1 files changed, 0 insertions, 229 deletions
diff --git a/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch b/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch
deleted file mode 100644
index 8619a51..0000000
--- a/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch
+++ /dev/null
@@ -1,229 +0,0 @@
-From 9ba0bd8840f8be4cccaf8134b65a012dffdd8ae0 Mon Sep 17 00:00:00 2001
-From: Shawn Webb <swebb@sourcefire.com>
-Date: Thu, 31 Jul 2014 11:50:23 -0400
-Subject: bb#10731 - Allow to specificy a group for the socket of which the
- user is not a member
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
- clamav-milter/clamav-milter.c | 193 +++++++++++++++++++++---------------------
- 1 file changed, 98 insertions(+), 95 deletions(-)
-diff --git a/clamav-milter/clamav-milter.c b/clamav-milter/clamav-milter.c
-index 2c7a4d7d3414..99e7fe7fac04 100644
--- a/clamav-milter/clamav-milter.c
-+++ b/clamav-milter/clamav-milter.c
-@@ -116,6 +116,104 @@ int main(int argc, char **argv) {
-        }
-     }
- 
-+    if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
-+       logg("!Please configure the MilterSocket directive\n");
-+       logg_close();
-+       optfree(opts);
-+       return 1;
-+    }
-+
-+    if(smfi_setconn(my_socket) == MI_FAILURE) {
-+       logg("!smfi_setconn failed\n");
-+       logg_close();
-+       optfree(opts);
-+       return 1;
-+    }
-+    if(smfi_register(descr) == MI_FAILURE) {
-+       logg("!smfi_register failed\n");
-+       logg_close();
-+       optfree(opts);
-+       return 1;
-+    }
-+    opt = optget(opts, "FixStaleSocket");
-+    umsk = umask(0777); /* socket is created with 000 to avoid races */
-+    if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
-+       logg("!Failed to create socket %s\n", my_socket);
-+       logg_close();
-+       optfree(opts);
-+       return 1;
-+    }
-+    umask(umsk); /* restore umask */
-+    if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
-+       /* set group ownership and perms on the local socket */
-+       char *sock_name = my_socket;
-+       mode_t sock_mode;
-+       if(!strncmp(my_socket, "unix:", 5))
-+           sock_name += 5;
-+       if(!strncmp(my_socket, "local:", 6))
-+           sock_name += 6;
-+       if(*my_socket == ':')
-+           sock_name ++;
-+
-+       if(optget(opts, "MilterSocketGroup")->enabled) {
-+           char *gname = optget(opts, "MilterSocketGroup")->strarg, *end;
-+           gid_t sock_gid = strtol(gname, &end, 10);
-+           if(*end) {
-+               struct group *pgrp = getgrnam(gname);
-+               if(!pgrp) {
-+                   logg("!Unknown group %s\n", gname);
-+                   logg_close();
-+                   optfree(opts);
-+                   return 1;
-+               }
-+               sock_gid = pgrp->gr_gid;
-+           }
-+           if(chown(sock_name, -1, sock_gid)) {
-+               logg("!Failed to change socket ownership to group %s\n", gname);
-+               logg_close();
-+               optfree(opts);
-+               return 1;
-+           }
-+       }
-+
-+       if ((opt = optget(opts, "User"))->enabled) {
-+           struct passwd *user;
-+           if ((user = getpwnam(opt->strarg)) == NULL) {
-+               logg("ERROR: Can't get information about user %s.\n",
-+                       opt->strarg);
-+               logg_close();
-+               optfree(opts);
-+               return 1;
-+           }
-+
-+           if(chown(sock_name, user->pw_uid, -1)) {
-+               logg("!Failed to change socket ownership to user %s\n", user->pw_name);
-+               optfree(opts);
-+               logg_close();
-+               return 1;
-+           }
-+       }
-+
-+       if(optget(opts, "MilterSocketMode")->enabled) {
-+           char *end;
-+           sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
-+           if(*end) {
-+               logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
-+               logg_close();
-+               optfree(opts);
-+               return 1;
-+           }
-+       } else
-+           sock_mode = 0777 & ~umsk;
-+
-+       if(chmod(sock_name, sock_mode & 0666)) {
-+           logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
-+           logg_close();
-+           optfree(opts);
-+           return 1;
-+       }
-+    }
-+
-     if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) {
-         struct passwd *user = NULL;
-        if((user = getpwnam(opt->strarg)) == NULL) {
-@@ -248,15 +346,6 @@ int main(int argc, char **argv) {
- 
-     multircpt = optget(opts, "SupportMultipleRecipients")->enabled;
-     
-    if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
-       logg("!Please configure the MilterSocket directive\n");
-       localnets_free();
-       whitelist_free();
-       logg_close();
-       optfree(opts);
-       return 1;
-    }
-
-     if(!optget(opts, "Foreground")->enabled) {
-        if(daemonize() == -1) {
-            logg("!daemonize() failed\n");
-@@ -271,92 +360,6 @@ int main(int argc, char **argv) {
-            logg("^Can't change current working directory to root\n");
-     }
- 
-    if(smfi_setconn(my_socket) == MI_FAILURE) {
-       logg("!smfi_setconn failed\n");
-       localnets_free();
-       whitelist_free();
-       logg_close();
-       optfree(opts);
-       return 1;
-    }
-    if(smfi_register(descr) == MI_FAILURE) {
-       logg("!smfi_register failed\n");
-       localnets_free();
-       whitelist_free();
-       logg_close();
-       optfree(opts);
-       return 1;
-    }
-    opt = optget(opts, "FixStaleSocket");
-    umsk = umask(0777); /* socket is created with 000 to avoid races */ 
-    if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
-       logg("!Failed to create socket %s\n", my_socket);
-       localnets_free();
-       whitelist_free();
-       logg_close();
-       optfree(opts);
-       return 1;
-    }
-    umask(umsk); /* restore umask */
-    if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
-       /* set group ownership and perms on the local socket */
-       char *sock_name = my_socket;
-       mode_t sock_mode;
-       if(!strncmp(my_socket, "unix:", 5))
-           sock_name += 5;
-       if(!strncmp(my_socket, "local:", 6))
-           sock_name += 6;
-       if(*my_socket == ':')
-           sock_name ++;
-
-       if(optget(opts, "MilterSocketGroup")->enabled) {
-           char *gname = optget(opts, "MilterSocketGroup")->strarg, *end;
-           gid_t sock_gid = strtol(gname, &end, 10);
-           if(*end) {
-               struct group *pgrp = getgrnam(gname);
-               if(!pgrp) {
-                   logg("!Unknown group %s\n", gname);
-                   localnets_free();
-                   whitelist_free();
-                   logg_close();
-                   optfree(opts);
-                   return 1;
-               }
-               sock_gid = pgrp->gr_gid;
-           }
-           if(chown(sock_name, -1, sock_gid)) {
-               logg("!Failed to change socket ownership to group %s\n", gname);
-               localnets_free();
-               whitelist_free();
-               logg_close();
-               optfree(opts);
-               return 1;
-           }
-       }
-       if(optget(opts, "MilterSocketMode")->enabled) {
-           char *end;
-           sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
-           if(*end) {
-               logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
-               localnets_free();
-               whitelist_free();
-               logg_close();
-               optfree(opts);
-               return 1;
-           }
-       } else
-           sock_mode = 0777 & ~umsk;
-
-       if(chmod(sock_name, sock_mode & 0666)) {
-           logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
-           localnets_free();
-           whitelist_free();
-           logg_close();
-           optfree(opts);
-           return 1;
-       }
-    }
-
-     maxfilesize = optget(opts, "MaxFileSize")->numarg;
-     if(!maxfilesize) {
-        logg("^Invalid MaxFileSize, using default (%d)\n", CLI_DEFAULT_MAXFILESIZE);

diff --git a/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch b/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch deleted file mode 100644 index 8619a51..0000000 --- a/recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch +++ /dev/null
@@ -1,229 +0,0 @@
1	From 9ba0bd8840f8be4cccaf8134b65a012dffdd8ae0 Mon Sep 17 00:00:00 2001
2	From: Shawn Webb <swebb@sourcefire.com>
3	Date: Thu, 31 Jul 2014 11:50:23 -0400
4	Subject: bb#10731 - Allow to specificy a group for the socket of which the
5	user is not a member
6
7	Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
8	---
9	clamav-milter/clamav-milter.c \| 193 +++++++++++++++++++++---------------------
10	1 file changed, 98 insertions(+), 95 deletions(-)
11
12	diff --git a/clamav-milter/clamav-milter.c b/clamav-milter/clamav-milter.c
13	index 2c7a4d7d3414..99e7fe7fac04 100644
14	--- a/clamav-milter/clamav-milter.c
15	+++ b/clamav-milter/clamav-milter.c
16	@@ -116,6 +116,104 @@ int main(int argc, char **argv) {
17	}
18	}
19
20	+ if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
21	+ logg("!Please configure the MilterSocket directive\n");
22	+ logg_close();
23	+ optfree(opts);
24	+ return 1;
25	+ }
26	+
27	+ if(smfi_setconn(my_socket) == MI_FAILURE) {
28	+ logg("!smfi_setconn failed\n");
29	+ logg_close();
30	+ optfree(opts);
31	+ return 1;
32	+ }
33	+ if(smfi_register(descr) == MI_FAILURE) {
34	+ logg("!smfi_register failed\n");
35	+ logg_close();
36	+ optfree(opts);
37	+ return 1;
38	+ }
39	+ opt = optget(opts, "FixStaleSocket");
40	+ umsk = umask(0777); /* socket is created with 000 to avoid races */
41	+ if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
42	+ logg("!Failed to create socket %s\n", my_socket);
43	+ logg_close();
44	+ optfree(opts);
45	+ return 1;
46	+ }
47	+ umask(umsk); /* restore umask */
48	+ if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
49	+ /* set group ownership and perms on the local socket */
50	+ char *sock_name = my_socket;
51	+ mode_t sock_mode;
52	+ if(!strncmp(my_socket, "unix:", 5))
53	+ sock_name += 5;
54	+ if(!strncmp(my_socket, "local:", 6))
55	+ sock_name += 6;
56	+ if(*my_socket == ':')
57	+ sock_name ++;
58	+
59	+ if(optget(opts, "MilterSocketGroup")->enabled) {
60	+ char gname = optget(opts, "MilterSocketGroup")->strarg, end;
61	+ gid_t sock_gid = strtol(gname, &end, 10);
62	+ if(*end) {
63	+ struct group *pgrp = getgrnam(gname);
64	+ if(!pgrp) {
65	+ logg("!Unknown group %s\n", gname);
66	+ logg_close();
67	+ optfree(opts);
68	+ return 1;
69	+ }
70	+ sock_gid = pgrp->gr_gid;
71	+ }
72	+ if(chown(sock_name, -1, sock_gid)) {
73	+ logg("!Failed to change socket ownership to group %s\n", gname);
74	+ logg_close();
75	+ optfree(opts);
76	+ return 1;
77	+ }
78	+ }
79	+
80	+ if ((opt = optget(opts, "User"))->enabled) {
81	+ struct passwd *user;
82	+ if ((user = getpwnam(opt->strarg)) == NULL) {
83	+ logg("ERROR: Can't get information about user %s.\n",
84	+ opt->strarg);
85	+ logg_close();
86	+ optfree(opts);
87	+ return 1;
88	+ }
89	+
90	+ if(chown(sock_name, user->pw_uid, -1)) {
91	+ logg("!Failed to change socket ownership to user %s\n", user->pw_name);
92	+ optfree(opts);
93	+ logg_close();
94	+ return 1;
95	+ }
96	+ }
97	+
98	+ if(optget(opts, "MilterSocketMode")->enabled) {
99	+ char *end;
100	+ sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
101	+ if(*end) {
102	+ logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
103	+ logg_close();
104	+ optfree(opts);
105	+ return 1;
106	+ }
107	+ } else
108	+ sock_mode = 0777 & ~umsk;
109	+
110	+ if(chmod(sock_name, sock_mode & 0666)) {
111	+ logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
112	+ logg_close();
113	+ optfree(opts);
114	+ return 1;
115	+ }
116	+ }
117	+
118	if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) {
119	struct passwd *user = NULL;
120	if((user = getpwnam(opt->strarg)) == NULL) {
121	@@ -248,15 +346,6 @@ int main(int argc, char **argv) {
122
123	multircpt = optget(opts, "SupportMultipleRecipients")->enabled;
124
125	- if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
126	- logg("!Please configure the MilterSocket directive\n");
127	- localnets_free();
128	- whitelist_free();
129	- logg_close();
130	- optfree(opts);
131	- return 1;
132	- }
133	-
134	if(!optget(opts, "Foreground")->enabled) {
135	if(daemonize() == -1) {
136	logg("!daemonize() failed\n");
137	@@ -271,92 +360,6 @@ int main(int argc, char **argv) {
138	logg("^Can't change current working directory to root\n");
139	}
140
141	- if(smfi_setconn(my_socket) == MI_FAILURE) {
142	- logg("!smfi_setconn failed\n");
143	- localnets_free();
144	- whitelist_free();
145	- logg_close();
146	- optfree(opts);
147	- return 1;
148	- }
149	- if(smfi_register(descr) == MI_FAILURE) {
150	- logg("!smfi_register failed\n");
151	- localnets_free();
152	- whitelist_free();
153	- logg_close();
154	- optfree(opts);
155	- return 1;
156	- }
157	- opt = optget(opts, "FixStaleSocket");
158	- umsk = umask(0777); /* socket is created with 000 to avoid races */
159	- if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
160	- logg("!Failed to create socket %s\n", my_socket);
161	- localnets_free();
162	- whitelist_free();
163	- logg_close();
164	- optfree(opts);
165	- return 1;
166	- }
167	- umask(umsk); /* restore umask */
168	- if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
169	- /* set group ownership and perms on the local socket */
170	- char *sock_name = my_socket;
171	- mode_t sock_mode;
172	- if(!strncmp(my_socket, "unix:", 5))
173	- sock_name += 5;
174	- if(!strncmp(my_socket, "local:", 6))
175	- sock_name += 6;
176	- if(*my_socket == ':')
177	- sock_name ++;
178	-
179	- if(optget(opts, "MilterSocketGroup")->enabled) {
180	- char gname = optget(opts, "MilterSocketGroup")->strarg, end;
181	- gid_t sock_gid = strtol(gname, &end, 10);
182	- if(*end) {
183	- struct group *pgrp = getgrnam(gname);
184	- if(!pgrp) {
185	- logg("!Unknown group %s\n", gname);
186	- localnets_free();
187	- whitelist_free();
188	- logg_close();
189	- optfree(opts);
190	- return 1;
191	- }
192	- sock_gid = pgrp->gr_gid;
193	- }
194	- if(chown(sock_name, -1, sock_gid)) {
195	- logg("!Failed to change socket ownership to group %s\n", gname);
196	- localnets_free();
197	- whitelist_free();
198	- logg_close();
199	- optfree(opts);
200	- return 1;
201	- }
202	- }
203	- if(optget(opts, "MilterSocketMode")->enabled) {
204	- char *end;
205	- sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
206	- if(*end) {
207	- logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
208	- localnets_free();
209	- whitelist_free();
210	- logg_close();
211	- optfree(opts);
212	- return 1;
213	- }
214	- } else
215	- sock_mode = 0777 & ~umsk;
216	-
217	- if(chmod(sock_name, sock_mode & 0666)) {
218	- logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
219	- localnets_free();
220	- whitelist_free();
221	- logg_close();
222	- optfree(opts);
223	- return 1;
224	- }
225	- }
226	-
227	maxfilesize = optget(opts, "MaxFileSize")->numarg;
228	if(!maxfilesize) {
229	logg("^Invalid MaxFileSize, using default (%d)\n", CLI_DEFAULT_MAXFILESIZE);