Codebase list cfingerd / 8e7072f
Import old diff in quilt format Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com> Sudip Mukherjee 4 years ago
2 changed file(s) with 960 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+959
-0
debian/patches/import_diff.patch less more
0 Description: Import old diff in quilt format
1
2 ---
3
4 --- cfingerd-1.4.3.orig/CREDITS
5 +++ cfingerd-1.4.3/CREDITS
6 @@ -48,7 +48,7 @@ Dan Hollis <root@sasami.anime.net>
7 - Shadow password testing
8 - Secure (NOBODY PATCH) finger help
9
10 -cc@spork.neonexus.com
11 +David Muench <cc@spork.neonexus.com>
12 - Finger forwarding idea
13
14 Rich Salz <rsalz@uunet.net>
15 @@ -76,3 +76,13 @@ Tadek Knapik <tadek@nautilus.uwoj.krakow
16
17 Alexey M. Zelkin <phantom@cris.net>
18 - Support for FreeBSD
19 +
20 +Kevin Rosenberg <kevin@cyberport.com>
21 + - Get UTMP file entries for BSD compatibility
22 +
23 +Thomas Koenig <ig25@rz.uni-karlsruhe.de>
24 + - Management of e?uid switching
25 +
26 +Lars Mathiesen <thorinn@diku.dk>
27 + - ABORT code for wildmat
28 +
29 --- cfingerd-1.4.3.orig/Configure
30 +++ cfingerd-1.4.3/Configure
31 @@ -17,10 +17,10 @@
32 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
33 # GNU General Public License for more details.
34
35 -require 'perl/question.pl';
36 -require 'perl/filemagic.pl';
37 -require 'perl/gethost.pl';
38 -require 'perl/generic.pl';
39 +require './perl/question.pl';
40 +require './perl/filemagic.pl';
41 +require './perl/gethost.pl';
42 +require './perl/generic.pl';
43
44 $VERSION = "1.4.2";
45 $| = 1;
46 --- cfingerd-1.4.3.orig/Makefile.cfg.in
47 +++ cfingerd-1.4.3/Makefile.cfg.in
48 @@ -1,6 +1,6 @@
49 # CFINGERD - Main Makefile configuration
50 #
51 -# $Id: Makefile.cfg.in,v 1.4 1999/08/31 00:46:46 joey Exp $
52 +# $Id: Makefile.cfg.in,v 1.4 1999-08-31 00:46:46 joey Exp $
53 #
54 # Copyright (c) 1999 by Martin Schulze <joey@infodrom.north.de>
55 #
56 --- cfingerd-1.4.3.orig/RECOMMEND
57 +++ cfingerd-1.4.3/RECOMMEND
58 @@ -4,7 +4,7 @@ Recommended setups
59 After running cfingerd for quite a while, I have found that if you make
60 the cfingerd setup the most secure, you will have the least problems.
61
62 -CFINGERD currently stops all files from being symbolic links, char
63 +CFINGERD currently stops for all files from being symbolic links, char
64 devices, block devices, etc. Basically, each file has to be a normal
65 file in order to be read by cfingerd. With that in mind, you should keep
66 all files (whether or not they are read by root) as normal files. This
67 --- cfingerd-1.4.3.orig/docs/cfingerd.8
68 +++ cfingerd-1.4.3/docs/cfingerd.8
69 @@ -33,7 +33,7 @@ options, this option is used in inetd.co
70 is a totally new, and totally configurable finger daemon \-
71 one of the first. It listenes on the finger port (port 79) to provide
72 useful information about each user that is on your system according to
73 -the finger protocol as described in RFC 1228. Only thing is, cfingerd
74 +the finger protocol as described in RFC 1288. Only thing is, cfingerd
75 provides a unique twist.
76 .PP
77 .B CFINGERD
78 --- cfingerd-1.4.3.orig/docs/cfingerd.conf.5
79 +++ cfingerd-1.4.3/docs/cfingerd.conf.5
80 @@ -8,8 +8,8 @@ cfingerd.conf \- configurable finger dae
81 .SH DESCRIPTION
82 .I cfingerd.conf
83 is the configuration file for cfingerd.
84 -+.I cfingerd
85 -+has been totally rewritten
86 +.B cfingerd
87 +has been totally rewritten
88 to support a more readable configuration file. This version of the new
89 configuration file is
90 .B NOT
91 @@ -24,7 +24,7 @@ Each one of those sections is split into
92 explained next.
93 .PP
94 Subtext of each option is either boolean options, string options, or
95 -switchable options, all changable by the system administrator.
96 +switchable options, all changeable by the system administrator.
97 .PP
98 Each section is split into a series of sections that resembles C type
99 definition; not exact, but close enough to be familiar with it. :)
100 @@ -529,7 +529,7 @@ is the string that is shown when the sys
101 other sites for a user listing.
102 .br
103 .SH "INTERNAL STRINGS SECTION (CONFIG internal_strings)"
104 -These strings are changable, and can be any length you want (within
105 +These strings are changeable, and can be any length you want (within
106 reason). These strings are concattenated into the syslogging display
107 when the appropriate finger has been issued. This section also includes
108 error messages that may occur.
109 @@ -607,9 +607,9 @@ matter.) These are, instead, treated as
110 called for your use.
111 .PP
112 The format is as follows for fake users:
113 -.sh
114 +.br
115 "fake_username", "Script name", SEARCHBOOL, "script"
116 -.PP
117 +.br
118 where...
119 .PP
120 .B fake_username
121 --- cfingerd-1.4.3.orig/docs/cfingerd.text.5
122 +++ cfingerd-1.4.3/docs/cfingerd.text.5
123 @@ -1,6 +1,6 @@
124 .TH CFINGERD.TEXT 5 "7 Aug 1999" "1.4.2" "Configurable Finger Daemon"
125 .SH NAME
126 -cfingerd text rules
127 +cfingerd.text \- cfingerd text rules
128 .br
129 .SH "EXPLANATION"
130 .B cfingerd
131 --- cfingerd-1.4.3.orig/perl/generic.pl
132 +++ cfingerd-1.4.3/perl/generic.pl
133 @@ -14,6 +14,11 @@ sub get_os {
134 chop($uname);
135 $uname =~ tr/a-z/A-Z/;
136
137 + # Tiny hack to make GNU/kFreeBSD and GNU/Hurd act as GNU/Linux
138 + if (($uname eq 'GNU/KFREEBSD') || ($uname eq 'GNU')) {
139 + $uname = 'LINUX';
140 + }
141 +
142 $ver = `uname -r`;
143 chop($ver);
144
145 --- cfingerd-1.4.3.orig/src/cfingerd.h
146 +++ cfingerd-1.4.3/src/cfingerd.h
147 @@ -278,10 +278,11 @@ typedef struct ecruft {
148
149 extern CONFIG prog_config;
150 extern ECRUFT errors[];
151 -extern char *remote_addr, *localhost, *ident_user, *ip_address;
152 +extern char remote_addr[], ip_address[];
153 +extern char *localhost, *ident_user;
154 extern int trusted_host_num, rejected_host_num, forward_host_num,
155 - fakeuser_num, num_finger_sites, num_headers, local_port,
156 - remote_port, can_log;
157 + fakeuser_num, num_finger_sites, num_headers, can_log;
158 +extern unsigned short local_port, remote_port;
159 extern FILE *top_display, *bottom_display, *noname_display, *nouser_display,
160 *rejected_display, *identd_display;
161 extern BOOL local_finger, emulated;
162 @@ -293,4 +294,4 @@ extern unsigned long listen_addr;
163
164 #include "defines.h"
165
166 -#endif _CFINGERD_H_
167 +#endif /* _CFINGERD_H_ */
168 --- cfingerd-1.4.3.orig/src/fakeuser.c
169 +++ cfingerd-1.4.3/src/fakeuser.c
170 @@ -79,7 +79,7 @@ void handle_fakeuser(char *username)
171 printf("\n Sorry, you specified too many options.\n\n");
172 fflush(stdout);
173 show_bottom();
174 - log(LOG_WARN, "Too many options specified in fake user finger", NULL);
175 + mylog(LOG_WARN, "Too many options specified in fake user finger", NULL);
176 return;
177 }
178
179 @@ -105,7 +105,7 @@ void handle_fakeuser(char *username)
180 sscanf(username, "%[^.].%[^.].%[^.].%[^.].%[^\r\n]\r\n",
181 data[0], data[1], data[2], data[3], data[4]);
182
183 - log(LOG_USER, "Fakeuser: ", username);
184 + mylog(LOG_USER, "Fakeuser: ", username);
185
186 funum = search_fake_pos(data[0]);
187
188 @@ -133,7 +133,7 @@ void handle_fakeuser(char *username)
189 } else {
190 printf("\n");
191 printf(" Sorry, this system does not have any fake users enabled!\n\n");
192 - log(LOG_WARN, "Fake user requested, but rejected - disabled.", " ");
193 + mylog(LOG_WARN, "Fake user requested, but rejected - disabled.", " ");
194 }
195
196 show_bottom();
197 --- cfingerd-1.4.3.orig/src/internal.c
198 +++ cfingerd-1.4.3/src/internal.c
199 @@ -72,26 +72,26 @@ void handle_internal(char *username)
200 else if (!strncmp(username, "services", 8)) {
201 show_services();
202 syslog(LOG_NOTICE, "%s", prog_config.p_strings[D_SVC_FINGER]);
203 - log(LOG_USER, "Service request", " ");
204 + mylog(LOG_USER, "Service request", " ");
205 exit(PROGRAM_OKAY);
206 } else if (!strncmp(username, "search", 6)) {
207 show_search(username);
208 exit(PROGRAM_OKAY);
209 } else if (!strncmp(username, "userlist-only", 13)) {
210 - if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, "/usr/sbin/userlist | /usr/bin/tail +2")) != NULL) {
211 + if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, "/usr/sbin/userlist | /usr/bin/tail -n +2")) != NULL) {
212 printf ("%s", buf);
213 fflush(stdout);
214 free (buf);
215 }
216 - log(LOG_USER, "Userlist-only", " ");
217 + mylog(LOG_USER, "Userlist-only", " ");
218 exit(PROGRAM_OKAY);
219 } else if (!strncmp(username, "userlist-online", 15)) {
220 - if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, "/usr/sbin/userlist -c -n | /usr/bin/tail +2")) != NULL) {
221 + if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, "/usr/sbin/userlist -c -n | /usr/bin/tail -n +2")) != NULL) {
222 printf ("%s", buf);
223 fflush(stdout);
224 free (buf);
225 }
226 - log(LOG_USER, "Userlist-only", " ");
227 + mylog(LOG_USER, "Userlist-only", " ");
228 exit(PROGRAM_OKAY);
229 } else if (!strncmp(username, "help", 4)) {
230 show_top();
231 --- cfingerd-1.4.3.orig/src/log.c
232 +++ cfingerd-1.4.3/src/log.c
233 @@ -17,7 +17,7 @@
234 #include "proto.h"
235 #include "privs.h"
236
237 -void log(int logtype, char *msg, char *user)
238 +void mylog(int logtype, char *msg, char *user)
239 {
240 if (can_log && (prog_config.config_bits3 & SHOW_LOG)) {
241 time_t tim = time(NULL);
242 @@ -80,7 +80,7 @@ void userlog(uid_t uid, gid_t gid, char
243 } else {
244 if (!(prog_config.config_bits3 & SHOW_CREATE_FLG)) {
245 syslog(LOG_WARNING, "Userlog: %s (%s)", filename, strerror(errno));
246 - log(LOG_ERROR, "Cannot write to userlog: ", strerror(errno));
247 + mylog(LOG_ERROR, "Cannot write to userlog: ", strerror(errno));
248 }
249 }
250 }
251 --- cfingerd-1.4.3.orig/src/main.c
252 +++ cfingerd-1.4.3/src/main.c
253 @@ -20,11 +20,13 @@
254 #include "privs.h"
255
256 CONFIG prog_config;
257 -char *remote_addr, *localhost, *ident_user, *ip_address;
258 +char *localhost, *ident_user;
259 +char ip_address[INET6_ADDRSTRLEN] = "";
260 +char remote_addr[INET6_ADDRSTRLEN] = "";
261 FILE *top_display, *bottom_display, *noname_display, *nouser_display,
262 *rejected_display, *identd_display;
263 BOOL local_finger, emulated;
264 -int local_port, remote_port;
265 +unsigned short local_port, remote_port;
266 unsigned short listen_port;
267 unsigned long listen_addr;
268
269 @@ -62,14 +64,15 @@ int main(int argc, char *argv[])
270 char line[100], username[80], syslog_str[200];
271 int un_type;
272 char *cp;
273 - struct sockaddr_in local_addr;
274 + struct sockaddr_storage local_addr;
275 + struct sockaddr_in *sloc4 = (struct sockaddr_in *) &local_addr;
276 + struct sockaddr_in6 *sloc6 = (struct sockaddr_in6 *) &local_addr;
277 struct servent *serv;
278
279 if ((serv = getservbyname("finger","tcp")) != NULL)
280 listen_port = serv->s_port;
281 else
282 listen_port = htons(79);
283 - listen_addr = htonl(INADDR_ANY);
284
285 /* Initialize CFINGERD */
286 start_handler();
287 @@ -108,12 +111,12 @@ int main(int argc, char *argv[])
288 /* Make sure there is actually data waiting in the finger port */
289 if (!emulated) {
290 if (!fgets(username, sizeof(username), stdin)) {
291 - if (remote_addr != NULL) {
292 + if (remote_addr != NULL && *remote_addr) {
293 syslog(LOG_ERR, "Null query from %s: %m", remote_addr);
294 - log(LOG_ERROR, remote_addr, strerror(errno));
295 + mylog(LOG_ERROR, remote_addr, strerror(errno));
296 } else {
297 syslog(LOG_ERR, "Null query: %m");
298 - log(LOG_ERROR, strerror(errno), strerror(0));
299 + mylog(LOG_ERROR, strerror(errno), strerror(0));
300 }
301 closelog();
302 exit(PROGRAM_SYSLOG);
303 @@ -147,33 +150,64 @@ int main(int argc, char *argv[])
304 /* If we're not doing emulated stuff, we can assume that we are running
305 either as a daemon, or under INETD. In that case... */
306 if (!emulated) {
307 - struct sockaddr_in socket_addr;
308 + struct sockaddr_storage socket_addr;
309 + struct sockaddr_in *srem4 = (struct sockaddr_in *) &socket_addr;
310 + struct sockaddr_in6 *srem6 = (struct sockaddr_in6 *) &socket_addr;
311 struct hostent *host_ent;
312 - int psize = 0;
313 + socklen_t locsize = 0, remsize = 0;
314
315 /* Can't run from command line (but this should already be checked) */
316 - psize = sizeof(socket_addr);
317 + locsize = sizeof(local_addr);
318
319 - if (getsockname(0, (struct sockaddr *) &local_addr, &psize)) {
320 + if (getsockname(0, (struct sockaddr *) &local_addr, &locsize)) {
321 syslog(LOG_WARNING, "getsockname: %s", strerror(errno));
322 local_port = 0;
323 } else
324 - local_port = ntohs(local_addr.sin_port);
325 + switch (local_addr.ss_family) {
326 + case AF_INET6:
327 + local_port = ntohs(sloc6->sin6_port);
328 + break;
329 + case AF_INET:
330 + default:
331 + local_port = ntohs(sloc4->sin_port);
332 + }
333 +
334 + remsize = sizeof(socket_addr);
335
336 - if (getpeername(0, (struct sockaddr *) &socket_addr, &psize)) {
337 + if (getpeername(0, (struct sockaddr *) &socket_addr, &remsize)) {
338 printf("Internal error - not running as either a daemon or under INETD.\n");
339 printf("Fatal - getpeername: %s\n", strerror(errno));
340 closelog();
341 - log(LOG_ERROR, "getpeername: ", strerror(errno));
342 + mylog(LOG_ERROR, "getpeername: ", strerror(errno));
343 exit(PROGRAM_BUG);
344 } else
345 - remote_port = ntohs(socket_addr.sin_port);
346 + switch (socket_addr.ss_family) {
347 + case AF_INET6:
348 + remote_port = ntohs(srem6->sin6_port);
349 + break;
350 + case AF_INET:
351 + default:
352 + remote_port = ntohs(srem4->sin_port);
353 + }
354
355 - ip_address = inet_ntoa (socket_addr.sin_addr);
356 + inet_ntop(socket_addr.ss_family, &socket_addr,
357 + ip_address, INET6_ADDRSTRLEN);
358
359 /* Get our host entry */
360 - host_ent = (struct hostent *) gethostbyaddr((char *) &socket_addr.sin_addr,
361 - sizeof(socket_addr.sin_addr), AF_INET);
362 + switch (socket_addr.ss_family) {
363 + case AF_INET6:
364 + host_ent = (struct hostent *)
365 + gethostbyaddr((char *) &srem6->sin6_addr,
366 + sizeof(struct in6_addr),
367 + socket_addr.ss_family);
368 + break;
369 + case AF_INET:
370 + default:
371 + host_ent = (struct hostent *)
372 + gethostbyaddr((char *) &srem4->sin_addr,
373 + sizeof(struct in_addr),
374 + socket_addr.ss_family);
375 + }
376
377 /* And get our local-host name */
378 #ifndef ACTUAL_HOSTNAME
379 @@ -184,14 +218,14 @@ int main(int argc, char *argv[])
380
381 /* Make sure we can get the remote host's address name */
382 if (host_ent == NULL) {
383 - remote_addr = inettos(socket_addr.sin_addr.s_addr);
384 + strncpy(remote_addr, ip_address, INET6_ADDRSTRLEN);
385 syslog(LOG_WARNING, "%s %s",
386 prog_config.p_strings[D_IP_NO_MATCH],
387 remote_addr);
388 if (!(prog_config.config_bits2 & SHOW_IP_MATCH))
389 CF_ERROR(E_NOIP);
390 } else
391 - remote_addr = (char *) host_ent->h_name;
392 + strncpy(remote_addr, host_ent->h_name, INET6_ADDRSTRLEN);
393
394 /* Convert any uppercase letters in the hostname to lowercase */
395 for (cp = remote_addr; *cp; cp++)
396 @@ -200,14 +234,17 @@ int main(int argc, char *argv[])
397
398 /* And find out if this is a local finger */
399 if (!strncasecmp(remote_addr, "127.0.0.1", 9) ||
400 + !strncasecmp(remote_addr, "::1", 3) ||
401 !strncasecmp(remote_addr, "localhost", 9) ||
402 + !strncasecmp(remote_addr, "ip6-localhost", 9) ||
403 + !strncasecmp(remote_addr, "ip6-loopback", 9) ||
404 !strncasecmp(remote_addr, "127.0.0.0", 9) || /* KTH 07/26/96 */
405 !strncasecmp(remote_addr, localhost, strlen(localhost)))
406 local_finger = TRUE;
407 else
408 local_finger = FALSE;
409
410 - ident_user = get_rfc1413_data(local_addr);
411 + ident_user = get_rfc1413_data(&local_addr, &socket_addr);
412 set_time_format();
413
414 } else
415 @@ -220,9 +257,9 @@ int main(int argc, char *argv[])
416 memset (ident_user, 0, sizeof (ident_user));
417 strcpy (ident_user, "emulated");
418 #ifndef ACTUAL_LOOPBACK
419 - remote_addr = "127.0.0.1";
420 + strcpy(remote_addr,"127.0.0.1");
421 #else
422 - remote_addr = ACTUAL_LOOPBACK;
423 + strcpy(remote_addr, ACTUAL_LOOPBACK);
424 #endif
425 }
426
427 @@ -242,7 +279,7 @@ int main(int argc, char *argv[])
428 if (!emulated) {
429 snprintf(syslog_str, sizeof(syslog_str), "%s fingered (internal) from %s", username,
430 ident_user);
431 - syslog(LOG_NOTICE, (char *) syslog_str);
432 + syslog(LOG_NOTICE, "%s", (char *) syslog_str);
433 }
434
435 handle_internal(username);
436 @@ -255,7 +292,7 @@ int main(int argc, char *argv[])
437 snprintf(syslog_str, sizeof(syslog_str), "%s fingered from %s",
438 prog_config.p_strings[D_ROOT_FINGER], ident_user);
439
440 - syslog(LOG_NOTICE, (char *) syslog_str);
441 + syslog(LOG_NOTICE, "%s", (char *) syslog_str);
442 }
443
444 handle_standard(username);
445 @@ -265,7 +302,7 @@ int main(int argc, char *argv[])
446 snprintf(syslog_str, sizeof(syslog_str), "%s %s from %s", username,
447 prog_config.p_strings[D_FAKE_USER], ident_user);
448
449 - syslog(LOG_NOTICE, (char *) syslog_str);
450 + syslog(LOG_NOTICE, "%s", (char *) syslog_str);
451 }
452
453 handle_fakeuser(username);
454 --- cfingerd-1.4.3.orig/src/parse.c
455 +++ cfingerd-1.4.3/src/parse.c
456 @@ -137,14 +137,14 @@ int process_username(char *username)
457 if (ret == U_FORWARD) {
458 printf("%s\n", prog_config.p_strings[D_FORWARD_DENY]);
459 fflush(stdout);
460 - log(LOG_USER, "Denied forward: ", username);
461 + mylog(LOG_USER, "Denied forward: ", username);
462 exit(1);
463 }
464
465 if (ret == U_ILLEGAL) {
466 printf("Illegal character in username.\n");
467 fflush(stdout);
468 - log(LOG_USER, "Illegal: ", username);
469 + mylog(LOG_USER, "Illegal: ", username);
470 exit(1);
471 }
472
473 --- cfingerd-1.4.3.orig/src/proto.h
474 +++ cfingerd-1.4.3/src/proto.h
475 @@ -45,9 +45,9 @@ void show_search(char *);
476 void become_nobody(void);
477 void become_user(char *);
478 int wildmat(char *, char *);
479 -char *get_rfc1413_data(struct sockaddr_in );
480 +char *get_rfc1413_data(struct sockaddr_storage *, struct sockaddr_storage *);
481 void check_unknown(char *);
482 -void log(int, char *, char *);
483 +void mylog(int, char *, char *);
484 void userlog(uid_t, gid_t, char *, char *);
485 void check_blank_configurations(void);
486 int search_fake_pos(char *);
487 --- cfingerd-1.4.3.orig/src/rfc1413.c
488 +++ cfingerd-1.4.3/src/rfc1413.c
489 @@ -25,45 +25,75 @@ void rfc1413_alarm(int signal)
490 * the implementation. Completely rewritten by yours truly to be self-
491 * contained in a single program. Simple, easy to use.
492 */
493 -#define BUFLEN 256
494 -char *get_rfc1413_data( struct sockaddr_in local_addr )
495 +#define UNAMELEN 64
496 +#define BUFLEN UNAMELEN + INET6_ADDRSTRLEN + 2
497 +#define INPUTLEN 256
498 +char *get_rfc1413_data(struct sockaddr_storage * local_addr,
499 + struct sockaddr_storage * peer_addr )
500 {
501 int i, j;
502 - struct sockaddr_in sin;
503 - char buffer[1024], buf[BUFLEN], uname[64], *bleah;
504 + unsigned short newport;
505 + struct sockaddr_storage sin;
506 + struct sockaddr_in *sa4 = (struct sockaddr_in *) &sin;
507 + struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &sin;
508 + char buffer[1024], buf[INPUTLEN], uname[UNAMELEN], *bleah;
509 char *cp, *xp;
510 struct servent *serv;
511
512 bleah = (char *) malloc(BUFLEN);
513 memset(bleah, 0, BUFLEN);
514
515 - j = socket(AF_INET, SOCK_STREAM, 0);
516 + j = socket(local_addr->ss_family, SOCK_STREAM, 0);
517 if (j < 2) {
518 snprintf(bleah, BUFLEN, "unknown@%s", remote_addr);
519 syslog(LOG_ERR, "rfc1413-socket: %s", strerror(errno));
520 return(bleah);
521 }
522
523 - sin.sin_family = AF_INET;
524 - sin.sin_addr.s_addr = local_addr.sin_addr.s_addr;
525 - sin.sin_port = 0;
526 - i = bind(j, (struct sockaddr *) &sin, sizeof(sin));
527 + memcpy(&sin, local_addr, sizeof(sin));
528 + switch (sin.ss_family) {
529 + case AF_INET6:
530 + sa6->sin6_port = 0;
531 + break;
532 + case AF_INET:
533 + default:
534 + sa4->sin_port = 0;
535 + }
536 +
537 + i = bind(j, (struct sockaddr *) &sin,
538 + (sin.ss_family == AF_INET6 )
539 + ? sizeof(struct sockaddr_in6)
540 + : sizeof(struct sockaddr_in));
541 +
542 if (i < 0) {
543 snprintf(bleah, BUFLEN, "unknown@%s", remote_addr);
544 syslog(LOG_ERR, "rfc1413-socket: %s", strerror(errno));
545 return(bleah);
546 }
547
548 - sin.sin_family = AF_INET;
549 if ((serv = getservbyname("auth","tcp")) != NULL)
550 - sin.sin_port = serv->s_port;
551 + newport = serv->s_port;
552 else
553 - sin.sin_port = htons(113);
554 - sin.sin_addr.s_addr = inet_addr(ip_address);
555 + newport = htons(113);
556 +
557 + memcpy(&sin, peer_addr, sizeof(sin));
558 + switch (sin.ss_family) {
559 + case AF_INET6:
560 + sa6->sin6_port = newport;
561 + break;
562 + case AF_INET:
563 + default:
564 + sa4->sin_port = newport;
565 + }
566 +
567 signal(SIGALRM, rfc1413_alarm);
568 alarm(5);
569
570 - i = connect(j, (struct sockaddr *) &sin, sizeof(sin));
571 + i = connect(j, (struct sockaddr *) &sin,
572 + (sin.ss_family == AF_INET6 )
573 + ? sizeof(struct sockaddr_in6)
574 + : sizeof(struct sockaddr_in));
575 +
576 if (i < 0) {
577 syslog(LOG_ERR, "rfc1413-connect: %s", strerror(errno));
578 close(j);
579 @@ -98,7 +128,8 @@ char *get_rfc1413_data( struct sockaddr_
580
581 if (*(++cp) == ' ') cp++;
582 memset(uname, 0, sizeof(uname));
583 - for (xp=uname; *cp != '\0' && *cp!='\r'&&*cp!='\n'&&strlen(uname)<sizeof(uname); cp++)
584 + for (xp=uname; *cp != '\0' && *cp!='\r'&&*cp!='\r'&&*cp!='\n'&&(strlen(uname)+1)<sizeof(uname); cp++)
585 +
586 *(xp++) = *cp;
587
588 if (!strlen(uname)) {
589 --- cfingerd-1.4.3.orig/src/search.c
590 +++ cfingerd-1.4.3/src/search.c
591 @@ -36,7 +36,7 @@ void show_search(char *uname)
592 SEARCHLIST searches[MAX_SEARCHES];
593 FILE *file;
594 char *cp;
595 - char *xp, y;
596 + char *xp;
597
598 show_top();
599
600 @@ -56,13 +56,6 @@ void show_search(char *uname)
601 exit(PROGRAM_OKAY);
602 }
603
604 - for (cp=searchname,xp=searchname,y=0;*cp;cp++) {
605 - if (y != *cp)
606 - *(xp++) = *cp;
607 - y = *cp;
608 - }
609 - *xp = '\0';
610 -
611 if (strlen((char *) searchname) == 0) {
612 printf("\n You must supply a name to search for!\n");
613 SEND_RAW_RETURN;
614 @@ -75,7 +68,7 @@ void show_search(char *uname)
615 printf("\n You must supply a name to search for!\n");
616 SEND_RAW_RETURN;
617 show_bottom();
618 - log(LOG_USER, "Security breach: finger * from %s", ident_user);
619 + mylog(LOG_USER, "Security breach: finger * from %s", ident_user);
620 syslog(LOG_WARNING, "Security breach: finger * from %s", ident_user);
621 free (searchname);
622 exit(PROGRAM_OKAY);
623 @@ -85,7 +78,7 @@ void show_search(char *uname)
624 if (isupper(*cp))
625 *cp = tolower(*cp);
626
627 - log(LOG_USER, "Search: ", searchname);
628 + mylog(LOG_USER, "Search: ", searchname);
629
630 NOBODY_PRIVS;
631
632 --- cfingerd-1.4.3.orig/src/signal.c
633 +++ cfingerd-1.4.3/src/signal.c
634 @@ -81,7 +81,7 @@ void int_handler(int signo)
635
636 if (siglist[i].fatal) {
637 printf("\nPlease report this bug to %s!\n", ERRORS_TO);
638 - log(LOG_ERROR, "Signal (fatal): ", siglist[i].sigtype);
639 + mylog(LOG_ERROR, "Signal (fatal): ", siglist[i].sigtype);
640 } else {
641 if (siglist[i].value == SIGALRM) {
642 printf("Ooh, you caught an alarm signal. This may be a cause from either not\n");
643 @@ -89,7 +89,7 @@ void int_handler(int signo)
644 printf("out on you. May want to check this. :)\n\n");
645 }
646
647 - log(LOG_WARN, "Signal: Alarm signal", " ");
648 + mylog(LOG_WARN, "Signal: Alarm signal", " ");
649
650 printf("Non-fatal; continuing.\n");
651 }
652 @@ -99,7 +99,7 @@ void int_handler(int signo)
653 if (siglist[i].fatal)
654 exit(PROGRAM_BUG);
655 else
656 - log(LOG_WARN, "Signal (non-fatal): ", siglist[i].sigtype);
657 + mylog(LOG_WARN, "Signal (non-fatal): ", siglist[i].sigtype);
658 }
659 }
660
661 @@ -109,7 +109,7 @@ void int_handler(int signo)
662 syslog(LOG_ERR, "SIGUNKNOWN caught");
663 (void) fflush(stdout);
664
665 - log(LOG_ERROR, "Signal: Unknown signal", " ");
666 + mylog(LOG_ERROR, "Signal: Unknown signal", " ");
667
668 exit(PROGRAM_BUG);
669 }
670 --- cfingerd-1.4.3.orig/src/standard.c
671 +++ cfingerd-1.4.3/src/standard.c
672 @@ -155,6 +155,7 @@ void show_pfile(uid_t uid, gid_t gid, in
673 fflush(stdout);
674 }
675
676 + USER_PRIVS(uid, gid);
677 if (exist(d)) {
678 NOBODY_PRIVS;
679
680 @@ -163,9 +164,14 @@ void show_pfile(uid_t uid, gid_t gid, in
681 fflush(stdout);
682 }
683
684 + USER_PRIVS(uid, gid);
685 if ((file = open_file(d)) != NULL)
686 + {
687 + NOBODY_PRIVS;
688 display_file(uid, gid, file);
689 + }
690 } else {
691 + NOBODY_PRIVS;
692 if (!(prog_config.config_bits3 & SHOW_HEADERS_FE))
693 printf("%s\n", prog_config.p_strings[t3]);
694 else
695 @@ -206,6 +212,7 @@ void show_pfile2(uid_t uid, gid_t gid, i
696 fflush(stdout);
697 }
698
699 + USER_PRIVS(uid, gid);
700 if (exist(d)) {
701 NOBODY_PRIVS;
702
703 @@ -214,9 +221,13 @@ void show_pfile2(uid_t uid, gid_t gid, i
704 fflush(stdout);
705 }
706
707 - if ((open_file (d)) != NULL)
708 + USER_PRIVS(uid, gid);
709 + if ((file = open_file (d)) != NULL) {
710 + NOBODY_PRIVS;
711 display_file(uid, gid, file);
712 + }
713 } else {
714 + NOBODY_PRIVS;
715 if (!(prog_config.config_bits3 & SHOW_HEADERS_FE))
716 printf("%s\n", prog_config.p_strings[t3]);
717 }
718 @@ -376,11 +387,21 @@ void show_idle(char *tty)
719 sprintf(dev_file, "/dev/%s", tty);
720
721 USER_PRIVS(nuid, ngid);
722 - stat((char *) dev_file, &buf);
723 + if (stat((char *) dev_file, &buf) != 0) {
724 + NOBODY_PRIVS;
725 + return;
726 + }
727 NOBODY_PRIVS;
728
729 + if (!buf.st_atime || !buf.st_mtime)
730 + return;
731 +
732 cur_time = time(NULL);
733 - diff_time = (long) cur_time - (long) buf.st_mtime;
734 + diff_time = buf.st_mtime < buf.st_atime
735 + ? (long) cur_time - (long) buf.st_mtime
736 + : (long) cur_time - (long) buf.st_atime;
737 + if (diff_time < 0)
738 + diff_time = 0;
739
740 sec = min = hour = day = has = 0;
741
742 @@ -394,7 +415,7 @@ void show_idle(char *tty)
743 sec = has = 1;
744
745 if (has)
746 - printf(" Idle ");
747 + printf(" idle ");
748
749 if (day) {
750 day = diff_time / 86400;
751 @@ -1002,21 +1023,21 @@ void handle_standard(char *username)
752 memset(uname, 0, 600);
753 printf("\nChecking site %s for the specified user.\n", prog_config.forward[nums]);
754 fflush(stdout);
755 - snprintf(uname, sizeof(uname), "/usr/bin/finger \"%s\100%s\" | /usr/bin/tail +2", username, prog_config.forward[nums]);
756 + snprintf(uname, sizeof(uname), "/usr/bin/finger \"%s\100%s\" | /usr/bin/tail -n +2", username, prog_config.forward[nums]);
757 if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, uname)) != NULL) {
758 printf ("%s", buf);
759 fflush(stdout);
760 free (buf);
761 }
762 nums++;
763 - log(LOG_USER, "Forwarded: ", username);
764 + mylog(LOG_USER, "Forwarded: ", username);
765 }
766 } else {
767 show_notexist();
768 }
769 } else {
770 show_fingerinfo(username);
771 - log(LOG_USER, "Normal: ", username);
772 + mylog(LOG_USER, "Normal: ", username);
773 }
774
775 if ((!(prog_config.config_bits2 & SHOW_FINGERFWD)) ||
776 --- cfingerd-1.4.3.orig/src/userlist.c
777 +++ cfingerd-1.4.3/src/userlist.c
778 @@ -56,10 +56,10 @@ void handle_userlist(char *username)
779
780 if (!strcmp (username, "userlist"))
781 snprintf(cmdline, sizeof (cmdline),
782 - "%s -n | /usr/bin/tail +2", prog_config.finger_program);
783 + "%s -n | /usr/bin/tail -n +2", prog_config.finger_program);
784 else
785 snprintf(cmdline, sizeof (cmdline),
786 - "%s | /usr/bin/tail +2", prog_config.finger_program);
787 + "%s | /usr/bin/tail -n +2", prog_config.finger_program);
788
789 if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, cmdline)) != NULL) {
790 if (!head) {
791 @@ -72,10 +72,10 @@ void handle_userlist(char *username)
792 }
793 } else {
794 if (!strcmp (username, "userlist"))
795 - snprintf(cmdline, sizeof(cmdline), "/usr/bin/finger userlist-online@%s | tail +2 | grep -v '^$'",
796 + snprintf(cmdline, sizeof(cmdline), "/usr/bin/finger userlist-online@%s | tail -n +2 | grep -v '^$'",
797 prog_config.finger_sites[i]);
798 else
799 - snprintf(cmdline, sizeof(cmdline), "/usr/bin/finger userlist-only@%s | tail +2 | grep -v '^$'",
800 + snprintf(cmdline, sizeof(cmdline), "/usr/bin/finger userlist-only@%s | tail -n +2 | grep -v '^$'",
801 prog_config.finger_sites[i]);
802
803 if ((buf = safe_exec(NOBODY_UID, NOBODY_GID, cmdline)) != NULL) {
804 @@ -92,7 +92,7 @@ void handle_userlist(char *username)
805 } else {
806 if ((!strstr(prog_config.finger_program, "finger")) &&
807 (!strstr(prog_config.finger_program, "w")))
808 - snprintf(cmdline, sizeof(cmdline), "%s | /usr/bin/tail +2", prog_config.finger_program);
809 + snprintf(cmdline, sizeof(cmdline), "%s | /usr/bin/tail -n +2", prog_config.finger_program);
810 else
811 snprintf(cmdline, sizeof(cmdline), "%s", prog_config.finger_program);
812
813 @@ -144,7 +144,7 @@ void handle_userlist(char *username)
814
815 show_bottom();
816
817 - log(LOG_USER, "Userlist request", " ");
818 + mylog(LOG_USER, "Userlist request", " ");
819 }
820
821 /*
822 --- cfingerd-1.4.3.orig/src/util.c
823 +++ cfingerd-1.4.3/src/util.c
824 @@ -178,7 +178,7 @@ void parse_line(uid_t uid, gid_t gid, ch
825
826 pos++;
827
828 - while((line[pos] != ' ') && (!done)) {
829 + while (line[pos] != ' ' && !done && newpos < 80) {
830 command[newpos] = line[pos];
831
832 if (line[pos] == ' ')
833 @@ -298,7 +298,7 @@ void parse_line(uid_t uid, gid_t gid, ch
834 for(x = 0; x < center_dist; x++)
835 printf(" ");
836
837 - printf(displine);
838 + printf("%s", displine);
839
840 free(displine);
841 }
842 @@ -465,7 +465,7 @@ char *get_localhost(void)
843 ret = (char *) malloc(strlen((char *) hostname) +
844 strlen((char *) domname) + 2);
845
846 - snprintf(ret, sizeof(ret), "%s.%s", (char *) hostname, (char *) domname);
847 + sprintf(ret, "%s.%s", (char *) hostname, (char *) domname);
848 return(ret);
849 }
850
851 @@ -483,7 +483,7 @@ void check_unknown(char *host)
852 host, prog_config.p_strings[D_REJECT_HOST]);
853 if (prog_config.config_bits2 & SHOW_REJECTED)
854 display_file(NOBODY_UID, NOBODY_GID, rejected_display);
855 - log(LOG_IDENT, "Unknown not allowed from ", host);
856 + mylog(LOG_IDENT, "Unknown not allowed from ", host);
857
858 exit(PROGRAM_OKAY);
859 }
860 @@ -537,7 +537,7 @@ void check_rejected(char *host)
861 if (prog_config.config_bits2 & SHOW_REJECTED)
862 display_file(NOBODY_UID, NOBODY_GID, rejected_display);
863
864 - log(LOG_REJECTED, "Rejected host finger detected to ", host);
865 + mylog(LOG_REJECTED, "Rejected host finger detected to ", host);
866
867 exit(PROGRAM_OKAY);
868 }
869 @@ -588,7 +588,6 @@ char *safe_exec (uid_t uid, gid_t gid, c
870 memset (line, 0, 600);
871 while ((read (fd[0], line, sizeof (line)-1)) > 0) {
872 if ((size += strlen (line)) < MAX_POPEN_BUF) {
873 - syslog (LOG_INFO, "Reallocating %d bytes", size);
874 if ((result = (char *) realloc (result, size+1)) == NULL) {
875 return NULL;
876 }
877 --- cfingerd-1.4.3.orig/src/version.c
878 +++ cfingerd-1.4.3/src/version.c
879 @@ -45,7 +45,7 @@ void show_version_info(void)
880 printf("The last stable version of CFINGERD is %s\n\n", LAST_STABLE_RELEASE);
881 #endif
882
883 - log(LOG_USER, "Version information", " ");
884 + mylog(LOG_USER, "Version information", " ");
885
886 fflush(stdout);
887 exit(PROGRAM_OKAY);
888 --- cfingerd-1.4.3.orig/userlist/display.c
889 +++ cfingerd-1.4.3/userlist/display.c
890 @@ -79,7 +79,7 @@ void process_display(void)
891
892 if (strlen((char *) tty_list[i].username) > 1) {
893 char *username=NULL;
894 - char ru[8], fn[STRLEN];
895 + char ru[9], fn[STRLEN];
896
897 memset(ru, 0, sizeof (ru));
898 memset(fn, 0, sizeof (fn));
899 @@ -89,6 +89,8 @@ void process_display(void)
900 pwent = getpwnam((char *) ru);
901
902 if (pwent) {
903 + char *cp, *x;
904 +
905 cp = pwent->pw_gecos;
906 if ((x = index (pwent->pw_gecos, ',')) != NULL) /* username */
907 *x = '\0';
908 --- cfingerd-1.4.3.orig/userlist/idle.c
909 +++ cfingerd-1.4.3/userlist/idle.c
910 @@ -24,10 +24,16 @@ char *calc_idle(char *tty)
911
912 snprintf(dev_file, sizeof (dev_file), "/dev/%s", tty);
913
914 - stat((char *) dev_file, &buf);
915 + if (stat((char *) dev_file, &buf) != 0 || !buf.st_atime || !buf.st_mtime) {
916 + sprintf(idledisp, "-");
917 + return idledisp;
918 + }
919 cur_time = time(NULL);
920 -
921 - diff_time = (long) cur_time - (long) buf.st_mtime;
922 + diff_time = buf.st_mtime < buf.st_atime
923 + ? (long) cur_time - (long) buf.st_mtime
924 + : (long) cur_time - (long) buf.st_atime;
925 + if (diff_time < 0)
926 + diff_time = 0;
927
928 min = hour = day = 0;
929
930 @@ -45,7 +51,7 @@ char *calc_idle(char *tty)
931
932 if (day) {
933 if (no_idle) return NULL;
934 - snprintf(idledisp, sizeof (idledisp), "%1dd ", day);
935 + snprintf(idledisp, sizeof (idledisp), "%1dd", day);
936 return idledisp;
937 }
938
939 --- cfingerd-1.4.3.orig/userlist/userlist.1
940 +++ cfingerd-1.4.3/userlist/userlist.1
941 @@ -8,7 +8,7 @@ userlist \- Userlisting of who's on your
942 .SH DESCRIPTION
943 This program simply gives you a listing of who is connected to your
944 system. It is used primarily in the sorted listing of
945 -.Br cfingerd ,
946 +.BR cfingerd ,
947 which
948 utilitizes the same method of display for a more uniform output between
949 systems. (It also made more sense to do it this way instead of having
950 @@ -40,7 +40,7 @@ it checks getpwnam, anyway. :)
951 .B "\-c"
952 Give standard CFINGERD (custom) output.
953 .TP
954 -.B. "\-n"
955 +.B "\-n"
956 List only people idle less than one day.
957 .br
958 .SH ADDITIONAL
+1
-0
debian/patches/series less more
0 import_diff.patch