Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-doc
 Path: blob/main/website/static/security/patches/EN-14:03/pkg-en-releng-9.1.patch
18096 views
1
Index: etc/Makefile

2
===================================================================

3
--- etc/Makefile	(revision 265457)

4
+++ etc/Makefile	(working copy)

5
@@ -205,6 +205,7 @@ distribution:

6
 	${_+_}cd ${.CURDIR}/devd; ${MAKE} install

7
 	${_+_}cd ${.CURDIR}/gss; ${MAKE} install

8
 	${_+_}cd ${.CURDIR}/periodic; ${MAKE} install

9
+	${_+_}cd ${.CURDIR}/pkg; ${MAKE} install

10
 	${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install

11
 	${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall

12
 	${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap

13
Index: etc/mtree/BSD.root.dist

14
===================================================================

15
--- etc/mtree/BSD.root.dist	(revision 265457)

16
+++ etc/mtree/BSD.root.dist	(working copy)

17
@@ -52,6 +52,8 @@

18
             weekly

19
             ..

20
         ..

21
+        pkg

22
+        ..

23
         ppp

24
         ..

25
         rc.d

26
Index: etc/mtree/BSD.usr.dist

27
===================================================================

28
--- etc/mtree/BSD.usr.dist	(revision 265457)

29
+++ etc/mtree/BSD.usr.dist	(working copy)

30
@@ -398,6 +398,14 @@

31
 		..

32
 	    ..

33
         ..

34
+        keys

35
+            pkg

36
+                revoked

37
+                ..

38
+                trusted

39
+                ..

40
+            ..

41
+        ..

42
         locale

43
             UTF-8

44
             ..

45
Index: etc/pkg/FreeBSD.conf

46
===================================================================

47
--- etc/pkg/FreeBSD.conf	(revision 0)

48
+++ etc/pkg/FreeBSD.conf	(working copy)

49
@@ -0,0 +1,16 @@

50
+# $FreeBSD$

51
+#

52
+# To disable this repository, instead of modifying or removing this file,

53
+# create a /usr/local/etc/pkg/repos/FreeBSD.conf file:

54
+#

55
+#   mkdir -p /usr/local/etc/pkg/repos

56
+#   echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf

57
+#

58
+

59
+FreeBSD: {

60
+  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",

61
+  mirror_type: "srv",

62
+  signature_type: "fingerprints",

63
+  fingerprints: "/usr/share/keys/pkg",

64
+  enabled: yes

65
+}

66
Index: etc/pkg/Makefile

67
===================================================================

68
--- etc/pkg/Makefile	(revision 0)

69
+++ etc/pkg/Makefile	(working copy)

70
@@ -0,0 +1,10 @@

71
+# $FreeBSD$

72
+

73
+NO_OBJ=

74
+

75
+FILES=	FreeBSD.conf

76
+

77
+FILESDIR=	/etc/pkg

78
+FILESMODE=	644

79
+

80
+.include <bsd.prog.mk>

81
Index: share/Makefile

82
===================================================================

83
--- share/Makefile	(revision 265457)

84
+++ share/Makefile	(working copy)

85
@@ -10,6 +10,7 @@ SUBDIR=	${_colldef} \

86
 	${_doc} \

87
 	${_examples} \

88
 	${_i18n} \

89
+	keys \

90
 	${_man} \

91
 	${_me} \

92
 	misc \

93
Index: share/keys/Makefile

94
===================================================================

95
--- share/keys/Makefile	(revision 0)

96
+++ share/keys/Makefile	(working copy)

97
@@ -0,0 +1,5 @@

98
+# $FreeBSD$

99
+

100
+SUBDIR= pkg

101
+

102
+.include <bsd.subdir.mk>

103
Index: share/keys/pkg/Makefile

104
===================================================================

105
--- share/keys/pkg/Makefile	(revision 0)

106
+++ share/keys/pkg/Makefile	(working copy)

107
@@ -0,0 +1,5 @@

108
+# $FreeBSD$

109
+

110
+SUBDIR=	trusted

111
+

112
+.include <bsd.subdir.mk>

113
Index: share/keys/pkg/trusted/Makefile

114
===================================================================

115
--- share/keys/pkg/trusted/Makefile	(revision 0)

116
+++ share/keys/pkg/trusted/Makefile	(working copy)

117
@@ -0,0 +1,10 @@

118
+# $FreeBSD$

119
+

120
+NO_OBJ=

121
+

122
+FILES=	pkg.freebsd.org.2013102301

123
+

124
+FILESDIR=	/usr/share/keys/pkg/trusted

125
+FILESMODE=	644

126
+

127
+.include <bsd.prog.mk>

128
Index: share/keys/pkg/trusted/pkg.freebsd.org.2013102301

129
===================================================================

130
--- share/keys/pkg/trusted/pkg.freebsd.org.2013102301	(revision 0)

131
+++ share/keys/pkg/trusted/pkg.freebsd.org.2013102301	(working copy)

132
@@ -0,0 +1,4 @@

133
+# $FreeBSD$

134
+

135
+function: "sha256"

136
+fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438"

137
Index: share/man/man7/hier.7

138
===================================================================

139
--- share/man/man7/hier.7	(revision 265457)

140
+++ share/man/man7/hier.7	(working copy)

141
@@ -32,7 +32,7 @@

142
 .\"	@(#)hier.7	8.1 (Berkeley) 6/5/93

143
 .\" $FreeBSD$

144
 .\"

145
-.Dd May 25, 2008

146
+.Dd October 29, 2013

147
 .Dt HIER 7

148
 .Os

149
 .Sh NAME

150
@@ -546,6 +546,16 @@ ASCII text files used by various games

151
 device description file for device name

152
 .It Pa info/

153
 GNU Info hypertext system

154
+.It Pa keys/

155
+known trusted and revoked keys.

156
+.Bl -tag -width ".Pa keys/pkg/" -compact

157
+.It Pa keys/pkg/

158
+fingerprints for

159
+.Xr pkg 7

160
+and

161
+.Xr pkg 8

162
+.El

163
+.Pp

164
 .It Pa locale/

165
 localization files;

166
 see

167
Index: usr.sbin/pkg/pkg.c

168
===================================================================

169
--- usr.sbin/pkg/pkg.c	(revision 265457)

170
+++ usr.sbin/pkg/pkg.c	(working copy)

171
@@ -282,10 +282,7 @@ static int

172
 bootstrap_pkg(void)

173
 {

174
 	FILE *remote;

175
-	FILE *config;

176
-	char *site;

177
 	char url[MAXPATHLEN];

178
-	char conf[MAXPATHLEN];

179
 	char abi[BUFSIZ];

180
 	char tmppkg[MAXPATHLEN];

181
 	char buf[10240];

182
@@ -300,7 +297,6 @@ bootstrap_pkg(void)

183
 	last = 0;

184
 	ret = -1;

185
 	remote = NULL;

186
-	config = NULL;

187
 

188
 	printf("Bootstrapping pkg please wait\n");

189
 

190
@@ -355,26 +351,6 @@ bootstrap_pkg(void)

191
 	if ((ret = extract_pkg_static(fd, pkgstatic, MAXPATHLEN)) == 0)

192
 		ret = install_pkg_static(pkgstatic, tmppkg);

193
 

194
-	snprintf(conf, MAXPATHLEN, "%s/etc/pkg.conf",

195
-	    getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE);

196
-

197
-	if (access(conf, R_OK) == -1) {

198
-		site = strrchr(url, '/');

199
-		if (site == NULL)

200
-			goto cleanup;

201
-		site[0] = '\0';

202
-		site = strrchr(url, '/');

203
-		if (site == NULL)

204
-			goto cleanup;

205
-		site[0] = '\0';

206
-

207
-		config = fopen(conf, "w+");

208
-		if (config == NULL)

209
-			goto cleanup;

210
-		fprintf(config, "packagesite: %s\n", url);

211
-		fclose(config);

212
-	}

213
-

214
 	goto cleanup;

215
 

216
 fetchfail:

217
@@ -391,7 +367,11 @@ cleanup:

218
 

219
 static const char confirmation_message[] =

220
 "The package management tool is not yet installed on your system.\n"

221
-"Do you want to fetch and install it now? [y/N]: ";

222
+"The mechanism for doing this is not secure on FreeBSD 9.1. To securely install\n"

223
+"pkg(8), use ports from a portsnap checkout:\n"

224
+"  # portsnap fetch extract\n"

225
+"  # make -C /usr/ports/ports-mgmt/pkg install clean\n"

226
+"Do you still want to fetch and install it now? [y/N]: ";

227
 

228
 static int

229
 pkg_query_yes_no(void)

230


231