+++ /dev/null
-From 0dedfbce2c1b851684ba658861fe9d620636c56a Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayned@samba.org>
-Date: Sun, 13 Apr 2014 13:44:58 -0700
-Subject: [PATCH] Avoid infinite wait reading secrets file.
-
----
- authenticate.c | 24 +++++++++++++-----------
- 1 files changed, 13 insertions(+), 11 deletions(-)
-
-diff --git a/authenticate.c b/authenticate.c
-index 3381b8c..c92746c 100644
---- rsync/authenticate.c
-+++ rsync/authenticate.c
-@@ -102,15 +102,16 @@ static const char *check_secret(int module, const char *user, const char *group,
- char pass2[MAX_DIGEST_LEN*2];
- const char *fname = lp_secrets_file(module);
- STRUCT_STAT st;
-- int fd, ok = 1;
-+ int ok = 1;
- int user_len = strlen(user);
- int group_len = group ? strlen(group) : 0;
- char *err;
-+ FILE *fh;
-
-- if (!fname || !*fname || (fd = open(fname, O_RDONLY)) < 0)
-+ if (!fname || !*fname || (fh = fopen(fname, "r")) == NULL)
- return "no secrets file";
-
-- if (do_fstat(fd, &st) == -1) {
-+ if (do_fstat(fileno(fh), &st) == -1) {
- rsyserr(FLOG, errno, "fstat(%s)", fname);
- ok = 0;
- } else if (lp_strict_modes(module)) {
-@@ -123,29 +124,30 @@ static const char *check_secret(int module, const char *user, const char *group,
- }
- }
- if (!ok) {
-- close(fd);
-+ fclose(fh);
- return "ignoring secrets file";
- }
-
- if (*user == '#') {
- /* Reject attempt to match a comment. */
-- close(fd);
-+ fclose(fh);
- return "invalid username";
- }
-
- /* Try to find a line that starts with the user (or @group) name and a ':'. */
- err = "secret not found";
-- while ((user || group) && read_line_old(fd, line, sizeof line, 1)) {
-- const char **ptr, *s;
-+ while ((user || group) && fgets(line, sizeof line, fh) != NULL) {
-+ const char **ptr, *s = strtok(line, "\n\r");
- int len;
-- if (*line == '@') {
-+ if (!s)
-+ continue;
-+ if (*s == '@') {
- ptr = &group;
- len = group_len;
-- s = line+1;
-+ s++;
- } else {
- ptr = &user;
- len = user_len;
-- s = line;
- }
- if (!*ptr || strncmp(s, *ptr, len) != 0 || s[len] != ':')
- continue;
-@@ -158,7 +160,7 @@ static const char *check_secret(int module, const char *user, const char *group,
- *ptr = NULL; /* Don't look for name again. */
- }
-
-- close(fd);
-+ fclose(fh);
-
- memset(line, 0, sizeof line);
- memset(pass2, 0, sizeof pass2);
---
-1.7.0.4
-
-
+++ /dev/null
-diff --git a/rsync-3.1.0/clientserver.c~ b/rsync-3.1.0/clientserver.c
-index 051dbfa..e10f5ea 100644
---- rsync-3.1.0/clientserver.c~
-+++ rsync-3.1.0/clientserver.c
-@@ -296,7 +296,7 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
- if (use_ssl) {
- io_printf(f_out, "#starttls\n");
- while (1) {
-- if (!read_line_old(f_in, line, sizeof line)) {
-+ if (!read_line_old(f_in, line, sizeof line, 0)) {
- rprintf(FERROR, "rsync: did not receive reply to #starttls\n");
- return -1;
- }
Summary(zh_CN.UTF-8): [通讯]传输工具
Summary(zh_TW.UTF-8): [喙啪]\e$(B6G?i火(c\e(B
Name: rsync
-Version: 3.1.0
+Version: 3.1.1
Release: 1
License: GPL
Group: Networking/Utilities
Source0: http://rsync.samba.org/ftp/rsync/%{name}-%{version}.tar.gz
-# Source0-md5: 3be148772a33224771a8d4d2a028b132
+# Source0-md5: 0d946ab52311789581dd6f844128a614
Source1: http://rsync.samba.org/ftp/rsync/rsync-patches-%{version}.tar.gz
-# Source1-md5: a6f46f342017644e4747c1c083feefac
+# Source1-md5: fdfbceacad34dfe86932d7265b715b96
Source2: %{name}.inet
Source3: %{name}.init
Source4: %{name}.sysconfig
Source5: %{name}d.logrotate
Patch0: %{name}-config.patch
-Patch1: %{name}-openssl-read_line_old.patch
-Patch2: %{name}-dos.patch
URL: http://rsync.samba.org/
BuildRequires: acl-devel
BuildRequires: autoconf >= 2.59
BuildRequires: automake
-BuildRequires: openssl-devel
BuildRequires: popt-devel
BuildRequires: rpmbuild(macros) >= 1.318
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
# for compat with previous patched version
patch -p1 -i patches/acls.diff || exit 1
patch -p1 -i patches/xattrs.diff || exit 1
-patch -p1 < patches/openssl-support.diff || exit 1
-
-# fix call to read_line_old in clientserver.c (from openssl-support.patch)
-%patch1 -p1
-
-# CVE-2014-2855
-%patch2 -p1
%build
cp -f /usr/share/automake/config.sub .
%{?with_rsh:--with-rsh=rsh} \
--enable-ipv6 \
--enable-acl-support \
- --enable-openssl \
--enable-xattr-support \
--disable-debug \
--with-rsyncd-conf=%{_sysconfdir}/rsyncd.conf
projects / packages / rsync.git / commitdiff