diff options
| author | Oliver Eikemeier <eik@FreeBSD.org> | 2004-04-27 21:59:18 +0000 |
|---|---|---|
| committer | Oliver Eikemeier <eik@FreeBSD.org> | 2004-04-27 21:59:18 +0000 |
| commit | e13005db602644ff1129a78c9d24f2ba032b1330 (patch) | |
| tree | 062083c50cf980e282f0cbbb0e316291f17b9c8d | |
| parent | 447cace83da93aae58f75d770ffbba46fb83bfe8 (diff) | |
| download | ports-e13005db602644ff1129a78c9d24f2ba032b1330.tar.gz ports-e13005db602644ff1129a78c9d24f2ba032b1330.zip | |
Update to version 2.6.1
<http://rsync.samba.org/ftp/rsync/rsync-2.6.1-NEWS>:
SECURITY FIXES:
- Paths sent to an rsync daemon are more thoroughly sanitized when
chroot is not used. If you're running a non-read-only rsync
daemon with chroot disabled, *please upgrade*, ESPECIALLY if the
user privs you run rsync under is anything above "nobody".
Approved by: marcus (portmgr)
Notes
Notes:
svn path=/head/; revision=107814
| -rw-r--r-- | net/rsync/Makefile | 29 | ||||
| -rw-r--r-- | net/rsync/distinfo | 4 | ||||
| -rw-r--r-- | net/rsync/files/extra-patch-socket.c | 178 |
3 files changed, 14 insertions, 197 deletions
diff --git a/net/rsync/Makefile b/net/rsync/Makefile index cc20030bc4c0..f2f558a662e6 100644 --- a/net/rsync/Makefile +++ b/net/rsync/Makefile @@ -7,12 +7,15 @@ # PORTNAME= rsync -PORTVERSION= 2.6.0 +PORTVERSION= 2.6.1 CATEGORIES= net ipv6 -MASTER_SITES= ftp://samba.anu.edu.au/pub/rsync/ \ - ftp://sunsite.auc.dk/pub/unix/rsync/ \ - ftp://ftp.sunet.se/pub/unix/admin/rsync/ \ - ftp://ftp.fu-berlin.de/pub/unix/network/rsync/ +MASTER_SITES= http://rsync.samba.org/ftp/%SUBDIR%/ \ + ftp://rsync.samba.org/pub/%SUBDIR%/ \ + ftp://samba.anu.edu.au/pub/%SUBDIR%/ \ + ftp://sunsite.auc.dk/pub/unix/%SUBDIR%/ \ + ftp://ftp.sunet.se/pub/unix/admin/%SUBDIR%/ \ + ftp://ftp.fu-berlin.de/pub/unix/network/%SUBDIR%/ +MASTER_SITE_SUBDIR= rsync MAINTAINER= eik@FreeBSD.org COMMENT= A network file distribution/synchronization utility @@ -21,9 +24,11 @@ COMMENT= A network file distribution/synchronization utility LIB_DEPENDS= popt.0:${PORTSDIR}/devel/popt .endif +USE_RC_SUBR= yes USE_REINPLACE= yes GNU_CONFIGURE= yes -CONFIGURE_ARGS= --disable-debug +CONFIGURE_ARGS= --disable-debug \ + --with-rsyncd-conf=${PREFIX}/etc/rsyncd.conf CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL} .if defined(WITH_POPT_PORT) @@ -39,12 +44,6 @@ PORTDOCS= NEWS README csprotocol.txt tech_report.tex .include <bsd.port.pre.mk> -.if ${OSVERSION} >= 500038 -RC_SUBR?= /etc/rc.subr -.else -USE_RC_SUBR= yes -.endif - SED_SCRIPT+= -e 's,%%PREFIX%%,${PREFIX},g' \ -e 's,%%RC_SUBR%%,${RC_SUBR},g' @@ -62,10 +61,6 @@ CONFIGURE_ARGS+= --enable-ipv6 CONFIGURE_ARGS+= --disable-ipv6 .endif -.if ${OSVERSION} >= 500043 -EXTRA_PATCHES= ${FILESDIR}/extra-patch-socket.c -.endif - MAN1= rsync.1 MAN5= rsyncd.conf.5 @@ -88,7 +83,7 @@ post-build: post-install: @${STRIP_CMD} ${PREFIX}/bin/rsync @${INSTALL_DATA} ${FILESDIR}/rsyncd.conf.sample ${PREFIX}/etc/ - @[ -f ${PREFIX}/etc/rsyncd.conf ] || cp ${PREFIX}/etc/rsyncd.conf.sample ${PREFIX}/etc/rsyncd.conf + @[ -f ${PREFIX}/etc/rsyncd.conf ] || ${CP} ${PREFIX}/etc/rsyncd.conf.sample ${PREFIX}/etc/rsyncd.conf @${INSTALL_SCRIPT} ${WRKDIR}/rsyncd.sh ${PREFIX}/etc/rc.d/ .if !defined(NOPORTDOCS) @${MKDIR} ${DOCSDIR} diff --git a/net/rsync/distinfo b/net/rsync/distinfo index 202cabc56ca1..975cb6c4b2a3 100644 --- a/net/rsync/distinfo +++ b/net/rsync/distinfo @@ -1,2 +1,2 @@ -MD5 (rsync-2.6.0.tar.gz) = 3f24bf31aec0a657eb3b6844c3f09f21 -SIZE (rsync-2.6.0.tar.gz) = 464920 +MD5 (rsync-2.6.1.tar.gz) = ec09e62961c8edd0f9d3710b5ecb5b16 +SIZE (rsync-2.6.1.tar.gz) = 511412 diff --git a/net/rsync/files/extra-patch-socket.c b/net/rsync/files/extra-patch-socket.c deleted file mode 100644 index dbfb08d36ba7..000000000000 --- a/net/rsync/files/extra-patch-socket.c +++ /dev/null @@ -1,178 +0,0 @@ -Index: socket.c -diff -u socket.c.orig socket.c ---- socket.c.orig Mon Jan 27 12:35:09 2003 -+++ socket.c Sat Feb 8 00:06:59 2003 -@@ -292,11 +292,11 @@ - * @param bind_address Local address to bind, or NULL to allow it to - * default. - **/ --static int open_socket_in(int type, int port, const char *bind_address, -- int af_hint) -+static int *open_socket_in(int type, int port, const char *bind_address, -+ int af_hint) - { - int one=1; -- int s; -+ int *s, *socks, maxs; - struct addrinfo hints, *all_ai, *resp; - char portbuf[10]; - int error; -@@ -310,41 +310,65 @@ - if (error) { - rprintf(FERROR, RSYNC_NAME ": getaddrinfo: bind address %s: %s\n", - bind_address, gai_strerror(error)); -- return -1; -+ return NULL; -+ } -+ -+ /* Count max number of sockets we may open */ -+ for (maxs = 0, resp = all_ai; resp; resp = resp->ai_next, maxs++) -+ ; -+ socks = malloc((maxs + 1) * sizeof(int)); -+ if (!socks) { -+ rprintf(FERROR, -+ RSYNC_NAME "couldn't allocate memory for sockets"); -+ return NULL; - } - - /* We may not be able to create the socket, if for example the - * machine knows about IPv6 in the C library, but not in the - * kernel. */ -+ *socks = 0; /* num of sockets counter at start of array */ -+ s = socks + 1; - for (resp = all_ai; resp; resp = resp->ai_next) { -- s = socket(resp->ai_family, resp->ai_socktype, -+ *s = socket(resp->ai_family, resp->ai_socktype, - resp->ai_protocol); - -- if (s == -1) -+ if (*s == -1) - /* See if there's another address that will work... */ - continue; - -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -+ setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, - (char *)&one, sizeof one); - -+#ifdef IPV6_V6ONLY -+ if (resp->ai_family == AF_INET6) -+ setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (char *)&one, sizeof one); -+#endif -+ - /* now we've got a socket - we need to bind it */ -- if (bind(s, all_ai->ai_addr, all_ai->ai_addrlen) < 0) { -+ if (bind(*s, resp->ai_addr, resp->ai_addrlen) < 0) { - /* Nope, try another */ -- close(s); -+ close(*s); - continue; - } - -- freeaddrinfo(all_ai); -- return s; -+ (*socks)++; -+ s++; - } - -- rprintf(FERROR, RSYNC_NAME ": open inbound socket on port %d failed: " -- "%s\n", -- port, -- strerror(errno)); -+ if (all_ai) -+ freeaddrinfo(all_ai); - -- freeaddrinfo(all_ai); -- return -1; -+ if (*socks == 0) { -+ rprintf(FERROR, -+ RSYNC_NAME ": open inbound socket on port %d failed: " -+ "%s\n", -+ port, -+ strerror(errno)); -+ free(socks); -+ return NULL; -+ } -+ return socks; - } - - -@@ -376,19 +400,29 @@ - - void start_accept_loop(int port, int (*fn)(int, int)) - { -- int s; -+ fd_set deffds; -+ int *s, maxfd, i, j; - extern char *bind_address; - extern int default_af_hint; - - /* open an incoming socket */ - s = open_socket_in(SOCK_STREAM, port, bind_address, default_af_hint); -- if (s == -1) -+ if (s == NULL) - exit_cleanup(RERR_SOCKETIO); - - /* ready to listen */ -- if (listen(s, 5) == -1) { -- close(s); -- exit_cleanup(RERR_SOCKETIO); -+ FD_ZERO(&deffds); -+ maxfd = -1; -+ for (i = 1; i <= *s; i++) { -+ if (listen(s[i], 5) == -1) { -+ for (j = 1; j <= i; j++) -+ close(s[j]); -+ free(s); -+ exit_cleanup(RERR_SOCKETIO); -+ } -+ FD_SET(s[i], &deffds); -+ if (maxfd < s[i]) -+ maxfd = s[i]; - } - - -@@ -406,16 +440,20 @@ - forever */ - log_close(); - -- FD_ZERO(&fds); -- FD_SET(s, &fds); -+ FD_COPY(&deffds, &fds); - -- if (select(s+1, &fds, NULL, NULL, NULL) != 1) { -+ if (select(maxfd + 1, &fds, NULL, NULL, NULL) != 1) { - continue; - } - -- if(!FD_ISSET(s, &fds)) continue; -- -- fd = accept(s,(struct sockaddr *)&addr,&addrlen); -+ fd = -1; -+ for (i = 1; i <= *s; i++) { -+ if (FD_ISSET(s[i], &fds)) { -+ fd = accept(s[i], (struct sockaddr *)&addr, -+ &addrlen); -+ break; -+ } -+ } - - if (fd == -1) continue; - -@@ -430,7 +468,7 @@ - - if ((pid = fork()) == 0) { - int ret; -- close(s); -+ close(s[i]); - /* open log file in child before possibly giving - up privileges */ - log_open(); -@@ -452,6 +490,7 @@ - close(fd); - } - } -+ free(s); - } - - |