Import of pkgsrc-2013Q2

2013-09-26 17:14:40 +02:00
commit 785076ae39
74991 changed files with 4380255 additions and 0 deletions
--- a/security/nfsbug/DESCR
+++ b/security/nfsbug/DESCR
@@ -0,0 +1,10 @@
+This package consists of two parts, of which the first one ("nfsbug")
+verifies a given NFS-server for known bugs like world wide exportable
+file systems, determine whether the export list really works,
+determine whether we can mount file systems through the portmapper,
+try to guess file handles, excercise the mknod bug, and the uid
+masking bug.
+
+The second program ("nfsshell") is included for demonstration purpose
+to display the named deficiencies by offering a shell-like interface
+to access NFS file systems.
--- a/security/nfsbug/Makefile
+++ b/security/nfsbug/Makefile
@@ -0,0 +1,32 @@
+# $NetBSD: Makefile,v 1.22 2012/10/23 18:16:37 asau Exp $
+
+DISTNAME=	nfsshell-1.0
+PKGREVISION=	1
+CATEGORIES=	net security
+MASTER_SITES=	http://www.asmodeus.com/archive/Xnix/
+DISTFILES=	nfsBugFerret.tgz \
+		nfsShell.c
+
+MAINTAINER=	pkgsrc-users@NetBSD.org
+COMMENT=	NFS security verification suite
+
+ONLY_FOR_PLATFORM=	DragonFly-*-* FreeBSD-*-* NetBSD-*-* OpenBSD-*-* Darwin-*-* HPUX-*-*
+
+EXTRACT_ONLY=	nfsBugFerret.tgz
+WRKSRC=		${WRKDIR}/nfsbug
+
+SUBST_CLASSES+=		getline
+SUBST_STAGE.getline=	pre-configure
+SUBST_FILES.getline=	nfsshell.c
+SUBST_SED.getline+=	-e 's|getline|nfsbug_getline|g'
+
+INSTALLATION_DIRS=	bin
+
+post-extract:
+	${CP} ${DISTDIR}/nfsShell.c ${WRKSRC}/nfsshell.c
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/nfsbug ${DESTDIR}${PREFIX}/bin
+	${INSTALL_PROGRAM} ${WRKSRC}/nfsshell ${DESTDIR}${PREFIX}/bin
+
+.include "../../mk/bsd.pkg.mk"
--- a/security/nfsbug/PLIST
+++ b/security/nfsbug/PLIST
@@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.1 2001/11/01 01:17:03 zuntum Exp $
+bin/nfsbug
+bin/nfsshell
--- a/security/nfsbug/distinfo
+++ b/security/nfsbug/distinfo
@@ -0,0 +1,11 @@
+$NetBSD: distinfo,v 1.8 2007/01/03 03:31:54 minskim Exp $
+
+SHA1 (nfsBugFerret.tgz) = 6b0b2d25fadd3156cf0f8851d72b6d6070dc528c
+RMD160 (nfsBugFerret.tgz) = e238e0a892bb8e46969278687ce6ec1944ae24c8
+Size (nfsBugFerret.tgz) = 12446 bytes
+SHA1 (nfsShell.c) = 195b76e2faa069e607c6a8991c835f5482f0911f
+RMD160 (nfsShell.c) = 340454d35e6e67b87255cba7437186639f16cfa5
+Size (nfsShell.c) = 47258 bytes
+SHA1 (patch-aa) = b28b48831632d2ffe8e103589c9fbf5b3e840d02
+SHA1 (patch-ab) = 9848a6b64eb5aa9279f913292795e8bc10fc7799
+SHA1 (patch-ac) = 8beb4759a385252700aabcee9f6cd0d585bf5274
--- a/security/nfsbug/patches/patch-aa
+++ b/security/nfsbug/patches/patch-aa
@@ -0,0 +1,43 @@
+$NetBSD: patch-aa,v 1.4 2004/02/22 19:30:52 jlam Exp $
+
+--- Makefile.orig	Fri Feb 17 00:57:26 1995
+++ Makefile	Thu May 10 17:41:10 2001
+@@ -1,14 +1,25 @@
+-CC=cc
+-#CFLAGS=-g -I. -DSVR4
+CC=gcc
+CFLAGS+=-O2 -I.
+#CFLAGS=-ggdb -I. -DSVR4 -w
+ #LIBS=-lsocket -lnsl -L/usr/ucblib -lucb -lresolv
+-CFLAGS=-ggdb -I.
+#LIBS=-lsocket -lnsl -lresolv
+#CFLAGS=-ggdb -I.
+ LIBS=
+ NFSBUG_SOURCES=mount_clnt.c mount_xdr.c nfs_prot_clnt.c nfs_prot_xdr.c nfsbug.c
+ NFSBUG_OBJECTS=mount_clnt.o mount_xdr.o nfs_prot_clnt.o nfs_prot_xdr.o nfsbug.o
+NFSSHELL_SOURCES=nfsshell.c nfs_prot_clnt.c nfs_prot_xdr.c mount_clnt.c mount_xdr.c
+NFSSHELL_OBJECTS=nfsshell.o nfs_prot_clnt.o nfs_prot_xdr.o mount_clnt.o mount_xdr.o
+ RPCGEN_MOUNT= mount.h mount_clnt.c mount_svc.c mount_xdr.c
+ RPCGEN_NFS_PROT= nfs_prot.h nfs_prot_clnt.c nfs_prot_svc.c nfs_prot_xdr.c
+ 
+all: nfsbug nfsshell
+
+nfsshell: ${NFSSHELL_OBJECTS}
+	$(CC) ${CFLAGS} -o nfsshell $(NFSSHELL_OBJECTS) $(LIBS)
+
+${NFSSHELL_OBJECTS}: ${NFSSHELL_SOURCES}
+
+ nfsbug:	$(NFSBUG_OBJECTS)
+-	$(CC) -g -o nfsbug $(NFSBUG_OBJECTS) $(LIBS)
+	$(CC) ${CFLAGS} -o nfsbug $(NFSBUG_OBJECTS) $(LIBS)
+ 
+ lint:	$(NFSBUG_SOURCES)
+@@ -17,5 +28,6 @@
+ clean:
+ 	rm -f nfsbug $(NFSBUG_OBJECTS) $(RPCGEN_MOUNT) $(RPCGEN_NFS_PROT) core
+	rm -f ${NFSSHELL_OBJECTS}
+ 
+-$(RPCGEN_MOUNT):; rpcgen mount.x
+-$(RPCGEN_NFS_PROT):; rpcgen nfs_prot.x
+$(RPCGEN_MOUNT):; rpcgen -C mount.x
+$(RPCGEN_NFS_PROT):; rpcgen -C nfs_prot.x
--- a/security/nfsbug/patches/patch-ab
+++ b/security/nfsbug/patches/patch-ab
@@ -0,0 +1,143 @@
+$NetBSD: patch-ab,v 1.3 2007/01/03 03:31:54 minskim Exp $
+
+--- nfsshell.c.orig	2007-01-02 19:29:27.000000000 -0800
+++ nfsshell.c
+@@ -1,3 +1,4 @@
+/* URL: http://www.asmodeus.com/archive/Xnix/nfsShell */
+ /*
+  * Copyright, 1991, 1992, by Leendert van Doorn (leendert@cs.vu.nl)
+  *
+@@ -21,14 +22,21 @@
+ #include <sys/ioctl.h>
+ #include <sys/socket.h>
+ #include <sys/vnode.h>
+-#include <sys/vfs.h>
+/* #include <sys/vfs.h> *//*HF*/
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+ #include <sys/time.h>
+-#include <ufs/inode.h>
+#include <ufs/ufs/dinode.h> /*HF: NetBSD*/
+/* #include <sys/fs/ufs_inode.h> *//*HF: Solaris*/
+#include <sys/filio.h>
+ #include "mount.h"
+ #include "nfs_prot.h"
+ 
+int getline(char *buf, int bufsize, int *argc, char **argv, int argvsize);
+AUTH * MYauthunix_create_default(uid, gid);
+static int determine_transfersize();
+
+
+ /*
+  * Fundamental constants
+  */
+@@ -284,8 +292,11 @@ getline(buf, bufsize, argc, argv, argvsi
+     register char *p;
+ 
+     if (interact) printf("nfs> ");
+-    if (fgets(buf, bufsize, stdin) == NULL)
+    if (fgets(buf, bufsize, stdin) == NULL){ 
+	perror("fgets");
+	fprintf(stderr,"EOF?!\n");
+ 	return 0;
+    }
+     *argc = 0;
+     for (p = buf; *p == ' ' || *p == '\t'; p++)
+ 	/* skip white spaces */;
+@@ -340,7 +351,7 @@ do_setid(var, argc, argv)
+     *var = argc == 2 ? atoi(argv[1]) : -2;
+     if (nfsclient && nfsclient->cl_auth) {
+ 	auth_destroy(nfsclient->cl_auth);
+-	nfsclient->cl_auth = authunix_create_default(uid, gid);
+	nfsclient->cl_auth = MYauthunix_create_default(uid, gid);
+     }
+ }
+ 
+@@ -509,8 +520,7 @@ do_ls(argc, argv)
+ /*
+  * Print long listing of a files, much in the way ``ls -l'' does
+  */
+-printfilestatus(name)
+-    char *name;
+printfilestatus(char *name)
+ {
+     diropargs args;
+     diropres *res;
+@@ -1160,7 +1170,7 @@ do_handle(argc, argv)
+         return 0;
+     }
+     clnt_control(nfsclient, CLSET_TIMEOUT, &timeout);
+-    nfsclient->cl_auth = authunix_create_default(uid, gid);
+    nfsclient->cl_auth = MYauthunix_create_default(uid, gid);
+ 
+     /* provide some generic name for it */
+     if ((mountpath = malloc(8 + 1)) == NULL) {
+@@ -1235,7 +1245,7 @@ do_mroot(var, argc, argv)
+     *var = 0x00100000;
+     if (nfsclient && nfsclient->cl_auth) {
+ 	auth_destroy(nfsclient->cl_auth);
+-	nfsclient->cl_auth = authunix_create_default(uid, gid);
+	nfsclient->cl_auth = MYauthunix_create_default(uid, gid);
+     }
+ /*
+  * Put in some type of code here
+@@ -1493,7 +1503,7 @@ open_mount(host)
+         return 0;
+     }
+     clnt_control(mntclient, CLSET_TIMEOUT, &timeout);
+-    mntclient->cl_auth = authunix_create_default(0, 0);
+    mntclient->cl_auth = MYauthunix_create_default(0, 0);
+     if (verbose)
+ 	printf("Open %s (%s)\n",
+ 	    remotehost, inet_ntoa(server_addr.sin_addr));
+@@ -1540,7 +1550,7 @@ open_nfs(path, umount, portmap)
+         return 0;
+     }
+     clnt_control(nfsclient, CLSET_TIMEOUT, &timeout);
+-    nfsclient->cl_auth = authunix_create_default(uid, gid);
+    nfsclient->cl_auth = MYauthunix_create_default(uid, gid);
+ 
+     /*
+      * Get file handle for this path from the mount daemon. There
+@@ -1634,7 +1644,7 @@ privileged()
+ 	return RPC_ANYSOCK;
+     for (;;) {
+ 	sin.sin_port = htons((u_short)lport);
+-	if (bind(s, (caddr_t)&sin, sizeof (sin), 0) >= 0) {
+	if (bind(s, (caddr_t)&sin, sizeof (sin)/*, 0*//*HF*/) >= 0) {
+ 	    (void)ioctl(s, FIONBIO, (char *) &dontblock);
+ 	    if (verbose)
+ 		fprintf(stderr, "Using a privileged port (%d)\n", lport);
+@@ -1672,14 +1682,14 @@ close_nfs()
+  * syscalls.
+  */
+ AUTH *
+-authunix_create_default(uid, gid)
+MYauthunix_create_default(uid, gid)
+     int uid, gid;
+ {
+     char machname[MAX_MACHINE_NAME + 1];
+     int gids[1];
+ 
+     if (gethostname(machname, MAX_MACHINE_NAME) == -1) {
+-	fprintf(stderr, "authunix_create_default: cannot get hostname\n");
+	fprintf(stderr, "MYauthunix_create_default: cannot get hostname\n");
+ 	exit(1);
+     }
+     machname[MAX_MACHINE_NAME] = 0;
+@@ -1858,8 +1868,7 @@ umatchpattern(s, p)
+  * NFS errors
+  */
+ char *
+-nfs_error(nfsstat)
+-    enum nfsstat nfsstat;
+nfs_error(enum nfsstat nfsstat)
+ {
+     switch (nfsstat) {
+     case NFS_OK:
+@@ -1903,4 +1912,3 @@ nfs_error(nfsstat)
+     }
+ }
+ 
+-
+\ No newline at end of file
--- a/security/nfsbug/patches/patch-ac
+++ b/security/nfsbug/patches/patch-ac
@@ -0,0 +1,58 @@
+$NetBSD: patch-ac,v 1.6 2007/01/03 03:26:31 minskim Exp $
+
+--- nfsbug.c.orig	1995-02-16 21:57:27.000000000 -0800
+++ nfsbug.c
+@@ -14,6 +14,7 @@
+  *	- close sockets (?)
+  */
+ #include <stdio.h>
+#include <string.h>
+ #include <ctype.h>
+ #include <netdb.h>
+ #include <errno.h>
+@@ -25,18 +26,24 @@
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+-#include <sys/sysmacros.h>
+ #include <sys/time.h>
+ #include <sys/vnode.h>
+-#include <sys/vfs.h>
+-#include <sys/sysmacros.h>
+#include <sys/mount.h>
+ #ifdef SVR4
+ #include <sys/inode.h>
+ #else
+ #ifndef HPUX
+#if defined(__NetBSD__) || defined(__APPLE__)
+#include <ufs/ufs/dinode.h>
+#  if __NetBSD_Version__ >= 200040000
+     /* at some point, fsid_t's "val" member was renamed to __fsid_val - HF */
+#    define val __fsid_val
+#  endif
+#else
+ #include <ufs/inode.h>
+ #endif
+ #endif
+#endif
+ 
+ #include "mount.h"
+ #include "nfs_prot.h"
+@@ -240,7 +247,7 @@ nfsbug(host)
+     } else
+ 	proto = "TCP/IP";
+ 
+-    clnt_control(mntclient, CLSET_TIMEOUT, &timeout);
+    clnt_control(mntclient, CLSET_TIMEOUT, (char *)&timeout);
+     mntclient->cl_auth = create_unix_auth(0, 0);
+     if (mntclient->cl_auth == NULL) {
+ 	clnt_destroy(mntclient);
+@@ -277,7 +284,7 @@ nfsbug(host)
+     } else
+ 	proto = "TCP/IP";
+ 
+-    clnt_control(nfsclient, CLSET_TIMEOUT, &timeout);
+    clnt_control(nfsclient, CLSET_TIMEOUT, (char *)&timeout);
+     nfsclient->cl_auth = create_unix_auth(-2, -2); /* well known uid, gid */
+     if (nfsclient->cl_auth == NULL) {
+ 	clnt_destroy(nfsclient);