From 86f9ffd27fdcc80ecd5d8e72664dd12810cc730e Mon Sep 17 00:00:00 2001 From: James Antill Date: Thu, 26 May 2022 10:58:13 -0400 Subject: [PATCH] Auto sync2gitlab import of libtirpc-1.1.4-6.el8.src.rpm --- .gitignore | 1 + EMPTY | 1 - libtirpc-1.1.4-blacklist.patch | 15 + libtirpc-1.1.4-covscan.patch | 151 ++++++ libtirpc-1.1.4-disallow-auth_refresh.patch | 76 +++ libtirpc-1.1.4-dos-fix.patch | 154 +++++++ libtirpc-1.1.4-dup_ncp-bad-free.patch | 51 +++ libtirpc-1.1.4-fix-EOF-non-block.patch | 68 +++ libtirpc.spec | 508 +++++++++++++++++++++ sources | 1 + 10 files changed, 1025 insertions(+), 1 deletion(-) create mode 100644 .gitignore delete mode 100644 EMPTY create mode 100644 libtirpc-1.1.4-blacklist.patch create mode 100644 libtirpc-1.1.4-covscan.patch create mode 100644 libtirpc-1.1.4-disallow-auth_refresh.patch create mode 100644 libtirpc-1.1.4-dos-fix.patch create mode 100644 libtirpc-1.1.4-dup_ncp-bad-free.patch create mode 100644 libtirpc-1.1.4-fix-EOF-non-block.patch create mode 100644 libtirpc.spec create mode 100644 sources diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..27ac4ff --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/libtirpc-1.1.4.tar.bz2 diff --git a/EMPTY b/EMPTY deleted file mode 100644 index 0519ecb..0000000 --- a/EMPTY +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/libtirpc-1.1.4-blacklist.patch b/libtirpc-1.1.4-blacklist.patch new file mode 100644 index 0000000..cc41a9e --- /dev/null +++ b/libtirpc-1.1.4-blacklist.patch @@ -0,0 +1,15 @@ +diff -up libtirpc-1.1.4/doc/bindresvport.blacklist.save libtirpc-1.1.4/doc/bindresvport.blacklist +--- libtirpc-1.1.4/doc/bindresvport.blacklist.save 2021-04-17 13:04:20.092274589 -0400 ++++ libtirpc-1.1.4/doc/bindresvport.blacklist 2021-04-17 13:04:45.609945925 -0400 +@@ -8,6 +8,11 @@ + 631 # cups + 636 # ldaps + 664 # Secure ASF, used by IPMI on some cards ++749 # Kerberos V kadmin ++774 # rpasswd ++873 # rsyncd + 921 # lwresd ++992 # SSL-enabled telnet + 993 # imaps ++994 # irc + 995 # pops diff --git a/libtirpc-1.1.4-covscan.patch b/libtirpc-1.1.4-covscan.patch new file mode 100644 index 0000000..63484ab --- /dev/null +++ b/libtirpc-1.1.4-covscan.patch @@ -0,0 +1,151 @@ +diff --git a/src/auth_gss.c b/src/auth_gss.c +index 5959893..7d08262 100644 +--- a/src/auth_gss.c ++++ b/src/auth_gss.c +@@ -207,6 +207,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec) + rpc_createerr.cf_stat = RPC_SYSTEMERROR; + rpc_createerr.cf_error.re_errno = ENOMEM; + free(auth); ++ free(gd); + return (NULL); + } + } +@@ -592,7 +593,7 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret) + if (rpc_gss_oid_to_mech(actual_mech_type, &mechanism)) { + strncpy(options_ret->actual_mechanism, + mechanism, +- sizeof(options_ret->actual_mechanism)); ++ (sizeof(options_ret->actual_mechanism)-1)); + } + + gd->established = TRUE; +diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c +index 98cf061..2ad6c89 100644 +--- a/src/clnt_bcast.c ++++ b/src/clnt_bcast.c +@@ -330,6 +330,7 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp, + if (nettype == NULL) + nettype = "datagram_n"; + if ((handle = __rpc_setconf(nettype)) == NULL) { ++ AUTH_DESTROY(sys_auth); + return (RPC_UNKNOWNPROTO); + } + while ((nconf = __rpc_getconf(handle)) != NULL) { +diff --git a/src/getnetconfig.c b/src/getnetconfig.c +index 92e7c43..d67d97d 100644 +--- a/src/getnetconfig.c ++++ b/src/getnetconfig.c +@@ -709,6 +709,8 @@ struct netconfig *ncp; + p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *)); + if (p->nc_lookups == NULL) { + free(p->nc_netid); ++ free(p); ++ free(tmp); + return(NULL); + } + for (i=0; i < p->nc_nlookups; i++) { +diff --git a/src/getnetpath.c b/src/getnetpath.c +index 7c19932..ea1a18c 100644 +--- a/src/getnetpath.c ++++ b/src/getnetpath.c +@@ -88,6 +88,7 @@ setnetpath() + } + if ((np_sessionp->nc_handlep = setnetconfig()) == NULL) { + syslog (LOG_ERR, "rpc: failed to open " NETCONFIG); ++ free(np_sessionp); + return (NULL); + } + np_sessionp->valid = NP_VALID; +diff --git a/src/rpc_generic.c b/src/rpc_generic.c +index 589cbd5..51f36ac 100644 +--- a/src/rpc_generic.c ++++ b/src/rpc_generic.c +@@ -319,6 +319,7 @@ __rpc_setconf(nettype) + handle->nflag = FALSE; + break; + default: ++ free(handle); + return (NULL); + } + +diff --git a/src/rpc_soc.c b/src/rpc_soc.c +index 5a6eeb7..a85cb17 100644 +--- a/src/rpc_soc.c ++++ b/src/rpc_soc.c +@@ -663,15 +663,17 @@ svcunix_create(sock, sendsize, recvsize, path) + strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) + break; + } +- if (nconf == NULL) ++ if (nconf == NULL) { ++ endnetconfig(localhandle); + return(xprt); ++ } + + if ((sock = __rpc_nconf2fd(nconf)) < 0) + goto done; + + memset(&sun, 0, sizeof sun); + sun.sun_family = AF_LOCAL; +- strncpy(sun.sun_path, path, sizeof(sun.sun_path)); ++ strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1)); + addrlen = sizeof(struct sockaddr_un); + sa = (struct sockaddr *)&sun; + +@@ -692,6 +694,8 @@ svcunix_create(sock, sendsize, recvsize, path) + } + + xprt = (SVCXPRT *)svc_tli_create(sock, nconf, &taddr, sendsize, recvsize); ++ if (xprt == NULL) ++ close(sock); + + done: + endnetconfig(localhandle); +diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c +index e45736a..0c34cb7 100644 +--- a/src/rpcb_clnt.c ++++ b/src/rpcb_clnt.c +@@ -547,6 +547,7 @@ try_nconf: + if (tmpnconf == NULL) { + rpc_createerr.cf_stat = RPC_UNKNOWNPROTO; + mutex_unlock(&loopnconf_lock); ++ endnetconfig(nc_handle); + return (NULL); + } + loopnconf = getnetconfigent(tmpnconf->nc_netid); +diff --git a/src/rtime.c b/src/rtime.c +index b642840..29fbf0a 100644 +--- a/src/rtime.c ++++ b/src/rtime.c +@@ -90,6 +90,7 @@ rtime(addrp, timep, timeout) + + /* TCP and UDP port are the same in this case */ + if ((serv = getservbyname("time", "tcp")) == NULL) { ++ do_close(s); + return(-1); + } + +diff --git a/src/svc_generic.c b/src/svc_generic.c +index 52a56c2..20abaa2 100644 +--- a/src/svc_generic.c ++++ b/src/svc_generic.c +@@ -113,6 +113,7 @@ svc_create(dispatch, prognum, versnum, nettype) + if (l == NULL) { + warnx("svc_create: no memory"); + mutex_unlock(&xprtlist_lock); ++ __rpc_endconf(handle); + return (0); + } + l->xprt = xprt; +diff --git a/src/svc_simple.c b/src/svc_simple.c +index cb58002..c32fe0a 100644 +--- a/src/svc_simple.c ++++ b/src/svc_simple.c +@@ -157,6 +157,7 @@ rpc_reg(prognum, versnum, procnum, progname, inproc, outproc, nettype) + ((netid = strdup(nconf->nc_netid)) == NULL)) { + warnx(rpc_reg_err, rpc_reg_msg, __no_mem_str); + SVC_DESTROY(svcxprt); ++ free(xdrbuf); + break; + } + madenow = TRUE; diff --git a/libtirpc-1.1.4-disallow-auth_refresh.patch b/libtirpc-1.1.4-disallow-auth_refresh.patch new file mode 100644 index 0000000..edf7466 --- /dev/null +++ b/libtirpc-1.1.4-disallow-auth_refresh.patch @@ -0,0 +1,76 @@ +diff -up libtirpc-1.1.4/src/auth_gss.c.orig libtirpc-1.1.4/src/auth_gss.c +--- libtirpc-1.1.4/src/auth_gss.c.orig 2021-04-17 13:11:03.229880600 -0400 ++++ libtirpc-1.1.4/src/auth_gss.c 2021-04-17 13:15:10.722391798 -0400 +@@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int + rpc_gss_clear_error(); + return result; + } ++ ++bool_t ++is_authgss_client(CLIENT *clnt) ++{ ++ return (clnt->cl_auth->ah_ops == &authgss_ops); ++} +diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c +--- libtirpc-1.1.4/src/clnt_dg.c.orig 2018-08-27 10:06:49.000000000 -0400 ++++ libtirpc-1.1.4/src/clnt_dg.c 2021-04-17 13:15:10.722391798 -0400 +@@ -60,6 +60,9 @@ + #include + #endif + ++#ifdef HAVE_RPCSEC_GSS ++#include ++#endif + + #define MAX_DEFAULT_FDS 20000 + +@@ -356,6 +359,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xre + salen = cu->cu_rlen; + } + ++#ifdef HAVE_RPCSEC_GSS ++ if (is_authgss_client(cl)) ++ nrefreshes = 0; ++#endif ++ + /* Clean up in case the last call ended in a longjmp(3) call. */ + call_again: + xdrs = &(cu->cu_outxdrs); +diff -up libtirpc-1.1.4/src/clnt_vc.c.orig libtirpc-1.1.4/src/clnt_vc.c +--- libtirpc-1.1.4/src/clnt_vc.c.orig 2018-08-27 10:06:49.000000000 -0400 ++++ libtirpc-1.1.4/src/clnt_vc.c 2021-04-17 13:15:10.723391824 -0400 +@@ -68,6 +68,10 @@ + #include + #include "rpc_com.h" + ++#ifdef HAVE_RPCSEC_GSS ++#include ++#endif ++ + #define MCALL_MSG_SIZE 24 + + #define CMGROUP_MAX 16 +@@ -380,6 +384,11 @@ clnt_vc_call(cl, proc, xdr_args, args_pt + (xdr_results == NULL && timeout.tv_sec == 0 + && timeout.tv_usec == 0) ? FALSE : TRUE; + ++#ifdef HAVE_RPCSEC_GSS ++ if (is_authgss_client(cl)) ++ refreshes = 0; ++#endif ++ + call_again: + xdrs->x_op = XDR_ENCODE; + ct->ct_error.re_status = RPC_SUCCESS; +diff -up libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig libtirpc-1.1.4/tirpc/rpc/auth_gss.h +--- libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig 2018-08-27 10:06:49.000000000 -0400 ++++ libtirpc-1.1.4/tirpc/rpc/auth_gss.h 2021-04-17 13:15:10.723391824 -0400 +@@ -120,6 +120,8 @@ void gss_log_debug (const char *fmt, .. + void gss_log_status (char *m, OM_uint32 major, OM_uint32 minor); + void gss_log_hexdump (const u_char *buf, int len, int offset); + ++bool_t is_authgss_client (CLIENT *); ++ + #ifdef __cplusplus + } + #endif diff --git a/libtirpc-1.1.4-dos-fix.patch b/libtirpc-1.1.4-dos-fix.patch new file mode 100644 index 0000000..4b2c8eb --- /dev/null +++ b/libtirpc-1.1.4-dos-fix.patch @@ -0,0 +1,154 @@ +diff --git a/src/rpc_com.h b/src/rpc_com.h +index 10bec79..76badef 100644 +--- a/src/rpc_com.h ++++ b/src/rpc_com.h +@@ -61,8 +61,7 @@ void __xprt_unregister_unlocked(SVCXPRT *); + void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *); + + +-SVCXPRT **__svc_xports; +-int __svc_maxrec; ++extern int __svc_maxrec; + + #ifdef __cplusplus + } +diff --git a/src/svc.c b/src/svc.c +index b59467b..3a8709f 100644 +--- a/src/svc.c ++++ b/src/svc.c +@@ -57,6 +57,9 @@ + + #define max(a, b) (a > b ? a : b) + ++SVCXPRT **__svc_xports; ++int __svc_maxrec; ++ + /* + * The services list + * Each entry represents a set of procedures (an rpc program). +@@ -191,6 +194,21 @@ __xprt_do_unregister (xprt, dolock) + rwlock_unlock (&svc_fd_lock); + } + ++int ++svc_open_fds() ++{ ++ int ix; ++ int nfds = 0; ++ ++ rwlock_rdlock (&svc_fd_lock); ++ for (ix = 0; ix < svc_max_pollfd; ++ix) { ++ if (svc_pollfd[ix].fd != -1) ++ nfds++; ++ } ++ rwlock_unlock (&svc_fd_lock); ++ return (nfds); ++} ++ + /* + * Add a service program to the callout list. + * The dispatch routine will be called when a rpc request for this +diff --git a/src/svc_vc.c b/src/svc_vc.c +index c23cd36..1729963 100644 +--- a/src/svc_vc.c ++++ b/src/svc_vc.c +@@ -64,6 +64,8 @@ + + + extern rwlock_t svc_fd_lock; ++extern SVCXPRT **__svc_xports; ++extern int svc_open_fds(); + + static SVCXPRT *makefd_xprt(int, u_int, u_int); + static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *); +@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *); + static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); + static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, + void *in); ++static int __svc_destroy_idle(int timeout); + + struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */ + u_int sendsize; +@@ -312,13 +315,14 @@ done: + return (xprt); + } + ++ + /*ARGSUSED*/ + static bool_t + rendezvous_request(xprt, msg) + SVCXPRT *xprt; + struct rpc_msg *msg; + { +- int sock, flags; ++ int sock, flags, nfds, cnt; + struct cf_rendezvous *r; + struct cf_conn *cd; + struct sockaddr_storage addr; +@@ -378,6 +382,16 @@ again: + + gettimeofday(&cd->last_recv_time, NULL); + ++ nfds = svc_open_fds(); ++ if (nfds >= (_rpc_dtablesize() / 5) * 4) { ++ /* destroy idle connections */ ++ cnt = __svc_destroy_idle(15); ++ if (cnt == 0) { ++ /* destroy least active */ ++ __svc_destroy_idle(0); ++ } ++ } ++ + return (FALSE); /* there is never an rpc msg to be processed */ + } + +@@ -819,3 +833,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock) + { + return FALSE; + } ++ ++static int ++__svc_destroy_idle(int timeout) ++{ ++ int i, ncleaned = 0; ++ SVCXPRT *xprt, *least_active; ++ struct timeval tv, tdiff, tmax; ++ struct cf_conn *cd; ++ ++ gettimeofday(&tv, NULL); ++ tmax.tv_sec = tmax.tv_usec = 0; ++ least_active = NULL; ++ rwlock_wrlock(&svc_fd_lock); ++ ++ for (i = 0; i <= svc_max_pollfd; i++) { ++ if (svc_pollfd[i].fd == -1) ++ continue; ++ xprt = __svc_xports[i]; ++ if (xprt == NULL || xprt->xp_ops == NULL || ++ xprt->xp_ops->xp_recv != svc_vc_recv) ++ continue; ++ cd = (struct cf_conn *)xprt->xp_p1; ++ if (!cd->nonblock) ++ continue; ++ if (timeout == 0) { ++ timersub(&tv, &cd->last_recv_time, &tdiff); ++ if (timercmp(&tdiff, &tmax, >)) { ++ tmax = tdiff; ++ least_active = xprt; ++ } ++ continue; ++ } ++ if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) { ++ __xprt_unregister_unlocked(xprt); ++ __svc_vc_dodestroy(xprt); ++ ncleaned++; ++ } ++ } ++ if (timeout == 0 && least_active != NULL) { ++ __xprt_unregister_unlocked(least_active); ++ __svc_vc_dodestroy(least_active); ++ ncleaned++; ++ } ++ rwlock_unlock(&svc_fd_lock); ++ return (ncleaned); ++} diff --git a/libtirpc-1.1.4-dup_ncp-bad-free.patch b/libtirpc-1.1.4-dup_ncp-bad-free.patch new file mode 100644 index 0000000..0c71fb4 --- /dev/null +++ b/libtirpc-1.1.4-dup_ncp-bad-free.patch @@ -0,0 +1,51 @@ +commit 959b2001458bca8f9228014371aad6ccbeb95a68 +Author: Zhi Li +Date: Wed Sep 26 14:05:29 2018 -0400 + + getnetconfig.c: fix a BAD_FREE (CWE-763) + + Signed-off-by: Steve Dickson + +diff --git a/src/getnetconfig.c b/src/getnetconfig.c +index d67d97d..cfd33c2 100644 +--- a/src/getnetconfig.c ++++ b/src/getnetconfig.c +@@ -681,6 +681,7 @@ struct netconfig *ncp; + { + struct netconfig *p; + char *tmp; ++ char *t; + u_int i; + + if ((tmp=malloc(MAXNETCONFIGLINE)) == NULL) +@@ -700,22 +701,21 @@ struct netconfig *ncp; + */ + *p = *ncp; + p->nc_netid = (char *)strcpy(tmp,ncp->nc_netid); +- tmp = strchr(tmp, 0) + 1; +- p->nc_protofmly = (char *)strcpy(tmp,ncp->nc_protofmly); +- tmp = strchr(tmp, 0) + 1; +- p->nc_proto = (char *)strcpy(tmp,ncp->nc_proto); +- tmp = strchr(tmp, 0) + 1; +- p->nc_device = (char *)strcpy(tmp,ncp->nc_device); ++ t = strchr(tmp, 0) + 1; ++ p->nc_protofmly = (char *)strcpy(t,ncp->nc_protofmly); ++ t = strchr(t, 0) + 1; ++ p->nc_proto = (char *)strcpy(t,ncp->nc_proto); ++ t = strchr(t, 0) + 1; ++ p->nc_device = (char *)strcpy(t,ncp->nc_device); + p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *)); + if (p->nc_lookups == NULL) { +- free(p->nc_netid); + free(p); + free(tmp); + return(NULL); + } + for (i=0; i < p->nc_nlookups; i++) { +- tmp = strchr(tmp, 0) + 1; +- p->nc_lookups[i] = (char *)strcpy(tmp,ncp->nc_lookups[i]); ++ t = strchr(t, 0) + 1; ++ p->nc_lookups[i] = (char *)strcpy(t,ncp->nc_lookups[i]); + } + return(p); + } diff --git a/libtirpc-1.1.4-fix-EOF-non-block.patch b/libtirpc-1.1.4-fix-EOF-non-block.patch new file mode 100644 index 0000000..ca91776 --- /dev/null +++ b/libtirpc-1.1.4-fix-EOF-non-block.patch @@ -0,0 +1,68 @@ +diff -up libtirpc-1.1.4/src/svc_vc.c.orig libtirpc-1.1.4/src/svc_vc.c +--- libtirpc-1.1.4/src/svc_vc.c.orig 2018-08-27 10:06:49.000000000 -0400 ++++ libtirpc-1.1.4/src/svc_vc.c 2019-07-24 11:51:32.191485387 -0400 +@@ -502,9 +502,14 @@ read_vc(xprtp, buf, len) + cfp = (struct cf_conn *)xprt->xp_p1; + + if (cfp->nonblock) { ++ /* Since len == 0 is returned on zero length ++ * read or EOF errno needs to be reset before ++ * the read ++ */ ++ errno = 0; + len = read(sock, buf, (size_t)len); + if (len < 0) { +- if (errno == EAGAIN) ++ if (errno == EAGAIN || errno == EWOULDBLOCK) + len = 0; + else + goto fatal_err; +diff -up libtirpc-1.1.4/src/xdr_rec.c.orig libtirpc-1.1.4/src/xdr_rec.c +--- libtirpc-1.1.4/src/xdr_rec.c.orig 2018-08-27 10:06:49.000000000 -0400 ++++ libtirpc-1.1.4/src/xdr_rec.c 2019-07-24 11:51:32.191485387 -0400 +@@ -61,6 +61,7 @@ + #include + #include + #include ++#include + #include "rpc_com.h" + static bool_t xdrrec_getlong(XDR *, long *); + static bool_t xdrrec_putlong(XDR *, const long *); +@@ -537,7 +538,13 @@ __xdrrec_getrec(xdrs, statp, expectdata) + n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp, + (int)sizeof (rstrm->in_header) - rstrm->in_hdrlen); + if (n == 0) { +- *statp = expectdata ? XPRT_DIED : XPRT_IDLE; ++ /* EAGAIN or EWOULDBLOCK means a zero length ++ * read not an EOF. ++ */ ++ if (errno == EAGAIN || errno == EWOULDBLOCK) ++ *statp = XPRT_IDLE; ++ else ++ *statp = expectdata ? XPRT_DIED : XPRT_IDLE; + return FALSE; + } + if (n < 0) { +@@ -564,6 +571,7 @@ __xdrrec_getrec(xdrs, statp, expectdata) + rstrm->in_header &= ~LAST_FRAG; + rstrm->last_frag = TRUE; + } ++ rstrm->in_haveheader = 1; + } + + n = rstrm->readit(rstrm->tcp_handle, +@@ -576,7 +584,13 @@ __xdrrec_getrec(xdrs, statp, expectdata) + } + + if (n == 0) { +- *statp = expectdata ? XPRT_DIED : XPRT_IDLE; ++ /* EAGAIN or EWOULDBLOCK means a zero length ++ * read not an EOF. ++ */ ++ if (errno == EAGAIN || errno == EWOULDBLOCK) ++ *statp = XPRT_IDLE; ++ else ++ *statp = expectdata ? XPRT_DIED : XPRT_IDLE; + return FALSE; + } + diff --git a/libtirpc.spec b/libtirpc.spec new file mode 100644 index 0000000..ff7f46c --- /dev/null +++ b/libtirpc.spec @@ -0,0 +1,508 @@ +%define _root_libdir /%{_lib} + +Name: libtirpc +Version: 1.1.4 +Release: 6%{?dist} +Summary: Transport Independent RPC Library +Group: System Environment/Libraries +License: SISSL and BSD +URL: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary +Source0: http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2 + +# +# RHEL 8.0 +# +# bz 1602598 +Patch001: libtirpc-1.1.4-covscan.patch +# bz 1631614 +Patch002: libtirpc-1.1.4-dup_ncp-bad-free.patch + +# +# RHEL 8.1 +# +# bz 1641875 +Patch003: libtirpc-1.1.4-fix-EOF-non-block.patch + +# +# RHEL 8.5 +# +# bz 1854147 +Patch004: libtirpc-1.1.4-blacklist.patch +# bz 1934866 +Patch005: libtirpc-1.1.4-disallow-auth_refresh.patch + +# +# RHEL 8.6 +# +# bz 1940341 +Patch006: libtirpc-1.1.4-dos-fix.patch + +BuildRequires: automake, autoconf, libtool, pkgconfig +BuildRequires: krb5-devel + +%description +This package contains SunLib's implementation of transport-independent +RPC (TI-RPC) documentation. This library forms a piece of the base of +Open Network Computing (ONC), and is derived directly from the +Solaris 2.3 source. + +TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V +Transport Layer Interface (TLI) or an equivalent X/Open Transport Interface +(XTI). TI-RPC is on-the-wire compatible with the TS-RPC, which is supported +by almost 70 vendors on all major operating systems. TS-RPC source code +(RPCSRC 4.0) remains available from several internet sites. + +%package devel +Summary: Development files for the libtirpc library +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: pkgconfig man-db + +%description devel +This package includes header files and libraries necessary for +developing programs which use the tirpc library. + + +%prep +%autosetup -p1 + +# Remove .orig files +find . -name "*.orig" | xargs rm -f + +%build +sh autogen.sh +autoreconf -fisv +%configure +make all + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/etc +mkdir -p %{buildroot}%{_root_libdir} +mkdir -p %{buildroot}%{_libdir}/pkgconfig +make install DESTDIR=%{buildroot} \ + libdir=%{_root_libdir} pkgconfigdir=%{_libdir}/pkgconfig +# Don't package .a or .la files +rm -f %{buildroot}%{_root_libdir}/*.{a,la} + +# Creat the man diretory +mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%post devel +# Register the new man section +#if [ "$1" -eq 1 ]; then +# makewhatis -s 3t +#fi + +%postun devel +# Remove the existance of the man section +#makewhatis -s 3t + + +%files +%defattr(-,root,root) +%doc AUTHORS ChangeLog NEWS README +%{_root_libdir}/libtirpc.so.* +%config(noreplace)%{_sysconfdir}/netconfig +%config(noreplace)%{_sysconfdir}/bindresvport.blacklist + +%files devel +%defattr(0644,root,root,755) +%{!?_licensedir:%global license %%doc} +%license COPYING +%dir %{_includedir}/tirpc +%dir %{_includedir}/tirpc/rpc +%dir %{_includedir}/tirpc/rpcsvc +%{_root_libdir}/libtirpc.so +%{_libdir}/pkgconfig/libtirpc.pc +%{_includedir}/tirpc/netconfig.h +%{_includedir}/tirpc/rpc/auth.h +%{_includedir}/tirpc/rpc/auth_des.h +%{_includedir}/tirpc/rpc/auth_gss.h +%{_includedir}/tirpc/rpc/auth_unix.h +%{_includedir}/tirpc/rpc/des.h +%{_includedir}/tirpc/rpc/des_crypt.h +%{_includedir}/tirpc/rpc/rpcsec_gss.h +%{_includedir}/tirpc/rpc/clnt.h +%{_includedir}/tirpc/rpc/clnt_soc.h +%{_includedir}/tirpc/rpc/clnt_stat.h +%{_includedir}/tirpc/rpc/key_prot.h +%{_includedir}/tirpc/rpc/nettype.h +%{_includedir}/tirpc/rpc/pmap_clnt.h +%{_includedir}/tirpc/rpc/pmap_prot.h +%{_includedir}/tirpc/rpc/pmap_rmt.h +%{_includedir}/tirpc/rpc/raw.h +%{_includedir}/tirpc/rpc/rpc.h +%{_includedir}/tirpc/rpc/rpc_com.h +%{_includedir}/tirpc/rpc/rpc_msg.h +%{_includedir}/tirpc/rpc/rpcb_clnt.h +%{_includedir}/tirpc/rpc/rpcb_prot.h +%{_includedir}/tirpc/rpc/rpcb_prot.x +%{_includedir}/tirpc/rpc/rpcent.h +%{_includedir}/tirpc/rpc/svc.h +%{_includedir}/tirpc/rpc/svc_auth.h +%{_includedir}/tirpc/rpc/svc_auth_gss.h +%{_includedir}/tirpc/rpc/svc_dg.h +%{_includedir}/tirpc/rpc/svc_mt.h +%{_includedir}/tirpc/rpc/svc_soc.h +%{_includedir}/tirpc/rpc/types.h +%{_includedir}/tirpc/rpc/xdr.h +%{_includedir}/tirpc/rpcsvc/crypt.h +%{_includedir}/tirpc/rpcsvc/crypt.x +%{_mandir}/*/* + +%changelog +* Thu Dec 2 2021 Steve Dickson 1.1.4-6 +- Fix DoS vulnerability in libtirpc (bz 1940341) + +* Sat Apr 17 2021 Steve Dickson 1.1.4-5 +- blacklist: Add a few more well known ports (bz 1854147) +- Disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1934866) + +* Wed Jul 24 2019 Steve Dickson 1.1.4-4 +- Enable gating using reverse dependency testing of nfs-utils (bz 1681965) +- Updated the URL (bz 1638671) +- Fix EOF detection on non-blocking socket (bz 1641875) + +* Sat Oct 6 2018 Steve Dickson 1.1.4-3 +- Fixed bad free in dup_ncp() (bz 1631614) + +* Fri Sep 14 2018 Steve Dickson 1.1.4-2 +- Removed a false positive from the covscan (bz 1602598) + +* Tue Sep 11 2018 Steve Dickson 1.1.4-1 +- Fixed issues found by covscan (bz 1602598) + +* Fri Sep 7 2018 Steve Dickson 1.1.4-0 +- Updated to latest upstream release: libtirpc-1-1-4 (bz 1585558) + +* Wed Apr 18 2018 Steve Dickson 1.0.3-1.rc1 +- Updated to latest upstream RC release: libtirpc-1-0-4-rc1 + +* Thu Apr 12 2018 Steve Dickson 1.0.3-1 +- Restore the use of reserve ports in clnt_create (bz 1562169) + +* Wed Mar 14 2018 Steve Dickson 1.0.3-0 +- Update to latest upstream release: libtirpc-1-0-3 + +* Tue Mar 6 2018 Steve Dickson 1.0.2-6.rc2 +- clnt_dg_call: Change the memory allocation + +* Thu Mar 1 2018 Steve Dickson 1.0.2-5.rc2 +- Update to latest upstream RC release: libtirpc-1-0-3-rc2 (bz 1337142) + +* Wed Feb 07 2018 Fedora Release Engineering - 1.0.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Nov 14 2017 Steve Dickson 1.0.2-4 +- Update to latest upstream RC release: libtirpc-1-0-3-rc1 + +* Tue Aug 22 2017 Petr abata - 1.0.2-3 +- Fixing the FTBFS on behalf of Rafael Fonseca (rhbz#1482063) + +* Thu Aug 03 2017 Fedora Release Engineering - 1.0.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.0.2-1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jul 5 2017 Steve Dickson 1.0.2 +- Updated to the latest upstream release: 1.0.2 + +* Mon May 15 2017 Steve Dickson 1.0.1-4.rc3 +- Fix for CVE-2017-8779 (bz 1448127) + +* Fri Feb 10 2017 Fedora Release Engineering - 1.0.1-3.rc3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Apr 4 2016 Steve Dickson 1.0.1-3.rc3 +- Updated to latest upstream RC release: libtirpc-1-0-2-rc3 + +* Thu Mar 3 2016 Steve Dickson 1.0.1-2.rc2 +- Updated to latest upstream RC release: libtirpc-1-0-2-rc2 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.0.1-1.rc1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Nov 16 2015 Steve Dickson 1.0.1-1.rc1 +- Updated to latest upstream RC release: libtirpc-1-0-2-rc1 (bz 1282463) + +* Wed Nov 4 2015 Steve Dickson 1.0.1-1 +- Add missing rwlock_unlocks in xprt_register (bz 1278149) + +* Fri Oct 30 2015 Steve Dickson 1.0.1-0.1 +- Updated to latest upstream release: libtirpc-1-0-1 + +* Fri Aug 28 2015 Steve Dickson 0.3.2-3.0 +- Updated to latest upstream release: libtirpc-0-3-3-rc3 + +* Fri Jul 10 2015 Steve Dickson 0.3.2-2.0 +- Updated to latest upstream release: libtirpc-0-3-3-rc2 + +* Fri Jun 26 2015 Steve Dickson 0.3.2-1.0 +- Updated to latest upstream release: libtirpc-0-3-3-rc1 + +* Thu Jun 18 2015 Steve Dickson 0.3.2-0.1 +- Added back __rpc_get_default_domain() + +* Fri Jun 12 2015 Steve Dickson 0.3.2-0.0 +- Updated to latest upstream release: libtirpc-0-3-2 + +* Mon Jun 1 2015 Steve Dickson 0.3.1-0.0 +- Updated to latest upstream release: libtirpc-0-3-1 + +* Thu May 7 2015 Steve Dickson 0.3.0-0.0 +- Updated to latest upstream release: libtirpc-0-3-0 + +* Thu Apr 23 2015 Steve Dickson 0.2.5-3.0 +- Update to latest RC release: libtirpc-0-2-6-rc3 + +* Tue Dec 16 2014 Tom Callaway 0.2.5-2.1 +- minor spec cleanups, add license texts + +* Tue Dec 16 2014 Steve Dickson 0.2.5-1.0 +- Update to latest RC release: libtirpc-0-2-6-rc2 + +* Tue Nov 11 2014 Steve Dickson 0.2.5-1.0 +- Update to latest RC release: libtirpc-0-2-6-rc1 (bz 1162711) + +* Sun Aug 17 2014 Fedora Release Engineering - 0.2.5-0.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Aug 8 2014 Steve Dickson 0.2.5-0.0 +- Update to latest upstream release: libtirpc-0.2.5 + +* Sat Jun 07 2014 Fedora Release Engineering - 0.2.4-4.0 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu May 29 2014 Steve Dickson 0.2.4-3.0 +- Update to latest RC release: libtirpc-0-2-5-rc3 + +* Thu Jan 23 2014 Steve Dickson 0.2.4-1.0 +- Update to latest RC release: libtirpc-0-2-5-rc1 + +* Mon Dec 9 2013 Steve Dickson 0.2.4-0 +- Update to the latest upstream release: 0.2.4 (bz 862318) + +* Mon Nov 25 2013 Steve Dickson 0.2.3-5 +- Update to latest RC release: libtirpc-0-2-4-rc3 (bz 1034438) + +* Sat Aug 03 2013 Fedora Release Engineering - 0.2.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 1 2013 Steve Dickson 0.2.3-3 +- Update to latest RC release: libtirpc-0-2-4-rc2 + +* Mon Apr 22 2013 Steve Dickson 0.2.3-2 +- Update to latest RC release: libtirpc-0-2-4-rc1 (bz 948378) + +* Thu Apr 11 2013 Guenther Deschner 0.2.3-1 +- Removed libgssglue dependency (patch from master) + +* Wed Feb 13 2013 Steve Dickson 0.2.3-0 +- Updated to latest upstream release: 0.2.3 + +* Tue Nov 13 2012 Steve Dickson 0.2.1-43 +- Updated to latest upstream RC release: 0.2.3-rc4 + +* Thu Jul 19 2012 Fedora Release Engineering - 0.2.2-42 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Thu Apr 26 2012 Steve Dickson 0.2.1-4.1 +- Updated to latest upstream RC release: libtirpc-0.2.3-rc3 + +* Mon Mar 19 2012 Steve Dickson 0.2.1-3.1 +- Fixed the install path in doc/Makefile.am + +* Fri Jan 13 2012 Fedora Release Engineering - 0.2.2-2.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Wed Jul 20 2011 Steve Dickson 0.2.1-1.1 +- Fixed segfault in SVCAUTH_WRAP call (bz 722594) + +* Tue Jun 21 2011 Steve Dickson 0.2.1-1 +- Updated to latest upstream version: 0.2.3-rc1 + +* Mon May 2 2011 Steve Dickson 0.2.1-0 +- Updated to latest upstream version: 0.2.2 + +* Tue Apr 12 2011 Karsten Hopp 0.2.1-7.1 +- replace Requires(devel) with a simple Requires as the new rpm + aborts otherwise with "Bad Requireflags: qualifiers: Requires(devel)" + +* Tue Feb 08 2011 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Dec 2 2010 Steve Dickson 0.2.1-6 +- Moved the libraries from /usr/lib to /lib + +* Mon Aug 30 2010 Steve Dickson 0.2.1-5 +- Relicense these SISSL files to 3 clause BSD +- Fixed last remaining BSD license issues + +* Fri Jul 16 2010 Steve Dickson 0.2.1-4 +- Add back SISSL license attribution + +* Fri Jul 09 2010 Mike McGrath 0.2.1-3.1 +- Rebuild to fix broken man dep s/man/man-db/ + +* Tue May 18 2010 Steve Dickson 0.2.1-3 +- Updated to latest RC release: libtirpc-0-2-2-rc2 [bz 519430] + +* Mon Mar 22 2010 Steve Dickson 0.2.1-2 +- Updated to latest RC release: libtirpc-0-2-2-rc1 + +* Mon Nov 30 2009 Steve Dickson 0.2.1-1 +- Updated to latest upstream version: 0.2.1 + +* Sat Jul 25 2009 Fedora Release Engineering - 0.2.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Jul 9 2009 Steve Dickson 0.2.0-3 +- Updated to latest upstream tag: 0-2-1-rc3 + Fixed the --disable-gss options + Fixed a number of warnings + Change how architectures are define in xdr_float.c + +* Mon Jun 29 2009 Steve Dickson 0.2.0-2 +- Updated to latest upstream tag: 0-2-1-rc2 + rpcb_clnt: RPC_PROGNOTREGISTERED is a permanent error + clnt_dg: Fix infinite loop when datagram call times ou + Updated .gitignore file + Replace the hard coded path name with the top_srcdir macrc + Added 'doc' to the SUBDIRS list so make install work correctly. + +* Fri May 29 2009 Steve Dickson 0.2.0-1 +- Updated to latest upstream version: 0.2.0 + +* Tue May 19 2009 Tom "spot" Callaway 0.1.11-3 +- Replace the Sun RPC license with the BSD license, with the explicit permission of Sun Microsystems + +* Mon Apr 20 2009 Steve Dickson 0.1.11-2 +- Updated to libtirpc-0.1.12-rc1 + +* Mon Apr 20 2009 Steve Dickson 0.1.11-1 +- Updated to the latest release: 0.1.11 + +* Fri Mar 13 2009 Steve Dickson 0.1.10-6 +- libtirpc: set r_netid and r_owner in __rpcb_findaddr_timed +- libtirpc: be sure to free cl_netid and cl_tp +- libtirpc: must free saved wire verifier when destroying context + +* Wed Feb 25 2009 Fedora Release Engineering - 0.1.10-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Jan 28 2009 Steve Dickson 0.1.10-4 +- Converted all uids and uids to type uid_t and gid_t (sf 2446314) + +* Wed Jan 28 2009 Steve Dickson 0.1.10-3 +- backwards compatibility: fix order of fields in TI-RPC's + svc_req (bz 481388) +- Removed a number warnings. + +* Thu Jan 22 2009 Steve Dickson 0.1.10-2 +- Header file fixes for C++ + +* Thu Nov 20 2008 Steve Dickson 0.1.10-1 +- Updated to latest upstream version: 0.1.10 + +* Tue Oct 28 2008 Steve Dickson 0.1.9-7 +- Fixed some incorrect function declarations (bz468815) + +* Mon Oct 27 2008 Steve Dickson 0.1.9-6 +- Fix bad assumption taddr2uaddr processing that + caused a segfault (bz468014) + +* Tue Sep 16 2008 Steve Dickson 0.1.9-5 +- Fix for taddr2addr conversion bug of local addresses +- Fixed some of warnings in: src/auth_time.c, src/clnt_dg.c and + src/clnt_raw.c +- Added some #ifdef NOTUSED around some code in src/rpbc_clnt.c + that was not being used... + +* Thu Sep 4 2008 Steve Dickson 0.1.9-4 +- Always make IPv6 sockets V6ONLY +- Fix incorrect sizeof() in __rpc_getbroadifs + +* Thu Aug 7 2008 Tom "spot" Callaway 0.1.9-3 +- fix license tag + +* Tue Jul 8 2008 Steve Dickson 0.1.9-1 +- Update to latest upstream version 0.1.9 + +* Fri Jun 27 2008 Steve Dickson 0.1.8-2 +- Added super-H(sh3,4) architecture support (bz 446559) + +* Tue Jun 10 2008 Steve Dickson 0.1.8-1 +- Update to latest upstream version 0.1.8 + +* Wed Mar 12 2008 Steve Dickson 0.1.7-18 +- Install man pages in the 3t section + +* Tue Feb 19 2008 Fedora Release Engineering - 0.1.7-17 +- Autorebuild for GCC 4.3 + +* Mon Feb 18 2008 Steve Dickson 0.1.7-16 +- Added patch that creates a libtirpc.pc used by the + pkg-config command. + +* Thu Jan 24 2008 Steve Dickson 0.1.7-15 +- Protect from buffer overflow in the GSS code. (bz 362121) + +* Mon Dec 17 2007 Steve Dickson 0.1.7-14 +- Fixed typo in /etc/netconfig file (bz 414471) + +* Thu Oct 25 2007 Steve Dickson 0.1.7-13 +- Added a check for the ARM arch (bz 351071) + +* Wed Oct 17 2007 Steve Dickson 0.1.7-12 +- Switch the libgssapi dependency to libgssglue + +* Mon Oct 15 2007 Steve Dickson 0.1.7-11 +- Made tcp6/udp6 network ids no longer visible in the netconfig + file since the ipv6 code is not fully baked yet in rpcbind. (bz 249121) + +* Wed Aug 29 2007 Fedora Release Engineering - 0.1.7-10 +- Rebuild for selinux ppc32 issue. + +* Mon Jul 30 2007 0.1.7-9 +- Fixed mutex lock problem in clnt_raw_create() +- Ignore the return value of snprintf() and use strlen() instead + to bump the pointer in clnt_sperror() +- A couple ntohs() were needed in bindresvport_sa() +- Added IP_RECVERR processing with to clnt_dg_call() so + application will see errors instead of timing out +- Make sure remote address (xp_rtaddr) is populated + with the correct type of address. +- Change the order of network ids in /etc/netconfg + putting ipv4 ids before ipv6. +- Bumped up Release from 8 to 9. + +* Mon Jul 9 2007 0.1.7-7 +- Fixed infinite loop in svc_run() (bz 246677) + +* Thu Apr 26 2007 0.1.7-6 +- Fixed potential buffer overflow in xdr_strings +- Added a optimization to bindresvport that allows more + ports to be tried. + +* Mon Mar 26 2007 Steve Dickson 0.1.7-5 +- Fixed Unowned Directory RPM problem (bz 233873) + +* Mon Aug 28 2006 Steve Dickson 0.1.7-4 +- Fixed undefined symbol (bz 204296) + +* Mon Aug 14 2006 Steve Dickson 0.1.7-3 +- Added in svc_auth_none needed by the GSSAPI code. +- Added compile define for ppc64 archs + +* Fri Aug 11 2006 Steve Dickson 0.1.7-2 +- Uncommented tcp6 and udp6 in the default /etc/netconfig file. +- Added hooks to used the libgssapi library. + +* Fri Aug 4 2006 Steve Dickson 0.1.7-1 +- Initial commit diff --git a/sources b/sources new file mode 100644 index 0000000..e04296e --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (libtirpc-1.1.4.tar.bz2) = 392f391f9fc1bd68d81dc44e4058831a64b32790b5c8c37338b0ab416fad2ae4d16389e632596734dba09780347918cc65c6f134e0c1afd09e81ec250785ed23