From 40e21d7860b67e65ae2c35ea7928f998034c7dfe Mon Sep 17 00:00:00 2001 From: itohy Date: Thu, 9 Nov 2000 03:52:51 +0000 Subject: skkserv: IPv6 support. More reliable dictionary re-reading. Avoid copying fd_set. getuid() -> geteuid() Update version to 3.9.4nb1. skkdic-expr: Safer temporary file handling against symlink attack (O_EXCL). --- japanese/skkserv/Makefile | 19 ++- japanese/skkserv/files/patch-sum | 8 +- japanese/skkserv/patches/patch-af | 245 +++++++++++++++++++++++++++++++-- japanese/skkserv/patches/patch-ag | 40 +++++- japanese/skkserv/patches/patch-bsearch | 20 +-- 5 files changed, 297 insertions(+), 35 deletions(-) (limited to 'japanese/skkserv') diff --git a/japanese/skkserv/Makefile b/japanese/skkserv/Makefile index 098c26b1880..4b26996d64a 100644 --- a/japanese/skkserv/Makefile +++ b/japanese/skkserv/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ +# $NetBSD: Makefile,v 1.2 2000/11/09 03:52:51 itohy Exp $ DISTNAME= skk9.6 -PKGNAME= skkserv-3.9.4 +PKGNAME= skkserv-3.9.4nb1 WRKSRC= ${WRKDIR}/skk-9.6 CATEGORIES= japanese MASTER_SITES= ftp://skk.kuis.kyoto-u.ac.jp/skk/9.6/ @@ -19,8 +19,19 @@ GNU_CONFIGURE= YES INSTALL_FILE= ${WRKDIR}/INSTALL MESSAGE_FILE= ${WRKDIR}/MESSAGE -SKKSERV_UID?= 32767 -SKKSERV_GID?= 32766 +.include "../../mk/bsd.prefs.mk" + +.if (${OPSYS} == "SunOS") +.if exists(/usr/ccs) +SKKSERV_UID?= 60002 # noaccess +SKKSERV_GID?= 60002 # noaccess +.else +SKKSERV_UID?= 65534 # nobody +SKKSERV_GID?= 65534 # nogroup +.endif +.endif +SKKSERV_UID?= 32767 # nobody +SKKSERV_GID?= 32766 # nogroup MAKE_ENV= MAKE_FLAGS='SKKUID=${SKKSERV_UID} SKKGID=${SKKSERV_GID}' # tmp for building dictionary. ~16MB required. mfs would be much faster. diff --git a/japanese/skkserv/files/patch-sum b/japanese/skkserv/files/patch-sum index a06bcaa6e42..e5b47b7249d 100644 --- a/japanese/skkserv/files/patch-sum +++ b/japanese/skkserv/files/patch-sum @@ -1,11 +1,11 @@ -$NetBSD: patch-sum,v 1.4 2000/07/26 03:40:53 itohy Exp $ +$NetBSD: patch-sum,v 1.5 2000/11/09 03:52:51 itohy Exp $ MD5 (patch-aa) = 4755129f92972489cb1f7bba2a7370f9 MD5 (patch-ab) = ea1b5133ffe3184d6a92735eb9f31f13 MD5 (patch-ac) = 35889fef05e7b4b7d12376c9e2ce5bba MD5 (patch-ad) = 5e4b28776c2bf7753dc095df10468b36 MD5 (patch-ae) = 126c617a8a4d630a9785aa639ede10f5 -MD5 (patch-af) = 6e4d240675ee731c591c80599c332928 -MD5 (patch-ag) = 264a703f7141e814998af34bf97bdeb1 -MD5 (patch-bsearch) = ae90c6d2ed8f4e529f66f3cde3d2f60d +MD5 (patch-af) = c9a802066fec8b594299c34042932a43 +MD5 (patch-ag) = 1a404ef74d03bb74985298e41ce3f2ce +MD5 (patch-bsearch) = 2a5050c50393ef55058281d0d53ba0ff MD5 (patch-jisyo) = 2b7d2df7a1c9ce3655410e37bd3f9ef5 diff --git a/japanese/skkserv/patches/patch-af b/japanese/skkserv/patches/patch-af index 8d3b7c936d5..a57c3aa4fa9 100644 --- a/japanese/skkserv/patches/patch-af +++ b/japanese/skkserv/patches/patch-af @@ -1,16 +1,48 @@ -$NetBSD: patch-af,v 1.2 2000/07/26 03:40:54 itohy Exp $ +$NetBSD: patch-af,v 1.3 2000/11/09 03:52:51 itohy Exp $ --- skkserv/skkserv.c.orig Tue Jan 21 04:16:36 1997 -+++ skkserv/skkserv.c Wed Jul 26 12:15:44 2000 -@@ -132,6 +132,16 @@ - int ctlterm; /* fildes for control terminal */ - void reread(); ++++ skkserv/skkserv.c Mon Nov 6 00:12:57 2000 +@@ -100,14 +100,16 @@ + #define SERVER_NOT_FOUND "4" + #define SERVER_FULL "9" + ++#define warn(m) \ ++ {if (debug) fprintf(errout, "%s: %s\n", pgmnm, m);} + #define err(m) \ +- {if (debug) fprintf(errout, "%s: %s\n", pgmnm, m); exit(1);} ++ {warn(m); exit(1);} + + /* + * Global Variables + */ + +-char pgmver[] = "3.9.4 "; /* version number */ ++char pgmver[] = "3.9.4nb1 "; /* version number */ + + char *pgmnm; /* program name */ + char *jname; /* name of shared dictionary */ +@@ -121,6 +123,9 @@ + int jtab1[KANAMOJI]; /* index-table by 1st letter (1st part)*/ + int jtab2[KANAMOJI]; /* index-table by 1st letter (2nd part)*/ + int initsock; /* socket for waiting requests */ ++#ifdef PF_INET6 ++int initsock6; /* IPv6 socket for waiting requests */ ++#endif + int clientsock[MAXCLNT]; /* socket for each client */ + int nclients; /* max index for active clients */ +@@ -130,8 +135,18 @@ + int parg; + int setjisho = 0; + int ctlterm; /* fildes for control terminal */ +- void reread(); ++ RETSIGTYPE req_reread(); ++ +#ifdef SKKSERV_UID + gid_t gid = SKKSERV_GID; -+ + + /* revoke privilege if any */ -+ if (getuid() == 0) { ++ if (geteuid() == 0) { + setgroups(1, &gid); + setgid(SKKSERV_GID); + setuid(SKKSERV_UID); @@ -19,7 +51,7 @@ $NetBSD: patch-af,v 1.2 2000/07/26 03:40:54 itohy Exp $ pgmnm = argv[0]; debug = 0; errout = stderr; -@@ -200,7 +210,10 @@ +@@ -200,7 +215,10 @@ fclose(stderr); /* detach child process from control terminal */ @@ -31,7 +63,7 @@ $NetBSD: patch-af,v 1.2 2000/07/26 03:40:54 itohy Exp $ if ((ctlterm = open("/dev/tty", 2)) >= 0) { ioctl(ctlterm, TIOCNOTTY, 0); close(ctlterm); -@@ -215,6 +228,7 @@ +@@ -215,6 +233,7 @@ signal(SIGHUP, SIG_IGN); if (fork() != 0) exit(0); #endif @@ -39,7 +71,198 @@ $NetBSD: patch-af,v 1.2 2000/07/26 03:40:54 itohy Exp $ } else { /* debug mode */ fprintf(errout, "SKK-JISYO is %s\n", jname); fflush(errout); -@@ -724,6 +738,9 @@ +@@ -222,7 +241,7 @@ + if (errout != stderr) fclose(stderr); + } + +- signal(SIGINT, reread); ++ signal(SIGINT, req_reread); + /* 1993/6/5 by kam, re-read dictionary by "INT" signal */ + + nclients = 0; +@@ -244,8 +263,11 @@ + mksock() + { + struct sockaddr_in sin; ++#ifdef PF_INET6 ++ struct sockaddr_in6 sin6; ++#endif + struct servent *sp; +- int optbuf = 1; /* enable socket REUSEADDR */ ++ int optbuf; /* enable socket REUSEADDR */ + + bzero((char*)&sin, sizeof(sin)); + sin.sin_family = AF_INET; +@@ -262,16 +284,54 @@ + sin.sin_port = htons(portnum); + + if ((initsock = socket(PF_INET, SOCK_STREAM, 0)) < 0) +- err("socket error; socket cannot be created"); +- if (setsockopt(initsock, SOL_SOCKET, SO_REUSEADDR, ++ warn("socket error; socket cannot be created"); ++#ifdef PF_INET6 ++ bzero((char*)&sin6, sizeof(sin6)); ++ sin6.sin6_family = AF_INET6; ++ /* sin6.sin6_addr.s6_addr = IN6ADDR_ANY_INIT; ... all-zero pattern */ ++ sin6.sin6_port = htons(portnum); ++ if ((initsock6 = socket(PF_INET6, SOCK_STREAM, 0)) < 0) ++ warn("socket error; IPv6 socket cannot be created"); ++#endif ++ optbuf = 1; ++ if (initsock >= 0 && setsockopt(initsock, SOL_SOCKET, SO_REUSEADDR, ++ &optbuf, sizeof(optbuf)) < 0) ++ warn("socket error; cannot set socket option"); ++#ifdef PF_INET6 ++ optbuf = 1; ++ if (initsock6 >= 0 && setsockopt(initsock6, SOL_SOCKET, SO_REUSEADDR, + &optbuf, sizeof(optbuf)) < 0) +- err("socket error; cannot set socket option"); +- if (bind(initsock, (struct sockaddr *)&sin, sizeof(sin))< 0) +- err("bind error; the socket is already used"); +- if (listen(initsock, MAXQUE) < 0) ++ warn("socket error; cannot set socket option"); ++#endif ++ if (initsock >= 0 && bind(initsock, (struct sockaddr *)&sin, sizeof(sin))< 0) { ++ warn("bind error; the socket is already used"); ++ close(initsock); ++ initsock = -1; ++ } ++#ifdef PF_INET6 ++ if (initsock6 >= 0 && bind(initsock6, (struct sockaddr *)&sin6, sizeof(sin6))< 0) { ++ warn("bind error; the socket is already used"); ++ close(initsock6); ++ initsock6 = -1; ++ } ++#endif ++ if (initsock < 0 ++#ifdef PF_INET6 ++ && initsock6 < 0 ++#endif ++ ) ++ exit(1); ++ if (initsock >= 0 && listen(initsock, MAXQUE) < 0) + err("listen error; something wrong happened with the socket"); ++#ifdef PF_INET6 ++ if (initsock6 >= 0 && listen(initsock6, MAXQUE) < 0) ++ err("listen error; something wrong happened with the IPv6 socket"); ++#endif + if (debug) { + fprintf(errout, "file descriptor for initsock is %d\n", initsock); ++#ifdef PF_INET6 ++ fprintf(errout, "file descriptor for initsock6 is %d\n", initsock6); ++#endif + fflush(errout); + } + } +@@ -303,8 +363,19 @@ + mkoldjtab(buf); + } + ++/* using stdio in signal handler is unsafe */ ++#ifdef __STDC__ ++volatile ++#endif ++int reread_requested; ++ ++RETSIGTYPE req_reread() ++{ ++ reread_requested = 1; ++} ++ + /* 1993/6/5 by kam, re-read dictionary by "INT" signal */ +-RETSIGTYPE reread() ++void reread() + { + if (fclose(jisho) < 0) { + fprintf(stderr, +@@ -455,15 +526,22 @@ + main_loop() + { + fd_set readfds, writefds, exceptfds; +- fd_set getrfds(); ++ void getrfds(); + struct sockaddr_in from; ++#ifdef PF_INET6 ++ struct sockaddr_in6 from6; ++#endif + int len; + register int i; + + FD_ZERO(&writefds); + FD_ZERO(&exceptfds); + for(;;) { /* infinite loop; waiting for client's request */ +- readfds = getrfds(); ++ if (reread_requested) { ++ reread(); ++ reread_requested = 0; ++ } ++ getrfds(&readfds); + if (select(MAXDTAB, &readfds, &writefds, &exceptfds, NULL) < 0) { + if (errno == EINTR) /* if signal happens */ + continue; +@@ -474,16 +552,32 @@ + fflush(errout); + } + +- if (FD_ISSET(initsock, &readfds)) { ++ if (initsock >= 0 && FD_ISSET(initsock, &readfds)) { + len = sizeof(from); + if ((clientsock[nclients ++] = accept(initsock, &from, &len)) < 0) { + err("accept error; something wrong happened with the socket"); + } +- if (nclients >= MAXDTAB - 3 - debug * 2) { ++ if (nclients >= MAXDTAB - 3 ++#ifdef PF_INET6 ++ -1 ++#endif ++ - debug * 2) { + write(clientsock[--nclients], SERVER_FULL, 1); + close(clientsock[nclients]); + } + } ++#ifdef PF_INET6 ++ if (initsock6 >= 0 && FD_ISSET(initsock6, &readfds)) { ++ len = sizeof(from6); ++ if ((clientsock[nclients ++] = accept(initsock6, &from6, &len)) < 0) { ++ err("accept error; something wrong happened with the socket"); ++ } ++ if (nclients >= MAXDTAB - 4 - debug * 2) { ++ write(clientsock[--nclients], SERVER_FULL, 1); ++ close(clientsock[nclients]); ++ } ++ } ++#endif + + /* naiive scheduling */ + for (i = 0; i < nclients; i ++) +@@ -511,16 +605,20 @@ + * get bit pattern of read file descriptor + */ + +-fd_set getrfds() ++void getrfds(rfds) ++fd_set *rfds; + { +- fd_set rfds; + register int i; + +- FD_ZERO(&rfds); +- FD_SET(initsock, &rfds); ++ FD_ZERO(rfds); ++ if (initsock >= 0) ++ FD_SET(initsock, rfds); ++#ifdef PF_INET6 ++ if (initsock6 >= 0) ++ FD_SET(initsock6, rfds); ++#endif + for (i = 0; i < nclients; i ++) +- FD_SET(clientsock[i], &rfds); +- return (rfds); ++ FD_SET(clientsock[i], rfds); + } + + /* +@@ -724,6 +822,9 @@ exit(1); } hentry = gethostbyname(hname); @@ -49,7 +272,7 @@ $NetBSD: patch-af,v 1.2 2000/07/26 03:40:54 itohy Exp $ #ifdef NO_ADDR_LIST strcat(hname, ":"); strcat(hname, hentry->h_addr); -@@ -736,6 +753,7 @@ +@@ -736,6 +837,7 @@ strcat(hname, inet_ntoa(*(struct in_addr *)*p++)); } #endif diff --git a/japanese/skkserv/patches/patch-ag b/japanese/skkserv/patches/patch-ag index b2aad4f39e2..cb4b002e434 100644 --- a/japanese/skkserv/patches/patch-ag +++ b/japanese/skkserv/patches/patch-ag @@ -1,8 +1,8 @@ -$NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ +$NetBSD: patch-ag,v 1.2 2000/11/09 03:52:51 itohy Exp $ --- jisyo-tools/skkdic-expr.c.orig Tue Dec 17 14:51:28 1996 -+++ jisyo-tools/skkdic-expr.c Tue Dec 21 20:37:29 1999 -@@ -78,41 +78,62 @@ ++++ jisyo-tools/skkdic-expr.c Mon Nov 6 01:34:22 2000 +@@ -78,59 +78,86 @@ } } @@ -66,6 +66,10 @@ $NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ } } ++#ifndef O_EXCL ++#define O_EXCL 0 ++#endif ++ /* データベースファイルを作成 */ -static void db_make_files() +static void db_make_files(tmpdir) @@ -73,6 +77,7 @@ $NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ { - sprintf(file_name, "/tmp/skkjisyo.%d", getpid()); + int pid = getpid(); ++ int fd; + + sprintf(file_name, "%s/skkjisyo.%d", tmpdir, pid); if (okurigana_flag) { @@ -83,7 +88,30 @@ $NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ } db_remove_files(); -@@ -698,7 +719,7 @@ +- if ((db = dbm_open(file_name, O_RDWR|O_CREAT, 0600)) == NULL){ ++ if ((db = dbm_open(file_name, O_RDWR|O_CREAT|O_EXCL, 0600)) == NULL){ + perror(file_name); + exit(1); + } +- if ((dbcontent = fopen(file_name, "w+")) == NULL){ ++ if ((fd = open(file_name, O_RDWR|O_CREAT|O_EXCL, 0600)) < 0 || ++ (dbcontent = fdopen(fd, "w+")) == NULL){ + perror(file_name); + exit(1); + } + if (okurigana_flag) { +- if ((okuriheaddb = dbm_open(okuri_head_name, O_RDWR|O_CREAT, 0600)) ++ if ((okuriheaddb = dbm_open(okuri_head_name, O_RDWR|O_CREAT|O_EXCL, 0600)) + == NULL){ + perror(okuri_head_name); + exit(1); + } +- if ((okuritaildb = dbm_open(okuri_tail_name, O_RDWR|O_CREAT, 0600)) ++ if ((okuritaildb = dbm_open(okuri_tail_name, O_RDWR|O_CREAT|O_EXCL, 0600)) + == NULL){ + perror(okuri_tail_name); + exit(1); +@@ -698,7 +725,7 @@ for (key = dbm_firstkey(db); key.dptr != NULL; key = dbm_nextkey(db)) { content = dbm_fetch(db, key); for(i = 0; i < key.dsize; ++ i) @@ -92,7 +120,7 @@ $NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ putc(' ', output); fseek(dbcontent, getpos(content.dptr), 0); db_gets(kanji, BLEN, dbcontent); -@@ -716,7 +737,7 @@ +@@ -716,7 +743,7 @@ if (entry.dptr != NULL) continue; for(i = 0; i < key.dsize; ++ i) @@ -101,7 +129,7 @@ $NetBSD: patch-ag,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ putc(' ', output); putc('/', output); okuri_type_out(&key, output); -@@ -775,9 +796,8 @@ +@@ -775,9 +802,8 @@ exit(1); } diff --git a/japanese/skkserv/patches/patch-bsearch b/japanese/skkserv/patches/patch-bsearch index ea66753b588..07a3d35be5d 100644 --- a/japanese/skkserv/patches/patch-bsearch +++ b/japanese/skkserv/patches/patch-bsearch @@ -1,21 +1,21 @@ -$NetBSD: patch-bsearch,v 1.1.1.1 1999/12/24 03:19:23 itohy Exp $ +$NetBSD: patch-bsearch,v 1.2 2000/11/09 03:52:51 itohy Exp $ Binary search patch. Originally from skk-users mailing list (Masahiro Doteguchi, Mailinglist-Id: 1779). ---- skkserv/skkserv.c.patch1 Tue Dec 21 15:50:59 1999 -+++ skkserv/skkserv.c Tue Dec 21 16:01:06 1999 -@@ -107,7 +107,7 @@ +--- skkserv/skkserv.c.patch1 Mon Nov 6 00:12:57 2000 ++++ skkserv/skkserv.c Mon Nov 6 00:15:00 2000 +@@ -109,7 +109,7 @@ * Global Variables */ --char pgmver[] = "3.9.4 "; /* version number */ -+char pgmver[] = "3.9.4 (binary search) "; /* version number */ +-char pgmver[] = "3.9.4nb1 "; /* version number */ ++char pgmver[] = "3.9.4nb1 (binary search) "; /* version number */ char *pgmnm; /* program name */ char *jname; /* name of shared dictionary */ -@@ -538,7 +538,7 @@ +@@ -622,7 +622,7 @@ } /* @@ -24,7 +24,7 @@ Originally from skk-users mailing list */ search(commsock) -@@ -551,6 +551,7 @@ +@@ -635,6 +635,7 @@ int n; /* number of characters from client */ int sttpnt; /* start point of searching */ int endpnt; /* end point of searching */ @@ -32,7 +32,7 @@ Originally from skk-users mailing list int errcod = 0; /* error flag */ int sstyle; /* search style */ -@@ -659,18 +660,36 @@ +@@ -743,18 +744,36 @@ endpnt = jtab1[KANA_END - code + 1]; } } @@ -75,7 +75,7 @@ Originally from skk-users mailing list if ((errcod = write(commsock, SERVER_FOUND, 1)) >= 0) while ((c = fgetc(jisho)) != EOF) { *pbuf = c; -@@ -686,18 +705,35 @@ +@@ -770,18 +789,35 @@ } return(0); } -- cgit v1.2.3