.gitignore

@@ -1,4 +1,2 @@
-Makefile
+SOURCES/libtirpc-1.1.4.tar.bz2
-x86_64/
+/libtirpc-1.1.4.tar.bz2
-/libtirpc-1.3.5.tar.bz2
-libtirpc-1.3.5

gating.yaml

@@ -1,6 +1,6 @@
 --- !Policy
 product_versions:
-  - rhel-10
+  - rhel-8
 decision_context: osci_compose_gate
 rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.revdeps.integration}

libtirpc-1.1.4-blacklist.patch

@@ -0,0 +1,15 @@
+diff -up libtirpc-1.1.4/doc/bindresvport.blacklist.save libtirpc-1.1.4/doc/bindresvport.blacklist
+--- libtirpc-1.1.4/doc/bindresvport.blacklist.save	2021-04-17 13:04:20.092274589 -0400
++++ libtirpc-1.1.4/doc/bindresvport.blacklist	2021-04-17 13:04:45.609945925 -0400
+@@ -8,6 +8,11 @@
+ 631     # cups
+ 636     # ldaps
+ 664     # Secure ASF, used by IPMI on some cards
++749     # Kerberos V kadmin
++774     # rpasswd
++873     # rsyncd
+ 921     # lwresd
++992     # SSL-enabled telnet
+ 993     # imaps
++994     # irc
+ 995     # pops

libtirpc-1.1.4-covscan.patch

@@ -0,0 +1,151 @@
+diff --git a/src/auth_gss.c b/src/auth_gss.c
+index 5959893..7d08262 100644
+--- a/src/auth_gss.c
++++ b/src/auth_gss.c
+@@ -207,6 +207,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec)
+ 			rpc_createerr.cf_stat = RPC_SYSTEMERROR;
+ 			rpc_createerr.cf_error.re_errno = ENOMEM;
+ 			free(auth);
++			free(gd);
+ 			return (NULL);
+ 		}
+ 	}
+@@ -592,7 +593,7 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret)
+ 			if (rpc_gss_oid_to_mech(actual_mech_type, &mechanism)) {
+ 				strncpy(options_ret->actual_mechanism,
+ 					mechanism,
+-					sizeof(options_ret->actual_mechanism));
++					(sizeof(options_ret->actual_mechanism)-1));
+ 			}
+ 
+ 			gd->established = TRUE;
+diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c
+index 98cf061..2ad6c89 100644
+--- a/src/clnt_bcast.c
++++ b/src/clnt_bcast.c
+@@ -330,6 +330,7 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
+ 	if (nettype == NULL)
+ 		nettype = "datagram_n";
+ 	if ((handle = __rpc_setconf(nettype)) == NULL) {
++		AUTH_DESTROY(sys_auth);
+ 		return (RPC_UNKNOWNPROTO);
+ 	}
+ 	while ((nconf = __rpc_getconf(handle)) != NULL) {
+diff --git a/src/getnetconfig.c b/src/getnetconfig.c
+index 92e7c43..d67d97d 100644
+--- a/src/getnetconfig.c
++++ b/src/getnetconfig.c
+@@ -709,6 +709,8 @@ struct netconfig	*ncp;
+     p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
+     if (p->nc_lookups == NULL) {
+ 	free(p->nc_netid);
++	free(p);
++	free(tmp);
+ 	return(NULL);
+     }
+     for (i=0; i < p->nc_nlookups; i++) {
+diff --git a/src/getnetpath.c b/src/getnetpath.c
+index 7c19932..ea1a18c 100644
+--- a/src/getnetpath.c
++++ b/src/getnetpath.c
+@@ -88,6 +88,7 @@ setnetpath()
+     }
+     if ((np_sessionp->nc_handlep = setnetconfig()) == NULL) {
+ 	syslog (LOG_ERR, "rpc: failed to open " NETCONFIG);
++	free(np_sessionp);
+ 	return (NULL);
+     }
+     np_sessionp->valid = NP_VALID;
+diff --git a/src/rpc_generic.c b/src/rpc_generic.c
+index 589cbd5..51f36ac 100644
+--- a/src/rpc_generic.c
++++ b/src/rpc_generic.c
+@@ -319,6 +319,7 @@ __rpc_setconf(nettype)
+ 		handle->nflag = FALSE;
+ 		break;
+ 	default:
++		free(handle);
+ 		return (NULL);
+ 	}
+ 
+diff --git a/src/rpc_soc.c b/src/rpc_soc.c
+index 5a6eeb7..a85cb17 100644
+--- a/src/rpc_soc.c
++++ b/src/rpc_soc.c
+@@ -663,15 +663,17 @@ svcunix_create(sock, sendsize, recvsize, path)
+ 		    strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0)
+ 			break;
+ 	}
+-	if (nconf == NULL)
++	if (nconf == NULL) {
++		endnetconfig(localhandle);
+ 		return(xprt);
++	}
+ 
+ 	if ((sock = __rpc_nconf2fd(nconf)) < 0)
+ 		goto done;
+ 
+ 	memset(&sun, 0, sizeof sun);
+ 	sun.sun_family = AF_LOCAL;
+-	strncpy(sun.sun_path, path, sizeof(sun.sun_path));
++	strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1));
+ 	addrlen = sizeof(struct sockaddr_un);
+ 	sa = (struct sockaddr *)&sun;
+ 
+@@ -692,6 +694,8 @@ svcunix_create(sock, sendsize, recvsize, path)
+ 	}
+ 
+ 	xprt = (SVCXPRT *)svc_tli_create(sock, nconf, &taddr, sendsize, recvsize);
++	if (xprt == NULL)
++		close(sock);
+ 
+ done:
+ 	endnetconfig(localhandle);
+diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
+index e45736a..0c34cb7 100644
+--- a/src/rpcb_clnt.c
++++ b/src/rpcb_clnt.c
+@@ -547,6 +547,7 @@ try_nconf:
+ 		if (tmpnconf == NULL) {
+  			rpc_createerr.cf_stat = RPC_UNKNOWNPROTO;
+ 			mutex_unlock(&loopnconf_lock);
++			endnetconfig(nc_handle);
+ 			return (NULL);
+ 		}
+ 		loopnconf = getnetconfigent(tmpnconf->nc_netid);
+diff --git a/src/rtime.c b/src/rtime.c
+index b642840..29fbf0a 100644
+--- a/src/rtime.c
++++ b/src/rtime.c
+@@ -90,6 +90,7 @@ rtime(addrp, timep, timeout)
+ 
+ 	/* TCP and UDP port are the same in this case */
+ 	if ((serv = getservbyname("time", "tcp")) == NULL) {
++		do_close(s);
+ 		return(-1);
+ 	}
+ 
+diff --git a/src/svc_generic.c b/src/svc_generic.c
+index 52a56c2..20abaa2 100644
+--- a/src/svc_generic.c
++++ b/src/svc_generic.c
+@@ -113,6 +113,7 @@ svc_create(dispatch, prognum, versnum, nettype)
+ 				if (l == NULL) {
+ 					warnx("svc_create: no memory");
+ 					mutex_unlock(&xprtlist_lock);
++					__rpc_endconf(handle);
+ 					return (0);
+ 				}
+ 				l->xprt = xprt;
+diff --git a/src/svc_simple.c b/src/svc_simple.c
+index cb58002..c32fe0a 100644
+--- a/src/svc_simple.c
++++ b/src/svc_simple.c
+@@ -157,6 +157,7 @@ rpc_reg(prognum, versnum, procnum, progname, inproc, outproc, nettype)
+ 				((netid = strdup(nconf->nc_netid)) == NULL)) {
+ 				warnx(rpc_reg_err, rpc_reg_msg, __no_mem_str);
+ 				SVC_DESTROY(svcxprt);
++				free(xdrbuf);
+ 				break;
+ 			}
+ 			madenow = TRUE;

libtirpc-1.1.4-dgcall-free.patch

@@ -0,0 +1,14 @@
+diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
+--- libtirpc-1.1.4/src/clnt_dg.c.orig	2022-05-31 08:14:09.408762537 -0400
++++ libtirpc-1.1.4/src/clnt_dg.c	2022-05-31 08:17:28.950764885 -0400
+@@ -478,9 +478,9 @@ get_reply:
+ 		 cmsg = CMSG_NXTHDR (&msg, cmsg))
+ 	      if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR)
+ 		{
+-		  mem_free(cbuf, (outlen + 256));
+ 		  e = (struct sock_extended_err *) CMSG_DATA(cmsg);
+ 		  cu->cu_error.re_errno = e->ee_errno;
++		  mem_free(cbuf, (outlen + 256));
+ 		  release_fd_lock(cu->cu_fd, mask);
+ 		  return (cu->cu_error.re_status = RPC_CANTRECV);
+ 		}

libtirpc-1.1.4-disallow-auth_refresh.patch

@@ -0,0 +1,76 @@
+diff -up libtirpc-1.1.4/src/auth_gss.c.orig libtirpc-1.1.4/src/auth_gss.c
+--- libtirpc-1.1.4/src/auth_gss.c.orig	2021-04-17 13:11:03.229880600 -0400
++++ libtirpc-1.1.4/src/auth_gss.c	2021-04-17 13:15:10.722391798 -0400
+@@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int
+ 	rpc_gss_clear_error();
+ 	return result;
+ }
++
++bool_t
++is_authgss_client(CLIENT *clnt)
++{
++	return (clnt->cl_auth->ah_ops == &authgss_ops);
++}
+diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
+--- libtirpc-1.1.4/src/clnt_dg.c.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/src/clnt_dg.c	2021-04-17 13:15:10.722391798 -0400
+@@ -60,6 +60,9 @@
+ #include <sys/uio.h>
+ #endif
+ 
++#ifdef HAVE_RPCSEC_GSS
++#include <rpc/auth_gss.h>
++#endif
+ 
+ #define MAX_DEFAULT_FDS                 20000
+ 
+@@ -356,6 +359,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xre
+ 		salen = cu->cu_rlen;
+ 	}
+ 
++#ifdef HAVE_RPCSEC_GSS
++	if (is_authgss_client(cl))
++		nrefreshes = 0;
++#endif
++
+ 	/* Clean up in case the last call ended in a longjmp(3) call. */
+ call_again:
+ 	xdrs = &(cu->cu_outxdrs);
+diff -up libtirpc-1.1.4/src/clnt_vc.c.orig libtirpc-1.1.4/src/clnt_vc.c
+--- libtirpc-1.1.4/src/clnt_vc.c.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/src/clnt_vc.c	2021-04-17 13:15:10.723391824 -0400
+@@ -68,6 +68,10 @@
+ #include <rpc/rpc.h>
+ #include "rpc_com.h"
+ 
++#ifdef HAVE_RPCSEC_GSS
++#include <rpc/auth_gss.h>
++#endif
++
+ #define MCALL_MSG_SIZE 24
+ 
+ #define CMGROUP_MAX    16
+@@ -380,6 +384,11 @@ clnt_vc_call(cl, proc, xdr_args, args_pt
+ 	    (xdr_results == NULL && timeout.tv_sec == 0
+ 	    && timeout.tv_usec == 0) ? FALSE : TRUE;
+ 
++#ifdef HAVE_RPCSEC_GSS
++	if (is_authgss_client(cl))
++		refreshes = 0;
++#endif
++
+ call_again:
+ 	xdrs->x_op = XDR_ENCODE;
+ 	ct->ct_error.re_status = RPC_SUCCESS;
+diff -up libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig libtirpc-1.1.4/tirpc/rpc/auth_gss.h
+--- libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/tirpc/rpc/auth_gss.h	2021-04-17 13:15:10.723391824 -0400
+@@ -120,6 +120,8 @@ void	gss_log_debug		(const char *fmt, ..
+ void	gss_log_status		(char *m, OM_uint32 major, OM_uint32 minor);
+ void	gss_log_hexdump		(const u_char *buf, int len, int offset);
+ 
++bool_t	is_authgss_client	(CLIENT *);
++
+ #ifdef __cplusplus
+ }
+ #endif

libtirpc-1.1.4-dos-fix.patch

@@ -0,0 +1,154 @@
+diff --git a/src/rpc_com.h b/src/rpc_com.h
+index 10bec79..76badef 100644
+--- a/src/rpc_com.h
++++ b/src/rpc_com.h
+@@ -61,8 +61,7 @@ void __xprt_unregister_unlocked(SVCXPRT *);
+ void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *);
+ 
+ 
+-SVCXPRT **__svc_xports;
+-int __svc_maxrec;
++extern int __svc_maxrec;
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/svc.c b/src/svc.c
+index b59467b..3a8709f 100644
+--- a/src/svc.c
++++ b/src/svc.c
+@@ -57,6 +57,9 @@
+ 
+ #define max(a, b) (a > b ? a : b)
+ 
++SVCXPRT **__svc_xports;
++int __svc_maxrec;
++
+ /*
+  * The services list
+  * Each entry represents a set of procedures (an rpc program).
+@@ -191,6 +194,21 @@ __xprt_do_unregister (xprt, dolock)
+     rwlock_unlock (&svc_fd_lock);
+ }
+ 
++int
++svc_open_fds()
++{
++	int ix;
++	int nfds = 0;
++
++	rwlock_rdlock (&svc_fd_lock);
++	for (ix = 0; ix < svc_max_pollfd; ++ix) {
++		if (svc_pollfd[ix].fd != -1)
++			nfds++;
++	}
++	rwlock_unlock (&svc_fd_lock);
++	return (nfds);
++}
++
+ /*
+  * Add a service program to the callout list.
+  * The dispatch routine will be called when a rpc request for this
+diff --git a/src/svc_vc.c b/src/svc_vc.c
+index c23cd36..1729963 100644
+--- a/src/svc_vc.c
++++ b/src/svc_vc.c
+@@ -64,6 +64,8 @@
+ 
+ 
+ extern rwlock_t svc_fd_lock;
++extern SVCXPRT **__svc_xports;
++extern int svc_open_fds();
+ 
+ static SVCXPRT *makefd_xprt(int, u_int, u_int);
+ static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *);
+@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *);
+ static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in);
+ static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq,
+ 				   	     void *in);
++static int __svc_destroy_idle(int timeout);
+ 
+ struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */
+ 	u_int sendsize;
+@@ -312,13 +315,14 @@ done:
+ 	return (xprt);
+ }
+ 
++
+ /*ARGSUSED*/
+ static bool_t
+ rendezvous_request(xprt, msg)
+ 	SVCXPRT *xprt;
+ 	struct rpc_msg *msg;
+ {
+-	int sock, flags;
++	int sock, flags, nfds, cnt;
+ 	struct cf_rendezvous *r;
+ 	struct cf_conn *cd;
+ 	struct sockaddr_storage addr;
+@@ -378,6 +382,16 @@ again:
+ 
+ 	gettimeofday(&cd->last_recv_time, NULL);
+ 
++	nfds = svc_open_fds();
++	if (nfds >= (_rpc_dtablesize() / 5) * 4) {
++		/* destroy idle connections */
++		cnt = __svc_destroy_idle(15);
++		if (cnt == 0) {
++			/* destroy least active */
++			__svc_destroy_idle(0);
++		}
++	}
++
+ 	return (FALSE); /* there is never an rpc msg to be processed */
+ }
+ 
+@@ -819,3 +833,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock)
+ {
+ 	return FALSE;
+ }
++
++static int
++__svc_destroy_idle(int timeout)
++{
++	int i, ncleaned = 0;
++	SVCXPRT *xprt, *least_active;
++	struct timeval tv, tdiff, tmax;
++	struct cf_conn *cd;
++
++	gettimeofday(&tv, NULL);
++	tmax.tv_sec = tmax.tv_usec = 0;
++	least_active = NULL;
++	rwlock_wrlock(&svc_fd_lock);
++
++	for (i = 0; i <= svc_max_pollfd; i++) {
++		if (svc_pollfd[i].fd == -1)
++			continue;
++		xprt = __svc_xports[i];
++		if (xprt == NULL || xprt->xp_ops == NULL ||
++			xprt->xp_ops->xp_recv != svc_vc_recv)
++			continue;
++		cd = (struct cf_conn *)xprt->xp_p1;
++		if (!cd->nonblock)
++			continue;
++		if (timeout == 0) {
++			timersub(&tv, &cd->last_recv_time, &tdiff);
++			if (timercmp(&tdiff, &tmax, >)) {
++				tmax = tdiff;
++				least_active = xprt;
++			}
++			continue;
++		}
++		if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) {
++			__xprt_unregister_unlocked(xprt);
++			__svc_vc_dodestroy(xprt);
++			ncleaned++;
++		}
++	}
++	if (timeout == 0 && least_active != NULL) {
++		__xprt_unregister_unlocked(least_active);
++		__svc_vc_dodestroy(least_active);
++		ncleaned++;
++	}
++	rwlock_unlock(&svc_fd_lock);
++	return (ncleaned);
++}

libtirpc-1.1.4-double-free.patch

@@ -0,0 +1,32 @@
+commit 1d2e10afb2ffc35cb3623f57a15f712359f18e75
+Author: Herb Wartens <wartens2@llnl.gov>
+Date:   Tue Aug 1 10:36:16 2023 -0400
+
+    rpcb_clnt.c: Eliminate double frees in delete_cache()
+    
+    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2224666
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
+index c0a9e12..68fe69a 100644
+--- a/src/rpcb_clnt.c
++++ b/src/rpcb_clnt.c
+@@ -262,12 +262,15 @@ delete_cache(addr)
+ 	for (cptr = front; cptr != NULL; cptr = cptr->ac_next) {
+ 		if (!memcmp(cptr->ac_taddr->buf, addr->buf, addr->len)) {
+ 			/* Unlink from cache. We'll destroy it after releasing the mutex. */
+-			if (cptr->ac_uaddr)
++			if (cptr->ac_uaddr) {
+ 				free(cptr->ac_uaddr);
+-			if (prevptr)
++				cptr->ac_uaddr = NULL;
++			}
++			if (prevptr) {
+ 				prevptr->ac_next = cptr->ac_next;
+-			else
++			} else {
+ 				front = cptr->ac_next;
++			}
+ 			cachesize--;
+ 			break;
+ 		}

libtirpc-1.1.4-dup_ncp-bad-free.patch

@@ -0,0 +1,51 @@
+commit 959b2001458bca8f9228014371aad6ccbeb95a68
+Author: Zhi Li <yieli@redhat.com>
+Date:   Wed Sep 26 14:05:29 2018 -0400
+
+    getnetconfig.c: fix a BAD_FREE (CWE-763)
+    
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/getnetconfig.c b/src/getnetconfig.c
+index d67d97d..cfd33c2 100644
+--- a/src/getnetconfig.c
++++ b/src/getnetconfig.c
+@@ -681,6 +681,7 @@ struct netconfig	*ncp;
+ {
+     struct netconfig	*p;
+     char	*tmp;
++    char	*t;
+     u_int	i;
+ 
+     if ((tmp=malloc(MAXNETCONFIGLINE)) == NULL)
+@@ -700,22 +701,21 @@ struct netconfig	*ncp;
+      */
+     *p = *ncp;
+     p->nc_netid = (char *)strcpy(tmp,ncp->nc_netid);
+-    tmp = strchr(tmp, 0) + 1;
+-    p->nc_protofmly = (char *)strcpy(tmp,ncp->nc_protofmly);
+-    tmp = strchr(tmp, 0) + 1;
+-    p->nc_proto = (char *)strcpy(tmp,ncp->nc_proto);
+-    tmp = strchr(tmp, 0) + 1;
+-    p->nc_device = (char *)strcpy(tmp,ncp->nc_device);
++    t = strchr(tmp, 0) + 1;
++    p->nc_protofmly = (char *)strcpy(t,ncp->nc_protofmly);
++    t = strchr(t, 0) + 1;
++    p->nc_proto = (char *)strcpy(t,ncp->nc_proto);
++    t = strchr(t, 0) + 1;
++    p->nc_device = (char *)strcpy(t,ncp->nc_device);
+     p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
+     if (p->nc_lookups == NULL) {
+-	free(p->nc_netid);
+ 	free(p);
+ 	free(tmp);
+ 	return(NULL);
+     }
+     for (i=0; i < p->nc_nlookups; i++) {
+-    	tmp = strchr(tmp, 0) + 1;
+-    	p->nc_lookups[i] = (char *)strcpy(tmp,ncp->nc_lookups[i]);
++	t = strchr(t, 0) + 1;
++	p->nc_lookups[i] = (char *)strcpy(t,ncp->nc_lookups[i]);
+     }
+     return(p);
+ }

libtirpc-1.1.4-fix-EOF-non-block.patch

@@ -0,0 +1,68 @@
+diff -up libtirpc-1.1.4/src/svc_vc.c.orig libtirpc-1.1.4/src/svc_vc.c
+--- libtirpc-1.1.4/src/svc_vc.c.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/src/svc_vc.c	2019-07-24 11:51:32.191485387 -0400
+@@ -502,9 +502,14 @@ read_vc(xprtp, buf, len)
+ 	cfp = (struct cf_conn *)xprt->xp_p1;
+ 
+ 	if (cfp->nonblock) {
++		/* Since len == 0 is returned on zero length
++		 * read or EOF errno needs to be reset before
++		 * the read
++		 */
++		errno = 0;
+ 		len = read(sock, buf, (size_t)len);
+ 		if (len < 0) {
+-			if (errno == EAGAIN)
++			if (errno == EAGAIN || errno == EWOULDBLOCK)
+ 				len = 0;
+ 			else
+ 				goto fatal_err;
+diff -up libtirpc-1.1.4/src/xdr_rec.c.orig libtirpc-1.1.4/src/xdr_rec.c
+--- libtirpc-1.1.4/src/xdr_rec.c.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/src/xdr_rec.c	2019-07-24 11:51:32.191485387 -0400
+@@ -61,6 +61,7 @@
+ #include <rpc/svc.h>
+ #include <rpc/clnt.h>
+ #include <stddef.h>
++#include <errno.h>
+ #include "rpc_com.h"
+ static bool_t	xdrrec_getlong(XDR *, long *);
+ static bool_t	xdrrec_putlong(XDR *, const long *);
+@@ -537,7 +538,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
+ 		n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp,
+ 		    (int)sizeof (rstrm->in_header) - rstrm->in_hdrlen);
+ 		if (n == 0) {
+-			*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
++			/* EAGAIN or EWOULDBLOCK means a zero length
++			 * read not an EOF.
++			 */
++			if (errno == EAGAIN || errno == EWOULDBLOCK)
++				*statp = XPRT_IDLE;
++			else
++				*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
+ 			return FALSE;
+ 		}
+ 		if (n < 0) {
+@@ -564,6 +571,7 @@ __xdrrec_getrec(xdrs, statp, expectdata)
+ 			rstrm->in_header &= ~LAST_FRAG;
+ 			rstrm->last_frag = TRUE;
+ 		}
++		rstrm->in_haveheader = 1;
+ 	}
+ 
+ 	n =  rstrm->readit(rstrm->tcp_handle,
+@@ -576,7 +584,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
+ 	}
+ 
+ 	if (n == 0) {
+-		*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
++		/* EAGAIN or EWOULDBLOCK means a zero length
++		 * read not an EOF.
++		 */
++		if (errno == EAGAIN || errno == EWOULDBLOCK)
++			*statp = XPRT_IDLE;
++		else
++			*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
+ 		return FALSE;
+ 	}
+ 

libtirpc-1.1.4-ip_local_reserved_ports.patch

@@ -0,0 +1,185 @@
+From 20148930201b732c5dd1003933dd70543d3e929d Mon Sep 17 00:00:00 2001
+From: Otto Hollmann <otto.hollmann@suse.com>
+Date: Sat, 7 Oct 2023 03:48:22 -0400
+Subject: [PATCH] binddynport.c honor ip_local_reserved_ports
+
+Read reserved ports from /proc/sys/net/ipv4/ip_local_reserved_ports,
+store them into bit-wise array and before binding to random port check
+if port is not reserved.
+
+Currently, there is no way how to reserve ports so then will not be
+used by rpcbind.
+
+Random ports are opened by rpcbind because of rmtcalls. There is
+compile-time flag for disabling them, but in some cases we can not
+simply disable them.
+
+One solution would be run time option --enable-rmtcalls as already
+discussed, but it was rejected. So if we want to keep rmtcalls enabled
+and also be able to reserve some ports, there is no other way than
+filtering available ports. The easiest and clearest way seems to be
+just respect kernel list of ip_reserved_ports.
+
+Unfortunately there is one known disadvantage/side effect - it affects
+probability of ports which are right after reserved ones. The bigger
+reserved block is, the higher is probability of selecting following
+unreserved port. But if there is no reserved port, impact of this patch
+is minimal/none.
+
+Signed-off-by: Otto Hollmann <otto.hollmann@suse.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/binddynport.c | 108 ++++++++++++++++++++++++++++++++++++++++++----
+ 1 file changed, 100 insertions(+), 8 deletions(-)
+
+diff --git a/src/binddynport.c b/src/binddynport.c
+index 062629a..c2e9a20 100644
+--- a/src/binddynport.c
++++ b/src/binddynport.c
+@@ -37,6 +37,7 @@
+ #include <unistd.h>
+ #include <errno.h>
+ #include <string.h>
++#include <syslog.h>
+ 
+ #include <rpc/rpc.h>
+ 
+@@ -56,6 +57,84 @@ enum {
+ 	NPORTS		= ENDPORT - LOWPORT + 1,
+ };
+ 
++/*
++ * This function decodes information about given port from provided array and
++ * return if port is reserved or not.
++ *
++ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
++ * @port port number within range LOWPORT and ENDPORT
++ *
++ * Returns 0 if port is not reserved, non-negative if port is reserved.
++ */
++static int is_reserved(char *reserved_ports, int port) {
++	port -= LOWPORT;
++	if (port < 0 || port >= NPORTS)
++		return 0;
++	return reserved_ports[port/(8*sizeof(char))] & 1<<(port%(8*sizeof(char)));
++}
++
++/*
++ * This function encodes information about given *reserved* port into provided
++ * array. Don't call this function for ports which are not reserved.
++ *
++ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
++ * @port port number within range LOWPORT and ENDPORT
++ *
++ */
++static void set_reserved(char *reserved_ports, int port) {
++	port -= LOWPORT;
++	if (port < 0 || port >= NPORTS)
++		return;
++	reserved_ports[port/(8*sizeof(char))] |= 1<<(port%(8*sizeof(char)));
++}
++
++/*
++ * Parse local reserved ports obtained from
++ * /proc/sys/net/ipv4/ip_local_reserved_ports into bit array.
++ *
++ * @reserved_ports a zeroed array of size at least
++ * "NPORTS / (8*sizeof(char)) + 1". Will be used for bit-wise encoding of
++ * reserved ports.
++ *
++ * On each call, reserved ports are read from /proc and bit-wise stored into
++ * provided array
++ *
++ * Returns 0 on success, -1 on failure.
++ */
++
++static int parse_reserved_ports(char *reserved_ports) {
++	int from=0, to;
++	char delimiter = ',';
++	int res;
++	FILE * file_ptr = fopen("/proc/sys/net/ipv4/ip_local_reserved_ports","r");
++	if (file_ptr == NULL) {
++		(void) syslog(LOG_ERR,
++			"Unable to open open /proc/sys/net/ipv4/ip_local_reserved_ports.");
++		return -1;
++	}
++	do {
++		if ((res = fscanf(file_ptr, "%d", &to)) != 1) {
++			if (res == EOF) break;
++			goto err;
++		}
++		if (delimiter != '-') {
++			from = to;
++		}
++		for (int i = from; i <= to; ++i) {
++			set_reserved(reserved_ports, i);
++		}
++	} while ((res = fscanf(file_ptr, "%c", &delimiter)) == 1);
++	if (res != EOF)
++		goto err;
++	fclose(file_ptr);
++	return 0;
++err:
++	(void) syslog(LOG_ERR,
++		"An error occurred while parsing ip_local_reserved_ports.");
++	fclose(file_ptr);
++	return -1;
++}
++
+ /*
+  * Bind a socket to a dynamically-assigned IP port.
+  *
+@@ -81,7 +160,8 @@ int __binddynport(int fd)
+ 	in_port_t port, *portp;
+ 	struct sockaddr *sap;
+ 	socklen_t salen;
+-	int i, res;
++	int i, res, array_size;
++	char *reserved_ports = NULL;
+ 
+ 	if (__rpc_sockisbound(fd))
+ 		return 0;
+@@ -119,21 +199,33 @@ int __binddynport(int fd)
+ 		gettimeofday(&tv, NULL);
+ 		seed = tv.tv_usec * getpid();
+ 	}
++	array_size = NPORTS / (8*sizeof(char)) + 1;
++	reserved_ports = malloc(array_size);
++	if (!reserved_ports) {
++		goto out;
++	}
++	memset(reserved_ports, 0, array_size);
++	if (parse_reserved_ports(reserved_ports) < 0)
++		goto out;
++
+ 	port = (rand_r(&seed) % NPORTS) + LOWPORT;
+ 	for (i = 0; i < NPORTS; ++i) {
+-		*portp = htons(port++);
+-		res = bind(fd, sap, salen);
+-		if (res >= 0) {
+-			res = 0;
+-			break;
++		*portp = htons(port);
++		if (!is_reserved(reserved_ports, port++)) {
++			res = bind(fd, sap, salen);
++			if (res >= 0) {
++				res = 0;
++				break;
++			}
++			if (errno != EADDRINUSE)
++				break;
+ 		}
+-		if (errno != EADDRINUSE)
+-			break;
+ 		if (port > ENDPORT)
+ 			port = LOWPORT;
+ 	}
+ 
+ out:
++	free(reserved_ports);
+ 	mutex_unlock(&port_lock);
+ 	return res;
+ }
+-- 
+2.40.1
+

libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch

@@ -0,0 +1,23 @@
+commit 6951a9c3139c9c7dbb0bdae70737996011fc7a37
+Author: Herb Wartens <wartens2@llnl.gov>
+Date:   Mon Mar 18 11:07:15 2024 -0400
+
+    rpcb_clnt.c: memory leak in destroy_addr
+    
+    Piece was dropped from original fix.
+    
+    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2225226
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
+index 68fe69a..d909efc 100644
+--- a/src/rpcb_clnt.c
++++ b/src/rpcb_clnt.c
+@@ -121,6 +121,7 @@ destroy_addr(addr)
+ 			free(addr->ac_taddr->buf);
+ 			addr->ac_taddr->buf = NULL;
+ 		}
++		free(addr->ac_taddr);
+ 		addr->ac_taddr = NULL;
+ 	}
+ 	free(addr);

libtirpc-1.1.4-null-ptrs-not-reused.patch

@@ -0,0 +1,48 @@
+commit 89c63bdfd79b1c94384daaaa03a9e3582540f843
+Author: Herb Wartens <wartens2@llnl.gov>
+Date:   Tue Aug 1 10:21:42 2023 -0400
+
+    rpcb_clnt.c: memory leak in destroy_addr
+    
+    Null pointers so they are not used again
+    
+    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2225226
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
+index d178d86..c0a9e12 100644
+--- a/src/rpcb_clnt.c
++++ b/src/rpcb_clnt.c
+@@ -104,17 +104,27 @@ destroy_addr(addr)
+ {
+ 	if (addr == NULL)
+ 		return;
+-	if(addr->ac_host != NULL)
++	if (addr->ac_host != NULL) {
+ 		free(addr->ac_host);
+-	if(addr->ac_netid != NULL)
++		addr->ac_host = NULL;
++	}
++	if (addr->ac_netid != NULL) {
+ 		free(addr->ac_netid);
+-	if(addr->ac_uaddr != NULL)
++		addr->ac_netid = NULL;
++	}
++	if (addr->ac_uaddr != NULL) {
+ 		free(addr->ac_uaddr);
+-	if(addr->ac_taddr != NULL) {
+-		if(addr->ac_taddr->buf != NULL)
++		addr->ac_uaddr = NULL;
++	}
++	if (addr->ac_taddr != NULL) {
++		if(addr->ac_taddr->buf != NULL) {
+ 			free(addr->ac_taddr->buf);
++			addr->ac_taddr->buf = NULL;
++		}
++		addr->ac_taddr = NULL;
+ 	}
+ 	free(addr);
++	addr = NULL;
+ }
+ 
+ /*

libtirpc-1.1.4-v2proto-mech.patch

@@ -0,0 +1,88 @@
+diff -up libtirpc-1.1.4/man/rpcbind.3t.orig libtirpc-1.1.4/man/rpcbind.3t
+--- libtirpc-1.1.4/man/rpcbind.3t.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/man/rpcbind.3t	2022-08-02 11:21:30.134642780 -0400
+@@ -187,6 +187,8 @@ in
+ .El
+ .Sh AVAILABILITY
+ These functions are part of libtirpc.
++.Sh ENVIRONMENT
++If RPCB_V2FIRST is defined, rpcbind protocol version tryout algorithm changes from v4,v2,v3 to v2,v4,v3.
+ .Sh SEE ALSO
+ .Xr rpc_clnt_calls 3 ,
+ .Xr rpc_svc_calls 3 ,
+diff -up libtirpc-1.1.4/src/rpcb_clnt.c.orig libtirpc-1.1.4/src/rpcb_clnt.c
+--- libtirpc-1.1.4/src/rpcb_clnt.c.orig	2022-08-02 11:20:42.795833195 -0400
++++ libtirpc-1.1.4/src/rpcb_clnt.c	2022-08-02 11:21:30.135642797 -0400
+@@ -818,7 +818,8 @@ error:
+  * The algorithm used: If the transports is TCP or UDP, it first tries
+  * version 4 (srv4), then 3 and then fall back to version 2 (portmap).
+  * With this algorithm, we get performance as well as a plan for
+- * obsoleting version 2.
++ * obsoleting version 2. This behaviour is reverted to old algorithm
++ * if RPCB_V2FIRST environment var is defined
+  *
+  * For all other transports, the algorithm remains as 4 and then 3.
+  *
+@@ -839,6 +840,10 @@ __rpcb_findaddr_timed(program, version,
+ #ifdef NOTUSED
+ 	static bool_t check_rpcbind = TRUE;
+ #endif
++
++#ifdef PORTMAP
++	static bool_t portmap_first = FALSE;
++#endif
+ 	CLIENT *client = NULL;
+ 	RPCB parms;
+ 	enum clnt_stat clnt_st;
+@@ -895,8 +900,18 @@ __rpcb_findaddr_timed(program, version,
+ 		parms.r_addr = (char *) &nullstring[0];
+ 	}
+ 
+-	/* First try from start_vers(4) and then version 3 (RPCBVERS) */
++	/* First try from start_vers(4) and then version 3 (RPCBVERS), except
++	 * if env. var RPCB_V2FIRST is defined */
++
++#ifdef PORTMAP
++	if (getenv(V2FIRST)) {
++		portmap_first = TRUE;
++		LIBTIRPC_DEBUG(3, ("__rpcb_findaddr_timed: trying v2-port first\n"));
++		goto portmap;
++	}
++#endif
+ 
++rpcbind:
+ 	CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, (char *) &rpcbrmttime);
+ 	for (vers = start_vers;  vers >= RPCBVERS; vers--) {
+ 		/* Set the version */
+@@ -944,10 +959,17 @@ __rpcb_findaddr_timed(program, version,
+ 	}
+ 
+ #ifdef PORTMAP 	/* Try version 2 for TCP or UDP */
++	if (portmap_first)
++		goto error; /* we tried all versions if reached here */
++portmap:
+ 	if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
+ 		address = __try_protocol_version_2(program, version, nconf, host, tp);
+-		if (address == NULL)
+-			goto error;
++		if (address == NULL) {
++			if (portmap_first)
++				goto rpcbind;
++			else
++				goto error;
++		}
+ 	}
+ #endif		/* PORTMAP */
+ 
+diff -up libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig libtirpc-1.1.4/tirpc/rpc/pmap_prot.h
+--- libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig	2018-08-27 10:06:49.000000000 -0400
++++ libtirpc-1.1.4/tirpc/rpc/pmap_prot.h	2022-08-02 11:21:30.135642797 -0400
+@@ -84,6 +84,8 @@
+ #define PMAPPROC_DUMP		((u_long)4)
+ #define PMAPPROC_CALLIT		((u_long)5)
+ 
++#define V2FIRST		"RPCB_V2FIRST"
++
+ struct pmap {
+ 	long unsigned pm_prog;
+ 	long unsigned pm_vers;

libtirpc-1.3.4-rc2.patch

@@ -1,159 +0,0 @@
-diff --git a/src/bindresvport.c b/src/bindresvport.c
-index 5c0ddcf..efeb1cc 100644
---- a/src/bindresvport.c
-+++ b/src/bindresvport.c
-@@ -130,6 +130,7 @@ load_blacklist (void)
- 	  if (list == NULL)
- 	    {
- 	      free (buf);
-+	      fclose (fp);
- 	      return;
- 	    }
- 	}
-diff --git a/src/clnt_raw.c b/src/clnt_raw.c
-index 31f9d0c..03f839d 100644
---- a/src/clnt_raw.c
-+++ b/src/clnt_raw.c
-@@ -142,7 +142,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
- 	struct timeval timeout;
- {
- 	struct clntraw_private *clp = clntraw_private;
--	XDR *xdrs = &clp->xdr_stream;
-+	XDR *xdrs;
- 	struct rpc_msg msg;
- 	enum clnt_stat status;
- 	struct rpc_err error;
-@@ -154,6 +154,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
- 		mutex_unlock(&clntraw_lock);
- 		return (RPC_FAILED);
- 	}
-+	xdrs = &clp->xdr_stream;
- 	mutex_unlock(&clntraw_lock);
- 
- call_again:
-@@ -245,7 +246,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
- 	void *res_ptr;
- {
- 	struct clntraw_private *clp = clntraw_private;
--	XDR *xdrs = &clp->xdr_stream;
-+	XDR *xdrs;
- 	bool_t rval;
- 
- 	mutex_lock(&clntraw_lock);
-@@ -254,6 +255,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
- 		mutex_unlock(&clntraw_lock);
- 		return (rval);
- 	}
-+	xdrs = &clp->xdr_stream;
- 	mutex_unlock(&clntraw_lock);
- 	xdrs->x_op = XDR_FREE;
- 	return ((*xdr_res)(xdrs, res_ptr));
-diff --git a/src/getnetconfig.c b/src/getnetconfig.c
-index cfd33c2..d547dce 100644
---- a/src/getnetconfig.c
-+++ b/src/getnetconfig.c
-@@ -436,11 +436,6 @@ getnetconfigent(netid)
- 	fprintf(stderr, "in /etc/netconfig.\n");
- 	fprintf(stderr, "Please change this to \"local\" manually ");
- 	fprintf(stderr, "or run mergemaster(8).\n");
--	fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
--	fprintf(stderr, "Continuing in 10 seconds\n\n");
--	fprintf(stderr, "This warning will be removed 20030301\n");
--	sleep(10);
--
-     }
- 
-     /*
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index 9a9de69..68fe69a 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -104,17 +104,27 @@ destroy_addr(addr)
- {
- 	if (addr == NULL)
- 		return;
--	if(addr->ac_host != NULL)
-+	if (addr->ac_host != NULL) {
- 		free(addr->ac_host);
--	if(addr->ac_netid != NULL)
-+		addr->ac_host = NULL;
-+	}
-+	if (addr->ac_netid != NULL) {
- 		free(addr->ac_netid);
--	if(addr->ac_uaddr != NULL)
-+		addr->ac_netid = NULL;
-+	}
-+	if (addr->ac_uaddr != NULL) {
- 		free(addr->ac_uaddr);
--	if(addr->ac_taddr != NULL) {
--		if(addr->ac_taddr->buf != NULL)
-+		addr->ac_uaddr = NULL;
-+	}
-+	if (addr->ac_taddr != NULL) {
-+		if(addr->ac_taddr->buf != NULL) {
- 			free(addr->ac_taddr->buf);
-+			addr->ac_taddr->buf = NULL;
-+		}
-+		addr->ac_taddr = NULL;
- 	}
- 	free(addr);
-+	addr = NULL;
- }
- 
- /*
-@@ -252,12 +262,15 @@ delete_cache(addr)
- 	for (cptr = front; cptr != NULL; cptr = cptr->ac_next) {
- 		if (!memcmp(cptr->ac_taddr->buf, addr->buf, addr->len)) {
- 			/* Unlink from cache. We'll destroy it after releasing the mutex. */
--			if (cptr->ac_uaddr)
-+			if (cptr->ac_uaddr) {
- 				free(cptr->ac_uaddr);
--			if (prevptr)
-+				cptr->ac_uaddr = NULL;
-+			}
-+			if (prevptr) {
- 				prevptr->ac_next = cptr->ac_next;
--			else
-+			} else {
- 				front = cptr->ac_next;
-+			}
- 			cachesize--;
- 			break;
- 		}
-@@ -496,11 +509,7 @@ getpmaphandle(nconf, hostname, tgtaddr)
- 	CLIENT *client = NULL;
- 	rpcvers_t pmapvers = 2;
- 
--	/*
--	 * Try UDP only - there are some portmappers out
--	 * there that use UDP only.
--	 */
--	if (nconf == NULL || strcmp(nconf->nc_proto, NC_TCP) == 0) {
-+	if (nconf == NULL) {
- 		struct netconfig *newnconf;
- 
- 		if ((newnconf = getnetconfigent("udp")) == NULL) {
-@@ -509,7 +518,8 @@ getpmaphandle(nconf, hostname, tgtaddr)
- 		}
- 		client = getclnthandle(hostname, newnconf, tgtaddr);
- 		freenetconfigent(newnconf);
--	} else if (strcmp(nconf->nc_proto, NC_UDP) == 0) {
-+	} else if (strcmp(nconf->nc_proto, NC_UDP) == 0 ||
-+	    strcmp(nconf->nc_proto, NC_TCP) == 0) {
- 		if (strcmp(nconf->nc_protofmly, NC_INET) != 0)
- 			return NULL;
- 		client = getclnthandle(hostname, nconf, tgtaddr);
-diff --git a/src/svc_auth.c b/src/svc_auth.c
-index ce8bbd8..789d6af 100644
---- a/src/svc_auth.c
-+++ b/src/svc_auth.c
-@@ -66,6 +66,9 @@ static struct authsvc *Auths = NULL;
- 
- extern SVCAUTH svc_auth_none;
- 
-+#ifdef AUTHDES_SUPPORT
-+extern enum auth_stat _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg);
-+#endif
- /*
-  * The call rpc message, msg has been obtained from the wire.  The msg contains
-  * the raw form of credentials and verifiers.  authenticate returns AUTH_OK

libtirpc.spec

@@ -1,17 +1,62 @@
 %define _root_libdir    /%{_lib}
 
 Name:			libtirpc
-Version:		1.3.5
+Version:		1.1.4
-Release:		1%{?dist}
+Release:		12%{?dist}
 Summary:		Transport Independent RPC Library
-License:		SISSL AND BSD-3-Clause
+Group:		  	System Environment/Libraries
+License:		SISSL and BSD
 URL:  			http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary
 Source0:		http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2
 
+#
+# RHEL 8.0
+#
+# bz 1602598
+Patch001: libtirpc-1.1.4-covscan.patch
+# bz 1631614
+Patch002: libtirpc-1.1.4-dup_ncp-bad-free.patch 
+
+#
+# RHEL 8.1
+#
+# bz 1641875
+Patch003: libtirpc-1.1.4-fix-EOF-non-block.patch
+
+#
+# RHEL 8.5
+#
+# bz 1854147
+Patch004: libtirpc-1.1.4-blacklist.patch
+# bz 1934866
+Patch005: libtirpc-1.1.4-disallow-auth_refresh.patch
+
+#
+# RHEL 8.6
+#
+# bz 1940341 
+Patch006: libtirpc-1.1.4-dos-fix.patch
+
+#
+# RHEL 8.7
+#
+# bz 2042196
+Patch007: libtirpc-1.1.4-dgcall-free.patch
+# bz 2107650
+Patch008: libtirpc-1.1.4-v2proto-mech.patch
+# bz 2112116
+Patch009: libtirpc-1.1.4-multithr-cleanup.patch
+
+#
+# RHEL 8.10
+#
+Patch010: libtirpc-1.1.4-null-ptrs-not-reused.patch
+Patch011: libtirpc-1.1.4-double-free.patch
+Patch012: libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
+Patch013: libtirpc-1.1.4-ip_local_reserved_ports.patch
+
 BuildRequires:		automake, autoconf, libtool, pkgconfig
 BuildRequires:		krb5-devel
-BuildRequires:		gcc
-BuildRequires: make
 
 %description
 This package contains SunLib's implementation of transport-independent
@@ -27,8 +72,9 @@ by almost 70 vendors on all major operating systems.  TS-RPC source code
 
 %package devel
 Summary:		Development files for the libtirpc library
+Group:			Development/Libraries
 Requires:		%{name}%{?_isa} = %{version}-%{release}
-Requires:		pkgconfig
+Requires:		pkgconfig man-db
 
 %description devel
 This package includes header files and libraries necessary for
@@ -60,14 +106,30 @@ rm -f %{buildroot}%{_root_libdir}/*.{a,la}
 # Creat the man diretory
 mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
 
+%post  -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%post devel
+# Register the new man section
+#if [ "$1" -eq 1 ]; then
+#	makewhatis -s 3t	
+#fi
+
+%postun devel 
+# Remove the existance of the man section
+#makewhatis -s 3t
+
 
 %files
+%defattr(-,root,root)
 %doc AUTHORS ChangeLog NEWS README
 %{_root_libdir}/libtirpc.so.*
 %config(noreplace)%{_sysconfdir}/netconfig
 %config(noreplace)%{_sysconfdir}/bindresvport.blacklist
 
 %files devel
+%defattr(0644,root,root,755)
 %{!?_licensedir:%global license %%doc}
 %license COPYING
 %dir %{_includedir}/tirpc
@@ -112,144 +174,49 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
 %{_mandir}/*/*
 
 %changelog
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.3.5-1
+* Fri Apr 26 2024 Steve Dickson <steved@redhat.com> 1.1.4-12
-- Bump release for October 2024 mass rebuild:
+- binddynport.c honor ip_local_reserved_ports (RHEL-27005)
-  Resolves: RHEL-64018
 
-* Sat Jul 27 2024 Steve Dickson <steved@redhat.com> - 1.3.5-0
+* Tue Mar 19 2024 Steve Dickson <steved@redhat.com> 1.1.4-11
-- Updated to the latest upstream release: libtirpc-1_3_5 (RHEL-50728)
+- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11293)
 
-* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.3.4-1.rc2.3
+* Tue Mar  5 2024 Steve Dickson <steved@redhat.com> 1.1.4-10
-- Bump release for June 2024 mass rebuild
+- rpcb_clnt.c: Eliminate double frees in delete_cache() (RHEL-11293)
 
-* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.4-1.rc2.2
+* Mon Mar  4 2024 Steve Dickson <steved@redhat.com> 1.1.4-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+- Null pointers so they are not used again (RHEL-11370)
 
-* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.4-1.rc2.1
+* Wed Aug  3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
+- Multithreaded cleanup (bz 2112116)
 
-* Fri Jan  5 2024 Steve Dickson <steved@redhat.com> - 1.3.4-1.rc2
+* Tue May 31 2022 Steve Dickson <steved@redhat.com> 1.1.4-7
-- Updated to the latest upstream RC release: libtirpc-1-3-5-rc2
+- clnt_dg_call: Fix use-after-free accessing the error number (bz 2042196)
 
-* Wed Jan  3 2024 Steve Dickson <steved@redhat.com> - 1.3.4-1.rc1
+* Thu Dec  2 2021 Steve Dickson <steved@redhat.com> 1.1.4-6
-- Updated to the latest upstream RC release: libtirpc-1-3-5-rc1
+- Fix DoS vulnerability in libtirpc (bz 1940341)
 
-* Mon Oct 16 2023 Pavel Reichl <preichl@redhat.com> - 1.3.4-1
+* Sat Apr 17 2021 Steve Dickson <steved@redhat.com> 1.1.4-5
-- Convert License tag to SPDX format
+- blacklist: Add a few more well known ports (bz 1854147)
+- Disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1934866)
 
-* Sat Oct  7 2023 Steve Dickson <steved@redhat.com> - 1.3.4-0
+* Wed Jul 24 2019 Steve Dickson <steved@redhat.com> 1.1.4-4
-- Updated to latest upstream release: libtirpc-1-3-4
+- Enable gating using reverse dependency testing of nfs-utils (bz 1681965)
+- Updated the URL (bz 1638671)
+- Fix EOF detection on non-blocking socket (bz 1641875)
 
-* Mon Aug  7 2023 Steve Dickson <steved@redhat.com> - 1.3.3-1.rc2
+* Sat Oct  6 2018 Steve Dickson <steved@redhat.com> 1.1.4-3
-- Updated to the latest upstream RC release: libtirpc-1-3-4-rc2
+- Fixed bad free in dup_ncp() (bz 1631614)
 
-* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.3-1.rc1.1
+* Fri Sep 14 2018 Steve Dickson <steved@redhat.com> 1.1.4-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+- Removed a false positive from the covscan (bz 1602598)
 
-* Fri Apr 21 2023 Steve Dickson <steved@redhat.com> - 1.3.3-1.rc1
+* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-1
-- Updated to the latest upstream RC release: libtirpc-1-3-4-rc1 (bz 1725329)
+- Fixed issues found by covscan (bz 1602598)
 
-* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.3-1
+* Fri Sep  7 2018 Steve Dickson <steved@redhat.com> 1.1.4-0
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Sun Aug  7 2022 Steve Dickson <steved@redhat.com> - 1.3.3-0
-- Updated to latest upstream release: libtirpc-1-3-3 (bz 2116171)
-
-* Mon Aug  1 2022 Steve Dickson <steved@redhat.com> - 1.3.2-1.rc5
-- Updated to the latest upstream RC release: libtirpc-1-3-3-rc5
-
-* Thu Jul 28 2022 Steve Dickson <steved@redhat.com> - 1.3.2-1.rc4
-- Updated to the latest upstream RC release: libtirpc-1-3-3-rc4
-
-* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.2-1.rc1.2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.2-1.rc1.1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Tue Sep 7 2021 Steve Dickson <steved@redhat.com> - 1.3.2-1.rc1
-- Updated to the latest upstream RC release: libtirpc-1-3-3-rc1
-
-* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.2-1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Tue May 18 2021 Steve Dickson <steved@redhat.com> - 1.3.2-0
-- Updated to latest upstream release: libtirpc-1-3-2 (bz 1959147)
-
-* Wed Apr  7 2021 Steve Dickson <steved@redhat.com> - 1.3.1.rc2
-- Updated to the latest upstream RC release: libtirpc-1-3-2-rc2
-
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Thu Dec 03 2020 Steve Dickson <steved@redhat.com> - 1.3.1
-- Updated to latest upstream release: libtirpc-1-3-1 (bz 1903615)
-
-* Tue Aug 04 2020 Steve Dickson <steved@redhat.com> 1.2.6-1.rc4
-- Updated to the latest upstream RC release: libtirpc-1-2-7-rc4
-
-* Tue Aug 04 2020 Tom Stellard <tstellar@redhat.com> - 1.2.6-2
-- Add BuildRequires: gcc
-- https://docs.fedoraproject.org/en-US/packaging-guidelines/C_and_C++/#_packaging
-
-* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.6-1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Tue Apr 14 2020 Steve Dickson <steved@redhat.com> 1.2.6-0
-- Updated to the latest upstream release: libtirpc-1-2-6 (bz 1822751)
-
-* Tue Feb 18 2020 Steve Dickson <steved@redhat.com> 1.2.5-1.rc2
-- Updated to the latest upstream RC release: libtirpc-1-2-6-rc2 (bz 1799601)
-
-* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.5-1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Fri Dec 20 2019 Steve Dickson <steved@redhat.com> 1.2.5-0
- Updated to latest upstream release: libtirpc-1-2-5 (bz 1785684)
-
-* Fri Nov 01 2019 Petr Pisar <ppisar@redhat.com> - 1.1.4-3.rc3
-- Remove a useless dependency on man-db from libtirpc-devel package
-  (bug #1496422)
-
-* Thu Sep 05 2019 Steve Dickson <steved@redhat.com> 1.1.4-2.rc3
-- Updated to latest upstream RC release: libtirpc-1-1-5-rc3
-
-* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Thu Nov  8 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc2
-- Updated to latest upstream RC release: libtirpc-1-1-5-rc2
-
-* Tue Nov  6 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc1
-- Remove ldconfig scriptlet (bz 1644103)
-
-* Thu Sep 13 2018 Steve Dickson <steved@redhat.com> 1.1.4-1.rc1
-- Removed a false positive from the covscan
-
-* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-0.rc1
-- Updated to latest upstream RC releasse (bz 1627832)
-
-* Mon Aug 27 2018 Steve Dickson <steved@redhat.com> 1.1.4
 - Updated to latest upstream release: libtirpc-1-1-4 (bz 1585558)
 
-* Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> - 1.0.3-4.rc2
-- Rebuild with fixed binutils
-
-* Sun Jul 29 2018 Steve Dickson <steved@redhat.com> 1.0.3-3.rc2
-- Update the libtirpc-1.0.4-rc2.patch to include big endian fixes (bz 1609208)
-
-* Fri Jul 20 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc2
-- Updated to latest upstream RC release: libtirpc-1-0-4-rc2
-
-* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.3-2.rc1.1
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Tue Jul 10 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc1
-- Updated the URL (bz 1599795)
-
 * Wed Apr 18 2018 Steve Dickson <steved@redhat.com> 1.0.3-1.rc1
 - Updated to latest upstream RC release: libtirpc-1-0-4-rc1
 

sources

@@ -1 +1 @@
-SHA512 (libtirpc-1.3.5.tar.bz2) = c80a953671c5692294efe7425e41c7f12bd4c430f473f9ea71883168cb4a69111f0018122bd0e7982e18f4576e45d4977ce0790743382faae006c446813d2a4f
+SHA512 (libtirpc-1.1.4.tar.bz2) = 392f391f9fc1bd68d81dc44e4058831a64b32790b5c8c37338b0ab416fad2ae4d16389e632596734dba09780347918cc65c6f134e0c1afd09e81ec250785ed23

tests/scripts/runtest.sh

@@ -1,2 +0,0 @@
-#!/usr/bin/bash
-rpm -qi libtirpc

tests/tests.yml

@@ -1,11 +0,0 @@
-- hosts: localhost
-  roles:
-  - role: standard-test-basic
-    tags:
-    - classic
-    tests:
-    - simple:
-        dir: scripts
-        run: ./runtest.sh
-    required_packages:
-    - libtirpc