diff options
| author | jmmv <jmmv@pkgsrc.org> | 2004-07-02 13:14:27 +0000 |
|---|---|---|
| committer | jmmv <jmmv@pkgsrc.org> | 2004-07-02 13:14:27 +0000 |
| commit | fcc4f184f199122a77fe21ff3b64291201a4ee29 (patch) | |
| tree | 071802b32020856cc242bb5ef6737ba5d62ce00f /security/libgcrypt | |
| parent | d16c050cc4c3c675d8fcf33177d83e882faa541b (diff) | |
| download | pkgsrc-fcc4f184f199122a77fe21ff3b64291201a4ee29.tar.gz | |
When exec'ing child processes (netstat and vmstat), make sure the standard
file descriptors (0, 1, 2) are open. This avoids multiple warnings issued
under NetBSD about running set[ug]id programs with those descriptors closed.
Fixes PR pkg/26079; although it talks about gaim, the problem is here, in
libgcrypt. Bump PKGREVISION to 1.
Diffstat (limited to 'security/libgcrypt')
| -rw-r--r-- | security/libgcrypt/Makefile | 3 | ||||
| -rw-r--r-- | security/libgcrypt/distinfo | 3 | ||||
| -rw-r--r-- | security/libgcrypt/patches/patch-ab | 31 |
3 files changed, 35 insertions, 2 deletions
diff --git a/security/libgcrypt/Makefile b/security/libgcrypt/Makefile index 9b0519ab204..e69f226ffbd 100644 --- a/security/libgcrypt/Makefile +++ b/security/libgcrypt/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.19 2004/05/26 05:42:28 tron Exp $ +# $NetBSD: Makefile,v 1.20 2004/07/02 13:14:27 jmmv Exp $ DISTNAME= libgcrypt-1.2.0 +PKGREVISION= 1 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/libgcrypt/ \ http://gd.tuwien.ac.at/privacy/gnupg/libgcrypt/ diff --git a/security/libgcrypt/distinfo b/security/libgcrypt/distinfo index 577e07a19f9..043cde98fc7 100644 --- a/security/libgcrypt/distinfo +++ b/security/libgcrypt/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.7 2004/05/22 10:07:48 adam Exp $ +$NetBSD: distinfo,v 1.8 2004/07/02 13:14:28 jmmv Exp $ SHA1 (libgcrypt-1.2.0.tar.gz) = 3785a47abcb1c15079b18c5df47a474dfe647ec2 Size (libgcrypt-1.2.0.tar.gz) = 949159 bytes SHA1 (patch-aa) = d8f659e4aac872abb152252731fd29bdaac635e3 +SHA1 (patch-ab) = bd713f7cbc6782ced8c2fd2b5541ac52d2a10fbe diff --git a/security/libgcrypt/patches/patch-ab b/security/libgcrypt/patches/patch-ab new file mode 100644 index 00000000000..c98930604b3 --- /dev/null +++ b/security/libgcrypt/patches/patch-ab @@ -0,0 +1,31 @@ +$NetBSD: patch-ab,v 1.1 2004/07/02 13:14:28 jmmv Exp $ + +--- cipher/rndunix.c.orig 2003-12-11 16:43:01.000000000 +0100 ++++ cipher/rndunix.c +@@ -676,6 +676,15 @@ start_gatherer( int pipefd ) + if( i != n1 && i != n2 && i != pipefd ) + close(i); + } ++ ++ /* Reopen standard files (only if needed) so that NetBSD does not ++ complain about executing set[ug]id programs with descriptors 0 ++ and/or 1 closed. At this point, 2 is still open. */ ++ if ((i = open("/dev/null", O_RDONLY)) != STDIN_FILENO) ++ close(i); ++ if ((i = open("/dev/null", O_WRONLY)) != STDOUT_FILENO) ++ close(i); ++ + errno = 0; + } + +@@ -703,6 +712,10 @@ start_gatherer( int pipefd ) + #endif + + fclose(stderr); /* Arrghh!! It's Stuart code!! */ ++ { ++ int i = open("/dev/null", O_WRONLY); ++ assert(i == STDERR_FILENO); ++ } + + for(;;) { + GATHER_MSG msg; |