gentoo resync : 06.08.2019

5 files changed, 0 insertions, 343 deletions

diff --git a/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch b/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch
deleted file mode 100644
index 3af2ef95baba..000000000000
--- a/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch
+++ /dev/null
@@ -1,204 +0,0 @@
-Add support for large output
-
-http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.htmlIndex: nrpe-2.14/include/common.h
-===================================================================
-Index: nrpe-2.14/include/common.h
-===================================================================
---- nrpe-2.14.orig/include/common.h
-+++ nrpe-2.14/include/common.h
-@@ -41,7 +41,7 @@
- #define DEFAULT_SOCKET_TIMEOUT	10	/* timeout after 10 seconds */
- #define DEFAULT_CONNECTION_TIMEOUT 300	/* timeout if daemon is waiting for connection more than this time */
- 
--#define MAX_INPUT_BUFFER	2048	/* max size of most buffers we use */
-+#define MAX_INPUT_BUFFER	16384	/* max size of most buffers we use */
- #define MAX_FILENAME_LENGTH     256
- 
- #define MAX_HOST_ADDRESS_LENGTH	256	/* max size of a host address */
-@@ -55,12 +55,14 @@
- 
- #define QUERY_PACKET		1		/* id code for a packet containing a query */
- #define	RESPONSE_PACKET		2		/* id code for a packet containing a response */
-+#define    RESPONSE_PACKET_WITH_MORE   3   /* id code for a packet containing a response, with more data to follow */
- 
- #define NRPE_PACKET_VERSION_3   3               /* packet version identifier */
- #define NRPE_PACKET_VERSION_2   2               
- #define NRPE_PACKET_VERSION_1	1		/* older packet version identifiers (no longer supported) */
- 
- #define MAX_PACKETBUFFER_LENGTH	1024		/* max amount of data we'll send in one query/response */
-+											/* WARNING - do not change this as older clients/servers will not work */
- 
- typedef struct packet_struct{
- 	int16_t   packet_version;
-Index: nrpe-2.14/src/check_nrpe.c
-===================================================================
---- nrpe-2.14.orig/src/check_nrpe.c
-+++ nrpe-2.14/src/check_nrpe.c
-@@ -221,6 +221,11 @@ int main(int argc, char **argv){
- 			return STATE_UNKNOWN;
- 		        }
- 
-+		/* Altinity patch: Allow multiple packets to be received */
-+		/* Indentation not corrected to allow simpler patching */
-+		/* START MULTI_PACKET LOOP */
-+		do {
-+
- 		/* wait for the response packet */
- 		bytes_to_recv=sizeof(receive_packet);
- 		if(use_ssl==FALSE)
-@@ -233,31 +238,24 @@ int main(int argc, char **argv){
- 		/* reset timeout */
- 		alarm(0);
- 
--		/* close the connection */
--#ifdef HAVE_SSL
--		if(use_ssl==TRUE){
--			SSL_shutdown(ssl);
--			SSL_free(ssl);
--			SSL_CTX_free(ctx);
--	                }
--#endif
--		graceful_close(sd,1000);
--
- 		/* recv() error */
- 		if(rc<0){
- 			printf("CHECK_NRPE: Error receiving data from daemon.\n");
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
- 		        }
- 
- 		/* server disconnected */
- 		else if(rc==0){
- 			printf("CHECK_NRPE: Received 0 bytes from daemon.  Check the remote server logs for error messages.\n");
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
- 		        }
- 
- 		/* receive underflow */
- 		else if(bytes_to_recv<sizeof(receive_packet)){
- 			printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet));
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
- 		        }
- 
-@@ -271,21 +269,21 @@ int main(int argc, char **argv){
- 		calculated_crc32=calculate_crc32((char *)&receive_packet,sizeof(receive_packet));
- 		if(packet_crc32!=calculated_crc32){
- 			printf("CHECK_NRPE: Response packet had invalid CRC32.\n");
--			close(sd);
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
-                         }
- 	
- 		/* check packet version */
- 		if(ntohs(receive_packet.packet_version)!=NRPE_PACKET_VERSION_2){
- 			printf("CHECK_NRPE: Invalid packet version received from server.\n");
--			close(sd);
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
- 			}
- 
- 		/* check packet type */
--		if(ntohs(receive_packet.packet_type)!=RESPONSE_PACKET){
-+		if(ntohs(receive_packet.packet_type)!=RESPONSE_PACKET && ntohs(receive_packet.packet_type)!=RESPONSE_PACKET_WITH_MORE){
- 			printf("CHECK_NRPE: Invalid packet type received from server.\n");
--			close(sd);
-+			graceful_close(sd,1000);
- 			return STATE_UNKNOWN;
- 			}
- 
-@@ -297,8 +295,18 @@ int main(int argc, char **argv){
- 		if(!strcmp(receive_packet.buffer,""))
- 			printf("CHECK_NRPE: No output returned from daemon.\n");
- 		else
--			printf("%s\n",receive_packet.buffer);
--	        }
-+			printf("%s",receive_packet.buffer);
-+
-+		} while (ntohs(receive_packet.packet_type)==RESPONSE_PACKET_WITH_MORE);
-+		/* END MULTI_PACKET LOOP */
-+
-+		/* Finish output with newline */
-+		printf("\n");
-+
-+		/* close the connection */
-+		graceful_close(sd,1000);
-+
-+	}
- 
- 	/* reset the alarm */
- 	else
-@@ -434,6 +442,14 @@ int graceful_close(int sd, int timeout){
-         struct timeval tv;
-         char buf[1000];
- 
-+#ifdef HAVE_SSL
-+		if(use_ssl==TRUE){
-+			SSL_shutdown(ssl);
-+			SSL_free(ssl);
-+			SSL_CTX_free(ctx);
-+		}
-+#endif
-+
- 	/* send FIN packet */
-         shutdown(sd,SHUT_WR);  
-         for(;;){
-Index: nrpe-2.14/src/nrpe.c
-===================================================================
---- nrpe-2.14.orig/src/nrpe.c
-+++ nrpe-2.14/src/nrpe.c
-@@ -1056,6 +1056,8 @@ void handle_connection(int sock){
- 	char processed_command[MAX_INPUT_BUFFER];
- 	int result=STATE_OK;
- 	int early_timeout=FALSE;
-+	int bytes_copied=0;
-+	char *pbuffer=&buffer[0];
- 	int rc;
- 	int x;
- #ifdef DEBUG
-@@ -1272,6 +1274,14 @@ void handle_connection(int sock){
- 	if(buffer[strlen(buffer)-1]=='\n')
- 		buffer[strlen(buffer)-1]='\x0';
- 
-+	/* Altinity patch to allow multi packet responses */
-+	/* Loop not indented to allow easier patching */
-+	/* START MULTI_PACKET LOOP */
-+	do {
-+
-+		if(debug==TRUE)
-+			syslog(LOG_DEBUG,"Sending response - bytes left: %d", strlen(pbuffer));
-+
- 	/* clear the response packet buffer */
- 	bzero(&send_packet,sizeof(send_packet));
- 
-@@ -1280,11 +1290,17 @@ void handle_connection(int sock){
- 
- 	/* initialize response packet data */
- 	send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2);
--	send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET);
- 	send_packet.result_code=(int16_t)htons(result);
--	strncpy(&send_packet.buffer[0],buffer,MAX_PACKETBUFFER_LENGTH);
-+	strncpy(&send_packet.buffer[0],pbuffer,MAX_PACKETBUFFER_LENGTH);
- 	send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0';
--	
-+
-+	bytes_copied = strlen(&send_packet.buffer[0]);
-+	pbuffer = pbuffer+bytes_copied;
-+	if(strlen(pbuffer)>0)
-+		send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET_WITH_MORE);
-+	else
-+		send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET);
-+
- 	/* calculate the crc 32 value of the packet */
- 	send_packet.crc32_value=(u_int32_t)0L;
- 	calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet));
-@@ -1303,6 +1319,9 @@ void handle_connection(int sock){
- 		SSL_write(ssl,&send_packet,bytes_to_send);
- #endif
- 
-+	} while (strlen(pbuffer) > 0);
-+	/* END MULTI_PACKET LOOP */
-+
- #ifdef HAVE_SSL
- 	if(ssl){
- 		complete_SSL_shutdown( ssl);
diff --git a/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch b/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch
deleted file mode 100644
index 81078c449713..000000000000
--- a/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -Nuar --exclude '*.orig' nrpe-2.15.orig/configure.in nrpe-2.15/configure.in
---- nrpe-2.15.orig/configure.in	2013-09-06 08:27:13.000000000 -0700
-+++ nrpe-2.15/configure.in	2014-04-19 09:32:52.251766643 -0700
-@@ -6,7 +6,8 @@
- 
- AC_INIT([nrpe],[2.15],[nagios-users@lists.sourceforge.net],[nrpe],[http://www.nagios.org])
- AC_CONFIG_SRCDIR([src/nrpe.c])
--AC_CONFIG_HEADERS([include/config.h])
-+AC_CONFIG_HEADERS([include/autoconf.h])
- AC_CONFIG_FILES([Makefile
-+	include/config.h
- 	subst
- 	src/Makefile
-diff -Nuar --exclude '*.orig' nrpe-2.15.orig/include/config.h.in nrpe-2.15/include/config.h.in
---- nrpe-2.15.orig/include/config.h.in	2013-09-06 08:27:13.000000000 -0700
-+++ nrpe-2.15/include/config.h.in	2014-04-19 09:33:07.620035056 -0700
-@@ -26,6 +26,7 @@
- 
- #include <stdio.h>
- #include <stdlib.h>
-+#include "autoconf.h"
- 
- 
- #define DEFAULT_SERVER_PORT	@nrpe_port@	/* default port to use */
diff --git a/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch b/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch
deleted file mode 100644
index c42f8bfdec00..000000000000
--- a/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Disallow all control characters in argument handling.
-
-This closes a security hole that allowed passing commands via the argument
-handling, if a newline was used to seperate the argument from the rest of the
-command.
-
-X-URL: http://www.exploit-db.com/exploits/32925/
-Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
-
---
-I didn't find any patches from upstream NRPE, so I wrote this quick one.
-If somebody else has a valid use for control characters in NRPE arguments, then
-this could be relaxed slightly.
-
-diff -Nuar --exclude '*.orig' nrpe-2.15.orig/src/nrpe.c nrpe-2.15/src/nrpe.c
---- nrpe-2.15.orig/src/nrpe.c	2014-04-19 09:37:16.022373910 -0700
-+++ nrpe-2.15/src/nrpe.c	2014-04-19 09:46:53.237458939 -0700
-@@ -53,7 +53,7 @@
- 
- #define DEFAULT_COMMAND_TIMEOUT	60			/* default timeout for execution of plugins */
- #define MAXFD                   64
--#define NASTY_METACHARS         "|`&><'\"\\[]{};"
-+#define NASTY_METACHARS         "|`&><'\"\\[]{};\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x7f"
- #define howmany(x,y)	(((x)+((y)-1))/(y))
- #define MAX_LISTEN_SOCKS        16
- 
diff --git a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
deleted file mode 100644
index 3b3fc135455f..000000000000
--- a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-Without this patch, you can't build nrpe without SSL support. It was
-originally submitted on the Nagios forums by user Matthew L. Daniel:
-
-  https://support.nagios.com/forum/viewtopic.php?t=27027
-
-It was merged into the upstream github repo (NagiosEnterprises/nrpe)
-in commit 3736fdeeac11a.
-
-
-diff --git a/src/nrpe.c b/src/nrpe.c
-index 4bc849b..1e55ab4 100644
---- a/src/nrpe.c
-+++ b/src/nrpe.c
-@@ -102,7 +102,9 @@ int     use_src=FALSE; /* Define parameter for SRC option */
- int		listen_queue_size=DEFAULT_LISTEN_QUEUE_SIZE;
- 
- 
-+#ifdef HAVE_SSL
- void complete_SSL_shutdown( SSL *);
-+#endif
- 
- 
- int main(int argc, char **argv){
-@@ -1815,6 +1817,7 @@ int remove_pid_file(void){
- 	return OK;
-         }
- 
-+#ifdef HAVE_SSL
- void complete_SSL_shutdown( SSL *ssl) {
- 
- 	/*  
-@@ -1835,6 +1838,7 @@ void complete_SSL_shutdown( SSL *ssl) {
- 		if( SSL_shutdown( ssl)) break;
- 	}
- }
-+#endif/*HAVE_SSL*/
- 
- /* bail if daemon is running as root */
- int check_privileges(void){
diff --git a/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch b/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch
deleted file mode 100644
index b8a0811b831c..000000000000
--- a/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-diff -Nuar --exclude '*.orig' nrpe-2.15.orig/configure.in nrpe-2.15/configure.in
---- nrpe-2.15.orig/configure.in	2013-09-06 08:27:13.000000000 -0700
-+++ nrpe-2.15/configure.in	2014-04-19 09:20:50.406150828 -0700
-@@ -45,7 +45,7 @@
- AC_HEADER_STDC
- AC_HEADER_TIME
- AC_HEADER_SYS_WAIT
--AC_CHECK_HEADERS(ctype.h dirent.h errno.h fcntl.h getopt.h grp.h inttypes.h netdb.h pwd.h signal.h stdint.h strings.h string.h syslog.h tcpd.h unistd.h arpa/inet.h netinet/in.h socket.h sys/types.h sys/time.h sys/resource.h sys/wait.h sys/socket.h sys/stat.h)
-+AC_CHECK_HEADERS(ctype.h dirent.h errno.h fcntl.h getopt.h grp.h inttypes.h netdb.h pwd.h signal.h stdint.h strings.h string.h syslog.h unistd.h arpa/inet.h netinet/in.h socket.h sys/types.h sys/time.h sys/resource.h sys/wait.h sys/socket.h sys/stat.h)
- 
- dnl Checks for typedefs, structures, and compiler characteristics.
- AC_C_CONST
-@@ -164,11 +164,20 @@
- AC_CHECK_LIB(nsl,main,SOCKETLIBS="$SOCKETLIBS -lnsl")
- AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket")
- AC_SUBST(SOCKETLIBS)
--AC_CHECK_LIB(wrap,main,[
--	LIBWRAPLIBS="$LIBWRAPLIBS -lwrap"
-+
-+AC_ARG_ENABLE([tcp-wrapper],
-+    AS_HELP_STRING([--disable-tcp-wrapper], [Disable building with TCP wrappers. *** DISABLING IS A SECURITY RISK! *** Read the SECURITY file before using this option! @<:@default=enable@:>@]))
-+
-+LIBWRAPLIBS=""
-+AS_IF([test "x$enable_tcp_wrapper" != "xno"], [
-+    AC_CHECK_LIB([wrap],[hosts_access],[
-+        LIBWRAPLIBS="$LIBWRAPLIBS -lwrap"
- 	AC_DEFINE(HAVE_LIBWRAP,[1],[Have the TCP wrappers library])
--	])
-+	AC_DEFINE(HAVE_TCPD_H,[1],[Have the TCP wrappers library])
-+    ])
-+])
- AC_SUBST(LIBWRAPLIBS)
-+
- AC_CHECK_FUNCS(strdup strstr strtoul initgroups closesocket)
- 
- dnl socklen_t check - from curl
-@@ -440,8 +449,11 @@
- AC_SUBST(TARGET_PLATFORM)
- 
- AC_ARG_ENABLE([command-args],
--	AS_HELP_STRING([--enable-command-args],[allows clients to specify command arguments.  *** THIS IS A SECURITY RISK! *** Read the SECURITY file before using this option!]),
--	AC_DEFINE_UNQUOTED(ENABLE_COMMAND_ARGUMENTS,[1],[Enable command-line arguments]))
-+	AS_HELP_STRING([--enable-command-args],[allows clients to specify command arguments.  *** THIS IS A SECURITY RISK! *** Read the SECURITY file before using this option!]))
-+
-+AS_IF([test "x$enable_command_args" = "xyes"], [
-+	AC_DEFINE(ENABLE_COMMAND_ARGUMENTS,[1],[Enable command-line arguments])
-+])
- 
- AC_ARG_ENABLE([bash-command-substitution],
- 	AS_HELP_STRING([--enable-bash-command-substitution],[allows clients to pass bash command substitutions of the form $(command).  *** THIS IS A HIGH SECURITY RISK! *** Read the SECURITY file before using this option!]),