cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove security/cfs. Unmaintained code, broken on 64 bits archs.

Browse Source 
softraid CRYPTO, vnconfig and security/encfs provide much saner
alternatives.

ok tedu@ steven@ ajacoutot@ sthen@
This commit is contained in:
jca 2015-08-25 11:16:27 +00:00
parent 358827077f
commit 3c535d1ca0
20 changed files with 1 additions and 1117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
security/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.378 2015/07/30 06:09:38 kirby Exp $
# $OpenBSD: Makefile,v 1.379 2015/08/25 11:16:27 jca Exp $
SUBDIR =
SUBDIR += ADMsmb
@ -19,7 +19,6 @@
SUBDIR += burpsuite
SUBDIR += ccid
SUBDIR += ccrypt
SUBDIR += cfs
SUBDIR += cgichk
SUBDIR += chntpw
SUBDIR += chrootuid

37
security/cfs/Makefile
View File

@ -1,37 +0,0 @@
# $OpenBSD: Makefile,v 1.35 2014/11/19 20:48:51 sthen Exp $
NOT_FOR_ARCHS= ${LP64_ARCHS}
COMMENT= cryptographic file system (user-space NFS server)
DISTNAME= cfs-1.4.1
REVISION = 4
CATEGORIES= security
HOMEPAGE= http://www.crypto.com/software/
# badly worded BSD-like
PERMIT_PACKAGE_CDROM= Yes
WANTLIB= c
MASTER_SITES= ${HOMEPAGE} \
ftp://utopia.hacktic.nl/pub/crypto/disk/cfs/
do-build:
@cd ${WRKSRC} && env CCTMP="${CC}" CFLAGS="${CFLAGS}" sh netbsd_make_with_bad_rpcgen cfs
NO_TEST= Yes
# ccat and cname only work on old-style cfs < 1.3
do-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/cfs
cd ${WRKSRC} && ${INSTALL_PROGRAM} cfsd ${PREFIX}/sbin
cd ${WRKSRC} && ${INSTALL_PROGRAM} cattach cdetach cmkdir \
cmkkey cpasswd ${PREFIX}/bin
cd ${WRKSRC} && ${INSTALL_MAN} cattach.1 cdetach.1 cmkdir.1 \
cmkkey.1 cpasswd.1 ${PREFIX}/man/man1
cd ${WRKSRC} && ${INSTALL_MAN} cfsd.8 ${PREFIX}/man/man8
cd ${WRKSRC} && ${INSTALL_DATA} README.install notes.ms \
${PREFIX}/share/doc/cfs
.include <bsd.port.mk>

2
security/cfs/distinfo
View File

@ -1,2 +0,0 @@
SHA256 (cfs-1.4.1.tar.gz) = 1cgj2GoscwGe7efU54U+lXLzjkK1hUKMP5LnXtYDEtg=
SIZE (cfs-1.4.1.tar.gz) = 98943

58
security/cfs/patches/patch-Makefile
View File

@ -1,58 +0,0 @@
--- Makefile.orig Thu May 3 20:29:21 2001
+++ Makefile Sat Nov 30 02:22:13 2013
@@ -74,8 +74,8 @@
#CC=cc
#COPT=-O -DNOT_ANSI_C -DPROTOTYPES=0
# for gcc, use
-CC=gcc
-COPT=-O2 -DPROTOTYPES=1
+#CC=gcc
+COPT=-DPROTOTYPES=1
#1B: paths:
#some peple like /usr/local/sbin instead of /usr/local/etc
@@ -199,6 +199,14 @@ RINCLUDES=/usr/mab/rsaref/source
#COMPAT=-lcompat
#RPCOPTS=
+##use these for OpenBSD i386 2.0 (Niels Provos)
+# for mounting, you need to use a command like:
+# mount -o port=3049,nfsv2,intr localhost:/null /crypt
+CFLAGS=$(COPT) -DBSD44 -DANYPORT
+LIBS=
+COMPAT=
+RPCOPTS=
+
##Use these for NetBSD i386 1.0 (John Kohl)
## For mounting, you need to use a command like:
## mount -o -P,-c localhost:/null /crypt
@@ -253,7 +261,7 @@ OBJS= cfs.o nfsproto_xdr.o nfsproto_svr.o admproto_xdr
EOBJS=dhparams.o truerand.o esm_gen.o esm.o esm_cipher.o
COBJS=admproto_clnt.o cfs_des.o cfs_cipher.o cattach.o getpass.o cmkdir.o \
cdetach.o ver.o cname.o ccat.o mcgsbox.o mcgsbox.o mcg.o shs.o cpasswd.o \
- cfs_bfenc.o cfs_bfsk.o truerand.o safer.o
+ cfs_bfenc.o cfs_bfsk.o safer.o
OTHERS = nfsproto.h nfsproto_svr.c nfsproto_xdr.c admproto.h admproto_svr.c \
admproto_xdr.c admproto_clnt.c ver.c
@@ -277,16 +285,16 @@ cdetach: cdetach.o admproto_clnt.o admproto_xdr.o adm.
ver.o $(LIBS) -o cdetach
cmkdir: getpass.o adm.o cfs_des.o cfs_cipher.o cmkdir.o ver.o mcg.o \
- mcgsbox.o cfs_bfenc.o cfs_bfsk.o safer.o shs.o truerand.o
+ mcgsbox.o cfs_bfenc.o cfs_bfsk.o safer.o shs.o
$(CC) cmkdir.o cfs_des.o cfs_cipher.o getpass.o adm.o ver.o mcg.o \
- cfs_bfenc.o cfs_bfsk.o mcgsbox.o safer.o shs.o truerand.o \
+ cfs_bfenc.o cfs_bfsk.o mcgsbox.o safer.o shs.o \
$(COMPAT) -o cmkdir
cpasswd: getpass.o cfs_des.o cfs_cipher.o cpasswd.o ver.o mcg.o \
- mcgsbox.o cfs_bfenc.o cfs_bfsk.o safer.o shs.o truerand.o
+ mcgsbox.o cfs_bfenc.o cfs_bfsk.o safer.o shs.o
$(CC) cpasswd.o cfs_des.o cfs_cipher.o getpass.o ver.o mcg.o \
mcgsbox.o cfs_bfenc.o cfs_bfsk.o safer.o shs.o \
- truerand.o $(COMPAT) -o cpasswd
+ $(COMPAT) -o cpasswd
cname: cname.o getpass.o cfs_des.o cfs_cipher.o cfs_adm.o cfs_fh.o \
cfs_bfenc.o cfs_bfsk.o cfs_nfs.o ver.o mcg.o mcgsbox.o safer.o shs.o

81
security/cfs/patches/patch-cattach_c
View File

@ -1,81 +0,0 @@
--- cattach.c.orig Fri Dec 19 01:32:57 1997
+++ cattach.c Sat Nov 30 21:44:12 2013
@@ -100,6 +100,7 @@ main(argc,argv)
char *dirarg=NULL;
char *namearg=NULL;
int keycheck=1;
+ int l;
ap.highsec=1;
while (--argc) if (**++argv == '-') {
@@ -164,17 +165,35 @@ main(argc,argv)
fprintf(stderr,"Can't stat current directory\n");
exit(1);
}
- sprintf(dir,"%s/%s",buf,dirarg);
- } else
- strcpy(dir,dirarg);
- sprintf(lname,"%s/..data",dir,1024);
- sprintf(kname,"%s/..k",dir,1024);
+ l = snprintf(dir, sizeof(dir), "%s/%s", buf, dirarg);
+ if (l < 0 || l >= sizeof(dir)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ } else {
+ if (strlcpy(dir, dirarg, sizeof(dir)) >= sizeof(dir)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ }
+ l = snprintf(lname, sizeof(lname), "%s/..data", dir);
+ if (l < 0 || l >= sizeof(lname)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ (void)snprintf(kname, sizeof(kname), "%s/..k", dir);
if (chdir(lname) >= 0)
strcpy(dir,lname);
else if (chdir(dir)<0) {
perror(dirarg);
exit(1);
}
+ l = snprintf(cname, sizeof(cname), "%s/..c", dir);
+ if (l < 0 || l >= sizeof(cname)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ (void)snprintf(sname, sizeof(sname), "%s/..s", dir);
#ifdef irix
/* or (I hope) more or less any system with the 4 parameter statfs */
if ((statfs(".",&sfb,sizeof sfb,0)<0) || (sfb.f_blocks==0)) {
@@ -188,7 +207,10 @@ main(argc,argv)
}
#endif
ap.dirname=dir;
- strcpy(ins,namearg);
+ if (strlcpy(ins, namearg, sizeof(ins)) >= sizeof(ins)) {
+ fprintf(stderr, "Name too long\n");
+ exit(1);
+ }
*namearg='\0'; /* weak attempt to hide .instance in ps output */
ap.name=ins;
if (keycheck) {
@@ -207,8 +229,6 @@ main(argc,argv)
if ((n>0) && (pw[n-1] == '\n'))
pw[n-1] = '\0';
}
- sprintf(cname,"%s/..c",dir);
- sprintf(sname,"%s/..s",dir);
if ((fp=fopen(cname,"r")) == NULL) {
ciph=CFS_STD_DES;
} else {
@@ -237,7 +257,7 @@ main(argc,argv)
ap.expire = timeout;
ap.key.cipher=ciph;
if (smsize != LARGESMSIZE)
- sprintf(pw,"%s%d",pw,smsize);
+ (void)snprintf(pw, 256, "%s%d", pw, smsize);
if (cfmt) {
if (new_pwcrunch(pw,&ap.key)!=0) {

14
security/cfs/patches/patch-cdetach_c
View File

@ -1,14 +0,0 @@
$OpenBSD: patch-cdetach_c,v 1.1 2004/06/15 18:32:22 sturm Exp $
--- cdetach.c.orig 2004-06-09 15:24:39.000000000 +0200
+++ cdetach.c 2004-06-09 15:25:49.000000000 +0200
@@ -40,8 +40,8 @@ main(argc,argv)
ap.name=argv[1];
ap.uid=getuid();
if ((status = callrpc("localhost",ADM_PROGRAM,ADM_VERSION,
- ADMPROC_DETACH,xdr_cfs_detachargs,&ap,
- xdr_cfsstat,&ret)) !=0) {
+ ADMPROC_DETACH,xdr_cfs_detachargs,(char *)&ap,
+ xdr_cfsstat,(char *)&ret)) !=0) {
clnt_perrno(status);
exit(1);
}

77
security/cfs/patches/patch-cfs_adm_c
View File

@ -1,77 +0,0 @@
--- cfs_adm.c.orig Mon Dec 25 10:41:30 1995
+++ cfs_adm.c Sat Nov 30 21:44:12 2013
@@ -49,6 +49,7 @@ admproc_attach_2(ap,rp)
int i;
cfskey tk;
instance *ins;
+ int l;
#ifdef DEBUG
printf("attach: %s %s %d\n",ap->dirname, ap->name, ap->anon);
@@ -86,12 +87,17 @@ admproc_attach_2(ap,rp)
ret=CFSERR_IFULL;
return &ret;
}
- topinstance=i;
- instances[i]=ins;
ins->id=i;
for (i=0; i<HSIZE; i++)
ins->file[i]=NULL;
ins->key.smsize = ap->smsize;
+ l = snprintf(ins->path, sizeof(ins->path), "%s/.", ap->dirname);
+ if (l < 0 || l >= sizeof(ins->path)) {
+ free(ins);
+ ret = CFSERR_IFULL;
+ return &ret;
+ }
+ (void)strlcpy(ins->name, ap->name, sizeof(ins->name));
if ((ins->key.primask=(char*) malloc(ins->key.smsize)) == NULL) {
free(ins);
ret = CFSERR_IFULL;
@@ -104,8 +110,6 @@ admproc_attach_2(ap,rp)
return &ret;
}
ins->anon=ap->anon;
- sprintf(ins->path,"%s/.",ap->dirname);
- strcpy(ins->name,ap->name);
copykey(&ap->key,&ins->key);
genmasks(&ins->key);
ins->uid=ap->uid;
@@ -121,6 +125,8 @@ admproc_attach_2(ap,rp)
bzero((char *)ins->check,8);
bcopy((char *)&roottime,(char *)ins->check,sizeof(roottime));
cipher(&ins->key,ins->check,0);
+ topinstance=ins->id;
+ instances[ins->id]=ins;
ret=CFS_OK;
return &ret;
}
@@ -144,10 +150,10 @@ genmasks(k)
FILE *fp;
for (i=0; i < k->smsize; i+=CFSBLOCK) {
- sprintf(start,"0%07x",i/CFSBLOCK);
+ (void)snprintf(start,sizeof(start),"0%07x",i/CFSBLOCK);
bcopy(start,&k->primask[i],CFSBLOCK);
mask_cipher(k,&k->primask[i],0);
- sprintf(start,"1%07x",i/CFSBLOCK);
+ (void)snprintf(start,sizeof(start),"1%07x",i/CFSBLOCK);
bcopy(start,&k->secmask[i],CFSBLOCK);
mask_cipher(k,&k->secmask[i],0);
}
@@ -215,10 +221,13 @@ verify(path,k)
cfs_admkey *k;
{
FILE *fp;
- char fn[1024];
+ char fn[NFS_MAXPATHLEN];
char buf[9];
+ int l;
- sprintf(fn,"%s/...",path);
+ l = snprintf(fn, sizeof(fn), "%s/...", path);
+ if (l < 0 || l >= sizeof(fn))
+ return CFSERR_BADNAME;
if ((fp=fopen(fn,"r"))==NULL)
return CFSERR_NODIR;
if (fread(buf,8,1,fp)!=1) {

47
security/cfs/patches/patch-cfs_c
View File

@ -1,47 +0,0 @@
$OpenBSD: patch-cfs_c,v 1.2 2004/06/15 18:32:22 sturm Exp $
--- cfs.c.orig 2004-06-09 15:02:19.000000000 +0200
+++ cfs.c 2004-06-09 15:07:44.000000000 +0200
@@ -43,7 +43,7 @@
struct in_addr validhost;
-#if defined(SOLARIS2X) || defined(__NetBSD__)
+#if defined(SOLARIS2X) || defined(__OpenBSD__) || defined(__NetBSD__)
void nfs_program_2();
void adm_program_2();
#include <string.h>
@@ -51,8 +51,9 @@ void adm_program_2();
int nfs_program_2();
int adm_program_2();
#endif
-#ifdef __NetBSD__
+#if defined(__OpenBSD__) || defined(__NetBSD__)
int _rpcsvcdirty;
+int _rpcpmstart;
#endif
#ifdef DEBUG
@@ -208,7 +209,7 @@ main(argc,argv)
perror("cfsd: fork\n");
exit(1);
}
- fprintf(stderr,"cfs ready\n",pid);
+ fprintf(stderr,"cfs ready\n");
printf("%d\n",pid);
exit(0);
}
@@ -240,12 +241,12 @@ initstuff()
setuid(0);
umask(0);
-#if defined(__NetBSD__) || defined(__bsdi__)
+#if defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__)
#ifndef DEBUG
/* detach from terminal */
daemon(0,0);
#endif /* DEBUG */
-#endif /* __NetBSD__ */
+#endif /* __*BSD__ */
#ifndef NORLIMITS
/* try to make sure we don't spill a corefile */

15
security/cfs/patches/patch-cfs_des_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-cfs_des_c,v 1.2 2004/06/15 18:32:22 sturm Exp $
--- cfs_des.c.orig 2004-06-10 11:06:08.000000000 +0200
+++ cfs_des.c 2004-06-10 11:06:45.000000000 +0200
@@ -140,7 +140,10 @@ int decrypting;
register key_offset;
int j,k;
static int lk= -1;
- static char lastkey[4][8]={"xxxxxxx","xxxxxxx","xxxxxxx","xxxxxxx"};
+ static char lastkey[4][8]={
+ {'x','x','x','x','x','x','x'}, {'x','x','x','x','x','x','x'},
+ {'x','x','x','x','x','x','x'}, {'x','x','x','x','x','x','x'}
+ };
static char expanded_key[4][128];
/* now caches 4 session keys. drops least recently added */

428
security/cfs/patches/patch-cfs_fh_c
View File

@ -1,428 +0,0 @@
--- cfs_fh.c.orig Thu May 3 12:24:59 2001
+++ cfs_fh.c Wed Nov 19 13:42:46 2014
@@ -33,6 +33,7 @@
#include <rpc/rpc.h>
#include <fcntl.h>
#include <stdio.h>
+#include <unistd.h>
#ifdef hpux
#define NO_UTIMES
#include <time.h>
@@ -177,6 +178,13 @@ writeblock(blk,fd,offset,len,key,vect)
perror("write");
return -1;
}
+ /* due to the way the file is padded we may actually have to
+ truncate it here. This happens when the write is at the end of
+ the file, is shorter than CFSBLOCK and brings the file to a length
+ which is evenly dividable by CFSBLOCK */
+ if (offset+len > dtov(sb.st_size) && vtod(offset+len) < sb.st_size) {
+ ftruncate(fd, vtod(offset+len));
+ }
/* iolen may contain CFSBLOCK extra chars */
return(dtov(iolen)-fronterr);
}
@@ -195,30 +203,39 @@ encryptname(key,s)
char *s;
{
static char cryptname[NFS_MAXNAMLEN+1];
+ static const u_char hexdigit[16] = {
+ '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
+ };
u_char cryptstring[MAXCLEARNAME+CFSBLOCK+1];
- u_char x[3];
u_long l;
- int i;
+ int i, j;
if ((s==NULL) || ((l=strlen(s)+1)>MAXCLEARNAME))
return NULL;
if (!strcmp(s,".") || !strcmp(s,".."))
return s;
l=(l+(CFSBLOCK-1)) & (~(CFSBLOCK-1));
+ if (l >= (sizeof(cryptname) >> 1))
+ return NULL;
bzero((char *)cryptstring,l);
strcpy(cryptstring,s);
chksum(cryptstring,l);
doencrypt(key,cryptstring,l,10241,zerovect);
- cryptname[0]='\0';
+ j = 0;
for (i=0; i<l; i++) {
- sprintf((char *)x,"%02x",cryptstring[i]);
- strcat(cryptname,x);
+ u_char b = cryptstring[i];
+ cryptname[j++] = hexdigit[(b >> 4) & 15];
+ cryptname[j++] = hexdigit[b & 15];
}
+ cryptname[j] = '\0';
return cryptname;
}
/*
- * set high order bits
+ * Carefully frob the high order bits of s in a way that is both easily
+ * reversible (see unchksum) and backwards-compatible (at least for 7-bit
+ * characters).
*/
chksum(s,l)
char *s;
@@ -229,17 +246,47 @@ chksum(s,l)
u_char bits[8];
acc=0;
- for (i=0; s[i]!='\0'; i++)
- acc += s[i]*((i%6)+1);
+ /* Everything we do here must be reproducible without knowledge of
+ bit 7 because unchksum won't have that information. Therefore,
+ only accumulate the lower 7 bits of each char and stop at the
+ first occurrence of either 0x00 or 0x80. Note that, for inputs
+ with bit 7 constantly zero, this is equivalent to looking at the
+ whole string. */
+ for (i=0; (s[i]&0x7f) != '\0'; i++)
+ acc += (s[i]&0x7f)*((i%6)+1);
+ for (; s[i]!='\0'; i++) /* advance i if we stopped at a 0x80 */
+ ;
for (i++; i<l; i++) /* fill up the end */
s[i] = s[i%8];
for (i=0; i<8; i++)
bits[i] = (acc<<(i%8))&0x80;
for (i=0; i<l; i++)
- s[i] |= bits[i%8];
+ s[i] ^= bits[i%8];
}
+void
+unchksum(s,l)
+ char *s;
+ long l;
+{
+ u_long acc;
+ int i;
+ u_char bits[8];
+ acc=0;
+ for (i=0; (s[i]&0x7f) != '\0'; i++)
+ acc += (s[i]&0x7f)*((i%6)+1);
+ for (i=0; i<8; i++)
+ bits[i] = (acc<<(i%8))&0x80;
+ for (i=0; i<l; i++) {
+ s[i] ^= bits[i%8];
+ /* not sure whether this actually buys any performance */
+ if(s[i]=='\0')
+ break; /* found end of filename, can stop here */
+ }
+}
+
+
/*
* decrypt path component
* leaving "." and ".."
@@ -279,9 +326,7 @@ decryptname(key,s)
if (l%CFSBLOCK)
return NULL;
dodecrypt(key,clearstring,l,10241,zerovect);
- for (i=0; (clearstring[i]&0x7f) !='\0'; i++)
- clearstring[i] &= 0x7f;
- clearstring[i]='\0';
+ unchksum(clearstring,l);
return clearstring;
}
@@ -359,11 +404,11 @@ isbndry(d)
static fh_u roothandle;
-cfs_fileid rootnode={1,0,"\0\0\0\0\0\0\0\0","/NOWHERE/null",NULL,NULL,0,NULL,NULL};/* fileid=1; should be unique */
+cfs_fileid rootnode={1,0,{0,0,0,0,0,0,0,0},{'/','N','O','W','H','E','R','E','/','n','u','l','l'},NULL,NULL,0,NULL,NULL};/* fileid=1; should be unique */
nfstime roottime={0,0};
/* Had to change this - someone else was using the same magic number! */
-/* PLEASE change this value if you're going to re-use this code for
+/* PLEASE change this value if you're going to re-use this code for */
/* something else! Otherwise your FS and CFS can't both run... */
/* static u_char magictest[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; */
static u_char magictest[8]="M.Blaze";
@@ -514,10 +559,44 @@ fhuid(f,u)
cfsno(err)
int err;
{
-/* if (err==ENOENT)
+ switch (err) {
+ case 0:
+ return NFS_OK;
+ case EPERM:
+ return NFSERR_PERM;
+ case ENOENT:
+ return NFSERR_NOENT;
+ case EIO:
+ return NFSERR_IO;
+ case ENXIO:
+ return NFSERR_NXIO;
+ case EACCES:
+ return NFSERR_ACCES;
+ case EEXIST:
+ return NFSERR_EXIST;
+ case ENODEV:
+ return NFSERR_NODEV;
+ case ENOTDIR:
+ return NFSERR_NOTDIR;
+ case EISDIR:
+ return NFSERR_ISDIR;
+ case EFBIG:
+ return NFSERR_FBIG;
+ case ENOSPC:
+ return NFSERR_NOSPC;
+ case EROFS:
+ return NFSERR_ROFS;
+ case ENAMETOOLONG:
+ return NFSERR_NAMETOOLONG;
+ case ENOTEMPTY:
+ return NFSERR_NOTEMPTY;
+ case EDQUOT:
+ return NFSERR_DQUOT;
+ case ESTALE:
return NFSERR_STALE;
- else */
+ default:
return err;
+ }
}
@@ -732,12 +811,17 @@ fhmkdirent(p,comp,h)
{
char path[NFS_MAXPATHLEN+1];
struct stat sb;
+ int l;
if (p==NULL) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(path,"%s/%s",p->name,comp);
+ l = snprintf(path, sizeof(path), "%s/%s", p->name, comp);
+ if (l < 0 || l >= sizeof(path)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if (mkdir(path,0)<0)
return -1;
if (stat(path,&sb)<0)
@@ -766,12 +850,22 @@ fhmkfileent(p,comp,h)
u_long i[2];
} buf;
char linkname[NFS_MAXPATHLEN+1];
+ int l;
if (p==NULL) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(path,"%s/%s",p->name,comp);
+ l = snprintf(path, sizeof(path), "%s/%s", p->name, comp);
+ if (l < 0 || l >= sizeof(path)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(linkname, sizeof(linkname), "%s/.pvect_%s", p->name, comp);
+ if (l < 0 || l >= sizeof(linkname)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if ((fd=open(path,O_CREAT|O_WRONLY|O_EXCL,0))<0) {
if (errno==EEXIST) {
@@ -785,7 +879,6 @@ fhmkfileent(p,comp,h)
if (fstat(fd,&sb)<0)
return -1;
close(fd);
- sprintf(linkname,"%s/.pvect_%s",p->name,comp);
if (!rs) {
if (p->ins->highsec) { /* create new pert file iff highsec */
/* note that there's a race condition here until the simlink */
@@ -800,8 +893,8 @@ fhmkfileent(p,comp,h)
/* hash. but this doesn't really matter since collisions */
/* are rare. we could save all 64 bits, but the encoding */
/* of the link would get messy and large */
- sprintf(vect,"%02x%02x%02x%02x",
- buf.ch[0],buf.ch[1],buf.ch[2],buf.ch[3]);
+ (void)snprintf(vect, sizeof(vect), "%02x%02x%02x%02x",
+ buf.ch[0], buf.ch[1], buf.ch[2], buf.ch[3]);
if (symlink(vect,linkname) != 0) {
strcpy(linkname,"/NOWHERE/null");
bcopy((char *)zerovect,(char *)vect,8);
@@ -839,6 +932,7 @@ fhlook(p,comp,h)
char linkname[NFS_MAXPATHLEN+1];
char vect[NFS_MAXPATHLEN+1];
struct stat sb;
+ int l;
if (p==NULL) {
cfserrno=NFSERR_STALE;
@@ -852,12 +946,20 @@ fhlook(p,comp,h)
}
if ((p->parent==0) && (!strcmp(comp,"..")))
return fhrootlook(p->ins->name,h);
- sprintf(path,"%s/%s",p->name,comp);
+ l = snprintf(path, sizeof(path), "%s/%s", p->name, comp);
+ if (l < 0 || l >= sizeof(path)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if (lstat(path,&sb)<0) {
return -1; /* just need the inode */
}
/* check for a linkfile */
- sprintf(linkname,"%s/.pvect_%s",p->name,comp);
+ l = snprintf(linkname, sizeof(linkname), "%s/.pvect_%s", p->name, comp);
+ if (l < 0 || l >= sizeof(linkname)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if (readlink(linkname,vect,9) != 8) {
bcopy((char *)zerovect,(char *)vect,8);
strcpy(linkname,"/NOWHERE/null");
@@ -980,13 +1082,22 @@ fhdelete(f,s)
char path[NFS_MAXPATHLEN+1];
char linkname[NFS_MAXPATHLEN+1];
int ret;
+ int l;
if (f==NULL) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(linkname,"%s/.pvect_%s",f->name,s);
- sprintf(path,"%s/%s",f->name,s);
+ l = snprintf(path, sizeof(path), "%s/%s", f->name, s);
+ if (l < 0 || l >= sizeof(path)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(linkname, sizeof(linkname), "%s/.pvect_%s", f->name, s);
+ if (l < 0 || l >= sizeof(linkname)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
/* note that we don't bother to check and see if there's a
handle allocated for this - just wait for the inode to be
reclaimed */
@@ -1001,13 +1112,21 @@ fhdeletedir(f,s)
char *s;
{
char path[NFS_MAXPATHLEN+1];
+ int l;
+ int err;
if (f==NULL) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(path,"%s/%s",f->name,s);
- return (rmdir(path));
+ l = snprintf(path, sizeof(path), "%s/%s", f->name, s);
+ if (l < 0 || l >= sizeof(path)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ if ((err = rmdir(path)) < 0)
+ cfserrno = cfsno(errno);
+ return err;
}
DIR *
@@ -1055,15 +1174,24 @@ fhdohardlink(f,t,n)
char linkname[NFS_MAXPATHLEN+1];
char vectval[9];
int ret;
+ int l;
if ((f==NULL)||(t==NULL)) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(buf,"%s/%s",t->name,n);
+ l = snprintf(buf, sizeof(buf), "%s/%s", t->name, n);
+ if (l < 0 || l >= sizeof(buf)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(linkname, sizeof(linkname), "%s/.pvect_%s", t->name, n);
+ if (l < 0 || l >= sizeof(buf)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if ((ret=link(f->name,buf))!=0)
return ret;
- sprintf(linkname,"%s/.pvect_%s",t->name,n);
unlink(linkname);
if (readlink(f->vectname,vectval,9) == 8) {
vectval[8]='\0';
@@ -1079,12 +1207,17 @@ fhdosymlink(f,n,t)
char *t;
{
char buf[NFS_MAXPATHLEN+1];
+ int l;
if (f==NULL) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(buf,"%s/%s",f->name,n);
+ l = snprintf(buf, sizeof(buf), "%s/%s", f->name, n);
+ if (l < 0 || l >= sizeof(buf)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
return (symlink(t,buf));
}
@@ -1100,15 +1233,32 @@ fhrename(f,fn,t,tn)
char fblink[NFS_MAXPATHLEN+1];
char tblink[NFS_MAXPATHLEN+1];
char vectval[9];
+ int l;
if ((f==NULL)||(t==NULL)) {
cfserrno=NFSERR_STALE;
return -2;
}
- sprintf(fb,"%s/%s",f->name,fn);
- sprintf(tb,"%s/%s",t->name,tn);
- sprintf(fblink,"%s/.pvect_%s",f->name,fn);
- sprintf(tblink,"%s/.pvect_%s",t->name,tn);
+ l = snprintf(fb, sizeof(fb), "%s/%s", f->name, fn);
+ if (l < 0 || l >= sizeof(fb)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(tb, sizeof(tb), "%s/%s", t->name, tn);
+ if (l < 0 || l >= sizeof(tb)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(fblink, sizeof(fblink), "%s/.pvect_%s", f->name, fn);
+ if (l < 0 || l >= sizeof(fblink)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
+ l = snprintf(tblink, sizeof(tblink), "%s/.pvect_%s", t->name, tn);
+ if (l < 0 || l >= sizeof(tblink)) {
+ cfserrno = NFSERR_NAMETOOLONG;
+ return -2;
+ }
if (rename(fb,tb)==0) { /* now we have to do a lookup */
unlink(tblink); /* may be a quick race cndtn here */
if (readlink(fblink,vectval,9)==8) {
@@ -1160,7 +1310,8 @@ rootrd(cookie)
} else while (cookie<(NINSTANCES+2)) {
if (instances[cookie-2] != NULL) {
if (instances[cookie-2]->anon)
- sprintf(d.d_name,".ANON_%d",cookie-2);
+ (void)snprintf(d.d_name, sizeof(d.d_name),
+ ".ANON_%ld", cookie-2);
else
strcpy(d.d_name,
instances[cookie-2]->name);

11
security/cfs/patches/patch-cfs_nfs_c
View File

@ -1,11 +0,0 @@
--- cfs_nfs.c.orig Mon Dec 25 07:24:31 1995
+++ cfs_nfs.c Sat Nov 30 21:44:13 2013
@@ -51,7 +51,7 @@ pfh(fh)
ret[0]='\0';
for (i=0; i<NFS_FHSIZE; i++) {
- sprintf((char *)x,"%02x",fh[i]);
+ (void)snprintf((char *)x,3,"%02x",fh[i]);
strcat(ret,x);
}
return ret;

30
security/cfs/patches/patch-cfsd_8
View File

@ -1,30 +0,0 @@
$OpenBSD: patch-cfsd_8,v 1.3 2013/11/30 20:47:49 jca Exp $
--- cfsd.8.orig Thu Oct 26 20:17:43 1995
+++ cfsd.8 Sat Nov 30 21:44:13 2013
@@ -13,8 +13,8 @@ The main function of \fBcfsd\fP is to manage the keys
attached encrypted directories, presenting them in clear form under
the CFS mount point (typically "/crypt").
.LP
-\fBcfsd\fP should ordinarily be invoked at boot time from /etc/rc
-(or /etc/rc.local). The rc file should also start
+\fBcfsd\fP should ordinarily be invoked at boot time from
+/etc/rc.local. The rc file should also start
\fBmountd\fP(8) daemon with least one file system exported to
localhost; note that cfsd itself does not handle the mount protocol.
Once a mountd is running, the mount(8) command should be invoked to
@@ -22,11 +22,11 @@ mount the exported file system from the localhost inte
port=3049.
.SH EXAMPLES
.TP
-/usr/local/etc/cfsd
-invokes cfs (in /etc/rc)
+/usr/local/sbin/cfsd
+invokes cfs (in /etc/rc.local)
.TP
-/etc/mount -o port=3049,intr localhost:/ /crypt
-mounts cfs on /crypt (in /etc/rc)
+/sbin/mount -o port=3049,nfsv2,intr localhost:/null /crypt
+mounts cfs on /crypt (in /etc/rc.local)
.SH FILES
.TP
/crypt

126
security/cfs/patches/patch-cmkdir_c
View File

@ -1,126 +0,0 @@
--- cmkdir.c.orig Sun Dec 14 22:54:50 1997
+++ cmkdir.c Sat Nov 30 21:44:13 2013
@@ -18,9 +18,14 @@
/*
* client cfs mkdir - 1.4.0
*/
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
#include <stdio.h>
#include <rpc/rpc.h>
#include <sys/time.h>
+#include <assert.h>
#include "nfsproto.h"
#include "admproto.h"
#include "cfs.h"
@@ -48,8 +53,9 @@ main(argc,argv)
int smsize=LARGESMSIZE;
unsigned char ekey[128];
unsigned char ek1[128];
- unsigned int l;
int keycheck=1;
+ int l;
+ int rfd; /* File descriptor for /dev/srandom.*/
while (--argc && (**++argv == '-')) {
for (flg= ++*argv; *flg; ++flg)
@@ -102,7 +108,7 @@ main(argc,argv)
fprintf(stderr,"Can't get key\n");
exit(1);
}
- strcpy(pword,pw);
+ (void)strlcpy(pword, pw, sizeof(pword));
if (strlen(pw)<16) {
fprintf(stderr,"Key must be at least 16 chars.\n");
exit(1);
@@ -116,6 +122,7 @@ main(argc,argv)
"Keys don't match; drink some coffee and try again\n");
exit(1);
}
+ pw = pword;
}
else { /* just accept key from stdio */
if (fgets(pword,256,stdin) == NULL) {
@@ -129,8 +136,13 @@ main(argc,argv)
pw[n-1] = '\0';
}
if (smsize != LARGESMSIZE)
- sprintf(pw,"%s%d",pword,smsize);
+ (void)snprintf(pw, 256, "%s%d", pw, smsize);
k.cipher=ciph;
+ rfd = open("/dev/srandom", O_RDONLY);
+ if (rfd < 0) {
+ perror ("/dev/srandom");
+ exit (1);
+ }
if (cfmt==0) {
if (old_pwcrunch(pw,&k)!=0) {
fprintf(stderr,"Invalid key\n");
@@ -145,7 +157,13 @@ main(argc,argv)
/* now we xor in some truerand bytes for good measure */
bcopy(&k,ekey,32); /* assumes key material < 32 bytes */
for (i=0; i<32; i++) {
- ekey[i] ^= randbyte();
+ char b; /* Random byte */
+ if (1 != read (rfd, &b, 1))
+ {
+ perror ("/dev/srandom read 1");
+ exit (1);
+ }
+ ekey[i] ^= b;
}
encrypt_key(&k,ekey);
bcopy(ekey,ek1,32);
@@ -156,10 +174,22 @@ main(argc,argv)
perror("cmkdir");
exit(1);
}
- sprintf(path,"%s/...",argv[0]);
+ l = snprintf(path, sizeof(path), "%s/...", argv[0]);
+ if (l < 0 || l >= sizeof(path)) {
+ fprintf(stderr, "File name too long: %s/...\n", argv[0]);
+ exit(1);
+ }
strcpy(str,"qua!");
/* now randomize the end of str.. */
- r = trand32();
+ assert(1 == read(rfd, ((char*)&r), 1));
+ for (i=0; i<sizeof(r); i++) {
+ if (1 != read (rfd, ((char*)&r)+i, 1))
+ {
+ perror ("/dev/srandom read 1");
+ exit (1);
+ }
+ }
+ (void) close (rfd);
for (i=0; i<4; i++)
str[i+4]=(r<<(i*8))&0377;
copykey(&k,&kt);
@@ -172,14 +202,14 @@ main(argc,argv)
}
fwrite(str,8,1,fp);
fclose(fp);
- sprintf(path,"%s/..c",argv[0]);
+ (void)snprintf(path, sizeof(path), "%s/..c", argv[0]);
if ((fp=fopen(path,"w")) == NULL) {
perror("cmkdir");
exit(1);
}
fprintf(fp,"%d",k.cipher);
fclose(fp);
- sprintf(path,"%s/..s",argv[0]);
+ (void)snprintf(path, sizeof(path), "%s/..s", argv[0]);
if ((fp=fopen(path,"w")) == NULL) {
perror("cmkdir");
exit(1);
@@ -187,7 +217,7 @@ main(argc,argv)
fprintf(fp,"%d\n",smsize);
fclose(fp);
if (cfmt) {
- sprintf(path,"%s/..k",argv[0]);
+ (void)snprintf(path, sizeof(path), "%s/..k", argv[0]);
if ((fp=fopen(path,"w")) == NULL) {
perror("cmkdir");
exit(1);

92
security/cfs/patches/patch-cpasswd_c
View File

@ -1,92 +0,0 @@
--- cpasswd.c.orig Sat Dec 13 23:50:36 1997
+++ cpasswd.c Sat Nov 30 21:44:13 2013
@@ -50,7 +50,8 @@ main(argc,argv)
int ciph=CFS_STD_DES;
int cfmt=1;
unsigned char ekey[128];
-
+ int l;
+
while (--argc && (**++argv == '-')) {
for (flg= ++*argv; *flg; ++flg)
switch (*flg) {
@@ -68,13 +69,25 @@ main(argc,argv)
fprintf(stderr,"Can't stat current directory\n");
exit(1);
}
- sprintf(dir,"%s/%s",buf,argv[0]);
- } else
- strcpy(dir,argv[0]);
- sprintf(kname,"%s/..k",dir);
- sprintf(nname,"%s/..n",dir);
- sprintf(oname,"%s/..o",dir);
- sprintf(lname,"%s/..data",dir);
+ l = snprintf(dir, sizeof(dir), "%s/%s", buf, argv[0]);
+ if (l < 0 || l >= sizeof(dir)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ } else {
+ if (strlcpy(dir, argv[0], sizeof(dir)) >= sizeof(dir)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ }
+ l = snprintf(lname, sizeof(lname), "%s/..data", dir);
+ if (l < 0 || l >= sizeof(lname)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ (void)snprintf(kname, sizeof(kname), "%s/..k", dir);
+ (void)snprintf(nname, sizeof(nname), "%s/..n", dir);
+ (void)snprintf(oname, sizeof(oname), "%s/..o", dir);
if (chdir(lname) >= 0)
strcpy(dir,lname);
else if (chdir(dir)<0) {
@@ -82,8 +95,12 @@ main(argc,argv)
exit(1);
}
- sprintf(cname,"%s/..c",dir);
- sprintf(sname,"%s/..s",dir);
+ l = snprintf(cname, sizeof(cname), "%s/..c", dir);
+ if (l < 0 || l >= sizeof(cname)) {
+ fprintf(stderr, "File name too long\n");
+ exit(1);
+ }
+ (void)snprintf(sname, sizeof(sname), "%s/..s", dir);
if ((fp=fopen(cname,"r")) == NULL) {
fprintf(stderr,"Can only change passphrase on new format CFS directories\n");
exit(1);
@@ -113,7 +130,7 @@ main(argc,argv)
exit(1);
}
if (smsize != LARGESMSIZE)
- sprintf(pw,"%s%d",pw,smsize);
+ (void)snprintf(pw, 256, "%s%d", pw, smsize);
if (new_pwcrunch(pw,&oldkey)!=0) {
fprintf(stderr,"Invalid key\n");
exit(1);
@@ -144,7 +161,7 @@ main(argc,argv)
exit(1);
}
if (smsize != LARGESMSIZE)
- sprintf(pw,"%s%d",pw,smsize);
+ (void)snprintf(pw, 256, "%s%d", pw, smsize);
if (new_pwcrunch(pw,&newkey)!=0) {
fprintf(stderr,"Invalid key\n");
exit(1);
@@ -182,9 +199,12 @@ checkkey(path,ak)
char fn[1024];
char buf[9];
cfskey k;
+ int l;
copykey(ak,&k);
- sprintf(fn,"%s/...",path);
+ l = snprintf(fn, sizeof(fn), "%s/...", path);
+ if (l < 0 || l >= sizeof(fn))
+ return 0;
if ((fp=fopen(fn,"r"))==NULL)
return 0;
if (fread(buf,8,1,fp)!=1) {

29
security/cfs/patches/patch-getpass_c
View File

@ -1,29 +0,0 @@
--- getpass.c.orig Wed Dec 3 22:51:34 1997
+++ getpass.c Sat Nov 30 20:37:29 2013
@@ -35,7 +35,7 @@
#include <stdio.h>
#include <signal.h>
-#ifndef linux
+#if !defined(linux) && !defined(__OpenBSD__)
#include <sgtty.h>
#endif
#include <sys/types.h>
@@ -45,7 +45,7 @@
#include "cfs.h"
#include "shs.h"
-#if defined(irix) || defined(linux)
+#if defined(irix) || defined(linux) || defined(__OpenBSD__)
/* hacks to use POSIX style termios instead of old BSD style sgttyb */
#include <termios.h>
#define sgttyb termios
@@ -64,7 +64,7 @@ char *prompt;
register char *p;
register c;
FILE *fi;
- static char pbuf[128];
+ static char pbuf[256];
#ifdef MACH
int (*signal())();
int (*sig)();

12
security/cfs/patches/patch-netbsd_make_with_bad_rpcgen
View File

@ -1,12 +0,0 @@
$OpenBSD: patch-netbsd_make_with_bad_rpcgen,v 1.1 2004/06/15 18:32:22 sturm Exp $
--- netbsd_make_with_bad_rpcgen.orig 2004-06-09 19:47:08.000000000 +0200
+++ netbsd_make_with_bad_rpcgen 2004-06-09 19:47:36.000000000 +0200
@@ -1,7 +1,7 @@
#!/bin/sh
# this will make CFS for NetBSD (and other) systems with the
# wrong version of rpcgen
-make CC="cc -traditional \
+make CC="${CCTMP} ${CFLAGS} -U__STDC__ \
-Dnfsproc_null_2_svc=nfsproc_null_2 \
-Dnfsproc_getattr_2_svc=nfsproc_getattr_2 \
-Dnfsproc_setattr_2_svc=nfsproc_setattr_2 \

14
security/cfs/pkg/DESCR
View File

@ -1,14 +0,0 @@
This is CFS, Matt Blaze's Cryptographic File System. It provides
transparent encryption and decryption of selected directory trees.
It is implemented as a user-level NFS server and thus does not
require any kernel modifications.
For an overview of how to use it, read "${PREFIX}/share/doc/cfs/notes.ms"
and the manual pages. There is a paper describing CFS at:
http://www.crypto.com/papers/cfs.pdf
Under FreeBSD, the mount command for the CFS tree must include
"-o port=3049,nfsv2".
John Polstra <jdp@polstra.com>

19
security/cfs/pkg/MESSAGE
View File

@ -1,19 +0,0 @@
To start CFS automatically at boot time, add these lines to /etc/rc.local:
if [ -x ${PREFIX}/sbin/cfsd ]; then
if pgrep mountd > /dev/null; then
echo -n ' cfsd'; ${PREFIX}/sbin/cfsd >/dev/null 2>&1
mount -o port=3049,nfsv2,intr,sync localhost:/null /crypt
else
echo -n ' cfsd (failed, no mountd running)'
fi
fi
Then do these steps as root:
0) add this line to /etc/exports
/null localhost
1) set "nfs_server=YES" and "portmap=YES" in /etc/rc.conf.local
2) reboot or start all necessary daemons by hand and mount /crypt

22
security/cfs/pkg/PLIST
View File

@ -1,22 +0,0 @@
@comment $OpenBSD: PLIST,v 1.7 2004/12/03 16:08:48 alek Exp $
bin/cattach
bin/cdetach
bin/cmkdir
bin/cmkkey
bin/cpasswd
@man man/man1/cattach.1
@man man/man1/cdetach.1
@man man/man1/cmkdir.1
@man man/man1/cmkkey.1
@man man/man1/cpasswd.1
@man man/man8/cfsd.8
sbin/cfsd
share/doc/cfs/
share/doc/cfs/README.install
share/doc/cfs/notes.ms
@sample /crypt/
@mode 0
@sample /null/
@extraunexec umount /crypt > /dev/null 2>&1 || true
@extraunexec rm -r /crypt
@extraunexec rm -r /null

1
security/cfs/pkg/UNMESSAGE
View File

@ -1 +0,0 @@
Do not forget to revert changes made to /etc/exports and /etc/rc.conf.local.