diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-01-17 09:32:50 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-01-17 10:16:13 +0000 |
commit | 312752b5bd8f457730afa421330dff5da25f8faa (patch) | |
tree | 470bb3fdafe25d2699058c47ce2e4bc983b983dc /main/heimdal/heimdal-remove-broken-auth.patch | |
parent | ccb7d652b8d2158e10c83f443f3fdc3d434be44a (diff) | |
download | aports-312752b5bd8f457730afa421330dff5da25f8faa.tar.bz2 aports-312752b5bd8f457730afa421330dff5da25f8faa.tar.xz |
main/heimdal: upgrade to 7.1.0
Diffstat (limited to 'main/heimdal/heimdal-remove-broken-auth.patch')
-rw-r--r-- | main/heimdal/heimdal-remove-broken-auth.patch | 163 |
1 files changed, 0 insertions, 163 deletions
diff --git a/main/heimdal/heimdal-remove-broken-auth.patch b/main/heimdal/heimdal-remove-broken-auth.patch deleted file mode 100644 index 97e272bd06..0000000000 --- a/main/heimdal/heimdal-remove-broken-auth.patch +++ /dev/null @@ -1,163 +0,0 @@ ---- appl/rsh/rsh.c.orig -+++ b/appl/rsh/rsh.c -@@ -399,6 +399,8 @@ - - #endif /* KRB5 */ - -+#ifdef BROKEN_AUTH -+ - static int - send_broken_auth(int s, - struct sockaddr *thisaddr, -@@ -428,6 +430,8 @@ - return 0; - } - -+#endif /* BROKEN_AUTH */ -+ - static int - proto (int s, int errsock, - const char *hostname, const char *local_user, const char *remote_user, -@@ -629,6 +633,8 @@ - return res; - } - -+#ifdef BROKEN_AUTH -+ - static int - doit_broken (int argc, - char **argv, -@@ -702,6 +708,8 @@ - } - } - -+#endif -+ - #if defined(KRB5) - static int - doit (const char *hostname, -@@ -796,7 +804,9 @@ - { "protocol", 'P', arg_string, &protocol_version_str, - "Protocol version [krb5]", "protocol" }, - #endif -+#ifdef BROKEN_AUTH - { "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" }, -+#endif - #if defined(KRB5) - { "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" }, - { NULL, 'z', arg_negative_flag, &do_encrypt, -@@ -831,8 +841,10 @@ - int - main(int argc, char **argv) - { -+#ifdef BROKEN_AUTH - int priv_port1, priv_port2; - int priv_socket1, priv_socket2; -+#endif - int argindex = 0; - int error; - struct addrinfo hints, *ai; -@@ -848,9 +860,11 @@ - #endif - uid_t uid; - -+#ifdef BROKEN_AUTH - priv_port1 = priv_port2 = IPPORT_RESERVED-1; - priv_socket1 = rresvport(&priv_port1); - priv_socket2 = rresvport(&priv_port2); -+#endif - uid = getuid (); - if (setuid (uid) || (uid != 0 && setuid(0) == 0)) - err (1, "setuid"); -@@ -907,6 +921,7 @@ - - #endif - -+#ifdef BROKEN_AUTH - if (use_only_broken) { - #ifdef KRB5 - use_v5 = 0; -@@ -918,6 +933,7 @@ - errx (1, "unable to bind reserved port: is rsh setuid root?"); - use_broken = 0; - } -+#endif - - #if defined(KRB5) - if (do_encrypt == 1 && use_only_broken) -@@ -956,8 +972,10 @@ - } - - if (argindex == argc) { -+#ifdef BROKEN_AUTH - close (priv_socket1); - close (priv_socket2); -+#endif - argv[0] = "rlogin"; - execvp ("rlogin", argv); - err (1, "execvp rlogin"); -@@ -1004,6 +1022,7 @@ - freeaddrinfo(ai); - } - #endif -+#ifdef BROKEN_AUTH - if (ret && use_broken) { - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; -@@ -1027,6 +1046,7 @@ - cmd, cmd_len); - freeaddrinfo(ai); - } -+#endif - free(cmd); - return ret; - } ---- appl/rsh/rshd.c.orig -+++ b/appl/rsh/rshd.c -@@ -131,6 +131,7 @@ - fatal(s, NULL, "%s too long", expl); - } - -+#ifdef BROKEN_AUTH - static int - recv_bsd_auth (int s, u_char *buf, - struct sockaddr_in *thisaddr, -@@ -152,6 +153,7 @@ - fatal(s, NULL, "Login incorrect."); - return 0; - } -+#endif - - #ifdef KRB5 - static int -@@ -658,10 +660,11 @@ - /* - * we only do reserved port for IPv4 - */ -- -+#ifdef BROKEN_AUTH - if (erraddr->sa_family == AF_INET) - errsock = rresvport (&priv_port); - else -+#endif - errsock = socket (erraddr->sa_family, SOCK_STREAM, 0); - if (errsock < 0) - syslog_and_die ("socket: %s", strerror(errno)); -@@ -689,6 +692,7 @@ - syslog_and_die ("unrecognized auth protocol: %x %x %x %x", - buf[0], buf[1], buf[2], buf[3]); - } else { -+#ifdef BROKEN_AUTH - if(recv_bsd_auth (s, buf, - (struct sockaddr_in *)thisaddr, - (struct sockaddr_in *)thataddr, -@@ -702,6 +706,9 @@ - } - } else - syslog_and_die("recv_bsd_auth failed"); -+#else -+ syslog_and_die("recv_bsd_auth is disabled for security reasons"); -+#endif - } - - if (client_user == NULL || server_user == NULL || cmd == NULL) |