From 3a0b5a011154798f04366882e8d37ad11fe589f2 Mon Sep 17 00:00:00 2001
From: Maxim Storchak <m.storchak@gmail.com>
Date: Tue, 22 Dec 2015 13:54:43 +0200
Subject: [PATCH] rsync: update to 3.1.2

https://rsync.samba.org/security.html#s3_1_2:

If you're using a version of rsync older than 3.1.2 as a client and
receiving files from an rsync server that you might not fully trust,
this version adds extra checking to the file list to prevent the sender
from tweaking the paths and/or the transfer requests in a way that could
cause a file to be received outside the transfer destination.

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
---
 net/rsync/Makefile                        |   6 +-
 net/rsync/patches/000-CVE-2014-9512.patch | 106 ----------------------
 2 files changed, 3 insertions(+), 109 deletions(-)
 delete mode 100644 net/rsync/patches/000-CVE-2014-9512.patch

diff --git a/net/rsync/Makefile b/net/rsync/Makefile
index f4419d3db..f9fa04758 100644
--- a/net/rsync/Makefile
+++ b/net/rsync/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=rsync
-PKG_VERSION:=3.1.1
-PKG_RELEASE:=2
+PKG_VERSION:=3.1.2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://rsync.samba.org/ftp/rsync/src
-PKG_MD5SUM:=43bd6676f0b404326eee2d63be3cdcfe
+PKG_MD5SUM:=0f758d7e000c0f7f7d3792610fad70cb
 PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
 PKG_LICENSE:=GPL-3.0
 PKG_LICENSE_FILES:=COPYING
diff --git a/net/rsync/patches/000-CVE-2014-9512.patch b/net/rsync/patches/000-CVE-2014-9512.patch
deleted file mode 100644
index aaefbad8c..000000000
--- a/net/rsync/patches/000-CVE-2014-9512.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-From: Wayne Davison <wayned@samba.org>
-Date: Wed, 31 Dec 2014 20:41:03 +0000 (-0800)
-Subject: Complain if an inc-recursive path is not right for its dir.
-X-Git-Url: https://git.samba.org/?p=rsync.git;a=commitdiff_plain;h=962f8b90045ab331fc04c9e65f80f1a53e68243b
-
-Complain if an inc-recursive path is not right for its dir.
-This ensures that a malicious sender can't use a just-sent
-symlink as a trasnfer path.
----
-
-diff --git a/flist.c b/flist.c
-index c24672e..92e4b65 100644
---- a/flist.c
-+++ b/flist.c
-@@ -2435,8 +2435,9 @@ struct file_list *send_file_list(int f, int argc, char *argv[])
- 	return flist;
- }
- 
--struct file_list *recv_file_list(int f)
-+struct file_list *recv_file_list(int f, int dir_ndx)
- {
-+	const char *good_dirname = NULL;
- 	struct file_list *flist;
- 	int dstart, flags;
- 	int64 start_read;
-@@ -2492,6 +2493,23 @@ struct file_list *recv_file_list(int f)
- 		flist_expand(flist, 1);
- 		file = recv_file_entry(f, flist, flags);
- 
-+		if (inc_recurse) {
-+			static const char empty_dir[] = "\0";
-+			const char *cur_dir = file->dirname ? file->dirname : empty_dir;
-+			if (relative_paths && *cur_dir == '/')
-+				cur_dir++;
-+			if (cur_dir != good_dirname) {
-+				const char *d = dir_ndx >= 0 ? f_name(dir_flist->files[dir_ndx], NULL) : empty_dir;
-+				if (strcmp(cur_dir, d) != 0) {
-+					rprintf(FERROR,
-+						"ABORTING due to invalid dir prefix from sender: %s (should be: %s)\n",
-+						cur_dir, d);
-+					exit_cleanup(RERR_PROTOCOL);
-+				}
-+				good_dirname = cur_dir;
-+			}
-+		}
-+
- 		if (S_ISREG(file->mode)) {
- 			/* Already counted */
- 		} else if (S_ISDIR(file->mode)) {
-@@ -2615,7 +2633,7 @@ void recv_additional_file_list(int f)
- 			rprintf(FINFO, "[%s] receiving flist for dir %d\n",
- 				who_am_i(), ndx);
- 		}
--		flist = recv_file_list(f);
-+		flist = recv_file_list(f, ndx);
- 		flist->parent_ndx = ndx;
- 	}
- }
-diff --git a/io.c b/io.c
-index b9a9bd0..a868fa9 100644
---- a/io.c
-+++ b/io.c
-@@ -1685,7 +1685,7 @@ void wait_for_receiver(void)
- 				rprintf(FINFO, "[%s] receiving flist for dir %d\n",
- 					who_am_i(), ndx);
- 			}
--			flist = recv_file_list(iobuf.in_fd);
-+			flist = recv_file_list(iobuf.in_fd, ndx);
- 			flist->parent_ndx = ndx;
- #ifdef SUPPORT_HARD_LINKS
- 			if (preserve_hard_links)
-diff --git a/main.c b/main.c
-index e7a13f7..713b818 100644
---- a/main.c
-+++ b/main.c
-@@ -1009,7 +1009,7 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
- 		filesfrom_fd = -1;
- 	}
- 
--	flist = recv_file_list(f_in);
-+	flist = recv_file_list(f_in, -1);
- 	if (!flist) {
- 		rprintf(FERROR,"server_recv: recv_file_list error\n");
- 		exit_cleanup(RERR_FILESELECT);
-@@ -1183,7 +1183,7 @@ int client_run(int f_in, int f_out, pid_t pid, int argc, char *argv[])
- 
- 	if (write_batch && !am_server)
- 		start_write_batch(f_in);
--	flist = recv_file_list(f_in);
-+	flist = recv_file_list(f_in, -1);
- 	if (inc_recurse && file_total == 1)
- 		recv_additional_file_list(f_in);
- 
-diff --git a/rsync.c b/rsync.c
-index 68ff6b1..c3ecc51 100644
---- a/rsync.c
-+++ b/rsync.c
-@@ -364,7 +364,7 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
- 		}
- 		/* Send all the data we read for this flist to the generator. */
- 		start_flist_forward(ndx);
--		flist = recv_file_list(f_in);
-+		flist = recv_file_list(f_in, ndx);
- 		flist->parent_ndx = ndx;
- 		stop_flist_forward();
- 	}