From 226fcbc02fa2e9fe36c81be3ea530f41efea2f7a Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Thu, 28 Sep 2017 10:43:30 -0500 Subject: [PATCH] Remove remote shell support from libc The remote shell facilities are past deprecation and there is an obligation to prevent their use rather than to support them. This patch removes the related function definitions from 'unistd.h', which have not been been included in the Genode libc ABI regardless. Fix #2530 --- repos/libports/lib/mk/libc-net.mk | 2 -- repos/libports/ports/libc.hash | 2 +- repos/libports/src/lib/libc/patches/README | 4 +++ .../libports/src/lib/libc/patches/rcmd.patch | 32 +++++++++++++++++++ 4 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 repos/libports/src/lib/libc/patches/rcmd.patch diff --git a/repos/libports/lib/mk/libc-net.mk b/repos/libports/lib/mk/libc-net.mk index 87a953780..9bcb9ba06 100644 --- a/repos/libports/lib/mk/libc-net.mk +++ b/repos/libports/lib/mk/libc-net.mk @@ -21,8 +21,6 @@ SRC_C += vars.c # b64_ntop SRC_C += base64.c -SRC_C += rcmd.c rcmdsh.c - include $(REP_DIR)/lib/mk/libc-common.inc INC_DIR += $(REP_DIR)/include/libc diff --git a/repos/libports/ports/libc.hash b/repos/libports/ports/libc.hash index 6a9506a5b..6daf39aa1 100644 --- a/repos/libports/ports/libc.hash +++ b/repos/libports/ports/libc.hash @@ -1 +1 @@ -5871e71bb99dab10faab21931750c30e8a02d980 +c9c17345f57cb2f827c271806df456d829e32ce3 diff --git a/repos/libports/src/lib/libc/patches/README b/repos/libports/src/lib/libc/patches/README index b597a2c58..76c476735 100644 --- a/repos/libports/src/lib/libc/patches/README +++ b/repos/libports/src/lib/libc/patches/README @@ -26,3 +26,7 @@ Manual modifications :'src/lib/libc/resolv/res_send.c': Disable usage of kqueue and fix building libresolv when kqueue is disabled. + +:'src/lib/libc/include/unistd.h': + + Remove definitions for remote network commands over unencrypted streams. diff --git a/repos/libports/src/lib/libc/patches/rcmd.patch b/repos/libports/src/lib/libc/patches/rcmd.patch new file mode 100644 index 000000000..c69adf299 --- /dev/null +++ b/repos/libports/src/lib/libc/patches/rcmd.patch @@ -0,0 +1,32 @@ +--- src/lib/libc/include/unistd.h ++++ src/lib/libc/include/unistd.h +@@ -510,8 +510,6 @@ + int getresuid(uid_t *, uid_t *, uid_t *); + char *getusershell(void); + int initgroups(const char *, gid_t); +-int iruserok(unsigned long, int, const char *, const char *); +-int iruserok_sa(const void *, int, int, const char *, const char *); + int issetugid(void); + long lpathconf(const char *, int); + #ifndef _MKDTEMP_DECLARED +@@ -533,20 +531,12 @@ + #endif + int nfssvc(int, void *); + int profil(char *, size_t, vm_offset_t, int); +-int rcmd(char **, int, const char *, const char *, const char *, int *); +-int rcmd_af(char **, int, const char *, +- const char *, const char *, int *, int); +-int rcmdsh(char **, int, const char *, +- const char *, const char *, const char *); + char *re_comp(const char *); + int re_exec(const char *); + int reboot(int); + int revoke(const char *); + pid_t rfork(int); + pid_t rfork_thread(int, void *, int (*)(void *), void *); +-int rresvport(int *); +-int rresvport_af(int *, int); +-int ruserok(const char *, int, const char *, const char *); + #if __BSD_VISIBLE + #ifndef _SELECT_DECLARED + #define _SELECT_DECLARED