.gitignore

@@ -1,2 +1 @@
-SOURCES/libtirpc-1.1.4.tar.bz2
+SOURCES/libtirpc-1.3.3.tar.bz2
-/libtirpc-1.1.4.tar.bz2

.libtirpc.metadata

@@ -0,0 +1 @@
+6e52c39148494e4836e2d5d4f28b11ddfa65394b SOURCES/libtirpc-1.3.3.tar.bz2

SOURCES/libtirpc-1.3.3-blacklist-close.patch

@@ -0,0 +1,51 @@
+commit a013336ecdc476d7357398d9cd24b114070bb767
+Author: Rosen Penev <rosenp@gmail.com>
+Date:   Tue Oct 25 12:34:56 2022 -0400
+
+    Add missing extern
+    
+    Fixes compilation warning.
+    
+    Signed-off-by: Rosen Penev <rosenp@gmail.com>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/svc_auth.c b/src/svc_auth.c
+index ce8bbd8..789d6af 100644
+--- a/src/svc_auth.c
++++ b/src/svc_auth.c
+@@ -66,6 +66,9 @@ static struct authsvc *Auths = NULL;
+ 
+ extern SVCAUTH svc_auth_none;
+ 
++#ifdef AUTHDES_SUPPORT
++extern enum auth_stat _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg);
++#endif
+ /*
+  * The call rpc message, msg has been obtained from the wire.  The msg contains
+  * the raw form of credentials and verifiers.  authenticate returns AUTH_OK
+
+commit 55526c52a449907e4d34b829b96141afab530b23
+Author: Zhi Li <yieli@redhat.com>
+Date:   Mon Oct 24 13:46:54 2022 -0400
+
+    bindresvport.c: fix a potential resource leakage
+    
+    Close the FILE *fp of load_blacklist() in another
+    return path to avoid potential resource leakage.
+    
+    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2135405
+    Signed-off-by: Zhi Li <yieli@redhat.com>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/bindresvport.c b/src/bindresvport.c
+index 5c0ddcf..efeb1cc 100644
+--- a/src/bindresvport.c
++++ b/src/bindresvport.c
+@@ -130,6 +130,7 @@ load_blacklist (void)
+ 	  if (list == NULL)
+ 	    {
+ 	      free (buf);
++	      fclose (fp);
+ 	      return;
+ 	    }
+ 	}

SOURCES/libtirpc-1.3.3-clnt-raw-ptr.patch

@@ -0,0 +1,51 @@
+commit 4a2d85c64110ee9e21a8c4f9dafd6b0ae621506d
+Author: Zhi Li <yieli@redhat.com>
+Date:   Fri Oct 28 14:19:04 2022 -0400
+
+    clnt_raw.c: fix a possible null pointer dereference
+    
+    Since clntraw_private could be dereferenced before
+    allocated, protect it by checking its value in advance.
+    
+    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2138317
+    Signed-off-by: Zhi Li <yieli@redhat.com>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/clnt_raw.c b/src/clnt_raw.c
+index 31f9d0c..03f839d 100644
+--- a/src/clnt_raw.c
++++ b/src/clnt_raw.c
+@@ -142,7 +142,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
+ 	struct timeval timeout;
+ {
+ 	struct clntraw_private *clp = clntraw_private;
+-	XDR *xdrs = &clp->xdr_stream;
++	XDR *xdrs;
+ 	struct rpc_msg msg;
+ 	enum clnt_stat status;
+ 	struct rpc_err error;
+@@ -154,6 +154,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
+ 		mutex_unlock(&clntraw_lock);
+ 		return (RPC_FAILED);
+ 	}
++	xdrs = &clp->xdr_stream;
+ 	mutex_unlock(&clntraw_lock);
+ 
+ call_again:
+@@ -245,7 +246,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
+ 	void *res_ptr;
+ {
+ 	struct clntraw_private *clp = clntraw_private;
+-	XDR *xdrs = &clp->xdr_stream;
++	XDR *xdrs;
+ 	bool_t rval;
+ 
+ 	mutex_lock(&clntraw_lock);
+@@ -254,6 +255,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
+ 		mutex_unlock(&clntraw_lock);
+ 		return (rval);
+ 	}
++	xdrs = &clp->xdr_stream;
+ 	mutex_unlock(&clntraw_lock);
+ 	xdrs->x_op = XDR_FREE;
+ 	return ((*xdr_res)(xdrs, res_ptr));

SOURCES/libtirpc-1.3.3-dos-sleep.patch

@@ -0,0 +1,31 @@
+commit f7f0abdf267698de3f74a0285405b1b01f40893b
+Author: Zhi Li <yieli@redhat.com>
+Date:   Wed Jan 11 11:19:31 2023 -0500
+
+    getnetconfigent: avoid potential DoS issue by removing unnecessary sleep
+    
+    By adapting CodeChecker for libtirpc related tests, it complains
+    an improper waiting time for function getnetconfigent with
+    a valid input value, either it should be treated as a wrong
+    input or just take it as a proper value without sleeping
+    
+    link: https://bugzilla.redhat.com/show_bug.cgi?id=2150611
+    Signed-off-by: Zhi Li <yieli@redhat.com>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/src/getnetconfig.c b/src/getnetconfig.c
+index cfd33c2..d547dce 100644
+--- a/src/getnetconfig.c
++++ b/src/getnetconfig.c
+@@ -436,11 +436,6 @@ getnetconfigent(netid)
+ 	fprintf(stderr, "in /etc/netconfig.\n");
+ 	fprintf(stderr, "Please change this to \"local\" manually ");
+ 	fprintf(stderr, "or run mergemaster(8).\n");
+-	fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
+-	fprintf(stderr, "Continuing in 10 seconds\n\n");
+-	fprintf(stderr, "This warning will be removed 20030301\n");
+-	sleep(10);
+-
+     }
+ 
+     /*

SPECS/libtirpc.spec

@@ -1,62 +1,33 @@
 %define _root_libdir    /%{_lib}
 
 Name:			libtirpc
-Version:		1.1.4
+Version:		1.3.3
-Release:		12%{?dist}
+Release:		4%{?dist}
 Summary:		Transport Independent RPC Library
-Group:		  	System Environment/Libraries
 License:		SISSL and BSD
 URL:  			http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary
 Source0:		http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2
 
-#
-# RHEL 8.0
-#
-# bz 1602598
-Patch001: libtirpc-1.1.4-covscan.patch
-# bz 1631614
-Patch002: libtirpc-1.1.4-dup_ncp-bad-free.patch 
-
-#
-# RHEL 8.1
-#
-# bz 1641875
-Patch003: libtirpc-1.1.4-fix-EOF-non-block.patch
-
-#
-# RHEL 8.5
-#
-# bz 1854147
-Patch004: libtirpc-1.1.4-blacklist.patch
-# bz 1934866
-Patch005: libtirpc-1.1.4-disallow-auth_refresh.patch
-
-#
-# RHEL 8.6
-#
-# bz 1940341 
-Patch006: libtirpc-1.1.4-dos-fix.patch
-
-#
-# RHEL 8.7
-#
-# bz 2042196
-Patch007: libtirpc-1.1.4-dgcall-free.patch
-# bz 2107650
-Patch008: libtirpc-1.1.4-v2proto-mech.patch
-# bz 2112116
-Patch009: libtirpc-1.1.4-multithr-cleanup.patch
-
-#
-# RHEL 8.10
-#
-Patch010: libtirpc-1.1.4-null-ptrs-not-reused.patch
-Patch011: libtirpc-1.1.4-double-free.patch
-Patch012: libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
-Patch013: libtirpc-1.1.4-ip_local_reserved_ports.patch
-
 BuildRequires:		automake, autoconf, libtool, pkgconfig
 BuildRequires:		krb5-devel
+BuildRequires:		gcc
+BuildRequires: make
+
+#
+# RHEL9.2
+#
+Patch001: libtirpc-1.3.3-blacklist-close.patch
+Patch002: libtirpc-1.3.3-clnt-raw-ptr.patch
+
+#
+# RHEL9.2
+#
+Patch003: libtirpc-1.3.3-dos-sleep.patch
+
+#
+# RHEL9.4
+#
+Patch004: libtirpc-1.3.3-null-ptrs-not-reused.patch
 
 %description
 This package contains SunLib's implementation of transport-independent
@@ -72,9 +43,8 @@ by almost 70 vendors on all major operating systems.  TS-RPC source code
 
 %package devel
 Summary:		Development files for the libtirpc library
-Group:			Development/Libraries
 Requires:		%{name}%{?_isa} = %{version}-%{release}
-Requires:		pkgconfig man-db
+Requires:		pkgconfig
 
 %description devel
 This package includes header files and libraries necessary for
@@ -106,30 +76,14 @@ rm -f %{buildroot}%{_root_libdir}/*.{a,la}
 # Creat the man diretory
 mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
 
-%post  -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
-%post devel
-# Register the new man section
-#if [ "$1" -eq 1 ]; then
-#	makewhatis -s 3t	
-#fi
-
-%postun devel 
-# Remove the existance of the man section
-#makewhatis -s 3t
-
 
 %files
-%defattr(-,root,root)
 %doc AUTHORS ChangeLog NEWS README
 %{_root_libdir}/libtirpc.so.*
 %config(noreplace)%{_sysconfdir}/netconfig
 %config(noreplace)%{_sysconfdir}/bindresvport.blacklist
 
 %files devel
-%defattr(0644,root,root,755)
 %{!?_licensedir:%global license %%doc}
 %license COPYING
 %dir %{_includedir}/tirpc
@@ -174,49 +128,103 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
 %{_mandir}/*/*
 
 %changelog
-* Fri Apr 26 2024 Steve Dickson <steved@redhat.com> 1.1.4-12
+* Mon Feb 19 2024 Pavel Reichl <preichl@redhat.com> - 1.3.3-4
-- binddynport.c honor ip_local_reserved_ports (RHEL-27005)
+- Add gating tests (rhel-7883)
 
-* Tue Mar 19 2024 Steve Dickson <steved@redhat.com> 1.1.4-11
+* Tue Jan  2 2024 Steve Dickson <steved@redhat.com> - 1.3.3-3
-- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11293)
+- Null pointers so they are not used again (RHEL-11371)
 
-* Tue Mar  5 2024 Steve Dickson <steved@redhat.com> 1.1.4-10
+* Thu May 18 2023 Steve Dickson <steved@redhat.com> - 1.3.3-2
-- rpcb_clnt.c: Eliminate double frees in delete_cache() (RHEL-11293)
+- getnetconfigent: avoid potential DoS (bz 2150611)
 
-* Mon Mar  4 2024 Steve Dickson <steved@redhat.com> 1.1.4-9
+* Thu Nov 03 2022 Steve Dickson <steved@redhat.com> - 1.3.3-1
-- Null pointers so they are not used again (RHEL-11370)
+- bindresvport.c: fix a potential resource leakage (bz 2135405)
+- clnt_raw.c: fix a possible null pointer dereference (bz 2138317)
 
-* Wed Aug  3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
+* Mon Aug 15 2022 Steve Dickson <steved@redhat.com> - 1.3.3
-- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
+- Rebased to libtirpc-1.3.3 (bz 2118157)
-- Multithreaded cleanup (bz 2112116)
 
-* Tue May 31 2022 Steve Dickson <steved@redhat.com> 1.1.4-7
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.2-1
-- clnt_dg_call: Fix use-after-free accessing the error number (bz 2042196)
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Thu Dec  2 2021 Steve Dickson <steved@redhat.com> 1.1.4-6
+* Tue Jun 15 2021 Steve Dickson <steved@redhat.com> - 1.3.2
-- Fix DoS vulnerability in libtirpc (bz 1940341)
+- Rebased to libtirpc-1.3.2 (bz 1959125)
 
-* Sat Apr 17 2021 Steve Dickson <steved@redhat.com> 1.1.4-5
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.1-2
-- blacklist: Add a few more well known ports (bz 1854147)
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-- Disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1934866)
 
-* Wed Jul 24 2019 Steve Dickson <steved@redhat.com> 1.1.4-4
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-1
-- Enable gating using reverse dependency testing of nfs-utils (bz 1681965)
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-- Updated the URL (bz 1638671)
-- Fix EOF detection on non-blocking socket (bz 1641875)
 
-* Sat Oct  6 2018 Steve Dickson <steved@redhat.com> 1.1.4-3
+* Thu Dec 03 2020 Steve Dickson <steved@redhat.com> - 1.3.1
-- Fixed bad free in dup_ncp() (bz 1631614)
+- Updated to latest upstream release: libtirpc-1-3-1 (bz 1903615)
 
-* Fri Sep 14 2018 Steve Dickson <steved@redhat.com> 1.1.4-2
+* Tue Aug 04 2020 Steve Dickson <steved@redhat.com> 1.2.6-1.rc4
-- Removed a false positive from the covscan (bz 1602598)
+- Updated to the latest upstream RC release: libtirpc-1-2-7-rc4
 
-* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-1
+* Tue Aug 04 2020 Tom Stellard <tstellar@redhat.com> - 1.2.6-2
-- Fixed issues found by covscan (bz 1602598)
+- Add BuildRequires: gcc
+- https://docs.fedoraproject.org/en-US/packaging-guidelines/C_and_C++/#_packaging
 
-* Fri Sep  7 2018 Steve Dickson <steved@redhat.com> 1.1.4-0
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.6-1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Apr 14 2020 Steve Dickson <steved@redhat.com> 1.2.6-0
+- Updated to the latest upstream release: libtirpc-1-2-6 (bz 1822751)
+
+* Tue Feb 18 2020 Steve Dickson <steved@redhat.com> 1.2.5-1.rc2
+- Updated to the latest upstream RC release: libtirpc-1-2-6-rc2 (bz 1799601)
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.5-1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Dec 20 2019 Steve Dickson <steved@redhat.com> 1.2.5-0
+ Updated to latest upstream release: libtirpc-1-2-5 (bz 1785684)
+
+* Fri Nov 01 2019 Petr Pisar <ppisar@redhat.com> - 1.1.4-3.rc3
+- Remove a useless dependency on man-db from libtirpc-devel package
+  (bug #1496422)
+
+* Thu Sep 05 2019 Steve Dickson <steved@redhat.com> 1.1.4-2.rc3
+- Updated to latest upstream RC release: libtirpc-1-1-5-rc3
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Nov  8 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc2
+- Updated to latest upstream RC release: libtirpc-1-1-5-rc2
+
+* Tue Nov  6 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc1
+- Remove ldconfig scriptlet (bz 1644103)
+
+* Thu Sep 13 2018 Steve Dickson <steved@redhat.com> 1.1.4-1.rc1
+- Removed a false positive from the covscan
+
+* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-0.rc1
+- Updated to latest upstream RC releasse (bz 1627832)
+
+* Mon Aug 27 2018 Steve Dickson <steved@redhat.com> 1.1.4
 - Updated to latest upstream release: libtirpc-1-1-4 (bz 1585558)
 
+* Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> - 1.0.3-4.rc2
+- Rebuild with fixed binutils
+
+* Sun Jul 29 2018 Steve Dickson <steved@redhat.com> 1.0.3-3.rc2
+- Update the libtirpc-1.0.4-rc2.patch to include big endian fixes (bz 1609208)
+
+* Fri Jul 20 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc2
+- Updated to latest upstream RC release: libtirpc-1-0-4-rc2
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.3-2.rc1.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jul 10 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc1
+- Updated the URL (bz 1599795)
+
 * Wed Apr 18 2018 Steve Dickson <steved@redhat.com> 1.0.3-1.rc1
 - Updated to latest upstream RC release: libtirpc-1-0-4-rc1
 

gating.yaml

@@ -1,6 +0,0 @@
---- !Policy
-product_versions:
-  - rhel-8
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.revdeps.integration}

libtirpc-1.1.4-blacklist.patch

@@ -1,15 +0,0 @@
-diff -up libtirpc-1.1.4/doc/bindresvport.blacklist.save libtirpc-1.1.4/doc/bindresvport.blacklist
---- libtirpc-1.1.4/doc/bindresvport.blacklist.save	2021-04-17 13:04:20.092274589 -0400
-+++ libtirpc-1.1.4/doc/bindresvport.blacklist	2021-04-17 13:04:45.609945925 -0400
-@@ -8,6 +8,11 @@
- 631     # cups
- 636     # ldaps
- 664     # Secure ASF, used by IPMI on some cards
-+749     # Kerberos V kadmin
-+774     # rpasswd
-+873     # rsyncd
- 921     # lwresd
-+992     # SSL-enabled telnet
- 993     # imaps
-+994     # irc
- 995     # pops

libtirpc-1.1.4-covscan.patch

@@ -1,151 +0,0 @@
-diff --git a/src/auth_gss.c b/src/auth_gss.c
-index 5959893..7d08262 100644
---- a/src/auth_gss.c
-+++ b/src/auth_gss.c
-@@ -207,6 +207,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec)
- 			rpc_createerr.cf_stat = RPC_SYSTEMERROR;
- 			rpc_createerr.cf_error.re_errno = ENOMEM;
- 			free(auth);
-+			free(gd);
- 			return (NULL);
- 		}
- 	}
-@@ -592,7 +593,7 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret)
- 			if (rpc_gss_oid_to_mech(actual_mech_type, &mechanism)) {
- 				strncpy(options_ret->actual_mechanism,
- 					mechanism,
--					sizeof(options_ret->actual_mechanism));
-+					(sizeof(options_ret->actual_mechanism)-1));
- 			}
- 
- 			gd->established = TRUE;
-diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c
-index 98cf061..2ad6c89 100644
---- a/src/clnt_bcast.c
-+++ b/src/clnt_bcast.c
-@@ -330,6 +330,7 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
- 	if (nettype == NULL)
- 		nettype = "datagram_n";
- 	if ((handle = __rpc_setconf(nettype)) == NULL) {
-+		AUTH_DESTROY(sys_auth);
- 		return (RPC_UNKNOWNPROTO);
- 	}
- 	while ((nconf = __rpc_getconf(handle)) != NULL) {
-diff --git a/src/getnetconfig.c b/src/getnetconfig.c
-index 92e7c43..d67d97d 100644
---- a/src/getnetconfig.c
-+++ b/src/getnetconfig.c
-@@ -709,6 +709,8 @@ struct netconfig	*ncp;
-     p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
-     if (p->nc_lookups == NULL) {
- 	free(p->nc_netid);
-+	free(p);
-+	free(tmp);
- 	return(NULL);
-     }
-     for (i=0; i < p->nc_nlookups; i++) {
-diff --git a/src/getnetpath.c b/src/getnetpath.c
-index 7c19932..ea1a18c 100644
---- a/src/getnetpath.c
-+++ b/src/getnetpath.c
-@@ -88,6 +88,7 @@ setnetpath()
-     }
-     if ((np_sessionp->nc_handlep = setnetconfig()) == NULL) {
- 	syslog (LOG_ERR, "rpc: failed to open " NETCONFIG);
-+	free(np_sessionp);
- 	return (NULL);
-     }
-     np_sessionp->valid = NP_VALID;
-diff --git a/src/rpc_generic.c b/src/rpc_generic.c
-index 589cbd5..51f36ac 100644
---- a/src/rpc_generic.c
-+++ b/src/rpc_generic.c
-@@ -319,6 +319,7 @@ __rpc_setconf(nettype)
- 		handle->nflag = FALSE;
- 		break;
- 	default:
-+		free(handle);
- 		return (NULL);
- 	}
- 
-diff --git a/src/rpc_soc.c b/src/rpc_soc.c
-index 5a6eeb7..a85cb17 100644
---- a/src/rpc_soc.c
-+++ b/src/rpc_soc.c
-@@ -663,15 +663,17 @@ svcunix_create(sock, sendsize, recvsize, path)
- 		    strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0)
- 			break;
- 	}
--	if (nconf == NULL)
-+	if (nconf == NULL) {
-+		endnetconfig(localhandle);
- 		return(xprt);
-+	}
- 
- 	if ((sock = __rpc_nconf2fd(nconf)) < 0)
- 		goto done;
- 
- 	memset(&sun, 0, sizeof sun);
- 	sun.sun_family = AF_LOCAL;
--	strncpy(sun.sun_path, path, sizeof(sun.sun_path));
-+	strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1));
- 	addrlen = sizeof(struct sockaddr_un);
- 	sa = (struct sockaddr *)&sun;
- 
-@@ -692,6 +694,8 @@ svcunix_create(sock, sendsize, recvsize, path)
- 	}
- 
- 	xprt = (SVCXPRT *)svc_tli_create(sock, nconf, &taddr, sendsize, recvsize);
-+	if (xprt == NULL)
-+		close(sock);
- 
- done:
- 	endnetconfig(localhandle);
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index e45736a..0c34cb7 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -547,6 +547,7 @@ try_nconf:
- 		if (tmpnconf == NULL) {
-  			rpc_createerr.cf_stat = RPC_UNKNOWNPROTO;
- 			mutex_unlock(&loopnconf_lock);
-+			endnetconfig(nc_handle);
- 			return (NULL);
- 		}
- 		loopnconf = getnetconfigent(tmpnconf->nc_netid);
-diff --git a/src/rtime.c b/src/rtime.c
-index b642840..29fbf0a 100644
---- a/src/rtime.c
-+++ b/src/rtime.c
-@@ -90,6 +90,7 @@ rtime(addrp, timep, timeout)
- 
- 	/* TCP and UDP port are the same in this case */
- 	if ((serv = getservbyname("time", "tcp")) == NULL) {
-+		do_close(s);
- 		return(-1);
- 	}
- 
-diff --git a/src/svc_generic.c b/src/svc_generic.c
-index 52a56c2..20abaa2 100644
---- a/src/svc_generic.c
-+++ b/src/svc_generic.c
-@@ -113,6 +113,7 @@ svc_create(dispatch, prognum, versnum, nettype)
- 				if (l == NULL) {
- 					warnx("svc_create: no memory");
- 					mutex_unlock(&xprtlist_lock);
-+					__rpc_endconf(handle);
- 					return (0);
- 				}
- 				l->xprt = xprt;
-diff --git a/src/svc_simple.c b/src/svc_simple.c
-index cb58002..c32fe0a 100644
---- a/src/svc_simple.c
-+++ b/src/svc_simple.c
-@@ -157,6 +157,7 @@ rpc_reg(prognum, versnum, procnum, progname, inproc, outproc, nettype)
- 				((netid = strdup(nconf->nc_netid)) == NULL)) {
- 				warnx(rpc_reg_err, rpc_reg_msg, __no_mem_str);
- 				SVC_DESTROY(svcxprt);
-+				free(xdrbuf);
- 				break;
- 			}
- 			madenow = TRUE;

libtirpc-1.1.4-dgcall-free.patch

@@ -1,14 +0,0 @@
-diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
---- libtirpc-1.1.4/src/clnt_dg.c.orig	2022-05-31 08:14:09.408762537 -0400
-+++ libtirpc-1.1.4/src/clnt_dg.c	2022-05-31 08:17:28.950764885 -0400
-@@ -478,9 +478,9 @@ get_reply:
- 		 cmsg = CMSG_NXTHDR (&msg, cmsg))
- 	      if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR)
- 		{
--		  mem_free(cbuf, (outlen + 256));
- 		  e = (struct sock_extended_err *) CMSG_DATA(cmsg);
- 		  cu->cu_error.re_errno = e->ee_errno;
-+		  mem_free(cbuf, (outlen + 256));
- 		  release_fd_lock(cu->cu_fd, mask);
- 		  return (cu->cu_error.re_status = RPC_CANTRECV);
- 		}

libtirpc-1.1.4-disallow-auth_refresh.patch

@@ -1,76 +0,0 @@
-diff -up libtirpc-1.1.4/src/auth_gss.c.orig libtirpc-1.1.4/src/auth_gss.c
---- libtirpc-1.1.4/src/auth_gss.c.orig	2021-04-17 13:11:03.229880600 -0400
-+++ libtirpc-1.1.4/src/auth_gss.c	2021-04-17 13:15:10.722391798 -0400
-@@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int
- 	rpc_gss_clear_error();
- 	return result;
- }
-+
-+bool_t
-+is_authgss_client(CLIENT *clnt)
-+{
-+	return (clnt->cl_auth->ah_ops == &authgss_ops);
-+}
-diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
---- libtirpc-1.1.4/src/clnt_dg.c.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/src/clnt_dg.c	2021-04-17 13:15:10.722391798 -0400
-@@ -60,6 +60,9 @@
- #include <sys/uio.h>
- #endif
- 
-+#ifdef HAVE_RPCSEC_GSS
-+#include <rpc/auth_gss.h>
-+#endif
- 
- #define MAX_DEFAULT_FDS                 20000
- 
-@@ -356,6 +359,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xre
- 		salen = cu->cu_rlen;
- 	}
- 
-+#ifdef HAVE_RPCSEC_GSS
-+	if (is_authgss_client(cl))
-+		nrefreshes = 0;
-+#endif
-+
- 	/* Clean up in case the last call ended in a longjmp(3) call. */
- call_again:
- 	xdrs = &(cu->cu_outxdrs);
-diff -up libtirpc-1.1.4/src/clnt_vc.c.orig libtirpc-1.1.4/src/clnt_vc.c
---- libtirpc-1.1.4/src/clnt_vc.c.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/src/clnt_vc.c	2021-04-17 13:15:10.723391824 -0400
-@@ -68,6 +68,10 @@
- #include <rpc/rpc.h>
- #include "rpc_com.h"
- 
-+#ifdef HAVE_RPCSEC_GSS
-+#include <rpc/auth_gss.h>
-+#endif
-+
- #define MCALL_MSG_SIZE 24
- 
- #define CMGROUP_MAX    16
-@@ -380,6 +384,11 @@ clnt_vc_call(cl, proc, xdr_args, args_pt
- 	    (xdr_results == NULL && timeout.tv_sec == 0
- 	    && timeout.tv_usec == 0) ? FALSE : TRUE;
- 
-+#ifdef HAVE_RPCSEC_GSS
-+	if (is_authgss_client(cl))
-+		refreshes = 0;
-+#endif
-+
- call_again:
- 	xdrs->x_op = XDR_ENCODE;
- 	ct->ct_error.re_status = RPC_SUCCESS;
-diff -up libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig libtirpc-1.1.4/tirpc/rpc/auth_gss.h
---- libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/tirpc/rpc/auth_gss.h	2021-04-17 13:15:10.723391824 -0400
-@@ -120,6 +120,8 @@ void	gss_log_debug		(const char *fmt, ..
- void	gss_log_status		(char *m, OM_uint32 major, OM_uint32 minor);
- void	gss_log_hexdump		(const u_char *buf, int len, int offset);
- 
-+bool_t	is_authgss_client	(CLIENT *);
-+
- #ifdef __cplusplus
- }
- #endif

libtirpc-1.1.4-dos-fix.patch

@@ -1,154 +0,0 @@
-diff --git a/src/rpc_com.h b/src/rpc_com.h
-index 10bec79..76badef 100644
---- a/src/rpc_com.h
-+++ b/src/rpc_com.h
-@@ -61,8 +61,7 @@ void __xprt_unregister_unlocked(SVCXPRT *);
- void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *);
- 
- 
--SVCXPRT **__svc_xports;
--int __svc_maxrec;
-+extern int __svc_maxrec;
- 
- #ifdef __cplusplus
- }
-diff --git a/src/svc.c b/src/svc.c
-index b59467b..3a8709f 100644
---- a/src/svc.c
-+++ b/src/svc.c
-@@ -57,6 +57,9 @@
- 
- #define max(a, b) (a > b ? a : b)
- 
-+SVCXPRT **__svc_xports;
-+int __svc_maxrec;
-+
- /*
-  * The services list
-  * Each entry represents a set of procedures (an rpc program).
-@@ -191,6 +194,21 @@ __xprt_do_unregister (xprt, dolock)
-     rwlock_unlock (&svc_fd_lock);
- }
- 
-+int
-+svc_open_fds()
-+{
-+	int ix;
-+	int nfds = 0;
-+
-+	rwlock_rdlock (&svc_fd_lock);
-+	for (ix = 0; ix < svc_max_pollfd; ++ix) {
-+		if (svc_pollfd[ix].fd != -1)
-+			nfds++;
-+	}
-+	rwlock_unlock (&svc_fd_lock);
-+	return (nfds);
-+}
-+
- /*
-  * Add a service program to the callout list.
-  * The dispatch routine will be called when a rpc request for this
-diff --git a/src/svc_vc.c b/src/svc_vc.c
-index c23cd36..1729963 100644
---- a/src/svc_vc.c
-+++ b/src/svc_vc.c
-@@ -64,6 +64,8 @@
- 
- 
- extern rwlock_t svc_fd_lock;
-+extern SVCXPRT **__svc_xports;
-+extern int svc_open_fds();
- 
- static SVCXPRT *makefd_xprt(int, u_int, u_int);
- static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *);
-@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *);
- static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in);
- static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq,
- 				   	     void *in);
-+static int __svc_destroy_idle(int timeout);
- 
- struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */
- 	u_int sendsize;
-@@ -312,13 +315,14 @@ done:
- 	return (xprt);
- }
- 
-+
- /*ARGSUSED*/
- static bool_t
- rendezvous_request(xprt, msg)
- 	SVCXPRT *xprt;
- 	struct rpc_msg *msg;
- {
--	int sock, flags;
-+	int sock, flags, nfds, cnt;
- 	struct cf_rendezvous *r;
- 	struct cf_conn *cd;
- 	struct sockaddr_storage addr;
-@@ -378,6 +382,16 @@ again:
- 
- 	gettimeofday(&cd->last_recv_time, NULL);
- 
-+	nfds = svc_open_fds();
-+	if (nfds >= (_rpc_dtablesize() / 5) * 4) {
-+		/* destroy idle connections */
-+		cnt = __svc_destroy_idle(15);
-+		if (cnt == 0) {
-+			/* destroy least active */
-+			__svc_destroy_idle(0);
-+		}
-+	}
-+
- 	return (FALSE); /* there is never an rpc msg to be processed */
- }
- 
-@@ -819,3 +833,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock)
- {
- 	return FALSE;
- }
-+
-+static int
-+__svc_destroy_idle(int timeout)
-+{
-+	int i, ncleaned = 0;
-+	SVCXPRT *xprt, *least_active;
-+	struct timeval tv, tdiff, tmax;
-+	struct cf_conn *cd;
-+
-+	gettimeofday(&tv, NULL);
-+	tmax.tv_sec = tmax.tv_usec = 0;
-+	least_active = NULL;
-+	rwlock_wrlock(&svc_fd_lock);
-+
-+	for (i = 0; i <= svc_max_pollfd; i++) {
-+		if (svc_pollfd[i].fd == -1)
-+			continue;
-+		xprt = __svc_xports[i];
-+		if (xprt == NULL || xprt->xp_ops == NULL ||
-+			xprt->xp_ops->xp_recv != svc_vc_recv)
-+			continue;
-+		cd = (struct cf_conn *)xprt->xp_p1;
-+		if (!cd->nonblock)
-+			continue;
-+		if (timeout == 0) {
-+			timersub(&tv, &cd->last_recv_time, &tdiff);
-+			if (timercmp(&tdiff, &tmax, >)) {
-+				tmax = tdiff;
-+				least_active = xprt;
-+			}
-+			continue;
-+		}
-+		if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) {
-+			__xprt_unregister_unlocked(xprt);
-+			__svc_vc_dodestroy(xprt);
-+			ncleaned++;
-+		}
-+	}
-+	if (timeout == 0 && least_active != NULL) {
-+		__xprt_unregister_unlocked(least_active);
-+		__svc_vc_dodestroy(least_active);
-+		ncleaned++;
-+	}
-+	rwlock_unlock(&svc_fd_lock);
-+	return (ncleaned);
-+}

libtirpc-1.1.4-double-free.patch

@@ -1,32 +0,0 @@
-commit 1d2e10afb2ffc35cb3623f57a15f712359f18e75
-Author: Herb Wartens <wartens2@llnl.gov>
-Date:   Tue Aug 1 10:36:16 2023 -0400
-
-    rpcb_clnt.c: Eliminate double frees in delete_cache()
-    
-    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2224666
-    Signed-off-by: Steve Dickson <steved@redhat.com>
-
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index c0a9e12..68fe69a 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -262,12 +262,15 @@ delete_cache(addr)
- 	for (cptr = front; cptr != NULL; cptr = cptr->ac_next) {
- 		if (!memcmp(cptr->ac_taddr->buf, addr->buf, addr->len)) {
- 			/* Unlink from cache. We'll destroy it after releasing the mutex. */
--			if (cptr->ac_uaddr)
-+			if (cptr->ac_uaddr) {
- 				free(cptr->ac_uaddr);
--			if (prevptr)
-+				cptr->ac_uaddr = NULL;
-+			}
-+			if (prevptr) {
- 				prevptr->ac_next = cptr->ac_next;
--			else
-+			} else {
- 				front = cptr->ac_next;
-+			}
- 			cachesize--;
- 			break;
- 		}

libtirpc-1.1.4-dup_ncp-bad-free.patch

@@ -1,51 +0,0 @@
-commit 959b2001458bca8f9228014371aad6ccbeb95a68
-Author: Zhi Li <yieli@redhat.com>
-Date:   Wed Sep 26 14:05:29 2018 -0400
-
-    getnetconfig.c: fix a BAD_FREE (CWE-763)
-    
-    Signed-off-by: Steve Dickson <steved@redhat.com>
-
-diff --git a/src/getnetconfig.c b/src/getnetconfig.c
-index d67d97d..cfd33c2 100644
---- a/src/getnetconfig.c
-+++ b/src/getnetconfig.c
-@@ -681,6 +681,7 @@ struct netconfig	*ncp;
- {
-     struct netconfig	*p;
-     char	*tmp;
-+    char	*t;
-     u_int	i;
- 
-     if ((tmp=malloc(MAXNETCONFIGLINE)) == NULL)
-@@ -700,22 +701,21 @@ struct netconfig	*ncp;
-      */
-     *p = *ncp;
-     p->nc_netid = (char *)strcpy(tmp,ncp->nc_netid);
--    tmp = strchr(tmp, 0) + 1;
--    p->nc_protofmly = (char *)strcpy(tmp,ncp->nc_protofmly);
--    tmp = strchr(tmp, 0) + 1;
--    p->nc_proto = (char *)strcpy(tmp,ncp->nc_proto);
--    tmp = strchr(tmp, 0) + 1;
--    p->nc_device = (char *)strcpy(tmp,ncp->nc_device);
-+    t = strchr(tmp, 0) + 1;
-+    p->nc_protofmly = (char *)strcpy(t,ncp->nc_protofmly);
-+    t = strchr(t, 0) + 1;
-+    p->nc_proto = (char *)strcpy(t,ncp->nc_proto);
-+    t = strchr(t, 0) + 1;
-+    p->nc_device = (char *)strcpy(t,ncp->nc_device);
-     p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
-     if (p->nc_lookups == NULL) {
--	free(p->nc_netid);
- 	free(p);
- 	free(tmp);
- 	return(NULL);
-     }
-     for (i=0; i < p->nc_nlookups; i++) {
--    	tmp = strchr(tmp, 0) + 1;
--    	p->nc_lookups[i] = (char *)strcpy(tmp,ncp->nc_lookups[i]);
-+	t = strchr(t, 0) + 1;
-+	p->nc_lookups[i] = (char *)strcpy(t,ncp->nc_lookups[i]);
-     }
-     return(p);
- }

libtirpc-1.1.4-fix-EOF-non-block.patch

@@ -1,68 +0,0 @@
-diff -up libtirpc-1.1.4/src/svc_vc.c.orig libtirpc-1.1.4/src/svc_vc.c
---- libtirpc-1.1.4/src/svc_vc.c.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/src/svc_vc.c	2019-07-24 11:51:32.191485387 -0400
-@@ -502,9 +502,14 @@ read_vc(xprtp, buf, len)
- 	cfp = (struct cf_conn *)xprt->xp_p1;
- 
- 	if (cfp->nonblock) {
-+		/* Since len == 0 is returned on zero length
-+		 * read or EOF errno needs to be reset before
-+		 * the read
-+		 */
-+		errno = 0;
- 		len = read(sock, buf, (size_t)len);
- 		if (len < 0) {
--			if (errno == EAGAIN)
-+			if (errno == EAGAIN || errno == EWOULDBLOCK)
- 				len = 0;
- 			else
- 				goto fatal_err;
-diff -up libtirpc-1.1.4/src/xdr_rec.c.orig libtirpc-1.1.4/src/xdr_rec.c
---- libtirpc-1.1.4/src/xdr_rec.c.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/src/xdr_rec.c	2019-07-24 11:51:32.191485387 -0400
-@@ -61,6 +61,7 @@
- #include <rpc/svc.h>
- #include <rpc/clnt.h>
- #include <stddef.h>
-+#include <errno.h>
- #include "rpc_com.h"
- static bool_t	xdrrec_getlong(XDR *, long *);
- static bool_t	xdrrec_putlong(XDR *, const long *);
-@@ -537,7 +538,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
- 		n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp,
- 		    (int)sizeof (rstrm->in_header) - rstrm->in_hdrlen);
- 		if (n == 0) {
--			*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
-+			/* EAGAIN or EWOULDBLOCK means a zero length
-+			 * read not an EOF.
-+			 */
-+			if (errno == EAGAIN || errno == EWOULDBLOCK)
-+				*statp = XPRT_IDLE;
-+			else
-+				*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
- 			return FALSE;
- 		}
- 		if (n < 0) {
-@@ -564,6 +571,7 @@ __xdrrec_getrec(xdrs, statp, expectdata)
- 			rstrm->in_header &= ~LAST_FRAG;
- 			rstrm->last_frag = TRUE;
- 		}
-+		rstrm->in_haveheader = 1;
- 	}
- 
- 	n =  rstrm->readit(rstrm->tcp_handle,
-@@ -576,7 +584,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
- 	}
- 
- 	if (n == 0) {
--		*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
-+		/* EAGAIN or EWOULDBLOCK means a zero length
-+		 * read not an EOF.
-+		 */
-+		if (errno == EAGAIN || errno == EWOULDBLOCK)
-+			*statp = XPRT_IDLE;
-+		else
-+			*statp = expectdata ? XPRT_DIED : XPRT_IDLE;
- 		return FALSE;
- 	}
- 

libtirpc-1.1.4-ip_local_reserved_ports.patch

@@ -1,185 +0,0 @@
-From 20148930201b732c5dd1003933dd70543d3e929d Mon Sep 17 00:00:00 2001
-From: Otto Hollmann <otto.hollmann@suse.com>
-Date: Sat, 7 Oct 2023 03:48:22 -0400
-Subject: [PATCH] binddynport.c honor ip_local_reserved_ports
-
-Read reserved ports from /proc/sys/net/ipv4/ip_local_reserved_ports,
-store them into bit-wise array and before binding to random port check
-if port is not reserved.
-
-Currently, there is no way how to reserve ports so then will not be
-used by rpcbind.
-
-Random ports are opened by rpcbind because of rmtcalls. There is
-compile-time flag for disabling them, but in some cases we can not
-simply disable them.
-
-One solution would be run time option --enable-rmtcalls as already
-discussed, but it was rejected. So if we want to keep rmtcalls enabled
-and also be able to reserve some ports, there is no other way than
-filtering available ports. The easiest and clearest way seems to be
-just respect kernel list of ip_reserved_ports.
-
-Unfortunately there is one known disadvantage/side effect - it affects
-probability of ports which are right after reserved ones. The bigger
-reserved block is, the higher is probability of selecting following
-unreserved port. But if there is no reserved port, impact of this patch
-is minimal/none.
-
-Signed-off-by: Otto Hollmann <otto.hollmann@suse.com>
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/binddynport.c | 108 ++++++++++++++++++++++++++++++++++++++++++----
- 1 file changed, 100 insertions(+), 8 deletions(-)
-
-diff --git a/src/binddynport.c b/src/binddynport.c
-index 062629a..c2e9a20 100644
---- a/src/binddynport.c
-+++ b/src/binddynport.c
-@@ -37,6 +37,7 @@
- #include <unistd.h>
- #include <errno.h>
- #include <string.h>
-+#include <syslog.h>
- 
- #include <rpc/rpc.h>
- 
-@@ -56,6 +57,84 @@ enum {
- 	NPORTS		= ENDPORT - LOWPORT + 1,
- };
- 
-+/*
-+ * This function decodes information about given port from provided array and
-+ * return if port is reserved or not.
-+ *
-+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
-+ * @port port number within range LOWPORT and ENDPORT
-+ *
-+ * Returns 0 if port is not reserved, non-negative if port is reserved.
-+ */
-+static int is_reserved(char *reserved_ports, int port) {
-+	port -= LOWPORT;
-+	if (port < 0 || port >= NPORTS)
-+		return 0;
-+	return reserved_ports[port/(8*sizeof(char))] & 1<<(port%(8*sizeof(char)));
-+}
-+
-+/*
-+ * This function encodes information about given *reserved* port into provided
-+ * array. Don't call this function for ports which are not reserved.
-+ *
-+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
-+ * @port port number within range LOWPORT and ENDPORT
-+ *
-+ */
-+static void set_reserved(char *reserved_ports, int port) {
-+	port -= LOWPORT;
-+	if (port < 0 || port >= NPORTS)
-+		return;
-+	reserved_ports[port/(8*sizeof(char))] |= 1<<(port%(8*sizeof(char)));
-+}
-+
-+/*
-+ * Parse local reserved ports obtained from
-+ * /proc/sys/net/ipv4/ip_local_reserved_ports into bit array.
-+ *
-+ * @reserved_ports a zeroed array of size at least
-+ * "NPORTS / (8*sizeof(char)) + 1". Will be used for bit-wise encoding of
-+ * reserved ports.
-+ *
-+ * On each call, reserved ports are read from /proc and bit-wise stored into
-+ * provided array
-+ *
-+ * Returns 0 on success, -1 on failure.
-+ */
-+
-+static int parse_reserved_ports(char *reserved_ports) {
-+	int from=0, to;
-+	char delimiter = ',';
-+	int res;
-+	FILE * file_ptr = fopen("/proc/sys/net/ipv4/ip_local_reserved_ports","r");
-+	if (file_ptr == NULL) {
-+		(void) syslog(LOG_ERR,
-+			"Unable to open open /proc/sys/net/ipv4/ip_local_reserved_ports.");
-+		return -1;
-+	}
-+	do {
-+		if ((res = fscanf(file_ptr, "%d", &to)) != 1) {
-+			if (res == EOF) break;
-+			goto err;
-+		}
-+		if (delimiter != '-') {
-+			from = to;
-+		}
-+		for (int i = from; i <= to; ++i) {
-+			set_reserved(reserved_ports, i);
-+		}
-+	} while ((res = fscanf(file_ptr, "%c", &delimiter)) == 1);
-+	if (res != EOF)
-+		goto err;
-+	fclose(file_ptr);
-+	return 0;
-+err:
-+	(void) syslog(LOG_ERR,
-+		"An error occurred while parsing ip_local_reserved_ports.");
-+	fclose(file_ptr);
-+	return -1;
-+}
-+
- /*
-  * Bind a socket to a dynamically-assigned IP port.
-  *
-@@ -81,7 +160,8 @@ int __binddynport(int fd)
- 	in_port_t port, *portp;
- 	struct sockaddr *sap;
- 	socklen_t salen;
--	int i, res;
-+	int i, res, array_size;
-+	char *reserved_ports = NULL;
- 
- 	if (__rpc_sockisbound(fd))
- 		return 0;
-@@ -119,21 +199,33 @@ int __binddynport(int fd)
- 		gettimeofday(&tv, NULL);
- 		seed = tv.tv_usec * getpid();
- 	}
-+	array_size = NPORTS / (8*sizeof(char)) + 1;
-+	reserved_ports = malloc(array_size);
-+	if (!reserved_ports) {
-+		goto out;
-+	}
-+	memset(reserved_ports, 0, array_size);
-+	if (parse_reserved_ports(reserved_ports) < 0)
-+		goto out;
-+
- 	port = (rand_r(&seed) % NPORTS) + LOWPORT;
- 	for (i = 0; i < NPORTS; ++i) {
--		*portp = htons(port++);
--		res = bind(fd, sap, salen);
--		if (res >= 0) {
--			res = 0;
--			break;
-+		*portp = htons(port);
-+		if (!is_reserved(reserved_ports, port++)) {
-+			res = bind(fd, sap, salen);
-+			if (res >= 0) {
-+				res = 0;
-+				break;
-+			}
-+			if (errno != EADDRINUSE)
-+				break;
- 		}
--		if (errno != EADDRINUSE)
--			break;
- 		if (port > ENDPORT)
- 			port = LOWPORT;
- 	}
- 
- out:
-+	free(reserved_ports);
- 	mutex_unlock(&port_lock);
- 	return res;
- }
--- 
-2.40.1
-

libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch

@@ -1,23 +0,0 @@
-commit 6951a9c3139c9c7dbb0bdae70737996011fc7a37
-Author: Herb Wartens <wartens2@llnl.gov>
-Date:   Mon Mar 18 11:07:15 2024 -0400
-
-    rpcb_clnt.c: memory leak in destroy_addr
-    
-    Piece was dropped from original fix.
-    
-    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2225226
-    Signed-off-by: Steve Dickson <steved@redhat.com>
-
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index 68fe69a..d909efc 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -121,6 +121,7 @@ destroy_addr(addr)
- 			free(addr->ac_taddr->buf);
- 			addr->ac_taddr->buf = NULL;
- 		}
-+		free(addr->ac_taddr);
- 		addr->ac_taddr = NULL;
- 	}
- 	free(addr);

libtirpc-1.1.4-v2proto-mech.patch

@@ -1,88 +0,0 @@
-diff -up libtirpc-1.1.4/man/rpcbind.3t.orig libtirpc-1.1.4/man/rpcbind.3t
---- libtirpc-1.1.4/man/rpcbind.3t.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/man/rpcbind.3t	2022-08-02 11:21:30.134642780 -0400
-@@ -187,6 +187,8 @@ in
- .El
- .Sh AVAILABILITY
- These functions are part of libtirpc.
-+.Sh ENVIRONMENT
-+If RPCB_V2FIRST is defined, rpcbind protocol version tryout algorithm changes from v4,v2,v3 to v2,v4,v3.
- .Sh SEE ALSO
- .Xr rpc_clnt_calls 3 ,
- .Xr rpc_svc_calls 3 ,
-diff -up libtirpc-1.1.4/src/rpcb_clnt.c.orig libtirpc-1.1.4/src/rpcb_clnt.c
---- libtirpc-1.1.4/src/rpcb_clnt.c.orig	2022-08-02 11:20:42.795833195 -0400
-+++ libtirpc-1.1.4/src/rpcb_clnt.c	2022-08-02 11:21:30.135642797 -0400
-@@ -818,7 +818,8 @@ error:
-  * The algorithm used: If the transports is TCP or UDP, it first tries
-  * version 4 (srv4), then 3 and then fall back to version 2 (portmap).
-  * With this algorithm, we get performance as well as a plan for
-- * obsoleting version 2.
-+ * obsoleting version 2. This behaviour is reverted to old algorithm
-+ * if RPCB_V2FIRST environment var is defined
-  *
-  * For all other transports, the algorithm remains as 4 and then 3.
-  *
-@@ -839,6 +840,10 @@ __rpcb_findaddr_timed(program, version,
- #ifdef NOTUSED
- 	static bool_t check_rpcbind = TRUE;
- #endif
-+
-+#ifdef PORTMAP
-+	static bool_t portmap_first = FALSE;
-+#endif
- 	CLIENT *client = NULL;
- 	RPCB parms;
- 	enum clnt_stat clnt_st;
-@@ -895,8 +900,18 @@ __rpcb_findaddr_timed(program, version,
- 		parms.r_addr = (char *) &nullstring[0];
- 	}
- 
--	/* First try from start_vers(4) and then version 3 (RPCBVERS) */
-+	/* First try from start_vers(4) and then version 3 (RPCBVERS), except
-+	 * if env. var RPCB_V2FIRST is defined */
-+
-+#ifdef PORTMAP
-+	if (getenv(V2FIRST)) {
-+		portmap_first = TRUE;
-+		LIBTIRPC_DEBUG(3, ("__rpcb_findaddr_timed: trying v2-port first\n"));
-+		goto portmap;
-+	}
-+#endif
- 
-+rpcbind:
- 	CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, (char *) &rpcbrmttime);
- 	for (vers = start_vers;  vers >= RPCBVERS; vers--) {
- 		/* Set the version */
-@@ -944,10 +959,17 @@ __rpcb_findaddr_timed(program, version,
- 	}
- 
- #ifdef PORTMAP 	/* Try version 2 for TCP or UDP */
-+	if (portmap_first)
-+		goto error; /* we tried all versions if reached here */
-+portmap:
- 	if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
- 		address = __try_protocol_version_2(program, version, nconf, host, tp);
--		if (address == NULL)
--			goto error;
-+		if (address == NULL) {
-+			if (portmap_first)
-+				goto rpcbind;
-+			else
-+				goto error;
-+		}
- 	}
- #endif		/* PORTMAP */
- 
-diff -up libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig libtirpc-1.1.4/tirpc/rpc/pmap_prot.h
---- libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig	2018-08-27 10:06:49.000000000 -0400
-+++ libtirpc-1.1.4/tirpc/rpc/pmap_prot.h	2022-08-02 11:21:30.135642797 -0400
-@@ -84,6 +84,8 @@
- #define PMAPPROC_DUMP		((u_long)4)
- #define PMAPPROC_CALLIT		((u_long)5)
- 
-+#define V2FIRST		"RPCB_V2FIRST"
-+
- struct pmap {
- 	long unsigned pm_prog;
- 	long unsigned pm_vers;

sources

@@ -1 +0,0 @@
-SHA512 (libtirpc-1.1.4.tar.bz2) = 392f391f9fc1bd68d81dc44e4058831a64b32790b5c8c37338b0ab416fad2ae4d16389e632596734dba09780347918cc65c6f134e0c1afd09e81ec250785ed23