diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2013-11-04 17:08:47 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 22:57:36 +0200 |
| commit | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch) | |
| tree | 9b98e6e193c7870cb27ac861394c1c4592850922 /source/n/ppp | |
| parent | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff) | |
| download | current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.xz | |
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/n/ppp')
| -rwxr-xr-x | source/n/ppp/ppp.SlackBuild | 10 | ||||
| -rw-r--r-- | source/n/ppp/ppp.crypt.diff | 64 |
2 files changed, 71 insertions, 3 deletions
diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild index f7732bd61..3c229953d 100755 --- a/source/n/ppp/ppp.SlackBuild +++ b/source/n/ppp/ppp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,7 +23,7 @@ VERSION=2.4.5 RADVER=0.3.2 PPPVER=1.98 -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -64,8 +64,12 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit +zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) +zcat $CWD/ppp.crypt.diff.gz | patch -p1 --verbose || exit 1 + +# This conflicts with the header in 3.5+ kernels: +rm -f include/linux/if_pppol2tp.h ./configure \ --prefix=/usr \ diff --git a/source/n/ppp/ppp.crypt.diff b/source/n/ppp/ppp.crypt.diff new file mode 100644 index 000000000..2e39af2b1 --- /dev/null +++ b/source/n/ppp/ppp.crypt.diff @@ -0,0 +1,64 @@ +From 04c4348108d847e034dd91066cc6843f60d71731 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras <paulus@samba.org> +Date: Sun, 20 May 2012 14:14:55 +1000 +Subject: [PATCH] pppd: Don't crash if crypt() returns NULL + +It is possible for crypt() to return NULL under some circumstances, +so we need to check the return value before passing it to strcmp(). +If we do get NULL from crypt(), treat it as an authentication failure. + +Reported-by: Paul Wouters <pwouters@redhat.com> +Signed-off-by: Paul Mackerras <paulus@samba.org> +--- + pppd/auth.c | 8 +++++--- + pppd/session.c | 7 +++++-- + 2 files changed, 10 insertions(+), 5 deletions(-) + +diff --git a/pppd/auth.c b/pppd/auth.c +index fb71944..883b7f5 100644 +--- a/pppd/auth.c ++++ b/pppd/auth.c +@@ -1442,9 +1442,11 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) + } + if (secret[0] != 0 && !login_secret) { + /* password given in pap-secrets - must match */ +- if ((cryptpap || strcmp(passwd, secret) != 0) +- && strcmp(crypt(passwd, secret), secret) != 0) +- ret = UPAP_AUTHNAK; ++ if (cryptpap || strcmp(passwd, secret) != 0) { ++ char *cbuf = crypt(passwd, secret); ++ if (!cbuf || strcmp(cbuf, secret) != 0) ++ ret = UPAP_AUTHNAK; ++ } + } + } + fclose(f); +diff --git a/pppd/session.c b/pppd/session.c +index 32901a2..56385dd 100644 +--- a/pppd/session.c ++++ b/pppd/session.c +@@ -178,6 +178,7 @@ session_start(flags, user, passwd, ttyName, msg) + bool try_session = 0; + #else /* #ifdef USE_PAM */ + struct passwd *pw; ++ char *cbuf; + #ifdef HAS_SHADOW + struct spwd *spwd; + struct spwd *getspnam(); +@@ -348,8 +349,10 @@ session_start(flags, user, passwd, ttyName, msg) + /* + * If no passwd, don't let them login if we're authenticating. + */ +- if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2 +- || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0) ++ if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2) ++ return SESSION_FAILED; ++ cbuf = crypt(passwd, pw->pw_passwd); ++ if (!cbuf || strcmp(cbuf, pw->pw_passwd) != 0) + return SESSION_FAILED; + } + +-- +1.7.10.4 + + |