Date: Tue, 26 Jul 2022 19:15:43 +0300 From: niko.nastonen@icloud.com To: "freebsd-pkg@freebsd.org" <freebsd-pkg@FreeBSD.org> Subject: pkg and root privileges Message-ID: <0320D2DB-F61B-4F8B-B80F-D7765860283E@icloud.com>
index | next in thread | raw e-mail
[-- Attachment #1 --]
Hi.
There was a recent discussion on the FreeBSD forum about security of pkg and its ability to drop root privileges when fetching packages.
I couldn’t help but notice that there was a git commit
fcceab3f with comment "drop privileges when using libfetch”
and another one
f3b0469e with comment "Stop dropping privileges when fetching as it causes more issues than it solved”.
Can I ask what kind of issues the first commit introduces and why pkg still goes out to the internet unprotected?
In case the issues are already solved by later commits, let me present a silly patch (mostly copied from fcceab3f) for branch "release-1.18” which makes fetch use nobody instead of root.
Feel free to modify it to match “the real BSD hacker standards, if applicable” :-)
diff --git a/libpkg/fetch.c b/libpkg/fetch.c
index a310fbc3..c8e02f5b 100644
--- a/libpkg/fetch.c
+++ b/libpkg/fetch.c
@@ -30,10 +30,14 @@
#include <sys/wait.h>
#include <sys/socket.h>
#include <sys/time.h>
+#include <sys/types.h>
#include <ctype.h>
#include <fcntl.h>
+#include <err.h>
#include <errno.h>
+#include <pwd.h>
+#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <fetch.h>
@@ -48,6 +52,10 @@
#include "private/utils.h"
#include "private/fetch.h"
+void sig_handler(int signal);
+extern void drop_privileges(void);
+int stop = 0;
+
static struct fetcher {
const char *scheme;
int (*open)(struct pkg_repo *, struct url *, off_t *);
@@ -82,7 +90,6 @@ static struct fetcher {
},
};
-
int
pkg_fetch_file_tmp(struct pkg_repo *repo, const char *url, char *dest,
time_t t)
@@ -160,6 +167,13 @@ pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t,
return (retcode);
}
+void sig_handler(int signal)
+{
+ if (signal == SIGINT)
+ stop = 1;
+}
+
+
#define URL_SCHEME_PREFIX "pkg+"
int
@@ -175,6 +189,8 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,
off_t r;
char buf[8192];
int retcode = EPKG_OK;
+ int pstat;
+ pid_t pid;
off_t sz = 0;
size_t buflen = 0;
size_t left = 0;
@@ -197,6 +213,25 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,
* Error if using plain http://, https:// etc with SRV
*/
+ pid = fork();
+
+ switch (pid) {
+ case -1:
+ pkg_emit_error("Unable to fork");
+ return (EPKG_FATAL);
+ case 0:
+ sigset(SIGINT, sig_handler);
+ drop_privileges();
+ break;
+ default:
+ waitpid(pid, &pstat, 0);
+
+ if (WEXITSTATUS(pstat) != 0)
+ return (EPKG_FATAL);
+
+ return (EPKG_OK);
+ }
+
pkg_debug(1, "Request to fetch %s", url);
if (repo != NULL &&
strncmp(URL_SCHEME_PREFIX, url, strlen(URL_SCHEME_PREFIX)) == 0) {
@@ -256,6 +291,7 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,
break;
}
}
+
if (fetcher == NULL) {
pkg_emit_error("Unknown scheme: %s", u->scheme);
return (EPKG_FATAL);
@@ -283,7 +319,14 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,
left = sizeof(buf);
if (sz > 0)
left = sz - done;
+
while ((r = fread(buf, 1, left < buflen ? left : buflen, remote)) > 0) {
+
+ if (stop) {
+ retcode = EPKG_FATAL;
+ goto cleanup;
+ }
+
if (write(dest, buf, r) != r) {
pkg_emit_errno("write", "");
retcode = EPKG_FATAL;
@@ -351,6 +394,13 @@ cleanup:
futimes(dest, ftimes);
}
+ if (strncmp(u->scheme, "ssh", 3) != 0) {
+ if (retcode == EPKG_OK)
+ exit(0);
+
+ exit(EXIT_FAILURE);
+ }
+
/* restore original doc */
fetchFreeURL(u);
[-- Attachment #2 --]
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class=""><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en">Hi.</span></div><div class=""><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en"><br class=""></span></div><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en">There was a recent discussion on the FreeBSD forum about security of pkg and its ability to drop root privileges when fetching packages.</span><div class=""><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en"><br class=""></span></div><div class=""><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en">I couldn’t help but notice that there was a git commit</span></div><div class=""><span class="VIiyi" jsaction="mouseup:BR6jm" jsname="jqKxS" lang="en"><br class=""></span></div><div class="">fcceab3f with comment "drop privileges when using libfetch”</div><div class=""><br class=""></div><div class="">and another one</div><div class=""><br class=""></div><div class="">f3b0469e with comment "Stop dropping privileges when fetching as it causes more issues than it solved”.</div><div class=""><br class=""></div><div class="">Can I ask what kind of issues the first commit introduces and why pkg still goes out to the internet unprotected?</div><div class=""><br class=""></div><div class="">In case the issues are already solved by later commits, let me present a silly patch (mostly copied from fcceab3f) for branch "release-1.18” which makes fetch use nobody instead of root.</div><div class=""><br class=""></div><div class="">Feel free to modify it to match “the real BSD hacker standards, if applicable” :-)</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><p style="margin: 0px 0px 2px; font-stretch: normal; font-size: 16px; line-height: normal; font-family: "Helvetica Neue"; min-height: 19px;" class=""><b class=""></b><br class=""></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""><b class="">diff --git a/libpkg/fetch.c b/libpkg/fetch.c</b></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""><b class="">index a310fbc3..c8e02f5b 100644</b></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""><b class="">--- a/libpkg/fetch.c</b></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""><b class="">+++ b/libpkg/fetch.c</b></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -30,10 +30,14 @@</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <sys/wait.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <sys/socket.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <sys/time.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+#include <sys/types.h></div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <ctype.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <fcntl.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+#include <err.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <errno.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+#include <pwd.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+#include <signal.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <stdio.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <string.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include <fetch.h></div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -48,6 +52,10 @@</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include "private/utils.h"</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #include "private/fetch.h"</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+void sig_handler(int signal);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+extern void drop_privileges(void);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+int stop = 0;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> static struct fetcher {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> const char *scheme;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> int (*open)(struct pkg_repo *, struct url *, off_t *);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -82,7 +90,6 @@ static struct fetcher {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> },</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> };</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">-</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> int</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> pkg_fetch_file_tmp(struct pkg_repo *repo, const char *url, char *dest,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> time_t t)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -160,6 +167,13 @@ pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> return (retcode);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> }</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+void sig_handler(int signal)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+{</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ if (signal == SIGINT)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ stop = 1;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+}</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> #define URL_SCHEME_PREFIX "pkg+"</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> int</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -175,6 +189,8 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> off_t r;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> char buf[8192];</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> int retcode = EPKG_OK;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ int pstat;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ pid_t pid;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> off_t sz = 0;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> size_t buflen = 0;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> size_t left = 0;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -197,6 +213,25 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> * Error if using plain http://, https:// etc with SRV</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> */</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ pid = fork();</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ switch (pid) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ case -1:</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ pkg_emit_error("Unable to fork");</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ return (EPKG_FATAL);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ case 0:</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ sigset(SIGINT, sig_handler);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ drop_privileges();</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ break;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ default:</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ waitpid(pid, &pstat, 0);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ if (WEXITSTATUS(pstat) != 0)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ return (EPKG_FATAL);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ return (EPKG_OK);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ }</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> pkg_debug(1, "Request to fetch %s", url);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> if (repo != NULL &&</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> strncmp(URL_SCHEME_PREFIX, url, strlen(URL_SCHEME_PREFIX)) == 0) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -256,6 +291,7 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> break;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> }</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> }</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> if (fetcher == NULL) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> pkg_emit_error("Unknown scheme: %s", u->scheme);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> return (EPKG_FATAL);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -283,7 +319,14 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest,</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> left = sizeof(buf);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> if (sz > 0)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> left = sz - done;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> while ((r = fread(buf, 1, left < buflen ? left : buflen, remote)) > 0) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ if (stop) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ retcode = EPKG_FATAL;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ goto cleanup;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ }</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> if (write(dest, buf, r) != r) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> pkg_emit_errno("write", "");</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> retcode = EPKG_FATAL;</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">@@ -351,6 +394,13 @@ cleanup:</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> futimes(dest, ftimes);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> }</div><p style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue"; min-height: 15px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ if (strncmp(u->scheme, "ssh", 3) != 0) {</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ if (retcode == EPKG_OK)</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ exit(0);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ exit(EXIT_FAILURE);</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+ }</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class="">+</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> /* restore original doc */</div><div style="margin: 0px; font-stretch: normal; font-size: 13px; line-height: normal; font-family: "Helvetica Neue";" class=""> fetchFreeURL(u);</div></div></body></html>
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0320D2DB-F61B-4F8B-B80F-D7765860283E>