[pkgsrc/trunk]: pkgsrc/net/ngrep Add a patch to fix privilege handling.

[hubertf <hubertf%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/36efa852dbb0
branches:  trunk
changeset: 477589:36efa852dbb0
user:      hubertf <hubertf%pkgsrc.org@localhost>
date:      Mon Jul 05 21:42:46 2004 +0000

description:
Add a patch to fix privilege handling.

Contributed by Steve Rumble in private mail, and mailed back to the
ngrep author by him.  Bump the pkg to nb2.

diffstat:

 net/ngrep/Makefile         |   4 +-
 net/ngrep/distinfo         |   3 +-
 net/ngrep/patches/patch-ac |  63 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 67 insertions(+), 3 deletions(-)

diffs (93 lines):

diff -r f4a849614a3b -r 36efa852dbb0 net/ngrep/Makefile
--- a/net/ngrep/Makefile        Mon Jul 05 18:21:48 2004 +0000
+++ b/net/ngrep/Makefile        Mon Jul 05 21:42:46 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.17 2004/06/02 22:19:20 recht Exp $
+# $NetBSD: Makefile,v 1.18 2004/07/05 21:42:46 hubertf Exp $
 #
 
 DISTNAME=      ngrep-1.42
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ngrep/}
 EXTRACT_SUFX=  .tar.bz2
diff -r f4a849614a3b -r 36efa852dbb0 net/ngrep/distinfo
--- a/net/ngrep/distinfo        Mon Jul 05 18:21:48 2004 +0000
+++ b/net/ngrep/distinfo        Mon Jul 05 21:42:46 2004 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.6 2004/04/13 13:50:05 adam Exp $
+$NetBSD: distinfo,v 1.7 2004/07/05 21:42:46 hubertf Exp $
 
 SHA1 (ngrep-1.42.tar.bz2) = 03987bc4f6344ecd0d56313f42f2c254f37ac271
 Size (ngrep-1.42.tar.bz2) = 527699 bytes
 SHA1 (patch-aa) = cf3076ba4a0c471d429ae76bafe7dab46d20fa30
 SHA1 (patch-ab) = 9522bd13976c850d109f91f6a5ec5a2aa7272d4e
+SHA1 (patch-ac) = 9624cedda7f30ead25dc82cc7bb254bf0da8cf6b
diff -r f4a849614a3b -r 36efa852dbb0 net/ngrep/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ngrep/patches/patch-ac        Mon Jul 05 21:42:46 2004 +0000
@@ -0,0 +1,63 @@
+--- ngrep.c.orig       2004-03-28 21:15:59.000000000 -0500
++++ ngrep.c    2004-07-04 19:21:18.000000000 -0400
+@@ -999,40 +999,29 @@
+ 
+  {
+     struct passwd *pw = getpwnam(DROPPRIVS_USER);
+-    gid_t newgid = pw->pw_uid, oldgid = getegid();
+-    uid_t newuid = pw->pw_gid, olduid = geteuid();
+-
+-    if (!olduid)
+-        setgroups(1, &newgid);
+-
+-    if (newgid != oldgid) {
+-#if !defined(LINUX)
+-        setegid(newgid);
+-        if (setgid(newgid) == -1)
+-#else
+-        if (setregid(newgid, newgid) == -1)
+-#endif
+-        {
+-            perror("attempt to drop privileges failed");
+-            clean_exit(-1);
+-        }
++    gid_t newgid = pw->pw_gid, oldgid = getegid();
++    uid_t newuid = pw->pw_uid, olduid = geteuid();
++    gid_t groups[2];
++
++    groups[0] = groups[1] = newgid;
++    if (setgroups(1, groups) == -1)
++    {
++      perror("attempt to set groups failed");
++      clean_exit(-1);
+     }
+ 
+-    if (newuid != olduid) {
+-#if !defined(LINUX)
+-#if !defined(MACOSX)
+-        seteuid(newuid);
+-#endif
+-        if (setuid(newuid) == -1)
+-#else
+-        if (setreuid(newuid, newuid) == -1)
+-#endif
+-        {
+-            perror("attempt to drop privileges failed");
+-            clean_exit(-1);
+-        }
++    if (setgid(newgid) == -1)
++    {
++      perror("attempt to drop group privileges failed");
++      clean_exit(-1);
+     }
+-
++    
++    if (setuid(newuid) == -1)
++    {
++      perror("attempt to drop user privileges failed");
++      clean_exit(-1);
++    }
++    
+     if ((newgid != oldgid && (setegid(oldgid) != -1 || getegid() != newgid)) ||
+         (newuid != olduid && (seteuid(olduid) != -1 || geteuid() != newuid))) {
+         perror("attempt to drop privileges failed");