security fix #49534

5 files changed, 293 insertions, 5 deletions

diff --git a/net-misc/rsync/ChangeLog b/net-misc/rsync/ChangeLog
index 7ffe41a71d43..8839c18e19e9 100644
--- a/net-misc/rsync/ChangeLog
+++ b/net-misc/rsync/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-misc/rsync
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/ChangeLog,v 1.55 2004/07/01 21:50:14 squinky86 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/ChangeLog,v 1.56 2004/07/09 22:41:05 vapier Exp $
+
+*rsync-2.6.0-r2 (09 Jul 2004)
+
+  09 Jul 2004; Mike Frysinger <vapier@gentoo.org> +files/2.6.0-sanitize.patch,
+  +rsync-2.6.0-r2.ebuild:
+  Version bump with security patch #49534.
 
   01 Jul 2004; Jon Hood <squinky86@gentoo.org> rsync-2.6.0-r1.ebuild,
   rsync-2.6.0.ebuild, rsync-2.6.1.ebuild, rsync-2.6.2-r1.ebuild,
diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index 226c798eae12..61c050fbda42 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -1,22 +1,25 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-MD5 fbae0e20ddcefa6debe3461d16ed8b01 ChangeLog 7539
+MD5 bed6d90295e6d15d73f46ddc3274d195 ChangeLog 7716
 MD5 002c3e1685c22f7adef30627b7339bdf rsync-2.6.0-r1.ebuild 2428
 MD5 5b566f079125c1324f42d88084138c66 rsync-2.6.0.ebuild 2252
+MD5 eab79ff238b221e9976c4eac814f04e1 rsync-2.6.0-r2.ebuild 2466
 MD5 882ef2e0c2d520656a25ebebbe1e6894 rsync-2.6.2-r3.ebuild 1989
 MD5 fffe88a5c856961bd776fd00c3f847ce rsync-2.6.1.ebuild 1935
+MD5 9118ed78f07b5bae1f8daa09226771b0 files/2.6.0-sanitize.patch 5842
 MD5 4d441bf205926e27dd5a2f535c6a970c files/rsyncd.conf 413
 MD5 c5f7ff7f88f35b5f20b080b75cf801ce files/rsyncd.conf.d 356
 MD5 3ff6f8bc2cf6a0c67a94d80eaaa721c3 files/rsyncd.init.d 424
 MD5 2b5cd2c75632c28fb6d8a311e8548fa9 files/digest-rsync-2.6.0 136
 MD5 e04533ca371c57d742250cc0622c005e files/digest-rsync-2.6.0-r1 204
+MD5 e04533ca371c57d742250cc0622c005e files/digest-rsync-2.6.0-r2 204
 MD5 23ad40bb15faf7e2d3846ffb6d6eaee9 files/digest-rsync-2.6.2-r3 131
 MD5 1b3c307f2cb9db6757a7b7a4aa8f345a files/digest-rsync-2.6.1 131
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.9.8 (GNU/Linux)
 
-iD8DBQFA7vTfHTu7gpaalycRAvnOAKDrP5uE7A83YFk16vWom0PATT36VwCfeQP1
-NVtEwLCUNWwLd2OPPaX/ovc=
-=om5O
+iD8DBQFA7x8OHTu7gpaalycRAtM6AJ9jTLjYyPXvbdDs5RklbVuBssAjYgCeOlH/
+o1tPUSPeZQWPKTzgh55Hn/Y=
+=C/6W
 -----END PGP SIGNATURE-----
diff --git a/net-misc/rsync/files/2.6.0-sanitize.patch b/net-misc/rsync/files/2.6.0-sanitize.patch
new file mode 100644
index 000000000000..7c2cc6b184dc
--- /dev/null
+++ b/net-misc/rsync/files/2.6.0-sanitize.patch
@@ -0,0 +1,200 @@
+Index: options.c
+===================================================================
+RCS file: /cvsroot/rsync/options.c,v
+retrieving revision 1.139
+retrieving revision 1.141
+diff -u -b -B -r1.139 -r1.141
+--- options.c	22 Feb 2004 08:56:43 -0000	1.139
++++ options.c	27 Mar 2004 19:42:13 -0000	1.141
+@@ -21,6 +21,8 @@
+ #include "rsync.h"
+ #include "popt.h"
+ 
++extern int sanitize_paths;
++extern char curr_dir[MAXPATHLEN];
+ extern struct exclude_struct **exclude_list;
+ 
+ int make_backups = 0;
+@@ -359,7 +361,7 @@
+   {"timeout",          0,  POPT_ARG_INT,    &io_timeout, 0, 0, 0 },
+   {"temp-dir",        'T', POPT_ARG_STRING, &tmpdir, 0, 0, 0 },
+   {"compare-dest",     0,  POPT_ARG_STRING, &compare_dest, 0, 0, 0 },
+-  {"link-dest",        0,  POPT_ARG_STRING, 0,              OPT_LINK_DEST, 0, 0 },
++  {"link-dest",        0,  POPT_ARG_STRING, &compare_dest,  OPT_LINK_DEST, 0, 0 },
+   /* TODO: Should this take an optional int giving the compression level? */
+   {"compress",        'z', POPT_ARG_NONE,   &do_compression, 0, 0, 0 },
+   {"daemon",           0,  POPT_ARG_NONE,   &daemon_opt, 0, 0, 0 },
+@@ -469,6 +471,7 @@
+ {
+ 	int opt;
+ 	char *ref = lp_refuse_options(module_id);
++	const char *arg;
+ 	poptContext pc;
+ 
+ 	if (ref && *ref)
+@@ -517,12 +520,18 @@
+ 			break;
+ 
+ 		case OPT_EXCLUDE_FROM:
+-			add_exclude_file(&exclude_list, poptGetOptArg(pc),
++			arg = poptGetOptArg(pc);
++			if (sanitize_paths)
++				arg = alloc_sanitize_path(arg, curr_dir);
++			add_exclude_file(&exclude_list, arg,
+ 					 MISSING_FATAL, ADD_EXCLUDE);
+ 			break;
+ 
+ 		case OPT_INCLUDE_FROM:
+-			add_exclude_file(&exclude_list, poptGetOptArg(pc),
++			arg = poptGetOptArg(pc);
++			if (sanitize_paths)
++				arg = alloc_sanitize_path(arg, curr_dir);
++			add_exclude_file(&exclude_list, arg,
+ 					 MISSING_FATAL, ADD_INCLUDE);
+ 			break;
+ 
+@@ -566,7 +575,6 @@
+ 
+ 		case OPT_LINK_DEST:
+ #if HAVE_LINK
+-			compare_dest = (char *)poptGetOptArg(pc);
+ 			link_dest = 1;
+ 			break;
+ #else
+@@ -660,6 +668,26 @@
+ 	if (relative_paths < 0)
+ 		relative_paths = files_from? 1 : 0;
+ 
++	*argv = poptGetArgs(pc);
++	if (*argv)
++		*argc = count_args(*argv);
++	else
++		*argc = 0;
++
++	if (sanitize_paths) {
++		int i;
++		for (i = *argc; i-- > 0; )
++			(*argv)[i] = alloc_sanitize_path((*argv)[i], NULL);
++		if (tmpdir)
++			tmpdir = alloc_sanitize_path(tmpdir, curr_dir);
++		if (compare_dest)
++			compare_dest = alloc_sanitize_path(compare_dest, curr_dir);
++		if (backup_dir)
++			backup_dir = alloc_sanitize_path(backup_dir, curr_dir);
++		if (files_from)
++			files_from = alloc_sanitize_path(files_from, curr_dir);
++	}
++
+ 	if (!backup_suffix)
+ 		backup_suffix = backup_dir ? "" : BACKUP_SUFFIX;
+ 	backup_suffix_len = strlen(backup_suffix);
+@@ -690,12 +718,6 @@
+ 	if (do_progress && !verbose)
+ 		verbose = 1;
+ 
+-	*argv = poptGetArgs(pc);
+-	if (*argv)
+-		*argc = count_args(*argv);
+-	else
+-		*argc = 0;
+-
+ 	if (files_from) {
+ 		char *colon;
+ 		if (*argc != 2) {
+@@ -718,9 +740,6 @@
+ 				exit_cleanup(RERR_SYNTAX);
+ 			}
+ 		} else {
+-			extern int sanitize_paths;
+-			if (sanitize_paths)
+-				sanitize_path(strdup(files_from), NULL);
+ 			filesfrom_fd = open(files_from, O_RDONLY|O_BINARY);
+ 			if (filesfrom_fd < 0) {
+ 				rsyserr(FERROR, errno,
+Index: clientserver.c
+===================================================================
+RCS file: /cvsroot/rsync/clientserver.c,v
+retrieving revision 1.118
+retrieving revision 1.117
+diff -u -b -B -r1.118 -r1.117
+--- clientserver.c	27 Mar 2004 09:44:01 -0000	1.118
++++ clientserver.c	4 Feb 2004 17:06:07 -0000	1.117
+@@ -423,19 +423,6 @@
+ 		}
+ 	}
+ 
+-	if (sanitize_paths) {
+-		/*
+-		 * Note that this is applied to all parameters, whether or not
+-		 *    they are filenames, but no other legal parameters contain
+-		 *    the forms that need to be sanitized so it doesn't hurt;
+-		 *    it is not known at this point which parameters are files
+-		 *    and which aren't.
+-		 */
+-		for (i = 1; i < argc; i++) {
+-			sanitize_path(argv[i], NULL);
+-		}
+-	}
+-
+ 	argp = argv;
+ 	ret = parse_arguments(&argc, (const char ***) &argp, 0);
+ 
+Index: proto.h
+===================================================================
+RCS file: /cvsroot/rsync/proto.h,v
+retrieving revision 1.184
+retrieving revision 1.185
+diff -u -b -B -r1.184 -r1.185
+--- proto.h	17 Feb 2004 23:13:06 -0000	1.184
++++ proto.h	27 Mar 2004 09:44:34 -0000	1.185
+@@ -260,6 +260,7 @@
+ void strlower(char *s);
+ void clean_fname(char *name);
+ void sanitize_path(char *p, char *reldir);
++char *alloc_sanitize_path(const char *path, const char *rootdir);
+ char *push_dir(char *dir, int save);
+ int pop_dir(char *dir);
+ char *full_fname(char *fn);
+Index: util.c
+===================================================================
+RCS file: /cvsroot/rsync/util.c,v
+retrieving revision 1.132
+retrieving revision 1.133
+diff -u -b -B -r1.132 -r1.133
+--- util.c	17 Feb 2004 23:13:10 -0000	1.132
++++ util.c	27 Mar 2004 09:44:49 -0000	1.133
+@@ -775,6 +775,34 @@
+ 	*sanp = '\0';
+ }
+ 
++/* Works much like sanitize_path(), with these differences:  (1) a new buffer
++ * is allocated for the sanitized path rather than modifying it in-place; (2)
++ * a leading slash gets transformed into the rootdir value (which can be empty
++ * or NULL if you just want the slash to get dropped); (3) no "reldir" can be
++ * specified. */
++char *alloc_sanitize_path(const char *path, const char *rootdir)
++{
++	char *buf;
++	int rlen, plen = strlen(path);
++
++	if (*path == '/' && rootdir)
++		rlen = strlen(rootdir);
++	else
++		rlen = 0;
++	if (!(buf = new_array(char, rlen + plen + 1)))
++		out_of_memory("alloc_sanitize_path");
++	if (rlen)
++		memcpy(buf, rootdir, rlen);
++	memcpy(buf + rlen, path, plen + 1);
++
++	if (rlen)
++		rlen++;
++	sanitize_path(buf + rlen, NULL);
++	if (rlen && buf[rlen] == '.' && buf[rlen+1] == '\0')
++		buf[rlen-1] = '\0';
++
++	return buf;
++}
+ 
+ char curr_dir[MAXPATHLEN];
+ unsigned int curr_dir_len;
diff --git a/net-misc/rsync/files/digest-rsync-2.6.0-r2 b/net-misc/rsync/files/digest-rsync-2.6.0-r2
new file mode 100644
index 000000000000..42e8d077802b
--- /dev/null
+++ b/net-misc/rsync/files/digest-rsync-2.6.0-r2
@@ -0,0 +1,3 @@
+MD5 3f24bf31aec0a657eb3b6844c3f09f21 rsync-2.6.0.tar.gz 464920
+MD5 a399e227a18ea3f2eb5aa2b401006d2d rsync-2.5.6-proxy-auth-1.patch 4353
+MD5 16cbffdcd9c6c318761c6c0d86400197 rsync-2.6.0-acl.diff.bz2 60721
diff --git a/net-misc/rsync/rsync-2.6.0-r2.ebuild b/net-misc/rsync/rsync-2.6.0-r2.ebuild
new file mode 100644
index 000000000000..5c1618e2663f
--- /dev/null
+++ b/net-misc/rsync/rsync-2.6.0-r2.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/rsync-2.6.0-r2.ebuild,v 1.1 2004/07/09 22:41:05 vapier Exp $
+
+inherit eutils flag-o-matic gcc
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="http://rsync.samba.org/"
+SRC_URI="http://rsync.samba.org/ftp/rsync/${P}.tar.gz
+	http://www.imada.sdu.dk/~bardur/personal/patches/${PN}-proxy-auth/${PN}-2.5.6-proxy-auth-1.patch
+	acl? ( http://www.saout.de/misc/${P}-acl.diff.bz2 )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha arm ~hppa ~amd64 ~ia64 ~ppc64 s390"
+IUSE="build static acl"
+
+RDEPEND="virtual/libc
+	!build? ( >=dev-libs/popt-1.5 )"
+DEPEND="${RDEPEND}
+	>=sys-apps/sed-4
+	acl? ( sys-apps/acl )"
+
+src_unpack() {
+	unpack "${P}.tar.gz"
+	cd ${S}
+	epatch ${FILESDIR}/${PV}-sanitize.patch
+	epatch "${DISTDIR}/${PN}-2.5.6-proxy-auth-1.patch"
+	use acl && epatch ${DISTDIR}/${P}-acl.diff.bz2
+
+	# change confdir to /etc/rsync rather than just /etc (the --sysconfdir
+	# configure option doesn't work
+	sed	-i \
+		-e 's|/etc/rsyncd.conf|/etc/rsync/rsyncd.conf|g' rsync.h \
+			|| die "sed rsync.h failed"
+	# yes, updating the man page is very important.
+	sed -i \
+		-e 's|/etc/rsyncd|/etc/rsync/rsyncd|g' rsyncd.conf.5 \
+			|| die "sed rsyncd.conf.5 failed"
+}
+
+src_compile() {
+	[ "`gcc-version`" == "2.95" ] && append-ldflags -lpthread
+	use static && append-ldflags -static
+	export LDFLAGS
+	econf $(use_with build included-popt) \
+		$(use_with acl acl-support) || die
+	emake || die "emake failed"
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die "make install failed"
+	insinto /etc/conf.d && newins "${FILESDIR}/rsyncd.conf.d" rsyncd
+	exeinto /etc/init.d && newexe "${FILESDIR}/rsyncd.init.d" rsyncd
+	if ! use build ; then
+		dodir /etc/rsync
+		dodoc NEWS OLDNEWS README TODO tech_report.tex
+		if [ ! -e /etc/rsync/rsyncd.conf ] ; then
+			insinto /etc/rsync
+			doins "${FILESDIR}/rsyncd.conf"
+		fi
+	else
+		rm -rf "${D}/usr/share"
+	fi
+}
+
+pkg_postinst() {
+	ewarn "Please make sure you do NOT disable the rsync server running"
+	ewarn "in a chroot.  Please check /etc/rsync/rsyncd.conf and make sure"
+	ewarn "it says: use chroot = yes"
+
+	einfo 'This patch enables usage of user:pass@proxy.foo:port'
+	einfo 'in the RSYNC_PROXY environment variable to support'
+	einfo 'the "Basic" proxy authentication scheme if you are'
+	einfo 'behind a password protected HTTP proxy.'
+}