Date: Mon, 6 Dec 2010 20:11:24 GMT From: Rob Farmer <rfarmer@predatorlabs.net> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/152869: [maintainer] [patch] shells/scponly Fix rsync support for 3.0 Message-ID: <201012062011.oB6KBOcF036096@red.freebsd.org> Resent-Message-ID: <201012062020.oB6KK7FF042172@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 152869 >Category: ports >Synopsis: [maintainer] [patch] shells/scponly Fix rsync support for 3.0 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Dec 06 20:20:07 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Rob Farmer >Release: 9.0-CURRENT >Organization: >Environment: FreeBSD vmware.predatorlabs.net 9.0-CURRENT FreeBSD 9.0-CURRENT #1 r216082: Wed Dec 1 03:26:21 PST 2010 rfarmer@vmware.predatorlabs.net:/usr/obj/usr/src/sys/VMWARE i386 >Description: Rsync 3 needs the "-e" option, which is blocked by scponly: Dec 6 12:03:13 cheese scponly[34130]: option 'e' or a related long option is not permitted for use with /usr/local/bin/rsync (arg was .iLsf) (username: newuser(11062), IP/port: XXX 24404 22)) Dec 6 12:03:13 cheese scponly[34130]: requested command (/usr/local/bin/rsync --server -vvlogDtpre.iLsf . /tmp/sl) tried to use disallowed argument (username: newuser(11062), IP/port: XXX 24404 22)) Patch pulled from upstream CVS, which states a full release will come soon: http://lists.ccs.neu.edu/pipermail/scponly/2010-November/002170.html Dropped MD5 distinfo while here. Reported by: Frank Bartels <knarf@knarf.de> >How-To-Repeat: >Fix: Patch attached with submission follows: Index: Makefile =================================================================== RCS file: /home/ncvs/ports/shells/scponly/Makefile,v retrieving revision 1.34 diff -u -r1.34 Makefile --- Makefile 28 Jun 2010 13:47:19 -0000 1.34 +++ Makefile 6 Dec 2010 19:55:11 -0000 @@ -71,7 +71,7 @@ PORTNAME= scponly PORTVERSION= 4.8 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= shells security MASTER_SITES= http://www.sublimation.org/scponly/ \ SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION} Index: distinfo =================================================================== RCS file: /home/ncvs/ports/shells/scponly/distinfo,v retrieving revision 1.15 diff -u -r1.15 distinfo --- distinfo 3 Apr 2008 14:14:28 -0000 1.15 +++ distinfo 6 Dec 2010 19:48:53 -0000 @@ -1,3 +1,2 @@ -MD5 (scponly-4.8.tgz) = 139ac9abd7f3b8dbc5c5520745318f8a SHA256 (scponly-4.8.tgz) = 1693dd678355749c5d9e48ecdd4628dbfe71d82955afde950ee8d88b5adc01cf SIZE (scponly-4.8.tgz) = 101687 Index: files/patch-helper.c =================================================================== RCS file: /home/ncvs/ports/shells/scponly/files/patch-helper.c,v retrieving revision 1.3 diff -u -r1.3 patch-helper.c --- files/patch-helper.c 15 Jan 2010 02:44:01 -0000 1.3 +++ files/patch-helper.c 6 Dec 2010 19:53:06 -0000 @@ -1,11 +1,91 @@ ---- helper.c.orig 2010-01-05 21:06:05.000000000 -0800 -+++ helper.c 2010-01-05 21:06:18.000000000 -0800 -@@ -230,7 +230,7 @@ +--- helper.c 2007/08/10 18:37:27 1.24 ++++ helper.c 2008/03/08 18:57:48 1.25 +@@ -26,6 +26,11 @@ + #endif + #endif + ++#ifdef RSYNC_COMPAT ++#define RSYNC_ARG_SERVER 0x01 ++#define RSYNC_ARG_EXECUTE 0x02 ++#endif ++ + #define MAX(x,y) ( ( x > y ) ? x : y ) + #define MIN(x,y) ( ( x < y ) ? x : y ) + +@@ -164,6 +169,13 @@ + int ch; + int ac=0; + int longopt_index = 0; ++#ifdef RSYNC_COMPAT ++ /* ++ * bitwise flag: 0x01 = server, 0x02 = -e. ++ * Thus 0x03 is allowed and 0x01 is allowed, but 0x02 is not allowed ++ */ ++ int rsync_flags = 0; ++#endif /* RSYNC_COMPAT */ + + while (cmdarg != NULL) + { +@@ -182,7 +194,7 @@ + */ + if (1 == cmdarg->getoptflag) + { +- debug(LOG_DEBUG, "Using getopt processing for cmd %s\n (%s)", cmdarg->name, logstamp()); ++ debug(LOG_DEBUG, "Using getopt processing for cmd%s\n (%s)", cmdarg->name, logstamp()); + /* + * first count the arguments in the vector + */ +@@ -207,7 +219,7 @@ + * otherwise, try a glibc-style reset of the global getopt vars + */ + optind=0; +-#endif ++#endif /* HAVE_OPTRESET */ + /* + * tell getopt to only be strict if the 'opts' is well defined + */ +@@ -216,6 +228,18 @@ + + debug(LOG_DEBUG, "getopt processing returned '%c' (%s)", ch, logstamp()); + ++#ifdef RSYNC_COMPAT ++ if (exact_match(cmdarg->name, PROG_RSYNC) && (ch == 's' || ch == 'e')) { ++ if (ch == 's') ++ rsync_flags |= RSYNC_ARG_SERVER; ++ else ++ /* -e */ ++ rsync_flags |= RSYNC_ARG_EXECUTE; ++ debug(LOG_DEBUG, "rsync_flags are now set to: %0x", rsync_flags); ++ } ++ else ++#endif /* RSYNC_COMPAT */ ++ + /* if the character is found in badarg, then it's not a permitted option */ + if (cmdarg->badarg != NULL && (strchr(cmdarg->badarg, ch) != NULL)) + { +@@ -230,14 +254,23 @@ return 1; } } -#elif -+#else ++#ifdef RSYNC_COMPAT ++ /* it's not safe if the execute flag was set and server was not set */ ++ if ((rsync_flags & RSYNC_ARG_EXECUTE) != 0 && (rsync_flags & RSYNC_ARG_SERVER) == 0) { ++ syslog(LOG_ERR, "option 'e' is not allowed unless '--server' is also set with cmd %s (%s)", ++ PROG_RSYNC, logstamp()); ++ return 1; ++ } ++#endif /* RSYNC_COMPAT */ ++ ++#elif /* HAVE_GETOPT */ /* * make sure that processing doesn't continue if we can't validate a rsync check * and if the getopt flag is set. + */ + syslog(LOG_ERR, "a getopt() argument check could not be performed for %s, recompile scponly without support for %s or rebuild scponly with getopt", av[0], av[0]); + return 1; +-#endif ++#endif /* HAVE_GETOPT */ + } + else + /* Index: files/patch-scponly.c =================================================================== RCS file: files/patch-scponly.c diff -N files/patch-scponly.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-scponly.c 6 Dec 2010 19:53:18 -0000 @@ -0,0 +1,38 @@ +--- scponly.c 2008/01/15 06:30:20 1.45 ++++ scponly.c 2008/03/08 18:57:48 1.46 +@@ -91,16 +91,18 @@ + + #ifdef RSYNC_COMPAT + struct option rsync_longopts[] = { ++ /* options we need to know about that are safe */ ++ {"server", 0, 0, (int)'s'}, + /* I use 'e' for val here because that's what's listed in cmd_arg_t->badarg */ +- {"rsh", 1, 0, (int)'e'}, ++ {"rsh", 1, 0, (int)'r'}, + /* the following are disabled because they use daemon mode */ +- {"daemon", 0, 0, (int)'e'}, +- {"rsync-path", 1, 0, (int)'e'}, +- {"address", 1, 0, (int)'e'}, +- {"port", 1, 0, (int)'e'}, +- {"sockopts", 1, 0, (int)'e'}, +- {"config", 1, 0, (int)'e'}, +- {"no-detach", 0, 0, (int)'e'}, ++ {"daemon", 0, 0, (int)'d'}, ++ {"rsync-path", 1, 0, (int)'d'}, ++ {"address", 1, 0, (int)'d'}, ++ {"port", 1, 0, (int)'d'}, ++ {"sockopts", 1, 0, (int)'d'}, ++ {"config", 1, 0, (int)'d'}, ++ {"no-detach", 0, 0, (int)'d'}, + { NULL, 0, NULL, 0 }, + }; + #endif +@@ -157,7 +159,7 @@ + { PROG_SCP, 1, 1, "SoF", "dfl:prtvBCc:i:P:q1246S:o:F:", empty_longopts }, + #endif + #ifdef RSYNC_COMPAT +- { PROG_RSYNC, 1, 0, "e", "e:", rsync_longopts }, ++ { PROG_RSYNC, 1, 0, "rde", "e::", rsync_longopts }, + #endif + #ifdef UNISON_COMPAT + { PROG_UNISON, 0, 0, "-rshcmd", NULL, empty_longopts }, >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012062011.oB6KBOcF036096>