dbp/linamh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bump

Browse Source
This commit is contained in:
Mario Fetka
2022-03-01 11:46:08 +01:00
parent 961e7181bf
commit 1b10b30c02
89 changed files with 2191 additions and 3390 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
net-fs/ncpfs/files/ipx.confd Normal file
View File

@@ -0,0 +1,27 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# Config file for /etc/init.d/ipx
# Automatically selecting a primary interface.
IPX_AUTO_PRIMARY=on
# Automatically creating interfaces.
IPX_AUTO_INTERFACE=on
# Interface to which IPX sockets are bound.
IPX_DEVICE=eth0
# The IPX frame type to use.
# Valid values are: 802.2, 802.3, SNAP, & EtherII.
IPX_FRAME=802.2
# Create a special kind of IPX interface that does not
# have a physical device or frame type.
IPX_INTERNAL_NET=no
# Network number
IPX_NETNUM=1
# Node number
IPX_NODENUM=1

41
net-fs/ncpfs/files/ipx.init Normal file
View File

@@ -0,0 +1,41 @@
#!/sbin/openrc-run
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
#NB: Config is in /etc/conf.d/ipx
depend() {
need net netmount
}
start() {
local retval=0
ebegin "Bringing IPX up"
if [ ${IPX_INTERNAL_NET} = "yes" ]
then
/usr/bin/ipx_internal_net add ${IPX_NETNUM} ${IPX_NODENUM}
retval=$?
else
/usr/bin/ipx_interface add -p ${IPX_DEVICE} \
${IPX_FRAME} ${IPX_NETNUM}
retval=$?
fi
/usr/bin/ipx_configure \
--auto_primary=${IPX_AUTO_PRIMARY} \
--auto_interface=${IPX_AUTO_INTERFACE}
retval=$(( $retval + $? ))
eend ${retval} "Failed to bring IPX up"
}
stop() {
local retval=0
ebegin "Bringing IPX down"
/usr/bin/ipx_configure --auto_primary=off --auto_interface=off
retval=$?
/usr/bin/ipx_interface delall
retval=$(( $retval + $? ))
eend ${retval} "Failed to down IPX"
}

16
net-fs/ncpfs/files/ncpfs-2.2.5-php.patch Normal file
View File

@@ -0,0 +1,16 @@
--- a/contrib/php/build/rules.mk.orig 2004-12-09 13:01:04.417854240 +0000
+++ b/contrib/php/build/rules.mk 2004-12-09 13:01:42.460070944 +0000
@@ -63,10 +63,10 @@
install-modules:
@test -d modules && \
- $(mkinstalldirs) $(moduledir) && \
- echo "installing shared modules into $(moduledir)" && \
+ $(mkinstalldirs) $(DESTDIR)/$(moduledir) && \
+ echo "installing shared modules into $(DESTDIR)/$(moduledir)" && \
rm -f modules/*.la && \
- cp modules/* $(moduledir) || true
+ cp modules/* $(DESTDIR)/$(moduledir) || true
include $(builddir)/.deps

12
net-fs/ncpfs/files/ncpfs-2.2.6-align-fix.patch Normal file
View File

@@ -0,0 +1,12 @@
diff -Naurp ncpfs-2.2.6.orig/lib/ndslib.c ncpfs-2.2.6/lib/ndslib.c
--- a/lib/ndslib.c.orig 2005-01-27 12:35:59.000000000 -0500
+++ b/lib/ndslib.c 2014-08-12 21:07:35.559190454 -0400
@@ -957,7 +957,7 @@ static NWDSCCODE nds_beginauth2(
NWDSCCODE err;
int n1, n3;
u_int16_t n3a;
- char rpb_b[DEFAULT_MESSAGE_LEN];
+ char rpb_b[DEFAULT_MESSAGE_LEN] __attribute__ ((aligned (4)));
Buf_T rpb;
size_t k1tl;

31
net-fs/ncpfs/files/ncpfs-2.2.6-drop-kernel-check.patch Normal file
View File

@@ -0,0 +1,31 @@
Description: Drop kernel version check
Author: Bastian Blank <waldi@debian.org>
Bug-Debian: http://bugs.debian.org/692472
--- a/sutil/ncpm_common.c.orig
+++ b/sutil/ncpm_common.c
@@ -243,23 +243,6 @@ static int load_ncpfs(void)
#endif /* MOUNT2 */
static int getmountver(void) {
- struct utsname name;
- int maj, mid, rev;
- int ver;
-
- if (uname(&name)) {
- errexit(1, _("Cannot get kernel release\n"));
- }
- if (sscanf(name.release, "%d.%d.%d", &maj, &mid, &rev) != 3) {
- errexit(2, _("Cannot convert kernel release \"%s\" to number\n"), name.release);
- }
- ver = maj*0x10000 + mid*0x100 + rev;
- if (ver < 0x20100)
- return 2;
- if (ver < 0x20328)
- return 3;
- if (ver < 0x2051F)
- return 4;
return 5;
}

269
net-fs/ncpfs/files/ncpfs-2.2.6-drop-mtab-support.patch Normal file
View File

@@ -0,0 +1,269 @@
diff -Naurp ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
--- a/sutil/ncplogin.c.orig 2014-08-13 02:52:56.859067273 -0400
+++ b/sutil/ncplogin.c 2014-08-13 02:53:42.699067001 -0400
@@ -111,7 +111,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <sys/ioctl.h>
#ifdef CONFIG_NATIVE_UNIX
@@ -935,12 +934,6 @@ ncpipx:;
}
NWCCCloseConn(conn);
NWDSFreeContext(ctx);
- /* ncpmap, ncplogin must write in /etc/mtab */
- {
- block_sigs();
- add_mnt_entry(mount_name, mount_point, info.flags);
- unblock_sigs();
- }
free(mount_name);
if (info.echo_mnt_pnt) {
printf(_("mounted on:%s\n"),mount_point);
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c 2014-08-13 02:52:56.959067273 -0400
+++ ncpfs-2.2.6/sutil/ncpm_common.c 2014-08-13 02:55:38.349066313 -0400
@@ -104,7 +104,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <sys/ioctl.h>
#if MOUNT3
@@ -1423,68 +1422,6 @@ static const struct smntflags {
{MS_NODIRATIME, "nodiratime"},
{0, NULL}};
-void add_mnt_entry(char* mount_name, char* mpnt, unsigned long flags) {
- const struct smntflags* sf;
- char mnt_opts[80];
- char* p;
- struct mntent ment;
- int fd;
- FILE* mtab;
-
- if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
- errexit(107, _("Illegal character in mount entry\n"));
-
- ment.mnt_fsname = mount_name;
- ment.mnt_dir = mpnt;
- ment.mnt_type = (char*)"ncpfs";
- ment.mnt_opts = mnt_opts;
- ment.mnt_freq = 0;
- ment.mnt_passno = 0;
-
- p = mnt_opts;
- *p++ = 'r';
- *p++ = (flags & MS_RDONLY)?'o':'w';
- for (sf = mntflags; sf->flag; sf++) {
- if (flags & sf->flag) {
- *p++ = ',';
- strcpy(p, sf->name);
- p += strlen(p);
- }
- }
- *p = 0;
-
- if (ncpm_suser()) {
- errexit(91, _("Cannot switch to superuser: %s\n"), strerror(errno));
- }
- if ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1)
- {
- errexit(58, _("Can't get %s~ lock file\n"), MOUNTED);
- }
- close(fd);
-
- if ((mtab = setmntent(MOUNTED, "a+")) == NULL)
- {
- errexit(59, _("Can't open %s\n"), MOUNTED);
- }
- if (addmntent(mtab, &ment) == 1)
- {
- errexit(60, _("Can't write mount entry\n"));
- }
- if (fchmod(fileno(mtab), 0644) == -1)
- {
- errexit(61, _("Can't set perms on %s\n"), MOUNTED);
- }
- endmntent(mtab);
-
- if (unlink(MOUNTED "~") == -1)
- {
- errexit(62, _("Can't remove %s~\n"), MOUNTED);
- }
- if (ncpm_normal()) {
- errexit(90, _("Cannot relinquish superuser rights: %s\n"), strerror(EPERM));
- }
-}
-
static int __proc_option(const struct optinfo* opts, struct ncp_mount_info* info, const char* opt, const char* param) {
const struct optinfo* optr;
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpm_common.h ncpfs-2.2.6/sutil/ncpm_common.h
--- ncpfs-2.2.6.orig/sutil/ncpm_common.h 2014-08-13 02:52:56.749067274 -0400
+++ ncpfs-2.2.6/sutil/ncpm_common.h 2014-08-13 02:53:42.699067001 -0400
@@ -60,7 +60,6 @@ void verify_argv(int argc, char* argv[])
int ncp_mount_specific(struct ncp_conn* conn, int pathNS, const unsigned char* NWpath, int pathlen);
int mount_ok(struct stat *st);
void mycom_err(int, const char*, ...);
-void add_mnt_entry(char* mount_name, char* mpoint, unsigned long flags);
struct ncp_mount_info {
struct ncp_mount_data_independent mdata;
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpmount.c ncpfs-2.2.6/sutil/ncpmount.c
--- ncpfs-2.2.6.orig/sutil/ncpmount.c 2014-08-13 02:52:56.749067274 -0400
+++ ncpfs-2.2.6/sutil/ncpmount.c 2014-08-13 02:53:42.699067001 -0400
@@ -114,7 +114,6 @@
#include <stdlib.h>
#include <stdarg.h>
#include <sys/mount.h>
-#include <mntent.h>
#include <ncp/kernel/ipx.h>
#include <ncp/nwclient.h>
#include <sys/ioctl.h>
@@ -719,11 +718,6 @@ ncpipx:;
}
ncp_close(conn);
- if (!opt_n) {
- block_sigs();
- add_mnt_entry(mount_name, mount_point, info.flags);
- unblock_sigs();
- }
return 0;
}
diff -Naurp ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
--- ncpfs-2.2.6.orig/sutil/ncpumount.c 2014-08-13 02:52:56.749067274 -0400
+++ ncpfs-2.2.6/sutil/ncpumount.c 2014-08-13 02:55:10.369066480 -0400
@@ -179,108 +179,6 @@ static void enableAlarm(void) {
sigprocmask(SIG_UNBLOCK, &sa.sa_mask, NULL);
}
-static int __clearMtab (const char* mount_points[], unsigned int numEntries) {
-// main logic from ncpumount.c
- struct mntent *mnt;
- FILE *mtab;
- FILE *new_mtab;
-
-#define MOUNTED_TMP MOUNTED".tmp"
-
- if ((mtab = setmntent(MOUNTED, "r")) == NULL){
- eprintf(_("Can't open %s: %s\n"), MOUNTED,
- strerror(errno));
- return 1;
- }
-
- if ((new_mtab = setmntent(MOUNTED_TMP, "w")) == NULL){
- eprintf(_("Can't open %s: %s\n"), MOUNTED_TMP,
- strerror(errno));
- endmntent(mtab);
- return 1;
- }
- while ((mnt = getmntent(mtab)) != NULL) {
- unsigned int i=0;
- int found=0;
-
- while (i<numEntries && !found) {
- found=!strcmp(mnt->mnt_dir, mount_points[i]);
- i++;
- }
- if (!found) {
- addmntent(new_mtab, mnt);
- }
- }
-
- endmntent(mtab);
-
- if (fchmod(fileno(new_mtab), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) < 0){
- eprintf(_("Error changing mode of %s: %s\n"),
- MOUNTED_TMP, strerror(errno));
- return 1;
- }
- endmntent(new_mtab);
-
- if (rename(MOUNTED_TMP, MOUNTED) < 0){
- eprintf(_("Cannot rename %s to %s: %s\n"),
- MOUNTED, MOUNTED_TMP, strerror(errno));
- return 1;
- }
- return 0;
-}
-
-static int clearMtab (const char* mount_points[], unsigned int numEntries) {
- int fd;
- int err;
- int retries = 10;
-
- if (!numEntries)
- return 0; /* don't waste time ! */
-
- block_sigs();
-
- while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) {
- struct timespec tm;
-
- if (errno != EEXIST || retries == 0) {
- unblock_sigs();
- eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno));
- return 1;
- }
- fd = open(MOUNTED "~", O_RDWR);
- if (fd != -1) {
- alarm(10);
- err = lockf(fd, F_LOCK, 0);
- alarm(0);
- close(fd);
- if (err) {
- unblock_sigs();
- eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out"));
- return 1;
- }
- tm.tv_sec = 0;
- tm.tv_nsec = 20000000;
- nanosleep(&tm, NULL);
- }
- retries--;
- }
- alarm(1);
- lockf(fd, F_LOCK, 0);
- alarm(0);
- close(fd);
-
- err = __clearMtab(mount_points, numEntries);
-
- if ((unlink(MOUNTED "~") == -1) && (err == 0)){
- unblock_sigs();
- eprintf(_("Can't remove %s~"), MOUNTED);
- return 1;
- }
- unblock_sigs();
- return err;
-}
-
-
int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt)
{
if (umount(rel_mnt) != 0) {
@@ -617,10 +515,6 @@ static int old_ncpumount(int argc, char
ret = 1;
continue;
}
- if (clearMtab(&mount_point, 1)) {
- ret = 1;
- continue;
- }
}
return ret;
}
@@ -739,7 +633,6 @@ main(int argc, char *argv[])
if (serverName || allConns) {
processBindServers(conns,curEntries,serverName,umountTable,&mountEntries);
}
- clearMtab(umountTable, mountEntries);
} else if (treeName) {
eprintf(_("No NCP connections to tree %s.\n"),treeName);
} else if (serverName) {

36
net-fs/ncpfs/files/ncpfs-2.2.6-gcc4.patch Normal file
View File

@@ -0,0 +1,36 @@
diff -ur ncpfs-2.2.6-orig/lib/ncplib.c ncpfs-2.2.6/lib/ncplib.c
--- a/lib/ncplib.c.orig 2006-01-13 16:55:05.000000000 -0500
+++ b/lib/ncplib.c 2006-01-13 16:56:08.000000000 -0500
@@ -2421,7 +2421,7 @@
int i = 1;
NWCCODE nwerr;
- static int get_argument(int arg_no, const char **target) {
+ int get_argument(int arg_no, const char **target) {
int count = 1;
if (target != NULL) {
diff -ur ncpfs-2.2.6-orig/util/nwpjmv.c ncpfs-2.2.6/util/nwpjmv.c
--- ncpfs-2.2.6-orig/util/nwpjmv.c 2006-01-13 16:55:05.000000000 -0500
+++ ncpfs-2.2.6/util/nwpjmv.c 2006-01-13 16:55:50.000000000 -0500
@@ -131,7 +131,7 @@
char *s = q->command;
char *target_end = target + target_size;
- static void add_string(const char *str)
+ void add_string(const char *str)
{
int len = strlen(str);
if (target + len + 1 > target_end)
diff -ur ncpfs-2.2.6-orig/util/pserver.c ncpfs-2.2.6/util/pserver.c
--- ncpfs-2.2.6-orig/util/pserver.c 2006-01-13 16:55:05.000000000 -0500
+++ ncpfs-2.2.6/util/pserver.c 2006-01-13 16:55:36.000000000 -0500
@@ -153,7 +153,7 @@
char *s = q->command;
char *target_end = target + target_size;
- static void add_string(const char *str)
+ void add_string(const char *str)
{
int len = strlen(str);
if (target + len + 1 > target_end)

124
net-fs/ncpfs/files/ncpfs-2.2.6-getuid-fix.patch Normal file
View File

@@ -0,0 +1,124 @@
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/chgpwd.c ncpfs-2.2.6/contrib/tcl-utils/chgpwd.c
--- a/contrib/tcl-utils/chgpwd.c.orig 2005-01-27 12:35:59.000000000 -0500
+++ b/contrib/tcl-utils/chgpwd.c 2014-08-12 21:08:25.779190155 -0400
@@ -292,12 +292,12 @@ int main(int argc, char *argv[]) {
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
fprintf(stderr,"failed: You must specify a server or a tree\n");
- dserr=114;
+ /*dserr=114;*/
goto finished;
}
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncplist.c ncpfs-2.2.6/contrib/tcl-utils/ncplist.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncplist.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncplist.c 2014-08-12 21:08:25.779190155 -0400
@@ -299,7 +299,12 @@ int main(int argc, char *argv[]) {
}else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ if (dserr){
+ fprintf(stderr, "failed: Cannot get preffered DS tree: %s\n",
+ strnwerror(dserr);
+ exit(106);
+ }
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprop.c ncpfs-2.2.6/contrib/tcl-utils/ncpreadprop.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprop.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncpreadprop.c 2014-08-12 21:08:25.779190155 -0400
@@ -470,7 +470,7 @@ main(int argc, char *argv[])
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprops.c ncpfs-2.2.6/contrib/tcl-utils/ncpreadprops.c
--- ncpfs-2.2.6.orig/contrib/tcl-utils/ncpreadprops.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/tcl-utils/ncpreadprops.c 2014-08-12 21:08:25.779190155 -0400
@@ -507,7 +507,7 @@ main(int argc, char *argv[])
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
diff -Naurp ncpfs-2.2.6.orig/lib/nwclient.c ncpfs-2.2.6/lib/nwclient.c
--- ncpfs-2.2.6.orig/lib/nwclient.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/nwclient.c 2014-08-12 21:08:25.779190155 -0400
@@ -481,6 +481,10 @@ static char* readnwinfosfile (char * use
*err = EACCES;
return NULL;
}
+ if (st.st_uid != getuid()) {
+ *err = EACCES;
+ return NULL;
+ }
if ((st.st_mode & (S_IRWXO | S_IRWXG)) != 0) {
*err = NCPLIB_INVALID_MODE;
return NULL;
@@ -560,7 +564,7 @@ NWDSCCODE NWCXGetPreferredDSTree (NWD
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_TREE,NULL, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(preferTree,res);
@@ -581,7 +585,7 @@ NWDSCCODE NWCXGetDefaultNameContext (con
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_NAME_CTX,forTree,&err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(nameContext,res);
@@ -603,7 +607,7 @@ NWDSCCODE NWCXGetPreferredServer (con
res=readnwinfosfile (NULL, NDS_PREFERRED_SERVER, forTree, &err);
if (!res) {
- return -1;
+ return err;
}
}
/* test that this server DO belongs to tree forTree*/
@@ -644,7 +648,7 @@ NWDSCCODE NWCXGetDefaultUserName (const
if (!res)
res=readnwinfosfile (NULL,NDS_USER,forTree, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(defaultName,res);
diff -Naurp ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
--- ncpfs-2.2.6.orig/sutil/ncplogin.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncplogin.c 2014-08-12 21:08:25.779190155 -0400
@@ -588,7 +588,10 @@ main(int argc, char *argv[])
int flags = 0;
if (!info.tree) {
- NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ err=NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ if (err){
+ errexit(104, _("Cannot get preffered DS tree: %s\n"),strnwerror(err));
+ }
info.tree = ntree;
}

153
net-fs/ncpfs/files/ncpfs-2.2.6-ldflags-support.patch Normal file
View File

@@ -0,0 +1,153 @@
diff -Naurp ncpfs-2.2.6.orig/contrib/pam/Makefile.in ncpfs-2.2.6/contrib/pam/Makefile.in
--- a/contrib/pam/Makefile.in.orig 2005-01-27 12:35:59.000000000 -0500
+++ b/contrib/pam/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -17,6 +17,7 @@ PAM_LIBRARY = pam_ncp_auth.so
PAM_OBJECTS = pam_ncp_auth.do support.do
CFLAGS_pam_ncp_auth.do := -DNCPMOUNT_PATH=\"$(bindir)/ncpmount\" -DNCPUMOUNT_PATH=\"$(bindir)/ncpumount\"
+LDFLAGS = @LDFLAGS@
.PHONY : all install install-dev dep clean mrproper distclean
.PHONY : default
@@ -45,7 +46,7 @@ $(PAM_OBJECTS): %.do: %.c
$(PAM_LIBRARY): $(PAM_OBJECTS)
- $(CC) $(CFLAGS) -shared -o $@ $(PAM_OBJECTS) -L$(NCPLIB_DIR) -lncp -lpam ${LIBS}
+ $(CC) $(CFLAGS) -shared $(LDFLAGS) -o $@ $(PAM_OBJECTS) -L$(NCPLIB_DIR) -lncp -lpam ${LIBS}
dep:
diff -Naurp ncpfs-2.2.6.orig/ipx-1.0/Makefile.in ncpfs-2.2.6/ipx-1.0/Makefile.in
--- ncpfs-2.2.6.orig/ipx-1.0/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/ipx-1.0/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -9,6 +9,7 @@ vpath %.c ${this_srcdir}
vpath %.8 ${this_srcdir}
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS = @LDFLAGS@
O_UTILS = ipx_configure.o ipx_cmd.o
O_UTIIPX = ipx_interface.o ipx_internal_net.o ipx_route.o
@@ -33,7 +34,7 @@ $(ALL_OBJECTS): %.o: %.c
[ -s $@ ] || rm -f $@
$(UTIIPX): %: %.o ipxutil.o
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
$(UTILS): %: %.o
$(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ${LIBS}
diff -Naurp ncpfs-2.2.6.orig/ipxdump/Makefile.in ncpfs-2.2.6/ipxdump/Makefile.in
--- ncpfs-2.2.6.orig/ipxdump/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/ipxdump/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -11,6 +11,7 @@ ncp_if_ether_support = @ncp_if_ether_sup
OBJECTS= ipxutil.o
ALL_OBJECTS := $(EXEC:%=%.o) $(OBJECTS)
+LDFLAGS = @LDFLAGS@
.PHONY : all install dep clean mrproper distclean
.PHONY : dist tgz
@@ -24,7 +25,7 @@ install: $(EXEC)
ifeq ($(ncp_if_ether_support),yes)
$(EXEC): %: %.o $(OBJECTS)
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
else
.PHONY ipxdump ipxparse
diff -Naurp ncpfs-2.2.6.orig/lib/Makefile.in ncpfs-2.2.6/lib/Makefile.in
--- ncpfs-2.2.6.orig/lib/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/lib/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -23,6 +23,7 @@ STATIC_NCPLIB_BIN := $(STATIC_NCPLIB)
CCFLAGS += -I.
PIC_FLAGS := -fPIC
NWCOMPAT := 1
+LDFLAGS := @LDFLAGS@
SHARED_VLINK :=
SHARED_VLINK_CFLAGS :=
@@ -122,7 +123,7 @@ $(SHARED_NCPLIB): $(SHARED_NCPLIB_BIN)
ln -sf $< $@
$(SHARED_NCPLIB_BIN): $(SHARED_O_OBJ) ${this_srcdir}/libncp.vers
- $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(SHARED_VLINK) $(SHARED_O_OBJ) ${LIBS} -lc
+ $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(LDFLAGS) $(SHARED_VLINK) $(SHARED_O_OBJ) ${LIBS} -lc
install_static: $(STATIC_NCPLIB_BIN)
$(INSTALL) -d $(DESTDIR)$(libadir)
diff -Naurp ncpfs-2.2.6.orig/Make.rules.in ncpfs-2.2.6/Make.rules.in
--- ncpfs-2.2.6.orig/Make.rules.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/Make.rules.in 2014-08-12 21:06:42.369190770 -0400
@@ -42,6 +42,7 @@ CFLAGS_OPTIONS += $(CWARN)
CFLAGS_DEFINES := -DN_PLAT_LINUX -DLOCALEDIR=\"${localedir}\" -DNCPFS_VERSION=\"${VERSION}\" -DNCPFS_PACKAGE=\"${PACKAGE}\"
CCFLAGS := $(CFLAGS_DEFINES) $(CFLAGS_OPTIONS) $(INCLUDES)
+LDFLAGS := @LDFLAGS@
# If your system is ELF, either also do a 'make install', or append the util/
# directory where the dynamic library resides to the environment
diff -Naurp ncpfs-2.2.6.orig/sutil/Makefile.in ncpfs-2.2.6/sutil/Makefile.in
--- ncpfs-2.2.6.orig/sutil/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -14,6 +14,7 @@ USE_KERNEL = @USE_KERNEL@
NDS_SUPPORT = @NDS_SUPPORT@
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS := @LDFLAGS@
# environ in ncpmount
CCFLAGS += -D_GNU_SOURCE
@@ -69,7 +70,7 @@ $(O_UTILS:.o=.d): %.d: %.c
[ -s $@ ] || rm -f $@
ncpmap.o: %.o: ncplogin.c
- $(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
ncpmap.d: %.d: ncplogin.c
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
@@ -85,7 +86,7 @@ ncpm_common.d mount_login.d: %.d: %.c
[ -s $@ ] || rm -f $@
$(UTILS): %: %.o ../lib/libncp.a ncpm_common.o mount_login.o
- $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS_$@) ../lib/libncp.a ${LIBS}
+ $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS) $(LDFLAGS_$@) ../lib/libncp.a ${LIBS}
../lib/libncp.a:
make -C ../lib libncp.a
diff -Naurp ncpfs-2.2.6.orig/util/Makefile.in ncpfs-2.2.6/util/Makefile.in
--- ncpfs-2.2.6.orig/util/Makefile.in 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/util/Makefile.in 2014-08-12 21:06:42.369190770 -0400
@@ -15,6 +15,7 @@ NDS_SUPPORT = @NDS_SUPPORT@
MOUNT2 = @MOUNT2@
LIBS = @INTLLIBS@ @LIBS@
+LDFLAGS = @LDFLAGS@
O_OTHER = dsqueue.o
O_USERUTILS = slist.o pqlist.o nwfsinfo.o pserver.o nprint.o nsend.o \
@@ -83,7 +84,7 @@ install-dev:
make -C ../lib libncp.so
$(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER) ncptest.o: %.o: %.c
- $(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
%.d: %.c
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
@@ -94,10 +95,10 @@ $(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER)
pqstat nwpqjob nprint: dsqueue.o
$(UTILS): %: %.o $(LIBDEP)
- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR) -lncp ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR) -lncp ${LIBS}
ipx_probe: ipx_probe.c
- $(CC) $(CFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
+ $(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
dep:

10
net-fs/ncpfs/files/ncpfs-2.2.6-makefile-fix-ldconfig.patch Normal file
View File

@@ -0,0 +1,10 @@
--- ncpfs-2.2.6/lib/Makefile.in.orig 2022-02-25 15:54:07.588073484 +0100
+++ ncpfs-2.2.6/lib/Makefile.in 2022-02-25 15:54:21.301573681 +0100
@@ -99,7 +99,6 @@
install_shared: $(SHARED_NCPLIB_BIN)
$(INSTALL) -d $(DESTDIR)$(libsodir)
$(INSTALL) $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)
- -ldconfig
install-dev: install_shared install_static
ln -sf $(SHARED_NCPLIB_SONAME) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB)

15
net-fs/ncpfs/files/ncpfs-2.2.6-makefile-fix-soname-link.patch Normal file
View File

@@ -0,0 +1,15 @@
diff -Naurp ncpfs-2.2.6.orig/lib/Makefile.in ncpfs-2.2.6/lib/Makefile.in
--- a/lib/Makefile.in.orig 2014-08-12 23:23:27.149141996 -0400
+++ b/lib/Makefile.in 2014-08-12 23:23:55.969141824 -0400
@@ -99,9 +99,10 @@ distclean: mrproper
install_shared: $(SHARED_NCPLIB_BIN)
$(INSTALL) -d $(DESTDIR)$(libsodir)
$(INSTALL) $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)
+ ln -sf $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB)
+ ln -sf $(SHARED_NCPLIB_BIN) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB_SONAME)
install-dev: install_shared install_static
- ln -sf $(SHARED_NCPLIB_SONAME) $(DESTDIR)$(libsodir)/$(SHARED_NCPLIB)
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp/ext
$(INSTALL) -d $(DESTDIR)$(includedir)/ncp/kernel

22
net-fs/ncpfs/files/ncpfs-2.2.6-missing-includes.patch Normal file
View File

@@ -0,0 +1,22 @@
diff -ruN ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c ncpfs-2.2.6-fixed/contrib/pam/pam_ncp_auth.c
--- a/contrib/pam/pam_ncp_auth.c.orig 2005-01-27 18:35:59.000000000 +0100
+++ a/contrib/pam/pam_ncp_auth.c 2007-05-11 21:38:05.143474750 +0200
@@ -257,6 +257,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <syslog.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
diff -ruN ncpfs-2.2.6/sutil/ncpm_common.c ncpfs-2.2.6-fixed/sutil/ncpm_common.c
--- ncpfs-2.2.6/sutil/ncpm_common.c 2005-01-27 18:35:59.000000000 +0100
+++ ncpfs-2.2.6-fixed/sutil/ncpm_common.c 2007-05-11 21:38:29.609003750 +0200
@@ -82,6 +82,7 @@
#include "ncpm_common.h"
+#include <stddef.h>
#include <stdio.h>
#include <string.h>
#include <signal.h>

557
net-fs/ncpfs/files/ncpfs-2.2.6-multiple-vulns.patch Normal file
View File

@@ -0,0 +1,557 @@
From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Fri, 5 Mar 2010 12:06:01 -0500
============================================
ncpfs, Multiple Vulnerabilities
March 5, 2010
CVE-2010-0788, CVE-2010-0790, CVE-2010-0791
============================================
==Description==
The ncpmount, ncpumount, and ncplogin utilities, installed as part of the ncpfs
package, contain several vulnerabilities.
1. ncpmount, ncpumount, and ncplogin are vulnerable to race conditions that
allow a local attacker to unmount arbitrary mountpoints, causing
denial-of-service, or mount Netware shares to arbitrary directories,
potentially leading to root compromise. This issue was formerly assigned
CVE-2009-3297, but has since been re-assigned CVE-2010-0788 to avoid overlap
with related bugs in other packages.
2. ncpumount is vulnerable to an information disclosure vulnerability that
allows a local attacker to verify the existence of arbitrary files, violating
directory permissions. This issue has been assigned CVE-2010-0790.
3. ncpmount, ncpumount, and ncplogin create lockfiles insecurely, allowing a
local attacker to leave a stale lockfile at /etc/mtab~, causing other mount
utilities to fail and creating denial-of-service conditions. This issue has
been assigned CVE-2010-0791.
==Workaround==
If unprivileged users do not need the ability to mount and unmount Netware
shares, then the suid bit should be removed from these utilities.
==Solution==
A patch has been released that resolves these issues (attached to this
advisory). ncpfs-2.2.6.partial.patch is intended for ncpfs releases that have
already been patched against the first vulnerability in this report
(CVE-2010-0788, formerly CVE-2009-3297). It has been tested against the latest
ncpfs packages distributed by Fedora, Red Hat, and Mandriva.
ncpfs-2.2.6.full.patch is intended for ncpfs releases that have not been
patched against any of these vulnerabilities. It has been tested against the
latest ncpfs packages distributed by Debian, Ubuntu, and the upstream release
(ftp://platan.vc.cvut.cz/pub/linux/ncpfs/).
Users are advised to recompile from source, or request updated packages from
downstream distributors.
==Credits==
These vulnerabilities were discovered by Dan Rosenberg
(dan.j.rosenberg () gmail com).
Thanks to Vitezslav Crhonek for the patch against the first issue.
==References==
CVE identifiers CVE-2010-0788, CVE-2010-0790, and CVE-2010-0791 have been
assigned to these issues.
http://seclists.org/fulldisclosure/2010/Mar/122
diff -ur ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
--- a/sutil/ncplogin.c.orig 2010-03-03 16:18:59.000000000 -0500
+++ b/sutil/ncplogin.c 2010-03-03 16:17:41.000000000 -0500
@@ -934,7 +934,9 @@
NWDSFreeContext(ctx);
/* ncpmap, ncplogin must write in /etc/mtab */
{
+ block_sigs();
add_mnt_entry(mount_name, mount_point, info.flags);
+ unblock_sigs();
}
free(mount_name);
if (info.echo_mnt_pnt) {
diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c 2010-03-03 16:18:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncpm_common.c 2010-03-03 16:17:41.000000000 -0500
@@ -360,7 +360,7 @@
#endif
static inline int ncpm_suser(void) {
- return setreuid(-1, 0);
+ return setresuid(0, 0, myuid);
}
static int ncpm_normal(void) {
@@ -368,11 +368,31 @@
int v;
e = errno;
- v = setreuid(-1, myuid);
+ v = setresuid(myuid, myuid, 0);
errno = e;
return v;
}
+void block_sigs(void) {
+
+ sigset_t mask, orig_mask;
+ sigfillset(&mask);
+
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
+ errexit(-1, _("Blocking signals failed.\n"));
+ }
+}
+
+void unblock_sigs(void) {
+
+ sigset_t mask, orig_mask;
+ sigemptyset(&mask);
+
+ if (sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
+ errexit(-1, _("Un-blocking signals failed.\n"));
+ }
+}
+
static int proc_ncpm_mount(const char* source, const char* target, const char* filesystem, unsigned long mountflags, const void* data) {
int v;
int e;
@@ -444,7 +464,7 @@
}
datav2.file_mode = data->file_mode;
datav2.dir_mode = data->dir_mode;
- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav2);
+ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav2);
if (err)
return errno;
return 0;
@@ -508,7 +528,7 @@
exit(0); /* Should not return from process_connection */
}
close(pp[0]);
- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav3);
+ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav3);
if (err) {
err = errno;
/* Mount unsuccesful so we have to kill daemon */
@@ -559,7 +579,7 @@
sprintf(mountopts, "version=%u,flags=%u,owner=%u,uid=%u,gid=%u,mode=%u,dirmode=%u,timeout=%u,retry=%u,wdogpid=%u,ncpfd=%u,infofd=%u",
NCP_MOUNT_VERSION_V5, ncpflags, data->mounted_uid, data->uid, data->gid, data->file_mode,
data->dir_mode, data->time_out, data->retry_count, wdog_pid, data->ncp_fd, pp[1]);
- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, mountopts);
+ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, mountopts);
} else {
err=-1;
}
@@ -577,7 +597,7 @@
datav4.file_mode = data->file_mode;
datav4.dir_mode = data->dir_mode;
datav4.wdog_pid = wdog_pid;
- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*)&datav4);
+ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*)&datav4);
if (err) {
err = errno;
/* Mount unsuccesful so we have to kill daemon */
@@ -1395,6 +1415,17 @@
}
#endif /* MOUNT3 */
+static int check_name(const char *name)
+{
+ char *s;
+ for (s = "\n\t\\"; *s; s++) {
+ if (strchr(name, *s)) {
+ return -1;
+ }
+ }
+ return 0;
+}
+
static const struct smntflags {
unsigned int flag;
const char* name;
@@ -1416,6 +1447,9 @@
int fd;
FILE* mtab;
+ if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
+ errexit(107, _("Illegal character in mount entry\n"));
+
ment.mnt_fsname = mount_name;
ment.mnt_dir = mpnt;
ment.mnt_type = (char*)"ncpfs";
diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.h ncpfs-2.2.6/sutil/ncpm_common.h
--- ncpfs-2.2.6.orig/sutil/ncpm_common.h 2010-03-03 16:18:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncpm_common.h 2010-03-03 16:17:41.000000000 -0500
@@ -121,6 +121,9 @@
int proc_aftermount(const struct ncp_mount_info* info, NWCONN_HANDLE* conn);
int proc_ncpm_umount(const char* dir);
+void block_sigs(void);
+void unblock_sigs(void);
+
#define UNUSED(x) x __attribute__((unused))
#endif /* __NCPM_COMMON_H__ */
diff -ur ncpfs-2.2.6.orig/sutil/ncpmount.c ncpfs-2.2.6/sutil/ncpmount.c
--- ncpfs-2.2.6.orig/sutil/ncpmount.c 2010-03-03 16:18:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncpmount.c 2010-03-03 16:17:41.000000000 -0500
@@ -359,11 +359,17 @@
usage();
return -1;
}
+
realpath(argv[optind], mount_point);
- if (stat(mount_point, &st) == -1)
+ if (chdir(mount_point))
+ {
+ errexit(31, _("Could not change directory into mount target %s: %s\n"),
+ mount_point, strerror(errno));
+ }
+ if (stat(".", &st) == -1)
{
- errexit(31, _("Could not find mount point %s: %s\n"),
+ errexit(31, _("Mount point %s does not exist: %s\n"),
mount_point, strerror(errno));
}
if (mount_ok(&st) != 0)
@@ -714,7 +720,9 @@
ncp_close(conn);
if (!opt_n) {
+ block_sigs();
add_mnt_entry(mount_name, mount_point, info.flags);
+ unblock_sigs();
}
return 0;
}
diff -ur ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
--- ncpfs-2.2.6.orig/sutil/ncpumount.c 2010-03-03 16:18:59.000000000 -0500
+++ ncpfs-2.2.6/sutil/ncpumount.c 2010-03-03 16:17:41.000000000 -0500
@@ -70,13 +70,24 @@
#include <mntent.h>
#include <pwd.h>
+#include <sched.h>
+
#include "private/libintl.h"
#define _(X) X
+#ifndef MS_REC
+#define MS_REC 16384
+#endif
+#ifndef MS_SLAVE
+#define MS_SLAVE (1<<19)
+#endif
+
static char *progname;
static int is_ncplogout = 0;
+uid_t uid;
+
static void
usage(void)
{
@@ -117,6 +128,40 @@
va_end(ap);
}
+/* Mostly copied from ncpm_common.c */
+void block_sigs(void) {
+
+ sigset_t mask, orig_mask;
+ sigfillset(&mask);
+ sigdelset(&mask, SIGALRM); /* Need SIGALRM for ncpumount */
+
+ if(setresuid(0, 0, uid) < 0) {
+ eprintf("Failed to raise privileges.\n");
+ exit(-1);
+ }
+
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
+ eprintf("Blocking signals failed.\n");
+ exit(-1);
+ }
+}
+
+void unblock_sigs(void) {
+
+ sigset_t mask, orig_mask;
+ sigemptyset(&mask);
+
+ if(setresuid(uid, uid, 0) < 0) {
+ eprintf("Failed to drop privileges.\n");
+ exit(-1);
+ }
+
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
+ eprintf("Un-blocking signals failed.\n");
+ exit(-1);
+ }
+}
+
static void alarmSignal(int sig) {
(void)sig;
}
@@ -192,10 +237,13 @@
if (!numEntries)
return 0; /* don't waste time ! */
+ block_sigs();
+
while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) {
struct timespec tm;
if (errno != EEXIST || retries == 0) {
+ unblock_sigs();
eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno));
return 1;
}
@@ -206,6 +254,7 @@
alarm(0);
close(fd);
if (err) {
+ unblock_sigs();
eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out"));
return 1;
}
@@ -223,26 +272,205 @@
err = __clearMtab(mount_points, numEntries);
if ((unlink(MOUNTED "~") == -1) && (err == 0)){
+ unblock_sigs();
eprintf(_("Can't remove %s~"), MOUNTED);
return 1;
}
+ unblock_sigs();
return err;
}
+
+int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt)
+{
+ if (umount(rel_mnt) != 0) {
+ eprintf(_("Could not umount %s: %s\n"),
+ abs_mnt, strerror(errno));
+ return -1;
+ }
+ return 0;
+}
+
+
+static int check_is_mount_child(void *p)
+{
+ const char **a = p;
+ const char *last = a[0];
+ const char *mnt = a[1];
+ int res;
+ const char *procmounts = "/proc/mounts";
+ int found;
+ FILE *fp;
+ struct mntent *entp;
+
+ res = mount("", "/", "", MS_SLAVE | MS_REC, NULL);
+ if (res == -1) {
+ eprintf(_("Failed to mark mounts slave: %s\n"),
+ strerror(errno));
+ return 1;
+ }
+
+ res = mount(".", "/tmp", "", MS_BIND | MS_REC, NULL);
+ if (res == -1) {
+ eprintf(_("Failed to bind parent to /tmp: %s\n"),
+ strerror(errno));
+ return 1;
+ }
+
+ fp = setmntent(procmounts, "r");
+ if (fp == NULL) {
+ eprintf(_("Failed to open %s: %s\n"),
+ procmounts, strerror(errno));
+ return 1;
+ }
+
+ found = 0;
+ while ((entp = getmntent(fp)) != NULL) {
+ if (strncmp(entp->mnt_dir, "/tmp/", 5) == 0 &&
+ strcmp(entp->mnt_dir + 5, last) == 0) {
+ found = 1;
+ break;
+ }
+ }
+ endmntent(fp);
+
+ if (!found) {
+ eprintf(_("%s not mounted\n"), mnt);
+ return 1;
+ }
+
+ return 0;
+}
+
+
+static int check_is_mount(const char *last, const char *mnt)
+{
+ char buf[131072];
+ pid_t pid, p;
+ int status;
+ const char *a[2] = { last, mnt };
+
+ pid = clone(check_is_mount_child, buf + 65536, CLONE_NEWNS, (void *) a);
+ if (pid == (pid_t) -1) {
+ eprintf(_("Failed to clone namespace: %s\n"),
+ strerror(errno));
+ return -1;
+ }
+ p = waitpid(pid, &status, __WCLONE);
+ if (p == (pid_t) -1) {
+ eprintf(_("Waitpid failed: %s\n"),
+ strerror(errno));
+ return -1;
+ }
+ if (!WIFEXITED(status)) {
+ eprintf(_("Child terminated abnormally (status %i)\n"),
+ status);
+ return -1;
+ }
+ if (WEXITSTATUS(status) != 0)
+ return -1;
+
+ return 0;
+}
+
+
+static int chdir_to_parent(char *copy, const char **lastp, int *currdir_fd)
+{
+ char *tmp;
+ const char *parent;
+ char buf[PATH_MAX];
+ int res;
+
+ tmp = strrchr(copy, '/');
+ if (tmp == NULL || tmp[1] == '\0') {
+ eprintf(_("Internal error: invalid abs path: <%s>\n"),
+ copy);
+ return -1;
+ }
+ if (tmp != copy) {
+ *tmp = '\0';
+ parent = copy;
+ *lastp = tmp + 1;
+ } else if (tmp[1] != '\0') {
+ *lastp = tmp + 1;
+ parent = "/";
+ } else {
+ *lastp = ".";
+ parent = "/";
+ }
+ *currdir_fd = open(".", O_RDONLY);
+ if (*currdir_fd == -1) {
+ eprintf(_("Failed to open current directory: %s\n"),
+ strerror(errno));
+ return -1;
+ }
+ res = chdir(parent);
+ if (res == -1) {
+ eprintf(_("Failed to chdir to %s: %s\n"),
+ parent, strerror(errno));
+ return -1;
+ }
+ if (getcwd(buf, sizeof(buf)) == NULL) {
+ eprintf(_("Failed to obtain current directory: %s\n"),
+ strerror(errno));
+ return -1;
+ }
+ if (strcmp(buf, parent) != 0) {
+ eprintf(_("Mountpoint moved (%s -> %s)\n"),
+ parent, buf);
+ return -1;
+
+ }
+
+ return 0;
+}
+
+
+static int unmount_ncp(const char *mount_point)
+{
+ int currdir_fd = -1;
+ char *copy;
+ const char *last;
+ int res;
+
+ copy = strdup(mount_point);
+ if (copy == NULL) {
+ eprintf(_("Failed to allocate memory\n"));
+ return -1;
+ }
+ res = chdir_to_parent(copy, &last, &currdir_fd);
+ if (res == -1)
+ goto out;
+ res = check_is_mount(last, mount_point);
+ if (res == -1)
+ goto out;
+ res = ncp_mnt_umount(mount_point, last);
+
+out:
+ free(copy);
+ if (currdir_fd != -1) {
+ fchdir(currdir_fd);
+ close(currdir_fd);
+ }
+
+ return res;
+}
+
static int
do_umount(const char *mount_point)
{
int fid = open(mount_point, O_RDONLY, 0);
uid_t mount_uid;
+ int res;
if (fid == -1) {
- eprintf(_("Could not open %s: %s\n"),
- mount_point, strerror(errno));
+ eprintf(_("Invalid or unauthorized mountpoint %s\n"),
+ mount_point);
return -1;
}
if (ncp_get_mount_uid(fid, &mount_uid) != 0) {
close(fid);
- eprintf(_("%s probably not ncp-filesystem\n"),
+ eprintf(_("Invalid or unauthorized mountpoint %s\n"),
mount_point);
return -1;
}
@@ -253,12 +481,8 @@
return -1;
}
close(fid);
- if (umount(mount_point) != 0) {
- eprintf(_("Could not umount %s: %s\n"),
- mount_point, strerror(errno));
- return -1;
- }
- return 0;
+ res = unmount_ncp(mount_point);
+ return res;
}
@@ -409,7 +633,8 @@
int allConns = 0;
const char *serverName = NULL;
const char *treeName = NULL;
- uid_t uid = getuid();
+
+ uid = getuid();
progname = strrchr(argv[0], '/');
if (progname) {

16
net-fs/ncpfs/files/ncpfs-2.2.6-no-suid-root.patch Normal file
View File

@@ -0,0 +1,16 @@
Description: Don't install utils as suid root
Author: Bastian Blank <waldi@debian.org>
Bug-Debian: http://bugs.debian.org/692929
--- ncpfs-2.2.6.orig/sutil/Makefile.in
+++ ncpfs-2.2.6/sutil/Makefile.in
@@ -51,7 +51,7 @@ all: $(UTILS)
install: all
${INSTALL} -d $(DESTDIR)$(bindir)
${INSTALL} -d $(DESTDIR)/sbin
- ${INSTALL} -m 4755 $(UTILS) $(DESTDIR)$(bindir)
+ ${INSTALL} $(UTILS) $(DESTDIR)$(bindir)
ifeq ($(USE_KERNEL),1)
ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncp
ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncpfs

12
net-fs/ncpfs/files/ncpfs-2.2.6-pam_ncp_auth-fix.patch Normal file
View File

@@ -0,0 +1,12 @@
diff -Naurp ncpfs-2.2.6.orig/contrib/pam/pam_ncp_auth.c ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c
--- ncpfs-2.2.6.orig/contrib/pam/pam_ncp_auth.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c 2014-08-12 21:02:33.229192251 -0400
@@ -2534,7 +2534,7 @@ nw_retrieve_nds_user_info(struct nw_user
bailoutctx:;
NWDSFreeContext(ctx);
bailout:;
- if (!err & (ui->qflag & QF_DEBUG))
+ if ((!err) && (ui->qflag & QF_DEBUG))
syslog(LOG_NOTICE, "%u %u %s %s %s\n", ui->uid, ui->gid, ui->dir, ui->gecos, ui->shell);
return err;
}

15
net-fs/ncpfs/files/ncpfs-2.2.6-remove-libncp_atomic-header.patch Normal file
View File

@@ -0,0 +1,15 @@
Description: Remove another generated file
Author: Bastian Blank <waldi@debian.org>
Bug-Debian: http://bugs.debian.org/692471
--- ncpfs-2.2.6.orig/Makefile.in
+++ ncpfs-2.2.6/Makefile.in
@@ -71,6 +71,7 @@ distclean:
rm -f intl/Makefile po/Makefile po/Makefile.in
rm -f lib/Makefile man/Makefile sutil/Makefile util/Makefile
rm -f include/config.h
+ rm -f include/private/libncp-atomic.h
rm -f include/ncp/ext/socket.h include/ncp/ext/stdint.h
rm -f include/ncp/kernel/fs.h
rm -f include/ncp/kernel/if.h include/ncp/kernel/route.h include/ncp/kernel/types.h

297
net-fs/ncpfs/files/ncpfs-2.2.6-remove-packed-attrib.patch Normal file
View File

@@ -0,0 +1,297 @@
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ipxlib.h ncpfs-2.2.6//include/ncp/ipxlib.h
--- ncpfs-2.2.6.orig//include/ncp/ipxlib.h 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6//include/ncp/ipxlib.h 2011-02-10 02:38:18.822076000 -0500
@@ -64,12 +64,12 @@ struct sap_query
struct sap_server_ident
{
u_int16_t server_type __attribute__((packed));
- char server_name[48] __attribute__((packed));
+ char server_name[48];
IPXNet server_network __attribute__((packed));
#ifdef SWIG
u_int8_t server_node[6] __attribute__((packed));
#else
- IPXNode server_node __attribute__((packed));
+ IPXNode server_node;
#endif
IPXPort server_port __attribute__((packed));
u_int16_t intermediate_network __attribute__((packed));
@@ -87,7 +87,7 @@ struct ipx_rt_def {
struct ipx_rip_packet
{
u_int16_t operation __attribute__((packed));
- struct ipx_rt_def rt[1] __attribute__((packed));
+ struct ipx_rt_def rt[1];
};
#ifdef SWIG
diff -Naurp ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h ncpfs-2.2.6//include/ncp/kernel/ncp.h
--- ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6//include/ncp/kernel/ncp.h 2011-02-10 02:38:18.822076000 -0500
@@ -53,12 +53,12 @@
struct ncp_request_header {
u_int16_t type __attribute__((packed));
- u_int8_t sequence __attribute__((packed));
- u_int8_t conn_low __attribute__((packed));
- u_int8_t task __attribute__((packed));
- u_int8_t conn_high __attribute__((packed));
- u_int8_t function __attribute__((packed));
- u_int8_t data[0] __attribute__((packed));
+ u_int8_t sequence;
+ u_int8_t conn_low;
+ u_int8_t task;
+ u_int8_t conn_high;
+ u_int8_t function;
+ u_int8_t data[0];
};
#define NCP_REPLY (0x3333)
@@ -66,13 +66,13 @@ struct ncp_request_header {
struct ncp_reply_header {
u_int16_t type __attribute__((packed));
- u_int8_t sequence __attribute__((packed));
- u_int8_t conn_low __attribute__((packed));
- u_int8_t task __attribute__((packed));
- u_int8_t conn_high __attribute__((packed));
- u_int8_t completion_code __attribute__((packed));
- u_int8_t connection_state __attribute__((packed));
- u_int8_t data[0] __attribute__((packed));
+ u_int8_t sequence;
+ u_int8_t conn_low;
+ u_int8_t task;
+ u_int8_t conn_high;
+ u_int8_t completion_code;
+ u_int8_t connection_state;
+ u_int8_t data[0];
};
#define NCP_VOLNAME_LEN (16)
@@ -230,8 +230,8 @@ struct nw_info_struct {
u_int32_t EAKeyCount __attribute__((packed));
u_int32_t EAKeySize __attribute__((packed));
u_int32_t NSCreator __attribute__((packed));
- u_int8_t nameLen __attribute__((packed));
- u_int8_t entryName[256] __attribute__((packed));
+ u_int8_t nameLen;
+ u_int8_t entryName[256];
};
#endif
@@ -282,13 +282,13 @@ struct nw_file_info {
int opened;
int access;
u_int32_t server_file_handle __attribute__((packed));
- u_int8_t open_create_action __attribute__((packed));
- u_int8_t file_handle[6] __attribute__((packed));
+ u_int8_t open_create_action;
+ u_int8_t file_handle[6];
};
#endif
struct nw_search_sequence {
- u_int8_t volNumber __attribute__((packed));
+ u_int8_t volNumber;
u_int32_t dirBase __attribute__((packed));
u_int32_t sequence __attribute__((packed));
};
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncp.h ncpfs-2.2.6//include/ncp/ncp.h
--- ncpfs-2.2.6.orig//include/ncp/ncp.h 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6//include/ncp/ncp.h 2011-02-10 02:38:18.822076000 -0500
@@ -95,7 +95,7 @@ struct prop_net_address {
#ifdef SWIG
fixedArray node[IPX_NODE_LEN];
#else
- u_int8_t node[IPX_NODE_LEN] __attribute__((packed));
+ u_int8_t node[IPX_NODE_LEN];
#endif
u_int16_t port __attribute__((packed));
};
@@ -163,20 +163,20 @@ struct nw_queue_job_entry {
u_int32_t ClientTask __attribute__((packed));
u_int32_t ClientObjectID __attribute__((packed));
u_int32_t TargetServerID __attribute__((packed));
- u_int8_t TargetExecTime[6] __attribute__((packed));
- u_int8_t JobEntryTime[6] __attribute__((packed));
+ u_int8_t TargetExecTime[6];
+ u_int8_t JobEntryTime[6];
u_int32_t JobNumber __attribute__((packed));
u_int16_t JobType __attribute__((packed));
u_int16_t JobPosition __attribute__((packed));
u_int16_t JobControlFlags __attribute__((packed));
- u_int8_t FileNameLen __attribute__((packed));
- char JobFileName[13] __attribute__((packed));
+ u_int8_t FileNameLen;
+ char JobFileName[13];
u_int32_t JobFileHandle __attribute__((packed));
u_int32_t ServerStation __attribute__((packed));
u_int32_t ServerTaskNumber __attribute__((packed));
u_int32_t ServerObjectID __attribute__((packed));
- char JobTextDescription[50] __attribute__((packed));
- char ClientRecordArea[152] __attribute__((packed));
+ char JobTextDescription[50];
+ char ClientRecordArea[152];
};
struct queue_job {
@@ -217,18 +217,18 @@ struct print_job_record {
};
#else
struct print_job_record {
- u_int8_t Version __attribute__((packed));
- u_int8_t TabSize __attribute__((packed));
+ u_int8_t Version;
+ u_int8_t TabSize;
u_int16_t Copies __attribute__((packed));
u_int16_t CtrlFlags __attribute__((packed));
u_int16_t Lines __attribute__((packed));
u_int16_t Rows __attribute__((packed));
- char FormName[16] __attribute__((packed));
- u_int8_t Reserved[6] __attribute__((packed));
- char BannerName[13] __attribute__((packed));
- char FnameBanner[13] __attribute__((packed));
- char FnameHeader[14] __attribute__((packed));
- char Path[80] __attribute__((packed));
+ char FormName[16];
+ u_int8_t Reserved[6];
+ char BannerName[13];
+ char FnameBanner[13];
+ char FnameHeader[14];
+ char Path[80];
};
#endif
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncplib.h ncpfs-2.2.6//include/ncp/ncplib.h
--- ncpfs-2.2.6.orig//include/ncp/ncplib.h 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6//include/ncp/ncplib.h 2011-02-10 02:38:18.822076000 -0500
@@ -462,24 +462,24 @@ struct ncp_file_server_info
#else
struct ncp_file_server_info
{
- u_int8_t ServerName[48] __attribute__((packed));
- u_int8_t FileServiceVersion __attribute__((packed));
- u_int8_t FileServiceSubVersion __attribute__((packed));
+ u_int8_t ServerName[48];
+ u_int8_t FileServiceVersion;
+ u_int8_t FileServiceSubVersion;
u_int16_t MaximumServiceConnections __attribute__((packed));
u_int16_t ConnectionsInUse __attribute__((packed));
u_int16_t NumberMountedVolumes __attribute__((packed));
- u_int8_t Revision __attribute__((packed));
- u_int8_t SFTLevel __attribute__((packed));
- u_int8_t TTSLevel __attribute__((packed));
+ u_int8_t Revision;
+ u_int8_t SFTLevel;
+ u_int8_t TTSLevel;
u_int16_t MaxConnectionsEverUsed __attribute__((packed));
- u_int8_t AccountVersion __attribute__((packed));
- u_int8_t VAPVersion __attribute__((packed));
- u_int8_t QueueVersion __attribute__((packed));
- u_int8_t PrintVersion __attribute__((packed));
- u_int8_t VirtualConsoleVersion __attribute__((packed));
- u_int8_t RestrictionLevel __attribute__((packed));
- u_int8_t InternetBridge __attribute__((packed));
- u_int8_t Reserved[60] __attribute__((packed));
+ u_int8_t AccountVersion;
+ u_int8_t VAPVersion;
+ u_int8_t QueueVersion;
+ u_int8_t PrintVersion;
+ u_int8_t VirtualConsoleVersion;
+ u_int8_t RestrictionLevel;
+ u_int8_t InternetBridge;
+ u_int8_t Reserved[60];
};
#endif
@@ -592,7 +592,7 @@ struct ncp_station_addr
#ifdef SWIG
fixedArray Node[6];
#else
- u_int8_t Node[6] __attribute__((packed));
+ u_int8_t Node[6];
#endif
u_int16_t Socket __attribute__((packed));
};
@@ -602,32 +602,32 @@ struct ncp_prop_login_control
#ifdef SWIG
fixedArray AccountExpireDate[3];
#else
- u_int8_t AccountExpireDate[3] __attribute__((packed));
+ u_int8_t AccountExpireDate[3];
#endif
- u_int8_t Disabled __attribute__((packed));
+ u_int8_t Disabled;
#ifdef SWIG
fixedArray PasswordExpireDate[3];
#else
- u_int8_t PasswordExpireDate[3] __attribute__((packed));
+ u_int8_t PasswordExpireDate[3];
#endif
- u_int8_t GraceLogins __attribute__((packed));
+ u_int8_t GraceLogins;
u_int16_t PasswordExpireInterval __attribute__((packed));
- u_int8_t MaxGraceLogins __attribute__((packed));
- u_int8_t MinPasswordLength __attribute__((packed));
+ u_int8_t MaxGraceLogins;
+ u_int8_t MinPasswordLength;
u_int16_t MaxConnections __attribute__((packed));
#ifdef SWIG
fixedArray ConnectionTimeMask[42] __attribute__((packed));
fixedArray LastLogin[6] __attribute__((packed));
#else
- u_int8_t ConnectionTimeMask[42] __attribute__((packed));
- u_int8_t LastLogin[6] __attribute__((packed));
+ u_int8_t ConnectionTimeMask[42];
+ u_int8_t LastLogin[6];
#endif
- u_int8_t RestrictionMask __attribute__((packed));
- u_int8_t reserved __attribute__((packed));
+ u_int8_t RestrictionMask;
+ u_int8_t reserved;
u_int32_t MaxDiskUsage __attribute__((packed));
u_int16_t BadLoginCount __attribute__((packed));
u_int32_t BadLoginCountDown __attribute__((packed));
- struct ncp_station_addr LastIntruder __attribute__((packed));
+ struct ncp_station_addr LastIntruder;
};
NWCCODE NWReadPropertyValue(NWCONN_HANDLE conn, const char *objName,
diff -Naurp ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c ncpfs-2.2.6//ipx-1.0/ipx_cmd.c
--- ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6//ipx-1.0/ipx_cmd.c 2011-02-10 02:40:19.222076002 -0500
@@ -63,8 +63,8 @@
/* we are doing EthernetII... Any objections? */
struct {
u_int16_t unknown __attribute__((packed));
- u_int8_t dst[6] __attribute__((packed));
- u_int8_t src[6] __attribute__((packed));
+ u_int8_t dst[6];
+ u_int8_t src[6];
u_int16_t type __attribute__((packed));
u_int8_t ipx[16384];
} buffer;
diff -Naurp ncpfs-2.2.6.orig//lib/ncplib.c ncpfs-2.2.6//lib/ncplib.c
--- ncpfs-2.2.6.orig//lib/ncplib.c 2011-02-10 02:38:05.000000000 -0500
+++ ncpfs-2.2.6//lib/ncplib.c 2011-02-10 02:38:18.822076000 -0500
@@ -2584,13 +2584,13 @@ ncp_request(struct ncp_conn *conn, int f
struct nw_time_buffer
{
- u_int8_t year __attribute__((packed));
- u_int8_t month __attribute__((packed));
- u_int8_t day __attribute__((packed));
- u_int8_t hour __attribute__((packed));
- u_int8_t minute __attribute__((packed));
- u_int8_t second __attribute__((packed));
- u_int8_t wday __attribute__((packed));
+ u_int8_t year;
+ u_int8_t month;
+ u_int8_t day;
+ u_int8_t hour;
+ u_int8_t minute;
+ u_int8_t second;
+ u_int8_t wday;
};
static time_t

15
net-fs/ncpfs/files/ncpfs-2.2.6-servername-array-fix.patch Normal file
View File

@@ -0,0 +1,15 @@
diff -Naurp ncpfs-2.2.6.orig/include/ncp/ncplib.h ncpfs-2.2.6/include/ncp/ncplib.h
--- ncpfs-2.2.6.orig/include/ncp/ncplib.h 2005-01-27 12:35:59.000000000 -0500
+++ ncpfs-2.2.6/include/ncp/ncplib.h 2014-08-12 21:01:01.159192798 -0400
@@ -485,9 +485,9 @@ struct ncp_file_server_info
struct ncp_file_server_info_2 {
#ifdef SWIG
- fixedArray ServerName[49];
+ fixedArray ServerName[50];
#else
- u_int8_t ServerName[49];
+ u_int8_t ServerName[50];
#endif
u_int8_t FileServiceVersion;
u_int8_t FileServiceSubVersion;

11
net-fs/ncpfs/files/ncpfs-2.2.6-zend_function_entry.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/contrib/php/php_auth_nds.c
+++ b/contrib/php/php_auth_nds.c
@@ -1102,7 +1102,7 @@
php_info_print_table_end();
}
-function_entry auth_nds_functions[] = {
+zend_function_entry auth_nds_functions[] = {
PHP_FE(auth_bindery, NULL)
PHP_FE(auth_nds, NULL)
PHP_FE(auth_tree, NULL)