aboutsummaryrefslogtreecommitdiffstats
path: root/security/krb5-appl
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2001-07-24 23:28:25 +0800
committernectar <nectar@FreeBSD.org>2001-07-24 23:28:25 +0800
commit5bcd769b92b84a5b370cd816cb361bceda843ce0 (patch)
tree244ff09c1698d6d44837490f6085f57d50505d2f /security/krb5-appl
parentcbb75135978aca681fc0bc5f49c33ffe118fbe3e (diff)
downloadfreebsd-ports-gnome-5bcd769b92b84a5b370cd816cb361bceda843ce0.tar.gz
freebsd-ports-gnome-5bcd769b92b84a5b370cd816cb361bceda843ce0.tar.zst
freebsd-ports-gnome-5bcd769b92b84a5b370cd816cb361bceda843ce0.zip
Update telnetd vulnerability fixes from FreeBSD.
Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
Diffstat (limited to 'security/krb5-appl')
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h27
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::state.c21
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c22
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c60
4 files changed, 102 insertions, 28 deletions
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h
index 95e52f5c66b7..38fd6ac1fd53 100644
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h
@@ -1,13 +1,24 @@
--- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/ext.h Thu Jul 19 19:14:29 2001
-@@ -190,6 +190,10 @@
- wontoption P((int)),
- writenet P((unsigned char *, int));
++++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001
+@@ -75,7 +75,7 @@
-+extern int output_data __P((const char *, ...))
-+ __printflike(1, 2);
-+extern int output_datalen __P((const char *, size_t));
+ extern char netibuf[BUFSIZ], *netip;
+
+-extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
++extern char netobuf[BUFSIZ], *nfrontp, *nbackp;
+ extern char *neturg; /* one past last bye of urgent data */
+
+ extern int pcc, ncc;
+@@ -187,8 +187,10 @@
+ tty_setsofttab P((int)),
+ tty_tspeed P((int)),
+ willoption P((int)),
+- wontoption P((int)),
+- writenet P((unsigned char *, int));
++ wontoption P((int));
+
++extern int output_data __P((const char *, ...)) __printflike(1, 2);
++extern int output_datalen __P((const char *, size_t));
+
#ifdef ENCRYPTION
extern char *nclearto;
- #endif /* ENCRYPTION */
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c
index e9d2069eef6f..baf207333a1d 100644
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c
@@ -1,5 +1,5 @@
---- appl/telnet/telnetd/state.c.ORIG Wed Feb 28 16:06:51 2001
-+++ appl/telnet/telnetd/state.c Fri Jul 20 08:41:10 2001
+--- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001
@@ -33,6 +33,7 @@
/* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */
@@ -8,6 +8,15 @@
#include "telnetd.h"
#if defined(AUTHENTICATION)
#include <libtelnet/auth.h>
+@@ -86,7 +87,7 @@
+ if (!auth_negotiated) {
+ static char *error =
+ "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n";
+- writenet(error, strlen(error));
++ output_datalen(error, strlen(error));
+ netflush();
+ exit(1);
+ }
@@ -209,8 +210,7 @@
}
@@ -70,7 +79,13 @@
}
}
-@@ -1638,6 +1633,46 @@
+@@ -1633,11 +1628,51 @@
+ ADD(IAC);
+ ADD(SE);
+
+- writenet(statusbuf, ncp - statusbuf);
++ output_datalen(statusbuf, ncp - statusbuf);
+ netflush(); /* Send it on its way */
DIAG(TD_OPTIONS,
{printsub('>', statusbuf, ncp - statusbuf); netflush();});
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c
index 0f1a14886101..9eef1709beeb 100644
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c
@@ -1,5 +1,14 @@
--- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/telnetd.c Thu Jul 19 19:20:46 2001
++++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001
+@@ -693,7 +693,7 @@
+ char *error_message =
+ "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
+
+- writenet(error_message, strlen(error_message));
++ output_datalen(error_message, strlen(error_message));
+ netflush();
+ exit(1);
+ }
@@ -782,9 +782,7 @@
{ IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
@@ -106,7 +115,7 @@
neturg = nfrontp-1; /* off by one XXX */
#endif
}
-@@ -1495,8 +1477,7 @@
+@@ -1495,13 +1477,11 @@
ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
if (newflow != flowmode) {
flowmode = newflow;
@@ -116,7 +125,12 @@
IAC, SB, TELOPT_LFLOW,
flowmode ? LFLOW_ON
: LFLOW_OFF,
-@@ -1524,19 +1505,19 @@
+ IAC, SE);
+- nfrontp += 6;
+ }
+ }
+ pcc--;
+@@ -1524,19 +1504,19 @@
break;
c = *ptyip++ & 0377, pcc--;
if (c == IAC)
@@ -141,7 +155,7 @@
}
}
#if defined(CRAY2) && defined(UNICOS5)
-@@ -1707,10 +1688,7 @@
+@@ -1707,10 +1687,7 @@
return;
}
#endif
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
index 43c12b855e52..d49598c27487 100644
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
@@ -1,5 +1,5 @@
--- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001
-+++ appl/telnet/telnetd/utility.c Thu Jul 19 19:58:05 2001
++++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001
@@ -58,8 +58,7 @@
{
void netflush();
@@ -47,7 +47,41 @@
#ifdef ENCRYPTION
if (encrypt_output) {
char *s = nclearto ? nclearto : nbackp;
-@@ -528,12 +523,11 @@
+@@ -314,33 +309,6 @@
+
+
+ /*
+- * writenet
+- *
+- * Just a handy little function to write a bit of raw data to the net.
+- * It will force a transmit of the buffer if necessary
+- *
+- * arguments
+- * ptr - A pointer to a character string to write
+- * len - How many bytes to write
+- */
+- void
+-writenet(ptr, len)
+- register unsigned char *ptr;
+- register int len;
+-{
+- /* flush buffer if no room for new data) */
+- if ((&netobuf[BUFSIZ] - nfrontp) < len) {
+- /* if this fails, don't worry, buffer is a little big */
+- netflush();
+- }
+-
+- memcpy(nfrontp, ptr, len);
+- nfrontp += len;
+-
+-} /* end of writenet */
+-
+-
+-/*
+ * miscellaneous functions doing a variety of little jobs follow ...
+ */
+
+@@ -528,12 +496,11 @@
register int option;
{
if (TELOPT_OK(option))
@@ -63,7 +97,7 @@
return;
}
-@@ -550,9 +544,8 @@
+@@ -550,9 +517,8 @@
return;
if (direction) {
@@ -74,7 +108,7 @@
if (length >= 3) {
register int j;
-@@ -560,232 +553,192 @@
+@@ -560,232 +526,192 @@
j = pointer[length-1];
if (i != IAC || j != SE) {
@@ -365,7 +399,7 @@
break;
}
{
-@@ -796,24 +749,19 @@
+@@ -796,24 +722,19 @@
pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
pointer[2]&MODE_ACK ? "|ACK" : "");
@@ -395,7 +429,7 @@
}
}
break;
-@@ -822,24 +770,20 @@
+@@ -822,24 +743,20 @@
register char *cp;
register int j, k;
@@ -425,7 +459,7 @@
for (i = 2; i < length; i++) {
switch(pointer[i]) {
-@@ -850,18 +794,15 @@
+@@ -850,18 +767,15 @@
common2:
i++;
if (TELOPT_OK(pointer[i]))
@@ -448,7 +482,7 @@
i++;
j = k = i;
while (j < length) {
-@@ -877,20 +818,17 @@
+@@ -877,20 +791,17 @@
}
printsub(0, &pointer[i], k - i);
if (i < length) {
@@ -472,7 +506,7 @@
break;
}
}
-@@ -900,86 +838,77 @@
+@@ -900,86 +811,77 @@
}
case TELOPT_XDISPLOC:
@@ -576,7 +610,7 @@
break;
}
}
-@@ -987,90 +916,69 @@
+@@ -987,90 +889,69 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
@@ -684,7 +718,7 @@
}
break;
}
-@@ -1079,86 +987,70 @@
+@@ -1079,86 +960,70 @@
#ifdef ENCRYPTION
case TELOPT_ENCRYPT:
@@ -789,7 +823,7 @@
}
break;
}
-@@ -1167,18 +1059,15 @@
+@@ -1167,18 +1032,15 @@
default:
if (TELOPT_OK(pointer[0]))
@@ -812,7 +846,7 @@
}
/*
-@@ -1200,26 +1089,22 @@
+@@ -1200,26 +1062,22 @@
}
/* add a line of output */