Fri Oct 24 13:25:50 2008 UTC ()
Security fix: by default, only listen on INADDR_LOOPBACK, so that
position is only provided on on-machine clients.  Previously, gpsd
listened on INADDR_ANY, providing position of the computer to any host
that asked.  (The fix is in upstream bugzilla, with link in
patches/patch-ac.)


(gdt)
diff -r1.12 -r1.13 pkgsrc/geography/gpsd/Makefile
diff -r1.10 -r1.11 pkgsrc/geography/gpsd/distinfo
diff -r0 -r1.3 pkgsrc/geography/gpsd/patches/patch-ac
diff -r0 -r1.3 pkgsrc/geography/gpsd/patches/patch-ad
cvs diff -r1.12 -r1.13 pkgsrc/geography/gpsd/Makefile (expand / switch to unified diff)

--- pkgsrc/geography/gpsd/Makefile 2008/10/24 13:08:13 1.12
+++ pkgsrc/geography/gpsd/Makefile 2008/10/24 13:25:50 1.13
@@ -1,16 +1,17 @@ @@ -1,16 +1,17 @@
1# $NetBSD: Makefile,v 1.12 2008/10/24 13:08:13 gdt Exp $ 1# $NetBSD: Makefile,v 1.13 2008/10/24 13:25:50 gdt Exp $
2 2
3DISTNAME= gpsd-2.37 3DISTNAME= gpsd-2.37
 4PKGREVISION= 1
4CATEGORIES= geography 5CATEGORIES= geography
5MASTER_SITES= http://download.berlios.de/gpsd/ 6MASTER_SITES= http://download.berlios.de/gpsd/
6 7
7MAINTAINER= tsarna@NetBSD.org 8MAINTAINER= tsarna@NetBSD.org
8# also gdt@NetBSD.org 9# also gdt@NetBSD.org
9HOMEPAGE= http://gpsd.berlios.de/ 10HOMEPAGE= http://gpsd.berlios.de/
10COMMENT= GPS information daemon 11COMMENT= GPS information daemon
11 12
12PKG_DESTDIR_SUPPORT= user-destdir 13PKG_DESTDIR_SUPPORT= user-destdir
13 14
14GNU_CONFIGURE= YES 15GNU_CONFIGURE= YES
15CONFIGURE_ARGS+= --disable-python 16CONFIGURE_ARGS+= --disable-python
16 17
cvs diff -r1.10 -r1.11 pkgsrc/geography/gpsd/distinfo (expand / switch to unified diff)

--- pkgsrc/geography/gpsd/distinfo 2008/10/24 13:08:13 1.10
+++ pkgsrc/geography/gpsd/distinfo 2008/10/24 13:25:50 1.11
@@ -1,7 +1,9 @@ @@ -1,7 +1,9 @@
1$NetBSD: distinfo,v 1.10 2008/10/24 13:08:13 gdt Exp $ 1$NetBSD: distinfo,v 1.11 2008/10/24 13:25:50 gdt Exp $
2 2
3SHA1 (gpsd-2.37.tar.gz) = 5bf4e1db9e570cc14b70bd0cf902926f96131ace 3SHA1 (gpsd-2.37.tar.gz) = 5bf4e1db9e570cc14b70bd0cf902926f96131ace
4RMD160 (gpsd-2.37.tar.gz) = 72387ef3c8da39ed1a1dffa9aecfff1622023fcc 4RMD160 (gpsd-2.37.tar.gz) = 72387ef3c8da39ed1a1dffa9aecfff1622023fcc
5Size (gpsd-2.37.tar.gz) = 712943 bytes 5Size (gpsd-2.37.tar.gz) = 712943 bytes
6SHA1 (patch-aa) = 0f581183a114d63733c57ed9f0ceead43e2e5607 6SHA1 (patch-aa) = 0f581183a114d63733c57ed9f0ceead43e2e5607
7SHA1 (patch-ab) = 869942effbfc22ece1716dce0ffb5c907dd66906 7SHA1 (patch-ab) = 869942effbfc22ece1716dce0ffb5c907dd66906
 8SHA1 (patch-ac) = 2cfd090f2c7bf1d526b5d6125c451b5f45617dd0
 9SHA1 (patch-ad) = 551701d43016f9fefd0bd488415bfecb62c55d1a
File Added: pkgsrc/geography/gpsd/patches/Attic/patch-ac
$NetBSD: patch-ac,v 1.3 2008/10/24 13:25:50 gdt Exp $

Don't expose position via INADDR_ANY by default.  Security fix for
http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116

--- gpsd.c.orig	2008-01-28 15:04:33.000000000 -0500
+++ gpsd.c
@@ -86,6 +86,7 @@
 static fd_set all_fds;
 static int maxfd;
 static int debuglevel;
+static bool listen_global = false;
 static bool in_background = false;
 static bool nowait = false;
 static jmp_buf restartbuf;
@@ -230,7 +231,10 @@ static int passivesock(char *service, ch
     /*@ -mustfreefresh @*/
     memset((char *) &sin, 0, sizeof(sin));
     /*@i1@*/sin.sin_family = AF_INET;
-    sin.sin_addr.s_addr = INADDR_ANY;
+    if (listen_global)
+      sin.sin_addr.s_addr = htonl(INADDR_ANY);
+    else
+      sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
 
     if ((pse = getservbyname(service, protocol)))
 	sin.sin_port = htons(ntohs((in_port_t)pse->s_port));
@@ -1271,7 +1275,7 @@ int main(int argc, char *argv[])
     (void)setlocale(LC_NUMERIC, "C");
 #endif
     debuglevel = 0;
-    while ((option = getopt(argc, argv, "F:D:S:bhNnP:V"
+    while ((option = getopt(argc, argv, "F:D:S:bhNnP:VG"
 #ifdef RTCM104_SERVICE
 			    "R:"
 #endif /* RTCM104_SERVICE */
@@ -1280,6 +1284,8 @@ int main(int argc, char *argv[])
 	case 'D':
 	    debuglevel = (int) strtol(optarg, 0, 0);
 	    break;
+	case 'G':
+	    listen_global = true;
 	case 'F':
 	    control_socket = optarg;
 	    break;
File Added: pkgsrc/geography/gpsd/patches/Attic/patch-ad
$NetBSD: patch-ad,v 1.3 2008/10/24 13:25:50 gdt Exp $

Don't expose position via INADDR_ANY by default.  Security fix for
http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116

--- gpsd.xml.orig	2008-01-21 13:35:31.000000000 -0500
+++ gpsd.xml
@@ -20,6 +20,7 @@
   <command>gpsd</command>  
       <arg choice='opt'>-f <replaceable>GPS-devicename</replaceable></arg>
       <arg choice='opt'>-F <replaceable>control-socket</replaceable></arg>
+      <arg choice='opt'>-G </arg>
       <!-- arg choice='opt'>-R
       <replaceable>rtcm-listener-port</replaceable></arg -->
       <arg choice='opt'>-S <replaceable>listener-port</replaceable></arg>
@@ -107,6 +108,12 @@ commands that edit the daemon's internal
 clients.</para></listitem>
 </varlistentry -->
 <varlistentry>
+<term>-G</term>
+<listitem><para>If present, listen for connections from other
+systems.  Otherwise, listen only for connections from this system.
+</para></listitem>
+</varlistentry>
+<varlistentry>
 <term>-S</term>
 <listitem><para>Set TCP/IP port on which to listen for GPSD clients 
 (default is 2947).</para></listitem>
@@ -871,6 +878,12 @@ will not attempt to document this interf
 </refsect1>
 <refsect1 id='security'><title>SECURITY AND PERMISSIONS ISSUES</title> 
 
+<para><application>gpsd</application>, if given the -G flag, will
+listen for connections from any reachable host, and then disclose the
+current position.  Before using the -G flag, consider whether you
+consider your computer's location to be sensitive data to be kept
+private or something that you wish to publish.</para>
+
 <para><application>gpsd</application> must start up as root in order
 to open the NTPD shared-memory segment, open its logfile, and create
 its local control socket.  Before doing any processing of GPS data, it