rpms
/
openslp
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import openslp-2.0.0-30.el9

This commit is contained in:
CentOS Sources 2022-05-17 05:52:14 -04:00 committed by Stepan Oksanichenko
commit 4a93973fa2
11 changed files with 922 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
SOURCES/openslp-2.0.0.tar.gz
SOURCES/slpd.8.gz
SOURCES/slptool.1.gz

3
.openslp.metadata Normal file
View File

@ -0,0 +1,3 @@
e4630bfb986cdffab6bb829b37e9340c9152d838 SOURCES/openslp-2.0.0.tar.gz
83d5cb6e4da8c21641da2c2c819b617e622d5a78 SOURCES/slpd.8.gz
eafda4dfc1be5341ec8ed5c8c54b9a59e81d0e78 SOURCES/slptool.1.gz

90
SOURCES/openslp-2.0.0-cve-2016-7567.patch Normal file
View File

@ -0,0 +1,90 @@
diff -up openslp-2.0.0/common/slp_compare.c.orig openslp-2.0.0/common/slp_compare.c
--- openslp-2.0.0/common/slp_compare.c.orig 2012-12-12 20:12:43.000000000 +0100
+++ openslp-2.0.0/common/slp_compare.c 2017-03-14 10:51:36.480675991 +0100
@@ -194,7 +194,8 @@ static int SLPUnescapeInPlace(size_t len
* @return The new (shorter) length of @p str.
*
* @note This routine assumes that leading and trailing white space have
- * already been removed from @p str.
+ * already been removed from @p str. It also assumes that @p str may
+ * not be null-terminated.
*/
static int SLPFoldWhiteSpace(size_t len, char * str)
{
@@ -203,11 +204,11 @@ static int SLPFoldWhiteSpace(size_t len,
{
if (isspace(*p))
{
- char * ws2p = ++p; /* Point ws2p to the second ws char. */
- while (isspace(*p)) /* Scan till we hit a non-ws char. */
+ char * ws2p = ++p; /* Point ws2p to the second ws char. */
+ while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */
p++;
- len -= p - ws2p; /* Reduce the length by extra ws. */
- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
+ len -= p - ws2p; /* Reduce the length by extra ws. */
+ memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
}
p++;
}
@@ -821,6 +822,50 @@ int SLPCheckAttributeListSyntax(const ch
#ifdef SLP_COMPARE_TEST
+/* Test boundary conditions of SLPFoldWhiteSpace. */
+static int test_SLPFoldWhiteSpace(void)
+{
+ static char test_str0[] = " ";
+ static char test_str1[] = "Blah";
+ static char test_str3[] = "Blah blah";
+ static char test_str4[] = "Blah blah";
+ static char test_str5[] = "Blah blah blah";
+ static char test_str8[] = " Blah blah";
+ static char test_str9[] = " Blah blah";
+ static char test_strC[] = "Blah blah ";
+ static char test_strD[] = "Blah blah xxxx";
+
+ static char * test_strs[] =
+ {
+ test_str0, test_str0, test_str0, test_str1, test_strC,
+ test_str3, test_str4, test_str5, test_strC, test_strC,
+ test_str8, test_str9, test_strC, test_strD,
+ };
+
+ static int test_lens[] =
+ {
+ 0, 1, 2, 4, 9, 10, 11, 15, 10, 11, 10, 11, 11, 11,
+ };
+
+ static int test_fins[] =
+ {
+ 0, 1, 1, 4, 9, 9, 9, 14, 10, 10, 10, 10, 10, 10,
+ };
+
+#define MAX_BUFSZ 32
+
+ int i;
+ for (i = 0; i < sizeof(test_strs) / sizeof(*test_strs); ++i)
+ {
+ char test_buf[MAX_BUFSZ];
+ memmove(test_buf, test_strs[i], test_lens[i]);
+ int len = SLPFoldWhiteSpace(test_lens[i], test_buf);
+ if (len != test_fins[i])
+ return -1;
+ }
+ return 0;
+}
+
/* ---------------- Test main for the slp_compare.c module ----------------
*
* Compile with:
@@ -840,6 +885,9 @@ int main(void)
int count;
+ if (test_SLPFoldWhiteSpace() != 0)
+ return -1;
+
/* *** SLPContainsStringList ***
*/
count = SLPContainsStringList(sizeof lst1 - 1, lst1, sizeof str1 - 1, str1);

19
SOURCES/openslp-2.0.0-cve-2017-17833.patch Normal file
View File

@ -0,0 +1,19 @@
diff -up openslp-2.0.0/slpd/slpd_process.c.orig openslp-2.0.0/slpd/slpd_process.c
--- openslp-2.0.0/slpd/slpd_process.c.orig 2018-05-09 13:08:06.185104375 +0200
+++ openslp-2.0.0/slpd/slpd_process.c 2018-05-09 13:07:21.017095089 +0200
@@ -462,6 +462,15 @@ static int ProcessSrvRqst(SLPMessage * m
message->body.srvrqst.srvtype, 23, SLP_DA_SERVICE_TYPE) == 0)
{
errorcode = ProcessDASrvRqst(message, sendbuf, errorcode);
+
+ if (result != *sendbuf)
+ {
+ // The pointer stored at *sendbuf can be modified by a realloc
+ // operation in ProcessDASrvRqst(). Fix up the local copy of
+ // that pointer if necessary.
+ result = *sendbuf;
+ }
+
if (errorcode == 0)
{
/* Since we have an errorcode of 0, we were successful,

165
SOURCES/openslp-2.0.0-cve-2019-5544.patch Normal file
View File

@ -0,0 +1,165 @@
diff -up openslp-2.0.0/common/slp_buffer.c.orig openslp-2.0.0/common/slp_buffer.c
--- openslp-2.0.0/common/slp_buffer.c.orig 2012-12-11 00:31:53.000000000 +0100
+++ openslp-2.0.0/common/slp_buffer.c 2019-12-09 10:39:16.422058793 +0100
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Functions for managing SLP message buffers.
*
* This file provides a higher level abstraction over malloc and free that
@@ -153,4 +160,20 @@ void SLPBufferFree(SLPBuffer buf)
xfree(buf);
}
+/** Report remaining free buffer size in bytes.
+ *
+ * Check if buffer is allocated and if so return bytes left in a
+ * @c SLPBuffer object.
+ *
+ * @param[in] buf The SLPBuffer to be freed.
+ */
+size_t
+RemainingBufferSpace(SLPBuffer buf)
+{
+ if (buf->allocated == 0) {
+ return 0;
+ }
+ return buf->end - buf->curpos;
+}
+
/*=========================================================================*/
diff -up openslp-2.0.0/common/slp_buffer.h.orig openslp-2.0.0/common/slp_buffer.h
--- openslp-2.0.0/common/slp_buffer.h.orig 2012-11-28 18:07:04.000000000 +0100
+++ openslp-2.0.0/common/slp_buffer.h 2019-12-09 10:39:16.422058793 +0100
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Header file that defines SLP message buffer management routines.
*
* Includes structures, constants and functions that used to handle memory
@@ -78,6 +85,8 @@ SLPBuffer SLPBufferListRemove(SLPBuffer
SLPBuffer SLPBufferListAdd(SLPBuffer * list, SLPBuffer buf);
+size_t RemainingBufferSpace(SLPBuffer buf);
+
/*! @} */
#endif /* SLP_BUFFER_H_INCLUDED */
diff -up openslp-2.0.0/slpd/slpd_process.c.orig openslp-2.0.0/slpd/slpd_process.c
--- openslp-2.0.0/slpd/slpd_process.c.orig 2019-12-09 10:39:16.420058789 +0100
+++ openslp-2.0.0/slpd/slpd_process.c 2019-12-09 10:39:16.422058793 +0100
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Processes incoming SLP messages.
*
* @file slpd_process.c
@@ -523,13 +530,27 @@ RESPOND:
{
for (i = 0; i < db->urlcount; i++)
{
- /* urlentry is the url from the db result */
urlentry = db->urlarray[i];
+ if (urlentry->opaque != NULL) {
+ const int64_t newsize = size + urlentry->opaquelen;
+ if (urlentry->opaquelen <= 0 || newsize > INT_MAX)
+ {
+ SLPDLog("Invalid opaquelen %d or sizeo of opaque url is too big, size=%d\n",
+ urlentry->opaquelen, size);
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
+ size += urlentry->opaquelen;
+ }
+ else
+ {
+ /* urlentry is the url from the db result */
+ size += urlentry->urllen + 6; /* 1 byte for reserved */
+ /* 2 bytes for lifetime */
+ /* 2 bytes for urllen */
+ /* 1 byte for authcount */
+ }
- size += urlentry->urllen + 6; /* 1 byte for reserved */
- /* 2 bytes for lifetime */
- /* 2 bytes for urllen */
- /* 1 byte for authcount */
#ifdef ENABLE_SLPv2_SECURITY
/* make room to include the authblock that was asked for */
if (G_SlpdProperty.securityEnabled
@@ -603,7 +624,7 @@ RESPOND:
urlentry = db->urlarray[i];
#ifdef ENABLE_SLPv1
- if (urlentry->opaque == 0)
+ if (urlentry->opaque == NULL)
{
/* url-entry reserved */
*result->curpos++ = 0;
@@ -615,8 +636,18 @@ RESPOND:
PutUINT16(&result->curpos, urlentry->urllen);
/* url-entry url */
- memcpy(result->curpos, urlentry->url, urlentry->urllen);
- result->curpos += urlentry->urllen;
+ if (RemainingBufferSpace(result) >= urlentry->urllen)
+ {
+ memcpy(result->curpos, urlentry->url, urlentry->urllen);
+ result->curpos = result->curpos + urlentry->urllen;
+ }
+ else
+ {
+ SLPDLog("Url too big (ask: %d have %" PRId64 "), failing request\n",
+ urlentry->opaquelen, (int64_t) RemainingBufferSpace(result));
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
/* url-entry auths */
*result->curpos++ = 0;
@@ -630,8 +661,18 @@ RESPOND:
/* TRICKY: Fix up the lifetime. */
TO_UINT16(urlentry->opaque + 1, urlentry->lifetime);
- memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen);
- result->curpos += urlentry->opaquelen;
+ if (RemainingBufferSpace(result) >= urlentry->opaquelen)
+ {
+ memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen);
+ result->curpos = result->curpos + urlentry->opaquelen;
+ }
+ else
+ {
+ SLPDLog("Opaque Url too big (ask: %d have %" PRId64 "), failing request\n",
+ urlentry->opaquelen, (int64_t) RemainingBufferSpace(result));
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
}
}
}

145
SOURCES/openslp-2.0.0-multicast-set.patch Normal file
View File

@ -0,0 +1,145 @@
diff -up openslp-2.0.0/etc/slpd.all_init.orig openslp-2.0.0/etc/slpd.all_init
--- openslp-2.0.0/etc/slpd.all_init.orig 2012-11-28 18:07:04.000000000 +0100
+++ openslp-2.0.0/etc/slpd.all_init 2017-10-04 12:50:36.672953246 +0200
@@ -1,28 +1,5 @@
#!/bin/bash
-#
-# /etc/rc.d/init.d/slpd
-#
-# slpd Start/Stop the OpenSLP SA daemon (slpd).
-#
-# chkconfig: 345 13 87
-# description: OpenSLP daemon for the Service Location Protocol
-# processname: slpd
-
-# Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org>
-# Modified for RHS Linux by Damien Neil
-# Modified for COL by Raymund Will, <ray@lst.de>
-# Modified for OpenSLP by Matt Peterson <mpeterson@calderasystems.com>
-# Modified to be distribution agnostic by Bart Whiteley <bart@caldera.com>
-
-#//////////////////////////////////////////////////#
-# Does nothing if a route exists that supports #
-# multicast traffic. If no routes supporting #
-# multicast traffic exists, the function tries to #
-# add one. A 0 is returned on success and a 1 #
-# on failure. One parameter must be passed in. #
-# This variable determins verbosity. If parameter #
-# is non-zero debugging will appear #
-#//////////////////////////////////////////////////#
+
multicast_route_set()
{
PING_OPTIONS_1='-c1 -w1'
@@ -36,8 +13,8 @@ multicast_route_set()
MSG_FAILED_TO_ADD=' FAILED - Route NOT Added.'
MSG_SUCCES_ON_ADD=' SUCCESS - Route Added.'
- CMD_GET_INTERFACE="netstat -i | awk 'BEGIN{}(NR>2)&&(!/^lo*/){print \$1}'"
- CMD_ADD_ROUTE="route add -net 224.0.0.0 netmask 240.0.0.0"
+ CMD_GET_INTERFACE="ip -o link show | awk 'BEGIN{FS=\": \"}!/^:digit:+: lo:.*/{print \$2}'"
+ CMD_ADD_ROUTE="ip route add 224.0.0.0/4 dev"
err_unreachable_found=`ping $PING_OPTIONS_1 $MULTICAST_ADDRESS 2>&1 1>/dev/null`
@@ -91,94 +68,11 @@ multicast_route_set()
return $retval
}
-NAME=slpd
-DAEMON=/usr/sbin/$NAME
-SUSE=0
-
-# Change to root
-OLDDIR=`pwd`
-cd /
-
-# Source function library.
-if [ -f /etc/rc.d/init.d/functions ]; then
- . /etc/rc.d/init.d/functions
-else
- SUSE=1
-fi
-
-test -x $DAEMON || exit 0
-
-if [ ! "$SVIlock" = "" ]; then
- unset LOCK
-else
- LOCK=/var/lock/subsys/slpd
+multicast_route_set 1
+multicast_enabled=$?
+if [ "$multicast_enabled" != "0" ] ; then
+ echo "Failure: No Route Available for Multicast Traffic"
+ exit 1
fi
-RETVAL=0
-
-#
-# See how we were called.
-#
-case "$1" in
- start)
- # Check if atd is already running
- # RH style
- if [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ -f $LOCK ]; then
- exit 0
- fi
- # Caldera Style
- if [ ! "$SVIlock" = "" ] && [ -f $SVIlock ]; then
- exit 0
- fi
- echo -n 'Starting slpd: '
-
- multicast_route_set 1
- multicast_enabled=$?
- if [ "$multicast_enabled" != "0" ] ; then
- echo "Failure: No Route Available for Multicast Traffic"
- exit 1
- fi
- if [ $SUSE -eq 0 ]; then
- if [ -x /sbin/ssd ]; then
- ssd -S -n $NAME -x $DAEMON -- $OPTIONS
- [ ! "$SVIlock" = "" ] && touch $SVIlock
- else
- daemon $DAEMON
- RETVAL=$?
- fi
- else
- startproc $DAEMON $OPTIONS
- fi
- [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && touch $LOCK
- echo
- ;;
- stop)
- echo -n 'Stopping slpd: '
-
- if [ -x /sbin/ssd ]; then
- ssd -K -p /var/run/$NAME.pid -n $NAME
- [ ! "$SVIlock" = "" ] && rm -f $SVIlock
- else
- killproc $DAEMON
- RETVAL=$?
- fi
- [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && rm -f $LOCK
- echo
- ;;
- reload|restart)
- cd $OLDDIR
- $0 stop
- $0 start
- cd /
- RETVAL=$?
- ;;
- status)
- status /usr/sbin/slpd
- RETVAL=$?
- ;;
- *)
- echo "Usage: /etc/rc.d/init.d/slpd {start|stop|restart|reload|status}"
- exit 1
-esac
-
-exit $RETVAL
+exit 0

39
SOURCES/openslp-2.0.0-notify-systemd-of-start-up.patch Normal file
View File

@ -0,0 +1,39 @@
exporting patch:
# HG changeset patch
# User Stephen Gallagher <sgallagh@redhat.com>
# Date 1394805577 14400
# Fri Mar 14 09:59:37 2014 -0400
# Node ID ff9067316db43f8e1204c0a7a743574c9f94feb5
# Parent 598821da69f2f26b1e76447bfecf139a4210ad48
Notify systemd of start-up completion
diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/Makefile.am
--- a/openslp/slpd/Makefile.am Sat Jun 08 15:14:45 2013 -0600
+++ b/openslp/slpd/Makefile.am Fri Mar 14 09:59:37 2014 -0400
@@ -93,5 +93,5 @@
slpd_index.h
#if you're building on Irix, replace .la with .a below
-slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la
+slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la -lsystemd
diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/slpd_main.c
--- a/openslp/slpd/slpd_main.c Sat Jun 08 15:14:45 2013 -0600
+++ b/openslp/slpd/slpd_main.c Fri Mar 14 09:59:37 2014 -0400
@@ -58,6 +58,8 @@
#include "slp_xid.h"
#include "slp_net.h"
+#include <systemd/sd-daemon.h>
+
int G_SIGALRM;
int G_SIGTERM;
int G_SIGHUP;
@@ -666,6 +668,7 @@
/* Main loop */
SLPDLog("Startup complete entering main run loop ...\n\n");
+ sd_notify(0, "READY=1");
G_SIGALRM = 0;
G_SIGTERM = 0;
G_SIGHUP = 0;

12
SOURCES/openslp-2.0.0-null-pointer-deref.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up openslp-2.0.0/common/slp_xmalloc.c.orig openslp-2.0.0/common/slp_xmalloc.c
--- openslp-2.0.0/common/slp_xmalloc.c.orig 2012-12-07 01:52:08.000000000 +0100
+++ openslp-2.0.0/common/slp_xmalloc.c 2016-05-23 12:58:57.953532979 +0200
@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int
if (x->size != size)
{
newptr = _xmalloc(file, line, size);
+ if (newptr == 0)
+ return 0;
memcpy(newptr, ptr, x->size);
_xfree(file, line, x);
}

28
SOURCES/openslp-2.0.0-openssl-1.1-fix.patch Normal file
View File

@ -0,0 +1,28 @@
diff -up openslp-2.0.0/common/slp_crypto.c.orig openslp-2.0.0/common/slp_crypto.c
--- openslp-2.0.0/common/slp_crypto.c.orig 2012-12-07 21:13:28.000000000 +0100
+++ openslp-2.0.0/common/slp_crypto.c 2017-10-04 09:38:48.469999889 +0200
@@ -88,11 +88,24 @@ SLPCryptoDSAKey * SLPCryptoDSAKeyDup(SLP
result = DSA_new();
if (result)
{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ const BIGNUM *p, *q, *g;
+ const BIGNUM *priv_key, *pub_key;
+
+ DSA_get0_pqg(dsa, &p, &q, &g);
+ DSA_get0_key(dsa, &pub_key, &priv_key);
+
+ /* would be nice to check return values, but
+ * original code for OpenSSL < 1.1 didn't do that either... */
+ DSA_set0_pqg(result, BN_dup(p), BN_dup(q), BN_dup(g));
+ DSA_set0_key(result, BN_dup(pub_key), BN_dup(priv_key));
+#else
result->p = BN_dup(dsa->p);
result->q = BN_dup(dsa->q);
result->g = BN_dup(dsa->g);
result->priv_key = BN_dup(dsa->priv_key);
result->pub_key = BN_dup(dsa->pub_key);
+#endif
}
return result;
}

11
SOURCES/slpd.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=OpenSLP daemon for the Service Location Protocol
After=network.target
[Service]
Type=notify
ExecStart=/usr/sbin/slpd -d
ExecStartPre=/usr/lib/openslp-server/slp-multicast-set.sh
[Install]
WantedBy=multi-user.target

407
SPECS/openslp.spec Normal file
View File

@ -0,0 +1,407 @@
Summary: Open implementation of Service Location Protocol V2
Name: openslp
Version: 2.0.0
Release: 30%{?dist}
License: BSD
URL: http://sourceforge.net/projects/openslp/
Source0: http://downloads.sf.net/openslp/openslp-%{version}.tar.gz
# Source2,3: simple man pages (slightly modified help2man output)
Source2: slpd.8.gz
Source3: slptool.1.gz
# Source3: service file
Source4: slpd.service
# Patch1: creates script from upstream init script that sets multicast
# prior to the start of the service
Patch1: openslp-2.0.0-multicast-set.patch
# Patch2: notify systemd of start-up completion
Patch2: openslp-2.0.0-notify-systemd-of-start-up.patch
# Patch3: fixes posible null pointer dereference, bz#1337402, CVE-2016-4912
Patch3: openslp-2.0.0-null-pointer-deref.patch
# Patch4: fixes FTBFS because of openssl-1.1
Patch4: openslp-2.0.0-openssl-1.1-fix.patch
# Patch5: fixes possible overflow in SLPFoldWhiteSpace,
# backported from upstream, CVE-2016-7567
Patch5: openslp-2.0.0-cve-2016-7567.patch
# Patch6: fixes heap memory corruption in slpd/slpd_process.c, which allows
# denial of service or potentially code execution,
# backported form upstream, CVE-2017-17833
Patch6: openslp-2.0.0-cve-2017-17833.patch
# Patch7: fixes a heap overwrite vulnerability
# leading to remote code execution
Patch7: openslp-2.0.0-cve-2019-5544.patch
BuildRequires: make
BuildRequires: automake libtool
BuildRequires: bison
BuildRequires: flex
BuildRequires: openssl-devel
BuildRequires: systemd-units systemd-devel
%description
Service Location Protocol is an IETF standards track protocol that
provides a framework to allow networking applications to discover the
existence, location, and configuration of networked services in
enterprise networks.
OpenSLP is an open source implementation of the SLPv2 protocol as defined
by RFC 2608 and RFC 2614.
%package devel
Summary: OpenSLP headers and libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
OpenSLP header files and libraries.
%package server
Summary: OpenSLP server daemon
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: iproute
%description server
OpenSLP server daemon to dynamically register services.
%prep
%setup -q
%patch1 -p1 -b .multicast-set
%patch2 -p2 -b .systemd
%patch3 -p1 -b .null-pointer-deref
%patch4 -p1 -b .openssl-1.1-fix
%patch5 -p1 -b .cve-2016-7567
%patch6 -p1 -b .cve-2017-17833
%patch7 -p1 -b .cve-2019-5544
# tarball goof (?), it wants to re-automake anyway, so let's do it right.
#libtoolize --force
#aclocal
#autoconf
#automake --add-missing
autoreconf -f -i
# remove CVS leftovers...
find . -name "CVS" | xargs rm -rf
%build
# for x86_64
export CFLAGS="-fPIC -fno-strict-aliasing -fPIE -DPIE $RPM_OPT_FLAGS"
# for slpd
export LDFLAGS="-pie -Wl,-z,now"
%configure \
--prefix=%{_prefix} \
--libdir=%{_libdir} \
--sysconfdir=%{_sysconfdir} \
--localstatedir=/var \
--disable-dependency-tracking \
--disable-static \
--disable-rpath \
--enable-async-api
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d
# install script that sets multicast
mkdir -p ${RPM_BUILD_ROOT}/usr/lib/%{name}-server
install -m 0755 etc/slpd.all_init ${RPM_BUILD_ROOT}/usr/lib/%{name}-server/slp-multicast-set.sh
# install service file
mkdir -p ${RPM_BUILD_ROOT}/%{_unitdir}
install -p -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}/%{_unitdir}/slpd.service
# install man page
mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man8/
mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man1/
cp %SOURCE2 ${RPM_BUILD_ROOT}/%{_mandir}/man8/
cp %SOURCE3 ${RPM_BUILD_ROOT}/%{_mandir}/man1/
# nuke unpackaged/unwanted files
rm -rf $RPM_BUILD_ROOT/usr/doc
rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la
%ldconfig_scriptlets
%post server
%systemd_post slpd.service
%preun server
%systemd_preun slpd.service
%postun server
%systemd_postun_with_restart slpd.service
%files
%doc AUTHORS COPYING FAQ NEWS README THANKS
%config(noreplace) %{_sysconfdir}/slp.conf
%{_bindir}/slptool
%{_libdir}/libslp.so.1*
%{_mandir}/man1/*
%files server
%doc doc/doc/html/IntroductionToSLP
%doc doc/doc/html/UsersGuide
%doc doc/doc/html/faq*
%{_sbindir}/slpd
%config(noreplace) %{_sysconfdir}/slp.reg
%config(noreplace) %{_sysconfdir}/slp.spi
%{_unitdir}/slpd.service
%{_mandir}/man8/*
/usr/lib/%{name}-server/slp-multicast-set.sh
%files devel
%doc doc/doc/html/ProgrammersGuide
%doc doc/doc/rfc
%{_includedir}/slp.h
%{_libdir}/libslp.so
%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.0-30
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Thu Jul 08 2021 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-29
- Explicitly disable use of deprecated SHA-1 algorithm
Resolves: #1936621
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.0-28
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.0-27
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Dec 09 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-23
- Fix heap overwrite vulnerability, CVE-2019-5544
Resolves: #1780754
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-19
- Remove dependency on initscripts
Resolves: #1592378
* Wed May 09 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-18
- Fix heap memory corruption, CVE-2017-17833
Related: #1572166
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Oct 04 2017 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-16
- Replace route with appropriate command from iproute
Related: #1496138
* Wed Oct 04 2017 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-15
- Removed dependency on net-tools
Resolves: #1496138
- Removed init script, Group tag and macro from changelog in spec file
- Slightly modified openssl-1.1 fix to be able build the package
with OpenSSL version lower than 1.1
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Mar 14 2017 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-12
- Fix possible overflow in SLPFoldWhiteSpace, CVE-2016-7567
Resolves: #1379988
* Wed Feb 22 2017 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-11
- Fix FTBFS because of openssl-1.1
Resolves: #1424028
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon May 23 2016 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-9
- Fix null pointer dereference, CVE-2016-4912
Resolves: #1337402
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Wed Mar 11 2015 Adam Jackson <ajax@redhat.com> 2.0.0-6
- Drop sysvinit script from F23+
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Mon Aug 04 2014 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-4
- Link to libsystemd.so instead of old libsystemd-daemon.so
Resolves: #1125103
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Mar 17 2014 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-2
- Launch slpd as a 'notify' daemon with systemd, rather than forking
(patch by Stephen Gallagher)
* Tue Oct 01 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.0-1
- Update to openslp-2.0.0
- Fix bogus dates in %%changelog
- Add systemd support
- Add man pages for slptool and slpd
- Add CFLAGS and LDFLAGS for full relro
- Build with -fno-strict-aliasing
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jun 19 2013 Rex Dieter <rdieter@fedoraproject.org> 1.2.1-19
- -server: Requires: +net-tools (for netstat, #975868)
* Wed Jan 30 2013 Rex Dieter <rdieter@fedoraproject.org> 1.2.1-18
- update URL: tag (#905975)
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Sep 16 2009 Rex Dieter <rdieter@fedoraproject.org> - 1.2.1-14
- slpd crashes if slptool findsrvtypes is run, when message logging is on (#523609)
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.1-13
- rebuilt with new openssl
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.1-10
- rebuild with new openssl
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.2.1-9
- Autorebuild for GCC 4.3
* Tue Dec 04 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.2.1-8
- respin for openssl
* Tue Aug 21 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.2.1-7
- respin (buildID)
* Tue Aug 29 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-6
- fc6 respin
* Wed Aug 09 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-5
- fc6 respin
* Wed Mar 1 2006 Rex Dieter <rexdieter[AT]users.sf.net>
- fc5: gcc/glibc respin
* Mon Dec 19 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-4
- make %%postun safer
* Wed Nov 16 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-3
- rebuild (for new openssl)
- make %%postun safer
* Fri Oct 21 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-2
- -fPIC (for x86_64)
* Fri Oct 21 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.2.1-1
- 1.2.1
- move most docs to -server
- --enable-slpv2-security
- --disable-dependency-tracking
* Sun May 22 2005 Jeremy Katz <katzj@redhat.com> - 1.2.0
- rebuild on all arches
* Thu Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
- rebuilt
* Mon Jul 19 2004 Rex Dieter <rexdieter at sf.net> 0:1.2.0-0.fdr.4
- BR: flex
* Fri Jul 16 2004 Rex Dieter <rexdieter at sf.net> 0:1.2.0-0.fdr.3
- BR: bison
* Thu Jul 15 2004 Rex Dieter <rexdieter at sf.net> 0:1.2.0-0.fdr.2
- fix/add condrestart to init script
* Thu Jul 15 2004 Rex Dieter <rexdieter at sf.net> 0:1.2.0-0.fdr.1
- 1.2.0
- use -pie
- don't use Requires(post,postun)
* Fri Oct 24 2003 Rex Dieter <rexdieter af sf.net> 0:1.0.11-0.fdr.7
- fix for Fedora Core
- fix description (main package does *not* include daemon and header files).
* Fri May 30 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.6
- -server: Requires(preun,postun): /sbin/service
- add a few more %%doc files to base pkg.
- initscript: add (real) 'reload' action.
- initscript: use $prog instead of hardcoded slpd.
* Fri May 16 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.5
- -server: fix %%postun on uninstall
* Fri May 2 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.4
- *really* do %%config(noreplace) slp.conf
* Thu May 1 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.3
- capitalize Summary's.
- %%config(noreplace) slp.conf
* Thu May 1 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.2
- docs: remove CVS files, include rfc, move ProgrammersGuide to -devel.
- improve sub-pkg descriptions.
- improve server %%preun,%%postun scripts: condrestart on upgrade,
suppress output of server shutdown,restarts.
* Thu May 1 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.1
- specfile cleanups for fedora packaging.
* Tue Apr 29 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.11-0.fdr.0
- 1.0.11 release.
- fedorize things
* Mon Feb 03 2003 Rex Dieter <rexdieter at sf.net> 0:1.0.10-1.0
- sanitize specfile
- -devel,-server subpkgs.