- Fix a crash when an invalid log file is specified.

- Add -u uid option to drop the root privilege. - Add skkserv user and group. - Display fatal error messages in mksock() even if debug=0.
svn path=/head/; revision=276898
2025-01-18 08:02:48 +00:00 · 2011-07-02 14:54:06 +00:00 · 2011-07-02 14:54:06 +00:00 · 74365dfe22 · 2021-03-31 03:12:20 +00:00
commit 74365dfe22
parent 5d450b5ea5
6 changed files with 114 additions and 14 deletions
--- a/1
+++ b/1
@ -134,6 +134,7 @@ callweaver:*:444:
 courier:*:465:
 _bbstored:*:505:
 radmind:*:506:
+skkserv:*:507:
 nullmail:*:522:
 dkimproxy:*:525:
 pgbouncer:*:534:
--- a/1
+++ b/1
@ -143,6 +143,7 @@ callweaver:*:444:444::0:0:Callweaver account:/var/lib/callweaver:/usr/sbin/nolog
 courier:*:465:465::0:0:Courier Mail Server:/nonexistent:/usr/sbin/nologin
 _bbstored:*:505:505::0:0:BoxBackup Store Daemon:/nonexistent:/bin/sh
 radmind:*:506:506::0:0:radmind User:/var/radmind:/usr/sbin/nologin
+skkserv:*:507:507::0:0:skkserv User:/nonexistent:/usr/sbin/nologin
 nullmail:*:522:522::0:0:Nullmailer Mail System:/var/spool/nullmailer:/bin/sh
 dkimproxy:*:525:525::0:0:DKIM Proxy Owner:/nonexistent:/usr/sbin/nologin
 pgbouncer:*:534:534::0:0:Pgbouncer Daemon:/nonexistent:/usr/sbin/nologin
--- a/japanese/skkserv/Makefile
+++ b/japanese/skkserv/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	skkserv
 PORTVERSION=	9.6
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	japanese
 MASTER_SITES=	${MASTER_SITE_PORTS_JP}
 DISTNAME=	skk${PORTVERSION}
@ -23,6 +23,8 @@ GNU_CONFIGURE=	yes
 MAKE_ARGS=	SUBDIRS='skkserv'
 CONFIGURE_ARGS+=	--with-jisyo=${SKKJISYO} --libexecdir=${PREFIX}/sbin
 PLIST_FILES=	sbin/skkserv
+USERS=		skkserv
+GROUPS=		skkserv

 SKKJISYO_SIZE?=	L
 SKKJISYO?=	SKK-JISYO.${SKKJISYO_SIZE}
--- a/japanese/skkserv/files/patch-skkserv.c
+++ b/japanese/skkserv/files/patch-skkserv.c
@ -1,18 +1,65 @@
 --- skkserv/skkserv.c.orig	1997-01-21 04:16:36.000000000 +0900
-+++ skkserv/skkserv.c	2011-07-02 22:05:16.000000000 +0900
-@@ -124,6 +124,8 @@
+++ skkserv/skkserv.c	2011-07-02 23:48:44.000000000 +0900
+@@ -102,6 +102,8 @@
+ 
+ #define err(m)	\
+ 	{if (debug) fprintf(errout, "%s: %s\n", pgmnm, m); exit(1);}
+#define nderr(m)	\
+	{fprintf(errout, "%s: %s\n", pgmnm, m); exit(1);}
+ 
+ /*
+  *	Global Variables
+@@ -124,18 +126,25 @@
 int	clientsock[MAXCLNT];	/* socket for each client */
 int	nclients;	/* max index for active clients */
 
 +char	listenaddr[NI_MAXHOST];
+uid_t	uid;
+gid_t	gid;
 +
 main(argc, argv)
 char *argv[];
 {
-@@ -166,6 +168,12 @@
+   int	parg;
+   int	setjisho = 0;
+   int	ctlterm;	/* fildes for control terminal */
+  struct passwd *pwent;
+   void	reread();
+ 
+   pgmnm = argv[0];
+   debug = 0;
+   errout = stderr;
+   portnum = 0;
+  uid = getuid();
+  gid = getgid();
+ 
+   /* The following patch (a work-around due to "rsh" bug) was pointed 	*/
+   /* out by kazushi@kubota.co.jp in the message "714" in SKK-ML		*/
+@@ -155,7 +164,7 @@
+ 	if (parg + 1 == argc) showusage();
+ 	if ((errout = fopen(argv[++parg], "w")) == NULL) {
+ 	  fprintf(stderr, "%s: opening logfile \"%s\" failed\n", 
+-		  pgmnm, *argv[parg]);
+		  pgmnm, argv[parg]);
+ 	  exit(1);
+ 	}
+ 	debug = 1; break;
+@@ -166,6 +175,24 @@
       case 'P': 
 	if (parg +1 == argc) showusage();
 	portnum = atoi(argv[++parg]); break;
+      case 'u':
+      case 'U': 
+	if (parg + 1 == argc) showusage();
+	pwent = getpwnam(argv[++parg]);
+	if (pwent == NULL) {
+    		fprintf(stderr, 
+	 	   "%s: invalid uid \"%s\"\n", pgmnm, argv[parg]);
+		exit(1);
+	}
+	uid = pwent->pw_uid;
+	gid = pwent->pw_gid;
+        break;
 +      case 'a':
 +      case 'A': 
 +	if (parg +1 == argc) showusage();
@ -22,19 +69,39 @@
       default: showusage();
       }
     } else if (setjisho == 0) {
-@@ -232,9 +240,9 @@
+@@ -183,6 +210,17 @@
+     exit(1);
+   }
+ 
+  if (setgid(gid) == -1) {
+    fprintf(stderr, 
+	    "%s: setgid() failed\n", pgmnm);
+    exit(1);
+  }
+  if (setuid(uid) == -1) {
+    fprintf(stderr, 
+	    "%s: setuid() failed\n", pgmnm);
+    exit(1);
+  }
+
+   set_hname();
+ 
+   /* make socket */
+@@ -232,9 +270,11 @@
 showusage()
 {
   fprintf(stderr, 
 -	  "Usage: %s [-d] [-l logfile] [-p port] \n", pgmnm);
-+	  "Usage: %s [-d] [-l logfile] [-p port] [-a listenaddr]\n", pgmnm);
+	  "Usage: %s [-d] [-l logfile] [-p port] [-a listenaddr] [-u uid]\n",
+	  pgmnm);
   fprintf(stderr, 
 -	  "       %s [-d] [-l logfile] [-p port] skk-jisho\n", pgmnm);
-+	  "       %s [-d] [-l logfile] [-p port] [-a listenaddr] skk-jisho\n", pgmnm);
+	  "       %s [-d] [-l logfile] [-p port] [-a listenaddr] [-u uid]"
+	  " skk-jisho\n", pgmnm);
   exit(1);
 }
  
-@@ -249,7 +257,21 @@
+@@ -249,27 +289,41 @@
   
   bzero((char*)&sin, sizeof(sin));
   sin.sin_family = AF_INET;
@ -47,7 +114,7 @@
 +		  struct in_addr  **pptr;
 +		  
 +		  if ((hp = gethostbyname(listenaddr)) == NULL) {
-+			  err("could not resolve the specified listen address");
+			  nderr("could not resolve the specified listen address");
 +		  }
 +		  pptr = (struct in_addr **)hp->h_addr_list;
 +		  memcpy(&sin.sin_addr.s_addr, pptr[0], sizeof(struct in_addr));
@ -57,7 +124,32 @@
   if (portnum == 0) {
 #ifdef PORTNUM
     portnum = PORTNUM;
-@@ -382,6 +404,10 @@
+ #else
+     if ((sp = getservbyname(SERVICE_NAME, "tcp")) == NULL)
+-      err("service name is undefined in /etc/services file");
+      nderr("service name is undefined in /etc/services file");
+     portnum = ntohs(sp->s_port);
+ #endif
+   }
+   sin.sin_port = htons(portnum); 
+ 
+   if ((initsock = socket(PF_INET, SOCK_STREAM, 0)) < 0)
+-    err("socket error; socket cannot be created");
+    nderr("socket error; socket cannot be created");
+   if (setsockopt(initsock, SOL_SOCKET, SO_REUSEADDR, 
+ 		 &optbuf, sizeof(optbuf)) < 0)
+-    err("socket error; cannot set socket option");
+    nderr("socket error; cannot set socket option");
+   if (bind(initsock, (struct sockaddr *)&sin, sizeof(sin))< 0) 
+-    err("bind error; the socket is already used");
+    nderr("bind error; the socket is already used");
+   if (listen(initsock, MAXQUE) < 0) 
+-    err("listen error; something wrong happened with the socket");
+    nderr("listen error; something wrong happened with the socket");
+   if (debug) {
+     fprintf(errout, "file descriptor for initsock is %d\n", initsock);
+     fflush(errout);
+@@ -382,6 +436,10 @@
   code = KANA_END;
 
   while ((c = fgetc(jisho)) != EOF) {
@ -68,7 +160,7 @@
     target = ((c & 0xff)<< 8) | (fgetc(jisho) & 0xff);
     if (target == STRMARK) {
       fgets(buf, BUFSIZE, jisho);
-@@ -476,7 +502,7 @@
+@@ -476,7 +534,7 @@
 
     if (FD_ISSET(initsock, &readfds)) {
       len = sizeof(from);
--- a/japanese/skkserv/files/patch-skkserv.h
+++ b/japanese/skkserv/files/patch-skkserv.h
@ -1,5 +1,5 @@
 --- skkserv/skkserv.h.orig	1997-01-21 04:16:36.000000000 +0900
-+++ skkserv/skkserv.h	2008-11-01 23:53:43.000000000 +0900
+++ skkserv/skkserv.h	2011-07-02 23:07:17.000000000 +0900
@@ -37,6 +37,8 @@
 /* Necessary for SunOS 3.x and maybe other old systems */
 
@ -9,7 +9,7 @@
 
 #include	<sys/types.h>
 #ifdef HAVE_SYS_IOCTL_H
-@@ -44,6 +46,7 @@
+@@ -44,9 +46,11 @@
 #endif
 #include	<sys/socket.h>
 #include	<netinet/in.h>
@ -17,3 +17,7 @@
 #include	<netdb.h>
 #include	<signal.h>
 #include	<errno.h>
+#include	<pwd.h>
+ 
+ #ifndef DEFAULT_JISYO
+ #define DEFAULT_JISYO 	"/usr/local/share/emacs/SKK-JISYO.L"	
--- a/japanese/skkserv/files/skkserv.sh.in
+++ b/japanese/skkserv/files/skkserv.sh.in
@ -12,7 +12,7 @@ name=skkserv
 rcvar=`set_rcvar`
 command=%%PREFIX%%/sbin/skkserv

-: ${skkserv_flags:="-a 127.0.0.1"}
+: ${skkserv_flags:="-a 127.0.0.1 -u skkserv"}

 load_rc_config ${name}
 run_rc_command $1