April 2006 - 389-commits - Fedora Mailing-Lists

[Fedora-directory-commits] ldapserver/ldap/servers/plugins/acl acldllmain.c, 1.4, 1.5 acllas.c, 1.5, 1.6

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/acl In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/servers/plugins/acl Modified Files: acldllmain.c acllas.c Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: acldllmain.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acldllmain.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- acldllmain.c 19 Apr 2005 22:07:28 -0000 1.4 +++ acldllmain.c 11 Apr 2006 02:14:38 -0000 1.5 @@ -136,6 +136,7 @@ va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); Index: acllas.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acllas.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- acllas.c 19 Apr 2005 22:07:28 -0000 1.5 +++ acllas.c 11 Apr 2006 02:14:38 -0000 1.6 @@ -1436,10 +1436,11 @@ if ( idx < 0 ) { sprintf ( buf, "\nuserDN=\"%s\"\nmember=", info->userDN); - if (info->member) + if (info->member && *info->member) { len = strlen (buf); - sprintf ( &(buf[len]), "\"%s\"", info->member ); + /* member is a char ** */ + sprintf ( &(buf[len]), "\"%s\"", *info->member ); } len = strlen (buf); sprintf ( &(buf[len]), "\nmemberinfo[%d]-[%d]:", info->c_idx, info->lu_idx );

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/clients/orgchart wrapper.c, 1.4, 1.5

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/clients/orgchart In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/clients/orgchart Modified Files: wrapper.c Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: wrapper.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/orgchart/wrapper.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- wrapper.c 19 Apr 2005 22:07:20 -0000 1.4 +++ wrapper.c 11 Apr 2006 02:14:33 -0000 1.5 @@ -62,7 +62,7 @@ #define PATH_MAX 512 #endif -char *get_perl_file(char *); +char *get_perl_file(char *, size_t); /* @@ -77,7 +77,7 @@ printf("Content-type:text/html;charset=UTF-8\n\n<html>Hi\n"); - get_perl_file(script); + get_perl_file(script, sizeof(script)-1); if (strchr(script, '/') != NULL || strchr(script, '\\') != NULL) { printf("Paths not allowed. Filenames only.\n"); @@ -94,10 +94,11 @@ } char * -get_perl_file(char *script) { +get_perl_file(char *script, size_t scriptsize) { char *qs = getenv("QUERY_STRING"); char *p1 = NULL; char *p2 = NULL; + size_t maxsize; if (qs == NULL || *qs == '\0') { printf("No QUERY_STRING found\n"); @@ -113,6 +114,8 @@ for (p2 = p1; *p2 != '\0' && *p2 != '&'; p2++); - strncpy(script, p1, p2-p1); - script[p2-p1] = '\0'; + maxsize = (scriptsize < (p2-p1)) ? scriptsize : (p2-p1); + + PL_strncpyz(script, p1, maxsize); + script[maxsize] = '\0'; }

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/clients/dsgw cgiutil.c, 1.6, 1.7 ckdel.c, 1.4, 1.5 ckdump.c, 1.4, 1.5 ckget.c, 1.4, 1.5 ckpurge.c, 1.4, 1.5 ckput.c, 1.4, 1.5 config.c, 1.5, 1.6 cookie.c, 1.5, 1.6 dbtdsgw.h, 1.4, 1.5 domodify.c, 1.5, 1.6 dsexpldif.c, 1.4, 1.5 dsgw.h, 1.6, 1.7 dsgwutil.c, 1.5, 1.6 dsimpldif.c, 1.4, 1.5 emitf.c, 1.4, 1.5 entrydisplay.c, 1.5, 1.6 htmlparse.c, 1.4, 1.5 ldaputil.c, 1.4, 1.5 templateindex.c, 1.4, 1.5 tutor.c, 1.4, 1.5

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/clients/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/clients/dsgw Modified Files: cgiutil.c ckdel.c ckdump.c ckget.c ckpurge.c ckput.c config.c cookie.c dbtdsgw.h domodify.c dsexpldif.c dsgw.h dsgwutil.c dsimpldif.c emitf.c entrydisplay.c htmlparse.c ldaputil.c templateindex.c tutor.c Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: cgiutil.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/cgiutil.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- cgiutil.c 4 May 2005 16:37:27 -0000 1.6 +++ cgiutil.c 11 Apr 2006 02:14:32 -0000 1.7 @@ -236,7 +236,7 @@ if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) { char errbuf[ 256 ]; - PR_snprintf( errbuf, 256, + PR_snprintf( errbuf, sizeof(errbuf), XP_GetClientStr(DBT_missingFormDataElement100s_), varname ); dsgw_error( DSGW_ERR_BADFORMDATA, errbuf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -325,21 +325,24 @@ vars++; ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1)); - - x=0; - /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ - tmp = strtok(in, "&"); - ans[x]=dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - - while((tmp = strtok(NULL, "&"))) { - if ( strchr( tmp, '=' ) == NULL ) { - break; + if (ans) { + x=0; + /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ + tmp = strtok(in, "&"); + if (tmp && *tmp && strchr(tmp, '=')) { + ans[x]=dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + + while((x <= vars) && (tmp = strtok(NULL, "&"))) { + if ( strchr( tmp, '=' ) == NULL ) { + break; + } + ans[x] = dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + } + } + ans[x] = NULL; } - ans[x] = dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - } - ans[x] = NULL; return(ans); } Index: ckdel.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckdel.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ckdel.c 19 Apr 2005 22:07:01 -0000 1.4 +++ ckdel.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -45,12 +45,16 @@ main( int argc, char **argv) { char cookie[ 512 ]; + char *ptr; int rc; printf( "Remove an entry to the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (ptr = strchr(cookie, '\n')) { + *ptr = 0; + } rc = dsgw_delcookie( cookie ); if ( rc == 0 ) { Index: ckdump.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckdump.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ckdump.c 19 Apr 2005 22:07:01 -0000 1.4 +++ ckdump.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -44,12 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; - #ifdef notdef /* this was some testing code... */ { char *ck, *r, *d, *p; Index: ckget.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckget.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ckget.c 19 Apr 2005 22:07:01 -0000 1.4 +++ ckget.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -55,9 +55,15 @@ printf( "Retrieve an entry from the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (p = strchr(cookie, '\n')) { + *p = 0; + } printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } rc = dsgw_ckdn2passwd( cookie, dn, &pw ); if ( rc == 0 ) { Index: ckpurge.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckpurge.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ckpurge.c 19 Apr 2005 22:07:01 -0000 1.4 +++ ckpurge.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -44,11 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; int np = 0; time_t last; FILE *fp; Index: ckput.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckput.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ckput.c 19 Apr 2005 22:07:01 -0000 1.4 +++ ckput.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -59,17 +59,18 @@ SEC_RNGInit(); SEC_SystemInfoForRNG(); + dn[0] = pw[0] = lifesec[0] = 0; if ( argc > 1 ) { while (( c = getopt( argc, argv, "d:l:p:" )) != EOF ) { switch ( c ) { case 'd': - strcpy( dn, optarg ); + PL_strncpyz( dn, optarg, sizeof(dn) ); break; case 'l': - strcpy( lifesec, optarg ); + PL_strncpyz( lifesec, optarg, sizeof(lifesec) ); break; case 'p': - strcpy( pw, optarg ); + PL_strncpyz( pw, optarg, sizeof(pw) ); break; } } @@ -77,11 +78,20 @@ if ( strlen( dn ) == 0 || strlen( pw ) == 0 || strlen( lifesec ) == 0 ) { printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } printf( "passwd: " ); - gets( pw ); + fgets( pw, sizeof(pw), stdin ); + if (p = strchr(pw, '\n')) { + *p = 0; + } printf( "expires in how many seconds? " ); - gets( lifesec ); + fgets( lifesec, sizeof(lifesec), stdin ); + if (p = strchr(lifesec, '\n')) { + *p = 0; + } } lifetime = atol( lifesec ); Index: config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/config.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- config.c 19 Apr 2005 22:07:02 -0000 1.5 +++ config.c 11 Apr 2006 02:14:32 -0000 1.6 @@ -298,22 +298,6 @@ read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 ); free( fname ); -#if 0 - /* if necessary, try to set path to certificate database */ -#ifndef DSGW_NO_SSL - if ( gc->gc_ldapssl && gc->gc_securitypath == NULL ) { - if ( gc->gc_admserv ) { - if (( p = get_nsadm_var( "CertFile" )) != NULL ) { - gc->gc_securitypath = dsgw_ch_malloc( strlen( p ) + 4 ); - sprintf( gc->gc_securitypath, "%s.db", p ); - } - } else { - gc->gc_securitypath = DSGW_DEFSECURITYPATH; - } - } -#endif -#endif - if ( browser_ignores_acceptcharset() ) { set_dsgwcharset(); } else { @@ -379,7 +363,7 @@ if ( strstr( filename, "dsgw-l10n.conf" ) != NULL ) { return; /* ignore if it's dsgw-l10n.conf */ } - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSN_), filename ); dsgw_error( DSGW_ERR_BADCONFIG, buf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -978,7 +962,7 @@ return; } - PR_snprintf( tmpldif, 128, "%s.tmp", ldif); + PR_snprintf( tmpldif, sizeof(tmpldif), "%s.tmp", ldif); if ( (newfp = fopen( tmpldif, "w" )) == NULL ) { dsgw_emitf (XP_GetClientStr(DBT_AppSuffixCouldNotOpenTmpFileSN_), ldif); @@ -1199,7 +1183,7 @@ } /* read old dbswitch.conf contents */ - PR_snprintf( oldfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( oldfname, sizeof(oldfname), "%s/%s", userdb_path, DSGW_DBSWITCH_FILE ); if (( rc = dbconf_read_config_file( oldfname, &cip )) != LDAPU_SUCCESS ) { report_ldapu_error( rc, DSGW_ERR_BADCONFIG, erropts ); @@ -1207,10 +1191,10 @@ } /* write db info to new file, replacing information for "dbhandle" */ - PR_snprintf( newfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( newfname, sizeof(newfname), "%s/%s", userdb_path, DSGW_DBSWITCH_TMPFILE ); if (( newfp = fopen( newfname, "w" )) == NULL ) { - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSForWritingN_), newfname ); dsgw_error( DSGW_ERR_UPDATE_DBSWITCH, buf, erropts, 0, NULL ); return( -1 ); @@ -1693,7 +1677,7 @@ for ( token = strtok_quote( line, " \t" ); token != NULL; token = strtok_quote( NULL, " \t" ) ) { if ( *argcp == MAXARGS ) { - PR_snprintf( buf, 20, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_maxD_), MAXARGS ); dsgw_error( DSGW_ERR_CONFIGTOOMANYARGS, buf, DSGW_ERROPT_EXIT, 0, NULL ); Index: cookie.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/cookie.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- cookie.c 19 Apr 2005 22:07:02 -0000 1.5 +++ cookie.c 11 Apr 2006 02:14:32 -0000 1.6 @@ -144,8 +144,8 @@ PK11_ConfigurePKCS11(NULL, NULL, tokDes, ptokDes, NULL, NULL, NULL, NULL, 0, 0 ); /*NSS_NoDB_Init(NULL);*/ dsgw_initNSS(); - PK11_GenerateRandom(buf, RNDBUFLEN); - return( buf2str( buf, RNDBUFLEN )); + PK11_GenerateRandom(buf, sizeof(buf)); + return( buf2str( buf, sizeof(buf) )); } @@ -162,7 +162,7 @@ #define F_OK 0 #endif #endif - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if ( access( cdb, F_OK ) == 0 ) { fp = fopen( cdb, "r+" ); @@ -253,7 +253,7 @@ } for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); #ifdef DSGW_DEBUG dsgw_log( "dsgw_ckdn2passwd: cookie <%s> not found in db\n", @@ -433,14 +433,14 @@ if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; } - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { dsgw_closecookiedb( fp ); return -1; } rc = DSGW_CKDB_KEY_NOT_PRESENT; for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, rndstr, CKLEN )) { @@ -513,7 +513,7 @@ pos = ftell( fp ); fseek( fp, 0L, SEEK_SET ); - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { ret = (time_t) 0L; } else { @@ -553,7 +553,7 @@ size_t csize; /* current size of file */ char cdb[MAXPATHLEN]; /*DSGW_COOKIEDB_FNAME + context*/ - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; @@ -576,10 +576,11 @@ char *p; char *dbdn; int nukeit; + size_t maxlen = sizeof(expbuf); nukeit = 0; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, "lastpurge:", 10 ) == 0 ) { @@ -596,8 +597,13 @@ dsgw_closecookiedb( fp ); return -1; } - strncpy( expbuf, exp, p - exp ); - expbuf[ p - exp ] = '\0'; + if ((p - exp) < maxlen) { + maxlen = p - exp; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); /* Get the entry's DN */ @@ -678,7 +684,7 @@ return; } - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "Cookie database is empty (no lastpurge line)\n" ); return; @@ -686,8 +692,9 @@ puts( buf ); for (;;) { + size_t maxlen = sizeof(expbuf); char *p; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "%d entries, %d expired\n", total, expired ); return; @@ -702,8 +709,13 @@ return; } printf( "%s", buf ); - strncpy( expbuf, exp, p - exp + 1 ); - expbuf[ p - exp + 1 ] = '\0'; + if ((p - exp + 1) < maxlen) { + maxlen = p - exp + 1; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); total++; if ( now > atol( expbuf )) { @@ -752,6 +764,7 @@ return NULL; } + /* richm: replace with PR_smprintf */ ckbuf = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( r ) + strlen( edn ) + strlen( DSGW_AUTHCKNAME ) + 2 + 20 ); ckbuf[ 0 ] = '\0'; @@ -770,26 +783,6 @@ -#if 0 -/* - * Given a time_t, return a GMTString representation of that time. - */ -char * -dsgw_t2gmts( time_t cktime ) -{ - time_t tnl; - struct tm *pt; -#define TBUFSIZE 40 - char tbuf[ TBUFSIZE ]; - - tnl = time( NULL ); - pt = gmtime( &tnl ); - (void)strftime( tbuf, (size_t)TBUFSIZE, "%A, %d-%b-%y %T GMT", pt); - return( dsgw_ch_strdup( tbuf )); -} -#endif - - /* * Password obfuscation, etc. * There is no real security here -- we just encrypt using a hard-coded key. Index: dbtdsgw.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dbtdsgw.h,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dbtdsgw.h 19 Apr 2005 22:07:02 -0000 1.4 +++ dbtdsgw.h 11 Apr 2006 02:14:32 -0000 1.5 @@ -463,5 +463,6 @@ ResDef( DBT_missingArgumentForOrgChartURLDirectiv_, 412, "Missing argument for \"url-orgchart-base\" directive\n" )/*extracted from config.c*/ ResDef( DBT_missingArgumentForOrgChartSearchAttr_ , 413, "Missing argument for \"orgchart-attrib-farleft-rdn\" directive\n" )/*extracted from config.c*/ ResDef( DBT_theCharsetIsNotSupported , 414, "The charset is not supported\n" ) + ResDef( DBT_invalidTemplateVarLen, 415, "The string length %d of template variable \"%s\" is too long\n" ) END_STR(dsgw) Index: domodify.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/domodify.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- domodify.c 20 May 2005 15:52:43 -0000 1.5 +++ domodify.c 11 Apr 2006 02:14:32 -0000 1.6 @@ -153,7 +153,7 @@ } if ( !quiet ) { - PR_snprintf( buf, 256, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_SDirectoryEntry_), changedesc ); dsgw_html_begin( buf, 1 ); } else { @@ -413,7 +413,7 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp ) { int lderr, i, j, opoffset, modop, mls, unique, unchanged_count; - char *varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs; + char *varname, *varvalue, *attr, *p, **vals, **unchanged_attrs; char *ntuserid = NULL; LDAPMod **pmods; Index: dsexpldif.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsexpldif.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dsexpldif.c 19 Apr 2005 22:07:02 -0000 1.4 +++ dsexpldif.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -124,14 +124,14 @@ if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"%s\" -h %s -p %d \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_ldapsearchbase, gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"\" -C %s \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } Index: dsgw.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsgw.h,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- dsgw.h 20 May 2005 15:52:43 -0000 1.6 +++ dsgw.h 11 Apr 2006 02:14:32 -0000 1.7 @@ -825,7 +825,12 @@ int dsgw_parse_cookie( char *cookie, char **rndstr, char **dn ); char *dsgw_getvp( int cginum ); #ifdef DSGW_DEBUG -void dsgw_log( char *fmt, ... ); +void dsgw_log( char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif void dsgw_logstringarray( char *arrayname, char **strs ); void dsgw_log_out (const char* s, size_t n); #else @@ -875,16 +880,36 @@ void dsgw_strcat_escaped( char *s1, const char *s2 ); char *dsgw_strdup_escaped( const char *s ); void dsgw_substitute_and_output( char *s, char *tag, char *value, int escape ); -void dsgw_form_begin( const char* name, const char* format, ... ); +void dsgw_form_begin( const char* name, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif char *dsgw_strdup_with_entities( char *s, int *madecopyp ); void dsgw_HTML_emits( char * ); void dsgw_emit_cgi_var( int argc, char **argv ); -void dsgw_emit_button( int argc, char **argv, const char* format, ... ); +void dsgw_emit_button( int argc, char **argv, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_alertForm(); -void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ); +void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_confirmForm(); void dsgw_emit_confirm( const char* frame, const char* yes, const char* no, - const char* windowOptions, int enquote, const char* fmt, ... ); + const char* windowOptions, int enquote, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 6, 7))); +#else + ; +#endif /* * in htmlparse.c: @@ -983,7 +1008,12 @@ * in emitf.c */ int dsgw_emits (const char* s); /* like fputs(s, stdout) */ -int dsgw_emitf (const char* format, ...); /* like printf */ +int dsgw_emitf (const char* format, ...) /* like printf */ +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif int dsgw_emitfv (const char* format, va_list argl); char* dsgw_emit_converts_to (char* charset); int is_UTF_8 (const char* charset); @@ -995,7 +1025,12 @@ void dsgw_quotation_begin (int kind); void dsgw_quotation_end(); int dsgw_quote_emits (int kind, const char* s); -int dsgw_quote_emitf (int kind, const char* format, ...); +int dsgw_quote_emitf (int kind, const char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif /* * in collate.c Index: dsgwutil.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsgwutil.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- dsgwutil.c 19 Apr 2005 22:07:02 -0000 1.5 +++ dsgwutil.c 11 Apr 2006 02:14:32 -0000 1.6 @@ -927,7 +927,7 @@ #endif install_dir = getenv("NETSITE_ROOT"); if (install_dir != NULL) { - sprintf(tmp_log, "%s/tmp/dsgw", install_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s/tmp/dsgw", install_dir); #if defined( XP_WIN32 ) for(ilen=0; ilen < strlen(tmp_log); ilen++) { @@ -937,15 +937,15 @@ #endif /* XP_WIN32 */ } else { #if defined( XP_WIN32 ) - ilen = strlen(tmp_dir); GetTempPath( ilen+1, tmp_dir ); + ilen = strlen(tmp_dir); /* Remove trailing slash. */ pch = tmp_dir[ilen-1]; if( pch == '\\' || pch == '/' ) tmp_dir[ilen-1] = '\0'; - sprintf(tmp_log, "%s\\DSGW", tmp_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s\\DSGW", tmp_dir); #else - sprintf(tmp_log, "/tmp/dsgw"); + PR_snprintf(tmp_log, sizeof(tmp_log), "/tmp/dsgw"); #endif } return tmp_log; @@ -964,7 +964,7 @@ #else "%s/%.50s.out"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); log_out_fp = fopen( fname, "w" ); } if (log_out_fp != NULL) { @@ -996,14 +996,14 @@ #else "%s/%.50s"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); if (( logfp = fopen( fname, "a+" )) == NULL ) { return; } } - memcpy( timebuf, ctime( &t ), 19 ); - timebuf[ 19 ] = '\0'; + memcpy( timebuf, ctime( &t ), sizeof(timebuf)-1 ); + timebuf[ sizeof(timebuf)-1 ] = '\0'; fprintf( logfp, "%s %s: ", timebuf, progname ); va_start( ap, fmt ); @@ -1327,7 +1327,7 @@ } } for ( i=0 ; i<countLang ; i++ ) { - strcpy(AcceptLanguageList[i],ptrLanguage[i]); + PL_strncpyz(AcceptLanguageList[i],ptrLanguage[i],sizeof(AcceptLanguageList[i])); } } else { @@ -1336,7 +1336,7 @@ cPtr = strtok(input,","); while (cPtr) { if (strlen(cPtr)<MAX_ACCEPT_LENGTH) { /* ignore if too long */ - strcpy(AcceptLanguageList[countLang++],cPtr); + PL_strncpyz(AcceptLanguageList[countLang++],cPtr,sizeof(AcceptLanguageList[i])); if (countLang>=MAX_ACCEPT_LANGUAGE) break; /* quit if too many */ } cPtr = strtok(NULL,","); Index: dsimpldif.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsimpldif.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dsimpldif.c 19 Apr 2005 22:07:02 -0000 1.4 +++ dsimpldif.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -148,17 +148,17 @@ if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -h %s -p %d -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -h %s -p %d -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c",gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -C %s -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -C %s -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c", gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } - PR_snprintf (path, BIG_LINE, "%s%s", userdb_path, DSGW_TOOLSDIR); + PR_snprintf (path, sizeof(path), "%s%s", userdb_path, DSGW_TOOLSDIR); chdir ( path ); fflush (stdout); if (system (cmd) == 0) { Index: emitf.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/emitf.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- emitf.c 19 Apr 2005 22:07:02 -0000 1.4 +++ emitf.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -188,12 +188,12 @@ char deffmt[DEFFMTC]; char* fmt = deffmt; - size_t fmtc = DEFFMTC; + size_t fmtc = sizeof(deffmt); const char* next; const char* f; - char buf [1024]; + char buf [1024] = {0}; int i; i = count_slots (format); @@ -396,33 +396,33 @@ } /* produce a single argument */ switch (islot->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: goto bail; /* how did this happen? */ case TYPE_PERCENT: @@ -647,7 +647,7 @@ s += slen; /* advance pointer to next unconverted chars */ /* convert as many chars from s as will fit in buf */ result = dsgw_convert(DSGW_FROM_UTF8, emit_converter, - &bufptr, CONVERT_BUFSIZE, &len, + &bufptr, sizeof(buf), &len, s, n, &slen, &err); /* write the converted chars to the output */ n = dsgw_emitq ((FILE*)parm, buf, len); @@ -661,34 +661,6 @@ return parm; } -#if 0 -static void -dsgw_convert (void* parm, const char* s, size_t n) - /* Transform the output, in a visually distinctive way. - This function is intended for testing, only. - */ -{ - while (parm && n > 0) { - const size_t len = LDAP_UTF8LEN(s); - if (len == 1 && *s >= '!' && *s <= '~') { /* ASCII */ - /* output the double-width variant of this character */ - unsigned c = (unsigned)*s - '!' + 0xFF01; - unsigned char buf[3]; - buf[2] = 0x80 | (c & 0x3F); c >>= 6; - buf[1] = 0x80 | (c & 0x3F); c >>= 6; - buf[0] = 0xE0 | (c & 0x0F); - parm = dsgw_emitn (parm, (char*)buf, 3); - } else { - parm = dsgw_emitn (parm, s, len); - } - if (parm) { - n -= len; - s += len; - } - } -} -#endif - int dsgw_emits (const char* s) /* This function works like fputs(s, stdout), except it Index: entrydisplay.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/entrydisplay.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- entrydisplay.c 20 May 2005 15:52:43 -0000 1.5 +++ entrydisplay.c 11 Apr 2006 02:14:32 -0000 1.6 @@ -239,7 +239,9 @@ static char *dsgw_time(time_t secs_since_1970); /* attribute syntax handler routines */ +#if NEEDED_FOR_DEBUGGING static void ntdomain_display( struct dsgw_attrdispinfo *adip ); +#endif static void ntuserid_display( struct dsgw_attrdispinfo *adip ); static void str_display( struct dsgw_attrdispinfo *adip ); static void str_edit( struct dsgw_attrdispinfo *adip ); @@ -1623,10 +1625,10 @@ memcpy( &iValue, bin_data.bv_val, sizeof( iValue ) ); if(( adip->adi_opts & DSGW_ATTROPT_DECIMAL ) != 0 ) - PR_snprintf( szFormat, 512, "%%lu" ); + PR_snprintf( szFormat, sizeof(szFormat), "%%lu" ); else - PR_snprintf( szFormat, 512, "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); - PR_snprintf( szFlags, 512, szFormat, iValue ); + PR_snprintf( szFormat, sizeof(szFormat), "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); + PR_snprintf( szFlags, sizeof(szFlags), szFormat, iValue ); fputs( szFlags, stdout ); @@ -1639,6 +1641,7 @@ } } +#if NEEDED_FOR_DEBUGGING /* * display handler for NT Domain Identifier string */ @@ -1671,7 +1674,7 @@ } } - +#endif /* @@ -3222,7 +3225,7 @@ } /* convert to utf8 */ - u_strToUTF8(obuf, BSIZ, NULL, dstr0, myStrlen, &err); + u_strToUTF8(obuf, sizeof(obuf), NULL, dstr0, myStrlen, &err); if (err != U_ZERO_ERROR) { dsgw_error( DSGW_ERR_LDAPGENERAL, NULL, DSGW_ERROPT_EXIT, err, NULL ); Index: htmlparse.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/htmlparse.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- htmlparse.c 19 Apr 2005 22:07:02 -0000 1.4 +++ htmlparse.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -202,14 +202,14 @@ } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT && !strcmp(templates[ index ].name + 1, "CONTEXT ")) { char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, context); + PR_snprintf( line, sizeof(line), templates[ index ].format, context); dsgw_emits( line ); } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT ) { /* I just can't believe there's no easy way to create * a va_list. */ char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, + PR_snprintf( line, sizeof(line), templates[ index ].format, ( *argc > 0 && vars[ 0 ] != NULL ) ? vars[ 0 ]: "", ( *argc > 1 && vars[ 1 ] != NULL ) ? vars[ 1 ]: "", ( *argc > 2 && vars[ 2 ] != NULL ) ? vars[ 2 ]: "", @@ -377,14 +377,14 @@ dsgw_emits("<center><table border=2 width=100%%>\n"); - util_snprintf(line, BIG_LINE, "<tr>"); + util_snprintf(line, sizeof(line), "<tr>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<td align=center width=100%%>"); + util_snprintf(line, sizeof(line), "<td align=center width=100%%>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<hr size=0 width=0>"); + util_snprintf(line, sizeof(line), "<hr size=0 width=0>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<FONT size=+2><b>%s</b></FONT>" + util_snprintf(line, sizeof(line), "<FONT size=+2><b>%s</b></FONT>" "<hr size=0 width=0>" "</th>", ( argc > 0 ) ? argv[0] : "" ); dsgw_emits(line); @@ -399,7 +399,7 @@ char line[BIG_LINE]; dsgw_emits("<HTML>"); dsgw_head_begin(); - util_snprintf(line, BIG_LINE, "\n<TITLE>%s</TITLE></HEAD>\n" + util_snprintf(line, sizeof(line), "\n<TITLE>%s</TITLE></HEAD>\n" "<BODY %s>\n", ( argc > 0 ) ? argv[0] : "", dsgw_html_body_colors ); dsgw_emits(line); } @@ -411,10 +411,10 @@ char line[BIG_LINE]; if ( argc > 0 ) { - util_snprintf(line, BIG_LINE, "<BODY %s %s>\n", dsgw_html_body_colors, + util_snprintf(line, sizeof(line), "<BODY %s %s>\n", dsgw_html_body_colors, ( argc > 0 ) ? argv[0] : "" ); } else { - util_snprintf(line, BIG_LINE, "<BODY %s>\n", dsgw_html_body_colors ); + util_snprintf(line, sizeof(line), "<BODY %s>\n", dsgw_html_body_colors ); } dsgw_emits(line); @@ -451,14 +451,14 @@ if(!verify) { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_ok_1)); dsgw_emits(outstr); } else { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onclick=\"verify(this.form)\">" "</td>\n", @@ -467,7 +467,7 @@ } { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=reset value=\"%s\"></td>\n", XP_GetClientStr(DBT_reset_)); dsgw_emits(outstr); @@ -489,12 +489,12 @@ dsgw_emits("<center><table border=2 width=100%%><tr>"); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_done_)); dsgw_emits(outstr); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onClick=\"top.close()\"></td>\n", XP_GetClientStr(DBT_cancel_2)); @@ -707,8 +707,19 @@ } } else { if ( isvar != -1 ) { - isvar += LDAP_UTF8COPY(scratch + isvar, string); - scratch[ isvar ] = '\0'; + /* check for scratch overflow */ + if ((strlen(string) + isvar) < sizeof(scratch)) { + isvar += LDAP_UTF8COPY(scratch + isvar, string); + scratch[ isvar ] = '\0'; + } else { + char msg[BUFSIZ]; + /* error - buffer overflow */ + PR_snprintf(msg, sizeof(msg), XP_GetClientStr(DBT_invalidTemplateVarLen), + strlen(string), string); + template_error(msg); + *argc = 0; + return NULL; + } } else { if ( *string == DIRECTIVE_END ) { break; Index: ldaputil.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ldaputil.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ldaputil.c 19 Apr 2005 22:07:02 -0000 1.4 +++ ldaputil.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -50,6 +50,7 @@ #include <io.h> #include <fcntl.h> #endif +#include "libadminutil/distadm.h" static dsgwtmplinfo *init_listdisplay( char *tmplname, unsigned long options ); static int do_search( dsgwtmplinfo *tip, LDAP *ld, char *base, int scope, @@ -1305,7 +1306,7 @@ *errsp = XP_GetClientStr(DBT_invalidUserIdOrNullLdapHandle_); return NULL; } - PR_snprintf( filtbuf, 85, "uid=%s", uid ); + PR_snprintf( filtbuf, sizeof(filtbuf), "uid=%s", uid ); if (( rc = ldap_search_s( ld, base, LDAP_SCOPE_SUBTREE, filtbuf, attrs, 1, &result )) != LDAP_SUCCESS ) { @@ -1423,10 +1424,10 @@ } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "%s\n<SELECT NAME=\"%s\">\n", + util_snprintf( line, sizeof(line), "%s\n<SELECT NAME=\"%s\">\n", prefix, varname ); } else { - util_snprintf( line, BIG_LINE, "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", + util_snprintf( line, sizeof(line), "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", varname ); } dsgw_emits( line ); @@ -1463,7 +1464,7 @@ } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "</SELECT>\n%s\n", suffix ); + util_snprintf( line, sizeof(line), "</SELECT>\n%s\n", suffix ); dsgw_emits( line ); } @@ -1500,7 +1501,7 @@ } } - util_snprintf( line, BIG_LINE, " VALUE=\"%s\">%s\n", escapeddn, + util_snprintf( line, sizeof(line), " VALUE=\"%s\">%s\n", escapeddn, only_one ? "" : friendlyname ); free( escapeddn ); if ( rdns != NULL ) { Index: templateindex.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/templateindex.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- templateindex.c 19 Apr 2005 22:07:02 -0000 1.4 +++ templateindex.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -63,11 +63,11 @@ if( ( dir == NULL ) || (strlen( dir ) == 0) ) return NULL; - if( ( ret = malloc( sizeof( char * ) ) ) == NULL ) + if( ( ret = malloc( sizeof( char * ) * 2 ) ) == NULL ) return NULL; - strcpy(szWildcardFileSpec, dir); - strcat(szWildcardFileSpec, "/*"); + PL_strncpyz(szWildcardFileSpec, dir, sizeof(szWildcardFileSpec)); + PL_strcatn(szWildcardFileSpec, sizeof(szWildcardFileSpec), "/*"); hFile = _findfirst( szWildcardFileSpec, &fileinfo); if( hFile == -1 ) Index: tutor.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/tutor.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- tutor.c 19 Apr 2005 22:07:03 -0000 1.4 +++ tutor.c 11 Apr 2006 02:14:32 -0000 1.5 @@ -124,7 +124,7 @@ *tmp='\0'; dsgw_emitf("<BASE href=\"%s%s/%s\">\n", surl, sn, base); } - while( fgets(line, BIG_LINE, html)) { + while( fgets(line, sizeof(line), html)) { dsgw_emits( line ); } } @@ -210,7 +210,7 @@ map=fopen(man_index, "r"); if(!map) goto ohwell; - while(fgets(line, BIG_LINE, map)) { + while(fgets(line, sizeof(line), map)) { if(line[0]==';') continue; else if(ldap_utf8isspace(line))

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/admin/src cfg_sspt.c, 1.8, 1.9 create_instance.c, 1.26, 1.27 ds_remove_uninst.cpp, 1.6, 1.7 init_ds_env.c, 1.5, 1.6 instindex.cpp, 1.9, 1.10

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/admin/src In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/admin/src Modified Files: cfg_sspt.c create_instance.c ds_remove_uninst.cpp init_ds_env.c instindex.cpp Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: cfg_sspt.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/cfg_sspt.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- cfg_sspt.c 16 Feb 2006 17:39:47 -0000 1.8 +++ cfg_sspt.c 11 Apr 2006 02:14:31 -0000 1.9 @@ -239,6 +239,12 @@ #ifdef CGI_DEBUG #include <stdarg.h> +static void debug_log (const char* file, const char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif static void debug_log (const char* file, const char* format, ...) @@ -375,6 +381,12 @@ list of strings to substitute in the format; basically just constructs the correct aci string and passes it to add_aci */ +int add_aci_v(LDAP* ld, char* DN, char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif int add_aci_v(LDAP* ld, char* DN, char* format, ...) { Index: create_instance.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v retrieving revision 1.26 retrieving revision 1.27 diff -u -r1.26 -r1.27 --- create_instance.c 16 Mar 2006 22:19:31 -0000 1.26 +++ create_instance.c 11 Apr 2006 02:14:31 -0000 1.27 @@ -145,6 +145,13 @@ #endif static char *make_error(char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif + +static char *make_error(char *fmt, ...) { static char errbuf[ERR_SIZE]; va_list args; @@ -661,6 +668,12 @@ #define chownsearch(a, b) #endif +char *gen_script(char *s_root, char *name, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif char *gen_script(char *s_root, char *name, char *fmt, ...) { @@ -715,6 +728,12 @@ } char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 4, 5))); +#else + ; +#endif +char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...) { char myperl[PATH_SIZE]; char fn[PATH_SIZE]; @@ -1356,8 +1375,7 @@ /* ---------------------- Update server script files ---------------------- */ int update_server(server_config_s *cf) { - char line[PATH_SIZE], *t, *sroot = cf->sroot; - char subdir[PATH_SIZE]; + char *t; char error_param[BIG_LINE] = {0}; #if defined( SOLARIS ) Index: ds_remove_uninst.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/ds_remove_uninst.cpp,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- ds_remove_uninst.cpp 2 Sep 2005 20:40:48 -0000 1.6 +++ ds_remove_uninst.cpp 11 Apr 2006 02:14:31 -0000 1.7 @@ -80,6 +80,13 @@ #include "setupapi.h" #define MAX_STR_SIZE 512 +static void dsLogMessage(const char *level, const char *which, + const char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif static InstallLog *installLog = NULL; Index: init_ds_env.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/init_ds_env.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- init_ds_env.c 19 Apr 2005 22:06:55 -0000 1.5 +++ init_ds_env.c 11 Apr 2006 02:14:31 -0000 1.6 @@ -48,6 +48,7 @@ #include "libadminutil/distadm.h" #include "init_ds_env.h" #include "dsalib.h" +#include "prprf.h" int init_ds_env() { Index: instindex.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/instindex.cpp,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- instindex.cpp 14 Mar 2006 17:13:38 -0000 1.9 +++ instindex.cpp 11 Apr 2006 02:14:31 -0000 1.10 @@ -55,7 +55,7 @@ #include <string.h> /* --------------------------------- main --------------------------------- */ - +#if NEEDED_FOR_DEBUGGING static void printInfo(int argc, char *argv[], char *envp[], FILE* fp) { @@ -76,6 +76,7 @@ fprintf(fp, "#####################################\n"); } +#endif #if defined (__hpux) && defined (__ia64) int main(int argc, char *argv[], char *envp[])

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver/include/base ereport.h, 1.6, 1.7 util.h, 1.6, 1.7

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/include/base In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/include/base Modified Files: ereport.h util.h Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: ereport.h =================================================================== RCS file: /cvs/dirsec/ldapserver/include/base/ereport.h,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- ereport.h 19 Apr 2005 22:06:44 -0000 1.6 +++ ereport.h 11 Apr 2006 02:14:26 -0000 1.7 @@ -60,7 +60,12 @@ * the current date. */ -NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...); +NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif NSAPI_PUBLIC int INTereport_v(int degree, char *fmt, va_list args); NSPR_END_EXTERN_C Index: util.h =================================================================== RCS file: /cvs/dirsec/ldapserver/include/base/util.h,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- util.h 19 Apr 2005 22:06:44 -0000 1.6 +++ util.h 11 Apr 2006 02:14:26 -0000 1.7 @@ -67,12 +67,22 @@ NSAPI_PUBLIC int INTutil_vsprintf(char *s, register const char *fmt, va_list args); -NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...); +NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif NSAPI_PUBLIC int INTutil_vsnprintf(char *s, int n, register const char *fmt, va_list args); -NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...); +NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif NSAPI_PUBLIC int INTutil_strftime(char *s, const char *format, const struct tm *t);

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver/config pathsub.h,1.4,1.5

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/config In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/config Modified Files: pathsub.h Log Message: Bug(s) fixed: 186280 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: pathsub.h =================================================================== RCS file: /cvs/dirsec/ldapserver/config/pathsub.h,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- pathsub.h 19 Apr 2005 22:06:42 -0000 1.4 +++ pathsub.h 11 Apr 2006 02:14:25 -0000 1.5 @@ -61,7 +61,12 @@ extern char *program; -extern void fail(char *format, ...); +extern void fail(char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif extern char *getcomponent(char *path, char *name); extern char *ino2name(ino_t ino, char *dir); extern void *xmalloc(size_t size);

18 years

1
0
0 / 0

[Fedora-directory-commits] ldapserver buildpaths.mk, 1.13, 1.14 components.mk, 1.46, 1.47

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9783 Modified Files: buildpaths.mk components.mk Log Message: Make the build/pull work like the adminserver does with respect to console. Otherwise, dsbuild with recent code no longer works. Index: buildpaths.mk =================================================================== RCS file: /cvs/dirsec/ldapserver/buildpaths.mk,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- buildpaths.mk 29 Mar 2006 19:42:39 -0000 1.13 +++ buildpaths.mk 8 Apr 2006 19:29:35 -0000 1.14 @@ -139,7 +139,7 @@ ADMINSERVER_SOURCE_ROOT = $(BUILD_ROOT)/../adminserver -LDAPCONSOLE_SOURCE_ROOT = $(BUILD_ROOT)/../directoryconsole +LDAPCONSOLE_SOURCE_ROOT = $(BUILD_ROOT)/.. # these are the files needed to build the java components - xmltools and dsmlgw - # and where to get them Index: components.mk =================================================================== RCS file: /cvs/dirsec/ldapserver/components.mk,v retrieving revision 1.46 retrieving revision 1.47 diff -u -r1.46 -r1.47 --- components.mk 7 Apr 2006 22:19:35 -0000 1.46 +++ components.mk 8 Apr 2006 19:29:35 -0000 1.47 @@ -569,7 +569,7 @@ ADMINSERVER_SUBCOMPS:=admin base ifdef LDAPCONSOLE_SOURCE_ROOT - LDAPCONSOLE_DIR = $(ABS_ROOT)/../built/package + LDAPCONSOLE_DIR = $(LDAPCONSOLE_SOURCE_ROOT)/built/package else LDAPCONSOLE_DIR = $(CLASS_DEST) endif

18 years

1
0
0 / 0

[Fedora-directory-commits] dsbuild/ds/setuputil Makefile,1.3,1.4

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/dsbuild/ds/setuputil In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/setuputil Modified Files: Makefile Log Message: You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ... Right now this only works with the cvs.fedora.redhat.com repository, but it will be easy to add support for others such as mozilla. I added ICU to the mod_admserv build. adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now. ldapserver uses the correct path to directoryconsole now. Index: Makefile =================================================================== RCS file: /cvs/dirsec/dsbuild/ds/setuputil/Makefile,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Makefile 16 Feb 2006 21:34:09 -0000 1.3 +++ Makefile 8 Apr 2006 19:27:05 -0000 1.4 @@ -3,9 +3,14 @@ GARNAME = fedora-setuputil GARVERSION = 1.0.2 CATEGORIES = ds -DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz PATCHFILES = +ifdef USE_CVS +CVSMODULES=setuputil +else +DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz +endif + LIBDEPS = DESCRIPTION = setuputil @@ -22,6 +27,10 @@ BUILD_ARGS += BUILD_DEBUG=optimize endif +ifdef USE_CVS +post-extract: extract-cvs +endif + configure-custom: $(MAKECOOKIE)

18 years

1
0
0 / 0

[Fedora-directory-commits] dsbuild/ds/mod_restartd Makefile, 1.2, 1.3

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/dsbuild/ds/mod_restartd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/mod_restartd Modified Files: Makefile Log Message: You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ... Right now this only works with the cvs.fedora.redhat.com repository, but it will be easy to add support for others such as mozilla. I added ICU to the mod_admserv build. adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now. ldapserver uses the correct path to directoryconsole now. Index: Makefile =================================================================== RCS file: /cvs/dirsec/dsbuild/ds/mod_restartd/Makefile,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- Makefile 14 Feb 2006 22:29:23 -0000 1.2 +++ Makefile 8 Apr 2006 19:27:04 -0000 1.3 @@ -3,9 +3,14 @@ GARNAME = mod_restartd GARVERSION = 1.0.2 CATEGORIES = ds -DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz PATCHFILES = +ifdef USE_CVS +CVSMODULES=mod_restartd +else +DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz +endif + LIBDEPS = DESCRIPTION = mod_restartd @@ -21,6 +26,10 @@ INSTALL_SCRIPTS = custom BUILD_ARGS = +ifdef USE_CVS +post-extract: extract-cvs +endif + ifdef BUILD_MODULE_RPM ifeq ($(DEBUG),full) FLAVOR=dbg

18 years

1
0
0 / 0

[Fedora-directory-commits] dsbuild/ds/onlinehelp Makefile,1.2,1.3

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/dsbuild/ds/onlinehelp In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/onlinehelp Modified Files: Makefile Log Message: You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ... Right now this only works with the cvs.fedora.redhat.com repository, but it will be easy to add support for others such as mozilla. I added ICU to the mod_admserv build. adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now. ldapserver uses the correct path to directoryconsole now. Index: Makefile =================================================================== RCS file: /cvs/dirsec/dsbuild/ds/onlinehelp/Makefile,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- Makefile 14 Feb 2006 22:29:34 -0000 1.2 +++ Makefile 8 Apr 2006 19:27:05 -0000 1.3 @@ -1,15 +1,24 @@ GARNAME = fedora-onlinehelp GARVERSION = 1.0.2 CATEGORIES = ds -DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz PATCHFILES = +ifdef USE_CVS +CVSMODULES=onlinehelp +else +DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz +endif + LIBDEPS = DESCRIPTION = onlinehelp INSTALL_SCRIPTS = custom +ifdef USE_CVS +post-extract: extract-cvs +endif + configure-custom: $(MAKECOOKIE)

18 years

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-commits April 2006