diff options
| author | Erich Eckner <git@eckner.net> | 2017-09-04 14:43:15 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2017-09-04 14:43:15 +0200 |
| commit | c79ec530af1230e573e3aafee37f25ed1eb4ef90 (patch) | |
| tree | 16c12662f8dcc00a6560e8c04e07745b62aafb91 | |
| parent | 58071065cc08317267e407e00e6e35b2d96c7a9e (diff) | |
| download | archlinuxewe-c79ec530af1230e573e3aafee37f25ed1eb4ef90.tar.xz | |
ncpfs neu
| -rw-r--r-- | ncpfs/01-linux3.0_uname.patch | 20 | ||||
| -rw-r--r-- | ncpfs/02-legacy.patch | 981 | ||||
| -rw-r--r-- | ncpfs/03-multiple_security_issues.patch | 511 | ||||
| -rw-r--r-- | ncpfs/04-drop-mtab-support.patch | 268 | ||||
| -rw-r--r-- | ncpfs/05-ldflags.patch | 77 | ||||
| -rw-r--r-- | ncpfs/06-makefile-remove-generated.patch | 14 | ||||
| -rw-r--r-- | ncpfs/PKGBUILD | 80 |
7 files changed, 1951 insertions, 0 deletions
diff --git a/ncpfs/01-linux3.0_uname.patch b/ncpfs/01-linux3.0_uname.patch new file mode 100644 index 000000000..6818af87b --- /dev/null +++ b/ncpfs/01-linux3.0_uname.patch @@ -0,0 +1,20 @@ +diff -aur ncpfs-2.2.6.org/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c +--- ncpfs-2.2.6.org/sutil/ncpm_common.c 2011-08-23 16:45:11.000000000 +0200 ++++ ncpfs-2.2.6/sutil/ncpm_common.c 2011-08-23 16:52:26.049972551 +0200 +@@ -245,13 +245,13 @@ + + static int getmountver(void) { + struct utsname name; +- int maj, mid, rev; ++ int maj = 0, mid = 0, rev = 0; + int ver; + + if (uname(&name)) { + errexit(1, _("Cannot get kernel release\n")); + } +- if (sscanf(name.release, "%d.%d.%d", &maj, &mid, &rev) != 3) { ++ if (sscanf(name.release, "%d.%d-ARCH", &maj, &mid) != 2) { + errexit(2, _("Cannot convert kernel release \"%s\" to number\n"), name.release); + } + ver = maj*0x10000 + mid*0x100 + rev; + diff --git a/ncpfs/02-legacy.patch b/ncpfs/02-legacy.patch new file mode 100644 index 000000000..d3d1ecc7d --- /dev/null +++ b/ncpfs/02-legacy.patch @@ -0,0 +1,981 @@ +--- a/contrib/pam/pam_ncp_auth.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/contrib/pam/pam_ncp_auth.c 2010-03-27 15:18:45.000000000 +1100 +@@ -257,6 +257,7 @@ + #include <stdlib.h> + #include <stdio.h> + #include <string.h> ++#include <syslog.h> + #include <unistd.h> + #include <pwd.h> + #include <grp.h> +@@ -266,6 +267,7 @@ + #include <fcntl.h> + #include <errno.h> + #include <ctype.h> ++#include <syslog.h> + + #include "support.h" + +--- a/include/ncp/ipxlib.h 2005-01-28 04:35:59.000000000 +1100 ++++ b/include/ncp/ipxlib.h 2010-03-27 15:20:07.000000000 +1100 +@@ -63,32 +63,32 @@ struct sap_query + + struct sap_server_ident + { +- u_int16_t server_type __attribute__((packed)); +- char server_name[48] __attribute__((packed)); +- IPXNet server_network __attribute__((packed)); ++ u_int16_t server_type; ++ char server_name[48]; ++ IPXNet server_network; + #ifdef SWIG +- u_int8_t server_node[6] __attribute__((packed)); ++ u_int8_t server_node[6]; + #else +- IPXNode server_node __attribute__((packed)); ++ IPXNode server_node; + #endif +- IPXPort server_port __attribute__((packed)); +- u_int16_t intermediate_network __attribute__((packed)); +-}; ++ IPXPort server_port; ++ u_int16_t intermediate_network; ++} __attribute__((packed)); + + #define IPX_RIP_REQUEST (0x1) + #define IPX_RIP_RESPONSE (0x2) + + struct ipx_rt_def { +- u_int32_t network __attribute__((packed)); +- u_int16_t hops __attribute__((packed)); +- u_int16_t ticks __attribute__((packed)); +-}; ++ u_int32_t network; ++ u_int16_t hops; ++ u_int16_t ticks; ++} __attribute__((packed)); + + struct ipx_rip_packet + { +- u_int16_t operation __attribute__((packed)); +- struct ipx_rt_def rt[1] __attribute__((packed)); +-}; ++ u_int16_t operation; ++ struct ipx_rt_def rt[1]; ++} __attribute__((packed)); + + #ifdef SWIG + #define IPX_BROADCAST_NODE "\xff\xff\xff\xff\xff\xff" +--- a/include/ncp/kernel/ncp.h 2005-01-28 04:35:59.000000000 +1100 ++++ b/include/ncp/kernel/ncp.h 2010-03-27 15:20:07.000000000 +1100 +@@ -52,28 +52,28 @@ + #define NCP_DEALLOC_SLOT_REQUEST (0x5555) + + struct ncp_request_header { +- u_int16_t type __attribute__((packed)); +- u_int8_t sequence __attribute__((packed)); +- u_int8_t conn_low __attribute__((packed)); +- u_int8_t task __attribute__((packed)); +- u_int8_t conn_high __attribute__((packed)); +- u_int8_t function __attribute__((packed)); +- u_int8_t data[0] __attribute__((packed)); +-}; ++ u_int16_t type; ++ u_int8_t sequence; ++ u_int8_t conn_low; ++ u_int8_t task; ++ u_int8_t conn_high; ++ u_int8_t function; ++ u_int8_t data[0]; ++} __attribute__((packed)); + + #define NCP_REPLY (0x3333) + #define NCP_POSITIVE_ACK (0x9999) + + struct ncp_reply_header { +- u_int16_t type __attribute__((packed)); +- u_int8_t sequence __attribute__((packed)); +- u_int8_t conn_low __attribute__((packed)); +- u_int8_t task __attribute__((packed)); +- u_int8_t conn_high __attribute__((packed)); +- u_int8_t completion_code __attribute__((packed)); +- u_int8_t connection_state __attribute__((packed)); +- u_int8_t data[0] __attribute__((packed)); +-}; ++ u_int16_t type; ++ u_int8_t sequence; ++ u_int8_t conn_low; ++ u_int8_t task; ++ u_int8_t conn_high; ++ u_int8_t completion_code; ++ u_int8_t connection_state; ++ u_int8_t data[0]; ++} __attribute__((packed)); + + #define NCP_VOLNAME_LEN (16) + #define NCP_NUMBER_OF_VOLUMES (64) +@@ -175,64 +175,64 @@ struct ncp_volume_info { + + #ifdef SWIG + struct nw_info_struct { +- u_int32_t spaceAlloc __attribute__((packed)); +- u_int32_t attributes __attribute__((packed)); +- u_int16_t flags __attribute__((packed)); +- u_int32_t dataStreamSize __attribute__((packed)); +- u_int32_t totalStreamSize __attribute__((packed)); +- u_int16_t numberOfStreams __attribute__((packed)); +- u_int16_t creationTime __attribute__((packed)); +- u_int16_t creationDate __attribute__((packed)); +- u_int32_t creatorID __attribute__((packed)); +- u_int16_t modifyTime __attribute__((packed)); +- u_int16_t modifyDate __attribute__((packed)); +- u_int32_t modifierID __attribute__((packed)); +- u_int16_t lastAccessDate __attribute__((packed)); +- u_int16_t archiveTime __attribute__((packed)); +- u_int16_t archiveDate __attribute__((packed)); +- u_int32_t archiverID __attribute__((packed)); +- u_int16_t inheritedRightsMask __attribute__((packed)); +- u_int32_t dirEntNum __attribute__((packed)); +- u_int32_t DosDirNum __attribute__((packed)); +- u_int32_t volNumber __attribute__((packed)); +- u_int32_t EADataSize __attribute__((packed)); +- u_int32_t EAKeyCount __attribute__((packed)); +- u_int32_t EAKeySize __attribute__((packed)); +- u_int32_t NSCreator __attribute__((packed)); ++ u_int32_t spaceAlloc; ++ u_int32_t attributes; ++ u_int16_t flags; ++ u_int32_t dataStreamSize; ++ u_int32_t totalStreamSize; ++ u_int16_t numberOfStreams; ++ u_int16_t creationTime; ++ u_int16_t creationDate; ++ u_int32_t creatorID; ++ u_int16_t modifyTime; ++ u_int16_t modifyDate; ++ u_int32_t modifierID; ++ u_int16_t lastAccessDate; ++ u_int16_t archiveTime; ++ u_int16_t archiveDate; ++ u_int32_t archiverID; ++ u_int16_t inheritedRightsMask; ++ u_int32_t dirEntNum; ++ u_int32_t DosDirNum; ++ u_int32_t volNumber; ++ u_int32_t EADataSize; ++ u_int32_t EAKeyCount; ++ u_int32_t EAKeySize; ++ u_int32_t NSCreator; + %pragma(swig) readonly +- u_int8_t nameLen __attribute__((packed)); ++ u_int8_t nameLen; + %pragma(swig) readwrite +- byteLenPrefixCharArray entryName[255] __attribute__((packed)); +-}; ++ byteLenPrefixCharArray entryName[255]; ++} __attribute__((packed)); + #else + struct nw_info_struct { +- u_int32_t spaceAlloc __attribute__((packed)); +- u_int32_t attributes __attribute__((packed)); +- u_int16_t flags __attribute__((packed)); +- u_int32_t dataStreamSize __attribute__((packed)); +- u_int32_t totalStreamSize __attribute__((packed)); +- u_int16_t numberOfStreams __attribute__((packed)); +- u_int16_t creationTime __attribute__((packed)); +- u_int16_t creationDate __attribute__((packed)); +- u_int32_t creatorID __attribute__((packed)); +- u_int16_t modifyTime __attribute__((packed)); +- u_int16_t modifyDate __attribute__((packed)); +- u_int32_t modifierID __attribute__((packed)); +- u_int16_t lastAccessDate __attribute__((packed)); +- u_int16_t archiveTime __attribute__((packed)); +- u_int16_t archiveDate __attribute__((packed)); +- u_int32_t archiverID __attribute__((packed)); +- u_int16_t inheritedRightsMask __attribute__((packed)); +- u_int32_t dirEntNum __attribute__((packed)); +- u_int32_t DosDirNum __attribute__((packed)); +- u_int32_t volNumber __attribute__((packed)); +- u_int32_t EADataSize __attribute__((packed)); +- u_int32_t EAKeyCount __attribute__((packed)); +- u_int32_t EAKeySize __attribute__((packed)); +- u_int32_t NSCreator __attribute__((packed)); +- u_int8_t nameLen __attribute__((packed)); +- u_int8_t entryName[256] __attribute__((packed)); +-}; ++ u_int32_t spaceAlloc; ++ u_int32_t attributes; ++ u_int16_t flags; ++ u_int32_t dataStreamSize; ++ u_int32_t totalStreamSize; ++ u_int16_t numberOfStreams; ++ u_int16_t creationTime; ++ u_int16_t creationDate; ++ u_int32_t creatorID; ++ u_int16_t modifyTime; ++ u_int16_t modifyDate; ++ u_int32_t modifierID; ++ u_int16_t lastAccessDate; ++ u_int16_t archiveTime; ++ u_int16_t archiveDate; ++ u_int32_t archiverID; ++ u_int16_t inheritedRightsMask; ++ u_int32_t dirEntNum; ++ u_int32_t DosDirNum; ++ u_int32_t volNumber; ++ u_int32_t EADataSize; ++ u_int32_t EAKeyCount; ++ u_int32_t EAKeySize; ++ u_int32_t NSCreator; ++ u_int8_t nameLen; ++ u_int8_t entryName[256]; ++} __attribute__((packed)); + #endif + + /* modify mask - use with MODIFY_DOS_INFO structure */ +@@ -251,46 +251,46 @@ struct nw_info_struct { + #define DM_MAXIMUM_SPACE (0x00002000L) + + struct nw_modify_dos_info { +- u_int32_t attributes __attribute__((packed)); +- u_int16_t creationDate __attribute__((packed)); +- u_int16_t creationTime __attribute__((packed)); +- u_int32_t creatorID __attribute__((packed)); +- u_int16_t modifyDate __attribute__((packed)); +- u_int16_t modifyTime __attribute__((packed)); +- u_int32_t modifierID __attribute__((packed)); +- u_int16_t archiveDate __attribute__((packed)); +- u_int16_t archiveTime __attribute__((packed)); +- u_int32_t archiverID __attribute__((packed)); +- u_int16_t lastAccessDate __attribute__((packed)); +- u_int16_t inheritanceGrantMask __attribute__((packed)); +- u_int16_t inheritanceRevokeMask __attribute__((packed)); +- u_int32_t maximumSpace __attribute__((packed)); +-}; ++ u_int32_t attributes; ++ u_int16_t creationDate; ++ u_int16_t creationTime; ++ u_int32_t creatorID; ++ u_int16_t modifyDate; ++ u_int16_t modifyTime; ++ u_int32_t modifierID; ++ u_int16_t archiveDate; ++ u_int16_t archiveTime; ++ u_int32_t archiverID; ++ u_int16_t lastAccessDate; ++ u_int16_t inheritanceGrantMask; ++ u_int16_t inheritanceRevokeMask; ++ u_int32_t maximumSpace; ++} __attribute__((packed)); + + #ifdef SWIG + struct nw_file_info { + struct nw_info_struct i; + int opened; + int access; +- u_int32_t server_file_handle __attribute__((packed)); +- u_int8_t open_create_action __attribute__((packed)); +- fixedArray file_handle[6] __attribute__((packed)); +-}; ++ u_int32_t server_file_handle; ++ u_int8_t open_create_action; ++ fixedArray file_handle[6]; ++} __attribute__((packed)); + #else + struct nw_file_info { + struct nw_info_struct i; + int opened; + int access; +- u_int32_t server_file_handle __attribute__((packed)); +- u_int8_t open_create_action __attribute__((packed)); +- u_int8_t file_handle[6] __attribute__((packed)); +-}; ++ u_int32_t server_file_handle; ++ u_int8_t open_create_action; ++ u_int8_t file_handle[6]; ++} __attribute__((packed)); + #endif + + struct nw_search_sequence { +- u_int8_t volNumber __attribute__((packed)); +- u_int32_t dirBase __attribute__((packed)); +- u_int32_t sequence __attribute__((packed)); +-}; ++ u_int8_t volNumber; ++ u_int32_t dirBase; ++ u_int32_t sequence; ++} __attribute__((packed)); + + #endif /* _LINUX_NCP_H */ +--- a/include/ncp/ncp.h 2005-01-28 04:35:59.000000000 +1100 ++++ b/include/ncp/ncp.h 2010-03-27 15:20:07.000000000 +1100 +@@ -91,21 +91,21 @@ struct nw_property { + }; + + struct prop_net_address { +- u_int32_t network __attribute__((packed)); ++ u_int32_t network; + #ifdef SWIG + fixedArray node[IPX_NODE_LEN]; + #else +- u_int8_t node[IPX_NODE_LEN] __attribute__((packed)); ++ u_int8_t node[IPX_NODE_LEN]; + #endif +- u_int16_t port __attribute__((packed)); +-}; ++ u_int16_t port; ++} __attribute__((packed)); + + struct ncp_filesearch_info { + u_int8_t volume_number; + u_int16_t directory_id; + u_int16_t sequence_no; + u_int8_t access_rights; +-}; ++} __attribute__((packed)); + + #define NCP_MAX_FILENAME (14) + struct ncp_file_info { +@@ -127,28 +127,28 @@ struct ncp_file_info { + + #ifdef SWIG + struct nw_queue_job_entry { +- u_int16_t InUse __attribute__((packed)); +- u_int32_t prev __attribute__((packed)); +- u_int32_t next __attribute__((packed)); +- u_int32_t ClientStation __attribute__((packed)); +- u_int32_t ClientTask __attribute__((packed)); +- u_int32_t ClientObjectID __attribute__((packed)); +- u_int32_t TargetServerID __attribute__((packed)); +- fixedArray TargetExecTime[6] __attribute__((packed)); +- fixedArray JobEntryTime[6] __attribute__((packed)); +- u_int32_t JobNumber __attribute__((packed)); +- u_int16_t JobType __attribute__((packed)); +- u_int16_t JobPosition __attribute__((packed)); +- u_int16_t JobControlFlags __attribute__((packed)); +- u_int8_t FileNameLen __attribute__((packed)); +- byteLenPrefixCharArray JobFileName[13] __attribute__((packed)); +- u_int32_t JobFileHandle __attribute__((packed)); +- u_int32_t ServerStation __attribute__((packed)); +- u_int32_t ServerTaskNumber __attribute__((packed)); +- u_int32_t ServerObjectID __attribute__((packed)); +- fixedCharArray JobTextDescription[50] __attribute__((packed)); +- fixedArray ClientRecordArea[152] __attribute__((packed)); +-}; ++ u_int16_t InUse; ++ u_int32_t prev; ++ u_int32_t next; ++ u_int32_t ClientStation; ++ u_int32_t ClientTask; ++ u_int32_t ClientObjectID; ++ u_int32_t TargetServerID; ++ fixedArray TargetExecTime[6]; ++ fixedArray JobEntryTime[6]; ++ u_int32_t JobNumber; ++ u_int16_t JobType; ++ u_int16_t JobPosition; ++ u_int16_t JobControlFlags; ++ u_int8_t FileNameLen; ++ byteLenPrefixCharArray JobFileName[13]; ++ u_int32_t JobFileHandle; ++ u_int32_t ServerStation; ++ u_int32_t ServerTaskNumber; ++ u_int32_t ServerObjectID; ++ fixedCharArray JobTextDescription[50]; ++ fixedArray ClientRecordArea[152]; ++} __attribute__((packed)); + + struct queue_job { + struct nw_queue_job_entry j; +@@ -156,28 +156,28 @@ struct queue_job { + }; + #else + struct nw_queue_job_entry { +- u_int16_t InUse __attribute__((packed)); +- u_int32_t prev __attribute__((packed)); +- u_int32_t next __attribute__((packed)); +- u_int32_t ClientStation __attribute__((packed)); +- u_int32_t ClientTask __attribute__((packed)); +- u_int32_t ClientObjectID __attribute__((packed)); +- u_int32_t TargetServerID __attribute__((packed)); +- u_int8_t TargetExecTime[6] __attribute__((packed)); +- u_int8_t JobEntryTime[6] __attribute__((packed)); +- u_int32_t JobNumber __attribute__((packed)); +- u_int16_t JobType __attribute__((packed)); +- u_int16_t JobPosition __attribute__((packed)); +- u_int16_t JobControlFlags __attribute__((packed)); +- u_int8_t FileNameLen __attribute__((packed)); +- char JobFileName[13] __attribute__((packed)); +- u_int32_t JobFileHandle __attribute__((packed)); +- u_int32_t ServerStation __attribute__((packed)); +- u_int32_t ServerTaskNumber __attribute__((packed)); +- u_int32_t ServerObjectID __attribute__((packed)); +- char JobTextDescription[50] __attribute__((packed)); +- char ClientRecordArea[152] __attribute__((packed)); +-}; ++ u_int16_t InUse; ++ u_int32_t prev; ++ u_int32_t next; ++ u_int32_t ClientStation; ++ u_int32_t ClientTask; ++ u_int32_t ClientObjectID; ++ u_int32_t TargetServerID; ++ u_int8_t TargetExecTime[6]; ++ u_int8_t JobEntryTime[6]; ++ u_int32_t JobNumber; ++ u_int16_t JobType; ++ u_int16_t JobPosition; ++ u_int16_t JobControlFlags; ++ u_int8_t FileNameLen; ++ char JobFileName[13]; ++ u_int32_t JobFileHandle; ++ u_int32_t ServerStation; ++ u_int32_t ServerTaskNumber; ++ u_int32_t ServerObjectID; ++ char JobTextDescription[50]; ++ char ClientRecordArea[152]; ++} __attribute__((packed)); + + struct queue_job { + struct nw_queue_job_entry j; +@@ -202,34 +202,34 @@ struct queue_job { + + #ifdef SWIG + struct print_job_record { +- u_int8_t Version __attribute__((packed)); +- u_int8_t TabSize __attribute__((packed)); +- u_int16_t Copies __attribute__((packed)); +- u_int16_t CtrlFlags __attribute__((packed)); +- u_int16_t Lines __attribute__((packed)); +- u_int16_t Rows __attribute__((packed)); +- fixedCharArray FormName[16] __attribute__((packed)); +- fixedArray Reserved[6] __attribute__((packed)); +- fixedCharArray BannerName[13] __attribute__((packed)); +- fixedCharArray FnameBanner[13] __attribute__((packed)); +- fixedCharArray FnameHeader[14] __attribute__((packed)); +- fixedCharArray Path[80] __attribute__((packed)); +-}; ++ u_int8_t Version; ++ u_int8_t TabSize; ++ u_int16_t Copies; ++ u_int16_t CtrlFlags; ++ u_int16_t Lines; ++ u_int16_t Rows; ++ fixedCharArray FormName[16]; ++ fixedArray Reserved[6]; ++ fixedCharArray BannerName[13]; ++ fixedCharArray FnameBanner[13]; ++ fixedCharArray FnameHeader[14]; ++ fixedCharArray Path[80]; ++} __attribute__((packed)); + #else + struct print_job_record { +- u_int8_t Version __attribute__((packed)); +- u_int8_t TabSize __attribute__((packed)); +- u_int16_t Copies __attribute__((packed)); +- u_int16_t CtrlFlags __attribute__((packed)); +- u_int16_t Lines __attribute__((packed)); +- u_int16_t Rows __attribute__((packed)); +- char FormName[16] __attribute__((packed)); +- u_int8_t Reserved[6] __attribute__((packed)); +- char BannerName[13] __attribute__((packed)); +- char FnameBanner[13] __attribute__((packed)); +- char FnameHeader[14] __attribute__((packed)); +- char Path[80] __attribute__((packed)); +-}; ++ u_int8_t Version; ++ u_int8_t TabSize; ++ u_int16_t Copies; ++ u_int16_t CtrlFlags; ++ u_int16_t Lines; ++ u_int16_t Rows; ++ char FormName[16]; ++ u_int8_t Reserved[6]; ++ char BannerName[13]; ++ char FnameBanner[13]; ++ char FnameHeader[14]; ++ char Path[80]; ++} __attribute__((packed)); + #endif + + #endif /* _NCP_H */ +--- a/include/ncp/ncplib.h 2005-01-28 04:35:59.000000000 +1100 ++++ b/include/ncp/ncplib.h 2010-03-27 15:20:07.000000000 +1100 +@@ -107,7 +107,7 @@ extern "C" { + + /* we know that the 386 can handle misalignment and has the "right" + byteorder */ +-#if defined(__i386__) ++#if 0 + + static inline word + WVAL_LH(const void * buf, int pos) +@@ -462,25 +462,25 @@ struct ncp_file_server_info + #else + struct ncp_file_server_info + { +- u_int8_t ServerName[48] __attribute__((packed)); +- u_int8_t FileServiceVersion __attribute__((packed)); +- u_int8_t FileServiceSubVersion __attribute__((packed)); +- u_int16_t MaximumServiceConnections __attribute__((packed)); +- u_int16_t ConnectionsInUse __attribute__((packed)); +- u_int16_t NumberMountedVolumes __attribute__((packed)); +- u_int8_t Revision __attribute__((packed)); +- u_int8_t SFTLevel __attribute__((packed)); +- u_int8_t TTSLevel __attribute__((packed)); +- u_int16_t MaxConnectionsEverUsed __attribute__((packed)); +- u_int8_t AccountVersion __attribute__((packed)); +- u_int8_t VAPVersion __attribute__((packed)); +- u_int8_t QueueVersion __attribute__((packed)); +- u_int8_t PrintVersion __attribute__((packed)); +- u_int8_t VirtualConsoleVersion __attribute__((packed)); +- u_int8_t RestrictionLevel __attribute__((packed)); +- u_int8_t InternetBridge __attribute__((packed)); +- u_int8_t Reserved[60] __attribute__((packed)); +-}; ++ u_int8_t ServerName[48]; ++ u_int8_t FileServiceVersion; ++ u_int8_t FileServiceSubVersion; ++ u_int16_t MaximumServiceConnections; ++ u_int16_t ConnectionsInUse; ++ u_int16_t NumberMountedVolumes; ++ u_int8_t Revision; ++ u_int8_t SFTLevel; ++ u_int8_t TTSLevel; ++ u_int16_t MaxConnectionsEverUsed; ++ u_int8_t AccountVersion; ++ u_int8_t VAPVersion; ++ u_int8_t QueueVersion; ++ u_int8_t PrintVersion; ++ u_int8_t VirtualConsoleVersion; ++ u_int8_t RestrictionLevel; ++ u_int8_t InternetBridge; ++ u_int8_t Reserved[60]; ++} __attribute__((packed)); + #endif + + struct ncp_file_server_info_2 { +@@ -588,47 +588,47 @@ long + + struct ncp_station_addr + { +- u_int32_t NetWork __attribute__((packed)); ++ u_int32_t NetWork; + #ifdef SWIG + fixedArray Node[6]; + #else +- u_int8_t Node[6] __attribute__((packed)); ++ u_int8_t Node[6]; + #endif +- u_int16_t Socket __attribute__((packed)); +-}; ++ u_int16_t Socket; ++} __attribute__((packed)); + + struct ncp_prop_login_control + { + #ifdef SWIG + fixedArray AccountExpireDate[3]; + #else +- u_int8_t AccountExpireDate[3] __attribute__((packed)); ++ u_int8_t AccountExpireDate[3]; + #endif +- u_int8_t Disabled __attribute__((packed)); ++ u_int8_t Disabled; + #ifdef SWIG + fixedArray PasswordExpireDate[3]; + #else +- u_int8_t PasswordExpireDate[3] __attribute__((packed)); ++ u_int8_t PasswordExpireDate[3]; + #endif +- u_int8_t GraceLogins __attribute__((packed)); +- u_int16_t PasswordExpireInterval __attribute__((packed)); +- u_int8_t MaxGraceLogins __attribute__((packed)); +- u_int8_t MinPasswordLength __attribute__((packed)); +- u_int16_t MaxConnections __attribute__((packed)); ++ u_int8_t GraceLogins; ++ u_int16_t PasswordExpireInterval; ++ u_int8_t MaxGraceLogins; ++ u_int8_t MinPasswordLength; ++ u_int16_t MaxConnections; + #ifdef SWIG +- fixedArray ConnectionTimeMask[42] __attribute__((packed)); +- fixedArray LastLogin[6] __attribute__((packed)); ++ fixedArray ConnectionTimeMask[42]; ++ fixedArray LastLogin[6]; + #else +- u_int8_t ConnectionTimeMask[42] __attribute__((packed)); +- u_int8_t LastLogin[6] __attribute__((packed)); ++ u_int8_t ConnectionTimeMask[42]; ++ u_int8_t LastLogin[6]; + #endif +- u_int8_t RestrictionMask __attribute__((packed)); +- u_int8_t reserved __attribute__((packed)); +- u_int32_t MaxDiskUsage __attribute__((packed)); +- u_int16_t BadLoginCount __attribute__((packed)); +- u_int32_t BadLoginCountDown __attribute__((packed)); +- struct ncp_station_addr LastIntruder __attribute__((packed)); +-}; ++ u_int8_t RestrictionMask; ++ u_int8_t reserved; ++ u_int32_t MaxDiskUsage; ++ u_int16_t BadLoginCount; ++ u_int32_t BadLoginCountDown; ++ struct ncp_station_addr LastIntruder; ++} __attribute__((packed)); + + NWCCODE NWReadPropertyValue(NWCONN_HANDLE conn, const char *objName, + NWObjectType objType, const char *propertyName, +--- a/ipx-1.0/ipx_internal_net.8 2005-01-28 04:35:59.000000000 +1100 ++++ b/ipx-1.0/ipx_internal_net.8 2007-09-16 21:43:16.000000000 +1000 +@@ -15,6 +15,8 @@ not have a physical device or frame type + a route-independent address for service providers. Internal networks + are optional; however, when one is present it is also the + Primary Interface. There can only be one internal network per host. ++The node number defaults to 1 if a second arg is not ++given to the "add" command. + .SS OPTIONS + .TP + .I add +--- a/ipx-1.0/Makefile.in 2005-01-28 04:35:59.000000000 +1100 ++++ b/ipx-1.0/Makefile.in 2007-09-16 21:43:16.000000000 +1000 +@@ -52,8 +52,8 @@ mrproper: clean + distclean: mrproper + + install: $(UTILS) $(MAN8GZ) $(UTIIPX) +- $(INSTALL) -d $(DESTDIR)$(bindir) +- $(INSTALL) $(UTILS) $(UTIIPX) $(DESTDIR)$(bindir) ++ $(INSTALL) -d $(DESTDIR)$(sbindir) ++ $(INSTALL) $(UTILS) $(UTIIPX) $(DESTDIR)$(sbindir) + $(INSTALL) -d $(DESTDIR)$(mandir)/man8 + $(INSTALL_DATA) $(MAN8GZ) $(DESTDIR)$(mandir)/man8 + +--- a/lib/ncplib.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/lib/ncplib.c 2010-03-27 15:20:07.000000000 +1100 +@@ -2421,7 +2421,7 @@ ncp_initialize_2(int *argc, char **argv, + int i = 1; + NWCCODE nwerr; + +- static int get_argument(int arg_no, const char **target) { ++ int get_argument(int arg_no, const char **target) { + int count = 1; + + if (target != NULL) { +@@ -2584,14 +2584,14 @@ ncp_request(struct ncp_conn *conn, int f + + struct nw_time_buffer + { +- u_int8_t year __attribute__((packed)); +- u_int8_t month __attribute__((packed)); +- u_int8_t day __attribute__((packed)); +- u_int8_t hour __attribute__((packed)); +- u_int8_t minute __attribute__((packed)); +- u_int8_t second __attribute__((packed)); +- u_int8_t wday __attribute__((packed)); +-}; ++ u_int8_t year; ++ u_int8_t month; ++ u_int8_t day; ++ u_int8_t hour; ++ u_int8_t minute; ++ u_int8_t second; ++ u_int8_t wday; ++} __attribute__((packed)); + + static time_t + nw_to_ctime(struct nw_time_buffer *source) +--- a/lib/ndslib.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/lib/ndslib.c 2010-03-27 15:18:45.000000000 +1100 +@@ -49,7 +49,7 @@ + #define RANDBUF /* if defined: read random data once from /dev/urandom */ + /*#define ERR_MSG*/ /* if defined: show error messages in nds_login_auth */ + /*#define DEBUG_PRINT*/ +-/*#define FIND_ISR */ /* if defined: show reasons for -330 invalid response */ ++#define FIND_ISR /* if defined: show reasons for -330 invalid response */ + + #define NCP_OBSOLETE + +--- a/man/Makefile.in 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/Makefile.in 2010-03-27 15:18:45.000000000 +1100 +@@ -15,7 +15,7 @@ MOUNT2 = @MOUNT2@ + + MAN1 := nprint.1 nsend.1 nwauth.1 nwbols.1 nwboprops.1 nwbpset.1 \ + nwbpvalues.1 nwdir.1 nwfsinfo.1 nwfstime.1 nwpasswd.1 nwpurge.1 \ +- nwrights.1 nwsfind.1 nwtrustee.1 nwuserlist.1 nwvolinfo.1 pqlist.1 \ ++ nwrights.1 nwsfind.1 nwtrustee.1 nwtrustee2.1 nwuserlist.1 nwvolinfo.1 pqlist.1 \ + nwpqjob.1 pqstat.1 pserver.1 slist.1 nwpjmv.1 + MAN3 := $(notdir $(wildcard ${this_srcdir}/*.3ncp)) + MAN5 := nwclient.5 +@@ -47,6 +47,7 @@ install: all + ln -sf nwpqjob.1.gz $(DESTDIR)$(mandir)/man1/pqrm.1.gz + ifeq ($(USE_KERNEL),1) + ln -sf ncpmount.8.gz $(DESTDIR)$(mandir)/man8/mount.ncp.8.gz ++ ln -sf ncpmount.8.gz $(DESTDIR)$(mandir)/man8/mount.ncpfs.8.gz + endif + + install-dev: all +--- a/man/ncpmount.8 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/ncpmount.8 2007-09-16 21:43:16.000000000 +1000 +@@ -282,7 +282,7 @@ is done by commercial workstations, plea + You can specify character translation rules for converting names from + unicode to your desktop (it works together with \fB-p\fP). + .I iocharset +-is charset name, for example \fIiso-8859-1\fP. ++is charset name, for example \fIiso8859-1\fP. + .RE + + .B -p +--- a/man/nwbpset.1 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/nwbpset.1 2010-03-27 15:18:45.000000000 +1100 +@@ -26,7 +26,7 @@ Reads a property specification from the + sets the corresponding property. The format is determined by the + output of 'nwbpvalues -c'. nwbpset will hopefully become an important + part of the bindery management suite of ncpfs, together with +-'nwbpvalues -c'. See util/nwbpsecurity for an example. ++\'nwbpvalues -c\'. See util/nwbpsecurity for an example. + + As another example, look at the following command line: + +--- a/man/nwbpvalues.1 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/nwbpvalues.1 2007-09-16 21:43:16.000000000 +1000 +@@ -1,4 +1,4 @@ +-.TH NWBPVALUES 8 7/9/1996 nwbpvalues nwbpvalues ++.TH NWBPVALUES 1 7/9/1996 nwbpvalues nwbpvalues + .SH NAME + nwbpvalues \- Print a NetWare Bindery Propery's contents + .SH SYNOPSIS +--- a/man/nwfsctrl.8 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/nwfsctrl.8 2007-09-16 21:43:16.000000000 +1000 +@@ -1,4 +1,4 @@ +-.TH NWFSCTRL 1 2/12/1999 nwfsctrl nwfsctrl ++.TH NWFSCTRL 8 2/12/1999 nwfsctrl nwfsctrl + .SH NAME + nwfsctrl \- Perform server command + .SH SYNOPSIS +--- a/man/nwtrustee.1 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/nwtrustee.1 2007-09-16 21:43:16.000000000 +1000 +@@ -1,4 +1,4 @@ +-.TH NWTRUSTEE 8 7/9/1996 nwtrustee nwtrustee ++.TH NWTRUSTEE 1 7/9/1996 nwtrustee nwtrustee + .SH NAME + nwtrustee \- List an object's trustee directory assignments + .SH SYNOPSIS +--- a/man/nwtrustee2.1 1970-01-01 10:00:00.000000000 +1000 ++++ b/man/nwtrustee2.1 2007-09-16 21:43:16.000000000 +1000 +@@ -0,0 +1,52 @@ ++.TH NWTRUSTEE2 1 10/16/2005 nwtrustee2 nwtrustee2 ++.SH NAME ++nwtrustee2 \- Lists trustees and permissions of a ncp directory ++.SH SYNOPSIS ++.B nwtrustee2 ++[ ++.B -h ++] [ ++.B -? ++] [ ++.B -v ++] [ ++.I directory ++] ++ ++.SH DESCRIPTION ++.B nwtrustee2 ++lists the permissions assigned to any trustees for a given ncp directory. It ++does not show the inherited permissions, but only the ones directly assigned to ++it. ++ ++The letters used to express the permissions are explained in the ++\fInwgrant\fP(1) manpage. ++ ++The \fIdirectory\fP has to belong to a volume mounted with \fIncpmount\fP or ++mount.ncp, if omited the current directory is used. ++ ++.SH OPTIONS ++ ++.B -h ++or ++.B -? ++.RS 3 ++.B -h ++or ++.B -? ++prints a short help text. ++.RE ++ ++.B -v ++.RS 3 ++Verbose mode. Prints the directory name before procesing. ++.RE ++ ++.SH SEE ALSO ++ ++\fInwtrustee\fP(1), \fInwgrant\fP(1), \fInwrevoke\fP(1), \fInwrights\fP(1) ++ ++ ++.SH AUTHORS ++nwtrustee2 was written by Petr Vandrovec <vandrove@vc.cvut.cz>. ++This manual page was written by Maximiliano Curia <maxy@gnuservers.com.ar>. +--- a/man/nwvolinfo.1 2005-01-28 04:35:59.000000000 +1100 ++++ b/man/nwvolinfo.1 2007-09-16 21:43:16.000000000 +1000 +@@ -1,4 +1,4 @@ +-.TH NWVOLINFO 8 7/9/1996 nwvolinfo nwvolinfo ++.TH NWVOLINFO 1 7/9/1996 nwvolinfo nwvolinfo + .SH NAME + nwvolinfo \- Diplay info on NetWare Volumes + .SH SYNOPSIS +@@ -97,4 +97,4 @@ Display the information in numeric-only + + .SH AUTHORS + nwvolinfo was written by Jacek Stepniewski <cunio@gazeta.pl> based on +-utilities by Volker Lendecke. +\ No newline at end of file ++utilities by Volker Lendecke. +Binary files ncpfs-2.2.6/po/de.gmo and b/po/de.gmo differ +--- a/po/de.po 2005-01-28 04:35:59.000000000 +1100 ++++ b/po/de.po 2007-09-16 21:43:16.000000000 +1000 +@@ -216,7 +216,7 @@ msgstr "%s: Ungültiger Routerknoten %s\ + #: ipx-1.0/ipx_route.c:98 + #, c-format + msgid "%s: Node (%s) is invalid.\n" +-msgstr "%s: Knoten (%s) is ungültig.\n" ++msgstr "%s: Knoten (%s) ist ungültig.\n" + + #: ipx-1.0/ipx_route.c:124 + #, c-format +@@ -1426,7 +1426,7 @@ msgstr "Kann Verbindung zu Kontext nicht + #: sutil/ncplogin.c:920 + #, c-format + msgid "Cannot authenticate connection: %s\n" +-msgstr "Kann Vebindung nicht authentifizieren: %s\n" ++msgstr "Kann Verbindung nicht authentifizieren: %s\n" + + #: sutil/ncplogin.c:939 + #, c-format +@@ -1789,7 +1789,7 @@ msgstr "bind(wdog_sock, ): %s\n" + #: sutil/ncpm_common.c:1791 + #, c-format + msgid "Could not open message socket: %s\n" +-msgstr "Konte Socket für Nachrichten nicht öffnen: %s\n" ++msgstr "Konnte Socket für Nachrichten nicht öffnen: %s\n" + + #: sutil/ncpm_common.c:1799 + #, c-format +@@ -1904,7 +1904,7 @@ msgid "" + "\n" + msgstr "" + "\n" +-"-v Detailierte Ausgabe\n" ++"-v Detaillierte Ausgabe\n" + "-i interface Zu testendes Interface, Standard: eth0\n" + "-t timeout Wartezeit auf Antwort in Sekunden, Standard: 3\n" + "-h Zeigt diesen Hilfetext an\n" +@@ -2782,7 +2782,7 @@ msgstr "" + "\n" + "-t type Typ der aufzulistenden Objekte (Dezimalwert)\n" + "-o object Maske für aufzulistenden Objekte\n" +-"-v Detailierte Auflistung\n" ++"-v Detaillierte Auflistung\n" + "-a Alternatives Ausgabeformat\n" + "-d Objekttyp dezimal anzeigen\n" + "\n" +@@ -2818,7 +2818,7 @@ msgstr "" + "\n" + "-o object_name Name des zu überprüfenden Objekts\n" + "-t type Objekttyp (Dezimalwert)\n" +-"-v Detailierte Auflistung\n" ++"-v Detaillierte Auflistung\n" + "\n" + + #: util/nwborm.c:47 +@@ -3129,7 +3129,7 @@ msgstr "" + "-o object_name Objektname\n" + "-t type Objekttyp (Dezimalwert)\n" + "-p property Name der zu listenden Eigenschaft\n" +-"-v Detailierte Auflistung\n" ++"-v Detaillierte Auflistung\n" + "-c Kanonische Ausgabe, für die Verwendung mit nwbpadd\n" + "\n" + +@@ -3629,7 +3629,7 @@ msgstr "" + " über dessen Inhalt\n" + " -l Listet Namespace Informationen\n" + " -e Listet erweiterte Attributinformationen\n" +-" -v Detailiertes Auflistung\n" ++" -v Detailliertes Auflistung\n" + " -f Listet die Datei nutzende Verbindungen\n" + " -p List physikalische Sperren dieser Datei\n" + " -t Technisch - zeigt Werte und ihre Bedeutung\n" +@@ -4532,7 +4532,7 @@ msgstr "" + "-O objectid Objekt-ID\n" + "-o objname Objektname (Typ muß angegeben werden)\n" + "-t type Objekttyp\n" +-"-v Detailierte Auflistung\n" ++"-v Detaillierte Auflistung\n" + "\n" + + #: util/nwtrustee2.c:45 +@@ -4559,7 +4559,7 @@ msgid "" + "\n" + msgstr "" + "\n" +-"-v Detailiert\n" ++"-v Detailliert\n" + "\n" + "Datei- / Verzeichnisliste, die nach Trustees abgesucht wird\n" + "\n" +--- a/sutil/Makefile.in 2005-01-28 04:35:59.000000000 +1100 ++++ b/sutil/Makefile.in 2007-09-16 21:43:16.000000000 +1000 +@@ -53,8 +53,8 @@ install: all + ${INSTALL} -d $(DESTDIR)/sbin + ${INSTALL} -m 4755 $(UTILS) $(DESTDIR)$(bindir) + ifeq ($(USE_KERNEL),1) +- ln -sf ..$(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncp +- ln -sf ..$(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncpfs ++ ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncp ++ ln -sf $(bindir)/ncpmount $(DESTDIR)/sbin/mount.ncpfs + ln -sf ncpumount $(DESTDIR)$(bindir)/ncplogout + endif + +--- a/sutil/ncpm_common.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/sutil/ncpm_common.c 2007-09-16 21:44:54.000000000 +1000 +@@ -85,6 +85,7 @@ + #include <stdio.h> + #include <string.h> + #include <signal.h> ++#include <stddef.h> + #include <pwd.h> + #include <grp.h> + #include <ncp/ext/socket.h> +--- a/util/Makefile.in 2005-01-28 04:35:59.000000000 +1100 ++++ b/util/Makefile.in 2007-09-16 21:43:16.000000000 +1000 +@@ -70,7 +70,7 @@ ifneq ($(SBINUTILS),) + endif + ifeq ($(USE_KERNEL)$(MOUNT2),11) + ifneq ($(sbindir),/sbin) +- ln -sf ..$(sbindir)/nwmsg $(DESTDIR)/sbin/nwmsg ++ ln -sf $(sbindir)/nwmsg $(DESTDIR)/sbin/nwmsg + endif + endif + +--- a/util/nwpjmv.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/util/nwpjmv.c 2007-09-16 21:43:16.000000000 +1000 +@@ -131,7 +131,7 @@ build_command(struct nw_queue *q, struct + char *s = q->command; + char *target_end = target + target_size; + +- static void add_string(const char *str) ++ void add_string(const char *str) + { + int len = strlen(str); + if (target + len + 1 > target_end) +--- a/util/pserver.c 2005-01-28 04:35:59.000000000 +1100 ++++ b/util/pserver.c 2007-09-16 21:43:16.000000000 +1000 +@@ -153,7 +153,7 @@ build_command(struct nw_queue *q, struct + char *s = q->command; + char *target_end = target + target_size; + +- static void add_string(const char *str) ++ void add_string(const char *str) + { + int len = strlen(str); + if (target + len + 1 > target_end) diff --git a/ncpfs/03-multiple_security_issues.patch b/ncpfs/03-multiple_security_issues.patch new file mode 100644 index 000000000..5655712de --- /dev/null +++ b/ncpfs/03-multiple_security_issues.patch @@ -0,0 +1,511 @@ +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572937 + +http://seclists.org/fulldisclosure/2010/Mar/122 + +The ncpmount, ncpumount, and ncplogin utilities, installed as part of the ncpfs +package, contain several vulnerabilities. + +1. ncpmount, ncpumount, and ncplogin are vulnerable to race conditions that +allow a local attacker to unmount arbitrary mountpoints, causing +denial-of-service, or mount Netware shares to arbitrary directories, +potentially leading to root compromise. This issue was formerly assigned +CVE-2009-3297, but has since been re-assigned CVE-2010-0788 to avoid overlap +with related bugs in other packages. + +2. ncpumount is vulnerable to an information disclosure vulnerability that +allows a local attacker to verify the existence of arbitrary files, violating +directory permissions. This issue has been assigned CVE-2010-0790. + +3. ncpmount, ncpumount, and ncplogin create lockfiles insecurely, allowing a +local attacker to leave a stale lockfile at /etc/mtab~, causing other mount +utilities to fail and creating denial-of-service conditions. This issue has +been assigned CVE-2010-0791. + +--- a/sutil/ncplogin.c 2010-03-03 16:18:59.000000000 -0500 ++++ b/sutil/ncplogin.c 2010-03-03 16:17:41.000000000 -0500 +@@ -934,7 +934,9 @@ + NWDSFreeContext(ctx); + /* ncpmap, ncplogin must write in /etc/mtab */ + { ++ block_sigs(); + add_mnt_entry(mount_name, mount_point, info.flags); ++ unblock_sigs(); + } + free(mount_name); + if (info.echo_mnt_pnt) { +--- a/sutil/ncpm_common.c 2010-03-03 16:18:59.000000000 -0500 ++++ b/sutil/ncpm_common.c 2010-03-03 16:17:41.000000000 -0500 +@@ -360,7 +360,7 @@ + #endif + + static inline int ncpm_suser(void) { +- return setreuid(-1, 0); ++ return setresuid(0, 0, myuid); + } + + static int ncpm_normal(void) { +@@ -368,11 +368,31 @@ + int v; + + e = errno; +- v = setreuid(-1, myuid); ++ v = setresuid(myuid, myuid, 0); + errno = e; + return v; + } + ++void block_sigs(void) { ++ ++ sigset_t mask, orig_mask; ++ sigfillset(&mask); ++ ++ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) { ++ errexit(-1, _("Blocking signals failed.\n")); ++ } ++} ++ ++void unblock_sigs(void) { ++ ++ sigset_t mask, orig_mask; ++ sigemptyset(&mask); ++ ++ if (sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) { ++ errexit(-1, _("Un-blocking signals failed.\n")); ++ } ++} ++ + static int proc_ncpm_mount(const char* source, const char* target, const char* filesystem, unsigned long mountflags, const void* data) { + int v; + int e; +@@ -444,7 +464,7 @@ + } + datav2.file_mode = data->file_mode; + datav2.dir_mode = data->dir_mode; +- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav2); ++ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav2); + if (err) + return errno; + return 0; +@@ -508,7 +528,7 @@ + exit(0); /* Should not return from process_connection */ + } + close(pp[0]); +- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav3); ++ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav3); + if (err) { + err = errno; + /* Mount unsuccesful so we have to kill daemon */ +@@ -559,7 +579,7 @@ + sprintf(mountopts, "version=%u,flags=%u,owner=%u,uid=%u,gid=%u,mode=%u,dirmode=%u,timeout=%u,retry=%u,wdogpid=%u,ncpfd=%u,infofd=%u", + NCP_MOUNT_VERSION_V5, ncpflags, data->mounted_uid, data->uid, data->gid, data->file_mode, + data->dir_mode, data->time_out, data->retry_count, wdog_pid, data->ncp_fd, pp[1]); +- err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, mountopts); ++ err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, mountopts); + } else { + err=-1; + } +@@ -577,7 +597,7 @@ + datav4.file_mode = data->file_mode; + datav4.dir_mode = data->dir_mode; + datav4.wdog_pid = wdog_pid; +- err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*)&datav4); ++ err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*)&datav4); + if (err) { + err = errno; + /* Mount unsuccesful so we have to kill daemon */ +@@ -1395,6 +1415,17 @@ + } + #endif /* MOUNT3 */ + ++static int check_name(const char *name) ++{ ++ char *s; ++ for (s = "\n\t\\"; *s; s++) { ++ if (strchr(name, *s)) { ++ return -1; ++ } ++ } ++ return 0; ++} ++ + static const struct smntflags { + unsigned int flag; + const char* name; +@@ -1416,6 +1447,9 @@ + int fd; + FILE* mtab; + ++ if (check_name(mount_name) == -1 || check_name(mpnt) == -1) ++ errexit(107, _("Illegal character in mount entry\n")); ++ + ment.mnt_fsname = mount_name; + ment.mnt_dir = mpnt; + ment.mnt_type = (char*)"ncpfs"; +--- a/sutil/ncpm_common.h 2010-03-03 16:18:59.000000000 -0500 ++++ b/sutil/ncpm_common.h 2010-03-03 16:17:41.000000000 -0500 +@@ -121,6 +121,9 @@ + int proc_aftermount(const struct ncp_mount_info* info, NWCONN_HANDLE* conn); + int proc_ncpm_umount(const char* dir); + ++void block_sigs(void); ++void unblock_sigs(void); ++ + #define UNUSED(x) x __attribute__((unused)) + + #endif /* __NCPM_COMMON_H__ */ +--- a/sutil/ncpmount.c 2010-03-03 16:18:59.000000000 -0500 ++++ b/sutil/ncpmount.c 2010-03-03 16:17:41.000000000 -0500 +@@ -359,11 +359,17 @@ + usage(); + return -1; + } ++ + realpath(argv[optind], mount_point); + +- if (stat(mount_point, &st) == -1) ++ if (chdir(mount_point)) ++ { ++ errexit(31, _("Could not change directory into mount target %s: %s\n"), ++ mount_point, strerror(errno)); ++ } ++ if (stat(".", &st) == -1) + { +- errexit(31, _("Could not find mount point %s: %s\n"), ++ errexit(31, _("Mount point %s does not exist: %s\n"), + mount_point, strerror(errno)); + } + if (mount_ok(&st) != 0) +@@ -714,7 +720,9 @@ + ncp_close(conn); + + if (!opt_n) { ++ block_sigs(); + add_mnt_entry(mount_name, mount_point, info.flags); ++ unblock_sigs(); + } + return 0; + } +--- a/sutil/ncpumount.c 2010-03-03 16:18:59.000000000 -0500 ++++ b/sutil/ncpumount.c 2010-03-03 16:17:41.000000000 -0500 +@@ -70,13 +70,24 @@ + #include <mntent.h> + #include <pwd.h> + ++#include <sched.h> ++ + #include "private/libintl.h" + + #define _(X) X + ++#ifndef MS_REC ++#define MS_REC 16384 ++#endif ++#ifndef MS_SLAVE ++#define MS_SLAVE (1<<19) ++#endif ++ + static char *progname; + static int is_ncplogout = 0; + ++uid_t uid; ++ + static void + usage(void) + { +@@ -117,6 +128,40 @@ + va_end(ap); + } + ++/* Mostly copied from ncpm_common.c */ ++void block_sigs(void) { ++ ++ sigset_t mask, orig_mask; ++ sigfillset(&mask); ++ sigdelset(&mask, SIGALRM); /* Need SIGALRM for ncpumount */ ++ ++ if(setresuid(0, 0, uid) < 0) { ++ eprintf("Failed to raise privileges.\n"); ++ exit(-1); ++ } ++ ++ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) { ++ eprintf("Blocking signals failed.\n"); ++ exit(-1); ++ } ++} ++ ++void unblock_sigs(void) { ++ ++ sigset_t mask, orig_mask; ++ sigemptyset(&mask); ++ ++ if(setresuid(uid, uid, 0) < 0) { ++ eprintf("Failed to drop privileges.\n"); ++ exit(-1); ++ } ++ ++ if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) { ++ eprintf("Un-blocking signals failed.\n"); ++ exit(-1); ++ } ++} ++ + static void alarmSignal(int sig) { + (void)sig; + } +@@ -192,10 +237,13 @@ + if (!numEntries) + return 0; /* don't waste time ! */ + ++ block_sigs(); ++ + while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) { + struct timespec tm; + + if (errno != EEXIST || retries == 0) { ++ unblock_sigs(); + eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno)); + return 1; + } +@@ -206,6 +254,7 @@ + alarm(0); + close(fd); + if (err) { ++ unblock_sigs(); + eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out")); + return 1; + } +@@ -223,26 +272,205 @@ + err = __clearMtab(mount_points, numEntries); + + if ((unlink(MOUNTED "~") == -1) && (err == 0)){ ++ unblock_sigs(); + eprintf(_("Can't remove %s~"), MOUNTED); + return 1; + } ++ unblock_sigs(); + return err; + } + ++ ++int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt) ++{ ++ if (umount(rel_mnt) != 0) { ++ eprintf(_("Could not umount %s: %s\n"), ++ abs_mnt, strerror(errno)); ++ return -1; ++ } ++ return 0; ++} ++ ++ ++static int check_is_mount_child(void *p) ++{ ++ const char **a = p; ++ const char *last = a[0]; ++ const char *mnt = a[1]; ++ int res; ++ const char *procmounts = "/proc/mounts"; ++ int found; ++ FILE *fp; ++ struct mntent *entp; ++ ++ res = mount("", "/", "", MS_SLAVE | MS_REC, NULL); ++ if (res == -1) { ++ eprintf(_("Failed to mark mounts slave: %s\n"), ++ strerror(errno)); ++ return 1; ++ } ++ ++ res = mount(".", "/tmp", "", MS_BIND | MS_REC, NULL); ++ if (res == -1) { ++ eprintf(_("Failed to bind parent to /tmp: %s\n"), ++ strerror(errno)); ++ return 1; ++ } ++ ++ fp = setmntent(procmounts, "r"); ++ if (fp == NULL) { ++ eprintf(_("Failed to open %s: %s\n"), ++ procmounts, strerror(errno)); ++ return 1; ++ } ++ ++ found = 0; ++ while ((entp = getmntent(fp)) != NULL) { ++ if (strncmp(entp->mnt_dir, "/tmp/", 5) == 0 && ++ strcmp(entp->mnt_dir + 5, last) == 0) { ++ found = 1; ++ break; ++ } ++ } ++ endmntent(fp); ++ ++ if (!found) { ++ eprintf(_("%s not mounted\n"), mnt); ++ return 1; ++ } ++ ++ return 0; ++} ++ ++ ++static int check_is_mount(const char *last, const char *mnt) ++{ ++ char buf[131072]; ++ pid_t pid, p; ++ int status; ++ const char *a[2] = { last, mnt }; ++ ++ pid = clone(check_is_mount_child, buf + 65536, CLONE_NEWNS, (void *) a); ++ if (pid == (pid_t) -1) { ++ eprintf(_("Failed to clone namespace: %s\n"), ++ strerror(errno)); ++ return -1; ++ } ++ p = waitpid(pid, &status, __WCLONE); ++ if (p == (pid_t) -1) { ++ eprintf(_("Waitpid failed: %s\n"), ++ strerror(errno)); ++ return -1; ++ } ++ if (!WIFEXITED(status)) { ++ eprintf(_("Child terminated abnormally (status %i)\n"), ++ status); ++ return -1; ++ } ++ if (WEXITSTATUS(status) != 0) ++ return -1; ++ ++ return 0; ++} ++ ++ ++static int chdir_to_parent(char *copy, const char **lastp, int *currdir_fd) ++{ ++ char *tmp; ++ const char *parent; ++ char buf[PATH_MAX]; ++ int res; ++ ++ tmp = strrchr(copy, '/'); ++ if (tmp == NULL || tmp[1] == '\0') { ++ eprintf(_("Internal error: invalid abs path: <%s>\n"), ++ copy); ++ return -1; ++ } ++ if (tmp != copy) { ++ *tmp = '\0'; ++ parent = copy; ++ *lastp = tmp + 1; ++ } else if (tmp[1] != '\0') { ++ *lastp = tmp + 1; ++ parent = "/"; ++ } else { ++ *lastp = "."; ++ parent = "/"; ++ } ++ *currdir_fd = open(".", O_RDONLY); ++ if (*currdir_fd == -1) { ++ eprintf(_("Failed to open current directory: %s\n"), ++ strerror(errno)); ++ return -1; ++ } ++ res = chdir(parent); ++ if (res == -1) { ++ eprintf(_("Failed to chdir to %s: %s\n"), ++ parent, strerror(errno)); ++ return -1; ++ } ++ if (getcwd(buf, sizeof(buf)) == NULL) { ++ eprintf(_("Failed to obtain current directory: %s\n"), ++ strerror(errno)); ++ return -1; ++ } ++ if (strcmp(buf, parent) != 0) { ++ eprintf(_("Mountpoint moved (%s -> %s)\n"), ++ parent, buf); ++ return -1; ++ ++ } ++ ++ return 0; ++} ++ ++ ++static int unmount_ncp(const char *mount_point) ++{ ++ int currdir_fd = -1; ++ char *copy; ++ const char *last; ++ int res; ++ ++ copy = strdup(mount_point); ++ if (copy == NULL) { ++ eprintf(_("Failed to allocate memory\n")); ++ return -1; ++ } ++ res = chdir_to_parent(copy, &last, &currdir_fd); ++ if (res == -1) ++ goto out; ++ res = check_is_mount(last, mount_point); ++ if (res == -1) ++ goto out; ++ res = ncp_mnt_umount(mount_point, last); ++ ++out: ++ free(copy); ++ if (currdir_fd != -1) { ++ fchdir(currdir_fd); ++ close(currdir_fd); ++ } ++ ++ return res; ++} ++ + static int + do_umount(const char *mount_point) + { + int fid = open(mount_point, O_RDONLY, 0); + uid_t mount_uid; ++ int res; + + if (fid == -1) { +- eprintf(_("Could not open %s: %s\n"), +- mount_point, strerror(errno)); ++ eprintf(_("Invalid or unauthorized mountpoint %s\n"), ++ mount_point); + return -1; + } + if (ncp_get_mount_uid(fid, &mount_uid) != 0) { + close(fid); +- eprintf(_("%s probably not ncp-filesystem\n"), ++ eprintf(_("Invalid or unauthorized mountpoint %s\n"), + mount_point); + return -1; + } +@@ -253,12 +481,8 @@ + return -1; + } + close(fid); +- if (umount(mount_point) != 0) { +- eprintf(_("Could not umount %s: %s\n"), +- mount_point, strerror(errno)); +- return -1; +- } +- return 0; ++ res = unmount_ncp(mount_point); ++ return res; + } + + +@@ -409,7 +633,8 @@ + int allConns = 0; + const char *serverName = NULL; + const char *treeName = NULL; +- uid_t uid = getuid(); ++ ++ uid = getuid(); + + progname = strrchr(argv[0], '/'); + if (progname) { diff --git a/ncpfs/04-drop-mtab-support.patch b/ncpfs/04-drop-mtab-support.patch new file mode 100644 index 000000000..28d797788 --- /dev/null +++ b/ncpfs/04-drop-mtab-support.patch @@ -0,0 +1,268 @@ +Description: Drop all mtab writes +Author: Bastian Blank <waldi@debian.org> +Bug-Debian: http://bugs.debian.org/692470 + +--- ncpfs-2.2.6.orig/sutil/ncpm_common.h ++++ ncpfs-2.2.6/sutil/ncpm_common.h +@@ -60,7 +60,6 @@ void verify_argv(int argc, char* argv[]) + int ncp_mount_specific(struct ncp_conn* conn, int pathNS, const unsigned char* NWpath, int pathlen); + int mount_ok(struct stat *st); + void mycom_err(int, const char*, ...); +-void add_mnt_entry(char* mount_name, char* mpoint, unsigned long flags); + + struct ncp_mount_info { + struct ncp_mount_data_independent mdata; +--- ncpfs-2.2.6.orig/sutil/ncpm_common.c ++++ ncpfs-2.2.6/sutil/ncpm_common.c +@@ -104,7 +104,6 @@ + #include <stdlib.h> + #include <stdarg.h> + #include <sys/mount.h> +-#include <mntent.h> + #include <ncp/kernel/ipx.h> + #include <sys/ioctl.h> + #if MOUNT3 +@@ -1440,68 +1439,6 @@ static const struct smntflags { + {MS_NODIRATIME, "nodiratime"}, + {0, NULL}}; + +-void add_mnt_entry(char* mount_name, char* mpnt, unsigned long flags) { +- const struct smntflags* sf; +- char mnt_opts[80]; +- char* p; +- struct mntent ment; +- int fd; +- FILE* mtab; +- +- if (check_name(mount_name) == -1 || check_name(mpnt) == -1) +- errexit(107, _("Illegal character in mount entry\n")); +- +- ment.mnt_fsname = mount_name; +- ment.mnt_dir = mpnt; +- ment.mnt_type = (char*)"ncpfs"; +- ment.mnt_opts = mnt_opts; +- ment.mnt_freq = 0; +- ment.mnt_passno = 0; +- +- p = mnt_opts; +- *p++ = 'r'; +- *p++ = (flags & MS_RDONLY)?'o':'w'; +- for (sf = mntflags; sf->flag; sf++) { +- if (flags & sf->flag) { +- *p++ = ','; +- strcpy(p, sf->name); +- p += strlen(p); +- } +- } +- *p = 0; +- +- if (ncpm_suser()) { +- errexit(91, _("Cannot switch to superuser: %s\n"), strerror(errno)); +- } +- if ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) +- { +- errexit(58, _("Can't get %s~ lock file\n"), MOUNTED); +- } +- close(fd); +- +- if ((mtab = setmntent(MOUNTED, "a+")) == NULL) +- { +- errexit(59, _("Can't open %s\n"), MOUNTED); +- } +- if (addmntent(mtab, &ment) == 1) +- { +- errexit(60, _("Can't write mount entry\n")); +- } +- if (fchmod(fileno(mtab), 0644) == -1) +- { +- errexit(61, _("Can't set perms on %s\n"), MOUNTED); +- } +- endmntent(mtab); +- +- if (unlink(MOUNTED "~") == -1) +- { +- errexit(62, _("Can't remove %s~\n"), MOUNTED); +- } +- if (ncpm_normal()) { +- errexit(90, _("Cannot relinquish superuser rights: %s\n"), strerror(EPERM)); +- } +-} +- + static int __proc_option(const struct optinfo* opts, struct ncp_mount_info* info, const char* opt, const char* param) { + const struct optinfo* optr; + +--- ncpfs-2.2.6.orig/sutil/ncpmount.c ++++ ncpfs-2.2.6/sutil/ncpmount.c +@@ -114,7 +114,6 @@ + #include <stdlib.h> + #include <stdarg.h> + #include <sys/mount.h> +-#include <mntent.h> + #include <ncp/kernel/ipx.h> + #include <ncp/nwclient.h> + #include <sys/ioctl.h> +@@ -719,11 +718,6 @@ ncpipx:; + } + ncp_close(conn); + +- if (!opt_n) { +- block_sigs(); +- add_mnt_entry(mount_name, mount_point, info.flags); +- unblock_sigs(); +- } + return 0; + } + +--- ncpfs-2.2.6.orig/sutil/ncplogin.c ++++ ncpfs-2.2.6/sutil/ncplogin.c +@@ -111,7 +111,6 @@ + #include <stdlib.h> + #include <stdarg.h> + #include <sys/mount.h> +-#include <mntent.h> + #include <ncp/kernel/ipx.h> + #include <sys/ioctl.h> + #ifdef CONFIG_NATIVE_UNIX +@@ -932,12 +931,6 @@ ncpipx:; + } + NWCCCloseConn(conn); + NWDSFreeContext(ctx); +- /* ncpmap, ncplogin must write in /etc/mtab */ +- { +- block_sigs(); +- add_mnt_entry(mount_name, mount_point, info.flags); +- unblock_sigs(); +- } + free(mount_name); + if (info.echo_mnt_pnt) { + printf(_("mounted on:%s\n"),mount_point); +--- ncpfs-2.2.6.orig/sutil/ncpumount.c ++++ ncpfs-2.2.6/sutil/ncpumount.c +@@ -186,108 +186,6 @@ static void enableAlarm(void) { + sigprocmask(SIG_UNBLOCK, &sa.sa_mask, NULL); + } + +-static int __clearMtab (const char* mount_points[], unsigned int numEntries) { +-// main logic from ncpumount.c +- struct mntent *mnt; +- FILE *mtab; +- FILE *new_mtab; +- +-#define MOUNTED_TMP MOUNTED".tmp" +- +- if ((mtab = setmntent(MOUNTED, "r")) == NULL){ +- eprintf(_("Can't open %s: %s\n"), MOUNTED, +- strerror(errno)); +- return 1; +- } +- +- if ((new_mtab = setmntent(MOUNTED_TMP, "w")) == NULL){ +- eprintf(_("Can't open %s: %s\n"), MOUNTED_TMP, +- strerror(errno)); +- endmntent(mtab); +- return 1; +- } +- while ((mnt = getmntent(mtab)) != NULL) { +- unsigned int i=0; +- int found=0; +- +- while (i<numEntries && !found) { +- found=!strcmp(mnt->mnt_dir, mount_points[i]); +- i++; +- } +- if (!found) { +- addmntent(new_mtab, mnt); +- } +- } +- +- endmntent(mtab); +- +- if (fchmod(fileno(new_mtab), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) < 0){ +- eprintf(_("Error changing mode of %s: %s\n"), +- MOUNTED_TMP, strerror(errno)); +- return 1; +- } +- endmntent(new_mtab); +- +- if (rename(MOUNTED_TMP, MOUNTED) < 0){ +- eprintf(_("Cannot rename %s to %s: %s\n"), +- MOUNTED, MOUNTED_TMP, strerror(errno)); +- return 1; +- } +- return 0; +-} +- +-static int clearMtab (const char* mount_points[], unsigned int numEntries) { +- int fd; +- int err; +- int retries = 10; +- +- if (!numEntries) +- return 0; /* don't waste time ! */ +- +- block_sigs(); +- +- while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) { +- struct timespec tm; +- +- if (errno != EEXIST || retries == 0) { +- unblock_sigs(); +- eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno)); +- return 1; +- } +- fd = open(MOUNTED "~", O_RDWR); +- if (fd != -1) { +- alarm(10); +- err = lockf(fd, F_LOCK, 0); +- alarm(0); +- close(fd); +- if (err) { +- unblock_sigs(); +- eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out")); +- return 1; +- } +- tm.tv_sec = 0; +- tm.tv_nsec = 20000000; +- nanosleep(&tm, NULL); +- } +- retries--; +- } +- alarm(1); +- lockf(fd, F_LOCK, 0); +- alarm(0); +- close(fd); +- +- err = __clearMtab(mount_points, numEntries); +- +- if ((unlink(MOUNTED "~") == -1) && (err == 0)){ +- unblock_sigs(); +- eprintf(_("Can't remove %s~"), MOUNTED); +- return 1; +- } +- unblock_sigs(); +- return err; +-} +- +- + int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt) + { + if (umount(rel_mnt) != 0) { +@@ -629,10 +527,6 @@ static int old_ncpumount(int argc, char + ret = 1; + continue; + } +- if (clearMtab(&mount_point, 1)) { +- ret = 1; +- continue; +- } + } + return ret; + } +@@ -751,7 +645,6 @@ main(int argc, char *argv[]) + if (serverName || allConns) { + processBindServers(conns,curEntries,serverName,umountTable,&mountEntries); + } +- clearMtab(umountTable, mountEntries); + } else if (treeName) { + eprintf(_("No NCP connections to tree %s.\n"),treeName); + } else if (serverName) { diff --git a/ncpfs/05-ldflags.patch b/ncpfs/05-ldflags.patch new file mode 100644 index 000000000..77ba4fc9c --- /dev/null +++ b/ncpfs/05-ldflags.patch @@ -0,0 +1,77 @@ +Description: Add usage of LDFLAGS +Author: Bastian Blank <waldi@debian.org> + +--- ncpfs-2.2.6.orig/Make.rules.in ++++ ncpfs-2.2.6/Make.rules.in +@@ -43,6 +43,8 @@ CFLAGS_DEFINES := -DN_PLAT_LINUX -DLOCAL + + CCFLAGS := $(CFLAGS_DEFINES) $(CFLAGS_OPTIONS) $(INCLUDES) + ++LDFLAGS := @LDFLAGS@ ++ + # If your system is ELF, either also do a 'make install', or append the util/ + # directory where the dynamic library resides to the environment + # variable LD_LIBRARY_PATH +--- ncpfs-2.2.6.orig/sutil/Makefile.in ++++ ncpfs-2.2.6/sutil/Makefile.in +@@ -85,7 +85,7 @@ ncpm_common.d mount_login.d: %.d: %.c + [ -s $@ ] || rm -f $@ + + $(UTILS): %: %.o ../lib/libncp.a ncpm_common.o mount_login.o +- $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS_$@) ../lib/libncp.a ${LIBS} ++ $(CC) @GC_SECTIONS@-o $@ $(addsuffix .o,$@) $(LDFLAGS_$@) $(LDFLAGS) ../lib/libncp.a ${LIBS} + + ../lib/libncp.a: + make -C ../lib libncp.a +--- ncpfs-2.2.6.orig/ipx-1.0/Makefile.in ++++ ncpfs-2.2.6/ipx-1.0/Makefile.in +@@ -33,10 +33,10 @@ $(ALL_OBJECTS): %.o: %.c + [ -s $@ ] || rm -f $@ + + $(UTIIPX): %: %.o ipxutil.o +- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS} ++ $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o $(LDFLAGS) ${LIBS} + + $(UTILS): %: %.o +- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ${LIBS} ++ $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(LDFLAGS) ${LIBS} + + $(MAN8GZ): %.gz: % + gzip -9 -c $< >$@ +--- ncpfs-2.2.6.orig/util/Makefile.in ++++ ncpfs-2.2.6/util/Makefile.in +@@ -94,10 +94,10 @@ $(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER) + pqstat nwpqjob nprint: dsqueue.o + + $(UTILS): %: %.o $(LIBDEP) +- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR) -lncp ${LIBS} ++ $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) $(LDFLAGS) -L$(NCPLIB_DIR) -lncp ${LIBS} + + ipx_probe: ipx_probe.c +- $(CC) $(CFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS} ++ $(CC) $(CFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c $(LDFLAGS) ${LIBS} + + dep: + +--- ncpfs-2.2.6.orig/lib/Makefile.in ++++ ncpfs-2.2.6/lib/Makefile.in +@@ -122,7 +122,7 @@ $(SHARED_NCPLIB): $(SHARED_NCPLIB_BIN) + ln -sf $< $@ + + $(SHARED_NCPLIB_BIN): $(SHARED_O_OBJ) ${this_srcdir}/libncp.vers +- $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(SHARED_VLINK) $(SHARED_O_OBJ) ${LIBS} -lc ++ $(CC) -shared -o $@ -Wl,-soname=$(SHARED_NCPLIB_SONAME) $(SHARED_VLINK) $(SHARED_O_OBJ) $(LDFLAGS) ${LIBS} -lc + + install_static: $(STATIC_NCPLIB_BIN) + $(INSTALL) -d $(DESTDIR)$(libadir) +--- ncpfs-2.2.6.orig/ipxdump/Makefile.in ++++ ncpfs-2.2.6/ipxdump/Makefile.in +@@ -24,7 +24,7 @@ install: $(EXEC) + ifeq ($(ncp_if_ether_support),yes) + + $(EXEC): %: %.o $(OBJECTS) +- $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS) ++ $(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) $(LDFLAGS) $(OBJECTS) + + else + .PHONY ipxdump ipxparse diff --git a/ncpfs/06-makefile-remove-generated.patch b/ncpfs/06-makefile-remove-generated.patch new file mode 100644 index 000000000..547210100 --- /dev/null +++ b/ncpfs/06-makefile-remove-generated.patch @@ -0,0 +1,14 @@ +Description: Remove another generated file +Author: Bastian Blank <waldi@debian.org> +Bug-Debian: http://bugs.debian.org/692471 + +--- ncpfs-2.2.6.orig/Makefile.in ++++ ncpfs-2.2.6/Makefile.in +@@ -71,6 +71,7 @@ distclean: + rm -f intl/Makefile po/Makefile po/Makefile.in + rm -f lib/Makefile man/Makefile sutil/Makefile util/Makefile + rm -f include/config.h ++ rm -f include/private/libncp-atomic.h + rm -f include/ncp/ext/socket.h include/ncp/ext/stdint.h + rm -f include/ncp/kernel/fs.h + rm -f include/ncp/kernel/if.h include/ncp/kernel/route.h include/ncp/kernel/types.h diff --git a/ncpfs/PKGBUILD b/ncpfs/PKGBUILD new file mode 100644 index 000000000..20316651b --- /dev/null +++ b/ncpfs/PKGBUILD @@ -0,0 +1,80 @@ +# Contributor: Sergej Pupykin <pupykin.s+arch@gmail.com> +# Contributor: dsa <dsa@unilestemg.br> +# Contributor: gerbra <gerbra@derbrauer.homelinux.net> +# Contributor: Joker-jar <joker-jar@yandex.ru> +# Contributor: josephgbr <rafael.f.f1@gmail.com> +# Maintainer: Erich Eckner <arch at eckner dot net> + +pkgname=ncpfs +pkgver=2.2.6 +pkgrel=11 +pkgdesc="Utilities to use resources from Novell NetWare servers" +url="http://www.novell.com/" +arch=('i686' 'x86_64') +license=('GPL') +depends=('linux' 'pam') +_url="http://ftp.de.debian.org/debian/pool/main/n/$pkgname" +source=("${_url}/${pkgname}_${pkgver}.orig.tar.gz" + '01-linux3.0_uname.patch' + '02-legacy.patch' + '03-multiple_security_issues.patch' + '04-drop-mtab-support.patch' + '05-ldflags.patch' + '06-makefile-remove-generated.patch') +md5sums=('a9ab9f135d504440202069393dd9eb36' + 'e3e3c7c148fff31162175af02f8111a7' + '20e438bdd8c141b4b604aaf30a3f5f4a' + '4b0de0263d1d4b91b3520d2eb0cda3a8' + '5ab557986d02c2cf26f10db42ffb9f02' + '52fce52a2ccd0dd27cf100ff277d273e' + '660e851a1f6ab6e9f5464006de844b7e') + +# USERS: set this to 1 to enable PHP support +_with_php=0 +if [ $_with_php -eq 1 ]; then + makedepends=('php') + optdepends=('php: PHP NCP authentication support') +fi + +prepare() { + cd $pkgname-$pkgver + patch -p1 -i "$srcdir"/01-linux3.0_uname.patch + patch -p1 -i "$srcdir"/02-legacy.patch + patch -p1 -i "$srcdir"/03-multiple_security_issues.patch + patch -p1 -i "$srcdir"/04-drop-mtab-support.patch + patch -p1 -i "$srcdir"/05-ldflags.patch + patch -p1 -i "$srcdir"/06-makefile-remove-generated.patch + # set to use sbindir variable, instead of hardcoded sbin dir + sed -i 's/sbin/$(sbindir)/' sutil/Makefile.in + # eliminate warning of deprecation of _BSD_SOURCE in favor of _DEFAULT_SOURCE + sed -i 's/_BSD_SOURCE/_DEFAULT_SOURCE/' contrib/pam/pam_ncp_auth.c +} + +build() { + cd $pkgname-$pkgver + + # libs should go /usr/lib + export ncp_cv_pam_directory='/usr/lib/security' + + if [ $_with_php -eq 1 ]; then + ./configure --prefix=/usr --sbindir=/usr/bin --mandir=/usr/share/man + sed 's/function_entry/zend_function_entry/' -i contrib/php/php_auth_nds.c + else + ./configure --prefix=/usr --sbindir=/usr/bin --mandir=/usr/share/man --disable-php + fi + + make +} + +package() { + cd $pkgname-$pkgver + make DESTDIR="$pkgdir" install install-dev + # fix symlinks for libncp.so.2.3.0 + rm "$pkgdir"/usr/lib/libncp.so + ln -s libncp.so.2.3.0 "$pkgdir"/usr/lib/libncp.so + ln -s libncp.so.2.3.0 "$pkgdir"/usr/lib/libncp.so.2.3 + # fix symlinks for ncpmount + rm "$pkgdir"/usr/bin/mount.{ncp,ncpfs} + ln -s ncpmount "$pkgdir"/usr/bin/mount.ncp + ln -s ncpmount "$pkgdir"/usr/bin/mount.ncpfs +} |