[pkgsrc/trunk]: pkgsrc/security/libgcrypt When exec'ing child processes (nets...

[jmmv <jmmv%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/6d02eccd1693
branches:  trunk
changeset: 477411:6d02eccd1693
user:      jmmv <jmmv%pkgsrc.org@localhost>
date:      Fri Jul 02 13:14:27 2004 +0000

description:
When exec'ing child processes (netstat and vmstat), make sure the standard
file descriptors (0, 1, 2) are open.  This avoids multiple warnings issued
under NetBSD about running set[ug]id programs with those descriptors closed.

Fixes PR pkg/26079; although it talks about gaim, the problem is here, in
libgcrypt.  Bump PKGREVISION to 1.

diffstat:

 security/libgcrypt/Makefile         |   3 ++-
 security/libgcrypt/distinfo         |   3 ++-
 security/libgcrypt/patches/patch-ab |  31 +++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+), 2 deletions(-)

diffs (58 lines):

diff -r 740be2f8462d -r 6d02eccd1693 security/libgcrypt/Makefile
--- a/security/libgcrypt/Makefile       Fri Jul 02 12:52:52 2004 +0000
+++ b/security/libgcrypt/Makefile       Fri Jul 02 13:14:27 2004 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2004/05/26 05:42:28 tron Exp $
+# $NetBSD: Makefile,v 1.20 2004/07/02 13:14:27 jmmv Exp $
 
 DISTNAME=      libgcrypt-1.2.0
+PKGREVISION=   1
 CATEGORIES=    security
 MASTER_SITES=  ftp://ftp.gnupg.org/gcrypt/libgcrypt/ \
                http://gd.tuwien.ac.at/privacy/gnupg/libgcrypt/
diff -r 740be2f8462d -r 6d02eccd1693 security/libgcrypt/distinfo
--- a/security/libgcrypt/distinfo       Fri Jul 02 12:52:52 2004 +0000
+++ b/security/libgcrypt/distinfo       Fri Jul 02 13:14:27 2004 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.7 2004/05/22 10:07:48 adam Exp $
+$NetBSD: distinfo,v 1.8 2004/07/02 13:14:28 jmmv Exp $
 
 SHA1 (libgcrypt-1.2.0.tar.gz) = 3785a47abcb1c15079b18c5df47a474dfe647ec2
 Size (libgcrypt-1.2.0.tar.gz) = 949159 bytes
 SHA1 (patch-aa) = d8f659e4aac872abb152252731fd29bdaac635e3
+SHA1 (patch-ab) = bd713f7cbc6782ced8c2fd2b5541ac52d2a10fbe
diff -r 740be2f8462d -r 6d02eccd1693 security/libgcrypt/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libgcrypt/patches/patch-ab       Fri Jul 02 13:14:27 2004 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-ab,v 1.1 2004/07/02 13:14:28 jmmv Exp $
+
+--- cipher/rndunix.c.orig      2003-12-11 16:43:01.000000000 +0100
++++ cipher/rndunix.c
+@@ -676,6 +676,15 @@ start_gatherer( int pipefd )
+           if( i != n1 && i != n2 && i != pipefd )
+               close(i);
+       }
++
++      /* Reopen standard files (only if needed) so that NetBSD does not
++         complain about executing set[ug]id programs with descriptors 0
++         and/or 1 closed.  At this point, 2 is still open. */
++      if ((i = open("/dev/null", O_RDONLY)) != STDIN_FILENO)
++              close(i);
++      if ((i = open("/dev/null", O_WRONLY)) != STDOUT_FILENO)
++              close(i);
++
+       errno = 0;
+     }
+ 
+@@ -703,6 +712,10 @@ start_gatherer( int pipefd )
+ #endif
+ 
+     fclose(stderr);           /* Arrghh!!  It's Stuart code!! */
++    {
++      int i = open("/dev/null", O_WRONLY);
++      assert(i == STDERR_FILENO);
++    }
+ 
+     for(;;) {
+       GATHER_MSG msg;