summaryrefslogtreecommitdiff
path: root/net/net-snmp
diff options
context:
space:
mode:
authortron <tron@pkgsrc.org>2005-05-25 13:49:10 +0000
committertron <tron@pkgsrc.org>2005-05-25 13:49:10 +0000
commite125f51d8f24d94722e757cf1345398a1d89d516 (patch)
tree57bcf699c0d1ca2171e33205ffb7036a59627f1e /net/net-snmp
parentb64303adc5ba2e3ba02ce26b7599d06bc151ebef (diff)
downloadpkgsrc-e125f51d8f24d94722e757cf1345398a1d89d516.tar.gz
Replace "fixproc" script with version from "net-snmp" CVS respository.
This fixes the security problem documented in SA15471. Bump package revision because of this change.
Diffstat (limited to 'net/net-snmp')
-rw-r--r--net/net-snmp/Makefile3
-rw-r--r--net/net-snmp/distinfo3
-rw-r--r--net/net-snmp/patches/patch-ab180
3 files changed, 184 insertions, 2 deletions
diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile
index aefbfb64662..62562f16591 100644
--- a/net/net-snmp/Makefile
+++ b/net/net-snmp/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.29 2005/04/11 21:46:51 tv Exp $
+# $NetBSD: Makefile,v 1.30 2005/05/25 13:49:10 tron Exp $
DISTNAME= net-snmp-5.2.1
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/} \
ftp://ftp.net-smnp.org/pub/sourceforge/net-snmp/
diff --git a/net/net-snmp/distinfo b/net/net-snmp/distinfo
index d2a5cefb510..aae8198747e 100644
--- a/net/net-snmp/distinfo
+++ b/net/net-snmp/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.14 2005/03/30 12:10:58 adam Exp $
+$NetBSD: distinfo,v 1.15 2005/05/25 13:49:10 tron Exp $
SHA1 (net-snmp-5.2.1.tar.gz) = f8ec23b4d2706bef50cbc2d37ad9d292e107b0fb
RMD160 (net-snmp-5.2.1.tar.gz) = ad7a57cfe0552a71a6dadb263ac300c84d98b541
Size (net-snmp-5.2.1.tar.gz) = 3971320 bytes
SHA1 (patch-aa) = df9bcea942743e9bcd843724612b7d82ea364eca
+SHA1 (patch-ab) = 7e0fc7f52e3947d589bed850e847bd89e8daec1d
SHA1 (patch-ac) = 43dbf5519feac2a13b893f659090fa24de773ee8
SHA1 (patch-ad) = 9703dc9451f3fa7a61bae9c8d13b916aa52c0a6b
SHA1 (patch-ae) = 750412088b9ccd5fb50bd6e7fc049903f6113a39
diff --git a/net/net-snmp/patches/patch-ab b/net/net-snmp/patches/patch-ab
new file mode 100644
index 00000000000..f5ddf92d325
--- /dev/null
+++ b/net/net-snmp/patches/patch-ab
@@ -0,0 +1,180 @@
+$NetBSD: patch-ab,v 1.5 2005/05/25 13:49:10 tron Exp $
+
+--- local/fixproc.orig 2002-04-20 08:30:13.000000000 +0100
++++ local/fixproc 2005-05-25 14:36:18.000000000 +0100
+@@ -129,6 +129,8 @@
+ #
+ # Timothy Kong 3/1995
+
++use File::Temp qw(tempfile);
++
+ $database_file = '/local/etc/fixproc.conf';
+
+ $debug = 0; # specify debug level using -dN
+@@ -191,20 +193,19 @@
+ sub create_sh_script
+ {
+ local ($file) = pop (@_);
++ local ($fh) = pop (@_);
+ local ($i) = pop (@_);
+
+- printf (stderr "create_sh_script\n") if ($debug > 0);
++ printf (STDERR "create_sh_script\n") if ($debug > 0);
+
+ $! = $fixproc_error;
+- open (file, ">"."$file") || die "$0: cannot open $file\n";
+ while ( $shell_lines[$i] ne $shell_end_marker )
+ {
+- printf (file "%s", $shell_lines[$i]);
++ printf ($fh "%s", $shell_lines[$i]);
+ $i++;
+ }
+- close (file);
+- system "chmod +x $file";
+- return file;
++ close ($fh);
++ chmod 0755, $file;
+ }
+
+
+@@ -212,7 +213,7 @@
+ {
+ local ($proc) = pop(@_);
+
+- printf (stderr "do_fix\n") if ($debug > 0);
++ printf (STDERR "do_fix\n") if ($debug > 0);
+
+ if ($fix{$proc} eq '')
+ {
+@@ -230,14 +231,13 @@
+ else
+ {
+ # it must be "shell", so execute the shell script defined in database
++ local ($tmpfh, $tmpfile) = tempfile("fix_XXXXXXXX", DIR => "/tmp");
+
+- local ($tmpfile) = "/tmp/fix_$$";
+-
+- &create_sh_script ($fix{$proc}, $tmpfile);
++ &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+
+ # return code is number divided by 256
+ $error_code = (system "$tmpfile") / 256;
+- system "rm $tmpfile";
++ unlink($tmpfile);
+ return ($fix_failed_error) if ($error_code != 0);
+ # sleep needed here?
+ return &do_exist ($proc);
+@@ -249,7 +249,7 @@
+ {
+ local ($proc) = pop(@_);
+
+- printf (stderr "do_check\n") if ($debug > 0);
++ printf (STDERR "do_check\n") if ($debug > 0);
+
+ if ($check{$proc} eq '')
+ {
+@@ -262,13 +262,13 @@
+ # if not "exist", then it must be "shell", so execute the shell script
+ # defined in database
+
+- local ($tmpfile) = "/tmp/check_$$";
++ local ($tmpfh, $tmpfile) = tempfile("check_XXXXXXXX", DIR => "/tmp");
+
+- &create_sh_script ($check{$proc}, $tmpfile);
++ &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+
+ # return code is number divided by 256
+ $error_code = (system "$tmpfile") / 256;
+- system "rm $tmpfile";
++ unlink($tmpfile);
+ return ($check_failed_error) if ($error_code != 0);
+
+ # check passed, continue
+@@ -281,13 +281,13 @@
+ {
+ local ($proc) = pop(@_);
+
+- printf (stderr "do_exist\n") if ($debug > 0);
++ printf (STDERR "do_exist\n") if ($debug > 0);
+
+ # do ps, check to see if min <= no. of processes <= max
+ $! = $fixproc_error;
+- open (command, "/bin/ps -e | /bin/grep $proc | /bin/wc -l |")
++ open (COMMAND, "/bin/ps -e | /bin/grep $proc | /bin/wc -l |")
+ || die "$0: can't run ps-grep-wc command\n";
+- $proc_count = <command>;
++ $proc_count = <COMMAND>;
+ if (($proc_count < $min{$proc}) || ($proc_count > $max{$proc}))
+ {
+ return $check_failed_error;
+@@ -301,13 +301,13 @@
+ local ($proc) = pop(@_);
+ local ($second_kill_needed);
+
+- printf (stderr "do_kill\n") if ($debug > 0);
++ printf (STDERR "do_kill\n") if ($debug > 0);
+
+ # first try kill
+ $! = $fixproc_error;
+- open (command, "/bin/ps -e | /bin/grep $proc |")
++ open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+ || die "$0: can't run ps-grep-awk command\n";
+- while (<command>)
++ while (<COMMAND>)
+ {
+ # match the first field of ps -e
+ $! = $fixproc_error;
+@@ -318,10 +318,10 @@
+ # if process still exist, try kill -9
+ sleep 2;
+ $! = $fixproc_error;
+- open (command, "/bin/ps -e | /bin/grep $proc |")
++ open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+ || die "$0: can't run ps-grep-awk command\n";
+ $second_kill_needed = 0;
+- while (<command>)
++ while (<COMMAND>)
+ {
+ # match the first field of ps -e
+ $! = $fixproc_error;
+@@ -334,9 +334,9 @@
+ # see if kill -9 worked
+ sleep 2;
+ $! = $fixproc_error;
+- open (command, "/bin/ps -e | /bin/grep $proc |")
++ open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+ || die "$0: can't run ps-grep-awk command\n";
+- while (<command>)
++ while (<COMMAND>)
+ { # a process still exist, return error
+ return $cannot_kill_error;
+ }
+@@ -349,7 +349,7 @@
+ local ($proc) = pop(@_);
+ local ($error_code);
+
+- printf (stderr "do_restart\n") if ($debug > 0);
++ printf (STDERR "do_restart\n") if ($debug > 0);
+
+ $error_code = &do_kill ($proc);
+ return $error_code if ($error_code != $no_error);
+@@ -369,7 +369,7 @@
+ local ($proc) = pop(@_);
+ local ($error_code);
+
+- printf (stderr "work_on_proc\n") if ($debug > 0);
++ printf (STDERR "work_on_proc\n") if ($debug > 0);
+
+ if ($cmd_line_action eq '')
+ {
+@@ -475,8 +475,8 @@
+ local ($str2);
+
+ $! = $fixproc_error;
+- open (db, $database_file) || die 'cannot open database file $database_file\n';
+- while (<db>)
++ open (DB, $database_file) || die 'cannot open database file $database_file\n';
++ while (<DB>)
+ {
+ if ((! /\S/) || (/^[ \t]*#.*$/))
+ {