diff --git a/dhcp-paranoia.patch b/dhcp-paranoia.patch index 0f2db8c..f83799b 100644 --- a/dhcp-paranoia.patch +++ b/dhcp-paranoia.patch @@ -1,111 +1,52 @@ -diff -up dhcp-4.3.1b1/client/dhclient.c.dlTsyN dhcp-4.3.1b1/client/dhclient.c ---- dhcp-4.3.1b1/client/dhclient.c.dlTsyN 2014-07-10 17:49:49.882925843 +0200 -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:50:26.922402550 +0200 -@@ -1748,11 +1748,6 @@ int write_host (host) - return 0; - } - --void db_startup (testp) -- int testp; --{ --} -- - void bootp (packet) - struct packet *packet; - { -diff -up dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN dhcp-4.3.1b1/includes/dhcpd.h ---- dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN 2014-07-10 17:48:03.798424601 +0200 -+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:50:26.923402536 +0200 -@@ -2866,7 +2866,11 @@ void commit_leases_timeout (void *); - void commit_leases_readerdry(void *); - int commit_leases (void); - int commit_leases_timed (void); -+#if defined (PARANOIA) -+void db_startup (int, uid_t, gid_t); -+#else - void db_startup (int); -+#endif /* PARANOIA */ - int new_lease_file (void); - int group_writer (struct group_object *); - int write_ia(const struct ia_xx *); -diff -up dhcp-4.3.1b1/server/confpars.c.dlTsyN dhcp-4.3.1b1/server/confpars.c ---- dhcp-4.3.1b1/server/confpars.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200 -+++ dhcp-4.3.1b1/server/confpars.c 2014-07-10 17:50:26.924402522 +0200 -@@ -219,7 +219,11 @@ void trace_conf_input (trace_type_t *tty - } - - if (!leaseconf_initialized && ttype == trace_readleases_type) { -+#if defined (PARANOIA) -+ db_startup (0, 0, 0); -+#else - db_startup (0); -+#endif /* PARANOIA */ - leaseconf_initialized = 1; - postdb_startup (); - } -diff -up dhcp-4.3.1b1/server/db.c.dlTsyN dhcp-4.3.1b1/server/db.c ---- dhcp-4.3.1b1/server/db.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200 -+++ dhcp-4.3.1b1/server/db.c 2014-07-10 17:50:26.925402508 +0200 -@@ -42,6 +42,10 @@ static int counting = 0; - static int count = 0; - TIME write_time; - int lease_file_is_corrupt = 0; -+#if defined (PARANOIA) -+uid_t global_set_uid = 0; -+gid_t global_set_gid = 0; -+#endif /* PARANOIA */ - - /* Write a single binding scope value in parsable format. - */ -@@ -1046,8 +1050,11 @@ int commit_leases_timed() - return (1); - } - --void db_startup (testp) -- int testp; -+#if defined (PARANOIA) -+void db_startup (int testp, uid_t set_uid, gid_t set_gid) -+#else -+void db_startup (int testp) -+#endif /* PARANOIA */ - { - isc_result_t status; - -@@ -1066,6 +1073,11 @@ void db_startup (testp) - } - #endif +diff --git a/includes/dhcpd.h b/includes/dhcpd.h +index 378459b..e7ed5a3 100644 +--- a/includes/dhcpd.h ++++ b/includes/dhcpd.h +@@ -2033,6 +2033,11 @@ extern const char *path_dhcpd_pid; + extern int dhcp_max_agent_option_packet_length; + extern struct eventqueue *rw_queue_empty; +#if defined (PARANOIA) -+ global_set_uid = set_uid; -+ global_set_gid = set_gid; -+#endif /* PARANOIA */ ++extern uid_t set_uid; ++extern gid_t set_gid; ++#endif + - #if defined (TRACING) - /* If we're playing back, there is no lease file, so we can't - append it, so we create one immediately (maybe this isn't -@@ -1128,6 +1140,17 @@ int new_lease_file () + int main(int, char **); + void postconf_initialization(int); + void postdb_startup(void); +diff --git a/server/db.c b/server/db.c +index d4d42fe..5238ed8 100644 +--- a/server/db.c ++++ b/server/db.c +@@ -1125,6 +1125,22 @@ int new_lease_file () log_error ("Can't create new lease file: %m"); return 0; } + +#if defined (PARANOIA) -+ if (global_set_uid && !geteuid() && -+ global_set_gid && !getegid()) -+ if (fchown(db_fd, global_set_uid, global_set_gid)) { ++ /* ++ * If we are currently root and plan to change the ++ * uid and gid change the file information so we ++ * can manipulate it later, after we've changed ++ * our group and user (that is dropped privileges.) ++ */ ++ if ((set_uid != 0) && (geteuid() == 0) && ++ (set_gid != 0) && (getegid() == 0)) { ++ if (fchown(db_fd, set_uid, set_gid)) { + log_fatal ("Can't chown new lease file: %m"); -+ close(db_fd); -+ goto fdfail; ++ } + } +#endif /* PARANOIA */ + if ((new_db_file = fdopen(db_fd, "we")) == NULL) { log_error("Can't fdopen new lease file: %m"); close(db_fd); -diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8 ---- dhcp-4.3.1b1/server/dhcpd.8.dlTsyN 2014-07-02 19:58:39.000000000 +0200 -+++ dhcp-4.3.1b1/server/dhcpd.8 2014-07-10 17:50:26.925402508 +0200 -@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto - .I trace-output-file +diff --git a/server/dhcpd.8 b/server/dhcpd.8 +index f4b13dc..8cf756a 100644 +--- a/server/dhcpd.8 ++++ b/server/dhcpd.8 +@@ -78,6 +78,18 @@ dhcpd - Dynamic Host Configuration Protocol Server + .B --no-pid ] [ +.B -user @@ -120,37 +61,58 @@ diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8 +.I dir +] +[ - .B -play - .I trace-playback-file + .B -tf + .I trace-output-file ] -@@ -269,6 +281,15 @@ lease file. +@@ -249,6 +261,26 @@ for correct syntax, but will not attempt to perform any network + operations. This can be used to test a new lease file + automatically before installing it. .TP - .BI --version - Print version number and exit. -+.TP +.BI \-user \ user -+Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports. ++Setuid to user after completing privileged operations, ++such as creating sockets that listen on privileged ports. ++This option is only available if the code was compiled ++with the PARANOIA patch (./configure --enable-paranoia). +.TP +.BI \-group \ group -+Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports. ++Setgid to group after completing privileged operations, ++such as creating sockets that listen on privileged ports. ++This option is only available if the code was compiled ++with the PARANOIA patch (./configure --enable-paranoia). +.TP +.BI \-chroot \ dir -+Chroot to directory after processing the command line arguments, but before reading the configuration file. - .PP - .I Modifying default file locations: - The following options can be used to modify the locations -diff -up dhcp-4.3.1b1/server/dhcpd.c.dlTsyN dhcp-4.3.1b1/server/dhcpd.c ---- dhcp-4.3.1b1/server/dhcpd.c.dlTsyN 2014-07-10 17:39:25.802764582 +0200 -+++ dhcp-4.3.1b1/server/dhcpd.c 2014-07-10 17:52:35.341588248 +0200 -@@ -628,7 +628,11 @@ main(int argc, char **argv) { - group_write_hook = group_writer; ++Chroot to directory. This may occur before or after ++reading the configuration files depending on whether ++the code was compiled with the EARLY_CHROOT option ++enabled (./configure --enable-early-chroot). ++This option is only available if the code was compiled ++with the PARANOIA patch (./configure --enable-paranoia). ++.TP + .BI \-tf \ tracefile + Specify a file into which the entire startup state of the server and + all the transactions it processes are logged. This can be +diff --git a/server/dhcpd.c b/server/dhcpd.c +index ebb6d3e..ca50178 100644 +--- a/server/dhcpd.c ++++ b/server/dhcpd.c +@@ -50,6 +50,10 @@ static const char url [] = + # define group real_group + # include + # undef group ++ ++/* global values so db.c can look at them */ ++uid_t set_uid = 0; ++gid_t set_gid = 0; + #endif /* PARANOIA */ - /* Start up the database... */ -+#if defined (PARANOIA) -+ db_startup (lftest, set_uid, set_gid); -+#else - db_startup (lftest); -+#endif /* PARANOIA */ + #ifndef UNIT_TEST +@@ -180,9 +184,6 @@ main(int argc, char **argv) { + char *set_user = 0; + char *set_group = 0; + char *set_chroot = 0; +- +- uid_t set_uid = 0; +- gid_t set_gid = 0; + #endif /* PARANOIA */ - if (lftest) - exit (0); + /* Make sure that file descriptors 0 (stdin), 1, (stdout), and diff --git a/dhcp-systemtap.patch b/dhcp-systemtap.patch index c345368..5030cfe 100644 --- a/dhcp-systemtap.patch +++ b/dhcp-systemtap.patch @@ -237,7 +237,7 @@ diff -up dhcp-4.3.2/server/dhcpd.c.systemtap dhcp-4.3.2/server/dhcpd.c --- dhcp-4.3.2/server/dhcpd.c.systemtap 2015-03-05 19:06:12.910502462 +0100 +++ dhcp-4.3.2/server/dhcpd.c 2015-03-05 19:06:12.933502132 +0100 @@ -52,6 +52,8 @@ static const char url [] = - # undef group + gid_t set_gid = 0; #endif /* PARANOIA */ +#include "trace.h" diff --git a/dhcp.spec b/dhcp.spec index 8e04243..c923390 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -18,7 +18,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.3.2 -Release: 8%{?dist} +Release: 9%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -675,6 +675,9 @@ done %doc doc/html/ %changelog +* Thu Jul 02 2015 Jiri Popelka - 12:4.3.2-9 +- test upstream fix for #866714 (paranoia.patch) + * Wed Jun 24 2015 Jiri Popelka - 12:4.3.2-8 - add more randomness into xid generation (#1195693)