diff --git a/0001-arping-tracepath-removed-unused-idna-header.patch b/0001-arping-tracepath-removed-unused-idna-header.patch new file mode 100644 index 0000000..578c962 --- /dev/null +++ b/0001-arping-tracepath-removed-unused-idna-header.patch @@ -0,0 +1,41 @@ +From 01fba8245ae81edbe07a36ee6afa00264a4714c4 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 14 Aug 2017 20:33:21 +0200 +Subject: [PATCH 1/4] arping,tracepath: removed unused idna header + +Signed-off-by: Nikos Mavrogiannopoulos +(cherry picked from commit 44354bdad5ae53f90734375baa8869436b73fb31) + +Resolves: #1449149 +--- + arping.c | 1 - + tracepath.c | 1 - + 2 files changed, 2 deletions(-) + +diff --git a/arping.c b/arping.c +index 1a3f40b..6ad3f5d 100644 +--- a/arping.c ++++ b/arping.c +@@ -43,7 +43,6 @@ struct sysfs_devattr_values; + #endif + + #ifdef USE_IDN +-#include + #include + #endif + +diff --git a/tracepath.c b/tracepath.c +index 74a829d..68e2098 100644 +--- a/tracepath.c ++++ b/tracepath.c +@@ -28,7 +28,6 @@ + #include + + #ifdef USE_IDN +-#include + #include + #define getnameinfo_flags NI_IDN + #else +-- +2.13.6 + diff --git a/0002-traceroute6-use-getaddrinfo-IDNA-conversion.patch b/0002-traceroute6-use-getaddrinfo-IDNA-conversion.patch new file mode 100644 index 0000000..998f2ac --- /dev/null +++ b/0002-traceroute6-use-getaddrinfo-IDNA-conversion.patch @@ -0,0 +1,59 @@ +From 9a30d700493a681ce00b9133e68c12e2cecb1c51 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 14 Aug 2017 20:39:48 +0200 +Subject: [PATCH 2/4] traceroute6: use getaddrinfo IDNA conversion + +Signed-off-by: Nikos Mavrogiannopoulos +(cherry picked from commit 0749fa17ca8b30baa2cfca39762c490f1008f5b3) + +Resolves: #1449149 +--- + traceroute6.c | 13 +++++-------- + 1 file changed, 5 insertions(+), 8 deletions(-) + +diff --git a/traceroute6.c b/traceroute6.c +index 48fc5c5..aa75cd2 100644 +--- a/traceroute6.c ++++ b/traceroute6.c +@@ -248,12 +248,13 @@ + #endif + + #ifdef USE_IDN +-#include + #include + ++#define ADDRINFO_IDN_FLAGS AI_IDN + #define getnameinfo_flags NI_IDN + #else + #define getnameinfo_flags 0 ++#define ADDRINFO_IDN_FLAGS 0 + #endif + + #include +@@ -335,7 +336,8 @@ int main(int argc, char *argv[]) + char pa[NI_MAXHOST]; + extern char *optarg; + extern int optind; +- struct addrinfo hints6 = { .ai_family = AF_INET6, .ai_socktype = SOCK_RAW, .ai_flags = AI_CANONNAME }; ++ struct addrinfo hints6 = { .ai_family = AF_INET6, .ai_socktype = SOCK_RAW, ++ .ai_flags = AI_CANONNAME|ADDRINFO_IDN_FLAGS }; + struct addrinfo *result; + int status; + struct sockaddr_in6 from, *to; +@@ -449,12 +451,7 @@ int main(int argc, char *argv[]) + if (inet_pton(AF_INET6, *argv, &to->sin6_addr) > 0) { + hostname = *argv; + } else { +- char *idn = NULL; +-#ifdef USE_IDN +- if (idna_to_ascii_lz(*argv, &idn, 0) != IDNA_SUCCESS) +- idn = NULL; +-#endif +- status = getaddrinfo(idn ? idn : *argv, NULL, &hints6, &result); ++ status = getaddrinfo(*argv, NULL, &hints6, &result); + if (status) { + (void)fprintf(stderr, + "traceroute: %s: %s\n", *argv, gai_strerror(status)); +-- +2.13.6 + diff --git a/0003-ping6-simplified-IDNA-usage.patch b/0003-ping6-simplified-IDNA-usage.patch new file mode 100644 index 0000000..11895a0 --- /dev/null +++ b/0003-ping6-simplified-IDNA-usage.patch @@ -0,0 +1,103 @@ +From bf269b652f40a59de325b654e024c17daaea2eb3 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 14 Aug 2017 20:46:07 +0200 +Subject: [PATCH 3/4] ping6: simplified IDNA usage + +The function was converting from locale to UTF-8, performing some +check and then converting to IDNA form. Convert instead directly +to IDNA from locale format and perform the check afterwards. + +Signed-off-by: Nikos Mavrogiannopoulos +(cherry picked from commit 8f7b6908746f0eef3bb0f8fdf8b2a8c82ae9afe2) + +Resolves: #1449149 +--- + ping6_common.c | 32 +++++++++----------------------- + 1 file changed, 9 insertions(+), 23 deletions(-) + +diff --git a/ping6_common.c b/ping6_common.c +index 498e590..bf4777d 100644 +--- a/ping6_common.c ++++ b/ping6_common.c +@@ -435,14 +435,14 @@ static int niquery_option_subject_addr_handler(int index, const char *arg) + return 0; + } + +-static int niquery_option_subject_name_handler(int index, const char *arg) ++static int niquery_option_subject_name_handler(int index, const char *name) + { + #ifdef USE_CRYPTO + static char nigroup_buf[INET6_ADDRSTRLEN + 1 + IFNAMSIZ]; + unsigned char *dnptrs[2], **dpp, **lastdnptr; + int n; + int i; +- char *name, *p; ++ char *p; + char *canonname = NULL, *idn = NULL; + unsigned char *buf = NULL; + size_t namelen; +@@ -458,18 +458,19 @@ static int niquery_option_subject_name_handler(int index, const char *arg) + return -1; + + #ifdef USE_IDN +- name = stringprep_locale_to_utf8(arg); +- if (!name) { +- fprintf(stderr, "ping6: IDN support failed.\n"); ++ rc = idna_to_ascii_lz(name, &idn, 0); ++ if (rc) { ++ fprintf(stderr, "ping6: IDN encoding error: %s\n", ++ idna_strerror(rc)); + exit(2); + } + #else +- name = strdup(arg); +- if (!name) ++ idn = strdup(name); ++ if (!idn) + goto oomexit; + #endif + +- p = strchr(name, SCOPE_DELIMITER); ++ p = strchr(idn, SCOPE_DELIMITER); + if (p) { + *p = '\0'; + if (strlen(p + 1) >= IFNAMSIZ) { +@@ -478,19 +479,6 @@ static int niquery_option_subject_name_handler(int index, const char *arg) + } + } + +-#ifdef USE_IDN +- rc = idna_to_ascii_8z(name, &idn, 0); +- if (rc) { +- fprintf(stderr, "ping6: IDN encoding error: %s\n", +- idna_strerror(rc)); +- exit(2); +- } +-#else +- idn = strdup(name); +- if (!idn) +- goto oomexit; +-#endif +- + namelen = strlen(idn); + canonname = malloc(namelen + 1); + if (!canonname) +@@ -552,7 +540,6 @@ static int niquery_option_subject_name_handler(int index, const char *arg) + + free(canonname); + free(idn); +- free(name); + + return 0; + oomexit: +@@ -561,7 +548,6 @@ errexit: + free(buf); + free(canonname); + free(idn); +- free(name); + exit(1); + #else + fprintf(stderr, "ping6: function not available; crypto disabled\n"); +-- +2.13.6 + diff --git a/0004-ping-use-libidn2-instead-of-libidn.patch b/0004-ping-use-libidn2-instead-of-libidn.patch new file mode 100644 index 0000000..22cc373 --- /dev/null +++ b/0004-ping-use-libidn2-instead-of-libidn.patch @@ -0,0 +1,85 @@ +From fb283094c22b98d93aab8ae391ba8b499974cd70 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Mon, 14 Aug 2017 20:47:43 +0200 +Subject: [PATCH 4/4] ping: use libidn2 instead of libidn + +That is, to provide IDNA2008 support instead of IDNA2003. +See https://fedoraproject.org/wiki/Changes/IDNA2008 +for more rationale. + +That uses libidn2 idn2_lookup_ul() which is identical to +idn2_to_ascii_lz() but is available on all versions of +libidn2. + +Signed-off-by: Nikos Mavrogiannopoulos +(cherry picked from commit 665fe4d30ff8b6649454ae25e4768b2f23605332) + +Resolves: #1449149 +--- + Makefile | 2 +- + ping.h | 3 +-- + ping6_common.c | 12 ++++++++++-- + 3 files changed, 12 insertions(+), 5 deletions(-) + +diff --git a/Makefile b/Makefile +index 9f4f61f..ccaa0c3 100644 +--- a/Makefile ++++ b/Makefile +@@ -13,7 +13,7 @@ LDFLAG_CAP=-lcap + LDFLAG_GCRYPT=-lgcrypt -lgpg-error + LDFLAG_NETTLE=-lnettle + LDFLAG_CRYPTO=-lcrypto +-LDFLAG_IDN=-lidn ++LDFLAG_IDN=-lidn2 + LDFLAG_RESOLV=-lresolv + LDFLAG_SYSFS=-lsysfs + LDFLAG_RT=-lrt +diff --git a/ping.h b/ping.h +index 749f3ff..f57cd22 100644 +--- a/ping.h ++++ b/ping.h +@@ -36,8 +36,7 @@ + + #ifdef USE_IDN + #include +-#include +-#include ++#include + #define getaddrinfo_flags (AI_CANONNAME | AI_IDN | AI_CANONIDN) + #define getnameinfo_flags NI_IDN + #else +diff --git a/ping6_common.c b/ping6_common.c +index bf4777d..da37177 100644 +--- a/ping6_common.c ++++ b/ping6_common.c +@@ -435,6 +435,14 @@ static int niquery_option_subject_addr_handler(int index, const char *arg) + return 0; + } + ++#ifdef USE_IDN ++# if IDN2_VERSION_NUMBER >= 0x02000000 ++# define IDN2_FLAGS IDN2_NONTRANSITIONAL ++# else ++# define IDN2_FLAGS 0 ++# endif ++#endif ++ + static int niquery_option_subject_name_handler(int index, const char *name) + { + #ifdef USE_CRYPTO +@@ -458,10 +466,10 @@ static int niquery_option_subject_name_handler(int index, const char *name) + return -1; + + #ifdef USE_IDN +- rc = idna_to_ascii_lz(name, &idn, 0); ++ rc = idn2_lookup_ul(name, &idn, IDN2_FLAGS); + if (rc) { + fprintf(stderr, "ping6: IDN encoding error: %s\n", +- idna_strerror(rc)); ++ idn2_strerror(rc)); + exit(2); + } + #else +-- +2.13.6 + diff --git a/iputils.spec b/iputils.spec index 22428b2..a6a49e0 100644 --- a/iputils.spec +++ b/iputils.spec @@ -3,7 +3,7 @@ Summary: Network monitoring tools including ping Name: iputils Version: 20161105 -Release: 7%{?dist} +Release: 8%{?dist} # some parts are under the original BSD (ping.c) # some are under GPLv2+ (tracepath.c) License: BSD and GPLv2+ @@ -20,12 +20,16 @@ Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt Patch0: iputils-rh.patch Patch1: iputils-ifenslave.patch +Patch2: 0001-arping-tracepath-removed-unused-idna-header.patch +Patch3: 0002-traceroute6-use-getaddrinfo-IDNA-conversion.patch +Patch4: 0003-ping6-simplified-IDNA-usage.patch +Patch5: 0004-ping-use-libidn2-instead-of-libidn.patch %if ! 0%{?_module_build} BuildRequires: docbook-utils perl-SGMLSpm %endif BuildRequires: glibc-kernheaders >= 2.4-8.19 -BuildRequires: libidn-devel +BuildRequires: libidn2-devel BuildRequires: openssl-devel BuildRequires: libcap-devel Requires(post): systemd @@ -59,6 +63,10 @@ cp %{SOURCE4} %{SOURCE5} . %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build %ifarch s390 s390x @@ -166,6 +174,9 @@ mv -f RELNOTES.tmp RELNOTES %endif %changelog +* Fri Nov 24 2017 Jan Synáček - 20161105-8 +- switch to libidn2 (#1449149) + * Wed Aug 02 2017 Fedora Release Engineering - 20161105-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild