From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Oct 23 09:00:02 2007 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D8EC16A46B for ; Tue, 23 Oct 2007 09:00:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F059D13C4A8 for ; Tue, 23 Oct 2007 09:00:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l9N901sv052878 for ; Tue, 23 Oct 2007 09:00:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l9N901h3052870; Tue, 23 Oct 2007 09:00:01 GMT (envelope-from gnats) Resent-Date: Tue, 23 Oct 2007 09:00:01 GMT Resent-Message-Id: <200710230900.l9N901h3052870@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Robin Gruyters Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADD4716A421 for ; Tue, 23 Oct 2007 08:57:54 +0000 (UTC) (envelope-from robin@yirdis.nl) Received: from mail.yirdis.nl (gw.yirdis.nl [82.148.219.21]) by mx1.freebsd.org (Postfix) with ESMTP id 174ED13C491 for ; Tue, 23 Oct 2007 08:57:53 +0000 (UTC) (envelope-from robin@yirdis.nl) Received: from server.yirdis.net (localhost [127.0.0.1]) by mail.yirdis.nl (8.13.8/8.13.8) with ESMTP id l9N8fGgE011972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 23 Oct 2007 10:41:16 +0200 (CEST) (envelope-from robin@server.yirdis.net) Received: (from robin@localhost) by server.yirdis.net (8.13.8/8.13.8/Submit) id l9N8fGcP011971; Tue, 23 Oct 2007 10:41:16 +0200 (CEST) (envelope-from robin) Message-Id: <200710230841.l9N8fGcP011971@server.yirdis.net> Date: Tue, 23 Oct 2007 10:41:16 +0200 (CEST) From: Robin Gruyters To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/117417: [MAINTAINER] security/libprelude: update to 0.9.16 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Oct 2007 09:00:02 -0000 >Number: 117417 >Category: ports >Synopsis: [MAINTAINER] security/libprelude: update to 0.9.16 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Oct 23 09:00:01 UTC 2007 >Closed-Date: >Last-Modified: >Originator: Robin Gruyters >Release: FreeBSD 6.2-RELEASE-p5 i386 >Organization: Betronic Nederland B.V. >Environment: System: FreeBSD server.yirdis.net 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #4: Thu May 31 10:58:52 CEST 2007 >Description: - Update to 0.9.16 - Added two patches due to some system umask settlement(s). Added file(s): - files/patch-prelude-admin__prelude-admin.c - files/patch-src__prelude-failover.c Changelog libprelude-0.9.16: - Implement prelude-admin list [-l] command, which provide the ability to list existing profile name, permission, registration permission, analyzerID, and Issuer analyzerid. - Implement multiple analyzer deletion in prelude-admin. - Correct printing of IDMEF time field using non local GMT offset. - Patch to avoid struct typespec redefinition, due to variable mispelling. This fixes a compilation problem on OpenBSD 3.8. - Various bug fixes. Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- libprelude-0.9.16.patch begins here --- diff -ruN --exclude=CVS /usr/ports/security/libprelude/Makefile /data2/FreeBSD/custom_ports/security/libprelude/Makefile --- /usr/ports/security/libprelude/Makefile Thu Oct 11 02:23:38 2007 +++ /data2/FreeBSD/custom_ports/security/libprelude/Makefile Tue Oct 23 10:36:13 2007 @@ -4,7 +4,7 @@ # $FreeBSD: ports/security/libprelude/Makefile,v 1.47 2007/10/05 01:44:06 clsung Exp $ PORTNAME= libprelude -PORTVERSION= 0.9.15.2 +PORTVERSION= 0.9.16 CATEGORIES= security MASTER_SITES= http://www.prelude-ids.org/download/releases/ \ http://www.prelude-ids.org/download/releases/old/ diff -ruN --exclude=CVS /usr/ports/security/libprelude/distinfo /data2/FreeBSD/custom_ports/security/libprelude/distinfo --- /usr/ports/security/libprelude/distinfo Thu Oct 11 02:23:38 2007 +++ /data2/FreeBSD/custom_ports/security/libprelude/distinfo Tue Oct 23 10:36:17 2007 @@ -1,3 +1,3 @@ -MD5 (libprelude-0.9.15.2.tar.gz) = dab40d05caa8e6d3b9c48e07ad245211 -SHA256 (libprelude-0.9.15.2.tar.gz) = c8013b9f9b572d8301a2c839abd541b4ed00996ed6c0953a5a3ce7a585bf5b4f -SIZE (libprelude-0.9.15.2.tar.gz) = 1949284 +MD5 (libprelude-0.9.16.tar.gz) = d2fa3e77d9104d8ae02e7730e1180f99 +SHA256 (libprelude-0.9.16.tar.gz) = 2831740fdfbfb4299356a091bb883396188c69553dd148cc581eba35d3c00903 +SIZE (libprelude-0.9.16.tar.gz) = 1964830 diff -ruN --exclude=CVS /usr/ports/security/libprelude/files/patch-prelude-admin__prelude-admin.c /data2/FreeBSD/custom_ports/security/libprelude/files/patch-prelude-admin__prelude-admin.c --- /usr/ports/security/libprelude/files/patch-prelude-admin__prelude-admin.c Thu Jan 1 01:00:00 1970 +++ /data2/FreeBSD/custom_ports/security/libprelude/files/patch-prelude-admin__prelude-admin.c Tue Oct 23 10:22:20 2007 @@ -0,0 +1,91 @@ +--- ./prelude-admin/prelude-admin.c.orig Mon Oct 1 12:47:42 2007 ++++ ./prelude-admin/prelude-admin.c Tue Oct 23 10:16:42 2007 +@@ -69,7 +69,6 @@ + #ifdef WIN32 + # define chown(x, y, z) (0) + # define fchown(x, y, z) (0) +-# define fchmod(x, y) (0) + # define getuid(x) (0) + # define getgid(x) (0) + # define mkdir(x, y) mkdir(x) +@@ -710,10 +709,6 @@ + return -1; + } + +- ret = fchmod(fileno(fd), S_IRUSR|S_IWUSR|S_IRGRP); +- if ( ret < 0 ) +- fprintf(stderr, "error changing '%s' permission: %s.\n", filename, strerror(errno)); +- + ret = fchown(fileno(fd), prelude_client_profile_get_uid(profile), prelude_client_profile_get_gid(profile)); + if ( ret < 0 ) + fprintf(stderr, "error changing '%s' ownership: %s.\n", filename, strerror(errno)); +@@ -752,19 +747,18 @@ + + already_exist = access(filename, F_OK); + +- fd = fopen(filename, (already_exist == 0) ? "r" : "w"); +- if ( ! fd ) { +- fprintf(stderr, "error opening %s: %s.\n", filename, strerror(errno)); ++ ret = open(filename, (already_exist == 0) ? O_RDONLY : O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR|S_IRGRP); ++ if ( ret < 0 ) { ++ fprintf(stderr, "error opening '%s': %s.\n", filename, strerror(errno)); + return -1; + } + +- ret = fchown(fileno(fd), prelude_client_profile_get_uid(profile), prelude_client_profile_get_gid(profile)); +- if ( ret < 0 ) +- fprintf(stderr, "couldn't change %s owner.\n", filename); +- +- ret = fchmod(fileno(fd), S_IRUSR|S_IWUSR|S_IRGRP); +- if ( ret < 0 ) +- fprintf(stderr, "couldn't make ident file readable for all.\n"); ++ fd = fdopen(ret, (already_exist == 0) ? "r" : "w"); ++ if ( ! fd ) { ++ close(ret); ++ fprintf(stderr, "error opening '%s': %s.\n", filename, strerror(errno)); ++ return -1; ++ } + + if ( already_exist == 0 ) { + if ( ! fgets(buf, sizeof(buf), fd) ) { +@@ -945,11 +939,11 @@ + + + +-static int create_directory(prelude_client_profile_t *profile, const char *dirname) ++static int create_directory(prelude_client_profile_t *profile, const char *dirname, int flags) + { + int ret; + +- ret = mkdir(dirname, S_IRWXU|S_IRWXG); ++ ret = mkdir(dirname, flags); + if ( ret < 0 && errno != EEXIST ) { + fprintf(stderr, "error creating directory %s: %s.\n", dirname, strerror(errno)); + return -1; +@@ -977,7 +971,7 @@ + + prelude_client_profile_get_profile_dirname(profile, buf, sizeof(buf)); + +- ret = create_directory(profile, buf); ++ ret = create_directory(profile, buf, S_IRWXU|S_IRGRP|S_IXGRP); + if ( ret < 0 ) { + fprintf(stderr, "error creating directory %s: %s.\n", buf, strerror(errno)); + return -1; +@@ -1000,7 +994,7 @@ + prelude_client_profile_set_analyzerid(profile, *analyzerid); + + prelude_client_profile_get_backup_dirname(profile, buf, sizeof(buf)); +- return create_directory(profile, buf); ++ return create_directory(profile, buf, S_IRWXU|S_IRWXG); + } + + +@@ -2128,6 +2122,8 @@ + #ifndef WIN32 + signal(SIGPIPE, SIG_IGN); + #endif ++ ++ umask(S_IRWXO); + + for ( i = 0; i < sizeof(tbl) / sizeof(*tbl); i++ ) { + if ( strcmp(tbl[i].cmd, argv[1]) != 0 ) diff -ruN --exclude=CVS /usr/ports/security/libprelude/files/patch-src__prelude-failover.c /data2/FreeBSD/custom_ports/security/libprelude/files/patch-src__prelude-failover.c --- /usr/ports/security/libprelude/files/patch-src__prelude-failover.c Thu Jan 1 01:00:00 1970 +++ /data2/FreeBSD/custom_ports/security/libprelude/files/patch-src__prelude-failover.c Tue Oct 23 10:22:27 2007 @@ -0,0 +1,98 @@ +--- ./src/prelude-failover.c.orig Thu Aug 30 15:24:30 2007 ++++ ./src/prelude-failover.c Tue Oct 23 10:16:45 2007 +@@ -292,7 +292,7 @@ + struct stat jst, wst; + failover_journal_entry_t jentry; + +- failover->jfd = open(filename, O_CREAT|O_RDWR, S_IRUSR|S_IWUSR); ++ failover->jfd = open(filename, O_CREAT|O_RDWR, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP); + if ( failover->jfd < 0 ) + return prelude_error_verbose(PRELUDE_ERROR_GENERIC, "could not open '%s': %s", filename, strerror(errno)); + +@@ -357,7 +357,7 @@ + { + int ret; + +- *fd = open(filename, flags, S_IRUSR|S_IWUSR); ++ *fd = open(filename, flags, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP); + if ( *fd < 0 ) + return prelude_error_verbose(PRELUDE_ERROR_GENERIC, "error opening '%s': %s", filename, strerror(errno)); + +@@ -498,33 +498,46 @@ + + int prelude_failover_new(prelude_failover_t **out, const char *dirname) + { ++ mode_t mode; + size_t flen; + int ret, wfd, rfd; + char filename[PATH_MAX]; + prelude_failover_t *new; + ++ mode = umask(S_IRWXO); ++ + ret = mkdir(dirname, S_IRWXU|S_IRWXG); +- if ( ret < 0 && errno != EEXIST ) ++ if ( ret < 0 && errno != EEXIST ) { ++ umask(mode); + return prelude_error_verbose(PRELUDE_ERROR_GENERIC, "could not create directory '%s': %s", dirname, strerror(errno)); ++ } + + wfd = get_failover_data_filename_and_fd(dirname, filename, sizeof(filename)); +- if ( wfd < 0 ) ++ if ( wfd < 0 ) { ++ umask(mode); + return wfd; ++ } + + rfd = open(filename, O_RDONLY); + if ( rfd < 0 ) { ++ umask(mode); + close(wfd); + return prelude_error_verbose(PRELUDE_ERROR_GENERIC, "could not open '%s' for reading: %s", filename, strerror(errno)); + } + + new = calloc(1, sizeof(*new)); +- if ( ! new ) ++ if ( ! new ) { ++ umask(mode); ++ close(rfd); ++ close(wfd); + return prelude_error_from_errno(errno); ++ } + + new->jfd = -1; + + ret = prelude_io_new(&new->wfd); + if ( ret < 0 ) { ++ umask(mode); + close(rfd); + close(wfd); + free(new); +@@ -533,6 +546,7 @@ + + ret = prelude_io_new(&new->rfd); + if ( ret < 0 ) { ++ umask(mode); + close(rfd); + close(wfd); + free(new); +@@ -546,16 +560,19 @@ + + ret = snprintf(filename + flen, sizeof(filename) - flen, ".journal"); + if ( ret < 0 || ret >= (sizeof(filename) - flen) ) { ++ umask(mode); + prelude_failover_destroy(new); + return -1; + } + + ret = journal_initialize(new, filename); + if ( ret < 0 ) { ++ umask(mode); + prelude_failover_destroy(new); + return ret; + } + ++ umask(mode); + *out = new; + + return 0; --- libprelude-0.9.16.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: