From faf03fb093877597d2e02572051dbd66e12f10b0 Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Thu, 3 Mar 2016 16:06:30 -0500 Subject: [PATCH] Updated to latest upstream RC release: libtirpc-1-0-2-rc2 Signed-off-by: Steve Dickson --- libtirpc-1.0.2-rc2.patch | 544 +++++++++++++++++++++++++++++++++++++++ libtirpc.spec | 7 +- 2 files changed, 549 insertions(+), 2 deletions(-) create mode 100644 libtirpc-1.0.2-rc2.patch diff --git a/libtirpc-1.0.2-rc2.patch b/libtirpc-1.0.2-rc2.patch new file mode 100644 index 0000000..3c8eb05 --- /dev/null +++ b/libtirpc-1.0.2-rc2.patch @@ -0,0 +1,544 @@ +diff --git a/src/rpc_dtablesize.c b/src/rpc_dtablesize.c +index 13d320c..3fe503a 100644 +--- a/src/rpc_dtablesize.c ++++ b/src/rpc_dtablesize.c +@@ -27,22 +27,14 @@ + */ + + #include +- + #include +- +-int _rpc_dtablesize(void); /* XXX */ ++#include ++#include + + /* + * Cache the result of getdtablesize(), so we don't have to do an + * expensive system call every time. + */ +-/* +- * XXX In FreeBSD 2.x, you can have the maximum number of open file +- * descriptors be greater than FD_SETSIZE (which us 256 by default). +- * +- * Since old programs tend to use this call to determine the first arg +- * for _select(), having this return > FD_SETSIZE is a Bad Idea(TM)! +- */ + int + _rpc_dtablesize(void) + { +diff --git a/src/rtime.c b/src/rtime.c +index c34e0af..b642840 100644 +--- a/src/rtime.c ++++ b/src/rtime.c +@@ -46,6 +46,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -67,7 +68,8 @@ rtime(addrp, timep, timeout) + struct timeval *timeout; + { + int s; +- fd_set readfds; ++ struct pollfd fd; ++ int milliseconds; + int res; + unsigned long thetime; + struct sockaddr_in from; +@@ -94,31 +96,32 @@ rtime(addrp, timep, timeout) + addrp->sin_port = serv->s_port; + + if (type == SOCK_DGRAM) { +- res = sendto(s, (char *)&thetime, sizeof(thetime), 0, ++ res = sendto(s, (char *)&thetime, sizeof(thetime), 0, + (struct sockaddr *)addrp, sizeof(*addrp)); + if (res < 0) { + do_close(s); +- return(-1); ++ return(-1); + } +- do { +- FD_ZERO(&readfds); +- FD_SET(s, &readfds); +- res = select(_rpc_dtablesize(), &readfds, +- (fd_set *)NULL, (fd_set *)NULL, timeout); +- } while (res < 0 && errno == EINTR); ++ ++ milliseconds = (timeout->tv_sec * 1000) + (timeout->tv_usec / 1000); ++ fd.fd = s; ++ fd.events = POLLIN; ++ do ++ res = poll (&fd, 1, milliseconds); ++ while (res < 0 && errno == EINTR); + if (res <= 0) { + if (res == 0) { + errno = ETIMEDOUT; + } + do_close(s); +- return(-1); ++ return(-1); + } + fromlen = sizeof(from); +- res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, ++ res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, + (struct sockaddr *)&from, &fromlen); + do_close(s); + if (res < 0) { +- return(-1); ++ return(-1); + } + } else { + if (connect(s, (struct sockaddr *)addrp, sizeof(*addrp)) < 0) { +diff --git a/src/svc.c b/src/svc.c +index 9c41445..b59467b 100644 +--- a/src/svc.c ++++ b/src/svc.c +@@ -99,7 +99,7 @@ xprt_register (xprt) + { + __svc_xports = (SVCXPRT **) calloc (_rpc_dtablesize(), sizeof (SVCXPRT *)); + if (__svc_xports == NULL) +- return; ++ goto unlock; + } + if (sock < _rpc_dtablesize()) + { +@@ -120,14 +120,14 @@ xprt_register (xprt) + svc_pollfd[i].fd = sock; + svc_pollfd[i].events = (POLLIN | POLLPRI | + POLLRDNORM | POLLRDBAND); +- return; ++ goto unlock; + } + + new_svc_pollfd = (struct pollfd *) realloc (svc_pollfd, + sizeof (struct pollfd) + * (svc_max_pollfd + 1)); + if (new_svc_pollfd == NULL) /* Out of memory */ +- return; ++ goto unlock; + svc_pollfd = new_svc_pollfd; + ++svc_max_pollfd; + +@@ -135,6 +135,7 @@ xprt_register (xprt) + svc_pollfd[svc_max_pollfd - 1].events = (POLLIN | POLLPRI | + POLLRDNORM | POLLRDBAND); + } ++unlock: + rwlock_unlock (&svc_fd_lock); + } + +diff --git a/src/svc_auth_des.c b/src/svc_auth_des.c +index 5bc264c..2e90146 100644 +--- a/src/svc_auth_des.c ++++ b/src/svc_auth_des.c +@@ -86,13 +86,13 @@ static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */; + static short *authdes_lru/* [AUTHDES_CACHESZ] */; + + static void cache_init(); /* initialize the cache */ +-static short cache_spot(); /* find an entry in the cache */ +-static void cache_ref(/*short sid*/); /* note that sid was ref'd */ ++static short cache_spot(des_block *key, char *name, struct timeval *timestamp); /* find an entry in the cache */ ++static void cache_ref(short sid); /* note that sid was ref'd */ + +-static void invalidate(); /* invalidate entry in cache */ ++static void invalidate(char *cred); /* invalidate entry in cache */ + + /* +- * cache statistics ++ * cache statistics + */ + static struct { + u_long ncachehits; /* times cache hit, and is not replay */ +diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c +index b6aa407..bece46a 100644 +--- a/src/svc_auth_gss.c ++++ b/src/svc_auth_gss.c +@@ -129,6 +129,8 @@ struct svc_rpc_gss_data { + ((struct svc_rpc_gss_data *)(auth)->svc_ah_private) + + /* Global server credentials. */ ++static u_int _svcauth_req_time = 0; ++static gss_OID_set_desc _svcauth_oid_set = {1, GSS_C_NULL_OID }; + static gss_cred_id_t _svcauth_gss_creds; + static gss_name_t _svcauth_gss_name = GSS_C_NO_NAME; + static char * _svcauth_svc_name = NULL; +@@ -167,6 +169,7 @@ svcauth_gss_import_name(char *service) + gss_name_t name; + gss_buffer_desc namebuf; + OM_uint32 maj_stat, min_stat; ++ bool_t result; + + gss_log_debug("in svcauth_gss_import_name()"); + +@@ -181,22 +184,21 @@ svcauth_gss_import_name(char *service) + maj_stat, min_stat); + return (FALSE); + } +- if (svcauth_gss_set_svc_name(name) != TRUE) { +- gss_release_name(&min_stat, &name); +- return (FALSE); +- } +- return (TRUE); ++ result = svcauth_gss_set_svc_name(name); ++ gss_release_name(&min_stat, &name); ++ return result; + } + + static bool_t +-svcauth_gss_acquire_cred(u_int req_time, gss_OID_set_desc *oid_set) ++svcauth_gss_acquire_cred(void) + { + OM_uint32 maj_stat, min_stat; + + gss_log_debug("in svcauth_gss_acquire_cred()"); + +- maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, req_time, +- oid_set, GSS_C_ACCEPT, ++ maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, ++ _svcauth_req_time, &_svcauth_oid_set, ++ GSS_C_ACCEPT, + &_svcauth_gss_creds, NULL, NULL); + + if (maj_stat != GSS_S_COMPLETE) { +@@ -300,6 +302,8 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, + NULL, + &gd->deleg); + ++ xdr_free((xdrproc_t)xdr_rpc_gss_init_args, (caddr_t)&recv_tok); ++ + if (gr->gr_major != GSS_S_COMPLETE && + gr->gr_major != GSS_S_CONTINUE_NEEDED) { + gss_log_status("svcauth_gss_accept_sec_context: accept_sec_context", +@@ -352,8 +356,11 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, + return (FALSE); + + rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS; +- rqst->rq_xprt->xp_verf.oa_base = checksum.value; ++ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, ++ checksum.length); + rqst->rq_xprt->xp_verf.oa_length = checksum.length; ++ ++ gss_release_buffer(&min_stat, &checksum); + } + return (TRUE); + } +@@ -435,10 +442,13 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num) + maj_stat, min_stat); + return (FALSE); + } ++ + rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS; +- rqst->rq_xprt->xp_verf.oa_base = (caddr_t)checksum.value; ++ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, checksum.length); + rqst->rq_xprt->xp_verf.oa_length = (u_int)checksum.length; + ++ gss_release_buffer(&min_stat, &checksum); ++ + return (TRUE); + } + +@@ -568,6 +578,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + gss_qop_t qop; + struct svcauth_gss_cache_entry **ce; + time_t now; ++ enum auth_stat result = AUTH_OK; ++ OM_uint32 min_stat; + + gss_log_debug("in svcauth_gss()"); + +@@ -621,19 +633,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + XDR_DESTROY(&xdrs); + + /* Check version. */ +- if (gc->gc_v != RPCSEC_GSS_VERSION) +- return (AUTH_BADCRED); ++ if (gc->gc_v != RPCSEC_GSS_VERSION) { ++ result = AUTH_BADCRED; ++ goto out; ++ } + + /* Check RPCSEC_GSS service. */ + if (gc->gc_svc != RPCSEC_GSS_SVC_NONE && + gc->gc_svc != RPCSEC_GSS_SVC_INTEGRITY && +- gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) +- return (AUTH_BADCRED); ++ gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) { ++ result = AUTH_BADCRED; ++ goto out; ++ } + + /* Check sequence number. */ + if (gd->established) { +- if (gc->gc_seq > MAXSEQ) +- return (RPCSEC_GSS_CTXPROBLEM); ++ if (gc->gc_seq > MAXSEQ) { ++ result = RPCSEC_GSS_CTXPROBLEM; ++ goto out; ++ } + + if ((offset = gd->seqlast - gc->gc_seq) < 0) { + gd->seqlast = gc->gc_seq; +@@ -643,7 +661,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + } + else if (offset >= gd->win || (gd->seqmask & (1 << offset))) { + *no_dispatch = 1; +- return (RPCSEC_GSS_CTXPROBLEM); ++ result = RPCSEC_GSS_CTXPROBLEM; ++ goto out; + } + gd->seq = gc->gc_seq; + gd->seqmask |= (1 << offset); +@@ -654,35 +673,52 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + rqst->rq_svcname = (char *)gd->ctx; + } + ++ rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base; ++ + /* Handle RPCSEC_GSS control procedure. */ + switch (gc->gc_proc) { + + case RPCSEC_GSS_INIT: + case RPCSEC_GSS_CONTINUE_INIT: +- if (rqst->rq_proc != NULLPROC) +- return (AUTH_FAILED); /* XXX ? */ ++ if (rqst->rq_proc != NULLPROC) { ++ result = AUTH_FAILED; /* XXX ? */ ++ break; ++ } + + if (_svcauth_gss_name == GSS_C_NO_NAME) { +- if (!svcauth_gss_import_name("nfs")) +- return (AUTH_FAILED); ++ if (!svcauth_gss_import_name("nfs")) { ++ result = AUTH_FAILED; ++ break; ++ } + } + +- if (!svcauth_gss_acquire_cred(0, GSS_C_NULL_OID_SET)) +- return (AUTH_FAILED); ++ if (!svcauth_gss_acquire_cred()) { ++ result = AUTH_FAILED; ++ break; ++ } + +- if (!svcauth_gss_accept_sec_context(rqst, &gr)) +- return (AUTH_REJECTEDCRED); ++ if (!svcauth_gss_accept_sec_context(rqst, &gr)) { ++ result = AUTH_REJECTEDCRED; ++ break; ++ } + +- if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) +- return (AUTH_FAILED); ++ if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) { ++ result = AUTH_FAILED; ++ break; ++ } + + *no_dispatch = TRUE; + + call_stat = svc_sendreply(rqst->rq_xprt, + (xdrproc_t)xdr_rpc_gss_init_res, (caddr_t)&gr); + +- if (!call_stat) +- return (AUTH_FAILED); ++ gss_release_buffer(&min_stat, &gr.gr_token); ++ free(gr.gr_ctx.value); ++ ++ if (!call_stat) { ++ result = AUTH_FAILED; ++ break; ++ } + + if (gr.gr_major == GSS_S_COMPLETE) + gd->established = TRUE; +@@ -690,27 +726,37 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + break; + + case RPCSEC_GSS_DATA: +- if (!svcauth_gss_validate(gd, msg, &qop)) +- return (RPCSEC_GSS_CREDPROBLEM); ++ if (!svcauth_gss_validate(gd, msg, &qop)) { ++ result = RPCSEC_GSS_CREDPROBLEM; ++ break; ++ } + +- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) +- return (AUTH_FAILED); ++ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) { ++ result = AUTH_FAILED; ++ break; ++ } + + if (!gd->callback_done) { + gd->callback_done = TRUE; + gd->sec.qop = qop; + (void)rpc_gss_num_to_qop(gd->rcred.mechanism, + gd->sec.qop, &gd->rcred.qop); +- if (!svcauth_gss_callback(rqst, gd)) +- return (AUTH_REJECTEDCRED); ++ if (!svcauth_gss_callback(rqst, gd)) { ++ result = AUTH_REJECTEDCRED; ++ break; ++ } + } + + if (gd->locked) { + if (gd->rcred.service != +- _rpc_gss_svc_to_service(gc->gc_svc)) +- return (AUTH_FAILED); +- if (gd->sec.qop != qop) +- return (AUTH_BADVERF); ++ _rpc_gss_svc_to_service(gc->gc_svc)) { ++ result = AUTH_FAILED; ++ break; ++ } ++ if (gd->sec.qop != qop) { ++ result = AUTH_BADVERF; ++ break; ++ } + } + + if (gd->sec.qop != qop) { +@@ -724,17 +770,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + break; + + case RPCSEC_GSS_DESTROY: +- if (rqst->rq_proc != NULLPROC) +- return (AUTH_FAILED); /* XXX ? */ ++ if (rqst->rq_proc != NULLPROC) { ++ result = AUTH_FAILED; /* XXX ? */ ++ break; ++ } + +- if (!svcauth_gss_validate(gd, msg, &qop)) +- return (RPCSEC_GSS_CREDPROBLEM); ++ if (!svcauth_gss_validate(gd, msg, &qop)) { ++ result = RPCSEC_GSS_CREDPROBLEM; ++ break; ++ } + +- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) +- return (AUTH_FAILED); ++ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) { ++ result = AUTH_FAILED; ++ break; ++ } + +- if (!svcauth_gss_release_cred()) +- return (AUTH_FAILED); ++ if (!svcauth_gss_release_cred()) { ++ result = AUTH_FAILED; ++ break; ++ } + + SVCAUTH_DESTROY(&SVC_XP_AUTH(rqst->rq_xprt)); + SVC_XP_AUTH(rqst->rq_xprt).svc_ah_ops = svc_auth_none.svc_ah_ops; +@@ -743,10 +797,12 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) + break; + + default: +- return (AUTH_REJECTEDCRED); ++ result = AUTH_REJECTEDCRED; + break; + } +- return (AUTH_OK); ++out: ++ xdr_free((xdrproc_t)xdr_rpc_gss_cred, (caddr_t)gc); ++ return result; + } + + static bool_t +@@ -890,7 +946,6 @@ bool_t + rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time, + u_int UNUSED(program), u_int UNUSED(version)) + { +- gss_OID_set_desc oid_set; + rpc_gss_OID oid; + char *save; + +@@ -902,14 +957,13 @@ rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time, + + if (!rpc_gss_mech_to_oid(mechanism, &oid)) + goto out_err; +- oid_set.count = 1; +- oid_set.elements = (gss_OID)oid; + + if (!svcauth_gss_import_name(principal)) + goto out_err; +- if (!svcauth_gss_acquire_cred(req_time, &oid_set)) +- goto out_err; + ++ _svcauth_req_time = req_time; ++ _svcauth_oid_set.count = 1; ++ _svcauth_oid_set.elements = (gss_OID)oid; + free(_svcauth_svc_name); + _svcauth_svc_name = save; + return TRUE; +diff --git a/src/svc_vc.c b/src/svc_vc.c +index 6ae613d..97a76a3 100644 +--- a/src/svc_vc.c ++++ b/src/svc_vc.c +@@ -270,14 +270,8 @@ makefd_xprt(fd, sendsize, recvsize) + struct cf_conn *cd; + const char *netid; + struct __rpc_sockinfo si; +- +- assert(fd != -1); + +- if (fd >= FD_SETSIZE) { +- warnx("svc_vc: makefd_xprt: fd too high\n"); +- xprt = NULL; +- goto done; +- } ++ assert(fd != -1); + + xprt = mem_alloc(sizeof(SVCXPRT)); + if (xprt == NULL) { +@@ -338,22 +332,10 @@ rendezvous_request(xprt, msg) + r = (struct cf_rendezvous *)xprt->xp_p1; + again: + len = sizeof addr; +- if ((sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, +- &len)) < 0) { ++ sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, &len); ++ if (sock < 0) { + if (errno == EINTR) + goto again; +- +- if (errno == EMFILE || errno == ENFILE) { +- /* If there are no file descriptors available, then accept will fail. +- We want to delay here so the connection request can be dequeued; +- otherwise we can bounce between polling and accepting, never +- giving the request a chance to dequeue and eating an enormous +- amount of cpu time in svc_run if we're polling on many file +- descriptors. */ +- struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 }; +- nanosleep (&ts, NULL); +- goto again; +- } + return (FALSE); + } + /* +diff --git a/tirpc/rpc/rpcent.h b/tirpc/rpc/rpcent.h +index 147f909..e07503c 100644 +--- a/tirpc/rpc/rpcent.h ++++ b/tirpc/rpc/rpcent.h +@@ -60,10 +60,11 @@ struct rpcent { + extern struct rpcent *getrpcbyname(const char *); + extern struct rpcent *getrpcbynumber(int); + extern struct rpcent *getrpcent(void); +-#endif + + extern void setrpcent(int); + extern void endrpcent(void); ++#endif ++ + #ifdef __cplusplus + } + #endif diff --git a/libtirpc.spec b/libtirpc.spec index 9ada55d..6f54f80 100644 --- a/libtirpc.spec +++ b/libtirpc.spec @@ -2,7 +2,7 @@ Name: libtirpc Version: 1.0.1 -Release: 1.rc1%{?dist}.1 +Release: 2.rc2%{?dist} Summary: Transport Independent RPC Library Group: System Environment/Libraries License: SISSL and BSD @@ -10,7 +10,7 @@ URL: http://nfsv4.bullopensource.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Source0: http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2 -Patch001: libtirpc-1.0.2-rc1.patch +Patch001: libtirpc-1.0.2-rc2.patch BuildRequires: automake, autoconf, libtool, pkgconfig BuildRequires: krb5-devel @@ -135,6 +135,9 @@ rm -rf %{buildroot} %{_mandir}/*/* %changelog +* Thu Mar 3 2016 Steve Dickson 1.0.1-2.rc2 +- Updated to latest upstream RC release: libtirpc-1-0-2-rc2 + * Thu Feb 04 2016 Fedora Release Engineering - 1.0.1-1.rc1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild