diff options
Diffstat (limited to 'extra/rssh')
-rw-r--r-- | extra/rssh/PKGBUILD | 43 | ||||
-rw-r--r-- | extra/rssh/destdir.patch | 24 | ||||
-rw-r--r-- | extra/rssh/env-breach.patch | 228 | ||||
-rw-r--r-- | extra/rssh/rsync.patch | 54 |
4 files changed, 0 insertions, 349 deletions
diff --git a/extra/rssh/PKGBUILD b/extra/rssh/PKGBUILD deleted file mode 100644 index 477c6fcdf..000000000 --- a/extra/rssh/PKGBUILD +++ /dev/null @@ -1,43 +0,0 @@ -# $Id: PKGBUILD 164390 2012-08-01 04:02:33Z bisson $ -# Contributor: Judd Vinet <jvinet@zeroflux.org> -# Maintainer: Gaetan Bisson <bisson@archlinux.org> - -pkgname=rssh -pkgver=2.3.3 -pkgrel=4 -pkgdesc='Restricted shell for use with OpenSSH, allowing only scp and/or sftp' -url='http://www.pizzashack.org/rssh/' -license=('custom:rssh') -arch=('i686' 'x86_64') -backup=('etc/rssh.conf') -depends=('openssh') -source=("http://downloads.sourceforge.net/sourceforge/rssh/rssh-${pkgver}.tar.gz" - 'env-breach.patch' - 'destdir.patch' - 'rsync.patch') -sha1sums=('0a6dd80b5e6059e0db12c9f1276121dd966b610a' - '434712f82f24c60834a10142ca5c49b8a57555a7' - '85bd1694decae5872cbeeafd578b147eb13313c6' - '86564eab4493f4b4502a022e5938babb31450a00') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - patch -p1 -i ../env-breach.patch # FS#30950 - patch -p1 -i ../rsync.patch # FS#21783 - patch -p1 -i ../destdir.patch - - ./configure \ - --prefix=/usr \ - --libexecdir=/usr/lib/rssh \ - --mandir=/usr/share/man \ - --sysconfdir=/etc \ - - make -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/rssh/LICENSE -} diff --git a/extra/rssh/destdir.patch b/extra/rssh/destdir.patch deleted file mode 100644 index 90fa03e6d..000000000 --- a/extra/rssh/destdir.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -aur old//Makefile.am new//Makefile.am ---- old//Makefile.am 2006-12-21 23:22:37.000000000 +0100 -+++ new//Makefile.am 2010-11-25 18:15:29.253376150 +0100 -@@ -16,7 +16,7 @@ - $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $< - - install-exec-hook: -- chmod u+s $(libexecdir)/rssh_chroot_helper -+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper - - rpm: dist - rpmbuild -ta --sign $(base).tar.gz -diff -aur old//Makefile.in new//Makefile.in ---- old//Makefile.in 2010-08-01 15:59:54.000000000 +0200 -+++ new//Makefile.in 2010-11-25 18:15:29.253376150 +0100 -@@ -830,7 +830,7 @@ - $(CC) -c $(DEFS) $(ourdefs) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $< - - install-exec-hook: -- chmod u+s $(libexecdir)/rssh_chroot_helper -+ chmod u+s $(DESTDIR)$(libexecdir)/rssh_chroot_helper - - rpm: dist - rpmbuild -ta --sign $(base).tar.gz diff --git a/extra/rssh/env-breach.patch b/extra/rssh/env-breach.patch deleted file mode 100644 index e9193c7bd..000000000 --- a/extra/rssh/env-breach.patch +++ /dev/null @@ -1,228 +0,0 @@ ---- rssh-2.3.3/main.c.in 2010-08-01 15:43:30.000000000 -0400 -+++ rssh-2.3.3/main.c.in 2012-05-11 16:44:39.000000000 -0400 -@@ -184,7 +184,7 @@ - * determine if the command in cmdline is acceptable to run, and store - * name of program to exec in cmd - */ -- if ( !(*cmd = check_command_line(cmdline, opts)) ) return NULL; -+ if ( !(*cmd = get_command(cmdline, opts)) ) return NULL; - - /* if we need to do chroot processing, do it */ - if ( opts->shell_flags & RSSH_USE_CHROOT ){ -@@ -252,7 +252,9 @@ - } - - /* return vector of pointers to command line arguments */ -- return build_arg_vector(cmdline, 0); -+ argvec = build_arg_vector(cmdline, 0); -+ if (check_command_line(argvec, opts)) return argvec; -+ else return NULL; - } - - void vers_info( void ) ---- rssh-2.3.3/util.c 2010-08-01 09:07:00.000000000 -0400 -+++ rssh-2.3.3/util.c 2012-05-11 16:43:10.000000000 -0400 -@@ -106,7 +106,7 @@ - /* print error message to user and log attempt */ - fprintf(stderr, "\nThis account is restricted by rssh.\n" - "%s\n\nIf you believe this is in error, please contact " -- "your system administrator.\n\n", cmd); -+ "your system administrator.\n\n", cmd); - if ( argc < 3 ) - log_msg("user %s attempted to log in with a shell", - username); -@@ -132,31 +132,35 @@ - */ - bool opt_exist(char *cl, char opt) - { -- int i = 0; -+ int i = 1; - int len; -- char *token; -- bool optstring = FALSE; -- - - len = strlen(cl); - - /* process command line character by character */ -- while ( i < (len - 2) ){ -- if ( cl[i] == ' ' || cl[i] == '\t' ){ -- if ( cl[i+1] == '-' ){ -- optstring = TRUE; -- i+=2; -- } -- } -- if ( cl[i] == opt && optstring ) return TRUE; -- if ( cl[i] == ' ' || cl[i] == '\t' || cl[i] == '-' ) -- optstring = FALSE; -+ if (!(cl[0] == '-')) return FALSE; -+ while ( i < (len) ){ -+ if ( cl[i] == opt ) return TRUE; - i++; - } - return FALSE; - } - - -+bool opt_filter(char **vec, const char opt) -+{ -+ while (vec && *vec){ -+ if (opt_exist(*vec, opt)){ -+ fprintf(stderr, "\nillegal insecure %c option", opt); -+ log_msg("insecure %c option in scp command line!", opt); -+ return TRUE; -+ } -+ vec++; -+ } -+ return FALSE; -+} -+ -+ - bool check_command( char *cl, ShellOptions_t *opts, char *cmd, int cmdflag ) - { - int cl_len; /* length of command line */ -@@ -186,69 +190,78 @@ - return FALSE; - } - -+ - /* - * check_command_line() - take the command line passed to rssh, and verify -- * that the specified command is one the user is -- * allowed to run. Return the path of the command -- * which will be run if it is ok, or return NULL if it -- * is not. -+ * that the specified command is one the user is -+ * allowed to run and validate the arguments. Return the -+ * path of the command which will be run if it is ok, or -+ * return NULL if it is not. - */ --char *check_command_line( char *cl, ShellOptions_t *opts ) -+char *check_command_line( char **cl, ShellOptions_t *opts ) - { - -- if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) -+ if ( check_command(*cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) - return PATH_SFTP_SERVER; - -- if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){ -+ if ( check_command(*cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){ - /* filter -S option */ -- if ( opt_exist(cl, 'S') ){ -- fprintf(stderr, "\ninsecure -S option not allowed."); -- log_msg("insecure -S option in scp command line!"); -- return NULL; -- } -+ if ( opt_filter(cl, 'S') ) return NULL; - return PATH_SCP; - } - -- if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){ -- if ( opt_exist(cl, 'e') ){ -- fprintf(stderr, "\ninsecure -e option not allowed."); -- log_msg("insecure -e option in cvs command line!"); -- return NULL; -- } -+ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){ -+ if ( opt_filter(cl, 'e') ) return NULL; - return PATH_CVS; - } - -- if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){ -+ if ( check_command(*cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){ - /* filter -P option */ -- if ( opt_exist(cl, 'P') ){ -- fprintf(stderr, "\ninsecure -P option not allowed."); -- log_msg("insecure -P option in rdist command line!"); -- return NULL; -- } -+ if ( opt_filter(cl, 'P') ) return NULL; - return PATH_RDIST; - } - -- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){ -+ if ( check_command(*cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){ - /* filter -e option */ -- if ( opt_exist(cl, 'e') ){ -- fprintf(stderr, "\ninsecure -e option not allowed."); -- log_msg("insecure -e option in rdist command line!"); -- return NULL; -- } -- -- if ( strstr(cl, "--rsh=" ) ){ -- fprintf(stderr, "\ninsecure --rsh= not allowed."); -- log_msg("insecure --rsh option in rsync command line!"); -- return NULL; -+ if ( opt_filter(cl, 'e') ) return NULL; -+ while (cl && *cl){ -+ if ( strstr(*cl, "--rsh=" ) ){ -+ fprintf(stderr, "\ninsecure --rsh= not allowed."); -+ log_msg("insecure --rsh option in rsync command line!"); -+ return NULL; -+ } - } -- - return PATH_RSYNC; - } -+ /* No match, return NULL */ -+ return NULL; -+} -+ -+ -+/* -+ * get_command() - take the command line passed to rssh, and verify -+ * that the specified command is one the user is allowed to run. -+ * Return the path of the command which will be run if it is ok, -+ * or return NULL if it is not. -+ */ -+char *get_command( char *cl, ShellOptions_t *opts ) -+{ - -+ if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) -+ return PATH_SFTP_SERVER; -+ if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ) -+ return PATH_SCP; -+ if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ) -+ return PATH_CVS; -+ if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ) -+ return PATH_RDIST; -+ if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ) -+ return PATH_RSYNC; - return NULL; - } - - -+ - /* - * extract_root() - takes a root directory and the full path to some other - * directory, and returns a pointer to a string which -@@ -264,7 +277,7 @@ - len = strlen(root); - /* get rid of a trailing / from the root path */ - if ( root[len - 1] == '/' ){ -- root[len - 1] = '\0'; -+ root[len - 1] = '\0'; - len--; - } - if ( (strncmp(root, path, len)) ) return NULL; -@@ -309,7 +322,7 @@ - * same name, and returns FALSE if the bits are not valid - */ - int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp, -- bool *allow_cvs, bool *allow_rdist, bool *allow_rsync ) -+ bool *allow_cvs, bool *allow_rdist, bool *allow_rsync ) - { - int i; - ---- rssh-2.3.3/util.h 2006-12-21 17:22:38.000000000 -0500 -+++ rssh-2.3.3/util.h 2012-05-11 16:21:12.000000000 -0400 -@@ -33,7 +33,8 @@ - #include "rsshconf.h" - - void fail( int flags, int argc, char **argv ); --char *check_command_line( char *cl, ShellOptions_t *opts ); -+char *check_command_line( char **cl, ShellOptions_t *opts ); -+char *get_command( char *cl, ShellOptions_t *opts); - char *extract_root( char *root, char *path ); - int validate_umask( const char *temp, int *mask ); - int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp, diff --git a/extra/rssh/rsync.patch b/extra/rssh/rsync.patch deleted file mode 100644 index 7d0a51195..000000000 --- a/extra/rssh/rsync.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff -Naur old/util.c new/util.c ---- old/util.c 2012-08-01 13:48:47.803620731 +1000 -+++ new/util.c 2012-08-01 13:55:13.622614598 +1000 -@@ -56,6 +56,7 @@ - #ifdef HAVE_LIBGEN_H - #include <libgen.h> - #endif /* HAVE_LIBGEN_H */ -+#include <regex.h> - - /* LOCAL INCLUDES */ - #include "pathnames.h" -@@ -192,6 +193,33 @@ - - - /* -+ * check_rsync_e() - take the command line passed to rssh and look for a -e -+ * option. If one is found, make sure --server is provided -+ * and the option contains only the protocol information. -+ * Returns 1 if the command line is safe; 0 otherwise. -+ */ -+static int check_rsync_e( char *cl ) -+{ -+ int status; -+ regex_t re; -+ -+ /* -+ * This is more complicated than it looks because we don't want to -+ * trigger on the e in --server, but we do want to catch the common -+ * case of -ltpre.iL (which contains -e.). -+ */ -+ static const char pattern[] = "[ \t\v\f]-([^-][^ ]*)?e[^.0-9]"; -+ -+ if ( strstr(cl, "--server") == NULL ) return 0; -+ if ( regcomp(&re, pattern, REG_EXTENDED | REG_NOSUB) != 0 ){ -+ return 0; -+ } -+ status = regexec(&re, cl, 0, NULL, 0); -+ regfree(&re); -+ return (status == 0) ? 0 : 1; -+} -+ -+/* - * check_command_line() - take the command line passed to rssh, and verify - * that the specified command is one the user is - * allowed to run and validate the arguments. Return the -@@ -211,7 +239,7 @@ - } - - if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){ -- if ( opt_filter(cl, 'e') ) return NULL; -+ if ( opt_filter(cl, 'e') && !check_rsync_e(cl) ) return NULL; - return PATH_CVS; - } - |