From: Chris Cappuccio [chris@DQC.ORG]
Sent: Wednesday, August 18, 1999 1:45 PM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: BASS diffs

I made some diffs to get BASS to compile on OpenBSD and Solaris as well
as Linux..They are very minimal...

diff -uN bass-1.0.7/BASS.c bass/BASS.c
--- bass-1.0.7/BASS.c	Sun Aug  8 12:43:51 1999
+++ bass/BASS.c	Mon Aug 16 15:15:13 1999
@@ -24,6 +24,7 @@
 #include <errno.h>
 #include <signal.h>
 #include <sys/param.h>
+#include <sys/termios.h>

 #include "list.h"
 #include "readconf.h"
@@ -487,11 +488,11 @@
       log("%s - [%s] OUT OF MEMORY?!?!?!.",
 	  cgi_hooks[i].cgi_alias, host);
       break;
-    case EBADRQC	:
+    case EINVAL:
       log("%s - [%s] cgi not installed.",
 	  cgi_hooks[i].cgi_alias, host);
       break;
-    case -1	:
+    case -1:
       log("%s - [%s] unknown cgi failure.",
 	  cgi_hooks[i].cgi_alias, host);
       break;
@@ -526,12 +527,12 @@
 	  scan_hooks[i].scan_alias, host);
       break;

-    case EBADRQC      :
+    case EINVAL      :
       log("%s - [%s] Host denied Iquery request",
 	  scan_hooks[i].scan_alias, host);
       break;

-    case EPROTO	    :
+    case ENOPROTOOPT	    :
       log("%s - [%s] server type mismatch",
 	  scan_hooks[i].scan_alias, host);
       break;
diff -uN bass-1.0.7/Makefile bass/Makefile
--- bass-1.0.7/Makefile	Sun Aug  8 12:43:51 1999
+++ bass/Makefile	Mon Aug 16 15:29:06 1999
@@ -14,14 +14,15 @@
 BASS_DEFS = -DBASS_DEFAULT_DISTDIR=\"$(BASS_DISTDIR)\"

 # On Solaris you'll need to add *at least* these linker flags:
-# -lnsl -lsocket -lresolv -lrpc (is that how the rpc library is called?)
+# -lnsl -lsocket -lresolv
 #
 # On Irix you'll need to... Hmmm...
 #
 # Forget it! I'm not going to fight Unix. Here's a nickel kid, go buy yourself
 # a Linux distribution.

-BASS_LIBS =
+BASS_LIBS=
+#BASS_LIBS =-lnsl -lsocket -lresolv
 BASS_INCLUDES =

 BASS_OBJS = BASS.o job.o log.o list.o xmalloc.o network.o icmp.o \
@@ -29,12 +30,12 @@
 	cgi.o uname.o \
 	bind.o imapd.o qpopper.o innd.o wingate.o \
 	nfsmount_xdr.o rpc.o \
-	$(BASS_LIBS)
+#	strsep.o

 all: BASS	

 BASS: $(BASS_OBJS)
-	$(CC) -o BASS $(BASS_OBJS)
+	$(CC) -o BASS $(BASS_OBJS) $(BASS_LIBS)

 $(LIBPCLOAK_OBJ):
 	cd $(LIBPCLOAK_DIR); $(MAKE) $(LIBPCLOAK).a
diff -uN bass-1.0.7/README.SOLARIS bass/README.SOLARIS
--- bass-1.0.7/README.SOLARIS	Wed Dec 31 16:00:00 1969
+++ bass/README.SOLARIS	Mon Aug 16 15:28:06 1999
@@ -0,0 +1,2 @@
+Edit the makefile, *uncomment* the line for strsep.o
+and *uncomment* the BASS_LIBS that calls -lnsl -lsocket -lresolv
diff -uN bass-1.0.7/bind.c bass/bind.c
--- bass-1.0.7/bind.c	Sun Aug  8 12:43:51 1999
+++ bass/bind.c	Sun Aug 15 08:12:37 1999
@@ -69,7 +69,7 @@
  dnsv = (HEADER *) vquery;

  if(dnsi->rcode) {
-  errno = EBADRQC;
+  errno = EINVAL;
   return -1;
  } else {
     if(dnsv->rcode) {
diff -uN bass-1.0.7/cgi.c bass/cgi.c
--- bass-1.0.7/cgi.c	Sun Aug  8 12:43:51 1999
+++ bass/cgi.c	Sun Aug 15 08:12:37 1999
@@ -78,7 +78,7 @@
  /* Cgi not installed */
  if(!strstr(*response, CGI_HTTP_HEADER_10) &&
     !strstr(*response, CGI_HTTP_HEADER_11)) {
-  errno = EBADRQC;
+  errno = EINVAL;
   return -1;
  }

diff -uN bass-1.0.7/icmp.h bass/icmp.h
--- bass-1.0.7/icmp.h	Sun Aug  8 12:43:51 1999
+++ bass/icmp.h	Mon Aug 16 15:17:15 1999
@@ -13,8 +13,26 @@

 */

-#include <netinet/ip_icmp.h>
+#include <netinet/in_systm.h>
 #include <netinet/ip.h>
+#include <netinet/ip_icmp.h>
+
+#if !defined(__linux__)
+struct iphdr
+{
+#if BYTE_ORDER == LITTLE_ENDIAN
+  unsigned char ihl:4, version:4, tos;
+#elif BYTE_ORDER == BIG_ENDIAN
+  unsigned char version:4, ihl:4, tos;
+#else
+#error "What is the BYTE_ORDER?"
+#endif
+  unsigned short tot_len, id, frag_off;
+  unsigned char ttl, protocol;
+  unsigned short check;
+  unsigned int saddr, daddr;
+};
+#endif

 #define LOCAL_ICMP
 #ifndef LOCAL_ICMP
diff -uN bass-1.0.7/imapd.c bass/imapd.c
--- bass-1.0.7/imapd.c	Sun Aug  8 12:43:51 1999
+++ bass/imapd.c	Sun Aug 15 08:12:37 1999
@@ -56,7 +56,7 @@
     !(imap_flavour = strsep(&sepregister, delim)) ||
       strncasecmp(imap_flavour, S_IMAP, strlen(S_IMAP)) != 0 ||
     !(version = strsep(&sepregister, delim)))
- { close(tcpfd); errno = EPROTO; return -1; }
+ { close(tcpfd); errno = ENOPROTOOPT; return -1; }

  if(!strcmp(imap_flavour, S_IMAP_2BIS))
  {
@@ -72,7 +72,7 @@
  else
  {
    close(tcpfd);
-   errno = EPROTO;
+   errno = ENOPROTOOPT;
    return -1;
  }
 	
diff -uN bass-1.0.7/qpopper.c bass/qpopper.c
--- bass-1.0.7/qpopper.c	Sun Aug  8 12:43:51 1999
+++ bass/qpopper.c	Sun Aug 15 08:12:37 1999
@@ -44,7 +44,7 @@

  if( !strstr(serverid, "QPOP") && !strstr(serverid, "QUALCOMM") ) {
   close(tcpfd);
-  errno = EPROTO; return -1;
+  errno = ENOPROTOOPT; return -1;
  } else {
     if((version = strstr(serverid, S_VERSION)))
     {
diff -uN bass-1.0.7/rpc.c bass/rpc.c
--- bass-1.0.7/rpc.c	Sun Aug  8 12:43:51 1999
+++ bass/rpc.c	Mon Aug 16 21:56:42 1999
@@ -148,9 +148,9 @@
  tt_client = tclnttcp_create(&raddr, TOOLTALK_RPC, TOOLTALK_VERS,
 		             &rpcsock, 0, 0, timer);
  if(!tt_client) {
-  /*-- Traditionally ECOMM has nothing to do with our situation. But we
+  /*-- Traditionally EPROTONOSUPPORT has nothing to do with our situation. But we
        endow it a NEW meaning: Any RPC communications failure. --*/
-  if(errno != ETIMEDOUT) errno = ECOMM;
+  if(errno != ETIMEDOUT) errno = EPROTONOSUPPORT;
   return -1;
  }

@@ -200,7 +200,7 @@
  if(!(mount_client = clntudp_create(&raddr, MOUNTD_RPC, MOUNTD_VERS,
 	                       retry_timeout, &rpcsock)))
  {
-  errno = ECOMM;
+  errno = EPROTONOSUPPORT;
   return -1;
  }

@@ -230,7 +230,7 @@
     log("%s - [%s] RPC request timed out.",
               rpc_hooks[hook_slot].rpc_alias, host);
     break;
-   case ECOMM		:
+   case EPROTONOSUPPORT		:
     log("%s - [%s] RPC service communication error.",
 	      rpc_hooks[hook_slot].rpc_alias, host);
     break;
diff -uN bass-1.0.7/strsep.c bass/strsep.c
--- bass-1.0.7/strsep.c	Wed Dec 31 16:00:00 1969
+++ bass/strsep.c	Mon Aug 16 15:22:28 1999
@@ -0,0 +1,85 @@
+/*	$OpenBSD: strsep.c,v 1.3 1997/08/20 04:28:14 millert Exp $	*/
+
+/*-
+ * Copyright (c) 1990, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdio.h>
+
+#if defined(LIBC_SCCS) && !defined(lint)
+#if 0
+static char sccsid[] = "@(#)strsep.c	8.1 (Berkeley) 6/4/93";
+#else
+static char *rcsid = "$OpenBSD: strsep.c,v 1.3 1997/08/20 04:28:14 millert Exp $";
+#endif
+#endif /* LIBC_SCCS and not lint */
+
+/*
+ * Get next token from string *stringp, where tokens are possibly-empty
+ * strings separated by characters from delim.
+ *
+ * Writes NULs into the string at *stringp to end tokens.
+ * delim need not remain constant from call to call.
+ * On return, *stringp points past the last NUL written (if there might
+ * be further tokens), or is NULL (if there are definitely no more tokens).
+ *
+ * If *stringp is NULL, strsep returns NULL.
+ */
+char *
+strsep(stringp, delim)
+	register char **stringp;
+	register const char *delim;
+{
+	register char *s;
+	register const char *spanp;
+	register int c, sc;
+	char *tok;
+
+	if ((s = *stringp) == NULL)
+		return (NULL);
+	for (tok = s;;) {
+		c = *s++;
+		spanp = delim;
+		do {
+			if ((sc = *spanp++) == c) {
+				if (c == 0)
+					s = NULL;
+				else
+					s[-1] = 0;
+				*stringp = s;
+				return (tok);
+			}
+		} while (sc != 0);
+	}
+	/* NOTREACHED */
+}
diff -uN bass-1.0.7/wingate.c bass/wingate.c
--- bass-1.0.7/wingate.c	Sun Aug  8 12:43:51 1999
+++ bass/wingate.c	Sun Aug 15 08:12:38 1999
@@ -41,7 +41,7 @@
   if(!setjmp(jmpbuf))
   {
    if((n = read(sockfd, response + bytes, MAX_RESPONSE_SIZE - bytes)) <= 0)
-   { errno = EPROTO; goto fail; }
+   { errno = ENOPROTOOPT; goto fail; }
    alarm(0);

    for(i = 0; i<n; i++)


--
Corporations are not evil. That kind of anthropomorphism is inappropriate.
Corporations are too stupid to be evil, only people can be that.  -jwz