aboutsummaryrefslogtreecommitdiff
path: root/share/security/patches/SA-01:25/telnetd-krb.4.2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'share/security/patches/SA-01:25/telnetd-krb.4.2.patch')
-rw-r--r--share/security/patches/SA-01:25/telnetd-krb.4.2.patch247
1 files changed, 247 insertions, 0 deletions
diff --git a/share/security/patches/SA-01:25/telnetd-krb.4.2.patch b/share/security/patches/SA-01:25/telnetd-krb.4.2.patch
new file mode 100644
index 0000000000..66e87549cd
--- /dev/null
+++ b/share/security/patches/SA-01:25/telnetd-krb.4.2.patch
@@ -0,0 +1,247 @@
+Index: crypto/kerberosIV/lib/krb/tf_util.c
+===================================================================
+RCS file: /mnt/ncvs/src/crypto/kerberosIV/lib/krb/tf_util.c,v
+retrieving revision 1.1.1.3
+retrieving revision 1.1.1.3.2.1
+diff -u -u -r1.1.1.3 -r1.1.1.3.2.1
+--- crypto/kerberosIV/lib/krb/tf_util.c 2000/01/09 08:29:11 1.1.1.3
++++ crypto/kerberosIV/lib/krb/tf_util.c 2000/12/12 03:07:56 1.1.1.3.2.1
+@@ -249,20 +249,6 @@
+ int
+ tf_create(char *tf_name)
+ {
+- struct stat statbuf;
+- char garbage[BUFSIZ];
+-
+- fd = open(tf_name, O_RDWR | O_BINARY, 0);
+- if (fd >= 0) {
+- if (fstat (fd, &statbuf) == 0) {
+- int i;
+-
+- for (i = 0; i < statbuf.st_size; i += sizeof(garbage))
+- write (fd, garbage, sizeof(garbage));
+- }
+- close (fd);
+- }
+-
+ if (unlink (tf_name) && errno != ENOENT)
+ return TKT_FIL_ACC;
+
+Index: crypto/kerberosIV/lib/krb/kdc_reply.c
+===================================================================
+RCS file: /mnt/ncvs/src/crypto/kerberosIV/lib/krb/kdc_reply.c,v
+retrieving revision 1.1.1.3
+retrieving revision 1.1.1.3.2.1
+diff -u -u -r1.1.1.3 -r1.1.1.3.2.1
+--- crypto/kerberosIV/lib/krb/kdc_reply.c 2000/01/09 08:28:38 1.1.1.3
++++ crypto/kerberosIV/lib/krb/kdc_reply.c 2000/12/12 03:07:17 1.1.1.3.2.1
+@@ -121,6 +121,9 @@
+ p += krb_get_int(p, &exp_date, 4, little_endian);
+ p++; /* master key version number */
+ p += krb_get_int(p, &clen, 2, little_endian);
++ if (reply->length - (p - reply->dat) < clen)
++ return INTK_PROT;
++
+ cip->length = clen;
+ memcpy(cip->dat, p, clen);
+ p += clen;
+Index: crypto/kerberosIV/lib/krb/extra.c
+===================================================================
+RCS file: /mnt/ncvs/src/crypto/kerberosIV/lib/krb/extra.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.1.1.2.2.1
+diff -u -u -r1.1.1.2 -r1.1.1.2.2.1
+--- crypto/kerberosIV/lib/krb/extra.c 2000/01/09 08:28:26 1.1.1.2
++++ crypto/kerberosIV/lib/krb/extra.c 2000/12/12 03:06:34 1.1.1.2.2.1
+@@ -70,30 +70,6 @@
+
+ #ifndef WIN32
+
+-struct obsolete {
+- const char *from;
+- const char *to;
+-} obsolete [] = {
+- { "KDC_TIMESYNC", "kdc_timesync" },
+- { "KRB_REVERSE_DIRECTION", "reverse_lsb_test"},
+- { "krb4_proxy", "krb4_proxy"},
+- { NULL, NULL }
+-};
+-
+-static void
+-check_obsolete(void)
+-{
+- struct obsolete *r;
+- for(r = obsolete; r->from; r++) {
+- if(getenv(r->from)) {
+- krb_warning("The environment variable `%s' is obsolete;\n"
+- "set `%s' in your `krb.extra' file instead\n",
+- r->from, r->to);
+- define_variable(r->to, getenv(r->from));
+- }
+- }
+-}
+-
+ static int
+ read_extra_file(void)
+ {
+@@ -103,7 +79,6 @@
+ if(_krb_extra_read)
+ return 0;
+ _krb_extra_read = 1;
+- check_obsolete();
+ while(krb_get_krbextra(i++, file, sizeof(file)) == 0) {
+ FILE *f = fopen(file, "r");
+ if(f == NULL)
+Index: libexec/telnetd/sys_term.c
+===================================================================
+RCS file: /mnt/ncvs/src/libexec/telnetd/sys_term.c,v
+retrieving revision 1.24.2.3
+retrieving revision 1.24.2.4
+diff -u -u -r1.24.2.3 -r1.24.2.4
+--- libexec/telnetd/sys_term.c 2000/12/11 01:03:23 1.24.2.3
++++ libexec/telnetd/sys_term.c 2000/12/12 03:10:49 1.24.2.4
+@@ -1780,34 +1780,48 @@
+ /*
+ * scrub_env()
+ *
+- * Remove a few things from the environment that
+- * don't need to be there.
++ * We only accept the environment variables listed below.
+ */
+ void
+ scrub_env()
+ {
+- register char **cpp, **cpp2;
++ static const char *reject[] = {
++ "TERMCAP=/",
++ NULL
++ };
+
+- for (cpp2 = cpp = environ; *cpp; cpp++) {
+-#ifdef __FreeBSD__
+- if (strncmp(*cpp, "LD_LIBRARY_PATH=", 16) &&
+- strncmp(*cpp, "LD_PRELOAD=", 11) &&
+-#else
+- if (strncmp(*cpp, "LD_", 3) &&
+- strncmp(*cpp, "_RLD_", 5) &&
+- strncmp(*cpp, "LIBPATH=", 8) &&
+-#endif
+- strncmp(*cpp, "LOCALDOMAIN=", 12) &&
+- strncmp(*cpp, "RES_OPTIONS=", 12) &&
+- strncmp(*cpp, "TERMINFO=", 9) &&
+- strncmp(*cpp, "TERMINFO_DIRS=", 14) &&
+- strncmp(*cpp, "TERMPATH=", 9) &&
+- strncmp(*cpp, "TERMCAP=/", 9) &&
+- strncmp(*cpp, "ENV=", 4) &&
+- strncmp(*cpp, "IFS=", 4))
+- *cpp2++ = *cpp;
+- }
+- *cpp2 = 0;
++ static const char *accept[] = {
++ "XAUTH=", "XAUTHORITY=", "DISPLAY=",
++ "TERM=",
++ "EDITOR=",
++ "PAGER=",
++ "LOGNAME=",
++ "POSIXLY_CORRECT=",
++ "PRINTER=",
++ NULL
++ };
++
++ char **cpp, **cpp2;
++ const char **p;
++
++ for (cpp2 = cpp = environ; *cpp; cpp++) {
++ int reject_it = 0;
++
++ for(p = reject; *p; p++)
++ if(strncmp(*cpp, *p, strlen(*p)) == 0) {
++ reject_it = 1;
++ break;
++ }
++ if (reject_it)
++ continue;
++
++ for(p = accept; *p; p++)
++ if(strncmp(*cpp, *p, strlen(*p)) == 0)
++ break;
++ if(*p != NULL)
++ *cpp2++ = *cpp;
++ }
++ *cpp2 = NULL;
+ }
+
+ /*
+Index: crypto/telnet/telnetd/sys_term.c
+===================================================================
+RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/sys_term.c,v
+retrieving revision 1.7.2.2
+retrieving revision 1.7.2.3
+diff -u -u -r1.7.2.2 -r1.7.2.3
+--- crypto/telnet/telnetd/sys_term.c 2000/12/10 20:27:54 1.7.2.2
++++ crypto/telnet/telnetd/sys_term.c 2000/12/12 03:09:35 1.7.2.3
+@@ -1839,27 +1839,48 @@
+ /*
+ * scrub_env()
+ *
+- * Remove a few things from the environment that
+- * don't need to be there.
++ * We only accept the environment variables listed below.
+ */
+ void
+ scrub_env()
+ {
+- register char **cpp, **cpp2;
++ static const char *reject[] = {
++ "TERMCAP=/",
++ NULL
++ };
+
+- for (cpp2 = cpp = environ; *cpp; cpp++) {
+-#ifdef __FreeBSD__
+- if (strncmp(*cpp, "LD_LIBRARY_PATH=", 16) &&
+- strncmp(*cpp, "LD_PRELOAD=", 11) &&
+-#else
+- if (strncmp(*cpp, "LD_", 3) &&
+- strncmp(*cpp, "_RLD_", 5) &&
+- strncmp(*cpp, "LIBPATH=", 8) &&
+-#endif
+- strncmp(*cpp, "IFS=", 4))
+- *cpp2++ = *cpp;
+- }
+- *cpp2 = 0;
++ static const char *accept[] = {
++ "XAUTH=", "XAUTHORITY=", "DISPLAY=",
++ "TERM=",
++ "EDITOR=",
++ "PAGER=",
++ "LOGNAME=",
++ "POSIXLY_CORRECT=",
++ "PRINTER=",
++ NULL
++ };
++
++ char **cpp, **cpp2;
++ const char **p;
++
++ for (cpp2 = cpp = environ; *cpp; cpp++) {
++ int reject_it = 0;
++
++ for(p = reject; *p; p++)
++ if(strncmp(*cpp, *p, strlen(*p)) == 0) {
++ reject_it = 1;
++ break;
++ }
++ if (reject_it)
++ continue;
++
++ for(p = accept; *p; p++)
++ if(strncmp(*cpp, *p, strlen(*p)) == 0)
++ break;
++ if(*p != NULL)
++ *cpp2++ = *cpp;
++ }
++ *cpp2 = NULL;
+ }
+
+ /*