[arch-commits] Commit in rsync/trunk (CVE-2014-2855.patch PKGBUILD rsyncd.service)
Pierre Schmitz
pierre at nymeria.archlinux.org
Thu Jul 3 18:34:41 UTC 2014
Date: Thursday, July 3, 2014 @ 20:34:41
Author: pierre
Revision: 216421
upgpkg: rsync 3.1.1-2
FS#41024 and FS#40598
Modified:
rsync/trunk/PKGBUILD
rsync/trunk/rsyncd.service
Deleted:
rsync/trunk/CVE-2014-2855.patch
---------------------+
CVE-2014-2855.patch | 83 --------------------------------------------------
PKGBUILD | 5 +--
rsyncd.service | 1
3 files changed, 3 insertions(+), 86 deletions(-)
Deleted: CVE-2014-2855.patch
===================================================================
--- CVE-2014-2855.patch 2014-07-03 18:11:06 UTC (rev 216420)
+++ CVE-2014-2855.patch 2014-07-03 18:34:41 UTC (rev 216421)
@@ -1,83 +0,0 @@
-From 0dedfbce2c1b851684ba658861fe9d620636c56a Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayned at samba.org>
-Date: Sun, 13 Apr 2014 13:44:58 -0700
-Subject: [PATCH] Avoid infinite wait reading secrets file.
-
----
- authenticate.c | 24 +++++++++++++-----------
- 1 files changed, 13 insertions(+), 11 deletions(-)
-
-diff --git a/authenticate.c b/authenticate.c
-index 3381b8c..c92746c 100644
---- a/authenticate.c
-+++ b/authenticate.c
-@@ -102,15 +102,16 @@ static const char *check_secret(int module, const char *user, const char *group,
- char pass2[MAX_DIGEST_LEN*2];
- const char *fname = lp_secrets_file(module);
- STRUCT_STAT st;
-- int fd, ok = 1;
-+ int ok = 1;
- int user_len = strlen(user);
- int group_len = group ? strlen(group) : 0;
- char *err;
-+ FILE *fh;
-
-- if (!fname || !*fname || (fd = open(fname, O_RDONLY)) < 0)
-+ if (!fname || !*fname || (fh = fopen(fname, "r")) == NULL)
- return "no secrets file";
-
-- if (do_fstat(fd, &st) == -1) {
-+ if (do_fstat(fileno(fh), &st) == -1) {
- rsyserr(FLOG, errno, "fstat(%s)", fname);
- ok = 0;
- } else if (lp_strict_modes(module)) {
-@@ -123,29 +124,30 @@ static const char *check_secret(int module, const char *user, const char *group,
- }
- }
- if (!ok) {
-- close(fd);
-+ fclose(fh);
- return "ignoring secrets file";
- }
-
- if (*user == '#') {
- /* Reject attempt to match a comment. */
-- close(fd);
-+ fclose(fh);
- return "invalid username";
- }
-
- /* Try to find a line that starts with the user (or @group) name and a ':'. */
- err = "secret not found";
-- while ((user || group) && read_line_old(fd, line, sizeof line, 1)) {
-- const char **ptr, *s;
-+ while ((user || group) && fgets(line, sizeof line, fh) != NULL) {
-+ const char **ptr, *s = strtok(line, "\n\r");
- int len;
-- if (*line == '@') {
-+ if (!s)
-+ continue;
-+ if (*s == '@') {
- ptr = &group;
- len = group_len;
-- s = line+1;
-+ s++;
- } else {
- ptr = &user;
- len = user_len;
-- s = line;
- }
- if (!*ptr || strncmp(s, *ptr, len) != 0 || s[len] != ':')
- continue;
-@@ -158,7 +160,7 @@ static const char *check_secret(int module, const char *user, const char *group,
- *ptr = NULL; /* Don't look for name again. */
- }
-
-- close(fd);
-+ fclose(fh);
-
- memset(line, 0, sizeof line);
- memset(pass2, 0, sizeof pass2);
---
-1.7.0.4
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-07-03 18:11:06 UTC (rev 216420)
+++ PKGBUILD 2014-07-03 18:34:41 UTC (rev 216421)
@@ -2,7 +2,7 @@
pkgname=rsync
pkgver=3.1.1
-pkgrel=1
+pkgrel=2
pkgdesc="A file transfer program to keep remote files in sync"
arch=('i686' 'x86_64')
url="http://rsync.samba.org/"
@@ -17,7 +17,7 @@
'SKIP'
'bce64d122a8e0f86872a4a21a03bc7f3'
'ea3e9277dc908bc51f9eddc0f6b935c1'
- '084140868d38cf3e937a2db716d47c0f'
+ 'f90ba7f3717028769d6f230a2402b5aa'
'ae4c381e0c02d6132c7f6ded3f473041'
'53f94e613e0bc502d38dd61bd2cd7636')
@@ -25,7 +25,6 @@
cd "$srcdir/$pkgname-$pkgver"
./configure --prefix=/usr \
--with-included-popt=no \
- --with-included-zlib=no \
--disable-debug
make
}
Modified: rsyncd.service
===================================================================
--- rsyncd.service 2014-07-03 18:11:06 UTC (rev 216420)
+++ rsyncd.service 2014-07-03 18:34:41 UTC (rev 216421)
@@ -1,5 +1,6 @@
[Unit]
Description=A file transfer program to keep remote files in sync
+After=network.target
[Service]
ExecStart=/usr/bin/rsync --daemon --no-detach
More information about the arch-commits
mailing list