o Fix a potential ROOT-exploit in NTPD.

(grabbed from src/contrib/ntp/ntpd) o new maintainer. PR: 26369 Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
author: sf <sf@FreeBSD.org> 2001-04-06 03:59:25 +0800
committer: sf <sf@FreeBSD.org> 2001-04-06 03:59:25 +0800
commit: a4c2698e18bebcec085ab07c965cd91686e4835e (patch)
tree: c5cc890aefcdea9a71f3d311c0cc14748eb235b8 /net
parent: d49e027abecb7b4e0f6ec94cc74480077e280518 (diff)
download: freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.tar.gz
freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.tar.zst
freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.zip
6 files changed, 78 insertions, 3 deletions
diff --git a/net/ntp-devel/Makefile b/net/ntp-devel/Makefile
index eafe2cc378ef..171a7bb004ee 100644
--- a/net/ntp-devel/Makefile
+++ b/net/ntp-devel/Makefile
@@ -7,10 +7,11 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.0.99k
+PORTREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.udel.edu/pub/ntp/ntp4/
 
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	Cy.Schubert@uumail.gov.bc.ca
 
 # ntp's configure script created by autoconf 2.14.1 doesn't work
 # if GNU_CONFIGURE is defined
diff --git a/net/ntp-devel/files/patch-ntp_control.c b/net/ntp-devel/files/patch-ntp_control.c
new file mode 100644
index 000000000000..a0faa4906d04
--- /dev/null
+++ b/net/ntp-devel/files/patch-ntp_control.c
@@ -0,0 +1,24 @@
+--- ntpd/ntp_control.c.orig	Sat Jul 15 23:46:05 2000
++++ ntpd/ntp_control.c	Fri Apr  6 01:05:57 2001
+@@ -1821,9 +1821,19 @@
+ 					while (cp < reqend &&
+ 					    isspace((int)*cp))
+ 						cp++;
+-					while (cp < reqend && *cp !=
+-					    ',')
++					while (cp < reqend && *cp != ',') {
+ 						*tp++ = *cp++;
++						if (tp > buf + sizeof(buf)) {
++							msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
++	ntohs(rmt_addr->sin_port)
++);
++							return (0);
++						}
++					}
+ 					if (cp < reqend)
+ 						cp++;
+ 					*tp = '\0';
diff --git a/net/ntp-stable/Makefile b/net/ntp-stable/Makefile
index eafe2cc378ef..171a7bb004ee 100644
--- a/net/ntp-stable/Makefile
+++ b/net/ntp-stable/Makefile
@@ -7,10 +7,11 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.0.99k
+PORTREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.udel.edu/pub/ntp/ntp4/
 
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	Cy.Schubert@uumail.gov.bc.ca
 
 # ntp's configure script created by autoconf 2.14.1 doesn't work
 # if GNU_CONFIGURE is defined
diff --git a/net/ntp-stable/files/patch-ntp_control.c b/net/ntp-stable/files/patch-ntp_control.c
new file mode 100644
index 000000000000..a0faa4906d04
--- /dev/null
+++ b/net/ntp-stable/files/patch-ntp_control.c
@@ -0,0 +1,24 @@
+--- ntpd/ntp_control.c.orig	Sat Jul 15 23:46:05 2000
++++ ntpd/ntp_control.c	Fri Apr  6 01:05:57 2001
+@@ -1821,9 +1821,19 @@
+ 					while (cp < reqend &&
+ 					    isspace((int)*cp))
+ 						cp++;
+-					while (cp < reqend && *cp !=
+-					    ',')
++					while (cp < reqend && *cp != ',') {
+ 						*tp++ = *cp++;
++						if (tp > buf + sizeof(buf)) {
++							msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
++	ntohs(rmt_addr->sin_port)
++);
++							return (0);
++						}
++					}
+ 					if (cp < reqend)
+ 						cp++;
+ 					*tp = '\0';
diff --git a/net/ntp/Makefile b/net/ntp/Makefile
index eafe2cc378ef..171a7bb004ee 100644
--- a/net/ntp/Makefile
+++ b/net/ntp/Makefile
@@ -7,10 +7,11 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.0.99k
+PORTREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.udel.edu/pub/ntp/ntp4/
 
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	Cy.Schubert@uumail.gov.bc.ca
 
 # ntp's configure script created by autoconf 2.14.1 doesn't work
 # if GNU_CONFIGURE is defined
diff --git a/net/ntp/files/patch-ntp_control.c b/net/ntp/files/patch-ntp_control.c
new file mode 100644
index 000000000000..a0faa4906d04
--- /dev/null
+++ b/net/ntp/files/patch-ntp_control.c
@@ -0,0 +1,24 @@
+--- ntpd/ntp_control.c.orig	Sat Jul 15 23:46:05 2000
++++ ntpd/ntp_control.c	Fri Apr  6 01:05:57 2001
+@@ -1821,9 +1821,19 @@
+ 					while (cp < reqend &&
+ 					    isspace((int)*cp))
+ 						cp++;
+-					while (cp < reqend && *cp !=
+-					    ',')
++					while (cp < reqend && *cp != ',') {
+ 						*tp++ = *cp++;
++						if (tp > buf + sizeof(buf)) {
++							msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
++	(ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
++	ntohs(rmt_addr->sin_port)
++);
++							return (0);
++						}
++					}
+ 					if (cp < reqend)
+ 						cp++;
+ 					*tp = '\0';
author	sf <sf@FreeBSD.org>	2001-04-06 03:59:25 +0800
committer	sf <sf@FreeBSD.org>	2001-04-06 03:59:25 +0800
commit	a4c2698e18bebcec085ab07c965cd91686e4835e (patch)
tree	c5cc890aefcdea9a71f3d311c0cc14748eb235b8 /net
parent	d49e027abecb7b4e0f6ec94cc74480077e280518 (diff)
download	freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.tar.gz freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.tar.zst freebsd-ports-gnome-a4c2698e18bebcec085ab07c965cd91686e4835e.zip