Author: randy
Date: 2008-08-11 12:02:11 -0600 (Mon, 11 Aug 2008)
New Revision: 1968
Added:
trunk/stunnel/
trunk/stunnel/stunnel-4.21-setuid-1.patch
Log:
Added an Stunnel patch that was removed from upstream
Added: trunk/stunnel/stunnel-4.21-setuid-1.patch
===================================================================
--- trunk/stunnel/stunnel-4.21-setuid-1.patch (rev 0)
+++ trunk/stunnel/stunnel-4.21-setuid-1.patch 2008-08-11 18:02:11 UTC (rev
1968)
@@ -0,0 +1,112 @@
+Submitted By: Randy McMurchy <randy_at_linuxfromscratch_dot_org>
+Date: 2008-08-11
+Initial Package Version: 4.21
+Upstream Status: From upstream
+Origin: Upstream
+Description: Fixes an issue where the stunnel daemon will not
+ drop root privileges.
+
+
+diff -Naur stunnel-4.21-orig/src/prototypes.h stunnel-4.21/src/prototypes.h
+--- stunnel-4.21-orig/src/prototypes.h 2007-10-05 15:42:48.000000000 +0000
++++ stunnel-4.21/src/prototypes.h 2008-08-11 17:43:32.000000000 +0000
+@@ -57,7 +57,6 @@
+ void main_initialize(char *, char *);
+ void main_execute(void);
+ void stunnel_info(int);
+-void drop_privileges(void);
+
+ /**************************************** Prototypes for log.c */
+
+
+diff -Naur stunnel-4.21-orig/src/stunnel.c stunnel-4.21/src/stunnel.c
+--- stunnel-4.21-orig/src/stunnel.c 2007-10-27 15:41:39.000000000 +0000
++++ stunnel-4.21/src/stunnel.c 2008-08-11 17:43:32.000000000 +0000
+@@ -3,8 +3,8 @@
+ * Copyright (c) 1998-2007 Michal Trojnara <[EMAIL PROTECTED]>
+ * All Rights Reserved
+ *
+- * Version: 4.21 (stunnel.c)
+- * Date: 2007.10.27
++ * Version: 4.22 (stunnel.c)
++ * Date: 2007.11.xx
+ *
+ * Author: Michal Trojnara <[EMAIL PROTECTED]>
+ *
+@@ -41,7 +41,7 @@
+ static void accept_connection(LOCAL_OPTIONS *);
+ static void get_limits(void); /* setup global max_clients and max_fds */
+ #if !defined (USE_WIN32) && !defined (__vms)
+-static void make_chroot(void);
++static void drop_privileges(void);
+ static void daemonize(void);
+ static void create_pid(void);
+ static void delete_pid(void);
+@@ -111,9 +111,6 @@
+ } else { /* inetd mode */
+ #if !defined (USE_WIN32) && !defined (__vms)&&!defined(USE_OS2)
+ max_fds=FD_SETSIZE; /* just in case */
+-#ifdef HAVE_CHROOT
+- make_chroot();
+-#endif /* HAVE_CHROOT */
+ drop_privileges();
+ #endif
+ num_clients=1;
+@@ -171,9 +168,6 @@
+ #if !defined (USE_WIN32) && !defined (__vms) && !defined(USE_OS2)
+ if(!(options.option.foreground))
+ daemonize();
+-#ifdef HAVE_CHROOT
+- make_chroot();
+-#endif /* HAVE_CHROOT */
+ drop_privileges();
+ create_pid();
+ #endif /* !defined USE_WIN32 && !defined (__vms) */
+@@ -299,24 +293,9 @@
+ #endif
+ }
+
+-#ifdef HAVE_CHROOT
+-static void make_chroot(void) {
+- if(options.chroot_dir) {
+- if(chroot(options.chroot_dir)) {
+- sockerror("chroot");
+- exit(1);
+- }
+- if(chdir("/")) {
+- sockerror("chdir");
+- exit(1);
+- }
+- }
+-}
+-#endif /* HAVE_CHROOT */
+-
+ #if !defined (USE_WIN32) && !defined (__vms)
+- /* set process user and group(s) id */
+-void drop_privileges(void) {
++ /* chroot and set process user and group(s) id */
++static void drop_privileges(void) {
+ int uid=0, gid=0;
+ struct group *gr;
+ #ifdef HAVE_SETGROUPS
+@@ -350,6 +329,20 @@
+ }
+ }
+
++#ifdef HAVE_CHROOT
++ /* chroot */
++ if(options.chroot_dir) {
++ if(chroot(options.chroot_dir)) {
++ sockerror("chroot");
++ exit(1);
++ }
++ if(chdir("/")) {
++ sockerror("chdir");
++ exit(1);
++ }
++ }
++#endif /* HAVE_CHROOT */
++
+ /* Set uid and gid */
+ if(gid) {
+ if(setgid(gid)) {
--
http://linuxfromscratch.org/mailman/listinfo/patches
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
