[gitolite/f14/master] Fix ADC security issue

[Lubomir Rintel]

commit ab4e6e01b90d88cf676a5e917038c52ac3e93e1a
Author: Lubomir Rintel <lkundrak at v3.sk>
Date:   Tue Feb 15 12:14:20 2011 +0100

    Fix ADC security issue
    
    Dylan Alex Simon discovered and reported a directory traversal flaw in
    the way Gitolite restricted access to admin defined commands ("ADC"). An
    authenticated attacker could execute arbitrary code with privileges of
    Gitolite server user using specially crafted command name.
    
    The flaw does not affect default Gitolite installations. Users who have
    enabled ADC in their configurations are advised to install the updated
    package which includes a fix to resolve the issue.

 adcfix.pre-v2.patch |   12 ++++++++++++
 gitolite.spec       |    7 ++++++-
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/adcfix.pre-v2.patch b/adcfix.pre-v2.patch
new file mode 100644
index 0000000..bfab25a
--- /dev/null
+++ b/adcfix.pre-v2.patch
@@ -0,0 +1,12 @@
+diff --git a/src/gl-auth-command b/src/gl-auth-command
+index c8d72b3..c66e79c 100755
+--- a/src/gl-auth-command
++++ b/src/gl-auth-command
+@@ -117,6 +117,7 @@ unless ($ENV{SSH_ORIGINAL_COMMAND}) {
+ if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
+     my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
+     if (-x "$GL_ADC_PATH/$cmd") {
++        die "I don't like $cmd\n" if $cmd =~ /\.\./;
+         # yes this is rather strict, sorry.
+         do { die "I don't like $_\n" unless $_ =~ $REPOPATT_PATT } for ($cmd, @args);
+         &log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");
diff --git a/gitolite.spec b/gitolite.spec
index 0ced579..89cc6c6 100644
--- a/gitolite.spec
+++ b/gitolite.spec
@@ -8,7 +8,7 @@
 
 Name:           gitolite
 Version:        1.5.3
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Highly flexible server for git directory version tracker
 
 Group:          Applications/System
@@ -25,6 +25,7 @@ Source1:        gitolite-README-fedora
 # Far from being upstreamable
 Patch0:         gitolite-1.5-rpm.patch
 Patch1:         gitolite-1.4.2-conf.patch
+Patch2:         adcfix.pre-v2.patch
 BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 BuildArch:      noarch
@@ -55,6 +56,7 @@ elsewhere in the doc/ directory.
 # Don't create backups; would mess with %%install
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 cp %{SOURCE1} .
 
 
@@ -114,6 +116,9 @@ exit 0
 
 
 %changelog
+* Tue Feb 15 2011 Lubomir Rintel <lkundrak at v3.sk> - 1.5.3-2
+- Fix ADC security issue
+
 * Mon Jun 28 2010 Jon Ciesla <limb at jcomserv.net> - 1.5.3-1
 - New upstream.