Date: Mon, 29 Oct 2001 18:37:28 -0800 From: Jeff Chan <rwhois@jeffchan.com> To: ports@freebsd.org Subject: Fwd: ANNOUNCE: rwhoisd security fixes plus administrivia Message-ID: <462130260.20011029183728@supranet.net>
next in thread | raw e-mail | index | archive | help
------------88140892297E476 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Doug, et. al., Please update the FreeBSD port for rwhoisd to include this version's security fix if you haven't already done so. Thank you, Jeff C. __ This is a forwarded message From: David Blacka <davidb@research.netsol.com> To: rwhois@rwhois.net, rwhois-announce@rwhois.net Date: Monday, October 29, 2001, 1:09:35 PM Subject: ANNOUNCE: rwhoisd security fixes plus administrivia ===8<==============Original message text=============== First, I must apologize: The *@rwhois.net mailing lists have been down for several weeks due to a system administration oversite. This was particularly annoying, due to the fact that bugtraq posted a security flaw in rwhoisd: http://www.securityfocus.com/archive/1/222756 Any mail sent to rwhois@rwhois.net or any of the other rwhois.net mail addresses will likely have to be resent. rwhoisd-1.5.7.2 has been released which should close the security flaws. http://www.rwhois.net/ftp/rwhoisd-latest.tar.gz Attached is a patch file taking 1.5.7.1 to 1.5.7.2. -- David Blacka <davidb@research.netsol.com> Sr. Research Engineer Verisign Applied Research ===8<===========End of original message text=========== -- Jeff Chan mailto:rwhois@jeffchan.com http://www.jeffchan.com/ ------------88140892297E476 Content-Type: text/plain; name="patch-rwhoisd-1.5.7.1-1.5.7.2" Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="patch-rwhoisd-1.5.7.1-1.5.7.2" Index: ChangeLog =================================================================== RCS file: /home/radcvs/rwhoisd/ChangeLog,v retrieving revision 1.20 retrieving revision 1.22 diff -w -u -r1.20 -r1.22 --- ChangeLog 4 Oct 2001 19:51:02 -0000 1.20 +++ ChangeLog 29 Oct 2001 20:54:02 -0000 1.22 @@ -1,3 +1,19 @@ +2001-10-29 David Blacka <davidb@research.netsol.com> + + * Released version 1.5.7.2 + + * tools/Makefile.in: include tcpwrappers in 'make distclean' (Adam + Guyot) + + * server/xfer.c (xfer_parse_args): forbid xfer of 0.0.0.0/0 + (Adam Guyot) + + * common/client_msgs.c (print_error): changed to normal + non-varargs function (for security). + + * (various): changed invocation of print_error() to standard form + (security). + 2001-10-04 David Blacka <davidb@research.netsol.com> * Released version 1.5.7.1 Index: VERSION =================================================================== RCS file: /home/radcvs/rwhoisd/VERSION,v retrieving revision 1.10 retrieving revision 1.11 diff -w -u -r1.10 -r1.11 --- VERSION 4 Oct 2001 19:51:02 -0000 1.10 +++ VERSION 25 Oct 2001 19:39:30 -0000 1.11 @@ -1 +1 @@ -1.5.7.1 +1.5.7.2 Index: common/client_msgs.c =================================================================== RCS file: /home/radcvs/rwhoisd/common/client_msgs.c,v retrieving revision 1.17 retrieving revision 1.18 diff -w -u -r1.17 -r1.18 --- common/client_msgs.c 12 Oct 2000 18:01:25 -0000 1.17 +++ common/client_msgs.c 29 Oct 2001 16:48:05 -0000 1.18 @@ -109,23 +109,17 @@ /* prints to stdout the error messages. Format: %error ### message text, where ### follows rfc 640 */ void -print_error(va_alist) - va_dcl +print_error(err_no, str) + int err_no; + char *str; { - va_list list; int i; - int err_no; - char *format; if (printed_error_flag) { return; } - va_start(list); - - err_no = va_arg(list, int); - for (i = 0; i < N_ERRS; i++) { if (errs[i].err_no == err_no) @@ -135,13 +129,10 @@ } } - format = va_arg(list, char*); - if (*format) + if (STR_EXISTS(str)) { - printf(": "); + printf(": %s", str); } - vprintf(format, list); - va_end(list); printf("\n"); Index: common/client_msgs.h =================================================================== RCS file: /home/radcvs/rwhoisd/common/client_msgs.h,v retrieving revision 1.10 retrieving revision 1.11 diff -w -u -r1.10 -r1.11 --- common/client_msgs.h 12 Oct 2000 18:01:25 -0000 1.10 +++ common/client_msgs.h 29 Oct 2001 16:48:05 -0000 1.11 @@ -83,7 +83,7 @@ void clear_printed_error_flag PROTO((void)); -void print_error PROTO(()); +void print_error PROTO((int err_no, char *str)); void print_response PROTO(()); Index: common/validate_rec.c =================================================================== RCS file: /home/radcvs/rwhoisd/common/validate_rec.c,v retrieving revision 1.9 retrieving revision 1.10 diff -w -u -r1.9 -r1.10 --- common/validate_rec.c 12 Oct 2000 18:01:26 -0000 1.9 +++ common/validate_rec.c 29 Oct 2001 16:48:05 -0000 1.10 @@ -366,7 +366,7 @@ { if (protocol_error_flag) { - print_error(INVALID_ATTR_SYNTAX, "%s", av->attr->name, av->value); + print_error(INVALID_ATTR_SYNTAX, av->attr->name); } else { Index: server/class_directive.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/class_directive.c,v retrieving revision 1.9 retrieving revision 1.10 diff -w -u -r1.9 -r1.10 --- server/class_directive.c 12 Oct 2000 18:02:22 -0000 1.9 +++ server/class_directive.c 29 Oct 2001 16:49:35 -0000 1.10 @@ -81,7 +81,7 @@ auth_area = find_auth_area_by_name(argv[0]); if (!auth_area) { - print_error(INVALID_AUTH_AREA, "'%s'", argv[0]); + print_error(INVALID_AUTH_AREA, ""); destroy_class_arg_struct(cs); free_arg_list(argv); @@ -110,7 +110,7 @@ } else { - print_error(INVALID_CLASS, " '%s'", argv[i]); + print_error(INVALID_CLASS, ""); destroy_class_arg_struct(cs); free_arg_list(argv); Index: server/referral.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/referral.c,v retrieving revision 1.17 retrieving revision 1.18 diff -w -u -r1.17 -r1.18 --- server/referral.c 12 Oct 2000 18:02:22 -0000 1.17 +++ server/referral.c 29 Oct 2001 16:49:35 -0000 1.18 @@ -979,8 +979,7 @@ { if (! av->value ) { - print_error(INVALID_ATTR_SYNTAX, "attribute '%s' missing value", - av->attr->name); + print_error(INVALID_ATTR_SYNTAX, "attribute missing value"); return FALSE; } /* ref_rec->auth_area->name should be the same as Index: server/rwhois_directive.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/rwhois_directive.c,v retrieving revision 1.10 retrieving revision 1.11 diff -w -u -r1.10 -r1.11 --- server/rwhois_directive.c 12 Oct 2000 18:02:23 -0000 1.10 +++ server/rwhois_directive.c 29 Oct 2001 16:49:35 -0000 1.11 @@ -58,7 +58,7 @@ /* compare the requested version with our version */ if (!STR_EQ(argv[0], version)) { - print_error(UNCOMPAT_VERSION, argv[0]); + print_error(UNCOMPAT_VERSION, ""); log(L_LOG_NOTICE, CLIENT, "rwhois_directive: incompatible version identifier: %s", argv[0]); free_arg_list(argv); Index: server/schema_directive.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/schema_directive.c,v retrieving revision 1.15 retrieving revision 1.16 diff -w -u -r1.15 -r1.16 --- server/schema_directive.c 12 Oct 2000 18:02:23 -0000 1.15 +++ server/schema_directive.c 29 Oct 2001 16:49:35 -0000 1.16 @@ -104,7 +104,7 @@ } else { - print_error(INVALID_CLASS, argv[i]); + print_error(INVALID_CLASS, ""); destroy_schema_arg_struct(ss); free_arg_list(argv); Index: server/security_directive.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/security_directive.c,v retrieving revision 1.14 retrieving revision 1.15 diff -w -u -r1.14 -r1.15 --- server/security_directive.c 4 Oct 2001 19:48:23 -0000 1.14 +++ server/security_directive.c 29 Oct 2001 16:49:35 -0000 1.15 @@ -198,7 +198,7 @@ if (STR_EQ(prs->direction, "response")) { print_error(INVALID_DIRECTIVE_PARAM, - "Scheme not supported for %s", prs->direction); + "Scheme not supported"); free_auth_struct(auth); return((auth_struct *)NULL); } @@ -216,7 +216,7 @@ if (STR_EQ(prs->direction, "response")) { print_error(INVALID_DIRECTIVE_PARAM, - "Scheme not supported for %s", prs->direction); + "Scheme not supported"); free_auth_struct(auth); return((auth_struct *)NULL); } Index: server/soa.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/soa.c,v retrieving revision 1.13 retrieving revision 1.14 diff -w -u -r1.13 -r1.14 --- server/soa.c 12 Oct 2000 18:02:23 -0000 1.13 +++ server/soa.c 25 Oct 2001 19:37:48 -0000 1.14 @@ -50,7 +50,7 @@ auth_area = find_auth_area_by_name(argv[i]); if (!auth_area) { - print_error(INVALID_AUTH_AREA, argv[i]); + print_error(INVALID_AUTH_AREA, ""); free_arg_list(argv); dl_list_destroy(soa_arg); return NULL; Index: server/xfer.c =================================================================== RCS file: /home/radcvs/rwhoisd/server/xfer.c,v retrieving revision 1.16 retrieving revision 1.17 diff -w -u -r1.16 -r1.17 --- server/xfer.c 12 Oct 2000 18:02:23 -0000 1.16 +++ server/xfer.c 29 Oct 2001 16:49:28 -0000 1.17 @@ -137,6 +137,7 @@ char value[MAX_LINE]; int i; int j; + char *world = "0.0.0.0/0"; split_arg_list(str, &argc, &argv); @@ -149,6 +150,12 @@ xs = xcalloc(1, sizeof(*xs)); dl_list_default(&(xs->xfer_class_list), FALSE, destroy_xfer_class_data); + + if (STR_EQ(world, argv[0])) + { + print_error(INVALID_AUTH_AREA, "No world dumps allowed"); + return NULL; + } /* locate the authority area */ aa = find_auth_area_by_name(argv[0]); Index: tools/Makefile.in =================================================================== RCS file: /home/radcvs/rwhoisd/tools/Makefile.in,v retrieving revision 1.5 retrieving revision 1.6 diff -w -u -r1.5 -r1.6 --- tools/Makefile.in 4 Oct 2001 19:48:49 -0000 1.5 +++ tools/Makefile.in 29 Oct 2001 20:53:18 -0000 1.6 @@ -36,13 +36,13 @@ done clean: - @for dir in $(SUBDIRS); do \ + @for dir in $(SUBDIRS) tcpd_wrapper; do \ echo "making $@ in $$dir"; \ (cd $$dir; $(MAKE) $(MFLAGS) $@) || exit 1; \ done distclean: - @for dir in $(SUBDIRS); do \ + @for dir in $(SUBDIRS) tcpd_wrapper; do \ echo "making $@ in $$dir"; \ (cd $$dir; $(MAKE) $(MFLAGS) $@) || exit 1; \ done Index: tools/tcpd_wrapper/Makefile.in =================================================================== RCS file: /home/radcvs/rwhoisd/tools/tcpd_wrapper/Makefile.in,v retrieving revision 1.1 retrieving revision 1.2 diff -w -u -r1.1 -r1.2 --- tools/tcpd_wrapper/Makefile.in 3 Jun 1997 14:20:12 -0000 1.1 +++ tools/tcpd_wrapper/Makefile.in 29 Oct 2001 20:53:18 -0000 1.2 @@ -717,6 +717,8 @@ rm -f tcpd miscd safe_finger tcpdmatch tcpdchk try-from *.[oa] core \ cflags +distclean: clean + tidy: clean chmod -R a+r . chmod 755 . ------------88140892297E476-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?462130260.20011029183728>