missed three more command line config file options

added descriptions to the patches
2011-01-29 19:39:14 +00:00 · 2011-01-29 19:39:14 +00:00 · 87399bb7bf
commit 87399bb7bf
parent ae1b4b4cc6
10 changed files with 91 additions and 34 deletions
--- a/mail/majordomo/MESSAGE
+++ b/mail/majordomo/MESSAGE
@ -1,5 +1,5 @@
 ===========================================================================
-$NetBSD: MESSAGE,v 1.7 2011/01/29 17:16:33 spz Exp $
+$NetBSD: MESSAGE,v 1.8 2011/01/29 19:39:14 spz Exp $

 Before you can use Majordomo, you will need to complete a few steps
 manually:
@ -56,9 +56,11 @@ manually:

 +++++++++++++++++++++++++++ UPDATERS NOTICE +++++++++++++++++++++++++++++++

-for resend, archive, request-answer and medit, the environment setting for
-majordomo.cf now overrides the value given on the command line with -C;
-this is a cheap (and ugly) fix for a vulnerability. Since that environment
+for resend, archive, bounce-remind, digest, request-answer and medit, the
+environment setting for majordomo.cf now overrides the value given on the
+command line with -C; config-test now only checks the compiled-in config file
+location.
+This is a cheap (and ugly) fix for a vulnerability. Since that environment
 variable is compiled into the wrapper program, the listed perl programs
 will be locked to ${MAJORDOMO_CF} when started via the wrapper.

--- a/mail/majordomo/Makefile
+++ b/mail/majordomo/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2011/01/29 17:16:33 spz Exp $
+# $NetBSD: Makefile,v 1.42 2011/01/29 19:39:14 spz Exp $

 DISTNAME=		majordomo-1.94.5
-PKGREVISION=		11
+PKGREVISION=		12
 CATEGORIES=		mail
 MASTER_SITES=		ftp://ftp.sgi.com/other/majordomo/1.94.5/ \
 			ftp://ftp-europe.sgi.com/other/majordomo/1.94.5/
--- a/mail/majordomo/distinfo
+++ b/mail/majordomo/distinfo
@ -1,16 +1,16 @@
-$NetBSD: distinfo,v 1.13 2011/01/29 17:16:33 spz Exp $
+$NetBSD: distinfo,v 1.14 2011/01/29 19:39:14 spz Exp $

 SHA1 (majordomo-1.94.5.tgz) = 44b18c7b9133f2cd992f6e718551d613d9d45c00
 RMD160 (majordomo-1.94.5.tgz) = 7f6b48fb5cc5b23948133658b055588d0d6608c4
 Size (majordomo-1.94.5.tgz) = 312244 bytes
 SHA1 (patch-aa) = 2be639e71d75780f82d2d6364431d7d40d97ba94
-SHA1 (patch-ab) = eca7461ea2f092130a50a89888f98fe45d1ddf79
-SHA1 (patch-ac) = bea997e785b2656b1660a11efce759a56a700ab2
-SHA1 (patch-ad) = 65370547240539128a405484e98c7ed15a869464
-SHA1 (patch-ae) = 3957e2725fdf1e693236a9517e6e24ed61c0691e
-SHA1 (patch-af) = 4637ede790e48be99ef4ee6883057dd9c47051b1
-SHA1 (patch-ag) = 3e89057efe5d76700d773759bff8e9d2be207a99
-SHA1 (patch-ah) = 2a5a36c0c4a0612342c7156ee949a26eaeaf133f
+SHA1 (patch-ab) = 188d81b804eb5e88b90fc07ba0c857c862ce24dd
+SHA1 (patch-ac) = 3f8973808314927f167392d640aefc67cd504a70
+SHA1 (patch-ad) = 0e31ae0be84246e0691dfdc8aa86301eadd5cf79
+SHA1 (patch-ae) = 99285559c0fe86084fedbaad5a482062187b404d
+SHA1 (patch-af) = 00f1b634295f3bdb6d7d6e6ad59ca9c8dbd4d00d
+SHA1 (patch-ag) = 759a32dacb26221d83de97b463b2131b0f52a914
+SHA1 (patch-ah) = ac08fa5d2fa321afe7fdf72783f8f2c887073bcd
 SHA1 (patch-ai) = 50d29659f54c86be1c6f6d93732419f1bac8c435
 SHA1 (patch-aj) = 2185ba182561ca3e003fa0879e696092c3b237fd
 SHA1 (patch-ak) = b33b0fc9e013642cc842c6d7ee70f590281764ae
--- a/mail/majordomo/patches/patch-ab
+++ b/mail/majordomo/patches/patch-ab
@ -1,4 +1,6 @@
-$NetBSD: patch-ab,v 1.2 2011/01/29 17:16:33 spz Exp $
+$NetBSD: patch-ab,v 1.3 2011/01/29 19:39:14 spz Exp $
+
+avoid the wrapper + -C trap

 --- archive2.pl.orig	2000-01-07 11:00:49.000000000 +0000
 +++ archive2.pl
--- a/mail/majordomo/patches/patch-ac
+++ b/mail/majordomo/patches/patch-ac
@ -1,10 +1,33 @@
-$NetBSD: patch-ac,v 1.1.1.1 1999/06/08 17:51:26 bad Exp $
+$NetBSD: patch-ac,v 1.2 2011/01/29 19:39:14 spz Exp $

--- ./bounce-remind.orig	Mon Dec  9 09:49:46 1996
-+++ ./bounce-remind	Tue Jun  8 10:55:12 1999
-@@ -34,4 +34,5 @@
+avoid the wrapper + -C trap
+
+--- bounce-remind.orig	1996-12-09 16:49:46.000000000 +0000
+++ bounce-remind
+@@ -17,13 +17,16 @@
+ 
+ $main'program_name = 'mj_bounce-remind';
+ 
+-# Read and execute the .cf file
+-$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf";
+# Read and execute the .cf file. For security reasons, let the environment win
+$cf = "/etc/majordomo.cf";
+ if ($ARGV[0] eq "-C") {
+     $cf = $ARGV[1];
+     shift(@ARGV);
+     shift(@ARGV);
+ }
+if ($ENV{"MAJORDOMO_CF"}) {
+	$cf = $ENV{"MAJORDOMO_CF"};
+}
+ if (! -r $cf) {
+     die("$cf not readable; stopped");
+ }
+@@ -33,6 +36,7 @@ require "$cf";
+ chdir("$homedir");
 
 # All these should be in the standard PERL library
 +unshift(@INC, $bindir);
 unshift(@INC, $homedir);
 
+ # Set these here so that they can be interploated on the $mailer command line.
--- a/mail/majordomo/patches/patch-ad
+++ b/mail/majordomo/patches/patch-ad
@ -1,17 +1,32 @@
-$NetBSD: patch-ad,v 1.1.1.1 1999/06/08 17:51:26 bad Exp $
+$NetBSD: patch-ad,v 1.2 2011/01/29 19:39:14 spz Exp $

--- ./config-test.orig	Wed Aug 27 09:17:13 1997
-+++ ./config-test	Tue Jun  8 10:55:12 1999
-@@ -126,4 +126,5 @@
+avoid the wrapper + -C trap
+
+--- config-test.orig	1997-08-27 15:17:13.000000000 +0000
+++ config-test
+@@ -117,7 +117,7 @@ wellokay
+ print "\n\tNon obvious things that cause headaches:\n\n";
+ &header('');
+ 
+-$cf = $ARGV[0] || $ENV{'MAJORDOMO_CF'};
+$cf = $ENV{'MAJORDOMO_CF'};
+ 
+ if (eval "require '$cf'") { 
+     &good("'require'd $cf okay.");    
+@@ -125,6 +125,7 @@ if (eval "require '$cf'") { 
+     &bad("something's wrong with $cf: $@");
 }
 
 +unshift(@INC, $bindir);
 foreach (@requires) {
     if (require $_) {
-@@ -287,5 +288,5 @@
+ 	&good("found $_ okay.");
+@@ -286,7 +287,7 @@ print "Checking to see if there are new 
+ print "your majordomo.cf file...";
 
 open($cf, $cf) || &bad("Couldn't open $cf for reading, $!");
 -open(S, 'sample.cf') || &bad("Couldn't open sample.cf for reading, $!");
 +open(S, "$bindir/sample.cf") || &bad("Couldn't open $bindir/sample.cf for reading, $!");
 
 while (<S>) {
+     next unless /^\s*(\$\w+(('|::)\w+)*)/;
--- a/mail/majordomo/patches/patch-ae
+++ b/mail/majordomo/patches/patch-ae
@ -1,7 +1,9 @@
-$NetBSD: patch-ae,v 1.4 2010/11/10 07:51:37 spz Exp $
+$NetBSD: patch-ae,v 1.5 2011/01/29 19:39:14 spz Exp $

 bring up to perl 5.12 standard (this is old code)

+avoid the wrapper + -c trap
+
 --- digest.orig	2000-01-07 11:04:34.000000000 +0000
 +++ digest
@@ -72,8 +72,8 @@ sub receive_message {
@ -104,7 +106,14 @@ bring up to perl 5.12 standard (this is old code)
 	$HOME = $ENV{"HOME"} || (getpwuid($>))[7];
 	chdir($HOME);
 	&getopt("drRmpc:Cl:z") ||
-@@ -328,6 +329,10 @@ sub readconfig {
+@@ -322,12 +323,15 @@ sub readconfig {
+ 		&abort("-C used without -l");
+ 	    } else {
+ 		# Read and execute the .cf file
+-		$cf = $opt_c || $ENV{"MAJORDOMO_CF"} || 
+-		    "/etc/majordomo.cf";
+		$cf = $ENV{"MAJORDOMO_CF"} || $opt_c || "/etc/majordomo.cf";
+ 		require "$cf";
 
 		chdir($homedir);
 
@ -115,7 +124,7 @@ bring up to perl 5.12 standard (this is old code)
 		$opt_l =~ tr/A-Z/a-z/;
 
 	   	require "config_parse.pl";
-@@ -360,9 +365,9 @@ $bounce_mailer = "$sendmail_command -f\$
+@@ -360,9 +364,9 @@ $bounce_mailer = "$sendmail_command -f\$
 		    &get_config($listdir, $config_opts{$opt_l,"digest_rm_fronter"});
 		    $RMHEADER = $config_opts{$config_opts{$opt_l,"digest_rm_fronter"},
 		                           "message_fronter"};
@ -128,7 +137,7 @@ bring up to perl 5.12 standard (this is old code)
 		}
 		if ($config_opts{$opt_l,"digest_rm_footer"}) {
 		    if ($config_opts{$opt_l,"digest_rm_footer"} ne 
-@@ -371,16 +376,16 @@ $bounce_mailer = "$sendmail_command -f\$
+@@ -371,16 +375,16 @@ $bounce_mailer = "$sendmail_command -f\$
 		    }
 		    $RMTRAILER = $config_opts{$config_opts{$opt_l,"digest_rm_footer"},
 		                           "message_footer"};
@ -150,7 +159,7 @@ bring up to perl 5.12 standard (this is old code)
 		$VOLUME = $config_opts{$opt_l,"digest_volume"};
 		$NUMBER = $config_opts{$opt_l,"digest_issue"};
 		$Precedence = $config_opts{$opt_l,"precedence"};
-@@ -406,7 +411,7 @@ $bounce_mailer = "$sendmail_command -f\$
+@@ -406,7 +410,7 @@ $bounce_mailer = "$sendmail_command -f\$
 			$from = $V{'FROM'};
 			$HEADERS = &config'substitute_values (
 			$config_opts{$opt_l,"message_headers"}, $opt_l);
@ -159,7 +168,7 @@ bring up to perl 5.12 standard (this is old code)
 		}
             } # list is defined
 	 } else { # not using -C 
-@@ -441,13 +446,13 @@ $bounce_mailer = "$sendmail_command -fma
+@@ -441,13 +445,13 @@ $bounce_mailer = "$sendmail_command -fma
 		&abort("$program_name: can't get lock '$lockfile'\n");
 	   $lock_set = 1;
 
--- a/mail/majordomo/patches/patch-af
+++ b/mail/majordomo/patches/patch-af
@ -1,4 +1,6 @@
-$NetBSD: patch-af,v 1.5 2011/01/29 17:16:33 spz Exp $
+$NetBSD: patch-af,v 1.6 2011/01/29 19:39:14 spz Exp $
+
+avoid the wrapper + -C trap

 --- majordomo.orig	2000-01-13 17:29:31.000000000 +0000
 +++ majordomo
@ -8,7 +10,7 @@ $NetBSD: patch-af,v 1.5 2011/01/29 17:16:33 spz Exp $
 
 -# Read and execute the .cf file
 -$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; 
-+# Read and execute the .cf file. for security reasons, make the env value win
+# Read and execute the .cf file. For security reasons, make the env value win
 +# (the wrapper will set the env value and setuid to majordomo. If you want
 +# to test a config and are properly authorized, su to the majordomo user
 +# and don't use the wrapper
--- a/mail/majordomo/patches/patch-ag
+++ b/mail/majordomo/patches/patch-ag
@ -1,4 +1,6 @@
-$NetBSD: patch-ag,v 1.2 2011/01/29 17:16:33 spz Exp $
+$NetBSD: patch-ag,v 1.3 2011/01/29 19:39:14 spz Exp $
+
+avoid the wrapper + -C trap

 --- medit.orig	1997-04-28 18:38:05.000000000 +0000
 +++ medit
--- a/mail/majordomo/patches/patch-ah
+++ b/mail/majordomo/patches/patch-ah
@ -1,4 +1,6 @@
-$NetBSD: patch-ah,v 1.2 2011/01/29 17:16:33 spz Exp $
+$NetBSD: patch-ah,v 1.3 2011/01/29 19:39:14 spz Exp $
+
+avoid the wrapper + -C trap

 --- request-answer.orig	2000-01-07 11:10:18.000000000 +0000
 +++ request-answer