- Fix a crash when an invalid log file is specified.

- Add -u uid option to drop the root privilege.
- Add skkserv user and group.
- Display fatal error messages in mksock() even if debug=0.

6 files changed, 114 insertions, 14 deletions

diff --git a/GIDs b/GIDs
index a6b42d321e10..6cbe44e02457 100644
--- a/GIDs
+++ b/GIDs
@@ -134,6 +134,7 @@ callweaver:*:444:
 courier:*:465:
 _bbstored:*:505:
 radmind:*:506:
+skkserv:*:507:
 nullmail:*:522:
 dkimproxy:*:525:
 pgbouncer:*:534:
diff --git a/UIDs b/UIDs
index 011a129e8a60..c7c7e3a108d1 100644
--- a/UIDs
+++ b/UIDs
@@ -143,6 +143,7 @@ callweaver:*:444:444::0:0:Callweaver account:/var/lib/callweaver:/usr/sbin/nolog
 courier:*:465:465::0:0:Courier Mail Server:/nonexistent:/usr/sbin/nologin
 _bbstored:*:505:505::0:0:BoxBackup Store Daemon:/nonexistent:/bin/sh
 radmind:*:506:506::0:0:radmind User:/var/radmind:/usr/sbin/nologin
+skkserv:*:507:507::0:0:skkserv User:/nonexistent:/usr/sbin/nologin
 nullmail:*:522:522::0:0:Nullmailer Mail System:/var/spool/nullmailer:/bin/sh
 dkimproxy:*:525:525::0:0:DKIM Proxy Owner:/nonexistent:/usr/sbin/nologin
 pgbouncer:*:534:534::0:0:Pgbouncer Daemon:/nonexistent:/usr/sbin/nologin
diff --git a/japanese/skkserv/Makefile b/japanese/skkserv/Makefile
index f215cc4e1a84..32e07c05ec13 100644
--- a/japanese/skkserv/Makefile
+++ b/japanese/skkserv/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	skkserv
 PORTVERSION=	9.6
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	japanese
 MASTER_SITES=	${MASTER_SITE_PORTS_JP}
 DISTNAME=	skk${PORTVERSION}
@@ -23,6 +23,8 @@ GNU_CONFIGURE=	yes
 MAKE_ARGS=	SUBDIRS='skkserv'
 CONFIGURE_ARGS+=	--with-jisyo=${SKKJISYO} --libexecdir=${PREFIX}/sbin
 PLIST_FILES=	sbin/skkserv
+USERS=		skkserv
+GROUPS=		skkserv
 
 SKKJISYO_SIZE?=	L
 SKKJISYO?=	SKK-JISYO.${SKKJISYO_SIZE}
diff --git a/japanese/skkserv/files/patch-skkserv.c b/japanese/skkserv/files/patch-skkserv.c
index 92b3ad6e203a..665b8d8e3f3a 100644
--- a/japanese/skkserv/files/patch-skkserv.c
+++ b/japanese/skkserv/files/patch-skkserv.c
@@ -1,18 +1,65 @@
 --- skkserv/skkserv.c.orig	1997-01-21 04:16:36.000000000 +0900
-+++ skkserv/skkserv.c	2011-07-02 22:05:16.000000000 +0900
-@@ -124,6 +124,8 @@
++++ skkserv/skkserv.c	2011-07-02 23:48:44.000000000 +0900
+@@ -102,6 +102,8 @@
+ 
+ #define err(m)	\
+ 	{if (debug) fprintf(errout, "%s: %s\n", pgmnm, m); exit(1);}
++#define nderr(m)	\
++	{fprintf(errout, "%s: %s\n", pgmnm, m); exit(1);}
+ 
+ /*
+  *	Global Variables
+@@ -124,18 +126,25 @@
  int	clientsock[MAXCLNT];	/* socket for each client */
  int	nclients;	/* max index for active clients */
  
 +char	listenaddr[NI_MAXHOST];
++uid_t	uid;
++gid_t	gid;
 +
  main(argc, argv)
  char *argv[];
  {
-@@ -166,6 +168,12 @@
+   int	parg;
+   int	setjisho = 0;
+   int	ctlterm;	/* fildes for control terminal */
++  struct passwd *pwent;
+   void	reread();
+ 
+   pgmnm = argv[0];
+   debug = 0;
+   errout = stderr;
+   portnum = 0;
++  uid = getuid();
++  gid = getgid();
+ 
+   /* The following patch (a work-around due to "rsh" bug) was pointed 	*/
+   /* out by kazushi@kubota.co.jp in the message "714" in SKK-ML		*/
+@@ -155,7 +164,7 @@
+ 	if (parg + 1 == argc) showusage();
+ 	if ((errout = fopen(argv[++parg], "w")) == NULL) {
+ 	  fprintf(stderr, "%s: opening logfile \"%s\" failed\n", 
+-		  pgmnm, *argv[parg]);
++		  pgmnm, argv[parg]);
+ 	  exit(1);
+ 	}
+ 	debug = 1; break;
+@@ -166,6 +175,24 @@
        case 'P': 
  	if (parg +1 == argc) showusage();
  	portnum = atoi(argv[++parg]); break;
++      case 'u':
++      case 'U': 
++	if (parg + 1 == argc) showusage();
++	pwent = getpwnam(argv[++parg]);
++	if (pwent == NULL) {
++    		fprintf(stderr, 
++	 	   "%s: invalid uid \"%s\"\n", pgmnm, argv[parg]);
++		exit(1);
++	}
++	uid = pwent->pw_uid;
++	gid = pwent->pw_gid;
++        break;
 +      case 'a':
 +      case 'A': 
 +	if (parg +1 == argc) showusage();
@@ -22,19 +69,39 @@
        default: showusage();
        }
      } else if (setjisho == 0) {
-@@ -232,9 +240,9 @@
+@@ -183,6 +210,17 @@
+     exit(1);
+   }
+ 
++  if (setgid(gid) == -1) {
++    fprintf(stderr, 
++	    "%s: setgid() failed\n", pgmnm);
++    exit(1);
++  }
++  if (setuid(uid) == -1) {
++    fprintf(stderr, 
++	    "%s: setuid() failed\n", pgmnm);
++    exit(1);
++  }
++
+   set_hname();
+ 
+   /* make socket */
+@@ -232,9 +270,11 @@
  showusage()
  {
    fprintf(stderr, 
 -	  "Usage: %s [-d] [-l logfile] [-p port] \n", pgmnm);
-+	  "Usage: %s [-d] [-l logfile] [-p port] [-a listenaddr]\n", pgmnm);
++	  "Usage: %s [-d] [-l logfile] [-p port] [-a listenaddr] [-u uid]\n",
++	  pgmnm);
    fprintf(stderr, 
 -	  "       %s [-d] [-l logfile] [-p port] skk-jisho\n", pgmnm);
-+	  "       %s [-d] [-l logfile] [-p port] [-a listenaddr] skk-jisho\n", pgmnm);
++	  "       %s [-d] [-l logfile] [-p port] [-a listenaddr] [-u uid]"
++	  " skk-jisho\n", pgmnm);
    exit(1);
  }
   
-@@ -249,7 +257,21 @@
+@@ -249,27 +289,41 @@
    
    bzero((char*)&sin, sizeof(sin));
    sin.sin_family = AF_INET;
@@ -47,7 +114,7 @@
 +		  struct in_addr  **pptr;
 +		  
 +		  if ((hp = gethostbyname(listenaddr)) == NULL) {
-+			  err("could not resolve the specified listen address");
++			  nderr("could not resolve the specified listen address");
 +		  }
 +		  pptr = (struct in_addr **)hp->h_addr_list;
 +		  memcpy(&sin.sin_addr.s_addr, pptr[0], sizeof(struct in_addr));
@@ -57,7 +124,32 @@
    if (portnum == 0) {
  #ifdef PORTNUM
      portnum = PORTNUM;
-@@ -382,6 +404,10 @@
+ #else
+     if ((sp = getservbyname(SERVICE_NAME, "tcp")) == NULL)
+-      err("service name is undefined in /etc/services file");
++      nderr("service name is undefined in /etc/services file");
+     portnum = ntohs(sp->s_port);
+ #endif
+   }
+   sin.sin_port = htons(portnum); 
+ 
+   if ((initsock = socket(PF_INET, SOCK_STREAM, 0)) < 0)
+-    err("socket error; socket cannot be created");
++    nderr("socket error; socket cannot be created");
+   if (setsockopt(initsock, SOL_SOCKET, SO_REUSEADDR, 
+ 		 &optbuf, sizeof(optbuf)) < 0)
+-    err("socket error; cannot set socket option");
++    nderr("socket error; cannot set socket option");
+   if (bind(initsock, (struct sockaddr *)&sin, sizeof(sin))< 0) 
+-    err("bind error; the socket is already used");
++    nderr("bind error; the socket is already used");
+   if (listen(initsock, MAXQUE) < 0) 
+-    err("listen error; something wrong happened with the socket");
++    nderr("listen error; something wrong happened with the socket");
+   if (debug) {
+     fprintf(errout, "file descriptor for initsock is %d\n", initsock);
+     fflush(errout);
+@@ -382,6 +436,10 @@
    code = KANA_END;
  
    while ((c = fgetc(jisho)) != EOF) {
@@ -68,7 +160,7 @@
      target = ((c & 0xff)<< 8) | (fgetc(jisho) & 0xff);
      if (target == STRMARK) {
        fgets(buf, BUFSIZE, jisho);
-@@ -476,7 +502,7 @@
+@@ -476,7 +534,7 @@
  
      if (FD_ISSET(initsock, &readfds)) {
        len = sizeof(from);
diff --git a/japanese/skkserv/files/patch-skkserv.h b/japanese/skkserv/files/patch-skkserv.h
index ae8375cca646..e6a6149ff668 100644
--- a/japanese/skkserv/files/patch-skkserv.h
+++ b/japanese/skkserv/files/patch-skkserv.h
@@ -1,5 +1,5 @@
 --- skkserv/skkserv.h.orig	1997-01-21 04:16:36.000000000 +0900
-+++ skkserv/skkserv.h	2008-11-01 23:53:43.000000000 +0900
++++ skkserv/skkserv.h	2011-07-02 23:07:17.000000000 +0900
 @@ -37,6 +37,8 @@
  /* Necessary for SunOS 3.x and maybe other old systems */
  
@@ -9,7 +9,7 @@
  
  #include	<sys/types.h>
  #ifdef HAVE_SYS_IOCTL_H
-@@ -44,6 +46,7 @@
+@@ -44,9 +46,11 @@
  #endif
  #include	<sys/socket.h>
  #include	<netinet/in.h>
@@ -17,3 +17,7 @@
  #include	<netdb.h>
  #include	<signal.h>
  #include	<errno.h>
++#include	<pwd.h>
+ 
+ #ifndef DEFAULT_JISYO
+ #define DEFAULT_JISYO 	"/usr/local/share/emacs/SKK-JISYO.L"	
diff --git a/japanese/skkserv/files/skkserv.sh.in b/japanese/skkserv/files/skkserv.sh.in
index ab94342e58cc..cf7e2aba557b 100644
--- a/japanese/skkserv/files/skkserv.sh.in
+++ b/japanese/skkserv/files/skkserv.sh.in
@@ -12,7 +12,7 @@ name=skkserv
 rcvar=`set_rcvar`
 command=%%PREFIX%%/sbin/skkserv
 
-: ${skkserv_flags:="-a 127.0.0.1"}
+: ${skkserv_flags:="-a 127.0.0.1 -u skkserv"}
 
 load_rc_config ${name}
 run_rc_command $1