From d0272b2de35e881bd8a076129d656b53ff9f71b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Thu, 2 Oct 2014 01:23:53 +0200
Subject: [PATCH] Fix CVE-2013-4319 (RHBZ #1005918, #1005919)

---
 CVE-2013-4319.patch | 26 ++++++++++++++++++++++++++
 torque.spec         | 12 ++++++++++--
 2 files changed, 36 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2013-4319.patch

diff --git a/CVE-2013-4319.patch b/CVE-2013-4319.patch
new file mode 100644
index 0000000..e37e7df
--- /dev/null
+++ b/CVE-2013-4319.patch
@@ -0,0 +1,26 @@
+diff --git a/src/server/process_request.c b/src/server/process_request.c
+index 4817ed0..6b4c955 100644
+--- a/src/server/process_request.c
++++ b/src/server/process_request.c
+@@ -679,6 +679,21 @@ void process_request(
+         log_buffer);
+       }
+ 
++    if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL)
++      {
++      sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)",
++        reqtype_to_txt(request->rq_type),
++        request->rq_host);
++
++      log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer);
++
++      req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized");
++
++      close_client(sfds);
++
++      return;
++      }
++
+ /*    if (!tfind(svr_conn[sfds].cn_addr, &okclients)) */
+     if (!AVL_is_in_tree(svr_conn[sfds].cn_addr, 0, okclients))
+       {
diff --git a/torque.spec b/torque.spec
index 5ceae53..35e9ddc 100644
--- a/torque.spec
+++ b/torque.spec
@@ -71,7 +71,7 @@
 
 Name:        torque
 Version:     3.0.4
-Release:     5%{?dist}
+Release:     6%{?dist}
 Summary:     Tera-scale Open-source Resource and QUEue manager
 Source0:     %{name}-%{version}.tar.gz
 Source2:     xpbs.desktop
@@ -95,6 +95,10 @@ Patch2:      torque-initd-hangs-rhbz-744138.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1029752
 # Patch retrieved from: https://github.com/adaptivecomputing/torque/commit/64da0af7ed27284f3397081313850bba270593db
 Patch3:      CVE-2013-4495.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1005919
+# Patch based on: http://www.adaptivecomputing.com/torquepatch/fix_mom_priv_2.5.patch
+Patch4:      CVE-2013-4319.patch
+
 License:     OpenPBS and TORQUEv1.1
 Group:       System Environment/Daemons
 URL:         http://www.adaptivecomputing.com/products/open-source/torque/
@@ -351,6 +355,7 @@ DRMAA is "Distributed Resource Management Application API"
 %patch1 -p 1
 %patch2 -p 1
 %patch3 -p 1
+%patch4 -p 1
 install -pm 644 %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} \
    %{SOURCE6} %{SOURCE8} .
 # rm x bit on some documentation.
@@ -800,7 +805,10 @@ fi
 %endif
 
 %changelog
-* Fri Sep  5 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.4-5
+* Wed Oct 01 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.4-6
+- Fix CVE-2013-4319 (RHBZ #1005918, #1005919)
+
+* Fri Sep 05 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.4-5
 - Fix CVE-2013-4495 (RHBZ #1029752)
 
 * Fri Aug 16 2013 Orion Poplawski <orion@cora.nwra.com> - 3.0.4-4