFLAGS := $(CFLAGS_DEFINES) $(CFLAGS_OPTIONS) $(INCLUDES)
+LDFLAGS := @LDFLAGS@
# If your system is ELF, either also do a 'make install', or append the util/
# directory where the dynamic library resides to the environment
diff -Naurp ncpfs-2.2.6.orig/sutil/Makefile.in ncpfs-2.2.6/sutil/Makefile.in
--- ncpfs-2.2.6.orig/sutil/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -14,6 +14,7 @@ USE_KERNEL = @USE_KERNEL@
NDS_SUPPORT = @NDS_SUPPORT@
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS := @LDFLAGS@
# environ in ncpmount
CCFLAGS += -D_GNU_SOURCE
@@ -69,7 +70,7 @@ $(O_UTILS:.o=.d): %.d: %.c
[ -s $@ ] || rm -f $@
ncpmap.o: %.o: ncplogin.c
- $(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
ncpmap.d: %.d: ncplogin.c
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
@@ -85,7 +86,7 @@ ncpm_common.d mount_login.d: %.d: %.c
[ -s $@ ] || rm -f $@
$(UTILS): %: %.o ../lib/libncp.a ncpm_common.o mount_login.o
- $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS_$@)
../lib/libncp.a ${LIBS}
+ $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS) $(LDFLAGS_$@)
../lib/libncp.a ${LIBS}
../lib/libncp.a:
make -C ../lib libncp.a
diff -Naurp ncpfs-2.2.6.orig/util/Makefile.in ncpfs-2.2.6/util/Makefile.in
--- ncpfs-2.2.6.orig/util/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/util/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -15,6 +15,7 @@ NDS_SUPPORT = @NDS_SUPPORT@
MOUNT2 = @MOUNT2@
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS = @LDFLAGS@
O_OTHER = dsqueue.o
O_USERUTILS = slist.o pqlist.o nwfsinfo.o pserver.o nprint.o nsend.o \
@@ -83,7 +84,7 @@ install-dev:
make -C ../lib libncp.so
$(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER) ncptest.o: %.o: %.c
- $(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
%.d: %.c
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
@@ -94,10 +95,10 @@ $(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER)
pqstat nwpqjob nprint: dsqueue.o
$(UTILS): %: %.o $(LIBDEP)
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR)
-lncp ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@)
-L$(NCPLIB_DIR) -lncp ${LIBS}
ipx_probe: ipx_probe.c
- $(CC) $(CFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
dep:
