test upstream fix for #866714 (paranoia.patch)

This commit is contained in:
Jiri Popelka 2015-07-02 11:32:30 +02:00
parent 5fe3b160c0
commit 8df2f33e21
3 changed files with 85 additions and 120 deletions

View File

@ -1,111 +1,52 @@
diff -up dhcp-4.3.1b1/client/dhclient.c.dlTsyN dhcp-4.3.1b1/client/dhclient.c diff --git a/includes/dhcpd.h b/includes/dhcpd.h
--- dhcp-4.3.1b1/client/dhclient.c.dlTsyN 2014-07-10 17:49:49.882925843 +0200 index 378459b..e7ed5a3 100644
+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:50:26.922402550 +0200 --- a/includes/dhcpd.h
@@ -1748,11 +1748,6 @@ int write_host (host) +++ b/includes/dhcpd.h
return 0; @@ -2033,6 +2033,11 @@ extern const char *path_dhcpd_pid;
} extern int dhcp_max_agent_option_packet_length;
extern struct eventqueue *rw_queue_empty;
-void db_startup (testp)
- int testp;
-{
-}
-
void bootp (packet)
struct packet *packet;
{
diff -up dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN dhcp-4.3.1b1/includes/dhcpd.h
--- dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN 2014-07-10 17:48:03.798424601 +0200
+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:50:26.923402536 +0200
@@ -2866,7 +2866,11 @@ void commit_leases_timeout (void *);
void commit_leases_readerdry(void *);
int commit_leases (void);
int commit_leases_timed (void);
+#if defined (PARANOIA)
+void db_startup (int, uid_t, gid_t);
+#else
void db_startup (int);
+#endif /* PARANOIA */
int new_lease_file (void);
int group_writer (struct group_object *);
int write_ia(const struct ia_xx *);
diff -up dhcp-4.3.1b1/server/confpars.c.dlTsyN dhcp-4.3.1b1/server/confpars.c
--- dhcp-4.3.1b1/server/confpars.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
+++ dhcp-4.3.1b1/server/confpars.c 2014-07-10 17:50:26.924402522 +0200
@@ -219,7 +219,11 @@ void trace_conf_input (trace_type_t *tty
}
if (!leaseconf_initialized && ttype == trace_readleases_type) {
+#if defined (PARANOIA)
+ db_startup (0, 0, 0);
+#else
db_startup (0);
+#endif /* PARANOIA */
leaseconf_initialized = 1;
postdb_startup ();
}
diff -up dhcp-4.3.1b1/server/db.c.dlTsyN dhcp-4.3.1b1/server/db.c
--- dhcp-4.3.1b1/server/db.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
+++ dhcp-4.3.1b1/server/db.c 2014-07-10 17:50:26.925402508 +0200
@@ -42,6 +42,10 @@ static int counting = 0;
static int count = 0;
TIME write_time;
int lease_file_is_corrupt = 0;
+#if defined (PARANOIA)
+uid_t global_set_uid = 0;
+gid_t global_set_gid = 0;
+#endif /* PARANOIA */
/* Write a single binding scope value in parsable format.
*/
@@ -1046,8 +1050,11 @@ int commit_leases_timed()
return (1);
}
-void db_startup (testp)
- int testp;
+#if defined (PARANOIA)
+void db_startup (int testp, uid_t set_uid, gid_t set_gid)
+#else
+void db_startup (int testp)
+#endif /* PARANOIA */
{
isc_result_t status;
@@ -1066,6 +1073,11 @@ void db_startup (testp)
}
#endif
+#if defined (PARANOIA) +#if defined (PARANOIA)
+ global_set_uid = set_uid; +extern uid_t set_uid;
+ global_set_gid = set_gid; +extern gid_t set_gid;
+#endif /* PARANOIA */ +#endif
+ +
#if defined (TRACING) int main(int, char **);
/* If we're playing back, there is no lease file, so we can't void postconf_initialization(int);
append it, so we create one immediately (maybe this isn't void postdb_startup(void);
@@ -1128,6 +1140,17 @@ int new_lease_file () diff --git a/server/db.c b/server/db.c
index d4d42fe..5238ed8 100644
--- a/server/db.c
+++ b/server/db.c
@@ -1125,6 +1125,22 @@ int new_lease_file ()
log_error ("Can't create new lease file: %m"); log_error ("Can't create new lease file: %m");
return 0; return 0;
} }
+ +
+#if defined (PARANOIA) +#if defined (PARANOIA)
+ if (global_set_uid && !geteuid() && + /*
+ global_set_gid && !getegid()) + * If we are currently root and plan to change the
+ if (fchown(db_fd, global_set_uid, global_set_gid)) { + * uid and gid change the file information so we
+ * can manipulate it later, after we've changed
+ * our group and user (that is dropped privileges.)
+ */
+ if ((set_uid != 0) && (geteuid() == 0) &&
+ (set_gid != 0) && (getegid() == 0)) {
+ if (fchown(db_fd, set_uid, set_gid)) {
+ log_fatal ("Can't chown new lease file: %m"); + log_fatal ("Can't chown new lease file: %m");
+ close(db_fd); + }
+ goto fdfail;
+ } + }
+#endif /* PARANOIA */ +#endif /* PARANOIA */
+ +
if ((new_db_file = fdopen(db_fd, "we")) == NULL) { if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m"); log_error("Can't fdopen new lease file: %m");
close(db_fd); close(db_fd);
diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8 diff --git a/server/dhcpd.8 b/server/dhcpd.8
--- dhcp-4.3.1b1/server/dhcpd.8.dlTsyN 2014-07-02 19:58:39.000000000 +0200 index f4b13dc..8cf756a 100644
+++ dhcp-4.3.1b1/server/dhcpd.8 2014-07-10 17:50:26.925402508 +0200 --- a/server/dhcpd.8
@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto +++ b/server/dhcpd.8
.I trace-output-file @@ -78,6 +78,18 @@ dhcpd - Dynamic Host Configuration Protocol Server
.B --no-pid
] ]
[ [
+.B -user +.B -user
@ -120,37 +61,58 @@ diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8
+.I dir +.I dir
+] +]
+[ +[
.B -play .B -tf
.I trace-playback-file .I trace-output-file
] ]
@@ -269,6 +281,15 @@ lease file. @@ -249,6 +261,26 @@ for correct syntax, but will not attempt to perform any network
operations. This can be used to test a new lease file
automatically before installing it.
.TP .TP
.BI --version
Print version number and exit.
+.TP
+.BI \-user \ user +.BI \-user \ user
+Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports. +Setuid to user after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP +.TP
+.BI \-group \ group +.BI \-group \ group
+Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports. +Setgid to group after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP +.TP
+.BI \-chroot \ dir +.BI \-chroot \ dir
+Chroot to directory after processing the command line arguments, but before reading the configuration file. +Chroot to directory. This may occur before or after
.PP +reading the configuration files depending on whether
.I Modifying default file locations: +the code was compiled with the EARLY_CHROOT option
The following options can be used to modify the locations +enabled (./configure --enable-early-chroot).
diff -up dhcp-4.3.1b1/server/dhcpd.c.dlTsyN dhcp-4.3.1b1/server/dhcpd.c +This option is only available if the code was compiled
--- dhcp-4.3.1b1/server/dhcpd.c.dlTsyN 2014-07-10 17:39:25.802764582 +0200 +with the PARANOIA patch (./configure --enable-paranoia).
+++ dhcp-4.3.1b1/server/dhcpd.c 2014-07-10 17:52:35.341588248 +0200 +.TP
@@ -628,7 +628,11 @@ main(int argc, char **argv) { .BI \-tf \ tracefile
group_write_hook = group_writer; Specify a file into which the entire startup state of the server and
all the transactions it processes are logged. This can be
diff --git a/server/dhcpd.c b/server/dhcpd.c
index ebb6d3e..ca50178 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -50,6 +50,10 @@ static const char url [] =
# define group real_group
# include <grp.h>
# undef group
+
+/* global values so db.c can look at them */
+uid_t set_uid = 0;
+gid_t set_gid = 0;
#endif /* PARANOIA */
/* Start up the database... */ #ifndef UNIT_TEST
+#if defined (PARANOIA) @@ -180,9 +184,6 @@ main(int argc, char **argv) {
+ db_startup (lftest, set_uid, set_gid); char *set_user = 0;
+#else char *set_group = 0;
db_startup (lftest); char *set_chroot = 0;
+#endif /* PARANOIA */ -
- uid_t set_uid = 0;
- gid_t set_gid = 0;
#endif /* PARANOIA */
if (lftest) /* Make sure that file descriptors 0 (stdin), 1, (stdout), and
exit (0);

View File

@ -237,7 +237,7 @@ diff -up dhcp-4.3.2/server/dhcpd.c.systemtap dhcp-4.3.2/server/dhcpd.c
--- dhcp-4.3.2/server/dhcpd.c.systemtap 2015-03-05 19:06:12.910502462 +0100 --- dhcp-4.3.2/server/dhcpd.c.systemtap 2015-03-05 19:06:12.910502462 +0100
+++ dhcp-4.3.2/server/dhcpd.c 2015-03-05 19:06:12.933502132 +0100 +++ dhcp-4.3.2/server/dhcpd.c 2015-03-05 19:06:12.933502132 +0100
@@ -52,6 +52,8 @@ static const char url [] = @@ -52,6 +52,8 @@ static const char url [] =
# undef group gid_t set_gid = 0;
#endif /* PARANOIA */ #endif /* PARANOIA */
+#include "trace.h" +#include "trace.h"

View File

@ -18,7 +18,7 @@
Summary: Dynamic host configuration protocol software Summary: Dynamic host configuration protocol software
Name: dhcp Name: dhcp
Version: 4.3.2 Version: 4.3.2
Release: 8%{?dist} Release: 9%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and # dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was. # that's why it is at 12 now. It should have never been used, but it was.
@ -675,6 +675,9 @@ done
%doc doc/html/ %doc doc/html/
%changelog %changelog
* Thu Jul 02 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.2-9
- test upstream fix for #866714 (paranoia.patch)
* Wed Jun 24 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.2-8 * Wed Jun 24 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.2-8
- add more randomness into xid generation (#1195693) - add more randomness into xid generation (#1195693)