head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2010Q4:1.1.0.28
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.26
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.24
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.22
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.20
	pkgsrc-2009Q4-base:1.1
	pkgsrc-2009Q3:1.1.0.18
	pkgsrc-2009Q3-base:1.1
	pkgsrc-2009Q2:1.1.0.16
	pkgsrc-2009Q2-base:1.1
	pkgsrc-2009Q1:1.1.0.14
	pkgsrc-2009Q1-base:1.1
	pkgsrc-2008Q4:1.1.0.12
	pkgsrc-2008Q4-base:1.1
	pkgsrc-2008Q3:1.1.0.10
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.8
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.6
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.4
	pkgsrc-2008Q1:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2011.03.22.23.31.04;	author tez;	state dead;
branches;
next	1.1;

1.1
date	2008.06.07.23.58.11;	author tonnerre;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2008.06.07.23.58.11;	author tron;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2008.06.08.12.00.23;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update MIT Kerberos to v1.8.3 with the latest security patches up to and
including MITKRB5-SA-2011-003.

Please see http://web.mit.edu/kerberos/ for the change logs since v1.4.2

Note that the r-services, telnetd and ftpd services and the related client
applications are now in a separate pacakge security/mit-krb5-appl.
@
text
@$NetBSD: patch-bi,v 1.1 2008/06/07 23:58:11 tonnerre Exp $

--- lib/rpc/svc_tcp.c.orig	2004-09-21 20:20:16.000000000 +0200
+++ lib/rpc/svc_tcp.c
@@@@ -52,6 +52,14 @@@@ static char sccsid[] = "@@(#)svc_tcp.c 1.
 extern errno;
 */
 
+#ifndef FD_SETSIZE
+#ifdef NBBY
+#define NOFILE (sizeof(int) * NBBY)
+#else
+#define NOFILE (sizeof(int) * 8)
+#endif
+#endif
+
 /*
  * Ops vector for TCP/IP based rpc service handle
  */
@@@@ -211,6 +219,20 @@@@ makefd_xprt(
 {
 	register SVCXPRT *xprt;
 	register struct tcp_conn *cd;
+
+#ifdef FD_SETSIZE
+	if (fd >= FD_SETSIZE) {
+		(void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
+		xprt = NULL;
+		goto done;
+	}
+#else
+	if (fd >= NOFILE) {
+		(void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
+		xprt = NULL;
+		goto done;
+	}
+#endif
  
 	xprt = (SVCXPRT *)mem_alloc(sizeof(SVCXPRT));
 	if (xprt == (SVCXPRT *)NULL) {
@@@@ -267,6 +289,10 @@@@ rendezvous_request(
 	 * make a new transporter (re-uses xprt)
 	 */
 	xprt = makefd_xprt(sock, r->sendsize, r->recvsize);
+	if (xprt == NULL) {
+		close(sock);
+		return (FALSE);
+	}
 	xprt->xp_raddr = addr;
 	xprt->xp_addrlen = len;
 	xprt->xp_laddr = laddr;
@


1.1
log
@Add more patches, now for MITKRB5-SA-2007-006, MITKRB5-SA-2008-001 and
MITKRB5-SA-2008-002. Bump PKGREVISION now finally.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-bi was added on branch pkgsrc-2008Q1 on 2008-06-08 12:00:23 +0000
@
text
@d1 51
@


1.1.2.2
log
@Pullup ticket #2417 - requested by tonnerre
Security patches for mit-krb5

Revisions pulled up:
- security/mit-krb5/Makefile			1.43
- security/mit-krb5/distinfo			1.20
- security/mit-krb5/patches/patch-at		1.2
- security/mit-krb5/patches/patch-bh		1.1
- security/mit-krb5/patches/patch-bi		1.1
- security/mit-krb5/patches/patch-bj		1.1
- security/mit-krb5/patches/patch-bk		1.1
- security/mit-krb5/patches/patch-bl		1.1
---
    Module Name:	pkgsrc
    Committed By:	tonnerre
    Date:		Sat Jun  7 23:58:11 UTC 2008

    Modified Files:
	pkgsrc/security/mit-krb5: Makefile distinfo
	pkgsrc/security/mit-krb5/patches: patch-at
    Added Files:
	pkgsrc/security/mit-krb5/patches: patch-bh patch-bi patch-bj
	patch-bk patch-bl

    Log Message:
    Add more patches, now for MITKRB5-SA-2007-006, MITKRB5-SA-2008-001 and
    MITKRB5-SA-2008-002. Bump PKGREVISION now finally.
@
text
@a0 51
$NetBSD: patch-bi,v 1.1 2008/06/07 23:58:11 tonnerre Exp $

--- lib/rpc/svc_tcp.c.orig	2004-09-21 20:20:16.000000000 +0200
+++ lib/rpc/svc_tcp.c
@@@@ -52,6 +52,14 @@@@ static char sccsid[] = "@@(#)svc_tcp.c 1.
 extern errno;
 */
 
+#ifndef FD_SETSIZE
+#ifdef NBBY
+#define NOFILE (sizeof(int) * NBBY)
+#else
+#define NOFILE (sizeof(int) * 8)
+#endif
+#endif
+
 /*
  * Ops vector for TCP/IP based rpc service handle
  */
@@@@ -211,6 +219,20 @@@@ makefd_xprt(
 {
 	register SVCXPRT *xprt;
 	register struct tcp_conn *cd;
+
+#ifdef FD_SETSIZE
+	if (fd >= FD_SETSIZE) {
+		(void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
+		xprt = NULL;
+		goto done;
+	}
+#else
+	if (fd >= NOFILE) {
+		(void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
+		xprt = NULL;
+		goto done;
+	}
+#endif
  
 	xprt = (SVCXPRT *)mem_alloc(sizeof(SVCXPRT));
 	if (xprt == (SVCXPRT *)NULL) {
@@@@ -267,6 +289,10 @@@@ rendezvous_request(
 	 * make a new transporter (re-uses xprt)
 	 */
 	xprt = makefd_xprt(sock, r->sendsize, r->recvsize);
+	if (xprt == NULL) {
+		close(sock);
+		return (FALSE);
+	}
 	xprt->xp_raddr = addr;
 	xprt->xp_addrlen = len;
 	xprt->xp_laddr = laddr;
@