From 3f3376053060f373cf3ad72a2e3bf913e8c0c61a Mon Sep 17 00:00:00 2001 From: Chris Leech Date: Thu, 17 Sep 2020 14:34:17 -0700 Subject: [PATCH] add missing patch files --- 0001-Ignore-common-build-files.patch | 34 ++++ ...iler-issue-when-not-in-security-mode.patch | 188 ++++++++++++++++++ 0003-Do-not-ignore-write-return-value.patch | 89 +++++++++ ...-586-compile-issue-and-remove-Werror.patch | 44 ++++ ...-poll.h-instead-of-sys-poll.h-for-PO.patch | 27 +++ ...tion-without-deprecated-OpenSSL-APIs.patch | 41 ++++ ...-libisns-remove-sighold-and-sigrelse.patch | 44 ++++ 7 files changed, 467 insertions(+) create mode 100644 0001-Ignore-common-build-files.patch create mode 100644 0002-Fix-compiler-issue-when-not-in-security-mode.patch create mode 100644 0003-Do-not-ignore-write-return-value.patch create mode 100644 0004-Fix-586-compile-issue-and-remove-Werror.patch create mode 100644 0005-socket.c-include-poll.h-instead-of-sys-poll.h-for-PO.patch create mode 100644 0006-fix-compilation-without-deprecated-OpenSSL-APIs.patch create mode 100644 0007-libisns-remove-sighold-and-sigrelse.patch diff --git a/0001-Ignore-common-build-files.patch b/0001-Ignore-common-build-files.patch new file mode 100644 index 0000000..ef17f0e --- /dev/null +++ b/0001-Ignore-common-build-files.patch @@ -0,0 +1,34 @@ +From 85fab42764fb063097ab8f7fb0a843f7320be8c8 Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Tue, 28 Jan 2020 11:49:12 -0800 +Subject: [PATCH 1/7] Ignore common build files + +--- + .gitignore | 5 +++++ + include/libisns/.gitignore | 1 + + 2 files changed, 6 insertions(+) + create mode 100644 include/libisns/.gitignore + +diff --git a/.gitignore b/.gitignore +index 5da7a8b..2a0f55d 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -7,3 +7,8 @@ isnsd + isnsdd + libisns.a + libisns*.so.? ++Makefile ++config.h ++config.log ++config.status ++autom4te.cache +diff --git a/include/libisns/.gitignore b/include/libisns/.gitignore +new file mode 100644 +index 0000000..a3757fd +--- /dev/null ++++ b/include/libisns/.gitignore +@@ -0,0 +1 @@ ++paths.h +-- +2.18.1 + diff --git a/0002-Fix-compiler-issue-when-not-in-security-mode.patch b/0002-Fix-compiler-issue-when-not-in-security-mode.patch new file mode 100644 index 0000000..68bb9bb --- /dev/null +++ b/0002-Fix-compiler-issue-when-not-in-security-mode.patch @@ -0,0 +1,188 @@ +From 0543f1d02ee733d34ee109d00e7d0efd432bb37b Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Tue, 28 Jan 2020 11:49:55 -0800 +Subject: [PATCH 2/7] Fix compiler issue when not in security mode + +--- + client.c | 20 +++++++++++++------- + db-policy.c | 12 +++++++++--- + include/libisns/util.h | 1 + + isnsadm.c | 2 +- + security.c | 14 ++++++++------ + socket.c | 5 +++-- + 6 files changed, 35 insertions(+), 19 deletions(-) + +diff --git a/client.c b/client.c +index 8487877..fda26be 100644 +--- a/client.c ++++ b/client.c +@@ -122,22 +122,17 @@ isns_client_get_local_address(const isns_client_t *clnt, + /* + * Create a security context + */ ++#ifdef WITH_SECURITY + static isns_security_t * + __create_security_context(const char *name, const char *auth_key, + const char *server_key) + { +-#ifdef WITH_SECURITY + isns_security_t *ctx; + isns_principal_t *princ; +-#endif /* WITH_SECURITY */ + + if (!isns_config.ic_security) + return NULL; + +-#ifndef WITH_SECURITY +- isns_error("Cannot create security context: security disabled at build time\n"); +- return NULL; +-#else /* WITH_SECURITY */ + ctx = isns_create_dsa_context(); + if (ctx == NULL) + isns_fatal("Unable to create security context\n"); +@@ -174,8 +169,19 @@ __create_security_context(const char *name, const char *auth_key, + } + + return ctx; +-#endif /* WITH_SECURITY */ + } ++#else /* WITH_SECURITY */ ++static isns_security_t * ++__create_security_context(__attribute__((unused))const char *name, ++ __attribute__((unused))const char *auth_key, ++ __attribute__((unused))const char *server_key) ++{ ++ if (!isns_config.ic_security) ++ return NULL; ++ isns_error("Cannot create security context: security disabled at build time\n"); ++ return NULL; ++} ++#endif /* WITH_SECURITY */ + + /* + * Create the default security context +diff --git a/db-policy.c b/db-policy.c +index b1c46e2..d4a0cba 100644 +--- a/db-policy.c ++++ b/db-policy.c +@@ -52,11 +52,11 @@ __isns_db_keystore_lookup(isns_db_keystore_t *store, + /* + * Load a DSA key from the DB store + */ ++#ifdef WITH_SECURITY + static EVP_PKEY * + __isns_db_keystore_find(isns_keystore_t *store_base, + const char *name, size_t namelen) + { +-#ifdef WITH_SECURITY + isns_db_keystore_t *store = (isns_db_keystore_t *) store_base; + isns_object_t *obj; + const void *key_data; +@@ -71,10 +71,16 @@ __isns_db_keystore_find(isns_keystore_t *store_base, + return NULL; + + return isns_dsa_decode_public(key_data, key_size); +-#else ++} ++#else /* WITH_SECURITY */ ++static EVP_PKEY * ++__isns_db_keystore_find(__attribute__((unused))isns_keystore_t *store_base, ++ __attribute__((unused))const char *name, ++ __attribute__((unused))size_t namelen) ++{ + return NULL; +-#endif + } ++#endif /* WITH_SECURITY */ + + /* + * Retrieve policy from database +diff --git a/include/libisns/util.h b/include/libisns/util.h +index 4174480..e5ed037 100644 +--- a/include/libisns/util.h ++++ b/include/libisns/util.h +@@ -14,6 +14,7 @@ + #include // for strdup + #include + #include ++#include + + #define array_num_elements(a) (sizeof(a) / sizeof((a)[0])) + +diff --git a/isnsadm.c b/isnsadm.c +index 7a96007..94c705e 100644 +--- a/isnsadm.c ++++ b/isnsadm.c +@@ -1162,7 +1162,7 @@ generate_key_callback(void) + } + + isns_attr_t * +-load_key_callback(const char *pathname) ++load_key_callback(__attribute__((unused))const char *pathname) + { + isns_fatal("Authentication disabled in this build\n"); + return NULL; +diff --git a/security.c b/security.c +index 673a26e..68eb779 100644 +--- a/security.c ++++ b/security.c +@@ -408,32 +408,34 @@ isns_security_init(void) + } + + isns_keystore_t * +-isns_create_keystore(const char *spec) ++isns_create_keystore(__attribute__((unused))const char *spec) + { + isns_no_security(); + return NULL; + } + + void +-isns_security_set_keystore(isns_security_t *ctx, +- isns_keystore_t *ks) ++isns_security_set_keystore(__attribute__((unused))isns_security_t *ctx, ++ __attribute__((unused))isns_keystore_t *ks) + { + isns_no_security(); + } + + void +-isns_principal_free(isns_principal_t *peer) ++isns_principal_free(__attribute__((unused))isns_principal_t *peer) + { + } + + isns_principal_t * +-isns_get_principal(isns_security_t *ctx, const char *spi, size_t spi_len) ++isns_get_principal(__attribute__((unused))isns_security_t *ctx, ++ __attribute__((unused))const char *spi, ++ __attribute__((unused))size_t spi_len) + { + return NULL; + } + + const char * +-isns_principal_name(const isns_principal_t *princ) ++isns_principal_name(__attribute__((unused))const isns_principal_t *princ) + { + return NULL; + } +diff --git a/socket.c b/socket.c +index da9f5dc..a76d593 100644 +--- a/socket.c ++++ b/socket.c +@@ -322,8 +322,9 @@ failed: + } + #else /* WITH_SECURITY */ + static int +-isns_pdu_authenticate(isns_security_t *sec, +- struct isns_partial_msg *msg, buf_t *bp) ++isns_pdu_authenticate(__attribute__((unused))isns_security_t *sec, ++ __attribute__((unused))struct isns_partial_msg *msg, ++ __attribute__((unused))buf_t *bp) + { + return 0; + } +-- +2.18.1 + diff --git a/0003-Do-not-ignore-write-return-value.patch b/0003-Do-not-ignore-write-return-value.patch new file mode 100644 index 0000000..e743a2e --- /dev/null +++ b/0003-Do-not-ignore-write-return-value.patch @@ -0,0 +1,89 @@ +From 4c39cb09735a494099fba0474d25ff26800de952 Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Wed, 29 Jan 2020 12:47:16 -0800 +Subject: [PATCH 3/7] Do not ignore write() return value. + +Some distros set the warn_unused_result attribute for the write() +system call, so check the return value. +--- + pki.c | 37 ++++++++++++++++++++++++++++++++----- + 1 file changed, 32 insertions(+), 5 deletions(-) + +diff --git a/pki.c b/pki.c +index 486d9bb..57ea664 100644 +--- a/pki.c ++++ b/pki.c +@@ -9,12 +9,13 @@ + #include + #include + #include "config.h" ++#include ++#include + #ifdef WITH_SECURITY + #include + #include + #include + #endif +-#include + #include + #include "security.h" + #include +@@ -431,17 +432,43 @@ isns_dsa_load_params(const char *filename) + return dsa; + } + ++/* ++ * write one 'status' character to stdout ++ */ ++static void ++write_status_byte(int ch) ++{ ++ static int stdout_fd = 1; /* fileno(stdout) */ ++ char buf[2]; ++ int res; ++ ++ /* ++ * We don't actually care about the return value here, since ++ * we are just dumping a status byte to stdout, but ++ * some linux distrubutions set the warn_unused_result attribute ++ * for the write() API, so we might as well use the return value ++ * to make sure the write command isn't broken. ++ */ ++ assert(ch); ++ buf[0] = ch; ++ buf[1] = '\0'; ++ res = write(stdout_fd, buf, 1); ++ assert(res == 1); ++} ++ + static int + isns_dsa_param_gen_callback(int stage, + __attribute__((unused))int index, + __attribute__((unused))void *dummy) + { + if (stage == 0) +- write(1, "+", 1); ++ write_status_byte('+'); + else if (stage == 1) +- write(1, ".", 1); ++ write_status_byte('.'); + else if (stage == 2) +- write(1, "/", 1); ++ write_status_byte('/'); ++ ++ /* as a callback, we must return a value, so just return success */ + return 0; + } + +@@ -478,7 +505,7 @@ isns_dsa_init_params(const char *filename) + dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0, + NULL, NULL, isns_dsa_param_gen_callback, NULL); + #endif +- write(1, "\n", 1); ++ write_status_byte('\n'); + + if (dsa == NULL) { + isns_dsasig_report_errors("Error generating DSA parameters", +-- +2.18.1 + diff --git a/0004-Fix-586-compile-issue-and-remove-Werror.patch b/0004-Fix-586-compile-issue-and-remove-Werror.patch new file mode 100644 index 0000000..75777a9 --- /dev/null +++ b/0004-Fix-586-compile-issue-and-remove-Werror.patch @@ -0,0 +1,44 @@ +From 40eb9ce75518817762a0eac4a93016ab817add89 Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Sat, 1 Feb 2020 10:23:04 -0800 +Subject: [PATCH 4/7] Fix 586 compile issue and remove -Werror + +Using -Werror causes any issue to break the build, whereas +I'd rather let the build continue and address the issue. + +Also, fixed one signed-vs-unsigned compare for time_t, which +shows up only on 586 (32-bit). +--- + configure.ac | 2 +- + isnsdd.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index e4f3995..d956e58 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -17,7 +17,7 @@ AC_PATH_PROG(SH, sh) + dnl C Compiler features + AC_C_INLINE + if test "$GCC" = "yes"; then +- CFLAGS="-Wall -Werror -Wextra $CFLAGS" ++ CFLAGS="-Wall -Wextra $CFLAGS" + CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE" + fi + +diff --git a/isnsdd.c b/isnsdd.c +index 58825cc..9cedb9f 100644 +--- a/isnsdd.c ++++ b/isnsdd.c +@@ -401,7 +401,7 @@ check_portal_registration(__attribute__((unused))void *ptr) + continue; + + last_modified = isns_object_last_modified(obj); +- if (last_modified + 2 * interval > now) { ++ if ((time_t)(last_modified + 2 * interval) > now) { + good_portals++; + continue; + } +-- +2.18.1 + diff --git a/0005-socket.c-include-poll.h-instead-of-sys-poll.h-for-PO.patch b/0005-socket.c-include-poll.h-instead-of-sys-poll.h-for-PO.patch new file mode 100644 index 0000000..e2b1293 --- /dev/null +++ b/0005-socket.c-include-poll.h-instead-of-sys-poll.h-for-PO.patch @@ -0,0 +1,27 @@ +From 2e27c43228210eaa7aaabc2048c78645f319d080 Mon Sep 17 00:00:00 2001 +From: Leo +Date: Tue, 4 Feb 2020 05:42:22 +0100 +Subject: [PATCH 5/7] socket.c: include poll.h instead of sys/poll.h for POSIX + compatibility + +https://pubs.opengroup.org/onlinepubs/009695399/basedefs/poll.h.html +--- + socket.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/socket.c b/socket.c +index a76d593..432a9bd 100644 +--- a/socket.c ++++ b/socket.c +@@ -5,7 +5,7 @@ + */ + + #include +-#include ++#include + #include + #include + #include +-- +2.18.1 + diff --git a/0006-fix-compilation-without-deprecated-OpenSSL-APIs.patch b/0006-fix-compilation-without-deprecated-OpenSSL-APIs.patch new file mode 100644 index 0000000..2bfad46 --- /dev/null +++ b/0006-fix-compilation-without-deprecated-OpenSSL-APIs.patch @@ -0,0 +1,41 @@ +From 18de2f0670ede5e15a45a94ddecd4218e9267831 Mon Sep 17 00:00:00 2001 +From: Rosen Penev +Date: Wed, 22 Apr 2020 14:35:54 -0700 +Subject: [PATCH 6/7] fix compilation without deprecated OpenSSL APIs + +Needed two missing headers and a small ifdef fix. +--- + pki.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/pki.c b/pki.c +index 57ea664..00dc383 100644 +--- a/pki.c ++++ b/pki.c +@@ -15,6 +15,8 @@ + #include + #include + #include ++#include ++#include + #endif + #include + #include "security.h" +@@ -97,13 +99,11 @@ isns_create_dsa_context(void) + isns_security_t *ctx; + + if (!isns_openssl_init) { +- ERR_load_crypto_strings(); + #if OPENSSL_API_COMPAT < 0x10100000L ++ ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +-#else +- OPENSSL_init_crypto(); + #endif + isns_openssl_init = 1; + } +-- +2.18.1 + diff --git a/0007-libisns-remove-sighold-and-sigrelse.patch b/0007-libisns-remove-sighold-and-sigrelse.patch new file mode 100644 index 0000000..7063d11 --- /dev/null +++ b/0007-libisns-remove-sighold-and-sigrelse.patch @@ -0,0 +1,44 @@ +From e7dac76ce61039fefa58985c955afccb60dabe87 Mon Sep 17 00:00:00 2001 +From: Rosen Penev +Date: Wed, 29 Apr 2020 15:55:55 -0700 +Subject: [PATCH 7/7] libisns: remove sighold and sigrelse + +The man page says that these are deprecated. Use sugprocmask as a replacement. +--- + include/libisns/util.h | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/include/libisns/util.h b/include/libisns/util.h +index e5ed037..f1b97f0 100644 +--- a/include/libisns/util.h ++++ b/include/libisns/util.h +@@ -41,14 +41,22 @@ char * print_size(unsigned long); + */ + static inline void signals_hold(void) + { +- sighold(SIGTERM); +- sighold(SIGINT); ++ sigset_t s; ++ ++ sigemptyset(&s); ++ sigaddset(&s, SIGTERM); ++ sigaddset(&s, SIGINT); ++ sigprocmask(SIG_BLOCK, &s, 0); + } + + static inline void signals_release(void) + { +- sigrelse(SIGTERM); +- sigrelse(SIGINT); ++ sigset_t s; ++ ++ sigemptyset(&s); ++ sigaddset(&s, SIGTERM); ++ sigaddset(&s, SIGINT); ++ sigprocmask(SIG_UNBLOCK, &s, 0); + } + + /* +-- +2.18.1 +