summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--misc/jitterbug/Makefile3
-rw-r--r--misc/jitterbug/distinfo6
-rw-r--r--misc/jitterbug/patches/patch-ab143
-rw-r--r--misc/jitterbug/patches/patch-ac173
-rw-r--r--misc/jitterbug/patches/patch-ad56
-rw-r--r--misc/jitterbug/patches/patch-ae18
6 files changed, 397 insertions, 2 deletions
diff --git a/misc/jitterbug/Makefile b/misc/jitterbug/Makefile
index 35af56e35a2..27b879585be 100644
--- a/misc/jitterbug/Makefile
+++ b/misc/jitterbug/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2004/01/20 12:21:02 agc Exp $
+# $NetBSD: Makefile,v 1.24 2004/02/09 09:17:50 wennmach Exp $
DISTNAME= jitterbug-1.6.2
+PKGREVISION= 1
CATEGORIES= misc
MASTER_SITES= ftp://jitterbug.samba.org/pub/jitterbug/
diff --git a/misc/jitterbug/distinfo b/misc/jitterbug/distinfo
index 7156bf9e834..28dd916f44d 100644
--- a/misc/jitterbug/distinfo
+++ b/misc/jitterbug/distinfo
@@ -1,5 +1,9 @@
-$NetBSD: distinfo,v 1.2 2001/04/20 13:52:13 agc Exp $
+$NetBSD: distinfo,v 1.3 2004/02/09 09:17:50 wennmach Exp $
SHA1 (jitterbug-1.6.2.tar.gz) = c9c25ee892883560a829f832efbd028b8531651f
Size (jitterbug-1.6.2.tar.gz) = 98728 bytes
SHA1 (patch-aa) = 9573d1a2f78aef1bd381082080902c50b40bb067
+SHA1 (patch-ab) = 68cb6975b9a330e8889c2812c03e279679ffa754
+SHA1 (patch-ac) = 019e3e86768cd9d680467747676bd8f034553718
+SHA1 (patch-ad) = 87e86b56734deb0210c453ec77ba1f7b1973a79e
+SHA1 (patch-ae) = d9d4013efa79a860f08ec34dd1dadceeb23ac408
diff --git a/misc/jitterbug/patches/patch-ab b/misc/jitterbug/patches/patch-ab
new file mode 100644
index 00000000000..256160bb194
--- /dev/null
+++ b/misc/jitterbug/patches/patch-ab
@@ -0,0 +1,143 @@
+$NetBSD: patch-ab,v 1.1 2004/02/09 09:17:50 wennmach Exp $
+
+Security patches for jitterbug (taken from Debian GNU/Linux).
+See http://www.debian.org/security/2004/dsa-420
+
+--- jitterbug.c.orig Wed Nov 11 13:30:17 1998
++++ jitterbug.c Wed Jan 14 17:34:04 2004
+@@ -57,7 +57,7 @@
+ static int case_sensitive;
+ static int messagetype = MTYPE_ALL;
+ static int numquotelines;
+-static int addsignature;
++static int addsignature = 1;
+ static int fullheaders;
+
+ /* these are the user preferences -- reflect changes in dump_globals() */
+@@ -118,7 +118,7 @@
+ }
+
+
+- if (getuid() == 0) return 0;
++ if (strchr(fname, '/') && geteuid() == 0) return 0;
+
+ data = load_file(fname, NULL, 0);
+ if (!data) {
+@@ -727,6 +727,11 @@
+ }
+ }
+
++/* return true when the text doesn't have a trailing newline */
++static unsigned nolastnl(char *txt)
++{ return *txt && '\n'!=strchr(txt,'\0')[-1];
++}
++
+
+ /* free up an info structure loaded by get_info */
+ static void free_info(struct message_info *info)
+@@ -971,6 +976,7 @@
+ FILE *f;
+ char *name = cgi_variable("auditid");
+ char *source = cgi_variable("sources");
++ char *p;
+ char buf[1000];
+ int len;
+ struct message_info info = zero_info;
+@@ -989,6 +995,14 @@
+
+ sprintf(buf,"%s %s %s", lp_autopatch(), source, name);
+
++ p = buf;
++
++ while (*p) {
++ if (!isalnum(*p) && !strchr(";_|=+ &^#@!(){}[].",*p))
++ fatal("invalid character in expression");
++ p++;
++ }
++
+ printf("<hr>\n");
+
+ f = popen(buf,"r");
+@@ -1012,6 +1026,7 @@
+ {
+ FILE *f;
+ char *name = cgi_variable("decodeview");
++ char *p;
+ char buf[1000];
+ int len;
+ struct message_info info = zero_info;
+@@ -1028,6 +1043,13 @@
+
+ sprintf(buf,"%s %s", lp_decoder(), name);
+
++ p = buf;
++ while (*p) {
++ if (!isalnum(*p) && !strchr(";_|=+ &^#@!(){}[].",*p))
++ fatal("invalid character in expression");
++ p++;
++ }
++
+ printf("<hr>\n");
+
+ f = popen(buf,"r");
+@@ -1271,8 +1293,13 @@
+ }
+
+ smtp_write_data(fd, body);
+- if (sig)
++ if(nolastnl(body))
++ smtp_write(fd, "\n");
++ if (sig) {
+ smtp_write_data(fd, sig);
++ if(nolastnl(sig))
++ smtp_write(fd, "\n");
++ }
+ if (smtp_end_mail(fd) == -1)
+ fatal(smtp_error());
+ }
+@@ -1392,8 +1419,13 @@
+ if (cc && *cc)
+ fprintf(f,"CC: %s\n", cc);
+ fprintf(f,"\n%s", body);
+- if (addsignature && signature)
++ if(nolastnl(body))
++ fprintf(f, "\n");
++ if (addsignature && signature) {
+ fprintf(f,"%s", signature);
++ if(nolastnl(signature))
++ fprintf(f, "\n");
++ }
+ fclose(f);
+ close(fd);
+
+@@ -2179,6 +2211,7 @@
+ int len;
+ char buf[1000];
+ char *decode = cgi_variable("decode");
++ char *p;
+
+ if (guest && !lp_guest_download()) {
+ fatal("guest download has been disabled\n");
+@@ -2199,6 +2232,13 @@
+ if (decode) {
+ sprintf(buf,"%s %s", lp_decoder(), fname);
+
++ p = buf;
++ while (*p) {
++ if (!isalnum(*p) && !strchr(";_|=+ &^#@!(){}[].",*p))
++ fatal("invalid character in expression");
++ p++;
++ }
++
+ f = popen(buf,"r");
+ } else {
+ f = fopen(fname,"r");
+@@ -2208,7 +2248,7 @@
+ fatal("unable to open file");
+ }
+
+- printf("Content-Type: application/octet-stream\n");
++ printf("Content-Type: message/rfc822\n");
+ if (gzip_encoding || lp_gzip_download()) {
+ printf("\n");
+ cgi_start_gzip();
diff --git a/misc/jitterbug/patches/patch-ac b/misc/jitterbug/patches/patch-ac
new file mode 100644
index 00000000000..ce51d099fc9
--- /dev/null
+++ b/misc/jitterbug/patches/patch-ac
@@ -0,0 +1,173 @@
+$NetBSD: patch-ac,v 1.1 2004/02/09 09:17:50 wennmach Exp $
+
+Security patches for jitterbug (taken from Debian GNU/Linux).
+See http://www.debian.org/security/2004/dsa-420
+
+--- new_message.c.orig Wed Nov 11 13:30:17 1998
++++ new_message.c Wed Jan 14 17:34:04 2004
+@@ -206,6 +206,133 @@
+ smtp_end_mail(fd);
+ }
+
++/* This function should always return success */
++static int mail_failure(char* from, char* to, char* content)
++{
++ int fd;
++ fd = smtp_start_mail(from, to, NULL, NULL, "Request failed", strlen(content));
++ if ( fd == -1 ) {
++ fprintf(stderr, "Failed to send failure\n");
++ return 0;
++ }
++ smtp_write(fd, "\n");
++ smtp_write_data(fd, content);
++ smtp_end_mail(fd);
++ return 0;
++}
++
++static int is_a_bug(char* name)
++{
++ if (*name >= '1' && *name <= '9')
++ return !is_directory(name);
++ return 0;
++}
++
++static int get_bug(char *mbuf, char* to, char *query)
++{
++ int fd;
++ char *from, *p;
++ char *subject="Jitterbug results";
++ char buf[1024];
++ unsigned int size=0;
++ char boundary[128];
++ struct stat st;
++ char *bug;
++ char* msg_id;
++ char *msg_list;
++
++ snprintf(boundary, sizeof(boundary), "jitterbug-burp-%d-%d", getpid(), time(NULL));
++
++ /* maybe check for lp_download? */
++ /* maybe add info to audit? */
++ from = lp_from_address();
++
++ while (*query && *query == ' ') query++;
++ if (!strncmp(query, "list", 4)) {
++ char** dir_l, **file_l;
++ int i, j;
++ query += 4;
++ fd = smtp_start_mail(from, to, NULL, NULL, subject, 0);
++ if ( fd == -1 )
++ return 1;
++
++ msg_id = getmailheader(mbuf, "Message-ID:", 0);
++ if ( msg_id )
++ smtp_write(fd, "References: %s\n", msg_id);
++ smtp_write(fd, "\nList for query: %s\n\n", query);
++ trim_string(query, " ", " ");
++ /* use strtok to allow multiple queries */
++ if (!*query || *query == '/' || *query == '.') {
++ query = ".";
++ dir_l = load_dir_list(query, is_directory);
++ } else {
++ dir_l = new_list();
++ add_list_item(dir_l, query);
++ }
++ for (i=0; dir_l && dir_l[i]; ++i) {
++ file_l = load_dir_list(dir_l[i], is_a_bug);
++ /* maybe add subject, from, ... */
++ for (j=0; file_l && file_l[j]; ++j)
++ smtp_write(fd, "%s/%s\n", dir_l[i], file_l[j]);
++ free_list(file_l);
++ }
++ free_list(dir_l);
++ smtp_end_mail(fd);
++ return 0;
++ } else if (!strncmp(query, "get", 3)) {
++ query += 3;
++ } else if (!strncmp(query, "search", 6)) {
++ query += 6;
++ snprintf(buf, sizeof(buf), "Not implemeted (%s)\n", query);
++ return mail_failure(from, to, buf);
++ } else {
++ snprintf(buf, sizeof(buf), "Not implemeted (%s)\n", query);
++ return mail_failure(from, to, buf);
++ }
++
++ fd = smtp_start_mail(from, to, NULL, NULL, subject, 0);
++ if ( fd == -1 )
++ return 1;
++
++ msg_id = getmailheader(mbuf, "Message-ID:", 0);
++ if ( msg_id )
++ smtp_write(fd, "References: %s\n", msg_id);
++ smtp_write(fd, "Mime-Version: 1.0\n");
++ smtp_write(fd, "Content-Type: multipart/mixed; boundary=%s\n\n", boundary);
++ msg_list = strdup(query);
++ for (query = strtok(msg_list, " \t,;"); query; query = strtok(NULL, " \t,;")) {
++ smtp_write(fd, "\n--%s\nContent-Type: text/plain; charset=us-ascii\n", boundary);
++ /* a few security checks */
++ if (*query == '/' || strchr(query, '.') || !(p=strchr(query, '/'))) {
++ smtp_write(fd, "\nNot allowed (%s)\n", query);
++ continue;
++ }
++ *p = 0;
++ if ( !is_directory(query) ) {
++ smtp_write(fd, "\nNot allowed (%s)\n", query);
++ continue;
++ }
++ *p = '/';
++ bug = load_file(query, &st, 0);
++ if ( !bug ) {
++ smtp_write(fd, "\nCannot load (%s)\n", query);
++ continue;
++ }
++ /* replace / with _ in filename */
++ p = query;
++ while(*p) {
++ if (*p == '/') *p = '_';
++ ++p;
++ }
++ smtp_write(fd, "Content-Disposition: attachment; filename=\"%s\"\n\n", query);
++ smtp_write_data(fd, bug);
++ free(bug);
++ }
++ free(msg_list);
++
++ smtp_end_mail(fd);
++ return 0;
++}
+
+ int process_mail(char *def_dir)
+ {
+@@ -253,6 +380,10 @@
+ return 1;
+ }
+
++ if (strncasecmp(from, "MAILER-DAEMON", 13) == 0) {
++ fprintf(stderr,"Ignoring bounced mail\n");
++ return 1;
++ }
+
+ /* work out if it has an existing id */
+ id = getid(mbuf);
+@@ -273,6 +404,12 @@
+ }
+ }
+
++ subject = getmailheader(mbuf, "Subject:", 0);
++ if (subject && !strncmp(subject, "GETBUG:", 7)) {
++ unlink(".newnsg");
++ return get_bug(mbuf, from, subject + 7);
++ }
++
+ if (! *fname) {
+ char *idfile = load_file(".nextid", NULL, 0);
+ nextid=1;
+@@ -306,7 +443,6 @@
+ }
+
+ /* forward to "forward public" if message not marked private */
+- subject = getmailheader(mbuf, "Subject:", 0);
+
+ if (subject &&
+ lp_forward_public() && !strstr(subject,"PRIVATE")) {
diff --git a/misc/jitterbug/patches/patch-ad b/misc/jitterbug/patches/patch-ad
new file mode 100644
index 00000000000..c52cf718978
--- /dev/null
+++ b/misc/jitterbug/patches/patch-ad
@@ -0,0 +1,56 @@
+$NetBSD: patch-ad,v 1.1 2004/02/09 09:17:50 wennmach Exp $
+
+Deprecate varargs.
+Type fixes (from Debian GNU/Linux).
+
+--- snprintf.c.orig Sat Oct 31 05:36:20 1998
++++ snprintf.c Wed Jan 14 18:18:31 2004
+@@ -59,9 +59,10 @@
+
+ #if !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF)
+
+-/* Define this as a fall through, HAVE_STDARG_H is probably already set */
++/* deprecate VARARGS */
+
+-#define HAVE_VARARGS_H
++#undef HAVE_VARARGS_H
++#define HAVE_STDARG_H
+
+ /* varargs declarations: */
+
+@@ -263,7 +264,7 @@
+ case 'd':
+ case 'i':
+ if (cflags == DP_C_SHORT)
+- value = va_arg (args, short int);
++ value = va_arg (args, int);
+ else if (cflags == DP_C_LONG)
+ value = va_arg (args, long int);
+ else
+@@ -273,7 +274,7 @@
+ case 'o':
+ flags |= DP_F_UNSIGNED;
+ if (cflags == DP_C_SHORT)
+- value = va_arg (args, unsigned short int);
++ value = va_arg (args, unsigned int);
+ else if (cflags == DP_C_LONG)
+ value = (long)va_arg (args, unsigned long int);
+ else
+@@ -283,7 +284,7 @@
+ case 'u':
+ flags |= DP_F_UNSIGNED;
+ if (cflags == DP_C_SHORT)
+- value = va_arg (args, unsigned short int);
++ value = va_arg (args, unsigned int);
+ else if (cflags == DP_C_LONG)
+ value = (long)va_arg (args, unsigned long int);
+ else
+@@ -295,7 +296,7 @@
+ case 'x':
+ flags |= DP_F_UNSIGNED;
+ if (cflags == DP_C_SHORT)
+- value = va_arg (args, unsigned short int);
++ value = va_arg (args, unsigned int);
+ else if (cflags == DP_C_LONG)
+ value = (long)va_arg (args, unsigned long int);
+ else
diff --git a/misc/jitterbug/patches/patch-ae b/misc/jitterbug/patches/patch-ae
new file mode 100644
index 00000000000..b3554e7444b
--- /dev/null
+++ b/misc/jitterbug/patches/patch-ae
@@ -0,0 +1,18 @@
+$NetBSD: patch-ae,v 1.1 2004/02/09 09:17:50 wennmach Exp $
+
+Security patch (from Debian GNU/Linux).
+See http://www.debian.org/security/2004/dsa-420
+
+--- util.c.orig Thu Aug 20 03:22:45 1998
++++ util.c Wed Jan 14 17:34:04 2004
+@@ -371,6 +371,10 @@
+ extern int done_chroot;
+
+ p = lp_chroot_directory();
++ if (!lp_base_directory()) {
++ fprintf(stderr, "No base directory: cannot continue\n");
++ exit(1);
++ }
+
+ if (done_chroot || !p || !*p) {
+ check_overflow(strlen(lp_base_directory())+10, sizeof(buf));
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-21 10:38:35 +0000