diff options
| author | rafan <rafan@FreeBSD.org> | 2006-09-18 22:15:22 +0800 |
|---|---|---|
| committer | rafan <rafan@FreeBSD.org> | 2006-09-18 22:15:22 +0800 |
| commit | 205166c8a8ec174e6241bfa4a2fbd7aed4f3a6fb (patch) | |
| tree | c907648099106e54fb729c70dc726923dc3be128 | |
| parent | 80a6f8941ea98d589695e9cceb4e42014fbb517e (diff) | |
| download | freebsd-ports-gnome-205166c8a8ec174e6241bfa4a2fbd7aed4f3a6fb.tar.gz freebsd-ports-gnome-205166c8a8ec174e6241bfa4a2fbd7aed4f3a6fb.tar.zst freebsd-ports-gnome-205166c8a8ec174e6241bfa4a2fbd7aed4f3a6fb.zip | |
- Fix race condition and DoS in rc script.
These fixes are similar to mail/dkfilter, see ports/103344.
PR: ports/103346
Submitted by: Yoshisato YANAGISAWA <yanagisawa at csg.is.titech.ac.jp> (maintainer)
| -rw-r--r-- | mail/dkimproxy/Makefile | 1 | ||||
| -rw-r--r-- | mail/dkimproxy/files/dkimproxy_in.in | 23 | ||||
| -rw-r--r-- | mail/dkimproxy/files/dkimproxy_out.in | 23 |
3 files changed, 35 insertions, 12 deletions
diff --git a/mail/dkimproxy/Makefile b/mail/dkimproxy/Makefile index 3fb7f61f278e..1d8776d32569 100644 --- a/mail/dkimproxy/Makefile +++ b/mail/dkimproxy/Makefile @@ -7,6 +7,7 @@ PORTNAME= dkimproxy PORTVERSION= 0.13 +PORTREVISION= 1 CATEGORIES= mail MASTER_SITES= http://jason.long.name/dkimproxy/ diff --git a/mail/dkimproxy/files/dkimproxy_in.in b/mail/dkimproxy/files/dkimproxy_in.in index e78554e4d9d3..a41010772f6f 100644 --- a/mail/dkimproxy/files/dkimproxy_in.in +++ b/mail/dkimproxy/files/dkimproxy_in.in @@ -42,19 +42,30 @@ dkimproxy_in_start() logger -t ${name} "Starting ${name}" touch ${dkimproxy_in_pidfile} chown ${dkimproxy_in_user} ${dkimproxy_in_pidfile} - logfile=`mktemp /tmp/${name}.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX` + tmpfile=`mktemp /tmp/${name}.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX` su -m ${dkimproxy_in_user} -c "daemon -c -p ${dkimproxy_in_pidfile} \ %%PREFIX%%/bin/dkimproxy.in ${dkimproxy_in_flags}" \ - > /dev/null 2> ${logfile} - sleep 1 # XXX: wait until dkimproxy start. - logger -t ${name} "`cat ${logfile}`" - err=`grep Error ${logfile}` + > /dev/null 2> ${tmpfile} + # wait until dkimproxy start. + while true + do + filesize=`ls -l ${tmpfile}|awk '{print $5}'` + if [ ${filesize} -gt 0 ]; then + break + fi + done + + logger -t ${name} "`cat ${tmpfile}`" + err=`grep Error ${tmpfile}` if [ "${err}" ]; then echo "Failed to start ${name}." echo "${err}" rm -f ${dkimproxy_in_pidfile} + else + # To prevent DoS attack by dkimproxy_in_user. + chown root:wheel ${dkimproxy_in_pidfile} fi - rm -f ${logfile} + rm -f ${tmpfile} } dkimproxy_in_stop() diff --git a/mail/dkimproxy/files/dkimproxy_out.in b/mail/dkimproxy/files/dkimproxy_out.in index c05aafd7e1dd..110477c2edbb 100644 --- a/mail/dkimproxy/files/dkimproxy_out.in +++ b/mail/dkimproxy/files/dkimproxy_out.in @@ -47,19 +47,30 @@ dkimproxy_out_start() logger -t ${name} "Starting ${name}" touch ${dkimproxy_out_pidfile} chown ${dkimproxy_out_user} ${dkimproxy_out_pidfile} - logfile=`mktemp /tmp/${name}.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX` + tmpfile=`mktemp /tmp/${name}.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX` su -m ${dkimproxy_out_user} -c "daemon -c -p ${dkimproxy_out_pidfile} \ %%PREFIX%%/bin/dkimproxy.out ${dkimproxy_out_flags}" \ - > /dev/null 2> ${logfile} - sleep 1 # XXX: wait until dkimproxy start. - logger -t ${name} "`cat ${logfile}`" - err=`grep Error ${logfile}` + > /dev/null 2> ${tmpfile} + # wait until dkimproxy start. + while true + do + filesize=`ls -l ${tmpfile}|awk '{print $5}'` + if [ ${filesize} -gt 0 ]; then + break + fi + done + + logger -t ${name} "`cat ${tmpfile}`" + err=`grep Error ${tmpfile}` if [ "${err}" ]; then echo "Failed to start ${name}." echo "${err}" rm -f ${dkimproxy_out_pidfile} + else + # To prevent DoS attack by dkimproxy_out_user. + chown root:wheel ${dkimproxy_out_pidfile} fi - rm -f ${logfile} + rm -f ${tmpfile} } dkimproxy_out_stop() |