import libtirpc-1.1.4-8.el8
This commit is contained in:
parent
ecda1515d8
commit
614f4b4d3f
14
SOURCES/libtirpc-1.1.4-dgcall-free.patch
Normal file
14
SOURCES/libtirpc-1.1.4-dgcall-free.patch
Normal file
@ -0,0 +1,14 @@
|
||||
diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
|
||||
--- libtirpc-1.1.4/src/clnt_dg.c.orig 2022-05-31 08:14:09.408762537 -0400
|
||||
+++ libtirpc-1.1.4/src/clnt_dg.c 2022-05-31 08:17:28.950764885 -0400
|
||||
@@ -478,9 +478,9 @@ get_reply:
|
||||
cmsg = CMSG_NXTHDR (&msg, cmsg))
|
||||
if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR)
|
||||
{
|
||||
- mem_free(cbuf, (outlen + 256));
|
||||
e = (struct sock_extended_err *) CMSG_DATA(cmsg);
|
||||
cu->cu_error.re_errno = e->ee_errno;
|
||||
+ mem_free(cbuf, (outlen + 256));
|
||||
release_fd_lock(cu->cu_fd, mask);
|
||||
return (cu->cu_error.re_status = RPC_CANTRECV);
|
||||
}
|
1230
SOURCES/libtirpc-1.1.4-multithr-cleanup.patch
Normal file
1230
SOURCES/libtirpc-1.1.4-multithr-cleanup.patch
Normal file
File diff suppressed because it is too large
Load Diff
88
SOURCES/libtirpc-1.1.4-v2proto-mech.patch
Normal file
88
SOURCES/libtirpc-1.1.4-v2proto-mech.patch
Normal file
@ -0,0 +1,88 @@
|
||||
diff -up libtirpc-1.1.4/man/rpcbind.3t.orig libtirpc-1.1.4/man/rpcbind.3t
|
||||
--- libtirpc-1.1.4/man/rpcbind.3t.orig 2018-08-27 10:06:49.000000000 -0400
|
||||
+++ libtirpc-1.1.4/man/rpcbind.3t 2022-08-02 11:21:30.134642780 -0400
|
||||
@@ -187,6 +187,8 @@ in
|
||||
.El
|
||||
.Sh AVAILABILITY
|
||||
These functions are part of libtirpc.
|
||||
+.Sh ENVIRONMENT
|
||||
+If RPCB_V2FIRST is defined, rpcbind protocol version tryout algorithm changes from v4,v2,v3 to v2,v4,v3.
|
||||
.Sh SEE ALSO
|
||||
.Xr rpc_clnt_calls 3 ,
|
||||
.Xr rpc_svc_calls 3 ,
|
||||
diff -up libtirpc-1.1.4/src/rpcb_clnt.c.orig libtirpc-1.1.4/src/rpcb_clnt.c
|
||||
--- libtirpc-1.1.4/src/rpcb_clnt.c.orig 2022-08-02 11:20:42.795833195 -0400
|
||||
+++ libtirpc-1.1.4/src/rpcb_clnt.c 2022-08-02 11:21:30.135642797 -0400
|
||||
@@ -818,7 +818,8 @@ error:
|
||||
* The algorithm used: If the transports is TCP or UDP, it first tries
|
||||
* version 4 (srv4), then 3 and then fall back to version 2 (portmap).
|
||||
* With this algorithm, we get performance as well as a plan for
|
||||
- * obsoleting version 2.
|
||||
+ * obsoleting version 2. This behaviour is reverted to old algorithm
|
||||
+ * if RPCB_V2FIRST environment var is defined
|
||||
*
|
||||
* For all other transports, the algorithm remains as 4 and then 3.
|
||||
*
|
||||
@@ -839,6 +840,10 @@ __rpcb_findaddr_timed(program, version,
|
||||
#ifdef NOTUSED
|
||||
static bool_t check_rpcbind = TRUE;
|
||||
#endif
|
||||
+
|
||||
+#ifdef PORTMAP
|
||||
+ static bool_t portmap_first = FALSE;
|
||||
+#endif
|
||||
CLIENT *client = NULL;
|
||||
RPCB parms;
|
||||
enum clnt_stat clnt_st;
|
||||
@@ -895,8 +900,18 @@ __rpcb_findaddr_timed(program, version,
|
||||
parms.r_addr = (char *) &nullstring[0];
|
||||
}
|
||||
|
||||
- /* First try from start_vers(4) and then version 3 (RPCBVERS) */
|
||||
+ /* First try from start_vers(4) and then version 3 (RPCBVERS), except
|
||||
+ * if env. var RPCB_V2FIRST is defined */
|
||||
+
|
||||
+#ifdef PORTMAP
|
||||
+ if (getenv(V2FIRST)) {
|
||||
+ portmap_first = TRUE;
|
||||
+ LIBTIRPC_DEBUG(3, ("__rpcb_findaddr_timed: trying v2-port first\n"));
|
||||
+ goto portmap;
|
||||
+ }
|
||||
+#endif
|
||||
|
||||
+rpcbind:
|
||||
CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, (char *) &rpcbrmttime);
|
||||
for (vers = start_vers; vers >= RPCBVERS; vers--) {
|
||||
/* Set the version */
|
||||
@@ -944,10 +959,17 @@ __rpcb_findaddr_timed(program, version,
|
||||
}
|
||||
|
||||
#ifdef PORTMAP /* Try version 2 for TCP or UDP */
|
||||
+ if (portmap_first)
|
||||
+ goto error; /* we tried all versions if reached here */
|
||||
+portmap:
|
||||
if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
|
||||
address = __try_protocol_version_2(program, version, nconf, host, tp);
|
||||
- if (address == NULL)
|
||||
- goto error;
|
||||
+ if (address == NULL) {
|
||||
+ if (portmap_first)
|
||||
+ goto rpcbind;
|
||||
+ else
|
||||
+ goto error;
|
||||
+ }
|
||||
}
|
||||
#endif /* PORTMAP */
|
||||
|
||||
diff -up libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig libtirpc-1.1.4/tirpc/rpc/pmap_prot.h
|
||||
--- libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig 2018-08-27 10:06:49.000000000 -0400
|
||||
+++ libtirpc-1.1.4/tirpc/rpc/pmap_prot.h 2022-08-02 11:21:30.135642797 -0400
|
||||
@@ -84,6 +84,8 @@
|
||||
#define PMAPPROC_DUMP ((u_long)4)
|
||||
#define PMAPPROC_CALLIT ((u_long)5)
|
||||
|
||||
+#define V2FIRST "RPCB_V2FIRST"
|
||||
+
|
||||
struct pmap {
|
||||
long unsigned pm_prog;
|
||||
long unsigned pm_vers;
|
@ -2,7 +2,7 @@
|
||||
|
||||
Name: libtirpc
|
||||
Version: 1.1.4
|
||||
Release: 6%{?dist}
|
||||
Release: 8%{?dist}
|
||||
Summary: Transport Independent RPC Library
|
||||
Group: System Environment/Libraries
|
||||
License: SISSL and BSD
|
||||
@ -37,6 +37,16 @@ Patch005: libtirpc-1.1.4-disallow-auth_refresh.patch
|
||||
# bz 1940341
|
||||
Patch006: libtirpc-1.1.4-dos-fix.patch
|
||||
|
||||
#
|
||||
# RHEL 8.7
|
||||
#
|
||||
# bz 2042196
|
||||
Patch007: libtirpc-1.1.4-dgcall-free.patch
|
||||
# bz 2107650
|
||||
Patch008: libtirpc-1.1.4-v2proto-mech.patch
|
||||
# bz 2112116
|
||||
Patch009: libtirpc-1.1.4-multithr-cleanup.patch
|
||||
|
||||
BuildRequires: automake, autoconf, libtool, pkgconfig
|
||||
BuildRequires: krb5-devel
|
||||
|
||||
@ -156,6 +166,13 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Wed Aug 3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
|
||||
- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
|
||||
- Multithreaded cleanup (bz 2112116)
|
||||
|
||||
* Tue May 31 2022 Steve Dickson <steved@redhat.com> 1.1.4-7
|
||||
- clnt_dg_call: Fix use-after-free accessing the error number (bz 2042196)
|
||||
|
||||
* Thu Dec 2 2021 Steve Dickson <steved@redhat.com> 1.1.4-6
|
||||
- Fix DoS vulnerability in libtirpc (bz 1940341)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user