Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-doc
 Path: blob/main/website/static/security/patches/EN-14:03/pkg-en-releng-9.2.patch
18096 views
1
Index: etc/Makefile

2
===================================================================

3
--- etc/Makefile	(revision 265457)

4
+++ etc/Makefile	(working copy)

5
@@ -224,6 +224,7 @@ distribution:

6
 	${_+_}cd ${.CURDIR}/devd; ${MAKE} install

7
 	${_+_}cd ${.CURDIR}/gss; ${MAKE} install

8
 	${_+_}cd ${.CURDIR}/periodic; ${MAKE} install

9
+	${_+_}cd ${.CURDIR}/pkg; ${MAKE} install

10
 	${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install

11
 	${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall

12
 	${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap

13
Index: etc/mtree/BSD.root.dist

14
===================================================================

15
--- etc/mtree/BSD.root.dist	(revision 265457)

16
+++ etc/mtree/BSD.root.dist	(working copy)

17
@@ -52,6 +52,8 @@

18
             weekly

19
             ..

20
         ..

21
+        pkg

22
+        ..

23
         ppp

24
         ..

25
         rc.d

26
Index: etc/mtree/BSD.usr.dist

27
===================================================================

28
--- etc/mtree/BSD.usr.dist	(revision 265457)

29
+++ etc/mtree/BSD.usr.dist	(working copy)

30
@@ -402,6 +402,14 @@

31
 		..

32
 	    ..

33
         ..

34
+        keys

35
+            pkg

36
+                revoked

37
+                ..

38
+                trusted

39
+                ..

40
+            ..

41
+        ..

42
         locale

43
             UTF-8

44
             ..

45
Index: etc/pkg/FreeBSD.conf

46
===================================================================

47
--- etc/pkg/FreeBSD.conf	(revision 0)

48
+++ etc/pkg/FreeBSD.conf	(working copy)

49
@@ -0,0 +1,16 @@

50
+# $FreeBSD$

51
+#

52
+# To disable this repository, instead of modifying or removing this file,

53
+# create a /usr/local/etc/pkg/repos/FreeBSD.conf file:

54
+#

55
+#   mkdir -p /usr/local/etc/pkg/repos

56
+#   echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf

57
+#

58
+

59
+FreeBSD: {

60
+  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",

61
+  mirror_type: "srv",

62
+  signature_type: "fingerprints",

63
+  fingerprints: "/usr/share/keys/pkg",

64
+  enabled: yes

65
+}

66
Index: etc/pkg/Makefile

67
===================================================================

68
--- etc/pkg/Makefile	(revision 0)

69
+++ etc/pkg/Makefile	(working copy)

70
@@ -0,0 +1,10 @@

71
+# $FreeBSD$

72
+

73
+NO_OBJ=

74
+

75
+FILES=	FreeBSD.conf

76
+

77
+FILESDIR=	/etc/pkg

78
+FILESMODE=	644

79
+

80
+.include <bsd.prog.mk>

81
Index: share/Makefile

82
===================================================================

83
--- share/Makefile	(revision 265457)

84
+++ share/Makefile	(working copy)

85
@@ -11,6 +11,7 @@ SUBDIR=	${_colldef} \

86
 	dtrace \

87
 	${_examples} \

88
 	${_i18n} \

89
+	keys \

90
 	${_man} \

91
 	${_me} \

92
 	misc \

93
Index: share/keys/Makefile

94
===================================================================

95
--- share/keys/Makefile	(revision 0)

96
+++ share/keys/Makefile	(working copy)

97
@@ -0,0 +1,5 @@

98
+# $FreeBSD$

99
+

100
+SUBDIR= pkg

101
+

102
+.include <bsd.subdir.mk>

103
Index: share/keys/pkg/Makefile

104
===================================================================

105
--- share/keys/pkg/Makefile	(revision 0)

106
+++ share/keys/pkg/Makefile	(working copy)

107
@@ -0,0 +1,5 @@

108
+# $FreeBSD$

109
+

110
+SUBDIR=	trusted

111
+

112
+.include <bsd.subdir.mk>

113
Index: share/keys/pkg/trusted/Makefile

114
===================================================================

115
--- share/keys/pkg/trusted/Makefile	(revision 0)

116
+++ share/keys/pkg/trusted/Makefile	(working copy)

117
@@ -0,0 +1,10 @@

118
+# $FreeBSD$

119
+

120
+NO_OBJ=

121
+

122
+FILES=	pkg.freebsd.org.2013102301

123
+

124
+FILESDIR=	/usr/share/keys/pkg/trusted

125
+FILESMODE=	644

126
+

127
+.include <bsd.prog.mk>

128
Index: share/keys/pkg/trusted/pkg.freebsd.org.2013102301

129
===================================================================

130
--- share/keys/pkg/trusted/pkg.freebsd.org.2013102301	(revision 0)

131
+++ share/keys/pkg/trusted/pkg.freebsd.org.2013102301	(working copy)

132
@@ -0,0 +1,4 @@

133
+# $FreeBSD$

134
+

135
+function: "sha256"

136
+fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438"

137
Index: share/man/man7/hier.7

138
===================================================================

139
--- share/man/man7/hier.7	(revision 265457)

140
+++ share/man/man7/hier.7	(working copy)

141
@@ -32,7 +32,7 @@

142
 .\"	@(#)hier.7	8.1 (Berkeley) 6/5/93

143
 .\" $FreeBSD$

144
 .\"

145
-.Dd January 21, 2010

146
+.Dd October 29, 2013

147
 .Dt HIER 7

148
 .Os

149
 .Sh NAME

150
@@ -546,6 +546,16 @@ ASCII text files used by various games

151
 device description file for device name

152
 .It Pa info/

153
 GNU Info hypertext system

154
+.It Pa keys/

155
+known trusted and revoked keys.

156
+.Bl -tag -width ".Pa keys/pkg/" -compact

157
+.It Pa keys/pkg/

158
+fingerprints for

159
+.Xr pkg 7

160
+and

161
+.Xr pkg 8

162
+.El

163
+.Pp

164
 .It Pa locale/

165
 localization files;

166
 see

167
Index: usr.sbin/pkg/pkg.c

168
===================================================================

169
--- usr.sbin/pkg/pkg.c	(revision 265457)

170
+++ usr.sbin/pkg/pkg.c	(working copy)

171
@@ -284,13 +284,10 @@ bootstrap_pkg(void)

172
 {

173
 	struct url *u;

174
 	FILE *remote;

175
-	FILE *config;

176
-	char *site;

177
 	struct dns_srvinfo *mirrors, *current;

178
 	/* To store _https._tcp. + hostname + \0 */

179
 	char zone[MAXHOSTNAMELEN + 13];

180
 	char url[MAXPATHLEN];

181
-	char conf[MAXPATHLEN];

182
 	char abi[BUFSIZ];

183
 	char tmppkg[MAXPATHLEN];

184
 	char buf[10240];

185
@@ -306,7 +303,6 @@ bootstrap_pkg(void)

186
 	max_retry = 3;

187
 	ret = -1;

188
 	remote = NULL;

189
-	config = NULL;

190
 	current = mirrors = NULL;

191
 

192
 	printf("Bootstrapping pkg please wait\n");

193
@@ -387,26 +383,6 @@ bootstrap_pkg(void)

194
 	if ((ret = extract_pkg_static(fd, pkgstatic, MAXPATHLEN)) == 0)

195
 		ret = install_pkg_static(pkgstatic, tmppkg);

196
 

197
-	snprintf(conf, MAXPATHLEN, "%s/etc/pkg.conf",

198
-	    getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE);

199
-

200
-	if (access(conf, R_OK) == -1) {

201
-		site = strrchr(url, '/');

202
-		if (site == NULL)

203
-			goto cleanup;

204
-		site[0] = '\0';

205
-		site = strrchr(url, '/');

206
-		if (site == NULL)

207
-			goto cleanup;

208
-		site[0] = '\0';

209
-

210
-		config = fopen(conf, "w+");

211
-		if (config == NULL)

212
-			goto cleanup;

213
-		fprintf(config, "packagesite: %s\n", url);

214
-		fclose(config);

215
-	}

216
-

217
 	goto cleanup;

218
 

219
 fetchfail:

220
@@ -423,7 +399,11 @@ cleanup:

221
 

222
 static const char confirmation_message[] =

223
 "The package management tool is not yet installed on your system.\n"

224
-"Do you want to fetch and install it now? [y/N]: ";

225
+"The mechanism for doing this is not secure on FreeBSD 9.2. To securely install\n"

226
+"pkg(8), use ports from a portsnap checkout:\n"

227
+"  # portsnap fetch extract\n"

228
+"  # make -C /usr/ports/ports-mgmt/pkg install clean\n"

229
+"Do you still want to fetch and install it now? [y/N]: ";

230
 

231
 static int

232
 pkg_query_yes_no(void)

233


234