diff options
| author | Jun Kuriyama <kuriyama@FreeBSD.org> | 2008-01-09 13:27:05 +0000 |
|---|---|---|
| committer | Jun Kuriyama <kuriyama@FreeBSD.org> | 2008-01-09 13:27:05 +0000 |
| commit | cba7f67025acdecfb1596e8497a3b882e065dc38 (patch) | |
| tree | fa6ec653294178c12d425d67fb128bb59c58d7b9 /net-mgmt/net-snmp-devel/files | |
| parent | 3c75a5e54cde2a59a71100c410d6a59f71274657 (diff) | |
| download | ports-cba7f67025acdecfb1596e8497a3b882e065dc38.tar.gz ports-cba7f67025acdecfb1596e8497a3b882e065dc38.zip | |
Notes
Diffstat (limited to 'net-mgmt/net-snmp-devel/files')
6 files changed, 5 insertions, 195 deletions
diff --git a/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846 b/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846 deleted file mode 100644 index f3bc3e566731..000000000000 --- a/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846 +++ /dev/null @@ -1,105 +0,0 @@ -Index: man/snmpd.conf.5.def -=================================================================== ---- man/snmpd.conf.5.def (revision 16338) -+++ man/snmpd.conf.5.def (working copy) -@@ -71,6 +71,28 @@ - .IP "leave_pidfile yes" - instructs the agent to not remove its pid file on shutdown. Equivalent to - specifying "-U" on the command line. -+.IP "maxGetbulkRepeats NUM" -+Sets the maximum number of responses allowed for a single variable in -+a getbulk request. Set to 0 to enable the default and set it to -1 to -+enable unlimited. Because memory is allocated ahead of time, sitting -+this to unlimited is not considered safe if your user population can -+not be trusted. A repeat number greater than this will be truncated -+to this value. -+.IP -+This is set by default to -1. -+.IP "maxGetbulkResponses NUM" -+Sets the maximum number of responses allowed for a getbulk request. -+This is set by default to 100. Set to 0 to enable the default and set -+it to -1 to enable unlimited. Because memory is allocated ahead of -+time, sitting this to unlimited is not considered safe if your user -+population can not be trusted. -+.IP -+In general, the total number of responses will not be allowed to -+exceed the maxGetbulkResponses number and the total number returned -+will be an integer multiple of the number of variables requested times -+the calculated number of repeats allow to fit below this number. -+.IP -+Also not that processing of maxGetbulkRepeats is handled first. - .SS SNMPv3 Configuration - SNMPv3 requires an SNMP agent to define a unique "engine ID" - in order to respond to SNMPv3 requests. -Index: include/net-snmp/agent/ds_agent.h -=================================================================== ---- include/net-snmp/agent/ds_agent.h (revision 16338) -+++ include/net-snmp/agent/ds_agent.h (working copy) -@@ -59,5 +59,7 @@ - #define NETSNMP_DS_AGENT_CACHE_TIMEOUT 10 /* default cache timeout */ - #define NETSNMP_DS_AGENT_INTERNAL_VERSION 11 /* used by internal queries */ - #define NETSNMP_DS_AGENT_INTERNAL_SECLEVEL 12 /* used by internal queries */ -+#define NETSNMP_DS_AGENT_MAX_GETBULKREPEATS 13 /* max getbulk repeats */ -+#define NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES 14 /* max getbulk respones */ - - #endif -Index: agent/snmp_agent.c -=================================================================== ---- agent/snmp_agent.c (revision 16338) -+++ agent/snmp_agent.c (working copy) -@@ -2156,7 +2156,6 @@ - * getbulk prep - */ - int count = count_varbinds(asp->pdu->variables); -- - if (asp->pdu->errstat < 0) { - asp->pdu->errstat = 0; - } -@@ -2173,8 +2172,37 @@ - r = 0; - asp->bulkcache = NULL; - } else { -+ int numresponses; -+ int maxbulk = -+ netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, -+ NETSNMP_DS_AGENT_MAX_GETBULKREPEATS); -+ int maxresponses = -+ netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, -+ NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES); -+ -+ if (maxresponses == 0) -+ maxresponses = 100; /* more than reasonable default */ -+ -+ if (maxbulk == 0) -+ maxbulk = -1; -+ -+ /* limit getbulk number of repeats to a configured size */ -+ if (asp->pdu->errindex > maxbulk && maxbulk != -1) { -+ asp->pdu->errindex = maxbulk; -+ } -+ -+ numresponses = asp->pdu->errindex * r; -+ -+ /* limit getbulk number of getbulk responses to a configured size */ -+ if (maxresponses != -1 && numresponses > maxresponses) { -+ /* attempt to truncate this */ -+ asp->pdu->errindex = maxresponses/r; -+ numresponses = asp->pdu->errindex * r; -+ DEBUGMSGTL(("snmp_agent", "truncating number of getbulk repeats to %d\n", asp->pdu->errindex)); -+ } -+ - asp->bulkcache = -- (netsnmp_variable_list **) malloc(asp->pdu->errindex * r * -+ (netsnmp_variable_list **) malloc(numresponses * - sizeof(struct - varbind_list *)); - if (!asp->bulkcache) { -@@ -2184,6 +2212,8 @@ - } - DEBUGMSGTL(("snmp_agent", "GETBULK N = %d, M = %d, R = %d\n", - n, asp->pdu->errindex, r)); -+ fprintf(stderr, "GETBULK N = %d, M = %d, R = %d\n", -+ n, asp->pdu->errindex, r); - } - - /* diff --git a/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846-agent_read_config.c b/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846-agent_read_config.c deleted file mode 100644 index 7400bec01409..000000000000 --- a/net-mgmt/net-snmp-devel/files/patch-CVE-2007-5846-agent_read_config.c +++ /dev/null @@ -1,15 +0,0 @@ ---- agent/agent_read_config.c.orig 2006-04-21 07:15:41.000000000 +0900 -+++ agent/agent_read_config.c 2007-11-14 07:49:18.676387454 +0900 -@@ -255,6 +255,12 @@ - netsnmp_ds_register_config(ASN_BOOLEAN, app, "leave_pidfile", - NETSNMP_DS_APPLICATION_ID, - NETSNMP_DS_AGENT_LEAVE_PIDFILE); -+ netsnmp_ds_register_config(ASN_INTEGER, app, "maxGetbulkRepeats", -+ NETSNMP_DS_APPLICATION_ID, -+ NETSNMP_DS_AGENT_MAX_GETBULKREPEATS); -+ netsnmp_ds_register_config(ASN_INTEGER, app, "maxGetbulkResponses", -+ NETSNMP_DS_APPLICATION_ID, -+ NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES); - netsnmp_init_handler_conf(); - - #include "agent_module_dot_conf.h" diff --git a/net-mgmt/net-snmp-devel/files/patch-agent.xs b/net-mgmt/net-snmp-devel/files/patch-agent.xs deleted file mode 100644 index 2bb65138f79c..000000000000 --- a/net-mgmt/net-snmp-devel/files/patch-agent.xs +++ /dev/null @@ -1,49 +0,0 @@ ---- perl/agent/agent.xs.old Fri May 26 15:16:45 2006 -+++ perl/agent/agent.xs Mon Mar 5 13:42:35 2007 -@@ -18,9 +18,9 @@ - } handler_cb_data; - - typedef struct netsnmp_oid_s { -- unsigned int *name; -- unsigned int len; -- unsigned int namebuf[ MAX_OID_LEN ]; -+ oid *name; -+ size_t len; -+ oid namebuf[ MAX_OID_LEN ]; - } netsnmp_oid; - - static int have_done_agent = 0; -@@ -569,7 +569,7 @@ - arg = newSVrv(rarg, "netsnmp_oidPtr"); - sv_setiv(arg, (IV) o); - -- XPUSHs(rarg); -+ XPUSHs(sv_2mortal(rarg)); - - PUTBACK; - i = perl_call_pv("NetSNMP::OID::newwithptr", G_SCALAR); -@@ -608,7 +608,7 @@ - arg = newSVrv(rarg, "netsnmp_oidPtr"); - sv_setiv(arg, (IV) o); - -- XPUSHs(rarg); -+ XPUSHs(sv_2mortal(rarg)); - - PUTBACK; - i = perl_call_pv("NetSNMP::OID::newwithptr", G_SCALAR); -@@ -997,11 +997,13 @@ - rarg = newSViv(0); - arg = newSVrv(rarg, "NetSNMP::agent::netsnmp_request_infoPtr"); - sv_setiv(arg, (IV) request); -- ST(0) = rarg; -+ RETVAL = rarg; - } else { -- ST(0) = &sv_undef; -+ RETVAL = &sv_undef; - } - } -+ OUTPUT: -+ RETVAL - - MODULE = NetSNMP::agent PACKAGE = NetSNMP::agent::netsnmp_agent_request_info PREFIX = narqi_ - diff --git a/net-mgmt/net-snmp-devel/files/patch-memory_freebsd2.c b/net-mgmt/net-snmp-devel/files/patch-memory_freebsd2.c deleted file mode 100644 index 310cad53506e..000000000000 --- a/net-mgmt/net-snmp-devel/files/patch-memory_freebsd2.c +++ /dev/null @@ -1,11 +0,0 @@ ---- agent/mibgroup/ucd-snmp/memory_freebsd2.c Sat Mar 3 19:40:34 2007 -+++ agent/mibgroup/ucd-snmp/memory_freebsd2.c.orig Sat Mar 3 19:39:57 2007 -@@ -256,7 +256,7 @@ - - u_long phys_mem; - size_t phys_mem_size = sizeof(phys_mem); -- int phys_mem_mib[] = { CTL_HW, HW_USERMEM }; -+ int phys_mem_mib[] = { CTL_HW, HW_PHYSMEM }; - - #ifdef BUFSPACE_SYMBOL - long bufspace; diff --git a/net-mgmt/net-snmp-devel/files/patch-snmpUCDIPv6Domain.c b/net-mgmt/net-snmp-devel/files/patch-snmpUCDIPv6Domain.c index c36abaaba730..e871d417b40e 100644 --- a/net-mgmt/net-snmp-devel/files/patch-snmpUCDIPv6Domain.c +++ b/net-mgmt/net-snmp-devel/files/patch-snmpUCDIPv6Domain.c @@ -1,14 +1,14 @@ ---- snmplib/snmpUDPIPv6Domain.c.orig Sat Oct 16 03:52:29 2004 -+++ snmplib/snmpUDPIPv6Domain.c Mon Oct 25 09:28:10 2004 -@@ -104,13 +104,21 @@ +--- snmplib/snmpUDPIPv6Domain.c.orig 2007-08-20 17:06:42.000000000 +0900 ++++ snmplib/snmpUDPIPv6Domain.c 2007-12-21 09:58:31.316414938 +0900 +@@ -103,13 +103,21 @@ if (to == NULL) { return strdup("UDP/IPv6: unknown"); } else { - char addr[INET6_ADDRSTRLEN]; -- char tmp[INET6_ADDRSTRLEN + 8]; +- char tmp[INET6_ADDRSTRLEN + 18]; + char tmp[NI_MAXHOST]; -- sprintf(tmp, "UDP/IPv6: [%s]:%hd", +- sprintf(tmp, "UDP/IPv6: [%s]:%hu", - inet_ntop(AF_INET6, (void *) &(to->sin6_addr), addr, - INET6_ADDRSTRLEN), ntohs(to->sin6_port)); - return strdup(tmp); diff --git a/net-mgmt/net-snmp-devel/files/patch-snmp_agent.c b/net-mgmt/net-snmp-devel/files/patch-snmp_agent.c deleted file mode 100644 index a663a5576c56..000000000000 --- a/net-mgmt/net-snmp-devel/files/patch-snmp_agent.c +++ /dev/null @@ -1,10 +0,0 @@ ---- agent/snmp_agent.c.orig Thu Mar 17 17:17:43 2005 -+++ agent/snmp_agent.c Wed Nov 30 12:23:41 2005 -@@ -839,6 +839,7 @@ - ; - else if (hosts_ctl("snmpd", STRING_UNKNOWN, STRING_UNKNOWN, STRING_UNKNOWN)){ - snmp_log(allow_severity, "Connection from <UNKNOWN> (%s)\n", addr_string); -+ SNMP_FREE(addr_string); - addr_string = strdup("<UNKNOWN>"); - } else { - snmp_log(deny_severity, "Connection from <UNKNOWN> (%s) REFUSED\n", addr_string); |