diff options
| author | reed <reed> | 2008-03-07 23:40:06 +0000 |
|---|---|---|
| committer | reed <reed> | 2008-03-07 23:40:06 +0000 |
| commit | eb73292bb30493564f53f8f97fdb05fbf88ce794 (patch) | |
| tree | 0f463953a297f4f10c389ebcc1a726f1fc3c1b6b /net | |
| parent | e9c5b3ba9f0f8a1eda4f4c701a6c8c4e9947636d (diff) | |
| download | pkgsrc-eb73292bb30493564f53f8f97fdb05fbf88ce794.tar.gz | |
New package from pkgsrc-wip: portmap
(I have been using this for years.)
This is an RPC portmapper that prevents theft of NIS (YP), NFS,
and other sensitive information via the portmapper. As an option,
the program supports access control in the style of the TCP Wrappers
(log_tcp) package.
Daemons that offer RPC services tell the portmapper on what port
they listen. And clients asks the portmapper what port the daemon
is using. RPC network port numbers may change each time the system
is booted.
This is Wietse Venema's fourth replacement portmapper. It is
derived from source code in the RPCSRC 4.0 and the TIRPC source
distributions.
Diffstat (limited to 'net')
| -rw-r--r-- | net/portmap/DESCR | 13 | ||||
| -rw-r--r-- | net/portmap/Makefile | 30 | ||||
| -rw-r--r-- | net/portmap/PLIST | 7 | ||||
| -rw-r--r-- | net/portmap/distinfo | 7 | ||||
| -rwxr-xr-x | net/portmap/files/portmap.sh | 16 | ||||
| -rw-r--r-- | net/portmap/patches/patch-aa | 36 | ||||
| -rw-r--r-- | net/portmap/patches/patch-ab | 29 |
7 files changed, 138 insertions, 0 deletions
diff --git a/net/portmap/DESCR b/net/portmap/DESCR new file mode 100644 index 00000000000..7f1b09b17f8 --- /dev/null +++ b/net/portmap/DESCR @@ -0,0 +1,13 @@ +This is an RPC portmapper that prevents theft of NIS (YP), NFS, +and other sensitive information via the portmapper. As an option, +the program supports access control in the style of the TCP Wrappers +(log_tcp) package. + +Daemons that offer RPC services tell the portmapper on what port +they listen. And clients asks the portmapper what port the daemon +is using. RPC network port numbers may change each time the system +is booted. + +This is Wietse Venema's fourth replacement portmapper. It is +derived from source code in the RPCSRC 4.0 and the TIRPC source +distributions. diff --git a/net/portmap/Makefile b/net/portmap/Makefile new file mode 100644 index 00000000000..5305d431d6f --- /dev/null +++ b/net/portmap/Makefile @@ -0,0 +1,30 @@ +# $NetBSD: Makefile,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ + +DISTNAME= portmap_4 +PKGNAME= portmap-4 +PKGREVISION= 3 +CATEGORIES= net +MASTER_SITES= ftp://ftp.porcupine.org/pub/security/ + +MAINTAINER= reed@reedmedia.net +HOMEPAGE= ftp://ftp.porcupine.org/pub/security/index.html +COMMENT= RPC portmapper with access control + +# TODO: maybe look at portmap_5beta ? + +# XXX allow this to install on NetBSD, because this also +# XXX provides pmap_dump and pmap_set + +INSTALLATION_DIRS+= sbin share/doc/portmap +MAKE_FLAGS+= WRAP_DIR=${BUILDLINK_PREFIX.tcp_wrappers}/lib +NO_CONFIGURE= yes +RCD_SCRIPTS= portmap + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/portmap ${PREFIX}/sbin/ + ${INSTALL_PROGRAM} ${WRKSRC}/pmap_dump ${PREFIX}/sbin/ + ${INSTALL_PROGRAM} ${WRKSRC}/pmap_set ${PREFIX}/sbin/ + ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/portmap/ + +.include "../../security/tcp_wrappers/buildlink3.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/net/portmap/PLIST b/net/portmap/PLIST new file mode 100644 index 00000000000..94775e16e9f --- /dev/null +++ b/net/portmap/PLIST @@ -0,0 +1,7 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ +sbin/pmap_dump +sbin/pmap_set +sbin/portmap +share/doc/portmap/README +share/examples/rc.d/portmap +@dirrm share/doc/portmap diff --git a/net/portmap/distinfo b/net/portmap/distinfo new file mode 100644 index 00000000000..599f9355625 --- /dev/null +++ b/net/portmap/distinfo @@ -0,0 +1,7 @@ +$NetBSD: distinfo,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ + +SHA1 (portmap_4.tar.gz) = 02e32c98040da21dfa965a0468e4f561f3ad08a1 +RMD160 (portmap_4.tar.gz) = 3559e1652b04a34ac8814243b70069fd64a2f68e +Size (portmap_4.tar.gz) = 16152 bytes +SHA1 (patch-aa) = f26735fc93188c8f1d4503bab7e9ccb616847743 +SHA1 (patch-ab) = ebc8a440384f93724dfba10df4f4583b78af4b5d diff --git a/net/portmap/files/portmap.sh b/net/portmap/files/portmap.sh new file mode 100755 index 00000000000..fbbbd7af01e --- /dev/null +++ b/net/portmap/files/portmap.sh @@ -0,0 +1,16 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: portmap.sh,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ +# + +# PROVIDE: portmap +# REQUIRE: NETWORKING ntpdate syslogd named ppp + +. /etc/rc.subr + +name="portmap" +rcvar=$name +command="@PREFIX@/sbin/${name}" + +load_rc_config $name +run_rc_command "$1" diff --git a/net/portmap/patches/patch-aa b/net/portmap/patches/patch-aa new file mode 100644 index 00000000000..c8e761fe956 --- /dev/null +++ b/net/portmap/patches/patch-aa @@ -0,0 +1,36 @@ +$NetBSD: patch-aa,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ + +--- Makefile.orig 1996-05-31 06:50:40.000000000 -0700 ++++ Makefile +@@ -8,7 +8,7 @@ + # if you disagree. See `man 3 syslog' for examples. Some syslog versions + # do not provide this flexibility. + # +-FACILITY=LOG_MAIL ++FACILITY=LOG_AUTH + + # To disable host access control, comment out the following macro definition. + # Note: host access control requires the strtok() and strchr() routines. +@@ -36,7 +36,7 @@ CHECK_PORT = -DCHECK_PORT + # With verbose logging on, HP-UX 9.x and AIX 4.1 leave zombies behind when + # SIGCHLD is not ignored. Enable next macro for a fix. + # +-# ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x ++ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x + + # Uncomment the following macro if your system does not have u_long. + # +@@ -46,11 +46,11 @@ CHECK_PORT = -DCHECK_PORT + # libwrap.a object library. WRAP_DIR should specify the directory with + # that library. + +-WRAP_DIR= ../tcp_wrappers ++#WRAP_DIR= ../tcp_wrappers + + # Auxiliary object files that may be missing from your C library. + # +-AUX = daemon.o strerror.o ++AUX = daemon.o + + # NEXTSTEP is a little different. The following seems to work with NS 3.2 + # diff --git a/net/portmap/patches/patch-ab b/net/portmap/patches/patch-ab new file mode 100644 index 00000000000..57a9463f40e --- /dev/null +++ b/net/portmap/patches/patch-ab @@ -0,0 +1,29 @@ +$NetBSD: patch-ab,v 1.1.1.1 2008/03/07 23:40:06 reed Exp $ + +--- portmap.c.orig 2003-03-19 23:42:46.000000000 -0800 ++++ portmap.c 2003-03-19 23:44:06.000000000 -0800 +@@ -85,6 +85,7 @@ + #include <stdio.h> + #include <syslog.h> + #include <netdb.h> ++#include <errno.h> + #include <sys/socket.h> + #include <sys/ioctl.h> + #include <sys/wait.h> +@@ -124,7 +125,6 @@ + static void callit(); + struct pmaplist *pmaplist; + int debugging = 0; +-extern int errno; + + #include "pmap_check.h" + +@@ -235,7 +235,7 @@ + /* need to override perror calls in rpc library */ + void + perror(what) +- const char *what; ++ __const char *what; + { + + syslog(LOG_ERR, "%s: %m", what); |