From d77ab8c2003e5dd7be33c118892c5fe8d4ddd35f Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Jul 22 2013 14:34:39 +0000 Subject: import finger-0.17-49.el7.src.rpm --- diff --git a/.finger.metadata b/.finger.metadata new file mode 100644 index 0000000..a735bce --- /dev/null +++ b/.finger.metadata @@ -0,0 +1 @@ +cc0ab33494c618cf6f75d3e91c744bd36628cfe5 SOURCES/bsd-finger-0.17.tar.gz diff --git a/README.md b/README.md deleted file mode 100644 index 0e7897f..0000000 --- a/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 - -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/COPYING b/SOURCES/COPYING new file mode 100644 index 0000000..7580a2a --- /dev/null +++ b/SOURCES/COPYING @@ -0,0 +1,30 @@ +Copyright (c) 1980, 1991 The Regents of the University of California. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by the University of + California, Berkeley and its contributors. +4. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. diff --git a/SOURCES/bsd-finger-0.16-allocbroken.patch b/SOURCES/bsd-finger-0.16-allocbroken.patch new file mode 100644 index 0000000..84519c3 --- /dev/null +++ b/SOURCES/bsd-finger-0.16-allocbroken.patch @@ -0,0 +1,18 @@ +--- bsd-finger-0.16/finger/util.c.broken Wed May 31 16:56:46 2000 ++++ bsd-finger-0.16/finger/util.c Wed May 31 16:57:45 2000 +@@ -350,6 +350,7 @@ + eprintf("finger: Out of space.\n"); + exit(1); + } ++ memset(p, 0, sizeof(PERSON)); + return(p); + } + +@@ -362,6 +363,7 @@ + eprintf("finger: Out of space.\n"); + exit(1); + } ++ memset(w, 0, sizeof(WHERE)); + if (pn->whead == NULL) + pn->whead = pn->wtail = w; + else { diff --git a/SOURCES/bsd-finger-0.16-pts.patch b/SOURCES/bsd-finger-0.16-pts.patch new file mode 100644 index 0000000..abae793 --- /dev/null +++ b/SOURCES/bsd-finger-0.16-pts.patch @@ -0,0 +1,16 @@ +--- bsd-finger-0.16/finger/util.c.pts Tue Sep 28 18:53:58 1999 ++++ bsd-finger-0.16/finger/util.c Tue Dec 21 14:12:56 1999 +@@ -71,8 +71,13 @@ + } + snprintf(tbuf, TBUFLEN, "%s/%s", _PATH_DEV, w->tty); + if (stat(tbuf, &sb) < 0) { ++ switch (errno) { ++ case ENOENT: ++ break; ++ default: + eprintf("finger: %s: %s\n", tbuf, strerror(errno)); + return; ++ } + } + w->idletime = now < sb.st_atime ? 0 : now - sb.st_atime; + diff --git a/SOURCES/bsd-finger-0.17-coverity-bugs.patch b/SOURCES/bsd-finger-0.17-coverity-bugs.patch new file mode 100644 index 0000000..06e38ed --- /dev/null +++ b/SOURCES/bsd-finger-0.17-coverity-bugs.patch @@ -0,0 +1,468 @@ +From 88971a0a5660805f71ba8696e9291eaee822d996 Mon Sep 17 00:00:00 2001 +From: Tomas Hozza +Date: Fri, 8 Feb 2013 15:12:32 +0100 +Subject: [PATCH 1/4] OVERRUN (CWE-119) + +Coverity output: +bsd-finger-0.17/finger/util.c:392: cond_true: Condition "*q", taking +true branch +bsd-finger-0.17/finger/util.c:393: cond_false: Condition +"!(*__ctype_b_loc()[(int)*q] & 2048 /* (unsigned short)_ISdigit */)", +taking false branch +bsd-finger-0.17/finger/util.c:394: if_end: End of if statement +bsd-finger-0.17/finger/util.c:394: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/util.c:392: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/util.c:392: cond_false: Condition "*q", taking +false branch +bsd-finger-0.17/finger/util.c:394: loop_end: Reached end of loop +bsd-finger-0.17/finger/util.c:396: alias: Assigning: "p" = "pbuf". "p" +now points to byte 0 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:397: switch: Switch case value "11" +bsd-finger-0.17/finger/util.c:398: switch_case: Reached case "11" +bsd-finger-0.17/finger/util.c:399: ptr_incr: Incrementing "p". "p" now +points to byte 1 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:400: ptr_incr: Incrementing "p". "p" now +points to byte 2 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:401: ptr_incr: Incrementing "p". "p" now +points to byte 3 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:404: ptr_incr: Incrementing "p". "p" now +points to byte 4 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:405: ptr_incr: Incrementing "p". "p" now +points to byte 5 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:406: ptr_incr: Incrementing "p". "p" now +points to byte 6 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:407: ptr_incr: Incrementing "p". "p" now +points to byte 7 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:410: ptr_incr: Incrementing "p". "p" now +points to byte 8 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:411: ptr_incr: Incrementing "p". "p" now +points to byte 9 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:412: ptr_incr: Incrementing "p". "p" now +points to byte 10 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:413: break: Breaking from switch +bsd-finger-0.17/finger/util.c:421: switch_end: Reached end of switch +bsd-finger-0.17/finger/util.c:422: cond_true: Condition "len != 4", +taking true branch +bsd-finger-0.17/finger/util.c:423: ptr_incr: Incrementing "p". "p" now +points to byte 11 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:424: ptr_incr: Incrementing "p". "p" now +points to byte 12 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:426: ptr_incr: Incrementing "p". "p" now +points to byte 13 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:427: ptr_incr: Incrementing "p". "p" now +points to byte 14 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:428: ptr_incr: Incrementing "p". "p" now +points to byte 15 of "pbuf" (which consists of 15 bytes). +bsd-finger-0.17/finger/util.c:429: overrun-local: Overrunning array of +15 bytes at byte offset 15 by dereferencing pointer "p". + +Signed-off-by: Tomas Hozza +--- + finger/util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/finger/util.c b/finger/util.c +index a9c3b5d..ee44541 100644 +--- a/finger/util.c ++++ b/finger/util.c +@@ -386,7 +386,7 @@ prphone(const char *num) + char *p; + const char *q; + int len; +- static char pbuf[15]; ++ static char pbuf[16]; + + /* don't touch anything if the user has their own formatting */ + for (q = num; *q; ++q) +-- +1.8.1.2 + + +From 93a36eb8d32b0cbe3034e3742b128eb81934875c Mon Sep 17 00:00:00 2001 +From: Tomas Hozza +Date: Fri, 8 Feb 2013 15:19:34 +0100 +Subject: [PATCH 2/4] RESOURCE_LEAK (CWE-772) + +Coverity output: +bsd-finger-0.17/finger/finger.c:293: cond_false: Condition "setlocale(6, +"") != NULL", taking false branch +bsd-finger-0.17/finger/finger.c:294: if_end: End of if statement +bsd-finger-0.17/finger/finger.c:296: alloc_fn: Storage is returned from +allocation function "calloc(size_t, size_t)". +bsd-finger-0.17/finger/finger.c:296: var_assign: Assigning: "used" = +storage returned from "calloc(argc, 4UL)". +bsd-finger-0.17/finger/finger.c:297: cond_false: Condition "!used", +taking false branch +bsd-finger-0.17/finger/finger.c:300: if_end: End of if statement +bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc", +taking true branch +bsd-finger-0.17/finger/finger.c:304: cond_true: Condition +"!__coverity_strchr(argv[i], 64)", taking true branch +bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop +bsd-finger-0.17/finger/finger.c:313: loop: Looping back +bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc", +taking true branch +bsd-finger-0.17/finger/finger.c:304: cond_true: Condition +"!__coverity_strchr(argv[i], 64)", taking true branch +bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop +bsd-finger-0.17/finger/finger.c:313: loop: Looping back +bsd-finger-0.17/finger/finger.c:303: cond_false: Condition "i < argc", +taking false branch +bsd-finger-0.17/finger/finger.c:313: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:316: cond_true: Condition "dolocal", +taking true branch +bsd-finger-0.17/finger/finger.c:316: noescape: Resource "used" is not +freed or pointed-to in function "do_local(int, char **, int *)". +bsd-finger-0.17/finger/finger.c:251:51: noescape: "do_local(int, char +**, int *)" does not free or save its pointer parameter "used". +bsd-finger-0.17/finger/finger.c:319: cond_false: Condition "pn", taking +false branch +bsd-finger-0.17/finger/finger.c:323: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:325: cond_true: Condition "entries == +0", taking true branch +bsd-finger-0.17/finger/finger.c:326: leaked_storage: Variable "used" +going out of scope leaks the storage it points to. + +bsd-finger-0.17/finger/finger.c:293: cond_false: Condition "setlocale(6, +"") != NULL", taking false branch +bsd-finger-0.17/finger/finger.c:294: if_end: End of if statement +bsd-finger-0.17/finger/finger.c:296: alloc_fn: Storage is returned from +allocation function "calloc(size_t, size_t)". +bsd-finger-0.17/finger/finger.c:296: var_assign: Assigning: "used" = +storage returned from "calloc(argc, 4UL)". +bsd-finger-0.17/finger/finger.c:297: cond_false: Condition "!used", +taking false branch +bsd-finger-0.17/finger/finger.c:300: if_end: End of if statement +bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc", +taking true branch +bsd-finger-0.17/finger/finger.c:304: cond_true: Condition +"!__coverity_strchr(argv[i], 64)", taking true branch +bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop +bsd-finger-0.17/finger/finger.c:313: loop: Looping back +bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc", +taking true branch +bsd-finger-0.17/finger/finger.c:304: cond_true: Condition +"!__coverity_strchr(argv[i], 64)", taking true branch +bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop +bsd-finger-0.17/finger/finger.c:313: loop: Looping back +bsd-finger-0.17/finger/finger.c:303: cond_false: Condition "i < argc", +taking false branch +bsd-finger-0.17/finger/finger.c:313: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:316: cond_true: Condition "dolocal", +taking true branch +bsd-finger-0.17/finger/finger.c:316: noescape: Resource "used" is not +freed or pointed-to in function "do_local(int, char **, int *)". +bsd-finger-0.17/finger/finger.c:251:51: noescape: "do_local(int, char +**, int *)" does not free or save its pointer parameter "used". +bsd-finger-0.17/finger/finger.c:319: cond_true: Condition "pn", taking +true branch +bsd-finger-0.17/finger/finger.c:321: cond_false: Condition "pn->next", +taking false branch +bsd-finger-0.17/finger/finger.c:321: cond_true: Condition "entries", +taking true branch +bsd-finger-0.17/finger/finger.c:323: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/finger.c:319: loop_begin: Jumped back to +beginning of loop +bsd-finger-0.17/finger/finger.c:319: cond_false: Condition "pn", taking +false branch +bsd-finger-0.17/finger/finger.c:323: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:325: cond_false: Condition "entries == +0", taking false branch +bsd-finger-0.17/finger/finger.c:326: if_end: End of if statement +bsd-finger-0.17/finger/finger.c:339: cond_false: Condition "(uptr = +getutent()) != NULL", taking false branch +bsd-finger-0.17/finger/finger.c:351: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:352: cond_true: Condition "pn != NULL", +taking true branch +bsd-finger-0.17/finger/finger.c:354: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/finger.c:352: loop_begin: Jumped back to +beginning of loop +bsd-finger-0.17/finger/finger.c:352: cond_false: Condition "pn != NULL", +taking false branch +bsd-finger-0.17/finger/finger.c:354: loop_end: Reached end of loop +bsd-finger-0.17/finger/finger.c:356: leaked_storage: Variable "used" +going out of scope leaks the storage it points to. + +Signed-off-by: Tomas Hozza +--- + finger/finger.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/finger/finger.c b/finger/finger.c +index ebf7309..6653e82 100644 +--- a/finger/finger.c ++++ b/finger/finger.c +@@ -323,7 +323,10 @@ userlist(int argc, char *argv[]) + } + + if (entries == 0) ++ { ++ free(used); + return; ++ } + + /* + * Scan thru the list of users currently logged in, saving +@@ -353,4 +356,5 @@ userlist(int argc, char *argv[]) + enter_lastlog(pn); + } + endutent(); ++ free(used); + } +-- +1.8.1.2 + + +From bf805902875147e582402fa736022c10edb163bc Mon Sep 17 00:00:00 2001 +From: Tomas Hozza +Date: Fri, 8 Feb 2013 15:41:05 +0100 +Subject: [PATCH 3/4] RESOURCE_LEAK (CWE-772) + +Coverity output: +bsd-finger-0.17/finger/sprint.c:60: alloc_fn: Storage is returned from +allocation function "sort(void)". +bsd-finger-0.17/finger/sprint.c:142:2: alloc_fn: Storage is returned +from allocation function "malloc(size_t)". +bsd-finger-0.17/finger/sprint.c:142:2: var_assign: Assigning: "list" = +"malloc((u_int)(entries * 8UL))". +bsd-finger-0.17/finger/sprint.c:142:2: cond_false: Condition "!(list = +(PERSON **)malloc((u_int)(entries * 8UL /* sizeof (PERSON *) */)))", +taking false branch +bsd-finger-0.17/finger/sprint.c:145:2: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:146:7: var_assign: Assigning: "lp" = +"list". +bsd-finger-0.17/finger/sprint.c:146:2: cond_true: Condition "pn != +NULL", taking true branch +bsd-finger-0.17/finger/sprint.c:147:3: loop: Jumping back to the +beginning of the loop +bsd-finger-0.17/finger/sprint.c:146:2: loop_begin: Jumped back to +beginning of loop +bsd-finger-0.17/finger/sprint.c:146:2: cond_false: Condition "pn != +NULL", taking false branch +bsd-finger-0.17/finger/sprint.c:147:3: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:148:2: noescape: Resource "list" is not +freed or pointed-to in function "qsort(void *, size_t, size_t, +__compar_fn_t)". +bsd-finger-0.17/finger/sprint.c:149:2: return_alloc: Returning allocated +memory "list". +bsd-finger-0.17/finger/sprint.c:60: var_assign: Assigning: "list" = +storage returned from "sort()". +bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name", +taking true branch +bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname", +taking true branch +bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:82: cond_true: Condition "l > maxrname", +taking true branch +bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name", +taking true branch +bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname", +taking true branch +bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:82: cond_true: Condition "l > maxrname", +taking true branch +bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name", +taking true branch +bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname", +taking true branch +bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:82: cond_false: Condition "l > +maxrname", taking false branch +bsd-finger-0.17/finger/sprint.c:82: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:76: cond_false: Condition "cnt < +entries", taking false branch +bsd-finger-0.17/finger/sprint.c:83: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:86: cond_true: Condition "maxlname + +maxrname > space", taking true branch +bsd-finger-0.17/finger/sprint.c:89: cond_true: Condition "maxlname + +maxrname < space - 2", taking true branch +bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL", +taking true branch +bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat", +taking true branch +bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office" +bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office" +bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office", +taking true branch +bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition +"pn->officephone", taking true branch +bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] != +0", taking true branch +bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL", +taking false branch +bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL", +taking true branch +bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat", +taking true branch +bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office" +bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office" +bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office", +taking true branch +bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition +"pn->officephone", taking true branch +bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] != +0", taking true branch +bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL", +taking false branch +bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt < +entries", taking true branch +bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL", +taking true branch +bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname", +taking true branch +bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat", +taking true branch +bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office" +bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office" +bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office", +taking true branch +bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition +"pn->officephone", taking true branch +bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to +end of if statement +bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement +bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] != +0", taking true branch +bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL", +taking false branch +bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning +of the loop +bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning +of loop +bsd-finger-0.17/finger/sprint.c:93: cond_false: Condition "cnt < +entries", taking false branch +bsd-finger-0.17/finger/sprint.c:135: loop_end: Reached end of loop +bsd-finger-0.17/finger/sprint.c:136: leaked_storage: Variable "list" +going out of scope leaks the storage it points to. + +Signed-off-by: Tomas Hozza +--- + finger/sprint.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/finger/sprint.c b/finger/sprint.c +index 0aaa82f..c66584f 100644 +--- a/finger/sprint.c ++++ b/finger/sprint.c +@@ -133,6 +133,7 @@ office: + xputc('\n'); + } + } ++ free(list); + } + + static PERSON **sort(void) { +-- +1.8.1.2 + + +From d8638a83edb2ab42adaa8a77f74d350095ce281f Mon Sep 17 00:00:00 2001 +From: Tomas Hozza +Date: Fri, 8 Feb 2013 15:58:40 +0100 +Subject: [PATCH 4/4] DEADCODE (CWE-561) + +Coverity output: +bsd-finger-0.17/finger/net.c:173: assignment: Assigning: "ateol" = "1". +bsd-finger-0.17/finger/net.c:178: assignment: Assigning: "ateol" = "1". +bsd-finger-0.17/finger/net.c:191: const: At condition "ateol", the value +of "ateol" must be equal to 1. +bsd-finger-0.17/finger/net.c:191: dead_error_condition: The condition +"!ateol" cannot be true. +bsd-finger-0.17/finger/net.c:191: dead_error_line: Execution cannot +reach this statement "xputc(10);". + +Signed-off-by: Tomas Hozza +--- + finger/net.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/finger/net.c b/finger/net.c +index d273432..157090f 100644 +--- a/finger/net.c ++++ b/finger/net.c +@@ -183,7 +183,10 @@ void netfinger(const char *name) { + /* don't print */ + } + else { +- if (c == '\n') ateol = 1; ++ if (c == '\n') ++ ateol = 1; ++ else ++ ateol = 0; + sawret = 0; + xputc(c); + } +-- +1.8.1.2 + diff --git a/SOURCES/bsd-finger-0.17-exact.patch b/SOURCES/bsd-finger-0.17-exact.patch new file mode 100644 index 0000000..6d756df --- /dev/null +++ b/SOURCES/bsd-finger-0.17-exact.patch @@ -0,0 +1,25 @@ +--- bsd-finger-0.17-pre20000412/finger/finger.c.exact Sat Dec 18 11:41:51 1999 ++++ bsd-finger-0.17-pre20000412/finger/finger.c Sun Aug 27 21:17:57 2000 +@@ -238,15 +238,14 @@ + * traverse the list of possible login names and check the login name + * and real name against the name specified by the user. + */ +- if (mflag) { +- for (i = 0; i < argc; i++) +- if (used[i] >= 0 && (pw = getpwnam(argv[i]))) { +- if (!check_nofinger(pw)) { +- enter_person(pw); +- used[i] = 1; +- } ++ for (i = 0; i < argc; i++) ++ if (used[i] >= 0 && (pw = getpwnam(argv[i]))) { ++ if (!check_nofinger(pw)) { ++ enter_person(pw); ++ used[i] = 1; + } ++ } +- } else for (pw = getpwent(); pw; pw = getpwent()) ++ if(!mflag) for (pw = getpwent(); pw; pw = getpwent()) + for (i = 0; i < argc; i++) + if (used[i] >= 0 && + (!strcasecmp(pw->pw_name, argv[i]) || diff --git a/SOURCES/bsd-finger-0.17-host-info.patch b/SOURCES/bsd-finger-0.17-host-info.patch new file mode 100644 index 0000000..a7ce14a --- /dev/null +++ b/SOURCES/bsd-finger-0.17-host-info.patch @@ -0,0 +1,36 @@ +--- bsd-finger-0.17/finger/sprint.c 2009-11-02 13:11:20.000000000 +0530 ++++ bsd-finger-0.17/finger/sprint.c.add-host-column 2009-11-02 13:10:43.000000000 +0530 +@@ -89,7 +89,7 @@ void sflag_print(void) { + if (maxlname + maxrname < space-2) { maxlname++; maxrname++; } + + (void)xprintf("%-*s %-*s %s\n", maxlname, "Login", maxrname, +- "Name", " Tty Idle Login Time Office Office Phone"); ++ "Name", " Tty Idle Login Time Office Office Phone Host"); + for (cnt = 0; cnt < entries; ++cnt) { + pn = list[cnt]; + for (w = pn->whead; w != NULL; w = w->next) { +@@ -118,17 +118,18 @@ void sflag_print(void) { + else + (void)xprintf(" %.5s", p + 11); + office: +- if (w->host[0] != '\0') { +- xprintf(" (%s)", w->host); +- } else { + if (pn->office) + (void)xprintf(" %-10.10s", pn->office); +- else if (pn->officephone) ++ else + (void)xprintf(" %-10.10s", " "); + if (pn->officephone) +- (void)xprintf(" %-.14s", ++ (void)xprintf(" %-14.14s", + prphone(pn->officephone)); +- } ++ else if (w->host[0] != '\0') ++ (void)xprintf(" %-14.14s", " "); ++ ++ if (w->host[0] != '\0') ++ xprintf(" (%s)", w->host); + xputc('\n'); + } + } diff --git a/SOURCES/bsd-finger-0.17-init-realname.patch b/SOURCES/bsd-finger-0.17-init-realname.patch new file mode 100644 index 0000000..f46118e --- /dev/null +++ b/SOURCES/bsd-finger-0.17-init-realname.patch @@ -0,0 +1,10 @@ +--- bsd-finger-0.17-orig/finger/util.c 2009-08-24 19:14:49.145387327 +0300 ++++ bsd-finger-0.17/finger/util.c 2009-08-29 00:47:59.661649249 +0300 +@@ -98,6 +98,7 @@ + + pn->uid = pw->pw_uid; + pn->name = strdup(pw->pw_name); ++ pn->realname = ""; + pn->dir = strdup(pw->pw_dir); + pn->shell = strdup(pw->pw_shell); + diff --git a/SOURCES/bsd-finger-0.17-man_page_systemd.patch b/SOURCES/bsd-finger-0.17-man_page_systemd.patch new file mode 100644 index 0000000..aeda90b --- /dev/null +++ b/SOURCES/bsd-finger-0.17-man_page_systemd.patch @@ -0,0 +1,42 @@ +diff -up bsd-finger-0.17/fingerd/fingerd.8.systemd bsd-finger-0.17/fingerd/fingerd.8 +--- bsd-finger-0.17/fingerd/fingerd.8.systemd 2012-11-22 15:51:22.052025398 +0100 ++++ bsd-finger-0.17/fingerd/fingerd.8 2012-11-22 16:26:10.174613170 +0100 +@@ -97,13 +97,24 @@ The + option specifies the time to wait for a request before closing the + connection. A value of 0 waits forever. The default is 60 seconds. + .Pp +-Options to fingerd should be specified in +-.Pa /etc/xinetd.d/finger . ++Starting and stopping the daemon is handled by ++.Xr systemd 1 . Fingerd is ++.Nm not ++enabled by default after the installation. Its running state can be ++managed using ++.Xr systemctl 1 ++commands. If you need to specify some options to fingerd you should ++copy the ++.Nm finger@.service ++file from ++.Pa /lib/systemd/system ++to ++.Pa /etc/systemd/system ++and edit it there. + .Pp + The finger protocol consists mostly of specifying command arguments. + The +-.Xr xinetd 8 +-.Dq super-server ++.Xr systemd 1 + runs + .Nm fingerd + for +@@ -143,7 +154,8 @@ and + If a name is ambiguous, all possible derivations are returned. + .Sh SEE ALSO + .Xr finger 1 , +-.Xr xinetd 8 ++.Xr systemd 1 , ++.Xr systemctl 1 + .Sh RESTRICTIONS + Connecting directly to the server from a + .Tn TIP diff --git a/SOURCES/bsd-finger-0.17-match_sigsegv.patch b/SOURCES/bsd-finger-0.17-match_sigsegv.patch new file mode 100644 index 0000000..f9fd99d --- /dev/null +++ b/SOURCES/bsd-finger-0.17-match_sigsegv.patch @@ -0,0 +1,13 @@ +diff -up bsd-finger-0.17/finger/util.c.match_sigsegv bsd-finger-0.17/finger/util.c +--- bsd-finger-0.17/finger/util.c.match_sigsegv 2012-10-16 10:22:26.240480338 +0200 ++++ bsd-finger-0.17/finger/util.c 2012-10-16 10:26:15.744072682 +0200 +@@ -186,6 +186,9 @@ match(struct passwd *pw, const char *use + int i, j, ct, rv=0; + char *rname; + ++ if (pw == NULL || pw->pw_gecos == NULL) ++ return 0; ++ + strncpy(tbuf, pw->pw_gecos, TBUFLEN); + tbuf[TBUFLEN-1] = 0; /* guarantee null termination */ + p = tbuf; diff --git a/SOURCES/bsd-finger-0.17-rfc742.patch b/SOURCES/bsd-finger-0.17-rfc742.patch new file mode 100644 index 0000000..b6dfdc7 --- /dev/null +++ b/SOURCES/bsd-finger-0.17-rfc742.patch @@ -0,0 +1,15 @@ +--- bsd-finger-0.17-pre20000412/fingerd/fingerd.c.rfc742 Sat Jul 22 14:58:58 2000 ++++ bsd-finger-0.17-pre20000412/fingerd/fingerd.c Sat Jul 22 15:01:31 2000 +@@ -214,7 +214,11 @@ + av[k++] = "finger"; + for (s = strtok(line, WS); s && k + #include + #include +-#include ++#include + #include "finger.h" + + static void lprint(PERSON *pn); +--- bsd-finger-0.17-pre20000412/finger/sprint.c.orig Sun Dec 12 13:59:33 1999 ++++ bsd-finger-0.17-pre20000412/finger/sprint.c Sun Feb 4 17:57:22 2001 +@@ -40,7 +40,7 @@ + #endif /* not lint */ + + #include +-#include ++#include + #include + #include + #include diff --git a/SOURCES/bsd-finger-0.17-typo.patch b/SOURCES/bsd-finger-0.17-typo.patch new file mode 100644 index 0000000..1a70799 --- /dev/null +++ b/SOURCES/bsd-finger-0.17-typo.patch @@ -0,0 +1,54 @@ +--- bsd-finger-0.17/finger/finger.1.typo 2003-09-01 15:03:24.000000000 +0200 ++++ bsd-finger-0.17/finger/finger.1 2003-09-01 16:10:57.000000000 +0200 +@@ -169,13 +169,13 @@ + must be able to see the + .Pa .nofinger + file. This generally means that the home directory containing the file +-must have the other-users-execute bit set (o+w). See ++must have the other-users-execute bit set (o+x). See + .Xr chmod 1 . + If you use this feature for privacy, please test it with ``finger + @localhost'' before relying on it, just in case. + .It ~/.plan + .It ~/.project +-.It ~/.pgp ++.It ~/.pgpkey + These files are printed as part of a long-format request. The + .Pa .project + file is limited to one line; the +--- bsd-finger-0.17/finger/net.c.typo 2003-09-01 15:03:24.000000000 +0200 ++++ bsd-finger-0.17/finger/net.c 2003-09-01 15:03:24.000000000 +0200 +@@ -98,7 +98,7 @@ + } + freeaddrinfo(res0); + if (s < 0) { +- eprintf("finger: cannot create socket / connet host\n"); ++ eprintf("finger: cannot create socket / connect host\n"); + return; + } + #else +--- bsd-finger-0.17/fingerd/fingerd.8.typo 2003-09-01 15:03:24.000000000 +0200 ++++ bsd-finger-0.17/fingerd/fingerd.8 2003-09-01 15:03:24.000000000 +0200 +@@ -98,11 +98,11 @@ + connection. A value of 0 waits forever. The default is 60 seconds. + .Pp + Options to fingerd should be specified in +-.Pa /etc/inetd.conf . ++.Pa /etc/xinetd.d/finger . + .Pp + The finger protocol consists mostly of specifying command arguments. + The +-.Xr inetd 8 ++.Xr xinetd 8 + .Dq super-server + runs + .Nm fingerd +@@ -143,7 +143,7 @@ + If a name is ambiguous, all possible derivations are returned. + .Sh SEE ALSO + .Xr finger 1 , +-.Xr inetd 8 ++.Xr xinetd 8 + .Sh RESTRICTIONS + Connecting directly to the server from a + .Tn TIP diff --git a/SOURCES/bsd-finger-0.17-usagi-ipv6.patch b/SOURCES/bsd-finger-0.17-usagi-ipv6.patch new file mode 100644 index 0000000..6034aa0 --- /dev/null +++ b/SOURCES/bsd-finger-0.17-usagi-ipv6.patch @@ -0,0 +1,473 @@ +diff -uNr bsd-finger-0.17/CVS/Entries bsd-finger/CVS/Entries +--- bsd-finger-0.17/CVS/Entries Thu Jan 1 02:00:00 1970 ++++ bsd-finger/CVS/Entries Fri Mar 9 00:00:29 2001 +@@ -0,0 +1,11 @@ ++/.cvsignore/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/BUGS/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/ChangeLog/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/MCONFIG.in/1.3/Sat Jan 27 04:14:52 2001// ++/MRULES/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/Makefile/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/README/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/configure/1.5/Sat Jan 27 04:14:52 2001// ++/version.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++D/finger//// ++D/fingerd//// +diff -uNr bsd-finger-0.17/CVS/Repository bsd-finger/CVS/Repository +--- bsd-finger-0.17/CVS/Repository Thu Jan 1 02:00:00 1970 ++++ bsd-finger/CVS/Repository Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++usagi/src/bsd-finger +diff -uNr bsd-finger-0.17/CVS/Root bsd-finger/CVS/Root +--- bsd-finger-0.17/CVS/Root Thu Jan 1 02:00:00 1970 ++++ bsd-finger/CVS/Root Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi +diff -uNr bsd-finger-0.17/configure bsd-finger/configure +--- bsd-finger-0.17/configure Sat Jul 29 21:00:27 2000 ++++ bsd-finger/configure Sat Jan 27 06:14:52 2001 +@@ -25,6 +25,7 @@ + --daemonmode=mode Mode for daemon binaries [same as binmode] + --manmode=mode Mode for manual pages [644] + --with-c-compiler=cc Program for compiling C source [guessed] ++ --enable-ipv6 Enable IPv6 support + EOF + exit 0;; + --verbose) ;; +@@ -40,6 +41,11 @@ + --daemonmode=*) DAEMONMODE=`echo $1 | sed 's/^[^=]*=//'` ;; + --manmode=*) MANMODE=`echo $1 | sed 's/^[^=]*=//'` ;; + --with-c-compiler=*) CC=`echo $1 | sed 's/^[^=]*=//'` ;; ++ ++ --disable-ipv6) ENABLE_IPV6=no;; ++ --enable-ipv6=*) ENABLE_IPV6=`echo $1 | sed 's/^[^=]*=//'`;; ++ --enable-ipv6) ENABLE_IPV6=yes;; ++ + *) echo "Unrecognized option: $1"; exit 1;; + esac + shift +@@ -148,6 +154,42 @@ + + LDFLAGS= + LIBS= ++ ++rm -f __conftest* ++ ++################################################## ++## Enable IPv6 ++echo -n "Whether to enable IPv6 support... " ++if [ x"$ENABLE_IPV6" = x"yes" ]; then ++ echo yes ++ CFLAGS="$CFLAGS -DINET6" ++else ++ echo no ++fi ++ ++rm -f __conftest* ++ ++## Search IPv6 Library / Headers ++if [ x"$ENABLE_IPV6" = x"yes" ]; then ++ echo -n "Search for IPv6 library... " ++ inet6libdirs="/usr/local/v6/lib /usr/local/lib /usr /usr/inet6/lib" ++ inet6libs="inet6" ++ inet6found=no ++ for inet6libdir in $inet6libdirs; do ++ for inet6lib in $inet6libs; do ++ if [ -d $inet6libdir ] && [ -f $inet6libdir/lib$inet6lib.a ]; then ++ inet6found=yes ++ break 2 ++ fi ++ done ++ done ++ if [ x"$inet6found" = x"yes" ]; then ++ echo "$inet6libdir/lib$inet6lib.a" ++ LIBS="$LIBS -L$inet6libdir -l$inet6lib" ++ else ++ echo "not found" ++ fi ++fi + + rm -f __conftest* + +diff -uNr bsd-finger-0.17/finger/CVS/Entries bsd-finger/finger/CVS/Entries +--- bsd-finger-0.17/finger/CVS/Entries Thu Jan 1 02:00:00 1970 ++++ bsd-finger/finger/CVS/Entries Mon Feb 19 06:50:43 2001 +@@ -0,0 +1,11 @@ ++/.cvsignore/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/Makefile/1.4/Sat Jan 27 05:57:07 2001// ++/display.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/finger.1/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/finger.c/1.3/Sun Feb 11 09:33:52 2001// ++/finger.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/lprint.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/net.c/1.3/Fri Jan 26 18:08:21 2001// ++/sprint.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/util.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++D +diff -uNr bsd-finger-0.17/finger/CVS/Repository bsd-finger/finger/CVS/Repository +--- bsd-finger-0.17/finger/CVS/Repository Thu Jan 1 02:00:00 1970 ++++ bsd-finger/finger/CVS/Repository Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++usagi/src/bsd-finger/finger +diff -uNr bsd-finger-0.17/finger/CVS/Root bsd-finger/finger/CVS/Root +--- bsd-finger-0.17/finger/CVS/Root Thu Jan 1 02:00:00 1970 ++++ bsd-finger/finger/CVS/Root Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi +diff -uNr bsd-finger-0.17/finger/Makefile bsd-finger/finger/Makefile +--- bsd-finger-0.17/finger/Makefile Sun Dec 12 20:04:52 1999 ++++ bsd-finger/finger/Makefile Sat Jan 27 07:57:07 2001 +@@ -10,7 +10,9 @@ + finger.o: ../version.h + + install: finger ++ install -d $(INSTALLROOT)$(BINDIR) + install -s -m$(BINMODE) finger $(INSTALLROOT)$(BINDIR) ++ install -d $(INSTALLROOT)$(MANDIR)/man1 + install -m$(MANMODE) finger.1 $(INSTALLROOT)$(MANDIR)/man1 + + clean: +diff -uNr bsd-finger-0.17/finger/finger.1 bsd-finger/finger/finger.1 +--- bsd-finger-0.17/finger/finger.1 Mon Jul 31 02:56:57 2000 ++++ bsd-finger/finger/finger.1 Fri Nov 3 21:18:15 2000 +@@ -30,7 +30,7 @@ + .\" SUCH DAMAGE. + .\" + .\" from: @(#)finger.1 6.14 (Berkeley) 7/27/91 +-.\" $Id: finger.1,v 1.18 2000/07/30 23:56:57 dholland Exp $ ++.\" $Id: finger.1,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $ + .\" + .Dd August 15, 1999 + .Dt FINGER 1 +diff -uNr bsd-finger-0.17/finger/finger.c bsd-finger/finger/finger.c +--- bsd-finger-0.17/finger/finger.c Sat Dec 18 18:41:51 1999 ++++ bsd-finger/finger/finger.c Sun Feb 11 11:33:52 2001 +@@ -1,3 +1,5 @@ ++/* $USAGI$ */ ++ + /* + * Copyright (c) 1989 The Regents of the University of California. + * All rights reserved. +@@ -46,7 +48,7 @@ + * from: @(#)finger.c 5.22 (Berkeley) 6/29/90 + */ + char finger_rcsid[] = \ +- "$Id: finger.c,v 1.15 1999/12/18 16:41:51 dholland Exp $"; ++ "$Id: finger.c,v 1.3 2001/02/11 09:33:52 yoshfuji Exp $"; + + /* + * Finger prints out information about users. It is not portable since +@@ -74,7 +76,11 @@ + #include + #include + #include "finger.h" ++#ifdef _USAGI ++#include "version.h" ++#else + #include "../version.h" ++#endif + + static void loginlist(void); + static void userlist(int argc, char *argv[]); +@@ -92,8 +98,12 @@ + + int main(int argc, char *argv[]) { + int ch; +- struct sockaddr_in sin; +- socklen_t slen = sizeof(sin); ++#ifdef INET6 ++ struct sockaddr_storage sa; ++#else ++ struct sockaddr sa; ++#endif ++ socklen_t slen = sizeof(sa); + + while ((ch = getopt(argc, argv, "lmps")) != EOF) { + switch(ch) { +@@ -119,7 +129,7 @@ + argc -= optind; + argv += optind; + +- if (getsockname(STDOUT_FILENO, (struct sockaddr *)&sin, &slen)==0) { ++ if (getsockname(STDOUT_FILENO, (struct sockaddr *)&sa, &slen)==0) { + /* + * stdout is a socket. must be a network finger request, + * so emit CRs with our LFs at the ends of lines. +@@ -136,7 +146,7 @@ + * Also check stdin for nofinger processing, because of older + * fingerds that make stdout a pipe for CRLF handling. + */ +- if (getsockname(STDIN_FILENO, (struct sockaddr *)&sin, &slen)==0) { ++ if (getsockname(STDIN_FILENO, (struct sockaddr *)&sa, &slen)==0) { + enable_nofinger = 1; + } + +diff -uNr bsd-finger-0.17/finger/finger.h bsd-finger/finger/finger.h +--- bsd-finger-0.17/finger/finger.h Tue Sep 14 13:51:11 1999 ++++ bsd-finger/finger/finger.h Fri Nov 3 21:18:15 2000 +@@ -34,7 +34,7 @@ + * SUCH DAMAGE. + * + * from: @(#)finger.h 5.5 (Berkeley) 6/1/90 +- * $Id: finger.h,v 1.7 1999/09/14 10:51:11 dholland Exp $ ++ * $Id: finger.h,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $ + */ + + #include +diff -uNr bsd-finger-0.17/finger/lprint.c bsd-finger/finger/lprint.c +--- bsd-finger-0.17/finger/lprint.c Tue Sep 14 13:51:11 1999 ++++ bsd-finger/finger/lprint.c Fri Nov 3 21:18:15 2000 +@@ -38,7 +38,7 @@ + * from: @(#)lprint.c 5.13 (Berkeley) 10/31/90 + */ + char lprint_rcsid[] = +- "$Id: lprint.c,v 1.11 1999/09/14 10:51:11 dholland Exp $"; ++ "$Id: lprint.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $"; + + #include + #include +diff -uNr bsd-finger-0.17/finger/net.c bsd-finger/finger/net.c +--- bsd-finger-0.17/finger/net.c Tue Sep 14 13:51:11 1999 ++++ bsd-finger/finger/net.c Fri Jan 26 20:08:21 2001 +@@ -1,3 +1,5 @@ ++/* $USAGI: net.c,v 1.2 2000/11/17 08:00:44 yoshfuji Exp $ */ ++ + /* + * Copyright (c) 1989 The Regents of the University of California. + * All rights reserved. +@@ -36,7 +38,7 @@ + + #ifndef lint + /*static char sccsid[] = "from: @(#)net.c 5.5 (Berkeley) 6/1/90";*/ +-char net_rcsid[] = "$Id: net.c,v 1.9 1999/09/14 10:51:11 dholland Exp $"; ++char net_rcsid[] = "$Id: net.c,v 1.3 2001/01/26 18:08:21 yoshfuji Exp $"; + #endif /* not lint */ + + #include +@@ -53,18 +55,53 @@ + + void netfinger(const char *name) { + register FILE *fp; +- struct in_addr defaddr; + register int c, sawret, ateol; ++#ifdef INET6 ++ struct addrinfo hints, *res0, *res; ++ int gai; ++#else ++ struct in_addr defaddr; + struct hostent *hp, def; + struct servent *sp; + struct sockaddr_in sn; ++ char *alist[1]; ++#endif + int s; +- char *alist[1], *host; ++ char *host; + + host = strrchr(name, '@'); + if (!host) return; + *host++ = '\0'; + ++#ifdef INET6 ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_family = PF_UNSPEC; ++ hints.ai_socktype = SOCK_STREAM; ++ gai = getaddrinfo(host, "finger", &hints, &res0); ++ if (gai) { ++ eprintf("finger: %s: host '%s', service '%s'\n", ++ gai_strerror(gai), host, "finger"); ++ return; ++ } ++ s = -1; ++ errno = 0; ++ for (res=res0; res; res=res->ai_next) { ++ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); ++ if (s < 0) ++ continue; ++ if (connect(s, res->ai_addr, res->ai_addrlen) < 0){ ++ close(s); ++ s = -1; ++ continue; ++ } ++ break; ++ } ++ freeaddrinfo(res0); ++ if (s < 0) { ++ eprintf("finger: cannot create socket / connet host\n"); ++ return; ++ } ++#else + memset(&sn, 0, sizeof(sn)); + + sp = getservbyname("finger", "tcp"); +@@ -106,6 +143,7 @@ + close(s); + return; + } ++#endif + + /* -l flag for remote fingerd */ + if (lflag) write(s, "/W ", 3); +diff -uNr bsd-finger-0.17/finger/sprint.c bsd-finger/finger/sprint.c +--- bsd-finger-0.17/finger/sprint.c Sun Dec 12 20:59:33 1999 ++++ bsd-finger/finger/sprint.c Fri Nov 3 21:18:15 2000 +@@ -36,7 +36,7 @@ + + #ifndef lint + /*static char sccsid[] = "from: @(#)sprint.c 5.8 (Berkeley) 12/4/90";*/ +-char sprint_rcsid[] = "$Id: sprint.c,v 1.10 1999/12/12 18:59:33 dholland Exp $"; ++char sprint_rcsid[] = "$Id: sprint.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $"; + #endif /* not lint */ + + #include +diff -uNr bsd-finger-0.17/finger/util.c bsd-finger/finger/util.c +--- bsd-finger-0.17/finger/util.c Wed Sep 29 01:53:58 1999 ++++ bsd-finger/finger/util.c Fri Nov 3 21:18:15 2000 +@@ -36,7 +36,7 @@ + + #ifndef lint + /*static char sccsid[] = "from: @(#)util.c 5.14 (Berkeley) 1/17/91";*/ +-char util_rcsid[] = "$Id: util.c,v 1.18 1999/09/28 22:53:58 netbug Exp $"; ++char util_rcsid[] = "$Id: util.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $"; + #endif /* not lint */ + + #include +diff -uNr bsd-finger-0.17/fingerd/CVS/Entries bsd-finger/fingerd/CVS/Entries +--- bsd-finger-0.17/fingerd/CVS/Entries Thu Jan 1 02:00:00 1970 ++++ bsd-finger/fingerd/CVS/Entries Mon Feb 19 06:50:43 2001 +@@ -0,0 +1,6 @@ ++/.cvsignore/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/Makefile/1.4/Sat Jan 27 05:57:07 2001// ++/fingerd.8/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/fingerd.c/1.5/Sun Feb 11 09:33:52 2001// ++/pathnames.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++D +diff -uNr bsd-finger-0.17/fingerd/CVS/Repository bsd-finger/fingerd/CVS/Repository +--- bsd-finger-0.17/fingerd/CVS/Repository Thu Jan 1 02:00:00 1970 ++++ bsd-finger/fingerd/CVS/Repository Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++usagi/src/bsd-finger/fingerd +diff -uNr bsd-finger-0.17/fingerd/CVS/Root bsd-finger/fingerd/CVS/Root +--- bsd-finger-0.17/fingerd/CVS/Root Thu Jan 1 02:00:00 1970 ++++ bsd-finger/fingerd/CVS/Root Mon Feb 19 06:50:43 2001 +@@ -0,0 +1 @@ ++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi +diff -uNr bsd-finger-0.17/fingerd/Makefile bsd-finger/fingerd/Makefile +--- bsd-finger-0.17/fingerd/Makefile Sun Dec 12 20:04:57 1999 ++++ bsd-finger/fingerd/Makefile Sat Jan 27 07:57:07 2001 +@@ -9,7 +9,9 @@ + fingerd.o: pathnames.h ../version.h + + install: fingerd ++ install -d $(INSTALLROOT)$(SBINDIR) + install -s -m$(DAEMONMODE) fingerd $(INSTALLROOT)$(SBINDIR)/in.fingerd ++ install -d $(INSTALLROOT)$(MANDIR)/man8 + install -m$(MANMODE) fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/in.fingerd.8 + ln -sf in.fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/fingerd.8 + +diff -uNr bsd-finger-0.17/fingerd/fingerd.8 bsd-finger/fingerd/fingerd.8 +--- bsd-finger-0.17/fingerd/fingerd.8 Mon Jul 31 02:56:57 2000 ++++ bsd-finger/fingerd/fingerd.8 Fri Nov 3 21:18:15 2000 +@@ -30,7 +30,7 @@ + .\" SUCH DAMAGE. + .\" + .\" from: @(#)fingerd.8 6.4 (Berkeley) 3/16/91 +-.\" $Id: fingerd.8,v 1.18 2000/07/30 23:56:57 dholland Exp $ ++.\" $Id: fingerd.8,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $ + .\" + .Dd August 29, 1996 + .Dt FINGERD 8 +diff -uNr bsd-finger-0.17/fingerd/fingerd.c bsd-finger/fingerd/fingerd.c +--- bsd-finger-0.17/fingerd/fingerd.c Sun Dec 12 20:46:28 1999 ++++ bsd-finger/fingerd/fingerd.c Sun Feb 11 11:33:52 2001 +@@ -1,3 +1,5 @@ ++/* $USAGI: fingerd.c,v 1.3 2000/11/17 08:13:01 yoshfuji Exp $ */ ++ + /* + * Copyright (c) 1983 The Regents of the University of California. + * All rights reserved. +@@ -39,7 +41,7 @@ + * from: @(#)fingerd.c 5.6 (Berkeley) 6/1/90" + */ + char rcsid[] = +- "$Id: fingerd.c,v 1.23 1999/12/12 18:46:28 dholland Exp $"; ++ "$Id: fingerd.c,v 1.5 2001/02/11 09:33:52 yoshfuji Exp $"; + + #include + #include +@@ -57,7 +59,11 @@ + #include + + #include "pathnames.h" ++#ifdef _USAGI ++#include "version.h" ++#else + #include "../version.h" ++#endif + + #define ENTRIES 50 + #define WS " \t\r\n" +@@ -111,7 +117,11 @@ + int k, nusers; + char *s, *t; + const char *fingerpath = NULL; +- struct sockaddr_in sn; ++#ifdef INET6 ++ struct sockaddr_storage sn; ++#else ++ struct sockaddr sn; ++#endif + socklen_t sval = sizeof(sn); + + +@@ -182,18 +192,35 @@ + + if (welcome) { + char buf[256]; ++#ifdef INET6 ++ struct addrinfo hints, *res0; ++#else + struct hostent *hp; ++#endif + struct utsname utsname; ++ const char *cname = buf; + + uname(&utsname); + gethostname(buf, sizeof(buf)); ++#ifdef INET6 ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_family = PF_UNSPEC; ++ hints.ai_flags = AI_CANONNAME; ++ if (getaddrinfo(buf, NULL, &hints, &res0)) { ++ /* paranoia: dns spoofing? */ ++ cname = res0->ai_canonname; ++ } ++#else + if ((hp = gethostbyname(buf))) { + /* paranoia: dns spoofing? */ +- strncpy(buf, hp->h_name, sizeof(buf)); +- buf[sizeof(buf)-1] = 0; ++ cname = hp->h_name; + } ++#endif + printf("\r\nWelcome to %s version %s at %s !\r\n\n", +- utsname.sysname, utsname.release, buf); ++ utsname.sysname, utsname.release, cname); ++#ifdef INET6 ++ freeaddrinfo(res0); ++#endif + fflush(stdout); + switch (fork()) { + case -1: /* fork failed, oh well */ +diff -uNr bsd-finger-0.17/fingerd/pathnames.h bsd-finger/fingerd/pathnames.h +--- bsd-finger-0.17/fingerd/pathnames.h Sun Jul 14 02:21:42 1996 ++++ bsd-finger/fingerd/pathnames.h Fri Nov 3 21:18:15 2000 +@@ -31,7 +31,7 @@ + * SUCH DAMAGE. + * + * from: @(#)pathnames.h 5.3 (Berkeley) 6/1/90 +- * $Id: pathnames.h,v 1.3 1996/07/13 23:21:42 dholland Exp $ ++ * $Id: pathnames.h,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $ + */ + + /* diff --git a/SOURCES/bsd-finger-0.17-utmp.patch b/SOURCES/bsd-finger-0.17-utmp.patch new file mode 100644 index 0000000..ac73f2b --- /dev/null +++ b/SOURCES/bsd-finger-0.17-utmp.patch @@ -0,0 +1,40 @@ +--- bsd-finger-0.17/finger/finger.c.utmp 2004-06-15 11:38:24.000000000 -0400 ++++ bsd-finger-0.17/finger/finger.c 2004-06-15 12:22:15.000000000 -0400 +@@ -75,6 +75,8 @@ + #include + #include + #include ++#include ++#include + #include "finger.h" + #ifdef _USAGI + #include "version.h" +@@ -224,6 +226,8 @@ + #ifdef USER_PROCESS + if (uptr->ut_type != USER_PROCESS) continue; + #endif ++ if (kill(uptr->ut_pid, 0) < 0 && errno == ESRCH) ++ continue; + if ((pn = find_person(uptr->ut_name)) == NULL) { + memcpy(name, uptr->ut_name, UT_NAMESIZE); + if ((pw = getpwnam(name)) == NULL) +@@ -331,6 +335,8 @@ + #ifdef USER_PROCESS + if (uptr->ut_type != USER_PROCESS) continue; + #endif ++ if (kill(uptr->ut_pid, 0) < 0 && errno == ESRCH) ++ continue; + if ((pn = find_person(uptr->ut_name)) == NULL) { + continue; + } +--- bsd-finger-0.17/finger/util.c.utmp 2004-06-15 11:38:24.000000000 -0400 ++++ bsd-finger-0.17/finger/util.c 2004-06-15 11:38:24.000000000 -0400 +@@ -71,6 +71,8 @@ + } + snprintf(tbuf, TBUFLEN, "%s/%s", _PATH_DEV, w->tty); + if (stat(tbuf, &sb) < 0) { ++ w->idletime = 0; /* No tty no write, no idle data */ ++ w->writable = 0; + switch (errno) { + case ENOENT: + break; diff --git a/SOURCES/bsd-finger-wide-char-support5.patch b/SOURCES/bsd-finger-wide-char-support5.patch new file mode 100644 index 0000000..9a8a2d5 --- /dev/null +++ b/SOURCES/bsd-finger-wide-char-support5.patch @@ -0,0 +1,170 @@ +--- bsd-finger-0.17/finger/finger.c.widechar 2005-12-15 09:14:18.000000000 +0100 ++++ bsd-finger-0.17/finger/finger.c 2005-12-15 09:14:18.000000000 +0100 +@@ -77,6 +77,7 @@ + #include + #include + #include ++#include + #include "finger.h" + #ifdef _USAGI + #include "version.h" +@@ -211,6 +212,9 @@ + struct utmp *uptr; + char name[UT_NAMESIZE + 1]; + ++ if (setlocale (LC_ALL, "") != NULL) ++ set_haslocale(); ++ + name[UT_NAMESIZE] = '\0'; + + /* +@@ -286,6 +287,9 @@ + struct utmp *uptr; + int dolocal, *used; + ++ if (setlocale (LC_ALL, "") != NULL) ++ set_haslocale(); ++ + used = calloc(argc, sizeof(int)); + if (!used) { + eprintf("finger: out of space.\n"); +--- bsd-finger-0.17/finger/finger.h.widechar 2005-12-15 09:14:17.000000000 +0100 ++++ bsd-finger-0.17/finger/finger.h 2005-12-15 09:14:18.000000000 +0100 +@@ -117,3 +117,7 @@ + /* terminal inquiries */ + int is8bit(void); + int getscreenwidth(void); ++ ++/* locale support */ ++void set_haslocale(void); ++ +--- bsd-finger-0.17/finger/display.c.widechar 1999-09-29 00:53:58.000000000 +0200 ++++ bsd-finger-0.17/finger/display.c 2005-12-15 10:05:40.000000000 +0100 +@@ -40,8 +40,19 @@ + #include + #include + #include ++#include + #include "finger.h" + ++#define HAVE_WCHAR_H 1 ++#define HAVE_MBRTOWC 1 ++#define HAVE_WCWIDTH 1 ++ ++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH) ++#include ++#include ++#include ++#endif ++ + int + getscreenwidth(void) + { +@@ -147,9 +158,105 @@ + fxputc(stdout, ch); + } + ++static int has_locale = 0; ++ ++void ++set_haslocale (void) ++{ ++ has_locale = 1; ++} ++ ++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH) ++static int verifymultibyte(const char *buf) { ++ mbstate_t state; ++ wchar_t nextchar; ++ size_t bytesconsumed; ++ char *eop, *op; ++ (void)memset(&state, 0, sizeof(mbstate_t)); ++ ++ eop = (char *) (buf + strlen(buf)); ++ op = (char *) buf; ++ while (op < eop) { ++ bytesconsumed = mbrtowc(&nextchar, op, eop - op, &state); ++ if (bytesconsumed == (size_t)(-1) || ++ bytesconsumed == (size_t)(-2)) { ++ return 0; ++ } ++ op += bytesconsumed; ++ } ++ ++ return 1; ++} ++ ++#define OCTALIFY(n, o) \ ++ *(n)++ = '\\', \ ++ *(n)++ = (((uint32_t)*(o) >> 6) & 3) + '0', \ ++ *(n)++ = (((uint32_t)*(o) >> 3) & 7) + '0', \ ++ *(n)++ = (((uint32_t)*(o) >> 0) & 7) + '0', \ ++ (o)++ ++ ++#endif ++ + static void fxputs(FILE *f, const char *buf) { +- int i; +- for (i=0; buf[i]; i++) fxputc(f, buf[i]); ++ int widechars; ++ ++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH) ++ if (has_locale) ++ widechars = verifymultibyte (buf); ++ else ++ widechars = 0; ++#else ++ widechars = 0; ++#endif ++ ++ /* on 7-bit terminals, without wide-chars support, or string ++ * isn't parseable, print char * by char */ ++ if (!is8bit() || !widechars) { ++ unsigned int i; ++ char ch; ++ for (i = 0; i < strlen (buf); i++) { ++ ch = buf[i]; ++ fxputc(f, ch); ++ } ++ return; ++ } ++ ++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH) ++ { ++ mbstate_t state; ++ wchar_t nextchar; ++ size_t bytesconsumed; ++ char *eop, *op, buffer[256]; ++ (void)memset(&state, 0, sizeof(mbstate_t)); ++ char* op1; ++ eop = (char *) (buf + strlen(buf)); ++ op = (char *) buf; ++ op1 = op; ++ while (op < eop) { ++ bytesconsumed = mbrtowc(&nextchar, op, ++ eop - op, &state); ++ /* This isn't supposed to happen as we verified the ++ * string before hand */ ++ assert(bytesconsumed != (size_t)(-1) && bytesconsumed != (size_t)(-2)); ++ ++ if (iswprint(nextchar)) { ++ (void)memcpy(buffer, op, bytesconsumed); ++ buffer[bytesconsumed] = '\0'; ++ op += bytesconsumed; ++ } else if (bytesconsumed == 1) { ++ op++; ++ } else { ++ char *tmp; ++ tmp = buffer; ++ buffer[bytesconsumed] = '\0'; ++ while (bytesconsumed-- > 0) { ++ OCTALIFY(tmp, op); ++ } ++ } ++ } ++ fprintf(f,"%s",op1); ++ } ++#endif + } + + int xprintf(const char *fmt, ...) { diff --git a/SOURCES/finger.socket b/SOURCES/finger.socket new file mode 100644 index 0000000..cd2a20d --- /dev/null +++ b/SOURCES/finger.socket @@ -0,0 +1,9 @@ +[Unit] +Description=Finger Socket for Per-Connection Servers + +[Socket] +ListenStream=79 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/SOURCES/finger@.service b/SOURCES/finger@.service new file mode 100644 index 0000000..4554822 --- /dev/null +++ b/SOURCES/finger@.service @@ -0,0 +1,7 @@ +[Unit] +Description=Finger Per-Connection Server + +[Service] +User=nobody +ExecStart=/usr/sbin/in.fingerd +StandardInput=socket diff --git a/SPECS/finger.spec b/SPECS/finger.spec new file mode 100644 index 0000000..461656c --- /dev/null +++ b/SPECS/finger.spec @@ -0,0 +1,355 @@ +%global _hardened_build 1 + +Summary: The finger client +Name: finger +Version: 0.17 +Release: 49%{?dist} +License: BSD +Group: Applications/Internet + +Source0: ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/bsd-finger-%{version}.tar.gz +Source1: finger.socket +Source2: finger@.service +#BSD license text from sources +Source3: COPYING + +Patch1: bsd-finger-0.16-pts.patch +Patch2: bsd-finger-0.17-exact.patch +Patch3: bsd-finger-0.16-allocbroken.patch +Patch4: bsd-finger-0.17-rfc742.patch +Patch5: bsd-finger-0.17-time.patch +Patch6: bsd-finger-0.17-usagi-ipv6.patch +Patch7: bsd-finger-0.17-typo.patch +Patch8: bsd-finger-0.17-strip.patch +Patch9: bsd-finger-0.17-utmp.patch +Patch10: bsd-finger-wide-char-support5.patch +Patch11: bsd-finger-0.17-init-realname.patch +Patch12: bsd-finger-0.17-host-info.patch +Patch13: bsd-finger-0.17-match_sigsegv.patch +Patch14: bsd-finger-0.17-man_page_systemd.patch +Patch15: bsd-finger-0.17-coverity-bugs.patch + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: glibc-devel, systemd + +%description +Finger is a utility which allows users to see information about system +users (login name, home directory, name, how long they've been logged +in to the system, etc.). The finger package includes a standard +finger client. + +You should install finger if you'd like to retrieve finger information +from other systems. + +%package server +Summary: The finger daemon +Group: System Environment/Daemons +Requires: systemd +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd + +%description server +Finger is a utility which allows users to see information about system +users (login name, home directory, name, how long they've been logged +in to the system, etc.). The finger-server package includes a standard +finger server. The server daemon (fingerd) must be started using +systemctl to receive finger requests. + +You should install finger-server if your system is used by multiple users +and you'd like finger information to be available. + + +%prep +%setup -q -n bsd-finger-%{version} +%patch1 -p1 -b .pts +%patch2 -p1 -b .exact +%patch3 -p1 +%patch4 -p1 -b .rfc742 +%patch5 -p1 -b .time +%patch6 -p1 -b .ipv6 +%patch7 -p1 -b .typo +%patch8 -p1 -b .strip +%patch9 -p1 -b .utmp +%patch10 -p1 -b .widechar +%patch11 -p1 +%patch12 -p1 -b .host +%patch13 -p1 -b .match_sigsegv +%patch14 -p1 -b .systemd +%patch15 -p1 -b .coverity + +install -m 644 %{SOURCE3} COPYING + + +%build +sh configure --enable-ipv6 +perl -pi -e ' + s,^CC=.*$,CC=gcc,; + s,^CFLAGS=.*,CFLAGS=\$(RPM_OPT_FLAGS),; + s,^BINDIR=.*$,BINDIR=%{_bindir},; + s,^MANDIR=.*$,MANDIR=%{_mandir},; + s,^SBINDIR=.*$,SBINDIR=%{_sbindir},; + s,^LDFLAGS=.*$,LDFLAGS=\$(RPM_LD_FLAGS),; + ' MCONFIG + +make %{?_smp_mflags} + + +%install +mkdir -p %{buildroot}%{_bindir} +mkdir -p %{buildroot}%{_mandir}/man{1,8} +mkdir -p %{buildroot}%{_sbindir} + +mkdir -p %{buildroot}%{_unitdir} +install -m 644 %{SOURCE1} %{buildroot}%{_unitdir} +install -m 644 %{SOURCE2} %{buildroot}%{_unitdir} + +make INSTALLROOT=%{buildroot} install + + +%post server +%systemd_post finger.socket + + +%preun server +%systemd_preun finger.socket + + +%postun server +%systemd_postun_with_restart finger.socket + + +%files +%doc COPYING +%attr(0755,root,root) %{_bindir}/finger +%{_mandir}/man1/finger.1* + + +%files server +%doc COPYING +%{_unitdir}/finger.socket +%{_unitdir}/finger@.service +%attr(0755,root,root) %{_sbindir}/in.fingerd +%{_mandir}/man8/in.fingerd.8* +%{_mandir}/man8/fingerd.8* + + +%changelog +* Mon Jul 22 2013 Tomas Hozza - 0.17-49 +- Compile finger with Full RELRO +- Explicitly use gcc +- Use only RPM_OPT_FLAGS and RPM_LD_FLAGS +- Add systemd as BuildRequires because of unitdir macro + +* Mon Feb 11 2013 Tomas Hozza - 0.17-48 +- Fixing errors found by static analysis of code (Coverity) (#909325) + +* Fri Nov 23 2012 Tomas Hozza - 0.17-47 +- Provide native systemd service file (#737178) +- SPEC file cleanup + +* Tue Oct 16 2012 Tomas Hozza - 0.17-46 +- finger segfaults if pw->pw_gecos is NULL (#866873) + +* Thu Jul 19 2012 Fedora Release Engineering - 0.17-45 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 0.17-44 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Feb 08 2011 Fedora Release Engineering - 0.17-43 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Tue Jul 13 2010 Petr Lautrbach 0.17-42 +- print user host information in better format (#532414) - + +* Mon Jul 12 2010 Petr Lautrbach 0.17-41 +- fix UTF-8 output in list of logged users (#490443) + +* Thu Jul 08 2010 Petr Lautrbach 0.17-40 +- added license text + +* Mon Sep 7 2009 Radek Vokal - 0.17-39 +- init realname fix (#520203) + +* Fri Jul 24 2009 Fedora Release Engineering - 0.17-38 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Feb 24 2009 Fedora Release Engineering - 0.17-37 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Tue Feb 19 2008 Fedora Release Engineering - 0.17-36 +- Autorebuild for GCC 4.3 + +* Thu Aug 23 2007 Radek Vokál - 0.17-35 +- rebuilt + +* Sun Feb 4 2007 Radek Vokál - 0.17-34 +- finger server permissions (#225754) + +* Sun Feb 4 2007 Radek Vokál - 0.17-33 +- spec files cleanups according to MergeReview (#225754) +- dist tag added + +* Wed Jul 12 2006 Jesse Keating - 0.17-32.2.1.1 +- rebuild + +* Wed Jul 12 2006 Jesse Keating - 0.17-32.2.1 +- rebuild + +* Fri Feb 10 2006 Jesse Keating - 0.17-32.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 0.17-32.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Thu Dec 15 2005 Radek Vokal 0.17-32 +- another UTF-8 fix + +* Tue Dec 13 2005 Radek Vokal 0.17-31 +- real UTF-8 patch by + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Mon Nov 28 2005 Radek Vokal 0.17-30 +- make finger UTF-8 happy (#174352) + +* Wed Jul 13 2005 Radek Vokal 0.17-29 +- make finger world readable (#162643) + +* Fri Mar 04 2005 Radek Vokal 0.17-28 +- gcc4 rebuilt + +* Wed Feb 09 2005 Radek Vokal 0.17-27 +- rebuilt to get fortified + +* Mon Sep 06 2004 Radek Vokal 0.17-26 +- rebuilt + +* Tue Jun 15 2004 Alan Cox +- Made finger agree with our other apps about how utmp is managed +- Removed dead users from the lists as a result +- Fixed random idle time bug + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Wed Feb 25 2004 Phil Knirsch 0.17-21 +- rebuilt +- Made fingerd PIE. + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Mon Sep 01 2003 Phil Knirsch 0.17-18.1 +- rebuilt + +* Mon Sep 01 2003 Phil Knirsch 0.17-18 +- Fixed manpage bug (#75705). + +* Wed Jun 04 2003 Elliot Lee 0.17-17 +- rebuilt + +* Wed Jan 22 2003 Tim Powers 0.17-16 +- rebuilt + +* Wed Dec 11 2002 Tim Powers 0.17-15 +- rebuild on all arches + +* Fri Jun 21 2002 Tim Powers 0.17-14 +- automated rebuild + +* Wed Jun 19 2002 Phil Knirsch 0.17-13 +- Don't forcibly strip binaries + +* Thu May 23 2002 Tim Powers +- automated rebuild + +* Thu Jan 24 2002 Phil Knirsch +- Fixed various typos in manpage/app (#51891, #54916, #57588) + +* Wed Jan 09 2002 Tim Powers +- automated rebuild + +* Wed Apr 18 2001 Crutcher Dunnavant +- Approved +- * Sun Mar 11 2001 Pekka Savola +- - Add IPv6 support from USAGI, update to 0.17 final (no changes) + +* Tue Feb 27 2001 Preston Brown +- noreplace xinetd.d config file + +* Mon Feb 12 2001 Crutcher Dunnavant +- time patch to handle time.h moving, credit to howarth@fuse.net +- closes bug #26766 + +* Fri Dec 1 2000 Trond Eivind Glomsred +- make sure finger is turned off by default + +* Sun Aug 27 2000 Nalin Dahyabhai +- add patch to always call getpwnam() instead of just when -m is specified + +* Sat Jul 22 2000 Jeff Johnson +- fix RFC742 problem (again) (#6728). + +* Tue Jul 18 2000 Bill Nottingham +- add description & default to xinetd file + +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Sun Jun 18 2000 Jeff Johnson +- FHS packaging. +- update to 0.17. + +* Wed May 31 2000 Cristian Gafton +- fix the broken malloc code in finger client + +* Mon May 22 2000 Trond Eivind Glomsred +- converted to use /etc/xinetd.d + +* Tue May 16 2000 Chris Evans +- make some files mode -rwx--x--x as a security hardening measure + +* Fri Feb 11 2000 Bill Nottingham +- fix description + +* Mon Feb 7 2000 Bill Nottingham +- handle compressed manpages + +* Wed Feb 02 2000 Cristian Gafton +- fix description +- man pages are compressed + +* Tue Jan 4 2000 Bill Nottingham +- split client and server + +* Tue Dec 21 1999 Jeff Johnson +- update to 0.16. + +* Wed Jul 28 1999 Jeff Johnson +- exact match w/o -m and add missing pts patch (#2118). +- recompile with correct PATH_MAILDIR (#4218). + +* Thu Apr 8 1999 Jeff Johnson +- fix process table filled DOS attack (#1271) +- fix pts display problems (#1987 partially) + +* Sun Mar 21 1999 Cristian Gafton +- auto rebuild in the new build environment (release 22) + +* Mon Mar 15 1999 Jeff Johnson +- compile for 6.0. + +* Wed Aug 12 1998 Jeff Johnson +- fix error message typo. + +* Tue Aug 11 1998 Jeff Johnson +- build root + +* Mon Apr 27 1998 Prospector System +- translations modified for de, fr, tr + +* Mon Sep 22 1997 Erik Troan +- added check for getpwnam() failure