Install the binary for this package as mode 550, and disable the

-w option, to avoid any compromises due to reported buffer overflow exploits, reported in ntop<=1.0 remote-root-shell http://www.securityfocus.com/advisories/2520 Also, upgrade to 1.1 on the distribution site, as the old distfile is no longer there, and 1.1 incorporates all the old patches in the pkgsrc version bar one minor one (passing CPPFLAGS into Makefile.in for the build environment).
author: agc <agc@pkgsrc.org> 2000-09-19 20:00:03 +0000
committer: agc <agc@pkgsrc.org> 2000-09-19 20:00:03 +0000
commit: c88b9ae437cd7489179adeeedcf5523952d2f45c (patch)
tree: 60a3d173bbc5aaca075e15c59b9d3e3ee42201a0
parent: 3013e4b63362c0eb6e618bdf5385264f52589575 (diff)
download: pkgsrc-c88b9ae437cd7489179adeeedcf5523952d2f45c.tar.gz
10 files changed, 64 insertions, 155 deletions
diff --git a/net/ntop/Makefile b/net/ntop/Makefile
index 668c02457ca..fa5baa6201c 100644
--- a/net/ntop/Makefile
+++ b/net/ntop/Makefile
@@ -1,24 +1,22 @@
-# $NetBSD: Makefile,v 1.11 2000/01/15 18:46:32 jlam Exp $
+# $NetBSD: Makefile,v 1.12 2000/09/19 20:00:03 agc Exp $
 
-DISTNAME=		ntop-1.0
+DISTNAME=		ntop-1.1
 CATEGORIES=		net
 MASTER_SITES=		ftp://ftp.unipi.it/pub/local/ntop/source/
-EXTRACT_SUFX=		.src.tar.gz
+EXTRACT_SUFX=		-src.tar.gz
 
 MAINTAINER=		kim@tac.nyc.ny.us
 HOMEPAGE=		http://www-serra.unipi.it/~ntop/
 
-BUILD_DEPENDS+=		${LOCALBASE}/bin/autoconf:../../devel/autoconf
 DEPENDS+=		ncurses>=4.2:../../devel/ncurses
 
-HAS_CONFIGURE=		yes
 GNU_CONFIGURE=		yes
+CONFIGURE_ARGS+=	--enable-threads=no
 
 CPPFLAGS+=		-I${LOCALBASE}/include	# for ncurses.h
-LDFLAGS+=		-L${LOCALBASE}/lib	# for -lncurses
-CONFIGURE_ENV+=		CPPFLAGS="${CPPFLAGS}"
+LDFLAGS+=		-L${LOCALBASE}/lib -Wl,-R${LOCALBASE}/lib
+MAKE_ENV+=		CPPFLAGS="${CPPFLAGS}" LDFLAGS="${LDFLAGS}"
 
-pre-configure:
-	cd ${WRKSRC}; ${LOCALBASE}/bin/autoconf
+INSTALL_TARGET=		install install-man
 
 .include "../../mk/bsd.pkg.mk"
diff --git a/net/ntop/files/md5 b/net/ntop/files/md5
index 16763052fe9..d42c7add269 100644
--- a/net/ntop/files/md5
+++ b/net/ntop/files/md5
@@ -1,3 +1,3 @@
-$NetBSD: md5,v 1.2 1998/10/11 20:27:04 kim Exp $
+$NetBSD: md5,v 1.3 2000/09/19 20:00:04 agc Exp $
 
-MD5 (ntop-1.0.src.tar.gz) = 25ad6dc31771e96ceacb0cd824f20d1c
+MD5 (ntop-1.1-src.tar.gz) = 4630ed141d9d5f16f929a9b64b70a45c
diff --git a/net/ntop/files/patch-sum b/net/ntop/files/patch-sum
index 61f6d89ff37..b479500451d 100644
--- a/net/ntop/files/patch-sum
+++ b/net/ntop/files/patch-sum
@@ -1,8 +1,4 @@
-$NetBSD: patch-sum,v 1.1 1999/07/09 14:12:26 agc Exp $
+$NetBSD: patch-sum,v 1.2 2000/09/19 20:00:04 agc Exp $
 
-MD5 (patch-ab) = fdcd51984773a786749f7adaac38943e
-MD5 (patch-ac) = e601d531e64493bbe75017500ebb60f6
-MD5 (patch-ad) = 723a173e0bc0aeac9be1caca9c960062
-MD5 (patch-ae) = b4cb6a5a50e72eed40111af75a0d8add
-MD5 (patch-af) = 0c6dca18a445a06eeca76fa15ce69fc6
-MD5 (patch-ag) = bc16d2c8d49d81c82c4d62ab162f4967
+MD5 (patch-ag) = 8ca6a97f727834a4d342c389eddfe609
+MD5 (patch-ah) = d691d08783f950d970ddc19212c2fa8d
diff --git a/net/ntop/patches/patch-ab b/net/ntop/patches/patch-ab
deleted file mode 100644
index 7006cb4e852..00000000000
--- a/net/ntop/patches/patch-ab
+++ /dev/null
@@ -1,25 +0,0 @@
-$NetBSD: patch-ab,v 1.6 1998/12/28 22:49:21 marc Exp $
-
---- ntop.h.orig	Mon Oct  5 12:18:41 1998
-+++ ntop.h	Mon Oct 12 22:44:29 1998
-@@ -87,8 +87,20 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-+#ifdef HAVE_ETHERTYPE_H
- #include <ethertype.h>
-+#endif
- #include <setjmp.h>
-+
-+#ifndef ETHERTYPE_DN
-+#define ETHERTYPE_DN		0x6003
-+#endif
-+#ifndef ETHERTYPE_ATALK
-+#define ETHERTYPE_ATALK		0x809b
-+#endif
-+#ifndef ETHERTYPE_AARP 
-+#define ETHERTYPE_AARP         0x80f3
-+#endif 
- 
- #include "interface.h"
- #include "setsignal.h"
diff --git a/net/ntop/patches/patch-ac b/net/ntop/patches/patch-ac
deleted file mode 100644
index ffd6c15d2b0..00000000000
--- a/net/ntop/patches/patch-ac
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-ac,v 1.2 1998/10/11 20:27:04 kim Exp $
-
---- interface.h.orig	Sun Sep 13 05:00:58 1998
-+++ interface.h	Sun Oct 11 15:16:33 1998
-@@ -42,7 +42,9 @@
-  */
- 
- 
-+#ifdef HAVE_GNUC_H
- #include <gnuc.h>
-+#endif
- #ifdef HAVE_OS_PROTO_H
- #include "os-proto.h"
- #endif
diff --git a/net/ntop/patches/patch-ad b/net/ntop/patches/patch-ad
deleted file mode 100644
index 81d752afab9..00000000000
--- a/net/ntop/patches/patch-ad
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-ad,v 1.3 1998/10/13 03:46:08 kim Exp $
-
---- configure.in.orig	Thu Sep 24 11:41:22 1998
-+++ configure.in	Mon Oct 12 22:42:57 1998
-@@ -18,7 +18,7 @@
- 
- AC_LBL_C_INIT(V_CCOPT, V_INCLS)
- 
--AC_CHECK_HEADERS(fcntl.h malloc.h memory.h ncurses.h curses.h sys/select.h netinet/if_ether.h netinet/in_systm.h stdarg.h)
-+AC_CHECK_HEADERS(fcntl.h malloc.h memory.h ncurses.h curses.h sys/select.h netinet/if_ether.h netinet/in_systm.h stdarg.h gnuc.h ethertype.h)
- AC_HEADER_TIME
- 
- AC_REPLACE_FUNCS(vfprintf)
-@@ -60,9 +60,9 @@
- 	;;
- esac
- 
--if test -f /dev/bpf0 ; then
--	V_GROUP=bpf
--fi
-+#if test -f /dev/bpf0 ; then
-+#	V_GROUP=bpf
-+#fi
- 
- AC_MSG_CHECKING(if ether_header uses ether_addr structs)
- AC_CACHE_VAL(ac_cv_ether_header_has_ea,
diff --git a/net/ntop/patches/patch-ae b/net/ntop/patches/patch-ae
deleted file mode 100644
index b3a082379a8..00000000000
--- a/net/ntop/patches/patch-ae
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-ae,v 1.2 1998/10/11 20:27:04 kim Exp $
-
---- setsignal.c.orig	Tue Sep 22 12:01:46 1998
-+++ setsignal.c	Sun Oct 11 15:19:35 1998
-@@ -56,7 +56,9 @@
- #include <string.h>
- #endif
- 
-+#ifdef HAVE_GNUC_H
- #include <gnuc.h>
-+#endif
- #ifdef HAVE_OS_PROTO_H
- #include "os-proto.h"
- #endif
diff --git a/net/ntop/patches/patch-af b/net/ntop/patches/patch-af
deleted file mode 100644
index ba5c38c9174..00000000000
--- a/net/ntop/patches/patch-af
+++ /dev/null
@@ -1,51 +0,0 @@
-$NetBSD: patch-af,v 1.4 1998/10/11 21:07:11 kim Exp $
-
-*** pbuf.c.orig	Tue Oct  6 03:49:59 1998
---- pbuf.c	Sun Oct 11 15:45:15 1998
-***************
-*** 265,270 ****
---- 265,271 ----
-  void init_counters() {
-    char *p;
-    struct servent *svnt;
-+   struct hostent *hent;
-  
-    (void)setsignal(SIGWINCH, windowSizeChanged);  
-  
-***************
-*** 272,287 ****
-     * The name of the local domain is now calculated properly
-     * Kimmo Suominen <kim@tac.nyc.ny.us> 
-     */
-!   if((getdomainname(domainName, MAXHOSTNAMELEN) != 0) 
-!      || (domainName[0] == '\0'))
-!     {
-!       if ((gethostname(domainName, MAXHOSTNAMELEN) == 0)
-! 	  && ((p = memchr(domainName, '.', MAXHOSTNAMELEN)) != NULL)) {
-  	domainName[MAXHOSTNAMELEN - 1] = '\0';
-! 	memmove(domainName, ++p, MAXHOSTNAMELEN + domainName - p);
-!       } else
-! 	domainName[0] = '\0';
-!     }
-  
-    init_curses();
-    resetStats();
---- 273,290 ----
-     * The name of the local domain is now calculated properly
-     * Kimmo Suominen <kim@tac.nyc.ny.us> 
-     */
-!   if (gethostname(domainName, MAXHOSTNAMELEN) == 0) {
-!     if ((p = memchr(domainName, '.', MAXHOSTNAMELEN)) != NULL) {
-!       domainName[MAXHOSTNAMELEN - 1] = '\0';
-!       memmove(domainName, ++p, MAXHOSTNAMELEN + domainName - p);
-!     } else
-!       if (((hent = gethostbyname(domainName)) != NULL)
-! 	&& ((p = strchr(hent->h_name, '.')) != NULL)) {
-! 	strncpy(domainName, ++p, MAXHOSTNAMELEN);
-  	domainName[MAXHOSTNAMELEN - 1] = '\0';
-!       }
-!   } else
-!     domainName[0] = '\0';
-  
-    init_curses();
-    resetStats();
diff --git a/net/ntop/patches/patch-ag b/net/ntop/patches/patch-ag
index d40474b4535..01ccba2a1c0 100644
--- a/net/ntop/patches/patch-ag
+++ b/net/ntop/patches/patch-ag
@@ -1,14 +1,27 @@
-$NetBSD: patch-ag,v 1.1 1999/07/06 08:06:30 jlam Exp $
+$NetBSD: patch-ag,v 1.2 2000/09/19 20:00:04 agc Exp $
 
---- Makefile.in.orig	Tue Oct  6 11:27:31 1998
-+++ Makefile.in	Fri Jul  2 14:19:28 1999
-@@ -42,7 +42,8 @@
+Make sure CPPFLAGS is propagated through to build stage
+
+Do not install the program setuid or setgid, to avoid
+unsafe practices - see http://www.securityfocus.com/advisories/2520
+
+--- Makefile.in.orig	Mon May  3 09:03:10 1999
++++ Makefile.in	Tue Sep 19 11:39:18 2000
+@@ -54,7 +54,7 @@
  DEFS = @DEFS@
  
  # Standard CFLAGS
--CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
-+CPPFLAGS = @CPPFLAGS@
-+CFLAGS = $(CCOPT) $(CPPFLAGS) $(DEFS) $(INCLS)
+-CFLAGS = $(CCOPT) $(DEFS) @G_THREAD_CFLAGS@ @LSOF_DEFS@ @OS_DEFS@ $(INCLS) 
++CFLAGS = $(CCOPT) $(DEFS) @G_THREAD_CFLAGS@ @LSOF_DEFS@ @OS_DEFS@ $(INCLS) $(CPPFLAGS)
  
  # Standard LDFLAGS
  LDFLAGS = @LDFLAGS@
+@@ -105,7 +105,7 @@
+ report.c: ntop.h
+ 
+ install:
+-	$(INSTALL) -m 6550 $(PROG) $(DESTDIR)$(BINDEST)/$(PROG)
++	$(INSTALL) -m 550 $(PROG) $(DESTDIR)$(BINDEST)/$(PROG)
+ 
+ install-man:
+ 	$(INSTALL) -m 444 $(PROG).8 $(DESTDIR)$(MANDEST)/man8/$(PROG).8
diff --git a/net/ntop/patches/patch-ah b/net/ntop/patches/patch-ah
new file mode 100644
index 00000000000..df63e54cab4
--- /dev/null
+++ b/net/ntop/patches/patch-ah
@@ -0,0 +1,32 @@
+$NetBSD: patch-ah,v 1.1 2000/09/19 20:00:04 agc Exp $
+
+Disable unsafe -w option
+
+--- ntop.c	2000/09/19 10:37:40	1.1
++++ ntop.c	2000/09/19 10:38:08
+@@ -254,7 +254,7 @@
+   initIPServices();
+ 
+ #ifndef WIN32
+-  while ((op = getopt(argc, argv, "df:F:hr:i:p:l:nw:m:")) != EOF)
++  while ((op = getopt(argc, argv, "df:F:hr:i:p:l:nm:")) != EOF)
+     switch (op) {
+ 
+ #ifndef WIN32
+@@ -324,6 +324,7 @@
+       numericFlag++;
+       break;
+ 
++#if 0
+     case 'w':
+       if(!isdigit(optarg[0])) {
+ 	printf("FATAL ERROR: flag -w expects a numeric argument.\n");
+@@ -332,6 +333,7 @@
+       webMode++;
+       webPort = atoi(optarg);
+       break;
++#endif
+ 
+     default:
+       usage(0);
+
author	agc <agc@pkgsrc.org>	2000-09-19 20:00:03 +0000
committer	agc <agc@pkgsrc.org>	2000-09-19 20:00:03 +0000
commit	c88b9ae437cd7489179adeeedcf5523952d2f45c (patch)
tree	60a3d173bbc5aaca075e15c59b9d3e3ee42201a0
parent	3013e4b63362c0eb6e618bdf5385264f52589575 (diff)
download	pkgsrc-c88b9ae437cd7489179adeeedcf5523952d2f45c.tar.gz