Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 315111 Details for
Bug 415255
<app-shells/rssh-2.3.3-r1 upstream reports circumvention; developer has ceased maintenance (CVE-2012-3478)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
patch to 2.3.4
rssh.2.3.4.patch (text/plain), 6.92 KB, created by
Marios Andreopoulos
on 2012-06-12 16:02:27 UTC
(
hide
)
Description:
patch to 2.3.4
Filename:
MIME Type:
Creator:
Marios Andreopoulos
Created:
2012-06-12 16:02:27 UTC
Size:
6.92 KB
patch
obsolete
>--- rssh-2.3.3/main.c.in 2010-08-01 15:43:30.000000000 -0400 >+++ rssh-2.3.3/main.c.in 2012-05-11 16:44:39.000000000 -0400 >@@ -184,7 +184,7 @@ > * determine if the command in cmdline is acceptable to run, and store > * name of program to exec in cmd > */ >- if ( !(*cmd = check_command_line(cmdline, opts)) ) return NULL; >+ if ( !(*cmd = get_command(cmdline, opts)) ) return NULL; > > /* if we need to do chroot processing, do it */ > if ( opts->shell_flags & RSSH_USE_CHROOT ){ >@@ -252,7 +252,9 @@ > } > > /* return vector of pointers to command line arguments */ >- return build_arg_vector(cmdline, 0); >+ argvec = build_arg_vector(cmdline, 0); >+ if (check_command_line(argvec, opts)) return argvec; >+ else return NULL; > } > > void vers_info( void ) >--- rssh-2.3.3/util.c 2010-08-01 09:07:00.000000000 -0400 >+++ rssh-2.3.3/util.c 2012-05-11 16:43:10.000000000 -0400 >@@ -106,7 +106,7 @@ > /* print error message to user and log attempt */ > fprintf(stderr, "\nThis account is restricted by rssh.\n" > "%s\n\nIf you believe this is in error, please contact " >- "your system administrator.\n\n", cmd); >+ "your system administrator.\n\n", cmd); > if ( argc < 3 ) > log_msg("user %s attempted to log in with a shell", > username); >@@ -132,31 +132,35 @@ > */ > bool opt_exist(char *cl, char opt) > { >- int i = 0; >+ int i = 1; > int len; >- char *token; >- bool optstring = FALSE; >- > > len = strlen(cl); > > /* process command line character by character */ >- while ( i < (len - 2) ){ >- if ( cl[i] == ' ' || cl[i] == '\t' ){ >- if ( cl[i+1] == '-' ){ >- optstring = TRUE; >- i+=2; >- } >- } >- if ( cl[i] == opt && optstring ) return TRUE; >- if ( cl[i] == ' ' || cl[i] == '\t' || cl[i] == '-' ) >- optstring = FALSE; >+ if (!(cl[0] == '-')) return FALSE; >+ while ( i < (len) ){ >+ if ( cl[i] == opt ) return TRUE; > i++; > } > return FALSE; > } > > >+bool opt_filter(char **vec, const char opt) >+{ >+ while (vec && *vec){ >+ if (opt_exist(*vec, opt)){ >+ fprintf(stderr, "\nillegal insecure %c option", opt); >+ log_msg("insecure %c option in scp command line!", opt); >+ return TRUE; >+ } >+ vec++; >+ } >+ return FALSE; >+} >+ >+ > bool check_command( char *cl, ShellOptions_t *opts, char *cmd, int cmdflag ) > { > int cl_len; /* length of command line */ >@@ -186,69 +190,78 @@ > return FALSE; > } > >+ > /* > * check_command_line() - take the command line passed to rssh, and verify >- * that the specified command is one the user is >- * allowed to run. Return the path of the command >- * which will be run if it is ok, or return NULL if it >- * is not. >+ * that the specified command is one the user is >+ * allowed to run and validate the arguments. Return the >+ * path of the command which will be run if it is ok, or >+ * return NULL if it is not. > */ >-char *check_command_line( char *cl, ShellOptions_t *opts ) >+char *check_command_line( char **cl, ShellOptions_t *opts ) > { > >- if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) >+ if ( check_command(*cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) > return PATH_SFTP_SERVER; > >- if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){ >+ if ( check_command(*cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ){ > /* filter -S option */ >- if ( opt_exist(cl, 'S') ){ >- fprintf(stderr, "\ninsecure -S option not allowed."); >- log_msg("insecure -S option in scp command line!"); >- return NULL; >- } >+ if ( opt_filter(cl, 'S') ) return NULL; > return PATH_SCP; > } > >- if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){ >- if ( opt_exist(cl, 'e') ){ >- fprintf(stderr, "\ninsecure -e option not allowed."); >- log_msg("insecure -e option in cvs command line!"); >- return NULL; >- } >+ if ( check_command(*cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ){ >+ if ( opt_filter(cl, 'e') ) return NULL; > return PATH_CVS; > } > >- if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){ >+ if ( check_command(*cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ){ > /* filter -P option */ >- if ( opt_exist(cl, 'P') ){ >- fprintf(stderr, "\ninsecure -P option not allowed."); >- log_msg("insecure -P option in rdist command line!"); >- return NULL; >- } >+ if ( opt_filter(cl, 'P') ) return NULL; > return PATH_RDIST; > } > >- if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){ >+ if ( check_command(*cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ){ > /* filter -e option */ >- if ( opt_exist(cl, 'e') ){ >- fprintf(stderr, "\ninsecure -e option not allowed."); >- log_msg("insecure -e option in rdist command line!"); >- return NULL; >- } >- >- if ( strstr(cl, "--rsh=" ) ){ >- fprintf(stderr, "\ninsecure --rsh= not allowed."); >- log_msg("insecure --rsh option in rsync command line!"); >- return NULL; >+ if ( opt_filter(cl, 'e') ) return NULL; >+ while (cl && *cl){ >+ if ( strstr(*cl, "--rsh=" ) ){ >+ fprintf(stderr, "\ninsecure --rsh= not allowed."); >+ log_msg("insecure --rsh option in rsync command line!"); >+ return NULL; >+ } > } >- > return PATH_RSYNC; > } >+ /* No match, return NULL */ >+ return NULL; >+} >+ >+ >+/* >+ * get_command() - take the command line passed to rssh, and verify >+ * that the specified command is one the user is allowed to run. >+ * Return the path of the command which will be run if it is ok, >+ * or return NULL if it is not. >+ */ >+char *get_command( char *cl, ShellOptions_t *opts ) >+{ > >+ if ( check_command(cl, opts, PATH_SFTP_SERVER, RSSH_ALLOW_SFTP) ) >+ return PATH_SFTP_SERVER; >+ if ( check_command(cl, opts, PATH_SCP, RSSH_ALLOW_SCP) ) >+ return PATH_SCP; >+ if ( check_command(cl, opts, PATH_CVS, RSSH_ALLOW_CVS) ) >+ return PATH_CVS; >+ if ( check_command(cl, opts, PATH_RDIST, RSSH_ALLOW_RDIST) ) >+ return PATH_RDIST; >+ if ( check_command(cl, opts, PATH_RSYNC, RSSH_ALLOW_RSYNC) ) >+ return PATH_RSYNC; > return NULL; > } > > >+ > /* > * extract_root() - takes a root directory and the full path to some other > * directory, and returns a pointer to a string which >@@ -264,7 +277,7 @@ > len = strlen(root); > /* get rid of a trailing / from the root path */ > if ( root[len - 1] == '/' ){ >- root[len - 1] = '\0'; >+ root[len - 1] = '\0'; > len--; > } > if ( (strncmp(root, path, len)) ) return NULL; >@@ -309,7 +322,7 @@ > * same name, and returns FALSE if the bits are not valid > */ > int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp, >- bool *allow_cvs, bool *allow_rdist, bool *allow_rsync ) >+ bool *allow_cvs, bool *allow_rdist, bool *allow_rsync ) > { > int i; > >--- rssh-2.3.3/util.h 2006-12-21 17:22:38.000000000 -0500 >+++ rssh-2.3.3/util.h 2012-05-11 16:21:12.000000000 -0400 >@@ -33,7 +33,8 @@ > #include "rsshconf.h" > > void fail( int flags, int argc, char **argv ); >-char *check_command_line( char *cl, ShellOptions_t *opts ); >+char *check_command_line( char **cl, ShellOptions_t *opts ); >+char *get_command( char *cl, ShellOptions_t *opts); > char *extract_root( char *root, char *path ); > int validate_umask( const char *temp, int *mask ); > int validate_access( const char *temp, bool *allow_sftp, bool *allow_scp,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=315111">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 415255
: 315111 |
315113
