5 files changed, 329 insertions, 29 deletions

diff --git a/security/tripwire/Makefile b/security/tripwire/Makefile
index 070bc8b1ceb8..7c2c4ed201c3 100644
--- a/security/tripwire/Makefile
+++ b/security/tripwire/Makefile
@@ -20,30 +20,38 @@ NO_PACKAGE=	"requires local database to be built"
 RESTRICTED=	"contains crypto class algorithms"
 
 post-extract:
-	@ (cd ${WRKDIR}; tar xf T1.2.tar)
+	@ (cd ${WRKDIR}; tar xpf T1.2.tar)
+
+post-patch:
+	@${PERL} -pi -e 's|/secureplace/bin|${PREFIX}/bin|g;' \
+		-e 's|/usr/man|${PREFIX}/man|g;' ${WRKSRC}/Makefile
 
 pre-configure:
 	@ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
-	@ ${CP} ${FILESDIR}/tw.conf.freebsd2 ${WRKSRC}/configs/tw.conf.freebsd2
+	@ ${SED} s%/kernel%`sysctl -bn kern.bootfile`% \
+		< ${FILESDIR}/tw.conf.freebsd2 \
+		> ${WRKSRC}/configs/tw.conf.freebsd2
 
 post-install:
 	@ ${MKDIR} /var/adm/tcheck
 	@ ${CP} ${FILESDIR}/tw.conf.freebsd2 /var/adm/tcheck/tw.config
-	@ ${ECHO} Creating tripwire database
+	# Creating tripwire database
 	@ (cd /var/adm/tcheck; tripwire -initialize)
 .if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES
+	# preparing the floppy
 	@ disklabel -w -B /dev/rfd0c fd1440
 	@ newfs -u 0 -t 0 -i 196608 -m 0 -T minimum -o space /dev/rfd0c
-	@ mount /dev/fd0c /mnt
-	@ ${GZIP_CMD} < ${PREFIX}/bin/tripwire > /mnt/tripwire
+	mount /dev/fd0c /mnt
+	# transferring things to the floppy
 	@ ${CP} -p /var/adm/tcheck/tw.config /mnt/tw.config
 	@ ${GZIP_CMD} < /var/adm/tcheck/databases/tw.db_`hostname` \
 		> /mnt/tw.db_`hostname`.gz
-	@ ${CP} -p ${FILESDIR}/twcheck /mnt/twcheck
-	@ ${GZIP_CMD} < /usr/bin/gunzip > /mnt/gunzip
+	@ ${CP} -p ${FILESDIR}/twcheck /usr/bin/gunzip \
+			${PREFIX}/bin/tripwire \
+		/mnt/
 	@ ${CHMOD} 555 /mnt/tripwire /mnt/gunzip /mnt/twcheck
 	@ umount /mnt
-	@ ${ECHO} Do not forget to remove and write-protect the floppy.
+	# Do not forget to remove and write-protect the floppy.
 .endif
 
 .include <bsd.port.mk>
diff --git a/security/tripwire/files/patch-ab b/security/tripwire/files/patch-ab
index b7db1c46c099..7dcf3348984f 100644
--- a/security/tripwire/files/patch-ab
+++ b/security/tripwire/files/patch-ab
@@ -1,28 +1,23 @@
-*** Makefile.orig	Mon Jul 25 10:59:41 1994
+*** Makefile	Mon Jul 25 10:59:41 1994
 --- Makefile	Thu Jan  2 12:04:35 1997
 ***************
-*** 12,21 ****
-  ###
-  
-  # destination directory for final executables
-! DESTDIR = /secureplace/bin
-  
-  # destination for man pages
-! MANDIR  = /usr/man
-  
-  # system utilities
-  LEX	= lex
---- 12,21 ----
-  ###
-  
-  # destination directory for final executables
-! DESTDIR = /usr/local/bin
+*** 34,36 ****
+  # you can use ANSI C if you like, but K&R is equally fine.
+! CC     = cc			# common
+  #CC     = gcc			# also common
+--- 34,36 ----
+  # you can use ANSI C if you like, but K&R is equally fine.
+! #CC     = cc			# common
+  #CC     = gcc			# also common
+***************
+*** 38,40 ****
   
-  # destination for man pages
-! MANDIR  = /usr/local/man
+! CFLAGS = -O			# common 
+  #CFLAGS = -g 			# common 
+--- 38,40 ----
   
-  # system utilities
-  LEX	= lex
+! #CFLAGS = -O			# common 
+  #CFLAGS = -g 			# common 
 ***************
 *** 60,66 ****
   #CPP	= /lib/cpp		# on older systems
@@ -41,3 +36,27 @@
   #LDFLAGS= -non_shared		# OSF/1
   #LDFLAGS= -Bstatic		# SunOS 4 (cannot statically link tripwire
                             	#          on Solaris 2.3)
+
+
+--- src/Makefile.orig	Mon Jul 25 10:40:54 1994
++++ src/Makefile	Sun May 28 15:52:25 2000
+@@ -3,7 +3,7 @@
+ # 	Tripwire build
+ #
+ 
+-CFLAGS = -O
++#CFLAGS = -O
+ 
+ OFILES = 	config.parse.o main.o list.o ignorevec.o dbase.build.o \
+ 		utils.o preen.o preen.interp.o preen.report.o \
+@@ -103,8 +103,9 @@
+ .c.o:
+ 	$(CC) $(CFLAGS) -c $<
+ 
+-install:	tripwire
++install:	tripwire siggen
+ 	$(INSTALL) tripwire $(DESTDIR)
++	$(INSTALL) siggen $(DESTDIR)
+ 
+ clean:
+ 	-rm -f $(OFILES) config.lex.c config.pre.c y.tab.c lex.yy.c help.c \
diff --git a/security/tripwire/files/patch-mktemp b/security/tripwire/files/patch-mktemp
new file mode 100644
index 000000000000..3e871d4b6e5b
--- /dev/null
+++ b/security/tripwire/files/patch-mktemp
@@ -0,0 +1,239 @@
+This patches replace all uses of the (potentially insecure) mktemp(3)
+with a much safer tmpfile(3).
+
+--- src/config.parse.c	Wed Jul 20 21:03:26 1994
++++ src/config.parse.c	Wed May 17 17:30:22 2000
+@@ -55,7 +55,6 @@
+ #endif
+ 
+ /* prototypes */
+-char *mktemp();
+ static void configfile_descend();
+ 
+ #ifndef L_tmpnam
+@@ -86,7 +85,6 @@
+     char	ignorestring[1024];
+     char	s[MAXPATHLEN+1024];
+     char	configfile[MAXPATHLEN+512];
+-    char	*tmpfilename;
+     char	number[128];
+     int		entrynum = 0;
+     int		err;
+@@ -98,18 +96,6 @@
+     if (!printpreprocess && !quietmode)
+ 	fputs("### Phase 1:   Reading configuration file\n", stderr);
+ 
+-    /* generate temporary file name */
+-    if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) {
+-	perror("configfile_read: malloc()");
+-	exit(1);
+-    };
+-    (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
+-
+-    if ((char *) mktemp(tmpfilename) == NULL) {
+-	perror("configfile_read: mktemp()");
+-	exit(1);
+-    }
+-
+     /* generate configuration file name */
+     if (specified_configmode != SPECIFIED_FILE)
+ 	sprintf(configfile, "%s/%s", config_path, config_file);
+@@ -149,25 +135,17 @@
+ 
+     err = umask(077);  /* to protect the tempfile */
+ 
+-    if ((fpout = fopen(tmpfilename, "w+")) == NULL) {
+-	sprintf(s, "tripwire: Couldn't open config file '%s'", configfile);
+-	perror(s);
+-	exit(1);
+-    }
+-    (void) umask(err);  /* return it to its former state */
+-
+-    /* The following unlink accomplishes two things:
++    /* The use of tmpfile(3) accomplishes two things:
+      *  1) if the program terminates, we won't leave a temp
+      *     file sitting around with potentially sensitive names
+      *     in it.
+      *  2) the file is "hidden" while we run
+      */
+-    if (unlink(tmpfilename) < 0) {
+-      	perror("configfile_read: unlink()");
++    if ((fpout = tmpfile()) == NULL) {
++	perror("tmpfile");
+ 	exit(1);
+     }
+-    free(tmpfilename);
+-
++    (void) umask(err);  /* return it to its former state */
+ 
+     /*
+      * pass 0: preprocess file
+--- src/dbase.build.c	Mon Jul 25 11:24:09 1994
++++ src/dbase.build.c	Wed May 17 18:22:14 2000
+@@ -66,7 +66,6 @@
+ int files_scanned_num = 0;
+ 
+ /* prototypes */
+-char *mktemp();
+ static void database_record_write();
+ 
+ char backupfile[MAXPATHLEN+256];
+@@ -125,17 +124,7 @@
+ 
+     /* where do we write the new database? */
+     if (mode == DBASE_TEMPORARY) {
+-	char *tmpfilename = (char *) malloc(strlen(TEMPFILE_TEMPLATE)+1);
+-	if (tmpfilename == NULL)
+-	    die_with_err("malloc() failed in database_build", (char *) NULL);
+-	(void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
+-
+-	if ((char *) mktemp(tmpfilename) == NULL)
+-	    die_with_err("database_build: mktemp()", (char *) NULL);
+-
+-	(void) strcpy(tempdatabase_file, tmpfilename);
+-	(void) strcpy(database, tempdatabase_file);
+-	free(tmpfilename);
++	/* do nothing */
+     }					/* end if temporary database */
+     else if (mode == DBASE_UPDATE) {
+ 	sprintf(database, "./databases/%s", database_file);
+@@ -224,6 +213,12 @@
+     }
+ 
+     /* rebuild the database */
++    if (mode == DBASE_TEMPORARY) {
++	fpw = tmpfile();
++	if (fpw == NULL)
++	    die_with_err("call tmpfile(3) failed. Check your TMPDIR setting",
++		NULL);
++    } else
+     if ((fpw = fopen(database, "w")) == NULL)
+ 	die_with_err("Hint: Maybe the database directory '%s' doesn't exist?  fopen()", database);
+ 
+@@ -369,6 +364,6 @@
+ 
+-    /* we don't want to allow anyone to spoof the temporary file in /tmp */
++    /* if the database was temporary, the file was opened by tmpfile(3) --
++       as such, it can not be accessed by anything but this process */
+     if (mode == DBASE_TEMPORARY) {
+-	if ((fptempdbase = freopen(database, "r", fpw)) == NULL)
+-	    die_with_err("temporary database file disappeared?!?", database);
++	fptempdbase = fpw;
+ 	rewind(fptempdbase);
+--- src/main.c	Fri Aug 26 04:23:03 1994
++++ src/main.c	Wed May 17 18:01:00 2000
+@@ -108,7 +108,6 @@
+ char *database_path = DATABASE_PATH;
+ char *config_path = CONFIG_PATH;
+ 
+-char tempdatabase_file[MAXPATHLEN+256];
+ FILE *fptempdbase;
+ 
+ char *defaultignore = DEFAULTIGNORE;
+--- src/preen.c	Mon Jul 25 11:24:11 1994
++++ src/preen.c	Wed May 17 18:22:22 2000
+@@ -37,7 +37,6 @@
+ static int numentriesread = 0;		/* running count of @@contents */
+ 
+ /* prototypes */
+-char *mktemp();
+ static void olddbasefile_load();
+ 
+ char *updatemodes[] = {
+@@ -97,9 +96,6 @@
+     preen_report(interactive, ppp_updateentries);
+     if (!specified_configmode)
+ 	(void) fclose(fp_in);
+-
+-    /* remove the temporary database file */
+-    (void) unlink(tempdatabase_file);
+ 
+     SPDEBUG(3) printf("*** leaving update_gather()\n");
+ 
+--- src/siggen.c	Mon Jul 25 11:24:12 1994
++++ src/siggen.c	Wed May 17 18:36:51 2000
+@@ -52,7 +52,6 @@
+ 
+ extern int optind;
+ int debuglevel = 0;
+-char *mktemp();
+ 
+ int (*pf_signatures [NUM_SIGS]) () = {
+ 					SIG0FUNC,
+@@ -84,7 +83,6 @@
+ 			   };
+ int verbosity = 0;
+ int quietmode = 0;
+-char *tmpfilename = NULL;
+ int readstdin = 0;
+ 
+ 
+@@ -167,19 +167,6 @@
+ 	FILE *fpout;
+-	/* generate temporary file name */
+-	if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) {
+-	    perror("main: malloc()");
+-	    exit(1);
+-	};
+-	(void) strcpy(tmpfilename, "/tmp/twzXXXXXX");
+-
+-	if ((char *) mktemp(tmpfilename) == NULL) {
+-	    perror("siggen: mktemp()");
+-	    exit(1);
+-	}
+ 
+ 	/*  output */
+-	if (!(fpout = fopen(tmpfilename, "w"))) {
+-	    char err[1024];
+-	    sprintf(err, "main: fopen(%s)", tmpfilename);
+-	    perror(err);
++	if (!(fpout = tmpfile())) {
++	    perror("tmpfile()");
+ 	    exit(1);
+@@ -189,12 +176,6 @@
+ 	    putc(c, fpout);
+-	fclose(fpout);
+-	if ((fd = open(tmpfilename, O_RDONLY)) < 0) {
+-	    perror("siggen: open");
+-	    exit(1);
+-	}
+-	if (siggen(fd) < 0)
++	rewind(fpout);
++	if (siggen(fileno(fpout)) < 0)
+ 	    errors++;
+ 
+-	if (fd)
+-	    close(fd);
++	close(fd);
+-	unlink(tmpfilename);
+--- src/utils.c	Mon Jul 25 12:23:16 1994
++++ src/utils.c	Wed May 17 18:21:38 2000
+@@ -785,23 +785,15 @@
+ int
+ fd_tempfilename_generate()
+ {
+-    char tmp[MAXPATHLEN+256];
+-    int fd;
++    FILE *tmp;
+ 
+-    (void) strcpy(tmp, TEMPFILE_TEMPLATE);
+-    if ((char *) mktemp(tmp) == NULL) {
+-	perror("tempfilename_generate: mktemp()");
++    tmp = tmpfile();
++    if (tmp == NULL) {
++	perror("tempfilename_generate: tmpfile()");
+ 	exit(1);
+     }
+ 
+-    if ((fd = open(tmp, O_RDWR | O_CREAT, 0600)) < 0) {
+-	perror("tempfilename_generate: open()");
+-	exit(1);
+-    }
+-    /* unlink right away to make sure no one can tamper with our file */
+-    unlink(tmp);
+-
+-    return fd;
++    return fileno(tmp);
+ }
+ 
+ /*
diff --git a/security/tripwire/files/patch-warnings b/security/tripwire/files/patch-warnings
new file mode 100644
index 000000000000..ddd14eff68c6
--- /dev/null
+++ b/security/tripwire/files/patch-warnings
@@ -0,0 +1,33 @@
+This patches remove some of the warnings produced by the compiler.
+
+--- src/siggen.c	Mon Jul 25 11:24:12 1994
++++ src/siggen.c	Wed May 17 19:15:29 2000
+@@ -15,2 +15,3 @@
+ #include "../include/config.h"
++#include <unistd.h>
+ #include <stdio.h>
+@@ -104,4 +104,6 @@
++
++/* forward declaration, to avoid compiler warnings */
++int siggen(int);
+ 
+ int
+ main(argc, argv)
+--- aux/byteorder.c	Fri Jul 15 07:02:36 1994
++++ aux/byteorder.c	Wed May 17 19:12:42 2000
+@@ -22,3 +22,3 @@
+ 
+-void
++int
+ main()
+@@ -34,2 +34,3 @@
+ 
++#warning "the shift-width warning below can be ignored"
+     if (sizeof(int32) > 4)
+--- aux/types.c	Sun Dec 12 23:02:27 1993
++++ aux/types.c	Wed May 17 19:23:21 2000
+@@ -24,3 +24,3 @@
+ 
+-void
++int
+ main(argc, argv)
diff --git a/security/tripwire/pkg-plist b/security/tripwire/pkg-plist
index 8d1eef3d62d7..f34115341fbe 100644
--- a/security/tripwire/pkg-plist
+++ b/security/tripwire/pkg-plist
@@ -1 +1,2 @@
+bin/siggen
 bin/tripwire