diff options
author | nectar <nectar@FreeBSD.org> | 2001-07-24 15:28:25 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2001-07-24 15:28:25 +0000 |
commit | 5bcd769b92b84a5b370cd816cb361bceda843ce0 (patch) | |
tree | 244ff09c1698d6d44837490f6085f57d50505d2f /security/krb5-16 | |
parent | cbb75135978aca681fc0bc5f49c33ffe118fbe3e (diff) | |
download | FreeBSD-ports-5bcd769b92b84a5b370cd816cb361bceda843ce0.zip FreeBSD-ports-5bcd769b92b84a5b370cd816cb361bceda843ce0.tar.gz |
Update telnetd vulnerability fixes from FreeBSD.
Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
Diffstat (limited to 'security/krb5-16')
4 files changed, 102 insertions, 28 deletions
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h index 95e52f5..38fd6ac 100644 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h +++ b/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h @@ -1,13 +1,24 @@ --- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/ext.h Thu Jul 19 19:14:29 2001 -@@ -190,6 +190,10 @@ - wontoption P((int)), - writenet P((unsigned char *, int)); ++++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001 +@@ -75,7 +75,7 @@ -+extern int output_data __P((const char *, ...)) -+ __printflike(1, 2); -+extern int output_datalen __P((const char *, size_t)); + extern char netibuf[BUFSIZ], *netip; + +-extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; ++extern char netobuf[BUFSIZ], *nfrontp, *nbackp; + extern char *neturg; /* one past last bye of urgent data */ + + extern int pcc, ncc; +@@ -187,8 +187,10 @@ + tty_setsofttab P((int)), + tty_tspeed P((int)), + willoption P((int)), +- wontoption P((int)), +- writenet P((unsigned char *, int)); ++ wontoption P((int)); + ++extern int output_data __P((const char *, ...)) __printflike(1, 2); ++extern int output_datalen __P((const char *, size_t)); + #ifdef ENCRYPTION extern char *nclearto; - #endif /* ENCRYPTION */ diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c b/security/krb5-16/files/patch-appl::telnet::telnetd::state.c index e9d2069..baf2073 100644 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c +++ b/security/krb5-16/files/patch-appl::telnet::telnetd::state.c @@ -1,5 +1,5 @@ ---- appl/telnet/telnetd/state.c.ORIG Wed Feb 28 16:06:51 2001 -+++ appl/telnet/telnetd/state.c Fri Jul 20 08:41:10 2001 +--- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001 ++++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001 @@ -33,6 +33,7 @@ /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */ @@ -8,6 +8,15 @@ #include "telnetd.h" #if defined(AUTHENTICATION) #include <libtelnet/auth.h> +@@ -86,7 +87,7 @@ + if (!auth_negotiated) { + static char *error = + "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n"; +- writenet(error, strlen(error)); ++ output_datalen(error, strlen(error)); + netflush(); + exit(1); + } @@ -209,8 +210,7 @@ } @@ -70,7 +79,13 @@ } } -@@ -1638,6 +1633,46 @@ +@@ -1633,11 +1628,51 @@ + ADD(IAC); + ADD(SE); + +- writenet(statusbuf, ncp - statusbuf); ++ output_datalen(statusbuf, ncp - statusbuf); + netflush(); /* Send it on its way */ DIAG(TD_OPTIONS, {printsub('>', statusbuf, ncp - statusbuf); netflush();}); diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c index 0f1a148..9eef170 100644 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c +++ b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c @@ -1,5 +1,14 @@ --- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/telnetd.c Thu Jul 19 19:20:46 2001 ++++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001 +@@ -693,7 +693,7 @@ + char *error_message = + "Encryption was not successfully negotiated. Goodbye.\r\n\r\n"; + +- writenet(error_message, strlen(error_message)); ++ output_datalen(error_message, strlen(error_message)); + netflush(); + exit(1); + } @@ -782,9 +782,7 @@ { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; @@ -106,7 +115,7 @@ neturg = nfrontp-1; /* off by one XXX */ #endif } -@@ -1495,8 +1477,7 @@ +@@ -1495,13 +1477,11 @@ ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; if (newflow != flowmode) { flowmode = newflow; @@ -116,7 +125,12 @@ IAC, SB, TELOPT_LFLOW, flowmode ? LFLOW_ON : LFLOW_OFF, -@@ -1524,19 +1505,19 @@ + IAC, SE); +- nfrontp += 6; + } + } + pcc--; +@@ -1524,19 +1504,19 @@ break; c = *ptyip++ & 0377, pcc--; if (c == IAC) @@ -141,7 +155,7 @@ } } #if defined(CRAY2) && defined(UNICOS5) -@@ -1707,10 +1688,7 @@ +@@ -1707,10 +1687,7 @@ return; } #endif diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c index 43c12b8..d49598c 100644 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c +++ b/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c @@ -1,5 +1,5 @@ --- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001 -+++ appl/telnet/telnetd/utility.c Thu Jul 19 19:58:05 2001 ++++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001 @@ -58,8 +58,7 @@ { void netflush(); @@ -47,7 +47,41 @@ #ifdef ENCRYPTION if (encrypt_output) { char *s = nclearto ? nclearto : nbackp; -@@ -528,12 +523,11 @@ +@@ -314,33 +309,6 @@ + + + /* +- * writenet +- * +- * Just a handy little function to write a bit of raw data to the net. +- * It will force a transmit of the buffer if necessary +- * +- * arguments +- * ptr - A pointer to a character string to write +- * len - How many bytes to write +- */ +- void +-writenet(ptr, len) +- register unsigned char *ptr; +- register int len; +-{ +- /* flush buffer if no room for new data) */ +- if ((&netobuf[BUFSIZ] - nfrontp) < len) { +- /* if this fails, don't worry, buffer is a little big */ +- netflush(); +- } +- +- memcpy(nfrontp, ptr, len); +- nfrontp += len; +- +-} /* end of writenet */ +- +- +-/* + * miscellaneous functions doing a variety of little jobs follow ... + */ + +@@ -528,12 +496,11 @@ register int option; { if (TELOPT_OK(option)) @@ -63,7 +97,7 @@ return; } -@@ -550,9 +544,8 @@ +@@ -550,9 +517,8 @@ return; if (direction) { @@ -74,7 +108,7 @@ if (length >= 3) { register int j; -@@ -560,232 +553,192 @@ +@@ -560,232 +526,192 @@ j = pointer[length-1]; if (i != IAC || j != SE) { @@ -365,7 +399,7 @@ break; } { -@@ -796,24 +749,19 @@ +@@ -796,24 +722,19 @@ pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", pointer[2]&MODE_ACK ? "|ACK" : ""); @@ -395,7 +429,7 @@ } } break; -@@ -822,24 +770,20 @@ +@@ -822,24 +743,20 @@ register char *cp; register int j, k; @@ -425,7 +459,7 @@ for (i = 2; i < length; i++) { switch(pointer[i]) { -@@ -850,18 +794,15 @@ +@@ -850,18 +767,15 @@ common2: i++; if (TELOPT_OK(pointer[i])) @@ -448,7 +482,7 @@ i++; j = k = i; while (j < length) { -@@ -877,20 +818,17 @@ +@@ -877,20 +791,17 @@ } printsub(0, &pointer[i], k - i); if (i < length) { @@ -472,7 +506,7 @@ break; } } -@@ -900,86 +838,77 @@ +@@ -900,86 +811,77 @@ } case TELOPT_XDISPLOC: @@ -576,7 +610,7 @@ break; } } -@@ -987,90 +916,69 @@ +@@ -987,90 +889,69 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: @@ -684,7 +718,7 @@ } break; } -@@ -1079,86 +987,70 @@ +@@ -1079,86 +960,70 @@ #ifdef ENCRYPTION case TELOPT_ENCRYPT: @@ -789,7 +823,7 @@ } break; } -@@ -1167,18 +1059,15 @@ +@@ -1167,18 +1032,15 @@ default: if (TELOPT_OK(pointer[0])) @@ -812,7 +846,7 @@ } /* -@@ -1200,26 +1089,22 @@ +@@ -1200,26 +1062,22 @@ } /* add a line of output */ |