cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY:

Browse Source 
fix gid confusion when starting ntpd with -u groupname
CAN-2005-2496
This commit is contained in:
sturm 2006-01-24 19:58:58 +00:00
parent a28bbba028
commit 3fcc829ef4
5 changed files with 33 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/ntp/Makefile
View File

@ -1,11 +1,11 @@
# $OpenBSD: Makefile,v 1.31 2005/03/08 04:16:42 danh Exp $ # $OpenBSD: Makefile,v 1.32 2006/01/24 19:58:58 sturm Exp $
COMMENT= "network time protocol implementation" COMMENT= "network time protocol implementation"
COMMENT-doc= "network time protocol documentation" COMMENT-doc= "network time protocol documentation"
NTP_VERSION= 4.2.0a NTP_VERSION= 4.2.0a
DISTNAME= ntp-stable-${NTP_VERSION}-20050303 DISTNAME= ntp-stable-${NTP_VERSION}-20050303
PKGNAME= ntp-${NTP_VERSION}p1 PKGNAME= ntp-${NTP_VERSION}p2
PKGNAME-doc= ntp-doc-${NTP_VERSION}p1 PKGNAME-doc= ntp-doc-${NTP_VERSION}p1
CATEGORIES= net CATEGORIES= net
MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/snapshots/ntp-stable/2005/03/ \ MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/snapshots/ntp-stable/2005/03/ \

14
net/ntp/patches/patch-configure_in
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-configure_in,v 1.4 2004/06/05 04:54:53 danh Exp $ $OpenBSD: patch-configure_in,v 1.5 2006/01/24 19:58:58 sturm Exp $
--- configure.in.orig 2004-05-25 07:02:21.000000000 -0400 --- configure.in.orig Tue May 25 13:02:21 2004
+++ configure.in 2004-06-04 09:39:53.000000000 -0400 +++ configure.in Tue Jan 24 20:52:52 2006
@@ -768,6 +768,7 @@ case "$host" in @@ -768,6 +768,7 @@ case "$host" in
*-pc-cygwin*) *-pc-cygwin*)
;; ;;
@ -9,12 +9,12 @@ $OpenBSD: patch-configure_in,v 1.4 2004/06/05 04:54:53 danh Exp $
;; ;;
esac esac
AC_CHECK_FUNCS(hstrerror) AC_CHECK_FUNCS(hstrerror)
@@ -788,6 +789,8 @@ case "$host" in @@ -787,6 +788,8 @@ case "$host" in
;;
*-*-irix[[45]]*) *-*-irix[[45]]*)
# Just a stub in "old" Irix. Idiots. # Just a stub in "old" Irix. Idiots.
;;
+ *-*-openbsd*)
+ ;; + ;;
+ *-*-openbsd*)
;;
*-*-qnx*) *-*-qnx*)
# Apparently there but not working in QNX. Idiots? # Apparently there but not working in QNX. Idiots?
;;

15
net/ntp/patches/patch-ntpd_ntpd_c
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-ntpd_ntpd_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $ $OpenBSD: patch-ntpd_ntpd_c,v 1.2 2006/01/24 19:58:58 sturm Exp $
--- ntpd/ntpd.c.orig 2004-02-25 00:58:13.000000000 -0500 --- ntpd/ntpd.c.orig Wed Feb 25 06:58:13 2004
+++ ntpd/ntpd.c 2004-06-04 09:39:45.000000000 -0400 +++ ntpd/ntpd.c Tue Jan 24 20:53:43 2006
@@ -399,11 +399,16 @@ ntpdmain( @@ -399,11 +399,16 @@ ntpdmain(
} }
#endif #endif
@ -19,3 +19,12 @@ $OpenBSD: patch-ntpd_ntpd_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $
if (uid) if (uid)
{ {
msyslog(LOG_ERR, "ntpd: must be run as root, not uid %ld", (long)uid); msyslog(LOG_ERR, "ntpd: must be run as root, not uid %ld", (long)uid);
@@ -881,7 +886,7 @@ getuser:
} else {
getgroup:
if ((gr = getgrnam(group)) != NULL) {
- sw_gid = pw->pw_gid;
+ sw_gid = gr->gr_gid;
} else {
errno = 0;
msyslog(LOG_ERR, "Cannot find group `%s'", group);

13
net/ntp/patches/patch-ntpdate_ntpdate_c
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-ntpdate_ntpdate_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $ $OpenBSD: patch-ntpdate_ntpdate_c,v 1.2 2006/01/24 19:58:58 sturm Exp $
--- ntpdate/ntpdate.c.orig 2004-05-25 07:02:25.000000000 -0400 --- ntpdate/ntpdate.c.orig Thu Mar 3 12:01:15 2005
+++ ntpdate/ntpdate.c 2004-06-04 09:49:44.000000000 -0400 +++ ntpdate/ntpdate.c Tue Jan 24 20:52:44 2006
@@ -10,17 +10,6 @@ @@ -10,17 +10,6 @@
#include <netinfo/ni.h> #include <netinfo/ni.h>
#endif #endif
@ -19,7 +19,7 @@ $OpenBSD: patch-ntpdate_ntpdate_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $
#ifdef HAVE_UNISTD_H #ifdef HAVE_UNISTD_H
# include <unistd.h> # include <unistd.h>
#endif #endif
@@ -45,9 +34,23 @@ @@ -45,8 +34,22 @@
#ifdef HAVE_SYS_RESOURCE_H #ifdef HAVE_SYS_RESOURCE_H
# include <sys/resource.h> # include <sys/resource.h>
#endif /* HAVE_SYS_RESOURCE_H */ #endif /* HAVE_SYS_RESOURCE_H */
@ -28,7 +28,7 @@ $OpenBSD: patch-ntpdate_ntpdate_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $
+#endif /* HAVE_NETINET_IN_H */ +#endif /* HAVE_NETINET_IN_H */
#include <arpa/inet.h> #include <arpa/inet.h>
+
+#include "ntp_machine.h" +#include "ntp_machine.h"
+#include "ntp_fp.h" +#include "ntp_fp.h"
+#include "ntp.h" +#include "ntp.h"
@ -39,7 +39,6 @@ $OpenBSD: patch-ntpdate_ntpdate_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $
+#include "ntp_syslog.h" +#include "ntp_syslog.h"
+#include "ntp_select.h" +#include "ntp_select.h"
+#include "ntp_stdlib.h" +#include "ntp_stdlib.h"
+
#ifdef __QNXNTO__ #ifdef __QNXNTO__
# include "adjtime.h" # include "adjtime.h"
#endif

13
net/ntp/patches/patch-ntpdc_ntpdc_ops_c
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-ntpdc_ntpdc_ops_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $ $OpenBSD: patch-ntpdc_ntpdc_ops_c,v 1.2 2006/01/24 19:58:58 sturm Exp $
--- ntpdc/ntpdc_ops.c.orig 2004-05-25 07:02:25.000000000 -0400 --- ntpdc/ntpdc_ops.c.orig Tue May 25 13:02:25 2004
+++ ntpdc/ntpdc_ops.c 2004-06-04 09:51:19.000000000 -0400 +++ ntpdc/ntpdc_ops.c Tue Jan 24 20:52:44 2006
@@ -9,22 +9,22 @@ @@ -9,21 +9,21 @@
#include <stdio.h> #include <stdio.h>
#include <stddef.h> #include <stddef.h>
@ -21,12 +21,11 @@ $OpenBSD: patch-ntpdc_ntpdc_ops_c,v 1.1.1.1 2004/06/05 04:34:19 danh Exp $
#endif #endif
#include <arpa/inet.h> #include <arpa/inet.h>
+
+#include "ntpdc.h" +#include "ntpdc.h"
+#include "ntp_control.h" +#include "ntp_control.h"
+#include "ntp_refclock.h" +#include "ntp_refclock.h"
+#include "ntp_stdlib.h" +#include "ntp_stdlib.h"
+
/* /*
* Declarations for command handlers in here * Declarations for command handlers in here
*/