diff options
author | salo <salo> | 2006-02-20 14:01:22 +0000 |
---|---|---|
committer | salo <salo> | 2006-02-20 14:01:22 +0000 |
commit | 5108f35ad556c4d3568dd3382782d0a272e829ac (patch) | |
tree | 8da09287588b95c0f6bd9cc54aa86d9c5decd159 /security | |
parent | c13fbea8b0a00ed8218365b202a5559d3724d63e (diff) | |
download | pkgsrc-5108f35ad556c4d3568dd3382782d0a272e829ac.tar.gz |
Pullup ticket 1150 - requested by Adrian Portelli
security fix for honeyd
Patch provided by the submitter.
http://www.honeyd.org/adv.2006-01
Diffstat (limited to 'security')
-rw-r--r-- | security/honeyd/Makefile | 4 | ||||
-rw-r--r-- | security/honeyd/distinfo | 4 | ||||
-rw-r--r-- | security/honeyd/patches/patch-ab | 65 | ||||
-rw-r--r-- | security/honeyd/patches/patch-ac | 12 |
4 files changed, 82 insertions, 3 deletions
diff --git a/security/honeyd/Makefile b/security/honeyd/Makefile index 80764429f0f..35e7db6a626 100644 --- a/security/honeyd/Makefile +++ b/security/honeyd/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.12 2005/12/05 20:50:56 rillig Exp $ +# $NetBSD: Makefile,v 1.12.2.1 2006/02/20 14:01:22 salo Exp $ # DISTNAME= honeyd-1.0 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= security net MASTER_SITES= http://niels.xtdnet.nl/honeyd/ diff --git a/security/honeyd/distinfo b/security/honeyd/distinfo index d9857e3ed83..fd5069bdca6 100644 --- a/security/honeyd/distinfo +++ b/security/honeyd/distinfo @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.3 2005/02/24 13:10:06 agc Exp $ +$NetBSD: distinfo,v 1.3.8.1 2006/02/20 14:01:22 salo Exp $ SHA1 (honeyd-1.0.tar.gz) = abff00cf7815b6448e5432be8b4710f39bf2119f RMD160 (honeyd-1.0.tar.gz) = d5c28f8987dd22d266348cf908f008423a63fc49 Size (honeyd-1.0.tar.gz) = 600339 bytes SHA1 (patch-aa) = 83d823e891e2837fab85a0cda5a67dded772c97d +SHA1 (patch-ab) = b17662d2a096ef3b209a208a8e6e0ed6e71ebdbe +SHA1 (patch-ac) = 141b85ca569e69265d2e06520fc4cee71ca5762d diff --git a/security/honeyd/patches/patch-ab b/security/honeyd/patches/patch-ab new file mode 100644 index 00000000000..5bb98098366 --- /dev/null +++ b/security/honeyd/patches/patch-ab @@ -0,0 +1,65 @@ +$NetBSD: patch-ab,v 1.1.2.1 2006/02/20 14:01:23 salo Exp $ + +--- ipfrag.c.orig 2004-12-31 19:13:38.000000000 +0000 ++++ ipfrag.c +@@ -81,6 +81,7 @@ fragcompare(struct fragment *a, struct f + DIFF(a->ip_src, b->ip_src); + DIFF(a->ip_dst, b->ip_dst); + DIFF(a->ip_id, b->ip_id); ++ DIFF(a->ip_proto, b->ip_proto); + + return (0); + } +@@ -105,13 +106,14 @@ ip_fragment_init(void) + } + + struct fragment * +-ip_fragment_find(ip_addr_t src, ip_addr_t dst, u_short id) ++ip_fragment_find(ip_addr_t src, ip_addr_t dst, u_short id, u_char proto) + { + struct fragment tmp, *frag; + + tmp.ip_src = src; + tmp.ip_dst = dst; + tmp.ip_id = id; ++ tmp.ip_proto = proto; + + frag = SPLAY_FIND(fragtree, &fragments, &tmp); + +@@ -179,7 +181,8 @@ ip_fragment_reclaim(int count) + } + + struct fragment * +-ip_fragment_new(ip_addr_t src, ip_addr_t dst, u_short id, enum fragpolicy pl) ++ip_fragment_new(ip_addr_t src, ip_addr_t dst, u_short id, u_char proto, ++ enum fragpolicy pl) + { + struct fragment *tmp = NULL; + struct timeval tv = { IPFRAG_TIMEOUT, 0}; +@@ -202,6 +205,7 @@ ip_fragment_new(ip_addr_t src, ip_addr_t + tmp->ip_src = src; + tmp->ip_dst = dst; + tmp->ip_id = id; ++ tmp->ip_proto = proto; + tmp->fragp = pl; + + TAILQ_INIT(&tmp->fraglist); +@@ -358,7 +362,7 @@ ip_fragment(struct template *tmpl, struc + if (fragp == FRAG_DROP) + goto drop; + +- fragq = ip_fragment_find(ip->ip_src, ip->ip_dst, ip->ip_id); ++ fragq = ip_fragment_find(ip->ip_src, ip->ip_dst, ip->ip_id, ip->ip_p); + + /* Nothing here for now */ + off = ntohs(ip->ip_off); +@@ -383,7 +387,8 @@ ip_fragment(struct template *tmpl, struc + goto freeall; + + if (fragq == NULL) { +- fragq = ip_fragment_new(ip->ip_src, ip->ip_dst, ip->ip_id, fragp); ++ fragq = ip_fragment_new(ip->ip_src, ip->ip_dst, ip->ip_id, ++ ip->ip_p, fragp); + if (fragq == NULL) + goto drop; + } diff --git a/security/honeyd/patches/patch-ac b/security/honeyd/patches/patch-ac new file mode 100644 index 00000000000..5feb2d6d70b --- /dev/null +++ b/security/honeyd/patches/patch-ac @@ -0,0 +1,12 @@ +$NetBSD: patch-ac,v 1.1.2.1 2006/02/20 14:01:23 salo Exp $ + +--- ipfrag.h.orig 2004-12-31 19:13:43.000000000 +0000 ++++ ipfrag.h +@@ -52,6 +52,7 @@ struct fragment { + ip_addr_t ip_src; /* Network order */ + ip_addr_t ip_dst; /* Network order */ + u_short ip_id; /* Network order */ ++ u_char ip_proto; + + u_short maxlen; + u_short hadlastpacket; |