Compare commits
No commits in common. "c9-beta" and "c8s" have entirely different histories.
3
.gitignore
vendored
3
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
SOURCES/libtirpc-1.3.3.tar.bz2
|
SOURCES/libtirpc-1.1.4.tar.bz2
|
||||||
|
/libtirpc-1.1.4.tar.bz2
|
||||||
|
@ -1 +0,0 @@
|
|||||||
6e52c39148494e4836e2d5d4f28b11ddfa65394b SOURCES/libtirpc-1.3.3.tar.bz2
|
|
@ -1,51 +0,0 @@
|
|||||||
commit a013336ecdc476d7357398d9cd24b114070bb767
|
|
||||||
Author: Rosen Penev <rosenp@gmail.com>
|
|
||||||
Date: Tue Oct 25 12:34:56 2022 -0400
|
|
||||||
|
|
||||||
Add missing extern
|
|
||||||
|
|
||||||
Fixes compilation warning.
|
|
||||||
|
|
||||||
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
||||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
||||||
|
|
||||||
diff --git a/src/svc_auth.c b/src/svc_auth.c
|
|
||||||
index ce8bbd8..789d6af 100644
|
|
||||||
--- a/src/svc_auth.c
|
|
||||||
+++ b/src/svc_auth.c
|
|
||||||
@@ -66,6 +66,9 @@ static struct authsvc *Auths = NULL;
|
|
||||||
|
|
||||||
extern SVCAUTH svc_auth_none;
|
|
||||||
|
|
||||||
+#ifdef AUTHDES_SUPPORT
|
|
||||||
+extern enum auth_stat _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg);
|
|
||||||
+#endif
|
|
||||||
/*
|
|
||||||
* The call rpc message, msg has been obtained from the wire. The msg contains
|
|
||||||
* the raw form of credentials and verifiers. authenticate returns AUTH_OK
|
|
||||||
|
|
||||||
commit 55526c52a449907e4d34b829b96141afab530b23
|
|
||||||
Author: Zhi Li <yieli@redhat.com>
|
|
||||||
Date: Mon Oct 24 13:46:54 2022 -0400
|
|
||||||
|
|
||||||
bindresvport.c: fix a potential resource leakage
|
|
||||||
|
|
||||||
Close the FILE *fp of load_blacklist() in another
|
|
||||||
return path to avoid potential resource leakage.
|
|
||||||
|
|
||||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2135405
|
|
||||||
Signed-off-by: Zhi Li <yieli@redhat.com>
|
|
||||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
||||||
|
|
||||||
diff --git a/src/bindresvport.c b/src/bindresvport.c
|
|
||||||
index 5c0ddcf..efeb1cc 100644
|
|
||||||
--- a/src/bindresvport.c
|
|
||||||
+++ b/src/bindresvport.c
|
|
||||||
@@ -130,6 +130,7 @@ load_blacklist (void)
|
|
||||||
if (list == NULL)
|
|
||||||
{
|
|
||||||
free (buf);
|
|
||||||
+ fclose (fp);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,51 +0,0 @@
|
|||||||
commit 4a2d85c64110ee9e21a8c4f9dafd6b0ae621506d
|
|
||||||
Author: Zhi Li <yieli@redhat.com>
|
|
||||||
Date: Fri Oct 28 14:19:04 2022 -0400
|
|
||||||
|
|
||||||
clnt_raw.c: fix a possible null pointer dereference
|
|
||||||
|
|
||||||
Since clntraw_private could be dereferenced before
|
|
||||||
allocated, protect it by checking its value in advance.
|
|
||||||
|
|
||||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2138317
|
|
||||||
Signed-off-by: Zhi Li <yieli@redhat.com>
|
|
||||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
||||||
|
|
||||||
diff --git a/src/clnt_raw.c b/src/clnt_raw.c
|
|
||||||
index 31f9d0c..03f839d 100644
|
|
||||||
--- a/src/clnt_raw.c
|
|
||||||
+++ b/src/clnt_raw.c
|
|
||||||
@@ -142,7 +142,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
|
|
||||||
struct timeval timeout;
|
|
||||||
{
|
|
||||||
struct clntraw_private *clp = clntraw_private;
|
|
||||||
- XDR *xdrs = &clp->xdr_stream;
|
|
||||||
+ XDR *xdrs;
|
|
||||||
struct rpc_msg msg;
|
|
||||||
enum clnt_stat status;
|
|
||||||
struct rpc_err error;
|
|
||||||
@@ -154,6 +154,7 @@ clnt_raw_call(h, proc, xargs, argsp, xresults, resultsp, timeout)
|
|
||||||
mutex_unlock(&clntraw_lock);
|
|
||||||
return (RPC_FAILED);
|
|
||||||
}
|
|
||||||
+ xdrs = &clp->xdr_stream;
|
|
||||||
mutex_unlock(&clntraw_lock);
|
|
||||||
|
|
||||||
call_again:
|
|
||||||
@@ -245,7 +246,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
|
|
||||||
void *res_ptr;
|
|
||||||
{
|
|
||||||
struct clntraw_private *clp = clntraw_private;
|
|
||||||
- XDR *xdrs = &clp->xdr_stream;
|
|
||||||
+ XDR *xdrs;
|
|
||||||
bool_t rval;
|
|
||||||
|
|
||||||
mutex_lock(&clntraw_lock);
|
|
||||||
@@ -254,6 +255,7 @@ clnt_raw_freeres(cl, xdr_res, res_ptr)
|
|
||||||
mutex_unlock(&clntraw_lock);
|
|
||||||
return (rval);
|
|
||||||
}
|
|
||||||
+ xdrs = &clp->xdr_stream;
|
|
||||||
mutex_unlock(&clntraw_lock);
|
|
||||||
xdrs->x_op = XDR_FREE;
|
|
||||||
return ((*xdr_res)(xdrs, res_ptr));
|
|
@ -1,31 +0,0 @@
|
|||||||
commit f7f0abdf267698de3f74a0285405b1b01f40893b
|
|
||||||
Author: Zhi Li <yieli@redhat.com>
|
|
||||||
Date: Wed Jan 11 11:19:31 2023 -0500
|
|
||||||
|
|
||||||
getnetconfigent: avoid potential DoS issue by removing unnecessary sleep
|
|
||||||
|
|
||||||
By adapting CodeChecker for libtirpc related tests, it complains
|
|
||||||
an improper waiting time for function getnetconfigent with
|
|
||||||
a valid input value, either it should be treated as a wrong
|
|
||||||
input or just take it as a proper value without sleeping
|
|
||||||
|
|
||||||
link: https://bugzilla.redhat.com/show_bug.cgi?id=2150611
|
|
||||||
Signed-off-by: Zhi Li <yieli@redhat.com>
|
|
||||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
||||||
|
|
||||||
diff --git a/src/getnetconfig.c b/src/getnetconfig.c
|
|
||||||
index cfd33c2..d547dce 100644
|
|
||||||
--- a/src/getnetconfig.c
|
|
||||||
+++ b/src/getnetconfig.c
|
|
||||||
@@ -436,11 +436,6 @@ getnetconfigent(netid)
|
|
||||||
fprintf(stderr, "in /etc/netconfig.\n");
|
|
||||||
fprintf(stderr, "Please change this to \"local\" manually ");
|
|
||||||
fprintf(stderr, "or run mergemaster(8).\n");
|
|
||||||
- fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
|
|
||||||
- fprintf(stderr, "Continuing in 10 seconds\n\n");
|
|
||||||
- fprintf(stderr, "This warning will be removed 20030301\n");
|
|
||||||
- sleep(10);
|
|
||||||
-
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
@ -1,30 +0,0 @@
|
|||||||
commit 22b1c0cd6076dcd7df822cd1181e98278dc865db
|
|
||||||
Author: Olga Kornievskaia <kolga@netapp.com>
|
|
||||||
Date: Wed Jan 3 17:50:42 2024 -0500
|
|
||||||
|
|
||||||
gssapi: fix rpc_gss_seccreate passed in cred
|
|
||||||
|
|
||||||
Fix rpc_gss_seccreate() usage of the passed in gss credential.
|
|
||||||
|
|
||||||
Fixes: 5f1fe4dde861 ("Pass time_req and input_channel_bindings through to init_sec_context")
|
|
||||||
|
|
||||||
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
|
|
||||||
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
|
|
||||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
||||||
|
|
||||||
diff --git a/src/auth_gss.c b/src/auth_gss.c
|
|
||||||
index e317664..9d18f96 100644
|
|
||||||
--- a/src/auth_gss.c
|
|
||||||
+++ b/src/auth_gss.c
|
|
||||||
@@ -842,9 +842,9 @@ rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism,
|
|
||||||
gd->sec = sec;
|
|
||||||
|
|
||||||
if (req) {
|
|
||||||
- sec.req_flags = req->req_flags;
|
|
||||||
+ gd->sec.req_flags = req->req_flags;
|
|
||||||
gd->time_req = req->time_req;
|
|
||||||
- sec.cred = req->my_cred;
|
|
||||||
+ gd->sec.cred = req->my_cred;
|
|
||||||
gd->icb = req->input_channel_bindings;
|
|
||||||
}
|
|
||||||
|
|
@ -1,322 +0,0 @@
|
|||||||
diff --git a/src/rpc_com.h b/src/rpc_com.h
|
|
||||||
index 76badef..ded72d1 100644
|
|
||||||
--- a/src/rpc_com.h
|
|
||||||
+++ b/src/rpc_com.h
|
|
||||||
@@ -60,6 +60,12 @@ bool_t __xdrrec_getrec(XDR *, enum xprt_stat *, bool_t);
|
|
||||||
void __xprt_unregister_unlocked(SVCXPRT *);
|
|
||||||
void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *);
|
|
||||||
|
|
||||||
+/* Evaluate to actual length of the `sockaddr_un' structure, whether
|
|
||||||
+ * abstract or not.
|
|
||||||
+ */
|
|
||||||
+#include <stddef.h>
|
|
||||||
+#define SUN_LEN_A(ptr) (offsetof(struct sockaddr_un, sun_path) \
|
|
||||||
+ + 1 + strlen((ptr)->sun_path + 1))
|
|
||||||
|
|
||||||
extern int __svc_maxrec;
|
|
||||||
|
|
||||||
diff --git a/src/rpc_generic.c b/src/rpc_generic.c
|
|
||||||
index aabbe4b..ee44c8d 100644
|
|
||||||
--- a/src/rpc_generic.c
|
|
||||||
+++ b/src/rpc_generic.c
|
|
||||||
@@ -650,7 +650,8 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
|
|
||||||
if (path_len < 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
- if (asprintf(&ret, "%.*s", path_len, sun->sun_path) < 0)
|
|
||||||
+ if (asprintf(&ret, "%c%.*s", sun->sun_path[0] ?: '@',
|
|
||||||
+ path_len - 1, sun->sun_path + 1) < 0)
|
|
||||||
return (NULL);
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
@@ -682,9 +683,10 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* AF_LOCAL addresses are expected to be absolute
|
|
||||||
- * pathnames, anything else will be AF_INET or AF_INET6.
|
|
||||||
+ * pathnames or abstract names, anything else will be
|
|
||||||
+ * AF_INET or AF_INET6.
|
|
||||||
*/
|
|
||||||
- if (*addrstr != '/') {
|
|
||||||
+ if (*addrstr != '/' && *addrstr != '@') {
|
|
||||||
p = strrchr(addrstr, '.');
|
|
||||||
if (p == NULL)
|
|
||||||
goto out;
|
|
||||||
@@ -747,6 +749,9 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr)
|
|
||||||
strncpy(sun->sun_path, addrstr, sizeof(sun->sun_path) - 1);
|
|
||||||
ret->len = SUN_LEN(sun);
|
|
||||||
ret->maxlen = sizeof(struct sockaddr_un);
|
|
||||||
+ if (sun->sun_path[0] == '@')
|
|
||||||
+ /* Abstract address */
|
|
||||||
+ sun->sun_path[0] = '\0';
|
|
||||||
ret->buf = sun;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
@@ -834,6 +839,7 @@ __rpc_sockisbound(int fd)
|
|
||||||
struct sockaddr_un usin;
|
|
||||||
} u_addr;
|
|
||||||
socklen_t slen;
|
|
||||||
+ int path_len;
|
|
||||||
|
|
||||||
slen = sizeof (struct sockaddr_storage);
|
|
||||||
if (getsockname(fd, (struct sockaddr *)(void *)&ss, &slen) < 0)
|
|
||||||
@@ -849,9 +855,9 @@ __rpc_sockisbound(int fd)
|
|
||||||
return (u_addr.sin6.sin6_port != 0);
|
|
||||||
#endif
|
|
||||||
case AF_LOCAL:
|
|
||||||
- /* XXX check this */
|
|
||||||
- memcpy(&u_addr.usin, &ss, sizeof(u_addr.usin));
|
|
||||||
- return (u_addr.usin.sun_path[0] != 0);
|
|
||||||
+ memcpy(&u_addr.usin, &ss, sizeof(u_addr.usin));
|
|
||||||
+ path_len = slen - offsetof(struct sockaddr_un, sun_path);
|
|
||||||
+ return path_len > 0;
|
|
||||||
default:
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
|
|
||||||
index fde121d..c6c93b5 100644
|
|
||||||
--- a/src/rpc_soc.c
|
|
||||||
+++ b/src/rpc_soc.c
|
|
||||||
@@ -701,7 +701,11 @@ svcunix_create(sock, sendsize, recvsize, path)
|
|
||||||
memset(&sun, 0, sizeof sun);
|
|
||||||
sun.sun_family = AF_LOCAL;
|
|
||||||
strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1));
|
|
||||||
- addrlen = sizeof(struct sockaddr_un);
|
|
||||||
+ if (sun.sun_path[0] == '@')
|
|
||||||
+ /* abstract address */
|
|
||||||
+ sun.sun_path[0] = '\0';
|
|
||||||
+
|
|
||||||
+ addrlen = SUN_LEN_A(&sun);
|
|
||||||
sa = (struct sockaddr *)&sun;
|
|
||||||
|
|
||||||
if (bind(sock, sa, addrlen) < 0)
|
|
||||||
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
|
|
||||||
index 9838ebe..c2d554c 100644
|
|
||||||
--- a/src/rpcb_clnt.c
|
|
||||||
+++ b/src/rpcb_clnt.c
|
|
||||||
@@ -89,7 +89,7 @@ static struct address_cache *copy_of_cached(const char *, char *);
|
|
||||||
static void delete_cache(struct netbuf *);
|
|
||||||
static void add_cache(const char *, const char *, struct netbuf *, char *);
|
|
||||||
static CLIENT *getclnthandle(const char *, const struct netconfig *, char **);
|
|
||||||
-static CLIENT *local_rpcb(void);
|
|
||||||
+static CLIENT *local_rpcb(char **targaddr);
|
|
||||||
#ifdef NOTUSED
|
|
||||||
static struct netbuf *got_entry(rpcb_entry_list_ptr, const struct netconfig *);
|
|
||||||
#endif
|
|
||||||
@@ -431,19 +431,12 @@ getclnthandle(host, nconf, targaddr)
|
|
||||||
nconf->nc_netid, si.si_af, si.si_proto, si.si_socktype));
|
|
||||||
|
|
||||||
if (nconf->nc_protofmly != NULL && strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) {
|
|
||||||
- client = local_rpcb();
|
|
||||||
+ client = local_rpcb(targaddr);
|
|
||||||
if (! client) {
|
|
||||||
LIBTIRPC_DEBUG(1, ("getclnthandle: %s",
|
|
||||||
clnt_spcreateerror("local_rpcb failed")));
|
|
||||||
goto out_err;
|
|
||||||
} else {
|
|
||||||
- struct sockaddr_un sun;
|
|
||||||
-
|
|
||||||
- if (targaddr) {
|
|
||||||
- *targaddr = malloc(sizeof(sun.sun_path));
|
|
||||||
- strncpy(*targaddr, _PATH_RPCBINDSOCK,
|
|
||||||
- sizeof(sun.sun_path));
|
|
||||||
- }
|
|
||||||
return (client);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
@@ -493,6 +486,8 @@ getclnthandle(host, nconf, targaddr)
|
|
||||||
if (res)
|
|
||||||
freeaddrinfo(res);
|
|
||||||
out_err:
|
|
||||||
+ if (client && targaddr &&!*targaddr)
|
|
||||||
+ fprintf(stderr, "No targaddr provided\n");
|
|
||||||
if (!client && targaddr)
|
|
||||||
free(*targaddr);
|
|
||||||
return (client);
|
|
||||||
@@ -545,7 +540,8 @@ getpmaphandle(nconf, hostname, tgtaddr)
|
|
||||||
* rpcbind. Returns NULL on error and free's everything.
|
|
||||||
*/
|
|
||||||
static CLIENT *
|
|
||||||
-local_rpcb()
|
|
||||||
+local_rpcb(targaddr)
|
|
||||||
+ char **targaddr;
|
|
||||||
{
|
|
||||||
CLIENT *client;
|
|
||||||
static struct netconfig *loopnconf;
|
|
||||||
@@ -555,34 +551,50 @@ local_rpcb()
|
|
||||||
size_t tsize;
|
|
||||||
struct netbuf nbuf;
|
|
||||||
struct sockaddr_un sun;
|
|
||||||
+ int i;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Try connecting to the local rpcbind through a local socket
|
|
||||||
- * first. If this doesn't work, try all transports defined in
|
|
||||||
- * the netconfig file.
|
|
||||||
+ * first - trying both addresses. If this doesn't work, try all
|
|
||||||
+ * non-local transports defined in the netconfig file.
|
|
||||||
*/
|
|
||||||
- memset(&sun, 0, sizeof sun);
|
|
||||||
- sock = socket(AF_LOCAL, SOCK_STREAM, 0);
|
|
||||||
- if (sock < 0)
|
|
||||||
- goto try_nconf;
|
|
||||||
- sun.sun_family = AF_LOCAL;
|
|
||||||
- strcpy(sun.sun_path, _PATH_RPCBINDSOCK);
|
|
||||||
- nbuf.len = SUN_LEN(&sun);
|
|
||||||
- nbuf.maxlen = sizeof (struct sockaddr_un);
|
|
||||||
- nbuf.buf = &sun;
|
|
||||||
+ for (i = 0; i < 2; i++) {
|
|
||||||
+ memset(&sun, 0, sizeof sun);
|
|
||||||
+ sock = socket(AF_LOCAL, SOCK_STREAM, 0);
|
|
||||||
+ if (sock < 0)
|
|
||||||
+ goto try_nconf;
|
|
||||||
+ sun.sun_family = AF_LOCAL;
|
|
||||||
+ switch (i) {
|
|
||||||
+ case 0:
|
|
||||||
+ memcpy(sun.sun_path, _PATH_RPCBINDSOCK_ABSTRACT,
|
|
||||||
+ sizeof(_PATH_RPCBINDSOCK_ABSTRACT));
|
|
||||||
+ break;
|
|
||||||
+ case 1:
|
|
||||||
+ strcpy(sun.sun_path, _PATH_RPCBINDSOCK);
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ nbuf.len = SUN_LEN_A(&sun);
|
|
||||||
+ nbuf.maxlen = sizeof (struct sockaddr_un);
|
|
||||||
+ nbuf.buf = &sun;
|
|
||||||
|
|
||||||
- tsize = __rpc_get_t_size(AF_LOCAL, 0, 0);
|
|
||||||
- client = clnt_vc_create(sock, &nbuf, (rpcprog_t)RPCBPROG,
|
|
||||||
- (rpcvers_t)RPCBVERS, tsize, tsize);
|
|
||||||
+ tsize = __rpc_get_t_size(AF_LOCAL, 0, 0);
|
|
||||||
+ client = clnt_vc_create(sock, &nbuf, (rpcprog_t)RPCBPROG,
|
|
||||||
+ (rpcvers_t)RPCBVERS, tsize, tsize);
|
|
||||||
|
|
||||||
- if (client != NULL) {
|
|
||||||
- /* Mark the socket to be closed in destructor */
|
|
||||||
- (void) CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL);
|
|
||||||
- return client;
|
|
||||||
- }
|
|
||||||
+ if (client != NULL) {
|
|
||||||
+ /* Mark the socket to be closed in destructor */
|
|
||||||
+ (void) CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL);
|
|
||||||
+ if (targaddr) {
|
|
||||||
+ if (sun.sun_path[0] == 0)
|
|
||||||
+ sun.sun_path[0] = '@';
|
|
||||||
+ *targaddr = strdup(sun.sun_path);
|
|
||||||
+ }
|
|
||||||
+ return client;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- /* Nobody needs this socket anymore; free the descriptor. */
|
|
||||||
- close(sock);
|
|
||||||
+ /* Nobody needs this socket anymore; free the descriptor. */
|
|
||||||
+ close(sock);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
try_nconf:
|
|
||||||
|
|
||||||
@@ -636,7 +648,7 @@ try_nconf:
|
|
||||||
endnetconfig(nc_handle);
|
|
||||||
}
|
|
||||||
mutex_unlock(&loopnconf_lock);
|
|
||||||
- client = getclnthandle(hostname, loopnconf, NULL);
|
|
||||||
+ client = getclnthandle(hostname, loopnconf, targaddr);
|
|
||||||
return (client);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -665,7 +677,7 @@ rpcb_set(program, version, nconf, address)
|
|
||||||
rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
|
|
||||||
return (FALSE);
|
|
||||||
}
|
|
||||||
- client = local_rpcb();
|
|
||||||
+ client = local_rpcb(NULL);
|
|
||||||
if (! client) {
|
|
||||||
return (FALSE);
|
|
||||||
}
|
|
||||||
@@ -716,7 +728,7 @@ rpcb_unset(program, version, nconf)
|
|
||||||
RPCB parms;
|
|
||||||
char uidbuf[32];
|
|
||||||
|
|
||||||
- client = local_rpcb();
|
|
||||||
+ client = local_rpcb(NULL);
|
|
||||||
if (! client) {
|
|
||||||
return (FALSE);
|
|
||||||
}
|
|
||||||
@@ -772,7 +784,7 @@ got_entry(relp, nconf)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Quick check to see if rpcbind is up. Tries to connect over
|
|
||||||
- * local transport.
|
|
||||||
+ * local transport - first abstract, then regular.
|
|
||||||
*/
|
|
||||||
bool_t
|
|
||||||
__rpcbind_is_up()
|
|
||||||
@@ -799,15 +811,22 @@ __rpcbind_is_up()
|
|
||||||
if (sock < 0)
|
|
||||||
return (FALSE);
|
|
||||||
sun.sun_family = AF_LOCAL;
|
|
||||||
- strncpy(sun.sun_path, _PATH_RPCBINDSOCK, sizeof(sun.sun_path));
|
|
||||||
|
|
||||||
- if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) < 0) {
|
|
||||||
+ memcpy(sun.sun_path, _PATH_RPCBINDSOCK_ABSTRACT,
|
|
||||||
+ sizeof(_PATH_RPCBINDSOCK_ABSTRACT));
|
|
||||||
+ if (connect(sock, (struct sockaddr *)&sun, SUN_LEN_A(&sun)) == 0) {
|
|
||||||
close(sock);
|
|
||||||
- return (FALSE);
|
|
||||||
+ return (TRUE);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ strncpy(sun.sun_path, _PATH_RPCBINDSOCK, sizeof(sun.sun_path));
|
|
||||||
+ if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) == 0) {
|
|
||||||
+ close(sock);
|
|
||||||
+ return (TRUE);
|
|
||||||
}
|
|
||||||
|
|
||||||
close(sock);
|
|
||||||
- return (TRUE);
|
|
||||||
+ return (FALSE);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
@@ -1346,7 +1365,7 @@ rpcb_taddr2uaddr(nconf, taddr)
|
|
||||||
rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
|
|
||||||
return (NULL);
|
|
||||||
}
|
|
||||||
- client = local_rpcb();
|
|
||||||
+ client = local_rpcb(NULL);
|
|
||||||
if (! client) {
|
|
||||||
return (NULL);
|
|
||||||
}
|
|
||||||
@@ -1380,7 +1399,7 @@ rpcb_uaddr2taddr(nconf, uaddr)
|
|
||||||
rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
|
|
||||||
return (NULL);
|
|
||||||
}
|
|
||||||
- client = local_rpcb();
|
|
||||||
+ client = local_rpcb(NULL);
|
|
||||||
if (! client) {
|
|
||||||
return (NULL);
|
|
||||||
}
|
|
||||||
diff --git a/tirpc/rpc/rpcb_prot.h b/tirpc/rpc/rpcb_prot.h
|
|
||||||
index 7ae48b8..eb3a0c4 100644
|
|
||||||
--- a/tirpc/rpc/rpcb_prot.h
|
|
||||||
+++ b/tirpc/rpc/rpcb_prot.h
|
|
||||||
@@ -477,6 +477,7 @@ extern bool_t xdr_netbuf(XDR *, struct netbuf *);
|
|
||||||
#define RPCBVERS_4 RPCBVERS4
|
|
||||||
|
|
||||||
#define _PATH_RPCBINDSOCK "/var/run/rpcbind.sock"
|
|
||||||
+#define _PATH_RPCBINDSOCK_ABSTRACT "\0/run/rpcbind.sock"
|
|
||||||
|
|
||||||
#else /* ndef _KERNEL */
|
|
||||||
#ifdef __cplusplus
|
|
||||||
diff --git a/tirpc/rpc/rpcb_prot.x b/tirpc/rpc/rpcb_prot.x
|
|
||||||
index b21ac3d..472c11f 100644
|
|
||||||
--- a/tirpc/rpc/rpcb_prot.x
|
|
||||||
+++ b/tirpc/rpc/rpcb_prot.x
|
|
||||||
@@ -411,6 +411,7 @@ program RPCBPROG {
|
|
||||||
%#define RPCBVERS_4 RPCBVERS4
|
|
||||||
%
|
|
||||||
%#define _PATH_RPCBINDSOCK "/var/run/rpcbind.sock"
|
|
||||||
+%#define _PATH_RPCBINDSOCK_ABSTRACT "\0/run/rpcbind.sock"
|
|
||||||
%
|
|
||||||
%#else /* ndef _KERNEL */
|
|
||||||
%#ifdef __cplusplus
|
|
6
gating.yaml
Normal file
6
gating.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-8
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: osci.brew-build.revdeps.integration}
|
15
libtirpc-1.1.4-blacklist.patch
Normal file
15
libtirpc-1.1.4-blacklist.patch
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
diff -up libtirpc-1.1.4/doc/bindresvport.blacklist.save libtirpc-1.1.4/doc/bindresvport.blacklist
|
||||||
|
--- libtirpc-1.1.4/doc/bindresvport.blacklist.save 2021-04-17 13:04:20.092274589 -0400
|
||||||
|
+++ libtirpc-1.1.4/doc/bindresvport.blacklist 2021-04-17 13:04:45.609945925 -0400
|
||||||
|
@@ -8,6 +8,11 @@
|
||||||
|
631 # cups
|
||||||
|
636 # ldaps
|
||||||
|
664 # Secure ASF, used by IPMI on some cards
|
||||||
|
+749 # Kerberos V kadmin
|
||||||
|
+774 # rpasswd
|
||||||
|
+873 # rsyncd
|
||||||
|
921 # lwresd
|
||||||
|
+992 # SSL-enabled telnet
|
||||||
|
993 # imaps
|
||||||
|
+994 # irc
|
||||||
|
995 # pops
|
151
libtirpc-1.1.4-covscan.patch
Normal file
151
libtirpc-1.1.4-covscan.patch
Normal file
@ -0,0 +1,151 @@
|
|||||||
|
diff --git a/src/auth_gss.c b/src/auth_gss.c
|
||||||
|
index 5959893..7d08262 100644
|
||||||
|
--- a/src/auth_gss.c
|
||||||
|
+++ b/src/auth_gss.c
|
||||||
|
@@ -207,6 +207,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec)
|
||||||
|
rpc_createerr.cf_stat = RPC_SYSTEMERROR;
|
||||||
|
rpc_createerr.cf_error.re_errno = ENOMEM;
|
||||||
|
free(auth);
|
||||||
|
+ free(gd);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -592,7 +593,7 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret)
|
||||||
|
if (rpc_gss_oid_to_mech(actual_mech_type, &mechanism)) {
|
||||||
|
strncpy(options_ret->actual_mechanism,
|
||||||
|
mechanism,
|
||||||
|
- sizeof(options_ret->actual_mechanism));
|
||||||
|
+ (sizeof(options_ret->actual_mechanism)-1));
|
||||||
|
}
|
||||||
|
|
||||||
|
gd->established = TRUE;
|
||||||
|
diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c
|
||||||
|
index 98cf061..2ad6c89 100644
|
||||||
|
--- a/src/clnt_bcast.c
|
||||||
|
+++ b/src/clnt_bcast.c
|
||||||
|
@@ -330,6 +330,7 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
|
||||||
|
if (nettype == NULL)
|
||||||
|
nettype = "datagram_n";
|
||||||
|
if ((handle = __rpc_setconf(nettype)) == NULL) {
|
||||||
|
+ AUTH_DESTROY(sys_auth);
|
||||||
|
return (RPC_UNKNOWNPROTO);
|
||||||
|
}
|
||||||
|
while ((nconf = __rpc_getconf(handle)) != NULL) {
|
||||||
|
diff --git a/src/getnetconfig.c b/src/getnetconfig.c
|
||||||
|
index 92e7c43..d67d97d 100644
|
||||||
|
--- a/src/getnetconfig.c
|
||||||
|
+++ b/src/getnetconfig.c
|
||||||
|
@@ -709,6 +709,8 @@ struct netconfig *ncp;
|
||||||
|
p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
|
||||||
|
if (p->nc_lookups == NULL) {
|
||||||
|
free(p->nc_netid);
|
||||||
|
+ free(p);
|
||||||
|
+ free(tmp);
|
||||||
|
return(NULL);
|
||||||
|
}
|
||||||
|
for (i=0; i < p->nc_nlookups; i++) {
|
||||||
|
diff --git a/src/getnetpath.c b/src/getnetpath.c
|
||||||
|
index 7c19932..ea1a18c 100644
|
||||||
|
--- a/src/getnetpath.c
|
||||||
|
+++ b/src/getnetpath.c
|
||||||
|
@@ -88,6 +88,7 @@ setnetpath()
|
||||||
|
}
|
||||||
|
if ((np_sessionp->nc_handlep = setnetconfig()) == NULL) {
|
||||||
|
syslog (LOG_ERR, "rpc: failed to open " NETCONFIG);
|
||||||
|
+ free(np_sessionp);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
np_sessionp->valid = NP_VALID;
|
||||||
|
diff --git a/src/rpc_generic.c b/src/rpc_generic.c
|
||||||
|
index 589cbd5..51f36ac 100644
|
||||||
|
--- a/src/rpc_generic.c
|
||||||
|
+++ b/src/rpc_generic.c
|
||||||
|
@@ -319,6 +319,7 @@ __rpc_setconf(nettype)
|
||||||
|
handle->nflag = FALSE;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
+ free(handle);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
|
||||||
|
index 5a6eeb7..a85cb17 100644
|
||||||
|
--- a/src/rpc_soc.c
|
||||||
|
+++ b/src/rpc_soc.c
|
||||||
|
@@ -663,15 +663,17 @@ svcunix_create(sock, sendsize, recvsize, path)
|
||||||
|
strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
- if (nconf == NULL)
|
||||||
|
+ if (nconf == NULL) {
|
||||||
|
+ endnetconfig(localhandle);
|
||||||
|
return(xprt);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if ((sock = __rpc_nconf2fd(nconf)) < 0)
|
||||||
|
goto done;
|
||||||
|
|
||||||
|
memset(&sun, 0, sizeof sun);
|
||||||
|
sun.sun_family = AF_LOCAL;
|
||||||
|
- strncpy(sun.sun_path, path, sizeof(sun.sun_path));
|
||||||
|
+ strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1));
|
||||||
|
addrlen = sizeof(struct sockaddr_un);
|
||||||
|
sa = (struct sockaddr *)&sun;
|
||||||
|
|
||||||
|
@@ -692,6 +694,8 @@ svcunix_create(sock, sendsize, recvsize, path)
|
||||||
|
}
|
||||||
|
|
||||||
|
xprt = (SVCXPRT *)svc_tli_create(sock, nconf, &taddr, sendsize, recvsize);
|
||||||
|
+ if (xprt == NULL)
|
||||||
|
+ close(sock);
|
||||||
|
|
||||||
|
done:
|
||||||
|
endnetconfig(localhandle);
|
||||||
|
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
|
||||||
|
index e45736a..0c34cb7 100644
|
||||||
|
--- a/src/rpcb_clnt.c
|
||||||
|
+++ b/src/rpcb_clnt.c
|
||||||
|
@@ -547,6 +547,7 @@ try_nconf:
|
||||||
|
if (tmpnconf == NULL) {
|
||||||
|
rpc_createerr.cf_stat = RPC_UNKNOWNPROTO;
|
||||||
|
mutex_unlock(&loopnconf_lock);
|
||||||
|
+ endnetconfig(nc_handle);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
loopnconf = getnetconfigent(tmpnconf->nc_netid);
|
||||||
|
diff --git a/src/rtime.c b/src/rtime.c
|
||||||
|
index b642840..29fbf0a 100644
|
||||||
|
--- a/src/rtime.c
|
||||||
|
+++ b/src/rtime.c
|
||||||
|
@@ -90,6 +90,7 @@ rtime(addrp, timep, timeout)
|
||||||
|
|
||||||
|
/* TCP and UDP port are the same in this case */
|
||||||
|
if ((serv = getservbyname("time", "tcp")) == NULL) {
|
||||||
|
+ do_close(s);
|
||||||
|
return(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/src/svc_generic.c b/src/svc_generic.c
|
||||||
|
index 52a56c2..20abaa2 100644
|
||||||
|
--- a/src/svc_generic.c
|
||||||
|
+++ b/src/svc_generic.c
|
||||||
|
@@ -113,6 +113,7 @@ svc_create(dispatch, prognum, versnum, nettype)
|
||||||
|
if (l == NULL) {
|
||||||
|
warnx("svc_create: no memory");
|
||||||
|
mutex_unlock(&xprtlist_lock);
|
||||||
|
+ __rpc_endconf(handle);
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
l->xprt = xprt;
|
||||||
|
diff --git a/src/svc_simple.c b/src/svc_simple.c
|
||||||
|
index cb58002..c32fe0a 100644
|
||||||
|
--- a/src/svc_simple.c
|
||||||
|
+++ b/src/svc_simple.c
|
||||||
|
@@ -157,6 +157,7 @@ rpc_reg(prognum, versnum, procnum, progname, inproc, outproc, nettype)
|
||||||
|
((netid = strdup(nconf->nc_netid)) == NULL)) {
|
||||||
|
warnx(rpc_reg_err, rpc_reg_msg, __no_mem_str);
|
||||||
|
SVC_DESTROY(svcxprt);
|
||||||
|
+ free(xdrbuf);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
madenow = TRUE;
|
14
libtirpc-1.1.4-dgcall-free.patch
Normal file
14
libtirpc-1.1.4-dgcall-free.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
|
||||||
|
--- libtirpc-1.1.4/src/clnt_dg.c.orig 2022-05-31 08:14:09.408762537 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/clnt_dg.c 2022-05-31 08:17:28.950764885 -0400
|
||||||
|
@@ -478,9 +478,9 @@ get_reply:
|
||||||
|
cmsg = CMSG_NXTHDR (&msg, cmsg))
|
||||||
|
if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR)
|
||||||
|
{
|
||||||
|
- mem_free(cbuf, (outlen + 256));
|
||||||
|
e = (struct sock_extended_err *) CMSG_DATA(cmsg);
|
||||||
|
cu->cu_error.re_errno = e->ee_errno;
|
||||||
|
+ mem_free(cbuf, (outlen + 256));
|
||||||
|
release_fd_lock(cu->cu_fd, mask);
|
||||||
|
return (cu->cu_error.re_status = RPC_CANTRECV);
|
||||||
|
}
|
76
libtirpc-1.1.4-disallow-auth_refresh.patch
Normal file
76
libtirpc-1.1.4-disallow-auth_refresh.patch
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
diff -up libtirpc-1.1.4/src/auth_gss.c.orig libtirpc-1.1.4/src/auth_gss.c
|
||||||
|
--- libtirpc-1.1.4/src/auth_gss.c.orig 2021-04-17 13:11:03.229880600 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/auth_gss.c 2021-04-17 13:15:10.722391798 -0400
|
||||||
|
@@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int
|
||||||
|
rpc_gss_clear_error();
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+bool_t
|
||||||
|
+is_authgss_client(CLIENT *clnt)
|
||||||
|
+{
|
||||||
|
+ return (clnt->cl_auth->ah_ops == &authgss_ops);
|
||||||
|
+}
|
||||||
|
diff -up libtirpc-1.1.4/src/clnt_dg.c.orig libtirpc-1.1.4/src/clnt_dg.c
|
||||||
|
--- libtirpc-1.1.4/src/clnt_dg.c.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/clnt_dg.c 2021-04-17 13:15:10.722391798 -0400
|
||||||
|
@@ -60,6 +60,9 @@
|
||||||
|
#include <sys/uio.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#ifdef HAVE_RPCSEC_GSS
|
||||||
|
+#include <rpc/auth_gss.h>
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
#define MAX_DEFAULT_FDS 20000
|
||||||
|
|
||||||
|
@@ -356,6 +359,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xre
|
||||||
|
salen = cu->cu_rlen;
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef HAVE_RPCSEC_GSS
|
||||||
|
+ if (is_authgss_client(cl))
|
||||||
|
+ nrefreshes = 0;
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Clean up in case the last call ended in a longjmp(3) call. */
|
||||||
|
call_again:
|
||||||
|
xdrs = &(cu->cu_outxdrs);
|
||||||
|
diff -up libtirpc-1.1.4/src/clnt_vc.c.orig libtirpc-1.1.4/src/clnt_vc.c
|
||||||
|
--- libtirpc-1.1.4/src/clnt_vc.c.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/clnt_vc.c 2021-04-17 13:15:10.723391824 -0400
|
||||||
|
@@ -68,6 +68,10 @@
|
||||||
|
#include <rpc/rpc.h>
|
||||||
|
#include "rpc_com.h"
|
||||||
|
|
||||||
|
+#ifdef HAVE_RPCSEC_GSS
|
||||||
|
+#include <rpc/auth_gss.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#define MCALL_MSG_SIZE 24
|
||||||
|
|
||||||
|
#define CMGROUP_MAX 16
|
||||||
|
@@ -380,6 +384,11 @@ clnt_vc_call(cl, proc, xdr_args, args_pt
|
||||||
|
(xdr_results == NULL && timeout.tv_sec == 0
|
||||||
|
&& timeout.tv_usec == 0) ? FALSE : TRUE;
|
||||||
|
|
||||||
|
+#ifdef HAVE_RPCSEC_GSS
|
||||||
|
+ if (is_authgss_client(cl))
|
||||||
|
+ refreshes = 0;
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
call_again:
|
||||||
|
xdrs->x_op = XDR_ENCODE;
|
||||||
|
ct->ct_error.re_status = RPC_SUCCESS;
|
||||||
|
diff -up libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig libtirpc-1.1.4/tirpc/rpc/auth_gss.h
|
||||||
|
--- libtirpc-1.1.4/tirpc/rpc/auth_gss.h.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/tirpc/rpc/auth_gss.h 2021-04-17 13:15:10.723391824 -0400
|
||||||
|
@@ -120,6 +120,8 @@ void gss_log_debug (const char *fmt, ..
|
||||||
|
void gss_log_status (char *m, OM_uint32 major, OM_uint32 minor);
|
||||||
|
void gss_log_hexdump (const u_char *buf, int len, int offset);
|
||||||
|
|
||||||
|
+bool_t is_authgss_client (CLIENT *);
|
||||||
|
+
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
154
libtirpc-1.1.4-dos-fix.patch
Normal file
154
libtirpc-1.1.4-dos-fix.patch
Normal file
@ -0,0 +1,154 @@
|
|||||||
|
diff --git a/src/rpc_com.h b/src/rpc_com.h
|
||||||
|
index 10bec79..76badef 100644
|
||||||
|
--- a/src/rpc_com.h
|
||||||
|
+++ b/src/rpc_com.h
|
||||||
|
@@ -61,8 +61,7 @@ void __xprt_unregister_unlocked(SVCXPRT *);
|
||||||
|
void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *);
|
||||||
|
|
||||||
|
|
||||||
|
-SVCXPRT **__svc_xports;
|
||||||
|
-int __svc_maxrec;
|
||||||
|
+extern int __svc_maxrec;
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
diff --git a/src/svc.c b/src/svc.c
|
||||||
|
index b59467b..3a8709f 100644
|
||||||
|
--- a/src/svc.c
|
||||||
|
+++ b/src/svc.c
|
||||||
|
@@ -57,6 +57,9 @@
|
||||||
|
|
||||||
|
#define max(a, b) (a > b ? a : b)
|
||||||
|
|
||||||
|
+SVCXPRT **__svc_xports;
|
||||||
|
+int __svc_maxrec;
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* The services list
|
||||||
|
* Each entry represents a set of procedures (an rpc program).
|
||||||
|
@@ -191,6 +194,21 @@ __xprt_do_unregister (xprt, dolock)
|
||||||
|
rwlock_unlock (&svc_fd_lock);
|
||||||
|
}
|
||||||
|
|
||||||
|
+int
|
||||||
|
+svc_open_fds()
|
||||||
|
+{
|
||||||
|
+ int ix;
|
||||||
|
+ int nfds = 0;
|
||||||
|
+
|
||||||
|
+ rwlock_rdlock (&svc_fd_lock);
|
||||||
|
+ for (ix = 0; ix < svc_max_pollfd; ++ix) {
|
||||||
|
+ if (svc_pollfd[ix].fd != -1)
|
||||||
|
+ nfds++;
|
||||||
|
+ }
|
||||||
|
+ rwlock_unlock (&svc_fd_lock);
|
||||||
|
+ return (nfds);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Add a service program to the callout list.
|
||||||
|
* The dispatch routine will be called when a rpc request for this
|
||||||
|
diff --git a/src/svc_vc.c b/src/svc_vc.c
|
||||||
|
index c23cd36..1729963 100644
|
||||||
|
--- a/src/svc_vc.c
|
||||||
|
+++ b/src/svc_vc.c
|
||||||
|
@@ -64,6 +64,8 @@
|
||||||
|
|
||||||
|
|
||||||
|
extern rwlock_t svc_fd_lock;
|
||||||
|
+extern SVCXPRT **__svc_xports;
|
||||||
|
+extern int svc_open_fds();
|
||||||
|
|
||||||
|
static SVCXPRT *makefd_xprt(int, u_int, u_int);
|
||||||
|
static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *);
|
||||||
|
@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *);
|
||||||
|
static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in);
|
||||||
|
static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq,
|
||||||
|
void *in);
|
||||||
|
+static int __svc_destroy_idle(int timeout);
|
||||||
|
|
||||||
|
struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */
|
||||||
|
u_int sendsize;
|
||||||
|
@@ -312,13 +315,14 @@ done:
|
||||||
|
return (xprt);
|
||||||
|
}
|
||||||
|
|
||||||
|
+
|
||||||
|
/*ARGSUSED*/
|
||||||
|
static bool_t
|
||||||
|
rendezvous_request(xprt, msg)
|
||||||
|
SVCXPRT *xprt;
|
||||||
|
struct rpc_msg *msg;
|
||||||
|
{
|
||||||
|
- int sock, flags;
|
||||||
|
+ int sock, flags, nfds, cnt;
|
||||||
|
struct cf_rendezvous *r;
|
||||||
|
struct cf_conn *cd;
|
||||||
|
struct sockaddr_storage addr;
|
||||||
|
@@ -378,6 +382,16 @@ again:
|
||||||
|
|
||||||
|
gettimeofday(&cd->last_recv_time, NULL);
|
||||||
|
|
||||||
|
+ nfds = svc_open_fds();
|
||||||
|
+ if (nfds >= (_rpc_dtablesize() / 5) * 4) {
|
||||||
|
+ /* destroy idle connections */
|
||||||
|
+ cnt = __svc_destroy_idle(15);
|
||||||
|
+ if (cnt == 0) {
|
||||||
|
+ /* destroy least active */
|
||||||
|
+ __svc_destroy_idle(0);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return (FALSE); /* there is never an rpc msg to be processed */
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -819,3 +833,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock)
|
||||||
|
{
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+static int
|
||||||
|
+__svc_destroy_idle(int timeout)
|
||||||
|
+{
|
||||||
|
+ int i, ncleaned = 0;
|
||||||
|
+ SVCXPRT *xprt, *least_active;
|
||||||
|
+ struct timeval tv, tdiff, tmax;
|
||||||
|
+ struct cf_conn *cd;
|
||||||
|
+
|
||||||
|
+ gettimeofday(&tv, NULL);
|
||||||
|
+ tmax.tv_sec = tmax.tv_usec = 0;
|
||||||
|
+ least_active = NULL;
|
||||||
|
+ rwlock_wrlock(&svc_fd_lock);
|
||||||
|
+
|
||||||
|
+ for (i = 0; i <= svc_max_pollfd; i++) {
|
||||||
|
+ if (svc_pollfd[i].fd == -1)
|
||||||
|
+ continue;
|
||||||
|
+ xprt = __svc_xports[i];
|
||||||
|
+ if (xprt == NULL || xprt->xp_ops == NULL ||
|
||||||
|
+ xprt->xp_ops->xp_recv != svc_vc_recv)
|
||||||
|
+ continue;
|
||||||
|
+ cd = (struct cf_conn *)xprt->xp_p1;
|
||||||
|
+ if (!cd->nonblock)
|
||||||
|
+ continue;
|
||||||
|
+ if (timeout == 0) {
|
||||||
|
+ timersub(&tv, &cd->last_recv_time, &tdiff);
|
||||||
|
+ if (timercmp(&tdiff, &tmax, >)) {
|
||||||
|
+ tmax = tdiff;
|
||||||
|
+ least_active = xprt;
|
||||||
|
+ }
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+ if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) {
|
||||||
|
+ __xprt_unregister_unlocked(xprt);
|
||||||
|
+ __svc_vc_dodestroy(xprt);
|
||||||
|
+ ncleaned++;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if (timeout == 0 && least_active != NULL) {
|
||||||
|
+ __xprt_unregister_unlocked(least_active);
|
||||||
|
+ __svc_vc_dodestroy(least_active);
|
||||||
|
+ ncleaned++;
|
||||||
|
+ }
|
||||||
|
+ rwlock_unlock(&svc_fd_lock);
|
||||||
|
+ return (ncleaned);
|
||||||
|
+}
|
51
libtirpc-1.1.4-dup_ncp-bad-free.patch
Normal file
51
libtirpc-1.1.4-dup_ncp-bad-free.patch
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
commit 959b2001458bca8f9228014371aad6ccbeb95a68
|
||||||
|
Author: Zhi Li <yieli@redhat.com>
|
||||||
|
Date: Wed Sep 26 14:05:29 2018 -0400
|
||||||
|
|
||||||
|
getnetconfig.c: fix a BAD_FREE (CWE-763)
|
||||||
|
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/src/getnetconfig.c b/src/getnetconfig.c
|
||||||
|
index d67d97d..cfd33c2 100644
|
||||||
|
--- a/src/getnetconfig.c
|
||||||
|
+++ b/src/getnetconfig.c
|
||||||
|
@@ -681,6 +681,7 @@ struct netconfig *ncp;
|
||||||
|
{
|
||||||
|
struct netconfig *p;
|
||||||
|
char *tmp;
|
||||||
|
+ char *t;
|
||||||
|
u_int i;
|
||||||
|
|
||||||
|
if ((tmp=malloc(MAXNETCONFIGLINE)) == NULL)
|
||||||
|
@@ -700,22 +701,21 @@ struct netconfig *ncp;
|
||||||
|
*/
|
||||||
|
*p = *ncp;
|
||||||
|
p->nc_netid = (char *)strcpy(tmp,ncp->nc_netid);
|
||||||
|
- tmp = strchr(tmp, 0) + 1;
|
||||||
|
- p->nc_protofmly = (char *)strcpy(tmp,ncp->nc_protofmly);
|
||||||
|
- tmp = strchr(tmp, 0) + 1;
|
||||||
|
- p->nc_proto = (char *)strcpy(tmp,ncp->nc_proto);
|
||||||
|
- tmp = strchr(tmp, 0) + 1;
|
||||||
|
- p->nc_device = (char *)strcpy(tmp,ncp->nc_device);
|
||||||
|
+ t = strchr(tmp, 0) + 1;
|
||||||
|
+ p->nc_protofmly = (char *)strcpy(t,ncp->nc_protofmly);
|
||||||
|
+ t = strchr(t, 0) + 1;
|
||||||
|
+ p->nc_proto = (char *)strcpy(t,ncp->nc_proto);
|
||||||
|
+ t = strchr(t, 0) + 1;
|
||||||
|
+ p->nc_device = (char *)strcpy(t,ncp->nc_device);
|
||||||
|
p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *));
|
||||||
|
if (p->nc_lookups == NULL) {
|
||||||
|
- free(p->nc_netid);
|
||||||
|
free(p);
|
||||||
|
free(tmp);
|
||||||
|
return(NULL);
|
||||||
|
}
|
||||||
|
for (i=0; i < p->nc_nlookups; i++) {
|
||||||
|
- tmp = strchr(tmp, 0) + 1;
|
||||||
|
- p->nc_lookups[i] = (char *)strcpy(tmp,ncp->nc_lookups[i]);
|
||||||
|
+ t = strchr(t, 0) + 1;
|
||||||
|
+ p->nc_lookups[i] = (char *)strcpy(t,ncp->nc_lookups[i]);
|
||||||
|
}
|
||||||
|
return(p);
|
||||||
|
}
|
68
libtirpc-1.1.4-fix-EOF-non-block.patch
Normal file
68
libtirpc-1.1.4-fix-EOF-non-block.patch
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
diff -up libtirpc-1.1.4/src/svc_vc.c.orig libtirpc-1.1.4/src/svc_vc.c
|
||||||
|
--- libtirpc-1.1.4/src/svc_vc.c.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/svc_vc.c 2019-07-24 11:51:32.191485387 -0400
|
||||||
|
@@ -502,9 +502,14 @@ read_vc(xprtp, buf, len)
|
||||||
|
cfp = (struct cf_conn *)xprt->xp_p1;
|
||||||
|
|
||||||
|
if (cfp->nonblock) {
|
||||||
|
+ /* Since len == 0 is returned on zero length
|
||||||
|
+ * read or EOF errno needs to be reset before
|
||||||
|
+ * the read
|
||||||
|
+ */
|
||||||
|
+ errno = 0;
|
||||||
|
len = read(sock, buf, (size_t)len);
|
||||||
|
if (len < 0) {
|
||||||
|
- if (errno == EAGAIN)
|
||||||
|
+ if (errno == EAGAIN || errno == EWOULDBLOCK)
|
||||||
|
len = 0;
|
||||||
|
else
|
||||||
|
goto fatal_err;
|
||||||
|
diff -up libtirpc-1.1.4/src/xdr_rec.c.orig libtirpc-1.1.4/src/xdr_rec.c
|
||||||
|
--- libtirpc-1.1.4/src/xdr_rec.c.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/xdr_rec.c 2019-07-24 11:51:32.191485387 -0400
|
||||||
|
@@ -61,6 +61,7 @@
|
||||||
|
#include <rpc/svc.h>
|
||||||
|
#include <rpc/clnt.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
+#include <errno.h>
|
||||||
|
#include "rpc_com.h"
|
||||||
|
static bool_t xdrrec_getlong(XDR *, long *);
|
||||||
|
static bool_t xdrrec_putlong(XDR *, const long *);
|
||||||
|
@@ -537,7 +538,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
|
||||||
|
n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp,
|
||||||
|
(int)sizeof (rstrm->in_header) - rstrm->in_hdrlen);
|
||||||
|
if (n == 0) {
|
||||||
|
- *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
|
||||||
|
+ /* EAGAIN or EWOULDBLOCK means a zero length
|
||||||
|
+ * read not an EOF.
|
||||||
|
+ */
|
||||||
|
+ if (errno == EAGAIN || errno == EWOULDBLOCK)
|
||||||
|
+ *statp = XPRT_IDLE;
|
||||||
|
+ else
|
||||||
|
+ *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if (n < 0) {
|
||||||
|
@@ -564,6 +571,7 @@ __xdrrec_getrec(xdrs, statp, expectdata)
|
||||||
|
rstrm->in_header &= ~LAST_FRAG;
|
||||||
|
rstrm->last_frag = TRUE;
|
||||||
|
}
|
||||||
|
+ rstrm->in_haveheader = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
n = rstrm->readit(rstrm->tcp_handle,
|
||||||
|
@@ -576,7 +584,13 @@ __xdrrec_getrec(xdrs, statp, expectdata)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (n == 0) {
|
||||||
|
- *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
|
||||||
|
+ /* EAGAIN or EWOULDBLOCK means a zero length
|
||||||
|
+ * read not an EOF.
|
||||||
|
+ */
|
||||||
|
+ if (errno == EAGAIN || errno == EWOULDBLOCK)
|
||||||
|
+ *statp = XPRT_IDLE;
|
||||||
|
+ else
|
||||||
|
+ *statp = expectdata ? XPRT_DIED : XPRT_IDLE;
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
185
libtirpc-1.1.4-ip_local_reserved_ports.patch
Normal file
185
libtirpc-1.1.4-ip_local_reserved_ports.patch
Normal file
@ -0,0 +1,185 @@
|
|||||||
|
From 20148930201b732c5dd1003933dd70543d3e929d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
Date: Sat, 7 Oct 2023 03:48:22 -0400
|
||||||
|
Subject: [PATCH] binddynport.c honor ip_local_reserved_ports
|
||||||
|
|
||||||
|
Read reserved ports from /proc/sys/net/ipv4/ip_local_reserved_ports,
|
||||||
|
store them into bit-wise array and before binding to random port check
|
||||||
|
if port is not reserved.
|
||||||
|
|
||||||
|
Currently, there is no way how to reserve ports so then will not be
|
||||||
|
used by rpcbind.
|
||||||
|
|
||||||
|
Random ports are opened by rpcbind because of rmtcalls. There is
|
||||||
|
compile-time flag for disabling them, but in some cases we can not
|
||||||
|
simply disable them.
|
||||||
|
|
||||||
|
One solution would be run time option --enable-rmtcalls as already
|
||||||
|
discussed, but it was rejected. So if we want to keep rmtcalls enabled
|
||||||
|
and also be able to reserve some ports, there is no other way than
|
||||||
|
filtering available ports. The easiest and clearest way seems to be
|
||||||
|
just respect kernel list of ip_reserved_ports.
|
||||||
|
|
||||||
|
Unfortunately there is one known disadvantage/side effect - it affects
|
||||||
|
probability of ports which are right after reserved ones. The bigger
|
||||||
|
reserved block is, the higher is probability of selecting following
|
||||||
|
unreserved port. But if there is no reserved port, impact of this patch
|
||||||
|
is minimal/none.
|
||||||
|
|
||||||
|
Signed-off-by: Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
---
|
||||||
|
src/binddynport.c | 108 ++++++++++++++++++++++++++++++++++++++++++----
|
||||||
|
1 file changed, 100 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/binddynport.c b/src/binddynport.c
|
||||||
|
index 062629a..c2e9a20 100644
|
||||||
|
--- a/src/binddynport.c
|
||||||
|
+++ b/src/binddynport.c
|
||||||
|
@@ -37,6 +37,7 @@
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <string.h>
|
||||||
|
+#include <syslog.h>
|
||||||
|
|
||||||
|
#include <rpc/rpc.h>
|
||||||
|
|
||||||
|
@@ -56,6 +57,84 @@ enum {
|
||||||
|
NPORTS = ENDPORT - LOWPORT + 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * This function decodes information about given port from provided array and
|
||||||
|
+ * return if port is reserved or not.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
|
||||||
|
+ * @port port number within range LOWPORT and ENDPORT
|
||||||
|
+ *
|
||||||
|
+ * Returns 0 if port is not reserved, non-negative if port is reserved.
|
||||||
|
+ */
|
||||||
|
+static int is_reserved(char *reserved_ports, int port) {
|
||||||
|
+ port -= LOWPORT;
|
||||||
|
+ if (port < 0 || port >= NPORTS)
|
||||||
|
+ return 0;
|
||||||
|
+ return reserved_ports[port/(8*sizeof(char))] & 1<<(port%(8*sizeof(char)));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * This function encodes information about given *reserved* port into provided
|
||||||
|
+ * array. Don't call this function for ports which are not reserved.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
|
||||||
|
+ * @port port number within range LOWPORT and ENDPORT
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+static void set_reserved(char *reserved_ports, int port) {
|
||||||
|
+ port -= LOWPORT;
|
||||||
|
+ if (port < 0 || port >= NPORTS)
|
||||||
|
+ return;
|
||||||
|
+ reserved_ports[port/(8*sizeof(char))] |= 1<<(port%(8*sizeof(char)));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Parse local reserved ports obtained from
|
||||||
|
+ * /proc/sys/net/ipv4/ip_local_reserved_ports into bit array.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports a zeroed array of size at least
|
||||||
|
+ * "NPORTS / (8*sizeof(char)) + 1". Will be used for bit-wise encoding of
|
||||||
|
+ * reserved ports.
|
||||||
|
+ *
|
||||||
|
+ * On each call, reserved ports are read from /proc and bit-wise stored into
|
||||||
|
+ * provided array
|
||||||
|
+ *
|
||||||
|
+ * Returns 0 on success, -1 on failure.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+static int parse_reserved_ports(char *reserved_ports) {
|
||||||
|
+ int from=0, to;
|
||||||
|
+ char delimiter = ',';
|
||||||
|
+ int res;
|
||||||
|
+ FILE * file_ptr = fopen("/proc/sys/net/ipv4/ip_local_reserved_ports","r");
|
||||||
|
+ if (file_ptr == NULL) {
|
||||||
|
+ (void) syslog(LOG_ERR,
|
||||||
|
+ "Unable to open open /proc/sys/net/ipv4/ip_local_reserved_ports.");
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ do {
|
||||||
|
+ if ((res = fscanf(file_ptr, "%d", &to)) != 1) {
|
||||||
|
+ if (res == EOF) break;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (delimiter != '-') {
|
||||||
|
+ from = to;
|
||||||
|
+ }
|
||||||
|
+ for (int i = from; i <= to; ++i) {
|
||||||
|
+ set_reserved(reserved_ports, i);
|
||||||
|
+ }
|
||||||
|
+ } while ((res = fscanf(file_ptr, "%c", &delimiter)) == 1);
|
||||||
|
+ if (res != EOF)
|
||||||
|
+ goto err;
|
||||||
|
+ fclose(file_ptr);
|
||||||
|
+ return 0;
|
||||||
|
+err:
|
||||||
|
+ (void) syslog(LOG_ERR,
|
||||||
|
+ "An error occurred while parsing ip_local_reserved_ports.");
|
||||||
|
+ fclose(file_ptr);
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Bind a socket to a dynamically-assigned IP port.
|
||||||
|
*
|
||||||
|
@@ -81,7 +160,8 @@ int __binddynport(int fd)
|
||||||
|
in_port_t port, *portp;
|
||||||
|
struct sockaddr *sap;
|
||||||
|
socklen_t salen;
|
||||||
|
- int i, res;
|
||||||
|
+ int i, res, array_size;
|
||||||
|
+ char *reserved_ports = NULL;
|
||||||
|
|
||||||
|
if (__rpc_sockisbound(fd))
|
||||||
|
return 0;
|
||||||
|
@@ -119,21 +199,33 @@ int __binddynport(int fd)
|
||||||
|
gettimeofday(&tv, NULL);
|
||||||
|
seed = tv.tv_usec * getpid();
|
||||||
|
}
|
||||||
|
+ array_size = NPORTS / (8*sizeof(char)) + 1;
|
||||||
|
+ reserved_ports = malloc(array_size);
|
||||||
|
+ if (!reserved_ports) {
|
||||||
|
+ goto out;
|
||||||
|
+ }
|
||||||
|
+ memset(reserved_ports, 0, array_size);
|
||||||
|
+ if (parse_reserved_ports(reserved_ports) < 0)
|
||||||
|
+ goto out;
|
||||||
|
+
|
||||||
|
port = (rand_r(&seed) % NPORTS) + LOWPORT;
|
||||||
|
for (i = 0; i < NPORTS; ++i) {
|
||||||
|
- *portp = htons(port++);
|
||||||
|
- res = bind(fd, sap, salen);
|
||||||
|
- if (res >= 0) {
|
||||||
|
- res = 0;
|
||||||
|
- break;
|
||||||
|
+ *portp = htons(port);
|
||||||
|
+ if (!is_reserved(reserved_ports, port++)) {
|
||||||
|
+ res = bind(fd, sap, salen);
|
||||||
|
+ if (res >= 0) {
|
||||||
|
+ res = 0;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ if (errno != EADDRINUSE)
|
||||||
|
+ break;
|
||||||
|
}
|
||||||
|
- if (errno != EADDRINUSE)
|
||||||
|
- break;
|
||||||
|
if (port > ENDPORT)
|
||||||
|
port = LOWPORT;
|
||||||
|
}
|
||||||
|
|
||||||
|
out:
|
||||||
|
+ free(reserved_ports);
|
||||||
|
mutex_unlock(&port_lock);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.40.1
|
||||||
|
|
1230
libtirpc-1.1.4-multithr-cleanup.patch
Normal file
1230
libtirpc-1.1.4-multithr-cleanup.patch
Normal file
File diff suppressed because it is too large
Load Diff
88
libtirpc-1.1.4-v2proto-mech.patch
Normal file
88
libtirpc-1.1.4-v2proto-mech.patch
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
diff -up libtirpc-1.1.4/man/rpcbind.3t.orig libtirpc-1.1.4/man/rpcbind.3t
|
||||||
|
--- libtirpc-1.1.4/man/rpcbind.3t.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/man/rpcbind.3t 2022-08-02 11:21:30.134642780 -0400
|
||||||
|
@@ -187,6 +187,8 @@ in
|
||||||
|
.El
|
||||||
|
.Sh AVAILABILITY
|
||||||
|
These functions are part of libtirpc.
|
||||||
|
+.Sh ENVIRONMENT
|
||||||
|
+If RPCB_V2FIRST is defined, rpcbind protocol version tryout algorithm changes from v4,v2,v3 to v2,v4,v3.
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr rpc_clnt_calls 3 ,
|
||||||
|
.Xr rpc_svc_calls 3 ,
|
||||||
|
diff -up libtirpc-1.1.4/src/rpcb_clnt.c.orig libtirpc-1.1.4/src/rpcb_clnt.c
|
||||||
|
--- libtirpc-1.1.4/src/rpcb_clnt.c.orig 2022-08-02 11:20:42.795833195 -0400
|
||||||
|
+++ libtirpc-1.1.4/src/rpcb_clnt.c 2022-08-02 11:21:30.135642797 -0400
|
||||||
|
@@ -818,7 +818,8 @@ error:
|
||||||
|
* The algorithm used: If the transports is TCP or UDP, it first tries
|
||||||
|
* version 4 (srv4), then 3 and then fall back to version 2 (portmap).
|
||||||
|
* With this algorithm, we get performance as well as a plan for
|
||||||
|
- * obsoleting version 2.
|
||||||
|
+ * obsoleting version 2. This behaviour is reverted to old algorithm
|
||||||
|
+ * if RPCB_V2FIRST environment var is defined
|
||||||
|
*
|
||||||
|
* For all other transports, the algorithm remains as 4 and then 3.
|
||||||
|
*
|
||||||
|
@@ -839,6 +840,10 @@ __rpcb_findaddr_timed(program, version,
|
||||||
|
#ifdef NOTUSED
|
||||||
|
static bool_t check_rpcbind = TRUE;
|
||||||
|
#endif
|
||||||
|
+
|
||||||
|
+#ifdef PORTMAP
|
||||||
|
+ static bool_t portmap_first = FALSE;
|
||||||
|
+#endif
|
||||||
|
CLIENT *client = NULL;
|
||||||
|
RPCB parms;
|
||||||
|
enum clnt_stat clnt_st;
|
||||||
|
@@ -895,8 +900,18 @@ __rpcb_findaddr_timed(program, version,
|
||||||
|
parms.r_addr = (char *) &nullstring[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* First try from start_vers(4) and then version 3 (RPCBVERS) */
|
||||||
|
+ /* First try from start_vers(4) and then version 3 (RPCBVERS), except
|
||||||
|
+ * if env. var RPCB_V2FIRST is defined */
|
||||||
|
+
|
||||||
|
+#ifdef PORTMAP
|
||||||
|
+ if (getenv(V2FIRST)) {
|
||||||
|
+ portmap_first = TRUE;
|
||||||
|
+ LIBTIRPC_DEBUG(3, ("__rpcb_findaddr_timed: trying v2-port first\n"));
|
||||||
|
+ goto portmap;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
+rpcbind:
|
||||||
|
CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, (char *) &rpcbrmttime);
|
||||||
|
for (vers = start_vers; vers >= RPCBVERS; vers--) {
|
||||||
|
/* Set the version */
|
||||||
|
@@ -944,10 +959,17 @@ __rpcb_findaddr_timed(program, version,
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef PORTMAP /* Try version 2 for TCP or UDP */
|
||||||
|
+ if (portmap_first)
|
||||||
|
+ goto error; /* we tried all versions if reached here */
|
||||||
|
+portmap:
|
||||||
|
if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
|
||||||
|
address = __try_protocol_version_2(program, version, nconf, host, tp);
|
||||||
|
- if (address == NULL)
|
||||||
|
- goto error;
|
||||||
|
+ if (address == NULL) {
|
||||||
|
+ if (portmap_first)
|
||||||
|
+ goto rpcbind;
|
||||||
|
+ else
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
#endif /* PORTMAP */
|
||||||
|
|
||||||
|
diff -up libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig libtirpc-1.1.4/tirpc/rpc/pmap_prot.h
|
||||||
|
--- libtirpc-1.1.4/tirpc/rpc/pmap_prot.h.orig 2018-08-27 10:06:49.000000000 -0400
|
||||||
|
+++ libtirpc-1.1.4/tirpc/rpc/pmap_prot.h 2022-08-02 11:21:30.135642797 -0400
|
||||||
|
@@ -84,6 +84,8 @@
|
||||||
|
#define PMAPPROC_DUMP ((u_long)4)
|
||||||
|
#define PMAPPROC_CALLIT ((u_long)5)
|
||||||
|
|
||||||
|
+#define V2FIRST "RPCB_V2FIRST"
|
||||||
|
+
|
||||||
|
struct pmap {
|
||||||
|
long unsigned pm_prog;
|
||||||
|
long unsigned pm_vers;
|
@ -1,41 +1,62 @@
|
|||||||
%define _root_libdir /%{_lib}
|
%define _root_libdir /%{_lib}
|
||||||
|
|
||||||
Name: libtirpc
|
Name: libtirpc
|
||||||
Version: 1.3.3
|
Version: 1.1.4
|
||||||
Release: 9%{?dist}
|
Release: 12%{?dist}
|
||||||
Summary: Transport Independent RPC Library
|
Summary: Transport Independent RPC Library
|
||||||
|
Group: System Environment/Libraries
|
||||||
License: SISSL and BSD
|
License: SISSL and BSD
|
||||||
URL: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary
|
URL: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary
|
||||||
Source0: http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2
|
Source0: http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.0
|
||||||
|
#
|
||||||
|
# bz 1602598
|
||||||
|
Patch001: libtirpc-1.1.4-covscan.patch
|
||||||
|
# bz 1631614
|
||||||
|
Patch002: libtirpc-1.1.4-dup_ncp-bad-free.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.1
|
||||||
|
#
|
||||||
|
# bz 1641875
|
||||||
|
Patch003: libtirpc-1.1.4-fix-EOF-non-block.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.5
|
||||||
|
#
|
||||||
|
# bz 1854147
|
||||||
|
Patch004: libtirpc-1.1.4-blacklist.patch
|
||||||
|
# bz 1934866
|
||||||
|
Patch005: libtirpc-1.1.4-disallow-auth_refresh.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.6
|
||||||
|
#
|
||||||
|
# bz 1940341
|
||||||
|
Patch006: libtirpc-1.1.4-dos-fix.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.7
|
||||||
|
#
|
||||||
|
# bz 2042196
|
||||||
|
Patch007: libtirpc-1.1.4-dgcall-free.patch
|
||||||
|
# bz 2107650
|
||||||
|
Patch008: libtirpc-1.1.4-v2proto-mech.patch
|
||||||
|
# bz 2112116
|
||||||
|
Patch009: libtirpc-1.1.4-multithr-cleanup.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.10
|
||||||
|
#
|
||||||
|
Patch010: libtirpc-1.1.4-null-ptrs-not-reused.patch
|
||||||
|
Patch011: libtirpc-1.1.4-double-free.patch
|
||||||
|
Patch012: libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
|
||||||
|
Patch013: libtirpc-1.1.4-ip_local_reserved_ports.patch
|
||||||
|
|
||||||
BuildRequires: automake, autoconf, libtool, pkgconfig
|
BuildRequires: automake, autoconf, libtool, pkgconfig
|
||||||
BuildRequires: krb5-devel
|
BuildRequires: krb5-devel
|
||||||
BuildRequires: gcc
|
|
||||||
BuildRequires: make
|
|
||||||
|
|
||||||
#
|
|
||||||
# RHEL9.2
|
|
||||||
#
|
|
||||||
Patch001: libtirpc-1.3.3-blacklist-close.patch
|
|
||||||
Patch002: libtirpc-1.3.3-clnt-raw-ptr.patch
|
|
||||||
|
|
||||||
#
|
|
||||||
# RHEL9.2
|
|
||||||
#
|
|
||||||
Patch003: libtirpc-1.3.3-dos-sleep.patch
|
|
||||||
|
|
||||||
#
|
|
||||||
# RHEL9.4
|
|
||||||
#
|
|
||||||
Patch004: libtirpc-1.3.3-null-ptrs-not-reused.patch
|
|
||||||
Patch005: libtirpc-1.3.3-gssd-context-creation.patch
|
|
||||||
Patch006: libtirpc-1.3.3-double-free.patch
|
|
||||||
Patch007: libtirpc-1.3.3-null-ptrs-not-reused-fixed.patch
|
|
||||||
|
|
||||||
#
|
|
||||||
# RHEL9.5
|
|
||||||
#
|
|
||||||
Patch008: libtirpc-1.3.3-rpcbind-abstract.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
This package contains SunLib's implementation of transport-independent
|
This package contains SunLib's implementation of transport-independent
|
||||||
@ -51,8 +72,9 @@ by almost 70 vendors on all major operating systems. TS-RPC source code
|
|||||||
|
|
||||||
%package devel
|
%package devel
|
||||||
Summary: Development files for the libtirpc library
|
Summary: Development files for the libtirpc library
|
||||||
|
Group: Development/Libraries
|
||||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
Requires: pkgconfig
|
Requires: pkgconfig man-db
|
||||||
|
|
||||||
%description devel
|
%description devel
|
||||||
This package includes header files and libraries necessary for
|
This package includes header files and libraries necessary for
|
||||||
@ -84,14 +106,30 @@ rm -f %{buildroot}%{_root_libdir}/*.{a,la}
|
|||||||
# Creat the man diretory
|
# Creat the man diretory
|
||||||
mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
||||||
|
|
||||||
|
%post -p /sbin/ldconfig
|
||||||
|
|
||||||
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
|
%post devel
|
||||||
|
# Register the new man section
|
||||||
|
#if [ "$1" -eq 1 ]; then
|
||||||
|
# makewhatis -s 3t
|
||||||
|
#fi
|
||||||
|
|
||||||
|
%postun devel
|
||||||
|
# Remove the existance of the man section
|
||||||
|
#makewhatis -s 3t
|
||||||
|
|
||||||
|
|
||||||
%files
|
%files
|
||||||
|
%defattr(-,root,root)
|
||||||
%doc AUTHORS ChangeLog NEWS README
|
%doc AUTHORS ChangeLog NEWS README
|
||||||
%{_root_libdir}/libtirpc.so.*
|
%{_root_libdir}/libtirpc.so.*
|
||||||
%config(noreplace)%{_sysconfdir}/netconfig
|
%config(noreplace)%{_sysconfdir}/netconfig
|
||||||
%config(noreplace)%{_sysconfdir}/bindresvport.blacklist
|
%config(noreplace)%{_sysconfdir}/bindresvport.blacklist
|
||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
|
%defattr(0644,root,root,755)
|
||||||
%{!?_licensedir:%global license %%doc}
|
%{!?_licensedir:%global license %%doc}
|
||||||
%license COPYING
|
%license COPYING
|
||||||
%dir %{_includedir}/tirpc
|
%dir %{_includedir}/tirpc
|
||||||
@ -136,118 +174,49 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
|||||||
%{_mandir}/*/*
|
%{_mandir}/*/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Jul 29 2024 Steve Dickson <steved@redhat.com> - 1.3.3-9
|
* Fri Apr 26 2024 Steve Dickson <steved@redhat.com> 1.1.4-12
|
||||||
- Support abstract addresses for rpcbind (RHEL-47027)
|
- binddynport.c honor ip_local_reserved_ports (RHEL-27005)
|
||||||
|
|
||||||
* Tue Mar 19 2024 Steve Dickson <steved@redhat.com> - 1.3.3-8
|
* Tue Mar 19 2024 Steve Dickson <steved@redhat.com> 1.1.4-11
|
||||||
- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11183)
|
- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11293)
|
||||||
|
|
||||||
* Wed Mar 13 2024 Steve Dickson <steved@redhat.com> - 1.3.3-7
|
* Tue Mar 5 2024 Steve Dickson <steved@redhat.com> 1.1.4-10
|
||||||
- exception build (RHEL-11183)
|
- rpcb_clnt.c: Eliminate double frees in delete_cache() (RHEL-11293)
|
||||||
|
|
||||||
* Tue Mar 5 2024 Steve Dickson <steved@redhat.com> - 1.3.3-6
|
* Mon Mar 4 2024 Steve Dickson <steved@redhat.com> 1.1.4-9
|
||||||
- rpcb_clnt.c: Eliminate double frees in delete_cache() (RHEL-11183)
|
- Null pointers so they are not used again (RHEL-11370)
|
||||||
|
|
||||||
* Mon Mar 4 2024 Steve Dickson <steved@redhat.com> - 1.3.3-5
|
* Wed Aug 3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
|
||||||
- Fix rpc_gss_seccreate() usage of the passed in gss credential. (RHEL-27936)
|
- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
|
||||||
|
- Multithreaded cleanup (bz 2112116)
|
||||||
|
|
||||||
* Mon Feb 19 2024 Pavel Reichl <preichl@redhat.com> - 1.3.3-4
|
* Tue May 31 2022 Steve Dickson <steved@redhat.com> 1.1.4-7
|
||||||
- Add gating tests (rhel-7883)
|
- clnt_dg_call: Fix use-after-free accessing the error number (bz 2042196)
|
||||||
|
|
||||||
* Tue Jan 2 2024 Steve Dickson <steved@redhat.com> - 1.3.3-3
|
* Thu Dec 2 2021 Steve Dickson <steved@redhat.com> 1.1.4-6
|
||||||
- Null pointers so they are not used again (RHEL-11371)
|
- Fix DoS vulnerability in libtirpc (bz 1940341)
|
||||||
|
|
||||||
* Thu May 18 2023 Steve Dickson <steved@redhat.com> - 1.3.3-2
|
* Sat Apr 17 2021 Steve Dickson <steved@redhat.com> 1.1.4-5
|
||||||
- getnetconfigent: avoid potential DoS (bz 2150611)
|
- blacklist: Add a few more well known ports (bz 1854147)
|
||||||
|
- Disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1934866)
|
||||||
|
|
||||||
* Thu Nov 03 2022 Steve Dickson <steved@redhat.com> - 1.3.3-1
|
* Wed Jul 24 2019 Steve Dickson <steved@redhat.com> 1.1.4-4
|
||||||
- bindresvport.c: fix a potential resource leakage (bz 2135405)
|
- Enable gating using reverse dependency testing of nfs-utils (bz 1681965)
|
||||||
- clnt_raw.c: fix a possible null pointer dereference (bz 2138317)
|
- Updated the URL (bz 1638671)
|
||||||
|
- Fix EOF detection on non-blocking socket (bz 1641875)
|
||||||
|
|
||||||
* Mon Aug 15 2022 Steve Dickson <steved@redhat.com> - 1.3.3
|
* Sat Oct 6 2018 Steve Dickson <steved@redhat.com> 1.1.4-3
|
||||||
- Rebased to libtirpc-1.3.3 (bz 2118157)
|
- Fixed bad free in dup_ncp() (bz 1631614)
|
||||||
|
|
||||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.2-1
|
* Fri Sep 14 2018 Steve Dickson <steved@redhat.com> 1.1.4-2
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
- Removed a false positive from the covscan (bz 1602598)
|
||||||
Related: rhbz#1991688
|
|
||||||
|
|
||||||
* Tue Jun 15 2021 Steve Dickson <steved@redhat.com> - 1.3.2
|
* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-1
|
||||||
- Rebased to libtirpc-1.3.2 (bz 1959125)
|
- Fixed issues found by covscan (bz 1602598)
|
||||||
|
|
||||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.1-2
|
* Fri Sep 7 2018 Steve Dickson <steved@redhat.com> 1.1.4-0
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
||||||
|
|
||||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-1
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Dec 03 2020 Steve Dickson <steved@redhat.com> - 1.3.1
|
|
||||||
- Updated to latest upstream release: libtirpc-1-3-1 (bz 1903615)
|
|
||||||
|
|
||||||
* Tue Aug 04 2020 Steve Dickson <steved@redhat.com> 1.2.6-1.rc4
|
|
||||||
- Updated to the latest upstream RC release: libtirpc-1-2-7-rc4
|
|
||||||
|
|
||||||
* Tue Aug 04 2020 Tom Stellard <tstellar@redhat.com> - 1.2.6-2
|
|
||||||
- Add BuildRequires: gcc
|
|
||||||
- https://docs.fedoraproject.org/en-US/packaging-guidelines/C_and_C++/#_packaging
|
|
||||||
|
|
||||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.6-1
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
||||||
|
|
||||||
* Tue Apr 14 2020 Steve Dickson <steved@redhat.com> 1.2.6-0
|
|
||||||
- Updated to the latest upstream release: libtirpc-1-2-6 (bz 1822751)
|
|
||||||
|
|
||||||
* Tue Feb 18 2020 Steve Dickson <steved@redhat.com> 1.2.5-1.rc2
|
|
||||||
- Updated to the latest upstream RC release: libtirpc-1-2-6-rc2 (bz 1799601)
|
|
||||||
|
|
||||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.5-1
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Dec 20 2019 Steve Dickson <steved@redhat.com> 1.2.5-0
|
|
||||||
Updated to latest upstream release: libtirpc-1-2-5 (bz 1785684)
|
|
||||||
|
|
||||||
* Fri Nov 01 2019 Petr Pisar <ppisar@redhat.com> - 1.1.4-3.rc3
|
|
||||||
- Remove a useless dependency on man-db from libtirpc-devel package
|
|
||||||
(bug #1496422)
|
|
||||||
|
|
||||||
* Thu Sep 05 2019 Steve Dickson <steved@redhat.com> 1.1.4-2.rc3
|
|
||||||
- Updated to latest upstream RC release: libtirpc-1-1-5-rc3
|
|
||||||
|
|
||||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.2
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.4-2.rc2.1
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Nov 8 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc2
|
|
||||||
- Updated to latest upstream RC release: libtirpc-1-1-5-rc2
|
|
||||||
|
|
||||||
* Tue Nov 6 2018 Steve Dickson <steved@redhat.com> 1.1.4-2.rc1
|
|
||||||
- Remove ldconfig scriptlet (bz 1644103)
|
|
||||||
|
|
||||||
* Thu Sep 13 2018 Steve Dickson <steved@redhat.com> 1.1.4-1.rc1
|
|
||||||
- Removed a false positive from the covscan
|
|
||||||
|
|
||||||
* Tue Sep 11 2018 Steve Dickson <steved@redhat.com> 1.1.4-0.rc1
|
|
||||||
- Updated to latest upstream RC releasse (bz 1627832)
|
|
||||||
|
|
||||||
* Mon Aug 27 2018 Steve Dickson <steved@redhat.com> 1.1.4
|
|
||||||
- Updated to latest upstream release: libtirpc-1-1-4 (bz 1585558)
|
- Updated to latest upstream release: libtirpc-1-1-4 (bz 1585558)
|
||||||
|
|
||||||
* Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> - 1.0.3-4.rc2
|
|
||||||
- Rebuild with fixed binutils
|
|
||||||
|
|
||||||
* Sun Jul 29 2018 Steve Dickson <steved@redhat.com> 1.0.3-3.rc2
|
|
||||||
- Update the libtirpc-1.0.4-rc2.patch to include big endian fixes (bz 1609208)
|
|
||||||
|
|
||||||
* Fri Jul 20 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc2
|
|
||||||
- Updated to latest upstream RC release: libtirpc-1-0-4-rc2
|
|
||||||
|
|
||||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.3-2.rc1.1
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
||||||
|
|
||||||
* Tue Jul 10 2018 Steve Dickson <steved@redhat.com> 1.0.3-2.rc1
|
|
||||||
- Updated the URL (bz 1599795)
|
|
||||||
|
|
||||||
* Wed Apr 18 2018 Steve Dickson <steved@redhat.com> 1.0.3-1.rc1
|
* Wed Apr 18 2018 Steve Dickson <steved@redhat.com> 1.0.3-1.rc1
|
||||||
- Updated to latest upstream RC release: libtirpc-1-0-4-rc1
|
- Updated to latest upstream RC release: libtirpc-1-0-4-rc1
|
||||||
|
|
Loading…
Reference in New Issue
Block a user