add ncpfs with ln hack
This commit is contained in:
parent
c2ae6625fb
commit
bce14e8935
@ -9,10 +9,11 @@ BASEDIR=$(dirname $0)
|
||||
|
||||
source $BASEDIR/kernel
|
||||
|
||||
EMERGE=""
|
||||
EMERGE="virtual/linux-sources"
|
||||
|
||||
for package in ${PACKAGES}; do
|
||||
EMERGE="$EMERGE =${package}-${VER}"
|
||||
done
|
||||
|
||||
emerge $EMERGE
|
||||
eit add $EMERGE
|
127
net-fs/ncpfs/ChangeLog
Normal file
127
net-fs/ncpfs/ChangeLog
Normal file
@ -0,0 +1,127 @@
|
||||
# ChangeLog for net-fs/ncpfs
|
||||
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/ChangeLog,v 1.31 2012/06/11 09:20:53 ago Exp $
|
||||
|
||||
11 Jun 2012; Agostino Sarubbo <ago@gentoo.org> ncpfs-2.2.6-r2.ebuild:
|
||||
Stable for amd64, wrt bug #418227
|
||||
|
||||
11 Jun 2012; Agostino Sarubbo <ago@gentoo.org> -ncpfs-2.2.6-r1.ebuild:
|
||||
Remove old
|
||||
|
||||
07 Jun 2012; Brent Baude <ranger@gentoo.org> ncpfs-2.2.6-r2.ebuild:
|
||||
Marking ncpfs-2.2.6-r2 ppc for bug 418227
|
||||
|
||||
05 Jun 2012; Brent Baude <ranger@gentoo.org> ncpfs-2.2.6-r2.ebuild:
|
||||
Marking ncpfs-2.2.6-r2 ppc64 for bug 418227
|
||||
|
||||
*ncpfs-2.2.6-r2 (10 Feb 2011)
|
||||
|
||||
10 Feb 2011; Joshua Kinard <kumba@gentoo.org> -ncpfs-2.2.6.ebuild,
|
||||
+ncpfs-2.2.6-r2.ebuild, +files/ncpfs-2.2.6-multiple-vulns.patch,
|
||||
+files/ncpfs-2.2.6-remove-packed-attrib.patch, +files/ipx.confd,
|
||||
+files/ipx.init:
|
||||
Add two patches to ncpfs, one to correct several vulnerabilities (#308071)
|
||||
and another to remove unneeded __attribute((packed)) directives to make the
|
||||
build look a lot cleaner. Also imported an init.d script and companion conf.d
|
||||
file for starting up/shutting down IPX through the init system. The init
|
||||
script should address #238688 in this package. Also fixed #126323 by
|
||||
installing headers for ncpfs into /usr/include. And removed the -r0 ebuild.
|
||||
|
||||
08 Oct 2010; Matti Bickel <mabi@gentoo.org> ncpfs-2.2.6-r1.ebuild:
|
||||
change virtual/php to dev-lang/php (bug #319623)
|
||||
|
||||
*ncpfs-2.2.6-r1 (20 Apr 2010)
|
||||
|
||||
20 Apr 2010; Mike Frysinger <vapier@gentoo.org> +ncpfs-2.2.6-r1.ebuild:
|
||||
Clean up ebuild, respect env LDFLAGS, fix multilib pam issues #273486 by
|
||||
Rion, and fix sandbox violations w/ldconfig #273484 by Rion.
|
||||
|
||||
14 May 2008; Diego Pettenò <flameeyes@gentoo.org> ncpfs-2.2.6.ebuild:
|
||||
Depend on virtual/pam as the code builds fine with OpenPAM.
|
||||
|
||||
11 May 2007; Maurice van der Pot <griffon26@gentoo.org>
|
||||
+files/ncpfs-2.2.6-missing-includes.patch, ncpfs-2.2.6.ebuild:
|
||||
Added some includes for missing header files, fixing errors during
|
||||
compilation reported as bug #157462 and bug #178090 by Willard Dawson
|
||||
<willard.dawson@sungard.com> and Marat Radchenko <valder@yandex.ru>
|
||||
respectively.
|
||||
|
||||
28 Nov 2006; Luca Longinotti <chtekk@gentoo.org> -ncpfs-2.2.0.19.ebuild,
|
||||
-ncpfs-2.2.0.19-r1.ebuild, -ncpfs-2.2.0.19-r2.ebuild, -ncpfs-2.2.3.ebuild,
|
||||
-ncpfs-2.2.5.ebuild:
|
||||
Delete vulnerable versions on behalf of DerCorny, fixes bug #140535.
|
||||
|
||||
28 Jan 2006; Mark Loeser <halcy0n@gentoo.org>
|
||||
+files/ncpfs-2.2.6-gcc4.patch, ncpfs-2.2.6.ebuild:
|
||||
Add patch to fix compilation with gcc-4.0; bug #118914
|
||||
|
||||
29 Jan 2005; Markus Rothe <corsair@gentoo.org> ncpfs-2.2.6.ebuild:
|
||||
Stable on ppc64; bug #77414
|
||||
|
||||
*ncpfs-2.2.6 (29 Jan 2005)
|
||||
|
||||
29 Jan 2005; Maurice van der Pot <griffon26@gentoo.org>
|
||||
+ncpfs-2.2.6.ebuild:
|
||||
Added new version that fixes security bug #77414.
|
||||
Immediately marked stable on x86.
|
||||
|
||||
15 Dec 2004; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.5.ebuild:
|
||||
Fix syntax for php depends. See bug #74005
|
||||
|
||||
14 Dec 2004; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.5.ebuild:
|
||||
Marking x86 stable. See bug #72820
|
||||
|
||||
11 Dec 2004; Markus Rothe <corsair@gentoo.org> ncpfs-2.2.5.ebuild:
|
||||
Stable on ppc64; bug #72820
|
||||
|
||||
10 Dec 2004; Stuart Herbert <stuart@gentoo.org> ncpfs-2.2.5.ebuild:
|
||||
Fix for typo in virtual DEPEND list; thanks to latexer for spotting it; bug
|
||||
#74005
|
||||
|
||||
09 Dec 2004; Stuart Herbert <stuart@gentoo.org> ncpfs-2.2.5.ebuild:
|
||||
Fix for sandbox violation when the PHP extension is built
|
||||
|
||||
*ncpfs-2.2.5 (01 Dec 2004)
|
||||
|
||||
01 Dec 2004; Maurice van der Pot <griffon26@gentoo.org>
|
||||
+ncpfs-2.2.5.ebuild:
|
||||
Added new version that includes fix for security bug #72820.
|
||||
|
||||
05 Sep 2004; Sven Wegener <swegener@gentoo.org> :
|
||||
Fixed ChangeLog header.
|
||||
|
||||
22 Jul 2004; Tom Gall <tgall@gentoo.org> ncpfs-2.2.3.ebuild:
|
||||
stable on ppc64, bug #57586
|
||||
|
||||
09 May 2004; <SeJo@gentoo.org> ncpfs-2.2.3.ebuild:
|
||||
added ~ppc keyword
|
||||
|
||||
26 Apr 2004; Aron Griffis <agriffis@gentoo.org> ncpfs-2.2.0.19-r1.ebuild,
|
||||
ncpfs-2.2.0.19-r2.ebuild, ncpfs-2.2.3.ebuild:
|
||||
Add die following econf for bug 48950
|
||||
|
||||
05 Jan 2004; zhen <zhen@gentoo.org> metadata.xml:
|
||||
adding to net-fs herd
|
||||
|
||||
*ncpfs-2.2.3 (17 Jul 2003)
|
||||
|
||||
17 Jul 2003; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.3.ebuild:
|
||||
Bump in ~x86.
|
||||
|
||||
*ncpfs-2.2.0.19-r2 (23 Mar 2003)
|
||||
|
||||
23 Mar 2003; Martin Holzer <mholzer@gentoo.org> ncpfs-2.2.0.19-r2.ebuild:
|
||||
Fixed ebuild that mount.* would be installed. Closes #17823.
|
||||
|
||||
*ncpfs-2.2.0.19-r1 (20 Oct 2002)
|
||||
|
||||
20 Oct 2002; Seemant Kulleen <seemant@gentoo.org> ncpfs-2.2.0.19-r1.ebuild
|
||||
files/digest-ncpfs-2.2.0.19-r1 :
|
||||
|
||||
Some fixes for NLS and PAM use flags.
|
||||
|
||||
*ncpfs-2.2.0.19 (20 Jun 2002)
|
||||
|
||||
20 Jun 2002; J.Alberto S.L. <bass@gentoo.org> ncpfs-2.2.0.19.ebuild:
|
||||
|
||||
First relase.
|
11
net-fs/ncpfs/Manifest
Normal file
11
net-fs/ncpfs/Manifest
Normal file
@ -0,0 +1,11 @@
|
||||
AUX ipx.confd 706 SHA256 abfefd5c3f9df2232e5d35f743ff8ce2876e887d39bd823789b54e3a8bd69a0e SHA512 7c15f4aca1dbce2450f2e04741bce5f9d73150607c0f74fabe917f41a4041eaed8bf26262652dccf7660f1634932082c02e889a90b05c679485df718fff970eb WHIRLPOOL b85ae8141a1403fc47e94bab8149e8530cb0a4a8d047fe1dc5ddf77d08ff5693190d359226304141a3586d6953020f9ad56565f8d059cbda0b43c511bbbf1e60
|
||||
AUX ipx.init 972 SHA256 2b01a7a68110658f20c883e5045dd854389b37866e97c5f0e978034dc49dc395 SHA512 ce07fe5aa1d8f8f4b0f46454ce3461076bcb938b4f41187c4c214ee7895189995507cd9209551b1a3e4bbaf7f237228ec528d89b1dd91102fd21fb28253084f0 WHIRLPOOL bf5ac8aed0fd62bf30df495bf6d7073f9623848c35620f348d5afa28e9f7ec626bec4983045ab628626392f3391234f6a2e4a31680001a2bbafe4a14876a1595
|
||||
AUX ncpfs-2.2.5-php.patch 555 SHA256 ea32f4f6a9ac7c1d43af654982410680ca535a313f2a94efd3ddb295949d864b SHA512 2768cfe218c1fcd9e8458e28af51985a50d60d2538c61cb13f2c8db77fd111abbe8d81b040c82d51bd18fdecfacbc78e488ca7d17f8fd08af62a8b5690b37c19 WHIRLPOOL e19c931b0f440b93c8135f9b995f74852b152642778fd86eff89f081378c8b9ce99773bcedc08cfd54280d9d894d1b2e675f78f78a01bd47f9fcb1e1f9318d4c
|
||||
AUX ncpfs-2.2.6-gcc4.patch 1291 SHA256 8fbb8621b178aa8fb38da30639cc32afce0254445fe59c0f56c543da62d6921e SHA512 2bdce56008c2f7819c402ff00643d6602bab89922d01fefd3d42a15720cb569e6920c1ca8feaf8e927b0391ca44466df1fc91de21bcc76f53cbe7cc102e88992 WHIRLPOOL f68ece683be5e085e987891289e7605243bb37d81b357102463a3289a2a57e799ffb022fbf4470d8390540524002a478866b2809abb40aac900e00cc9cd20b9a
|
||||
AUX ncpfs-2.2.6-missing-includes.patch 779 SHA256 b724c68cd8e1b8e5ed91dc3f7c24948e76107bda6314c954918adfc058a24911 SHA512 3f51978a009b8c9e20c14500bafb4bf3ecf3b288b43f42aeb11e81ff621014c0c5774bd8d53be06706b2a78d94dae62ee663a3f710fc908d433ba2755788abcb WHIRLPOOL 875e62439a004b98b1bd227c4ad6e305e0e126f8bbc7ab687264813ddfe62102f1a5c41fc608634e3a78e96202bd5bf74ecb2973caf5c7ad6bc67a1b08487fa4
|
||||
AUX ncpfs-2.2.6-multiple-vulns.patch 14158 SHA256 50d42cda962cbc5c3e7ad6048ed2ebb465645e640a32552ffa44c7229d8d2a77 SHA512 486bae42500d0712b7023768f0cf60d0b550a11cb554b2733f09ee92a49df031dec2f938b2a355c123e50b71340cbd94dfb38b7a1b455e680ece7efe6aa13925 WHIRLPOOL 1aed769a1dd3d9e3aa6cbc0f9a34eba42c7f99947870ca8b7c655568c93404a3b4fdac4e1e50ea920032118dcc63b64090f8c12e7713c6b56ac8686d01205db0
|
||||
AUX ncpfs-2.2.6-remove-packed-attrib.patch 10312 SHA256 f1c587b329224f34f351e08b32333e854539223d337e6bb2fdadf28c2130673b SHA512 efd11c2cf08f3b7b1458b836ee863f31e3ae470986a02a3d2db0ec6fbb7a984e2d33643765d7223b797732d80187412a907a9ca971233eb0f95ed4744ef6f44a WHIRLPOOL 187d2c71547de0de2007f872a53a7c4545a2ace4d258fc93802283278202eb0db7fbef70c7a6f7210e8f037e65399c76fa57def0fe73591d8d24967432be9a4c
|
||||
DIST ncpfs-2.2.6.tar.gz 2100545 SHA256 2837046046bcdb46d77a80c1d17dbfd15e878700e879edab4cda9f080e0337f9
|
||||
EBUILD ncpfs-2.2.6-r2.ebuild 2007 SHA256 b22ad4f594bd9ee1e3d35d4798fcac14d651e9bc473e8aa7f1eaedd6e3e9392d SHA512 82127c3de392557496cada88581607a4280debba280bf62971146f91be459eb9bd62a9f21ab9e367f375cb13f0338413553a51e3e2d891c149f64f55ea3bc69d WHIRLPOOL 3c8d5cfbfefd3a7c4703b359befff0f97f1b6da338100d6abbb114b37dd0bca9e30d24e0c1d39c74f398ef3fb66c35a47ef49e8b75096c0251b62c9d9cd69be7
|
||||
MISC ChangeLog 4769 SHA256 3a113a2b1c50be4a0dbf022b28ad4e717e8de071787a66a910d11b22a54d6cd4 SHA512 232e4913c5c43c9969aa8672ff1bfa665eb00b3874adc95d64e2e1b5b48d64dcc152055aeec40ccb43c225601ddea9e55095749c245a12b52de28d3ae616c3e4 WHIRLPOOL 8f181970775af0e62f6c63b9f623616df550e9c06f6b7e1d836a040c46c30a85010656404fb2340e2b3e9ad2909bb1e20ea540e0224f774e5764260538ec5318
|
||||
MISC metadata.xml 290 SHA256 bc04d955fed7a177f63051b016c7f24451c30200e8608b70f8e63e25176a0348 SHA512 52de55e9486be04762f7ddc2dfe231e3c409ec63d3ec39dcf252540add9165a14c968fa90e281575982229791bf4a070f2285d857ca589c63e499e66e1c58d64 WHIRLPOOL a67855c335e629d78f0d54430450565c4dc3ac97184b42bcf0cbe15dfb23bdaca234feeee15773216a5243c18dd141ad9dfcc6dc0b2b95b48944ae549674545d
|
28
net-fs/ncpfs/files/ipx.confd
Normal file
28
net-fs/ncpfs/files/ipx.confd
Normal file
@ -0,0 +1,28 @@
|
||||
# Copyright 1999-2011 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/files/ipx.confd,v 1.1 2011/02/10 09:26:38 kumba Exp $
|
||||
|
||||
# Config file for /etc/init.d/ipx
|
||||
|
||||
# Automatically selecting a primary interface.
|
||||
IPX_AUTO_PRIMARY=on
|
||||
|
||||
# Automatically creating interfaces.
|
||||
IPX_AUTO_INTERFACE=on
|
||||
|
||||
# Interface to which IPX sockets are bound.
|
||||
IPX_DEVICE=eth0
|
||||
|
||||
# The IPX frame type to use.
|
||||
# Valid values are: 802.2, 802.3, SNAP, & EtherII.
|
||||
IPX_FRAME=802.2
|
||||
|
||||
# Create a special kind of IPX interface that does not
|
||||
# have a physical device or frame type.
|
||||
IPX_INTERNAL_NET=no
|
||||
|
||||
# Network number
|
||||
IPX_NETNUM=1
|
||||
|
||||
# Node number
|
||||
IPX_NODENUM=1
|
42
net-fs/ncpfs/files/ipx.init
Normal file
42
net-fs/ncpfs/files/ipx.init
Normal file
@ -0,0 +1,42 @@
|
||||
#!/sbin/runscript
|
||||
# Copyright 1999-2011 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/files/ipx.init,v 1.1 2011/02/10 09:26:38 kumba Exp $
|
||||
|
||||
#NB: Config is in /etc/conf.d/ipx
|
||||
|
||||
depend() {
|
||||
need net netmount
|
||||
}
|
||||
|
||||
start() {
|
||||
local retval=0
|
||||
|
||||
ebegin "Bringing IPX up"
|
||||
if [ ${IPX_INTERNAL_NET} = "yes" ]
|
||||
then
|
||||
/usr/bin/ipx_internal_net add ${IPX_NETNUM} ${IPX_NODENUM}
|
||||
retval=$?
|
||||
else
|
||||
/usr/bin/ipx_interface add -p ${IPX_DEVICE} \
|
||||
${IPX_FRAME} ${IPX_NETNUM}
|
||||
retval=$?
|
||||
fi
|
||||
|
||||
/usr/bin/ipx_configure \
|
||||
--auto_primary=${IPX_AUTO_PRIMARY} \
|
||||
--auto_interface=${IPX_AUTO_INTERFACE}
|
||||
retval=$(( $retval + $? ))
|
||||
eend ${retval} "Failed to bring IPX up"
|
||||
}
|
||||
|
||||
stop() {
|
||||
local retval=0
|
||||
|
||||
ebegin "Bringing IPX down"
|
||||
/usr/bin/ipx_configure --auto_primary=off --auto_interface=off
|
||||
retval=$?
|
||||
/usr/bin/ipx_interface delall
|
||||
retval=$(( $retval + $? ))
|
||||
eend ${retval} "Failed to down IPX"
|
||||
}
|
16
net-fs/ncpfs/files/ncpfs-2.2.5-php.patch
Normal file
16
net-fs/ncpfs/files/ncpfs-2.2.5-php.patch
Normal file
@ -0,0 +1,16 @@
|
||||
--- contrib/php/build/rules.mk.orig 2004-12-09 13:01:04.417854240 +0000
|
||||
+++ contrib/php/build/rules.mk 2004-12-09 13:01:42.460070944 +0000
|
||||
@@ -63,10 +63,10 @@
|
||||
|
||||
install-modules:
|
||||
@test -d modules && \
|
||||
- $(mkinstalldirs) $(moduledir) && \
|
||||
- echo "installing shared modules into $(moduledir)" && \
|
||||
+ $(mkinstalldirs) $(DESTDIR)/$(moduledir) && \
|
||||
+ echo "installing shared modules into $(DESTDIR)/$(moduledir)" && \
|
||||
rm -f modules/*.la && \
|
||||
- cp modules/* $(moduledir) || true
|
||||
+ cp modules/* $(DESTDIR)/$(moduledir) || true
|
||||
|
||||
include $(builddir)/.deps
|
||||
|
36
net-fs/ncpfs/files/ncpfs-2.2.6-gcc4.patch
Normal file
36
net-fs/ncpfs/files/ncpfs-2.2.6-gcc4.patch
Normal file
@ -0,0 +1,36 @@
|
||||
diff -ur ncpfs-2.2.6-orig/lib/ncplib.c ncpfs-2.2.6/lib/ncplib.c
|
||||
--- ncpfs-2.2.6-orig/lib/ncplib.c 2006-01-13 16:55:05.000000000 -0500
|
||||
+++ ncpfs-2.2.6/lib/ncplib.c 2006-01-13 16:56:08.000000000 -0500
|
||||
@@ -2421,7 +2421,7 @@
|
||||
int i = 1;
|
||||
NWCCODE nwerr;
|
||||
|
||||
- static int get_argument(int arg_no, const char **target) {
|
||||
+ int get_argument(int arg_no, const char **target) {
|
||||
int count = 1;
|
||||
|
||||
if (target != NULL) {
|
||||
diff -ur ncpfs-2.2.6-orig/util/nwpjmv.c ncpfs-2.2.6/util/nwpjmv.c
|
||||
--- ncpfs-2.2.6-orig/util/nwpjmv.c 2006-01-13 16:55:05.000000000 -0500
|
||||
+++ ncpfs-2.2.6/util/nwpjmv.c 2006-01-13 16:55:50.000000000 -0500
|
||||
@@ -131,7 +131,7 @@
|
||||
char *s = q->command;
|
||||
char *target_end = target + target_size;
|
||||
|
||||
- static void add_string(const char *str)
|
||||
+ void add_string(const char *str)
|
||||
{
|
||||
int len = strlen(str);
|
||||
if (target + len + 1 > target_end)
|
||||
diff -ur ncpfs-2.2.6-orig/util/pserver.c ncpfs-2.2.6/util/pserver.c
|
||||
--- ncpfs-2.2.6-orig/util/pserver.c 2006-01-13 16:55:05.000000000 -0500
|
||||
+++ ncpfs-2.2.6/util/pserver.c 2006-01-13 16:55:36.000000000 -0500
|
||||
@@ -153,7 +153,7 @@
|
||||
char *s = q->command;
|
||||
char *target_end = target + target_size;
|
||||
|
||||
- static void add_string(const char *str)
|
||||
+ void add_string(const char *str)
|
||||
{
|
||||
int len = strlen(str);
|
||||
if (target + len + 1 > target_end)
|
22
net-fs/ncpfs/files/ncpfs-2.2.6-missing-includes.patch
Normal file
22
net-fs/ncpfs/files/ncpfs-2.2.6-missing-includes.patch
Normal file
@ -0,0 +1,22 @@
|
||||
diff -ruN ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c ncpfs-2.2.6-fixed/contrib/pam/pam_ncp_auth.c
|
||||
--- ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c 2005-01-27 18:35:59.000000000 +0100
|
||||
+++ ncpfs-2.2.6-fixed/contrib/pam/pam_ncp_auth.c 2007-05-11 21:38:05.143474750 +0200
|
||||
@@ -257,6 +257,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
+#include <syslog.h>
|
||||
#include <unistd.h>
|
||||
#include <pwd.h>
|
||||
#include <grp.h>
|
||||
diff -ruN ncpfs-2.2.6/sutil/ncpm_common.c ncpfs-2.2.6-fixed/sutil/ncpm_common.c
|
||||
--- ncpfs-2.2.6/sutil/ncpm_common.c 2005-01-27 18:35:59.000000000 +0100
|
||||
+++ ncpfs-2.2.6-fixed/sutil/ncpm_common.c 2007-05-11 21:38:29.609003750 +0200
|
||||
@@ -82,6 +82,7 @@
|
||||
|
||||
#include "ncpm_common.h"
|
||||
|
||||
+#include <stddef.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <signal.h>
|
557
net-fs/ncpfs/files/ncpfs-2.2.6-multiple-vulns.patch
Normal file
557
net-fs/ncpfs/files/ncpfs-2.2.6-multiple-vulns.patch
Normal file
@ -0,0 +1,557 @@
|
||||
From: Dan Rosenberg <dan.j.rosenberg () gmail com>
|
||||
Date: Fri, 5 Mar 2010 12:06:01 -0500
|
||||
|
||||
============================================
|
||||
ncpfs, Multiple Vulnerabilities
|
||||
March 5, 2010
|
||||
CVE-2010-0788, CVE-2010-0790, CVE-2010-0791
|
||||
============================================
|
||||
|
||||
==Description==
|
||||
|
||||
The ncpmount, ncpumount, and ncplogin utilities, installed as part of the ncpfs
|
||||
package, contain several vulnerabilities.
|
||||
|
||||
1. ncpmount, ncpumount, and ncplogin are vulnerable to race conditions that
|
||||
allow a local attacker to unmount arbitrary mountpoints, causing
|
||||
denial-of-service, or mount Netware shares to arbitrary directories,
|
||||
potentially leading to root compromise. This issue was formerly assigned
|
||||
CVE-2009-3297, but has since been re-assigned CVE-2010-0788 to avoid overlap
|
||||
with related bugs in other packages.
|
||||
|
||||
2. ncpumount is vulnerable to an information disclosure vulnerability that
|
||||
allows a local attacker to verify the existence of arbitrary files, violating
|
||||
directory permissions. This issue has been assigned CVE-2010-0790.
|
||||
|
||||
3. ncpmount, ncpumount, and ncplogin create lockfiles insecurely, allowing a
|
||||
local attacker to leave a stale lockfile at /etc/mtab~, causing other mount
|
||||
utilities to fail and creating denial-of-service conditions. This issue has
|
||||
been assigned CVE-2010-0791.
|
||||
|
||||
==Workaround==
|
||||
|
||||
If unprivileged users do not need the ability to mount and unmount Netware
|
||||
shares, then the suid bit should be removed from these utilities.
|
||||
|
||||
==Solution==
|
||||
|
||||
A patch has been released that resolves these issues (attached to this
|
||||
advisory). ncpfs-2.2.6.partial.patch is intended for ncpfs releases that have
|
||||
already been patched against the first vulnerability in this report
|
||||
(CVE-2010-0788, formerly CVE-2009-3297). It has been tested against the latest
|
||||
ncpfs packages distributed by Fedora, Red Hat, and Mandriva.
|
||||
ncpfs-2.2.6.full.patch is intended for ncpfs releases that have not been
|
||||
patched against any of these vulnerabilities. It has been tested against the
|
||||
latest ncpfs packages distributed by Debian, Ubuntu, and the upstream release
|
||||
(ftp://platan.vc.cvut.cz/pub/linux/ncpfs/).
|
||||
|
||||
Users are advised to recompile from source, or request updated packages from
|
||||
downstream distributors.
|
||||
|
||||
==Credits==
|
||||
|
||||
These vulnerabilities were discovered by Dan Rosenberg
|
||||
(dan.j.rosenberg () gmail com).
|
||||
Thanks to Vitezslav Crhonek for the patch against the first issue.
|
||||
|
||||
==References==
|
||||
|
||||
CVE identifiers CVE-2010-0788, CVE-2010-0790, and CVE-2010-0791 have been
|
||||
assigned to these issues.
|
||||
|
||||
http://seclists.org/fulldisclosure/2010/Mar/122
|
||||
|
||||
|
||||
diff -ur ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
|
||||
--- ncpfs-2.2.6.orig/sutil/ncplogin.c 2010-03-03 16:18:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6/sutil/ncplogin.c 2010-03-03 16:17:41.000000000 -0500
|
||||
@@ -934,7 +934,9 @@
|
||||
NWDSFreeContext(ctx);
|
||||
/* ncpmap, ncplogin must write in /etc/mtab */
|
||||
{
|
||||
+ block_sigs();
|
||||
add_mnt_entry(mount_name, mount_point, info.flags);
|
||||
+ unblock_sigs();
|
||||
}
|
||||
free(mount_name);
|
||||
if (info.echo_mnt_pnt) {
|
||||
diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
|
||||
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c 2010-03-03 16:18:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6/sutil/ncpm_common.c 2010-03-03 16:17:41.000000000 -0500
|
||||
@@ -360,7 +360,7 @@
|
||||
#endif
|
||||
|
||||
static inline int ncpm_suser(void) {
|
||||
- return setreuid(-1, 0);
|
||||
+ return setresuid(0, 0, myuid);
|
||||
}
|
||||
|
||||
static int ncpm_normal(void) {
|
||||
@@ -368,11 +368,31 @@
|
||||
int v;
|
||||
|
||||
e = errno;
|
||||
- v = setreuid(-1, myuid);
|
||||
+ v = setresuid(myuid, myuid, 0);
|
||||
errno = e;
|
||||
return v;
|
||||
}
|
||||
|
||||
+void block_sigs(void) {
|
||||
+
|
||||
+ sigset_t mask, orig_mask;
|
||||
+ sigfillset(&mask);
|
||||
+
|
||||
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
|
||||
+ errexit(-1, _("Blocking signals failed.\n"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+void unblock_sigs(void) {
|
||||
+
|
||||
+ sigset_t mask, orig_mask;
|
||||
+ sigemptyset(&mask);
|
||||
+
|
||||
+ if (sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
|
||||
+ errexit(-1, _("Un-blocking signals failed.\n"));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
static int proc_ncpm_mount(const char* source, const char* target, const char* filesystem, unsigned long mountflags, const void* data) {
|
||||
int v;
|
||||
int e;
|
||||
@@ -444,7 +464,7 @@
|
||||
}
|
||||
datav2.file_mode = data->file_mode;
|
||||
datav2.dir_mode = data->dir_mode;
|
||||
- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav2);
|
||||
+ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav2);
|
||||
if (err)
|
||||
return errno;
|
||||
return 0;
|
||||
@@ -508,7 +528,7 @@
|
||||
exit(0); /* Should not return from process_connection */
|
||||
}
|
||||
close(pp[0]);
|
||||
- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav3);
|
||||
+ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav3);
|
||||
if (err) {
|
||||
err = errno;
|
||||
/* Mount unsuccesful so we have to kill daemon */
|
||||
@@ -559,7 +579,7 @@
|
||||
sprintf(mountopts, "version=%u,flags=%u,owner=%u,uid=%u,gid=%u,mode=%u,dirmode=%u,timeout=%u,retry=%u,wdogpid=%u,ncpfd=%u,infofd=%u",
|
||||
NCP_MOUNT_VERSION_V5, ncpflags, data->mounted_uid, data->uid, data->gid, data->file_mode,
|
||||
data->dir_mode, data->time_out, data->retry_count, wdog_pid, data->ncp_fd, pp[1]);
|
||||
- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, mountopts);
|
||||
+ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, mountopts);
|
||||
} else {
|
||||
err=-1;
|
||||
}
|
||||
@@ -577,7 +597,7 @@
|
||||
datav4.file_mode = data->file_mode;
|
||||
datav4.dir_mode = data->dir_mode;
|
||||
datav4.wdog_pid = wdog_pid;
|
||||
- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*)&datav4);
|
||||
+ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*)&datav4);
|
||||
if (err) {
|
||||
err = errno;
|
||||
/* Mount unsuccesful so we have to kill daemon */
|
||||
@@ -1395,6 +1415,17 @@
|
||||
}
|
||||
#endif /* MOUNT3 */
|
||||
|
||||
+static int check_name(const char *name)
|
||||
+{
|
||||
+ char *s;
|
||||
+ for (s = "\n\t\\"; *s; s++) {
|
||||
+ if (strchr(name, *s)) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
static const struct smntflags {
|
||||
unsigned int flag;
|
||||
const char* name;
|
||||
@@ -1416,6 +1447,9 @@
|
||||
int fd;
|
||||
FILE* mtab;
|
||||
|
||||
+ if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
|
||||
+ errexit(107, _("Illegal character in mount entry\n"));
|
||||
+
|
||||
ment.mnt_fsname = mount_name;
|
||||
ment.mnt_dir = mpnt;
|
||||
ment.mnt_type = (char*)"ncpfs";
|
||||
diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.h ncpfs-2.2.6/sutil/ncpm_common.h
|
||||
--- ncpfs-2.2.6.orig/sutil/ncpm_common.h 2010-03-03 16:18:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6/sutil/ncpm_common.h 2010-03-03 16:17:41.000000000 -0500
|
||||
@@ -121,6 +121,9 @@
|
||||
int proc_aftermount(const struct ncp_mount_info* info, NWCONN_HANDLE* conn);
|
||||
int proc_ncpm_umount(const char* dir);
|
||||
|
||||
+void block_sigs(void);
|
||||
+void unblock_sigs(void);
|
||||
+
|
||||
#define UNUSED(x) x __attribute__((unused))
|
||||
|
||||
#endif /* __NCPM_COMMON_H__ */
|
||||
diff -ur ncpfs-2.2.6.orig/sutil/ncpmount.c ncpfs-2.2.6/sutil/ncpmount.c
|
||||
--- ncpfs-2.2.6.orig/sutil/ncpmount.c 2010-03-03 16:18:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6/sutil/ncpmount.c 2010-03-03 16:17:41.000000000 -0500
|
||||
@@ -359,11 +359,17 @@
|
||||
usage();
|
||||
return -1;
|
||||
}
|
||||
+
|
||||
realpath(argv[optind], mount_point);
|
||||
|
||||
- if (stat(mount_point, &st) == -1)
|
||||
+ if (chdir(mount_point))
|
||||
+ {
|
||||
+ errexit(31, _("Could not change directory into mount target %s: %s\n"),
|
||||
+ mount_point, strerror(errno));
|
||||
+ }
|
||||
+ if (stat(".", &st) == -1)
|
||||
{
|
||||
- errexit(31, _("Could not find mount point %s: %s\n"),
|
||||
+ errexit(31, _("Mount point %s does not exist: %s\n"),
|
||||
mount_point, strerror(errno));
|
||||
}
|
||||
if (mount_ok(&st) != 0)
|
||||
@@ -714,7 +720,9 @@
|
||||
ncp_close(conn);
|
||||
|
||||
if (!opt_n) {
|
||||
+ block_sigs();
|
||||
add_mnt_entry(mount_name, mount_point, info.flags);
|
||||
+ unblock_sigs();
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
diff -ur ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
|
||||
--- ncpfs-2.2.6.orig/sutil/ncpumount.c 2010-03-03 16:18:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6/sutil/ncpumount.c 2010-03-03 16:17:41.000000000 -0500
|
||||
@@ -70,13 +70,24 @@
|
||||
#include <mntent.h>
|
||||
#include <pwd.h>
|
||||
|
||||
+#include <sched.h>
|
||||
+
|
||||
#include "private/libintl.h"
|
||||
|
||||
#define _(X) X
|
||||
|
||||
+#ifndef MS_REC
|
||||
+#define MS_REC 16384
|
||||
+#endif
|
||||
+#ifndef MS_SLAVE
|
||||
+#define MS_SLAVE (1<<19)
|
||||
+#endif
|
||||
+
|
||||
static char *progname;
|
||||
static int is_ncplogout = 0;
|
||||
|
||||
+uid_t uid;
|
||||
+
|
||||
static void
|
||||
usage(void)
|
||||
{
|
||||
@@ -117,6 +128,40 @@
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
+/* Mostly copied from ncpm_common.c */
|
||||
+void block_sigs(void) {
|
||||
+
|
||||
+ sigset_t mask, orig_mask;
|
||||
+ sigfillset(&mask);
|
||||
+ sigdelset(&mask, SIGALRM); /* Need SIGALRM for ncpumount */
|
||||
+
|
||||
+ if(setresuid(0, 0, uid) < 0) {
|
||||
+ eprintf("Failed to raise privileges.\n");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
|
||||
+ eprintf("Blocking signals failed.\n");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+void unblock_sigs(void) {
|
||||
+
|
||||
+ sigset_t mask, orig_mask;
|
||||
+ sigemptyset(&mask);
|
||||
+
|
||||
+ if(setresuid(uid, uid, 0) < 0) {
|
||||
+ eprintf("Failed to drop privileges.\n");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
|
||||
+ eprintf("Un-blocking signals failed.\n");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
static void alarmSignal(int sig) {
|
||||
(void)sig;
|
||||
}
|
||||
@@ -192,10 +237,13 @@
|
||||
if (!numEntries)
|
||||
return 0; /* don't waste time ! */
|
||||
|
||||
+ block_sigs();
|
||||
+
|
||||
while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) {
|
||||
struct timespec tm;
|
||||
|
||||
if (errno != EEXIST || retries == 0) {
|
||||
+ unblock_sigs();
|
||||
eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
@@ -206,6 +254,7 @@
|
||||
alarm(0);
|
||||
close(fd);
|
||||
if (err) {
|
||||
+ unblock_sigs();
|
||||
eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out"));
|
||||
return 1;
|
||||
}
|
||||
@@ -223,26 +272,205 @@
|
||||
err = __clearMtab(mount_points, numEntries);
|
||||
|
||||
if ((unlink(MOUNTED "~") == -1) && (err == 0)){
|
||||
+ unblock_sigs();
|
||||
eprintf(_("Can't remove %s~"), MOUNTED);
|
||||
return 1;
|
||||
}
|
||||
+ unblock_sigs();
|
||||
return err;
|
||||
}
|
||||
|
||||
+
|
||||
+int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt)
|
||||
+{
|
||||
+ if (umount(rel_mnt) != 0) {
|
||||
+ eprintf(_("Could not umount %s: %s\n"),
|
||||
+ abs_mnt, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static int check_is_mount_child(void *p)
|
||||
+{
|
||||
+ const char **a = p;
|
||||
+ const char *last = a[0];
|
||||
+ const char *mnt = a[1];
|
||||
+ int res;
|
||||
+ const char *procmounts = "/proc/mounts";
|
||||
+ int found;
|
||||
+ FILE *fp;
|
||||
+ struct mntent *entp;
|
||||
+
|
||||
+ res = mount("", "/", "", MS_SLAVE | MS_REC, NULL);
|
||||
+ if (res == -1) {
|
||||
+ eprintf(_("Failed to mark mounts slave: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ res = mount(".", "/tmp", "", MS_BIND | MS_REC, NULL);
|
||||
+ if (res == -1) {
|
||||
+ eprintf(_("Failed to bind parent to /tmp: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ fp = setmntent(procmounts, "r");
|
||||
+ if (fp == NULL) {
|
||||
+ eprintf(_("Failed to open %s: %s\n"),
|
||||
+ procmounts, strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ found = 0;
|
||||
+ while ((entp = getmntent(fp)) != NULL) {
|
||||
+ if (strncmp(entp->mnt_dir, "/tmp/", 5) == 0 &&
|
||||
+ strcmp(entp->mnt_dir + 5, last) == 0) {
|
||||
+ found = 1;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ endmntent(fp);
|
||||
+
|
||||
+ if (!found) {
|
||||
+ eprintf(_("%s not mounted\n"), mnt);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static int check_is_mount(const char *last, const char *mnt)
|
||||
+{
|
||||
+ char buf[131072];
|
||||
+ pid_t pid, p;
|
||||
+ int status;
|
||||
+ const char *a[2] = { last, mnt };
|
||||
+
|
||||
+ pid = clone(check_is_mount_child, buf + 65536, CLONE_NEWNS, (void *) a);
|
||||
+ if (pid == (pid_t) -1) {
|
||||
+ eprintf(_("Failed to clone namespace: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ p = waitpid(pid, &status, __WCLONE);
|
||||
+ if (p == (pid_t) -1) {
|
||||
+ eprintf(_("Waitpid failed: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (!WIFEXITED(status)) {
|
||||
+ eprintf(_("Child terminated abnormally (status %i)\n"),
|
||||
+ status);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (WEXITSTATUS(status) != 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static int chdir_to_parent(char *copy, const char **lastp, int *currdir_fd)
|
||||
+{
|
||||
+ char *tmp;
|
||||
+ const char *parent;
|
||||
+ char buf[PATH_MAX];
|
||||
+ int res;
|
||||
+
|
||||
+ tmp = strrchr(copy, '/');
|
||||
+ if (tmp == NULL || tmp[1] == '\0') {
|
||||
+ eprintf(_("Internal error: invalid abs path: <%s>\n"),
|
||||
+ copy);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (tmp != copy) {
|
||||
+ *tmp = '\0';
|
||||
+ parent = copy;
|
||||
+ *lastp = tmp + 1;
|
||||
+ } else if (tmp[1] != '\0') {
|
||||
+ *lastp = tmp + 1;
|
||||
+ parent = "/";
|
||||
+ } else {
|
||||
+ *lastp = ".";
|
||||
+ parent = "/";
|
||||
+ }
|
||||
+ *currdir_fd = open(".", O_RDONLY);
|
||||
+ if (*currdir_fd == -1) {
|
||||
+ eprintf(_("Failed to open current directory: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ res = chdir(parent);
|
||||
+ if (res == -1) {
|
||||
+ eprintf(_("Failed to chdir to %s: %s\n"),
|
||||
+ parent, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (getcwd(buf, sizeof(buf)) == NULL) {
|
||||
+ eprintf(_("Failed to obtain current directory: %s\n"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (strcmp(buf, parent) != 0) {
|
||||
+ eprintf(_("Mountpoint moved (%s -> %s)\n"),
|
||||
+ parent, buf);
|
||||
+ return -1;
|
||||
+
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static int unmount_ncp(const char *mount_point)
|
||||
+{
|
||||
+ int currdir_fd = -1;
|
||||
+ char *copy;
|
||||
+ const char *last;
|
||||
+ int res;
|
||||
+
|
||||
+ copy = strdup(mount_point);
|
||||
+ if (copy == NULL) {
|
||||
+ eprintf(_("Failed to allocate memory\n"));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ res = chdir_to_parent(copy, &last, &currdir_fd);
|
||||
+ if (res == -1)
|
||||
+ goto out;
|
||||
+ res = check_is_mount(last, mount_point);
|
||||
+ if (res == -1)
|
||||
+ goto out;
|
||||
+ res = ncp_mnt_umount(mount_point, last);
|
||||
+
|
||||
+out:
|
||||
+ free(copy);
|
||||
+ if (currdir_fd != -1) {
|
||||
+ fchdir(currdir_fd);
|
||||
+ close(currdir_fd);
|
||||
+ }
|
||||
+
|
||||
+ return res;
|
||||
+}
|
||||
+
|
||||
static int
|
||||
do_umount(const char *mount_point)
|
||||
{
|
||||
int fid = open(mount_point, O_RDONLY, 0);
|
||||
uid_t mount_uid;
|
||||
+ int res;
|
||||
|
||||
if (fid == -1) {
|
||||
- eprintf(_("Could not open %s: %s\n"),
|
||||
- mount_point, strerror(errno));
|
||||
+ eprintf(_("Invalid or unauthorized mountpoint %s\n"),
|
||||
+ mount_point);
|
||||
return -1;
|
||||
}
|
||||
if (ncp_get_mount_uid(fid, &mount_uid) != 0) {
|
||||
close(fid);
|
||||
- eprintf(_("%s probably not ncp-filesystem\n"),
|
||||
+ eprintf(_("Invalid or unauthorized mountpoint %s\n"),
|
||||
mount_point);
|
||||
return -1;
|
||||
}
|
||||
@@ -253,12 +481,8 @@
|
||||
return -1;
|
||||
}
|
||||
close(fid);
|
||||
- if (umount(mount_point) != 0) {
|
||||
- eprintf(_("Could not umount %s: %s\n"),
|
||||
- mount_point, strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
- return 0;
|
||||
+ res = unmount_ncp(mount_point);
|
||||
+ return res;
|
||||
}
|
||||
|
||||
|
||||
@@ -409,7 +633,8 @@
|
||||
int allConns = 0;
|
||||
const char *serverName = NULL;
|
||||
const char *treeName = NULL;
|
||||
- uid_t uid = getuid();
|
||||
+
|
||||
+ uid = getuid();
|
||||
|
||||
progname = strrchr(argv[0], '/');
|
||||
if (progname) {
|
297
net-fs/ncpfs/files/ncpfs-2.2.6-remove-packed-attrib.patch
Normal file
297
net-fs/ncpfs/files/ncpfs-2.2.6-remove-packed-attrib.patch
Normal file
@ -0,0 +1,297 @@
|
||||
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ipxlib.h ncpfs-2.2.6//include/ncp/ipxlib.h
|
||||
--- ncpfs-2.2.6.orig//include/ncp/ipxlib.h 2005-01-27 12:35:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6//include/ncp/ipxlib.h 2011-02-10 02:38:18.822076000 -0500
|
||||
@@ -64,12 +64,12 @@ struct sap_query
|
||||
struct sap_server_ident
|
||||
{
|
||||
u_int16_t server_type __attribute__((packed));
|
||||
- char server_name[48] __attribute__((packed));
|
||||
+ char server_name[48];
|
||||
IPXNet server_network __attribute__((packed));
|
||||
#ifdef SWIG
|
||||
u_int8_t server_node[6] __attribute__((packed));
|
||||
#else
|
||||
- IPXNode server_node __attribute__((packed));
|
||||
+ IPXNode server_node;
|
||||
#endif
|
||||
IPXPort server_port __attribute__((packed));
|
||||
u_int16_t intermediate_network __attribute__((packed));
|
||||
@@ -87,7 +87,7 @@ struct ipx_rt_def {
|
||||
struct ipx_rip_packet
|
||||
{
|
||||
u_int16_t operation __attribute__((packed));
|
||||
- struct ipx_rt_def rt[1] __attribute__((packed));
|
||||
+ struct ipx_rt_def rt[1];
|
||||
};
|
||||
|
||||
#ifdef SWIG
|
||||
diff -Naurp ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h ncpfs-2.2.6//include/ncp/kernel/ncp.h
|
||||
--- ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h 2005-01-27 12:35:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6//include/ncp/kernel/ncp.h 2011-02-10 02:38:18.822076000 -0500
|
||||
@@ -53,12 +53,12 @@
|
||||
|
||||
struct ncp_request_header {
|
||||
u_int16_t type __attribute__((packed));
|
||||
- u_int8_t sequence __attribute__((packed));
|
||||
- u_int8_t conn_low __attribute__((packed));
|
||||
- u_int8_t task __attribute__((packed));
|
||||
- u_int8_t conn_high __attribute__((packed));
|
||||
- u_int8_t function __attribute__((packed));
|
||||
- u_int8_t data[0] __attribute__((packed));
|
||||
+ u_int8_t sequence;
|
||||
+ u_int8_t conn_low;
|
||||
+ u_int8_t task;
|
||||
+ u_int8_t conn_high;
|
||||
+ u_int8_t function;
|
||||
+ u_int8_t data[0];
|
||||
};
|
||||
|
||||
#define NCP_REPLY (0x3333)
|
||||
@@ -66,13 +66,13 @@ struct ncp_request_header {
|
||||
|
||||
struct ncp_reply_header {
|
||||
u_int16_t type __attribute__((packed));
|
||||
- u_int8_t sequence __attribute__((packed));
|
||||
- u_int8_t conn_low __attribute__((packed));
|
||||
- u_int8_t task __attribute__((packed));
|
||||
- u_int8_t conn_high __attribute__((packed));
|
||||
- u_int8_t completion_code __attribute__((packed));
|
||||
- u_int8_t connection_state __attribute__((packed));
|
||||
- u_int8_t data[0] __attribute__((packed));
|
||||
+ u_int8_t sequence;
|
||||
+ u_int8_t conn_low;
|
||||
+ u_int8_t task;
|
||||
+ u_int8_t conn_high;
|
||||
+ u_int8_t completion_code;
|
||||
+ u_int8_t connection_state;
|
||||
+ u_int8_t data[0];
|
||||
};
|
||||
|
||||
#define NCP_VOLNAME_LEN (16)
|
||||
@@ -230,8 +230,8 @@ struct nw_info_struct {
|
||||
u_int32_t EAKeyCount __attribute__((packed));
|
||||
u_int32_t EAKeySize __attribute__((packed));
|
||||
u_int32_t NSCreator __attribute__((packed));
|
||||
- u_int8_t nameLen __attribute__((packed));
|
||||
- u_int8_t entryName[256] __attribute__((packed));
|
||||
+ u_int8_t nameLen;
|
||||
+ u_int8_t entryName[256];
|
||||
};
|
||||
#endif
|
||||
|
||||
@@ -282,13 +282,13 @@ struct nw_file_info {
|
||||
int opened;
|
||||
int access;
|
||||
u_int32_t server_file_handle __attribute__((packed));
|
||||
- u_int8_t open_create_action __attribute__((packed));
|
||||
- u_int8_t file_handle[6] __attribute__((packed));
|
||||
+ u_int8_t open_create_action;
|
||||
+ u_int8_t file_handle[6];
|
||||
};
|
||||
#endif
|
||||
|
||||
struct nw_search_sequence {
|
||||
- u_int8_t volNumber __attribute__((packed));
|
||||
+ u_int8_t volNumber;
|
||||
u_int32_t dirBase __attribute__((packed));
|
||||
u_int32_t sequence __attribute__((packed));
|
||||
};
|
||||
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncp.h ncpfs-2.2.6//include/ncp/ncp.h
|
||||
--- ncpfs-2.2.6.orig//include/ncp/ncp.h 2005-01-27 12:35:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6//include/ncp/ncp.h 2011-02-10 02:38:18.822076000 -0500
|
||||
@@ -95,7 +95,7 @@ struct prop_net_address {
|
||||
#ifdef SWIG
|
||||
fixedArray node[IPX_NODE_LEN];
|
||||
#else
|
||||
- u_int8_t node[IPX_NODE_LEN] __attribute__((packed));
|
||||
+ u_int8_t node[IPX_NODE_LEN];
|
||||
#endif
|
||||
u_int16_t port __attribute__((packed));
|
||||
};
|
||||
@@ -163,20 +163,20 @@ struct nw_queue_job_entry {
|
||||
u_int32_t ClientTask __attribute__((packed));
|
||||
u_int32_t ClientObjectID __attribute__((packed));
|
||||
u_int32_t TargetServerID __attribute__((packed));
|
||||
- u_int8_t TargetExecTime[6] __attribute__((packed));
|
||||
- u_int8_t JobEntryTime[6] __attribute__((packed));
|
||||
+ u_int8_t TargetExecTime[6];
|
||||
+ u_int8_t JobEntryTime[6];
|
||||
u_int32_t JobNumber __attribute__((packed));
|
||||
u_int16_t JobType __attribute__((packed));
|
||||
u_int16_t JobPosition __attribute__((packed));
|
||||
u_int16_t JobControlFlags __attribute__((packed));
|
||||
- u_int8_t FileNameLen __attribute__((packed));
|
||||
- char JobFileName[13] __attribute__((packed));
|
||||
+ u_int8_t FileNameLen;
|
||||
+ char JobFileName[13];
|
||||
u_int32_t JobFileHandle __attribute__((packed));
|
||||
u_int32_t ServerStation __attribute__((packed));
|
||||
u_int32_t ServerTaskNumber __attribute__((packed));
|
||||
u_int32_t ServerObjectID __attribute__((packed));
|
||||
- char JobTextDescription[50] __attribute__((packed));
|
||||
- char ClientRecordArea[152] __attribute__((packed));
|
||||
+ char JobTextDescription[50];
|
||||
+ char ClientRecordArea[152];
|
||||
};
|
||||
|
||||
struct queue_job {
|
||||
@@ -217,18 +217,18 @@ struct print_job_record {
|
||||
};
|
||||
#else
|
||||
struct print_job_record {
|
||||
- u_int8_t Version __attribute__((packed));
|
||||
- u_int8_t TabSize __attribute__((packed));
|
||||
+ u_int8_t Version;
|
||||
+ u_int8_t TabSize;
|
||||
u_int16_t Copies __attribute__((packed));
|
||||
u_int16_t CtrlFlags __attribute__((packed));
|
||||
u_int16_t Lines __attribute__((packed));
|
||||
u_int16_t Rows __attribute__((packed));
|
||||
- char FormName[16] __attribute__((packed));
|
||||
- u_int8_t Reserved[6] __attribute__((packed));
|
||||
- char BannerName[13] __attribute__((packed));
|
||||
- char FnameBanner[13] __attribute__((packed));
|
||||
- char FnameHeader[14] __attribute__((packed));
|
||||
- char Path[80] __attribute__((packed));
|
||||
+ char FormName[16];
|
||||
+ u_int8_t Reserved[6];
|
||||
+ char BannerName[13];
|
||||
+ char FnameBanner[13];
|
||||
+ char FnameHeader[14];
|
||||
+ char Path[80];
|
||||
};
|
||||
#endif
|
||||
|
||||
diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncplib.h ncpfs-2.2.6//include/ncp/ncplib.h
|
||||
--- ncpfs-2.2.6.orig//include/ncp/ncplib.h 2005-01-27 12:35:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6//include/ncp/ncplib.h 2011-02-10 02:38:18.822076000 -0500
|
||||
@@ -462,24 +462,24 @@ struct ncp_file_server_info
|
||||
#else
|
||||
struct ncp_file_server_info
|
||||
{
|
||||
- u_int8_t ServerName[48] __attribute__((packed));
|
||||
- u_int8_t FileServiceVersion __attribute__((packed));
|
||||
- u_int8_t FileServiceSubVersion __attribute__((packed));
|
||||
+ u_int8_t ServerName[48];
|
||||
+ u_int8_t FileServiceVersion;
|
||||
+ u_int8_t FileServiceSubVersion;
|
||||
u_int16_t MaximumServiceConnections __attribute__((packed));
|
||||
u_int16_t ConnectionsInUse __attribute__((packed));
|
||||
u_int16_t NumberMountedVolumes __attribute__((packed));
|
||||
- u_int8_t Revision __attribute__((packed));
|
||||
- u_int8_t SFTLevel __attribute__((packed));
|
||||
- u_int8_t TTSLevel __attribute__((packed));
|
||||
+ u_int8_t Revision;
|
||||
+ u_int8_t SFTLevel;
|
||||
+ u_int8_t TTSLevel;
|
||||
u_int16_t MaxConnectionsEverUsed __attribute__((packed));
|
||||
- u_int8_t AccountVersion __attribute__((packed));
|
||||
- u_int8_t VAPVersion __attribute__((packed));
|
||||
- u_int8_t QueueVersion __attribute__((packed));
|
||||
- u_int8_t PrintVersion __attribute__((packed));
|
||||
- u_int8_t VirtualConsoleVersion __attribute__((packed));
|
||||
- u_int8_t RestrictionLevel __attribute__((packed));
|
||||
- u_int8_t InternetBridge __attribute__((packed));
|
||||
- u_int8_t Reserved[60] __attribute__((packed));
|
||||
+ u_int8_t AccountVersion;
|
||||
+ u_int8_t VAPVersion;
|
||||
+ u_int8_t QueueVersion;
|
||||
+ u_int8_t PrintVersion;
|
||||
+ u_int8_t VirtualConsoleVersion;
|
||||
+ u_int8_t RestrictionLevel;
|
||||
+ u_int8_t InternetBridge;
|
||||
+ u_int8_t Reserved[60];
|
||||
};
|
||||
#endif
|
||||
|
||||
@@ -592,7 +592,7 @@ struct ncp_station_addr
|
||||
#ifdef SWIG
|
||||
fixedArray Node[6];
|
||||
#else
|
||||
- u_int8_t Node[6] __attribute__((packed));
|
||||
+ u_int8_t Node[6];
|
||||
#endif
|
||||
u_int16_t Socket __attribute__((packed));
|
||||
};
|
||||
@@ -602,32 +602,32 @@ struct ncp_prop_login_control
|
||||
#ifdef SWIG
|
||||
fixedArray AccountExpireDate[3];
|
||||
#else
|
||||
- u_int8_t AccountExpireDate[3] __attribute__((packed));
|
||||
+ u_int8_t AccountExpireDate[3];
|
||||
#endif
|
||||
- u_int8_t Disabled __attribute__((packed));
|
||||
+ u_int8_t Disabled;
|
||||
#ifdef SWIG
|
||||
fixedArray PasswordExpireDate[3];
|
||||
#else
|
||||
- u_int8_t PasswordExpireDate[3] __attribute__((packed));
|
||||
+ u_int8_t PasswordExpireDate[3];
|
||||
#endif
|
||||
- u_int8_t GraceLogins __attribute__((packed));
|
||||
+ u_int8_t GraceLogins;
|
||||
u_int16_t PasswordExpireInterval __attribute__((packed));
|
||||
- u_int8_t MaxGraceLogins __attribute__((packed));
|
||||
- u_int8_t MinPasswordLength __attribute__((packed));
|
||||
+ u_int8_t MaxGraceLogins;
|
||||
+ u_int8_t MinPasswordLength;
|
||||
u_int16_t MaxConnections __attribute__((packed));
|
||||
#ifdef SWIG
|
||||
fixedArray ConnectionTimeMask[42] __attribute__((packed));
|
||||
fixedArray LastLogin[6] __attribute__((packed));
|
||||
#else
|
||||
- u_int8_t ConnectionTimeMask[42] __attribute__((packed));
|
||||
- u_int8_t LastLogin[6] __attribute__((packed));
|
||||
+ u_int8_t ConnectionTimeMask[42];
|
||||
+ u_int8_t LastLogin[6];
|
||||
#endif
|
||||
- u_int8_t RestrictionMask __attribute__((packed));
|
||||
- u_int8_t reserved __attribute__((packed));
|
||||
+ u_int8_t RestrictionMask;
|
||||
+ u_int8_t reserved;
|
||||
u_int32_t MaxDiskUsage __attribute__((packed));
|
||||
u_int16_t BadLoginCount __attribute__((packed));
|
||||
u_int32_t BadLoginCountDown __attribute__((packed));
|
||||
- struct ncp_station_addr LastIntruder __attribute__((packed));
|
||||
+ struct ncp_station_addr LastIntruder;
|
||||
};
|
||||
|
||||
NWCCODE NWReadPropertyValue(NWCONN_HANDLE conn, const char *objName,
|
||||
diff -Naurp ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c ncpfs-2.2.6//ipx-1.0/ipx_cmd.c
|
||||
--- ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c 2005-01-27 12:35:59.000000000 -0500
|
||||
+++ ncpfs-2.2.6//ipx-1.0/ipx_cmd.c 2011-02-10 02:40:19.222076002 -0500
|
||||
@@ -63,8 +63,8 @@
|
||||
/* we are doing EthernetII... Any objections? */
|
||||
struct {
|
||||
u_int16_t unknown __attribute__((packed));
|
||||
- u_int8_t dst[6] __attribute__((packed));
|
||||
- u_int8_t src[6] __attribute__((packed));
|
||||
+ u_int8_t dst[6];
|
||||
+ u_int8_t src[6];
|
||||
u_int16_t type __attribute__((packed));
|
||||
u_int8_t ipx[16384];
|
||||
} buffer;
|
||||
diff -Naurp ncpfs-2.2.6.orig//lib/ncplib.c ncpfs-2.2.6//lib/ncplib.c
|
||||
--- ncpfs-2.2.6.orig//lib/ncplib.c 2011-02-10 02:38:05.000000000 -0500
|
||||
+++ ncpfs-2.2.6//lib/ncplib.c 2011-02-10 02:38:18.822076000 -0500
|
||||
@@ -2584,13 +2584,13 @@ ncp_request(struct ncp_conn *conn, int f
|
||||
|
||||
struct nw_time_buffer
|
||||
{
|
||||
- u_int8_t year __attribute__((packed));
|
||||
- u_int8_t month __attribute__((packed));
|
||||
- u_int8_t day __attribute__((packed));
|
||||
- u_int8_t hour __attribute__((packed));
|
||||
- u_int8_t minute __attribute__((packed));
|
||||
- u_int8_t second __attribute__((packed));
|
||||
- u_int8_t wday __attribute__((packed));
|
||||
+ u_int8_t year;
|
||||
+ u_int8_t month;
|
||||
+ u_int8_t day;
|
||||
+ u_int8_t hour;
|
||||
+ u_int8_t minute;
|
||||
+ u_int8_t second;
|
||||
+ u_int8_t wday;
|
||||
};
|
||||
|
||||
static time_t
|
6
net-fs/ncpfs/metadata.xml
Normal file
6
net-fs/ncpfs/metadata.xml
Normal file
@ -0,0 +1,6 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
|
||||
<pkgmetadata>
|
||||
<herd>net-fs</herd>
|
||||
<longdescription>Provides Access to Netware services using the NCP protocol (Kernel support must be activated!)</longdescription>
|
||||
</pkgmetadata>
|
69
net-fs/ncpfs/ncpfs-2.2.6-r2.ebuild
Normal file
69
net-fs/ncpfs/ncpfs-2.2.6-r2.ebuild
Normal file
@ -0,0 +1,69 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/ncpfs-2.2.6-r2.ebuild,v 1.4 2012/06/11 09:20:53 ago Exp $
|
||||
|
||||
EAPI="2"
|
||||
|
||||
inherit eutils pam
|
||||
|
||||
DESCRIPTION="Provides Access to Netware services using the NCP protocol"
|
||||
HOMEPAGE="ftp://platan.vc.cvut.cz/pub/linux/ncpfs/"
|
||||
SRC_URI="ftp://platan.vc.cvut.cz/pub/linux/${PN}/${P}.tar.gz"
|
||||
|
||||
LICENSE="GPL-2"
|
||||
SLOT="0"
|
||||
KEYWORDS="amd64 ppc ppc64 ~x86"
|
||||
IUSE="nls pam php"
|
||||
|
||||
DEPEND="nls? ( sys-devel/gettext )
|
||||
pam? ( virtual/pam )
|
||||
php? ( || ( dev-lang/php virtual/httpd-php ) )"
|
||||
|
||||
RDEPEND="${DEPEND}"
|
||||
|
||||
src_prepare() {
|
||||
# Add patch for PHP extension sandbox violation
|
||||
epatch "${FILESDIR}"/${PN}-2.2.5-php.patch
|
||||
epatch "${FILESDIR}"/${P}-gcc4.patch
|
||||
epatch "${FILESDIR}"/${P}-missing-includes.patch
|
||||
|
||||
# Add a patch to fix multiple vulnerabilities.
|
||||
# CVE-2010-0788, CVE-2010-0790, & CVE-2010-0791.
|
||||
# http://seclists.org/fulldisclosure/2010/Mar/122
|
||||
epatch "${FILESDIR}"/${P}-multiple-vulns.patch
|
||||
|
||||
# Add a patch that removes the __attribute__((packed)); directive
|
||||
# from several struct members in include/ncp/ncplib.h. This will
|
||||
# cut down on a large number of compile warnings generated by modern
|
||||
# gcc releases.
|
||||
epatch "${FILESDIR}"/${P}-remove-packed-attrib.patch
|
||||
|
||||
# Bug #273484
|
||||
sed -i '/ldconfig/d' lib/Makefile.in
|
||||
|
||||
# Hack to inject LDFLAGS into the build
|
||||
sed -i '/^LIBS/s:=:= @LDFLAGS@:' `find -name Makefile.in` || die
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
econf \
|
||||
$(use_enable nls) \
|
||||
$(use_enable pam pam "$(getpam_mod_dir)") \
|
||||
$(use_enable php)
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dodir $(getpam_mod_dir) /usr/sbin /sbin
|
||||
|
||||
# Install the main programs, then the headers.
|
||||
emake DESTDIR="${D}" install || die
|
||||
emake DESTDIR="${D}" install-dev || die
|
||||
ln -sf libncp.so.2.3.0 "${D}"/usr/lib/libncp.so.2.3
|
||||
|
||||
# Install a startup script in /etc/init.d and a conf file in /etc/conf.d
|
||||
newconfd "${FILESDIR}"/ipx.confd ipx
|
||||
newinitd "${FILESDIR}"/ipx.init ipx
|
||||
|
||||
# Docs
|
||||
dodoc FAQ README
|
||||
}
|
Loading…
Reference in New Issue
Block a user