Compare commits
No commits in common. "c9s" and "c8s" have entirely different histories.
@ -1,70 +0,0 @@
|
||||
From 754ea50b570f72609b1931883bf9908d70ead089 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 19 Apr 2021 11:35:26 -0400
|
||||
Subject: [PATCH 3/3] Port to libidn2
|
||||
|
||||
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
|
||||
---
|
||||
configure.ac | 20 ++++++++++----------
|
||||
src/lib/hesiod.c | 7 +++----
|
||||
2 files changed, 13 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 9098afa..792345a 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -29,16 +29,16 @@ AC_PROG_LIBTOOL
|
||||
# Checks for libraries.
|
||||
hesiod_save_LIBS="$LIBS"
|
||||
LIBS=
|
||||
-AC_ARG_WITH([libidn],
|
||||
- [AS_HELP_STRING([--with-libidn], [Support IDN (needs GNU libidn) @<:@check@:>@])],
|
||||
- [with_libidn="$withval"],
|
||||
- [with_libidn="check"])
|
||||
-AS_IF([test x"$with_libidn" != xno],
|
||||
- [AC_SEARCH_LIBS([stringprep_check_version], [idn],
|
||||
- [AC_DEFINE([HAVE_LIBIDN], [1], [Define if libidn is available.])],
|
||||
- [AS_IF([test x"$with_idn" = xcheck],
|
||||
- [AC_MSG_WARN([Unable to find libidn.])],
|
||||
- [AC_MSG_ERROR([--with-libidn was given but libidn was not found.])])])])
|
||||
+AC_ARG_WITH([libidn2],
|
||||
+ [AS_HELP_STRING([--with-libidn2], [Support IDN2 (needs libidn2) @<:@check@:>@])],
|
||||
+ [with_libidn2="$withval"],
|
||||
+ [with_libidn2="check"])
|
||||
+AS_IF([test x"$with_libidn2" != xno],
|
||||
+ [AC_SEARCH_LIBS([idn2_to_ascii_8z], [idn2],
|
||||
+ [AC_DEFINE([HAVE_LIBIDN2], [1], [Define if libidn2 is available.])],
|
||||
+ [AS_IF([test x"$with_idn2" = xcheck],
|
||||
+ [AC_MSG_WARN([Unable to find libidn2.])],
|
||||
+ [AC_MSG_ERROR([--with-libidn2 was given but libidn2 was not found.])])])])
|
||||
|
||||
AC_CHECK_LIB([resolv], [res_mkquery], [], [
|
||||
AC_MSG_CHECKING([if res_mkquery is provided by libresolv with mangled symbols])
|
||||
diff --git a/src/lib/hesiod.c b/src/lib/hesiod.c
|
||||
index e69a8ca..3745d69 100644
|
||||
--- a/src/lib/hesiod.c
|
||||
+++ b/src/lib/hesiod.c
|
||||
@@ -70,9 +70,8 @@ static const char rcsid[] = "$Id: hesiod.c,v 1.30 2002-04-03 21:40:55 ghudson Ex
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <ctype.h>
|
||||
-#ifdef HAVE_LIBIDN
|
||||
-#include <idna.h>
|
||||
-#include <idn-free.h>
|
||||
+#ifdef HAVE_LIBIDN2
|
||||
+#include <idn2.h>
|
||||
#endif
|
||||
#include "hesiod.h"
|
||||
|
||||
@@ -233,7 +232,7 @@ char *hesiod_to_bind(void *context, const char *name, const char *type)
|
||||
hesiod_free_list(context, rhs_list);
|
||||
|
||||
/* Make a copy of the result and return it to the caller. */
|
||||
-#ifdef HAVE_LIBIDN
|
||||
+#ifdef HAVE_LIBIDN2
|
||||
rc = idna_to_ascii_lz(bindname, &idn_ret, 0);
|
||||
if (rc != IDNA_SUCCESS)
|
||||
{
|
||||
--
|
||||
2.31.0
|
||||
|
@ -1,70 +0,0 @@
|
||||
From 91e404cce156bcf74942309a7003fa0dc60b8258 Mon Sep 17 00:00:00 2001
|
||||
From: Nalin Dahyabhai <nalin@redhat.com>
|
||||
Date: Tue, 3 May 2016 13:34:32 -0400
|
||||
Subject: [PATCH 2/3] Remove hard-coded defaults for LHS and RHS
|
||||
|
||||
Don't fall back to using a default LHS or RHS when the configuration
|
||||
file can't be read. Instead, return an error.
|
||||
Original report from https://bugzilla.redhat.com/show_bug.cgi?id=1332493
|
||||
|
||||
(cherry picked from commit 247e2ce1f2aff40040657acaae7f1a1d673d6618)
|
||||
---
|
||||
src/lib/Makefile.am | 2 +-
|
||||
src/lib/hesiod.c | 21 +--------------------
|
||||
2 files changed, 2 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
|
||||
index d092565..e6324b1 100644
|
||||
--- a/src/lib/Makefile.am
|
||||
+++ b/src/lib/Makefile.am
|
||||
@@ -15,7 +15,7 @@ noinst_PROGRAMS = hestest
|
||||
hestest_SOURCES = hestest.c
|
||||
hestest_LDADD = libhesiod.la
|
||||
|
||||
-TESTS_ENVIRONMENT = ./hestest
|
||||
+TESTS_ENVIRONMENT = HESIOD_CONFIG=$(srcdir)/hesiod.conf.sample ./hestest
|
||||
TESTS = hestest.conf
|
||||
|
||||
EXTRA_DIST = hesiod.conf.sample hestest.conf
|
||||
diff --git a/src/lib/hesiod.c b/src/lib/hesiod.c
|
||||
index 2738713..e69a8ca 100644
|
||||
--- a/src/lib/hesiod.c
|
||||
+++ b/src/lib/hesiod.c
|
||||
@@ -81,10 +81,6 @@ static const char rcsid[] = "$Id: hesiod.c,v 1.30 2002-04-03 21:40:55 ghudson Ex
|
||||
#define T_TXT 16
|
||||
#endif
|
||||
|
||||
-/* Defaults if the configuration file is not present. */
|
||||
-#define DEF_RHS ".athena.mit.edu"
|
||||
-#define DEF_LHS ".ns"
|
||||
-
|
||||
/* Maximum size of a Hesiod response from the DNS. */
|
||||
#define MAX_HESRESP 1024
|
||||
|
||||
@@ -301,22 +297,7 @@ static int read_config_file(struct hesiod_p *ctx, const char *filename)
|
||||
/* Try to open the configuration file. */
|
||||
fp = fopen(filename, "r");
|
||||
if (!fp)
|
||||
- {
|
||||
- /* Use compiled in default domain names. */
|
||||
- ctx->lhs = malloc(strlen(DEF_LHS) + 1);
|
||||
- ctx->rhs = malloc(strlen(DEF_RHS) + 1);
|
||||
- if (ctx->lhs && ctx->rhs)
|
||||
- {
|
||||
- strcpy(ctx->lhs, DEF_LHS);
|
||||
- strcpy(ctx->rhs, DEF_RHS);
|
||||
- return 0;
|
||||
- }
|
||||
- else
|
||||
- {
|
||||
- errno = ENOMEM;
|
||||
- return -1;
|
||||
- }
|
||||
- }
|
||||
+ return -1;
|
||||
|
||||
ctx->lhs = NULL;
|
||||
ctx->rhs = NULL;
|
||||
--
|
||||
2.31.0
|
||||
|
@ -1,78 +0,0 @@
|
||||
From bb33136afa333268705c26e4f7e75b93e88db9bd Mon Sep 17 00:00:00 2001
|
||||
From: Nalin Dahyabhai <nalin@redhat.com>
|
||||
Date: Tue, 3 May 2016 13:32:25 -0400
|
||||
Subject: [PATCH 1/3] Use secure_getenv() when it's available
|
||||
|
||||
Factor out logic that attempts to only consult the environment when it's
|
||||
safe to do so into its own function, and use secure_getenv() instead of
|
||||
getenv() if it's available. Original report from
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1332508
|
||||
|
||||
(cherry picked from commit 39b21dac9bc6473365de04d94be0da94941c7c73)
|
||||
---
|
||||
configure.ac | 3 ++-
|
||||
src/lib/hesiod.c | 15 +++++++++++++--
|
||||
2 files changed, 15 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index e5e94d4..9098afa 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -9,6 +9,7 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
AC_CONFIG_SRCDIR([src/lib/hesiod.h])
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
+AC_USE_SYSTEM_EXTENSIONS
|
||||
|
||||
# Checks for programs.
|
||||
AC_PROG_CC
|
||||
@@ -80,7 +81,7 @@ AC_EGREP_HEADER([pw_expire], [pwd.h],
|
||||
# Checks for library functions.
|
||||
AC_FUNC_MALLOC
|
||||
AC_FUNC_REALLOC
|
||||
-AC_CHECK_FUNCS([strchr strdup])
|
||||
+AC_CHECK_FUNCS([strchr strdup secure_getenv])
|
||||
|
||||
AC_CONFIG_FILES([
|
||||
Makefile
|
||||
diff --git a/src/lib/hesiod.c b/src/lib/hesiod.c
|
||||
index c96aebe..2738713 100644
|
||||
--- a/src/lib/hesiod.c
|
||||
+++ b/src/lib/hesiod.c
|
||||
@@ -99,6 +99,17 @@ static int read_config_file(struct hesiod_p *ctx, const char *filename);
|
||||
static char **get_txt_records(struct hesiod_p *ctx, const char *name);
|
||||
static int cistrcmp(const char *s1, const char *s2);
|
||||
|
||||
+static const char *hesiod_getenv(const char *e)
|
||||
+{
|
||||
+ if ((getuid() != geteuid()) || (getgid() != getegid()))
|
||||
+ return NULL;
|
||||
+#ifdef HAVE_SECURE_GETENV
|
||||
+ return secure_getenv(e);
|
||||
+#else
|
||||
+ return getenv(e);
|
||||
+#endif
|
||||
+}
|
||||
+
|
||||
/* This function is called to initialize a hesiod_p. */
|
||||
int hesiod_init(void **context)
|
||||
{
|
||||
@@ -109,13 +120,13 @@ int hesiod_init(void **context)
|
||||
if (ctx)
|
||||
{
|
||||
*context = ctx;
|
||||
- configname = ((getuid() == geteuid()) && (getgid() == getegid())) ? getenv("HESIOD_CONFIG") : NULL;
|
||||
+ configname = hesiod_getenv("HESIOD_CONFIG");
|
||||
if (!configname)
|
||||
configname = SYSCONFDIR "/hesiod.conf";
|
||||
if (read_config_file(ctx, configname) >= 0)
|
||||
{
|
||||
/* The default rhs can be overridden by an environment variable. */
|
||||
- p = ((getuid() == geteuid()) && (getgid() == getegid())) ? getenv("HES_DOMAIN") : NULL;
|
||||
+ p = hesiod_getenv("HES_DOMAIN");
|
||||
if (p)
|
||||
{
|
||||
if (ctx->rhs)
|
||||
--
|
||||
2.31.0
|
||||
|
@ -1,7 +1,6 @@
|
||||
# recipients: rharwrood, frenaud, fdvorak, kaleem, ftrivino
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
- rhel-8
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: manual.sst_idm_ipa.hesiod.noop}
|
||||
- !PassingTestCaseRule {test_case_name: manual.sst_identity_management.hesiod.noop}
|
||||
|
31
hesiod.spec
31
hesiod.spec
@ -1,15 +1,11 @@
|
||||
Name: hesiod
|
||||
Version: 3.2.1
|
||||
Release: 16%{?dist}
|
||||
Release: 11%{?dist}
|
||||
License: MIT
|
||||
Summary: Shared libraries for querying the Hesiod naming service
|
||||
|
||||
Source: ftp://athena-dist.mit.edu/pub/ATHENA/hesiod/hesiod-%{version}.tar.gz
|
||||
Patch0: Use-secure_getenv-when-it-s-available.patch
|
||||
Patch1: Remove-hard-coded-defaults-for-LHS-and-RHS.patch
|
||||
Patch2: Port-to-libidn2.patch
|
||||
|
||||
BuildRequires: autoconf, automake, libtool, libidn2-devel, git
|
||||
BuildRequires: autoconf, automake, libtool, libidn-devel
|
||||
Obsoletes: hesinfo < 3.2
|
||||
|
||||
%global _description\
|
||||
@ -40,7 +36,7 @@ Obsoletes: hesiod <= %{version}-%{release}
|
||||
%description -n compat-hesiod %_description
|
||||
|
||||
%prep
|
||||
%autosetup -S git
|
||||
%setup -q
|
||||
autoreconf -vif
|
||||
|
||||
%build
|
||||
@ -71,24 +67,9 @@ find %{buildroot} -type f -name "*.la" -delete
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.1-16
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Mon Apr 19 2021 Robbie Harwood <rharwood@redhat.com> - 3.2.1-15
|
||||
- Import from RHEL 8 and old Fedora; port to libidn2
|
||||
- Resolves: #1944157
|
||||
|
||||
* Thu Oct 11 2018 Robbie Harwood <rharwood@redhat.com> - 3.2.1-14
|
||||
- Fix CVE-2016-10152 (hardcoded DNS fallback)
|
||||
- Fix CVE-2016-10151 (weak SUID check)
|
||||
- Move package to autosetup
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.1-13
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Fri May 18 2018 Adam Williamson <awilliam@redhat.com> - 3.2.1-12
|
||||
- Rebuild for new libidn
|
||||
* Tue Dec 11 2018 Robbie Harwood <rharwood@redhat.com> 3.2.1-12
|
||||
- Rename to compat-hesiod to mark deprecation
|
||||
- Resolves: RHELPLAN-9455
|
||||
|
||||
* Mon Apr 2 2018 Peter Robinson <pbrobinson@fedoraproject.org> 3.2.1-11
|
||||
- Cleanup and modernise spec
|
||||
|
Loading…
Reference in New Issue
Block a user