Date: Tue, 1 Jan 2013 09:17:24 GMT From: moggie <moggie@elasticmind.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/174878: [maintainer-update|patch] irc/ircd-ratbox: Update to ratbox-3.0.8 for DOS fix Message-ID: <201301010917.r019HOqv071192@ewok.elasticmind.net> Resent-Message-ID: <201301010920.r019K0xP060071@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 174878 >Category: ports >Synopsis: [maintainer-update|patch] irc/ircd-ratbox: Update to ratbox-3.0.8 for DOS fix >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Jan 01 09:20:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: moggie >Release: FreeBSD 8.3-RELEASE-p3 amd64 >Organization: >Environment: System: FreeBSD 8.3-RELEASE-p3 #0: Mon Jul 9 18:55:18 BST 2012 GENERIC amd64 >Description: Updated irc/ircd-ratbox to ircd-ratbox-3.0.8 (security update release). A Denial of Service vulnerability has been discovered that impacts ircd-ratbox and its derivatives. Improper assumptions in the server handshake code (CAPAB module) leave the IRCd vulnerable to a remote crash. Versions 2.0.x to 3.0.7 are affected. Admins are advised to upgrade immediately. For further details see: http://www.ratbox.org/ASA-2012-12-31.txt Port changes: - Update for optionsng. - Correct an error preventing the services module from being deinstalled. - Fix a typo during ircd.motd copy. >How-To-Repeat: >Fix: --- ircd-ratbox-3.0.8.diff begins here --- diff -ruN ./ircd-ratbox.orig/Makefile ./ircd-ratbox/Makefile --- ./ircd-ratbox.orig/Makefile 2012-11-17 05:58:28.000000000 +0000 +++ ./ircd-ratbox/Makefile 2013-01-01 07:43:34.000000000 +0000 @@ -1,13 +1,8 @@ -# New ports collection makefile for: ircd-ratbox -# Date Created: 2006-01-27 -# Whom: Shaun Amott <shaun@inerd.com> -# +# Created by: Shaun Amott <shaun@inerd.com> # $FreeBSD: ports/irc/ircd-ratbox/Makefile,v 1.24 2012/11/17 05:58:28 svnexp Exp $ -# -# ex: ts=8 PORTNAME= ircd-ratbox -PORTVERSION= 3.0.7 +PORTVERSION= 3.0.8 CATEGORIES= irc ipv6 MASTER_SITES= http://www.ratbox.org/download/ \ http://www.ratbox.org/download/old/ @@ -49,56 +44,61 @@ #-- Options ------------------------------------------------------------ -OPTIONS= OPENSSL "Enable openssl support" on \ - IPV6 "Enable IPv6 support" on \ - ZIPLINKS "Enable ziplinks support" on \ - SHARED_MODULES "Enable shared modules support" on \ - ASSERT "Enable debugging code" off \ - SMALL_NET "Tune server for small networks" off \ - SERVICES "Enable ratbox-services compatibility code" off \ - SHORTCUTS "Build with ircd-shortcut commands" off +OPTIONS_DEFINE= OPENSSL IPV6 ZIPLINKS SHARED_MODS ASSERT SMALL_NET \ + SERVICES SHORTCUTS +OPENSSL_DESC= Support OpenSSL encrypted connections +IPV6_DESC= Enable IPv6 support +ZIPLINKS_DESC= Support compressed server links +SHARED_MODS_DESC= Support shared modules +ASSERT_DESC= Enable debugging code +SMALL_NET_DESC= Tune server internals for small networks +SERVICES_DESC= Enable ratbox-services compatibility code +SHORTCUTS_DESC= Build with ircd-shortcut commands + +OPTIONS_DEFAULT= OPENSSL IPV6 ZIPLINKS SHARED_MODS +OPTIONS_EXCLUDE= NLS EXAMPLES #---------------------------------------------------------------------- -.include <bsd.port.pre.mk> +.include <bsd.port.options.mk> -.if defined(WITH_OPENSSL) -.include "${PORTSDIR}/Mk/bsd.openssl.mk" +.if ${PORT_OPTIONS:MOPENSSL} +WITH_OPENSSL_BASE=yes CONFIGURE_ARGS+= --enable-openssl .else CONFIGURE_ARGS+= --disable-openssl .endif -.if defined(WITHOUT_IPV6) +.if ${PORT_OPTIONS:MIPV6} CONFIGURE_ARGS+= --disable-ipv6 .endif -.if defined(WITHOUT_ZIPLINKS) +.if ${PORT_OPTIONS:MZIPLINKS} CONFIGURE_ARGS+= --disable-zlib .endif -.if defined(WITHOUT_SHARED_MODULES) +.if ${PORT_OPTIONS:MSHARED_MODS} CONFIGURE_ARGS+= --disable-shared-modules .endif -.if defined(WITH_ASSERT) +.if ${PORT_OPTIONS:MASSERT} CONFIGURE_ARGS+= --enable-assert .else CONFIGURE_ARGS+= --disable-assert .endif -.if defined(WITH_SMALL_NET) +.if ${PORT_OPTIONS:MSMALL_NET} CONFIGURE_ARGS+= --enable-small-net .endif -.if defined(WITH_SERVICES) +.if ${PORT_OPTIONS:MSERVICES} CONFIGURE_ARGS+= --enable-services PLIST_SUB+= SERVICES="" .else PLIST_SUB+= SERVICES="@comment " .endif -.if defined(WITH_SHORTCUTS) +.if ${PORT_OPTIONS:MSHORTCUTS} USE_PERL5_BUILD= yes PLIST_SUB+= SHORTCUTS="" .else @@ -107,7 +107,7 @@ #-- User Configuration ------------------------------------------------- -.if defined(NICKLEN) +.if !empty(NICKLEN) CONFIGURE_ARGS+= --with-nicklen=${NICKLEN} .endif @@ -148,45 +148,45 @@ #-- ircd-shortcut.pl ratbox-services commands -------------------------------------- -.if defined(SERVER_NAME) +.if !empty(SERVER_NAME) @${REINPLACE_CMD} -e "s#services.ircd-ratbox.org#${SERVER_NAME}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(USER_SERV) +.if !empty(USER_SERV) @${REINPLACE_CMD} -e "s#USERSERV#${USER_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(CHAN_SERV) +.if !empty(CHAN_SERV) @${REINPLACE_CMD} -e "s#CHANSERV#${CHAN_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(NICK_SERV) +.if !empty(NICK_SERV) @${REINPLACE_CMD} -e "s#NICKSERV#${NICK_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(ALIS_SERV) +.if !empty(ALIS_SERV) @${REINPLACE_CMD} -e "s#ALIS#${ALIS_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(OPER_BOT) +.if !empty(OPER_BOT) @${REINPLACE_CMD} -e "s#OPERBOT#${OPER_BOT}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(OPER_SERV) +.if !empty(OPER_SERV) @${REINPLACE_CMD} -e "s#OPERSERV#${OPER_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(JUPE_SERV) +.if !empty(JUPE_SERV) @${REINPLACE_CMD} -e "s#JUPESERV#${JUPE_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif -.if defined(GLOBAL_SERV) +.if !empty(GLOBAL_SERV) @${REINPLACE_CMD} -e "s#GLOBAL#${GLOBAL_SERV}#" \ ${WRKSRC}/contrib/ircd-shortcut.pl .endif # ----- Execute ircd-shortcut perl script to generate the .c file. ----- -.if defined(WITH_SHORTCUTS) +.if ${PORT_OPTIONS:MSHORTCUTS} @${ECHO_MSG} "Executing ircd-shortcut.pl for ircd-shortcuts generation." ${PERL} ${WRKSRC}/contrib/ircd-shortcut.pl .endif @@ -196,7 +196,7 @@ ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} # ----- Need to build the m_rsshortcut.so module for ircd-shortcut.pl ---- -.if defined(WITH_SHORTCUTS) +.if ${PORT_OPTIONS:MSHORTCUTS} @${ECHO_MSG} "Building m_rsshortcut.la for ircd-shortcuts." @cd ${INSTALL_WRKSRC}/contrib && ${SETENV} ${MAKE_ENV} ${MAKE} \ ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} m_rsshortcut.la @@ -208,7 +208,7 @@ ${MKDIR} ${PREFIX}/lib/${PORTNAME}/modules post-install: -.if !defined(NOPORTDOCS) +.if ${PORT_OPTIONS:MDOCS} ${MKDIR} ${DOCSDIR} cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} .endif @@ -220,7 +220,7 @@ ${INSTALL_DATA} ${WRKSRC}/doc/genssl.sh ${PREFIX}/etc/${PORTNAME}/genssl.sh # ----- We need to install the shortcut.pl module ---- -.if defined(WITH_SHORTCUTS) +.if ${PORT_OPTIONS:MSHORTCUTS} @${ECHO_MSG} "Executing install-mod.sh for ircd-shortcuts module installation." ${SH} ${WRKSRC}/install-mod.sh ${WRKSRC}/contrib/m_rsshortcut.la \ ${PREFIX}/lib/${PORTNAME}/modules/contrib @@ -241,4 +241,4 @@ #----------------------------------------------------------------------- -.include <bsd.port.post.mk> +.include <bsd.port.mk> diff -ruN ./ircd-ratbox.orig/distinfo ./ircd-ratbox/distinfo --- ./ircd-ratbox.orig/distinfo 2012-04-15 11:52:14.000000000 +0100 +++ ./ircd-ratbox/distinfo 2013-01-01 05:28:27.000000000 +0000 @@ -1,2 +1,2 @@ -SHA256 (ircd-ratbox-3.0.7.tar.bz2) = 71626a0eadc41822afb93a7abb374e38ec425129df6a20ee2fc431df0e5c4f6e -SIZE (ircd-ratbox-3.0.7.tar.bz2) = 2379425 +SHA256 (ircd-ratbox-3.0.8.tar.bz2) = 6d871030ed6fba2b6f46c3e2f3bd37f375fae5dc91441081f9aabc8ccbe2d603 +SIZE (ircd-ratbox-3.0.8.tar.bz2) = 2419597 diff -ruN ./ircd-ratbox.orig/files/patch-include_config.h ./ircd-ratbox/files/patch-include_config.h --- ./ircd-ratbox.orig/files/patch-include_config.h 2012-04-15 11:52:14.000000000 +0100 +++ ./ircd-ratbox/files/patch-include_config.h 2013-01-01 05:56:48.000000000 +0000 @@ -1,6 +1,6 @@ ---- ./include/config.h.orig 2012-04-13 15:02:51.000000000 +0100 -+++ ./include/config.h 2012-04-13 15:06:23.000000000 +0100 -@@ -54,15 +54,17 @@ +--- ./include/config.h.orig 2012-03-16 05:33:15.000000000 +0000 ++++ ./include/config.h 2013-01-01 05:56:38.000000000 +0000 +@@ -54,14 +54,16 @@ #define LOGPATH LOG_DIR #define UHPATH HELP_DIR "/users" #define HPATH HELP_DIR "/opers" @@ -14,9 +14,8 @@ +#define DBPATH DBPTH "/ban.db" #define MPATH ETCPATH "/ircd.motd" /* MOTD file */ #define LPATH LOGPATH "/ircd.log" /* ircd logfile */ - #define PPATH ETCPATH "/ircd.pid" /* pid file */ --#define OPATH ETCPATH "/opers.motd" /* oper MOTD file */ -+#define OPATH RUNPATH "/opers.motd" /* oper MOTD file */ +-#define PPATH ETCPATH "/ircd.pid" /* pid file */ ++#define PPATH RUNPATH "/ircd.pid" /* pid file */ + #define OPATH ETCPATH "/opers.motd" /* oper MOTD file */ /* HANGONGOODLINK and HANGONGOODLINK - * Often net breaks for a short time and it's useful to try to diff -ruN ./ircd-ratbox.orig/pkg-plist ./ircd-ratbox/pkg-plist --- ./ircd-ratbox.orig/pkg-plist 2012-04-15 11:52:14.000000000 +0100 +++ ./ircd-ratbox/pkg-plist 2013-01-01 06:06:23.000000000 +0000 @@ -142,8 +142,8 @@ lib/ircd-ratbox/libcore.so lib/ircd-ratbox/libratbox.la lib/ircd-ratbox/libratbox.so -%%SERVICES%%/lib/ircd-ratbox/modules/autoload/m_services.so -%%SERVICES%%/lib/ircd-ratbox/modules/autoload/m_services.la +%%SERVICES%%lib/ircd-ratbox/modules/autoload/m_services.so +%%SERVICES%%lib/ircd-ratbox/modules/autoload/m_services.la lib/ircd-ratbox/modules/autoload/m_accept.so lib/ircd-ratbox/modules/autoload/m_admin.so lib/ircd-ratbox/modules/autoload/m_adminwall.so @@ -245,7 +245,7 @@ @exec if [ ! -f "%D/etc/ircd-ratbox/ircd.conf" ] ; then cp -p "%D/%F" "%B/ircd.conf"; fi @unexec if cmp -s "%D/etc/ircd-ratbox/ircd.motd.sample" "%D/etc/ircd-ratbox/ircd.motd"; then rm -f "%D/etc/ircd-ratbox/ircd.motd"; fi etc/ircd-ratbox/ircd.motd.sample -@exec if [ ! -f "%D/etc/ircd-ratbox/ircd.motd" ] ; then cp -p "%D/%F %B/ircd.motd"; fi +@exec if [ ! -f "%D/etc/ircd-ratbox/ircd.motd" ] ; then cp -p "%D/%F" "%B/ircd.motd"; fi @dirrmtry etc/ircd-ratbox @cwd / @dirrmtry %%LOGDIR%% --- ircd-ratbox-3.0.8.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301010917.r019HOqv071192>