import slirp4netns-1.1.8-2.module+el8.6.0+14295+adafbc4c

This commit is contained in:
CentOS Sources 2022-03-11 20:57:47 +00:00 committed by Stepan Oksanichenko
commit 51293fe257
4 changed files with 234 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/v1.1.8.tar.gz

1
.slirp4netns.metadata Normal file
View File

@ -0,0 +1 @@
9f7965d1151311e6af4be9d3c0093ff86f1a3e4d SOURCES/v1.1.8.tar.gz

View File

@ -0,0 +1,74 @@
From 103cf5a3f83406f4a22b8d1899518e5fa4a351d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Tue, 15 Feb 2022 11:46:06 +0400
Subject: [PATCH] Replace deprecated inet_ntoa with safer inet_ntop
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
inet_ntoa() is a legacy API with MT issues. Use the recommended
alternative instead. This makes some code checkers happy, and could
potentially fix issues if other parts of the process were to use
inet_ntoa() at the same time..
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
main.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/main.c b/main.c
index c79508e10f4d..2c38dc0da1af 100644
--- a/main.c
+++ b/main.c
@@ -257,6 +257,7 @@ static int recvfd(int sock)
static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
struct slirp4netns_config *cfg, pid_t target_pid)
{
+ char str[INET6_ADDRSTRLEN];
int rc, tapfd;
if ((tapfd = recvfd(sock)) < 0) {
return tapfd;
@@ -265,23 +266,22 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
close(sock);
printf("Starting slirp\n");
printf("* MTU: %d\n", cfg->mtu);
- printf("* Network: %s\n", inet_ntoa(cfg->vnetwork));
- printf("* Netmask: %s\n", inet_ntoa(cfg->vnetmask));
- printf("* Gateway: %s\n", inet_ntoa(cfg->vhost));
- printf("* DNS: %s\n", inet_ntoa(cfg->vnameserver));
- printf("* Recommended IP: %s\n", inet_ntoa(cfg->recommended_vguest));
+ printf("* Network: %s\n", inet_ntop(AF_INET, &cfg->vnetwork, str, sizeof(str)));
+ printf("* Netmask: %s\n", inet_ntop(AF_INET, &cfg->vnetmask, str, sizeof(str)));
+ printf("* Gateway: %s\n", inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str)));
+ printf("* DNS: %s\n", inet_ntop(AF_INET, &cfg->vnameserver, str, sizeof(str)));
+ printf("* Recommended IP: %s\n", inet_ntop(AF_INET, &cfg->recommended_vguest, str, sizeof(str)));
if (api_socket != NULL) {
printf("* API Socket: %s\n", api_socket);
}
#if SLIRP_CONFIG_VERSION_MAX >= 2
if (cfg->enable_outbound_addr) {
printf("* Outbound IPv4: %s\n",
- inet_ntoa(cfg->outbound_addr.sin_addr));
+ inet_ntop(AF_INET, &cfg->outbound_addr.sin_addr, str, sizeof(str)));
}
if (cfg->enable_outbound_addr6) {
- char str[INET6_ADDRSTRLEN];
- if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr, str,
- INET6_ADDRSTRLEN) != NULL) {
+ if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr,
+ str, sizeof(str)) != NULL) {
printf("* Outbound IPv6: %s\n", str);
}
}
@@ -290,7 +290,7 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
printf(
"WARNING: 127.0.0.1:* on the host is accessible as %s (set "
"--disable-host-loopback to prohibit connecting to 127.0.0.1:*)\n",
- inet_ntoa(cfg->vhost));
+ inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str)));
}
if (cfg->enable_sandbox && geteuid() != 0) {
if ((rc = nsenter(target_pid, NULL, NULL, true)) < 0) {
--
2.34.1.428.gdcc0cd074f0c

158
SPECS/slirp4netns.spec Normal file
View File

@ -0,0 +1,158 @@
%global git0 https://github.com/rootless-containers/%{name}
Name: slirp4netns
Version: 1.1.8
Release: 2%{?dist}
Summary: slirp for network namespaces
License: GPLv2
URL: %{git0}
# build fails on i686 with: No matching package to install: 'go-md2man'
ExcludeArch: i686
Source0: %{git0}/archive/v%{version}.tar.gz
Patch0: 1.1.8-0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc
BuildRequires: glib2-devel
BuildRequires: git
BuildRequires: go-md2man
BuildRequires: libcap-devel
BuildRequires: libseccomp-devel
BuildRequires: make
BuildRequires: libslirp-devel
%description
slirp for network namespaces, without copying buffers across the namespaces.
%package devel
Summary: %{summary}
BuildArch: noarch
%description devel
%{summary}
This package contains library source intended for
building other packages which use import path with
%{import_path} prefix.
%prep
%autosetup -Sgit
%build
export CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
./autogen.sh
./configure --prefix=%{_usr} --libdir=%{_libdir}
%{__make} generate-man
%install
make DESTDIR=%{buildroot} install install-man
%check
#define license tag if not already defined
%{!?_licensedir:%global license %doc}
%files
%license COPYING
%doc README.md
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1.gz
%changelog
* Fri Feb 18 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.8-2
- fix gating - don't use insecure functions - thanks to Marc-André Lureau
- Related: #2001445
* Fri Dec 04 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.8-1
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
- Related: #1883490
* Thu Dec 03 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.7-2
- exclude i686 because of build failures
- Related: #1883490
* Thu Nov 26 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.7-1
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7
- Related: #1883490
* Mon Nov 09 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.6-2
- - be sure to harden the linked binary
- Related: #1883490
* Thu Nov 05 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.6-1
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.6
- Related: #1883490
* Tue Aug 11 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.4-2
- use proper CFLAGS
- Related: #1821193
* Mon Jul 13 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.4-1
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.4
- Related: #1821193
* Thu Jul 09 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.3-1
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.3
- Related: #1821193
* Mon Jul 06 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.2-1
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.2
- Related: #1821193
* Fri Jun 05 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.1-1
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.1
- Related: #1821193
* Fri Jun 05 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.0-1
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.0
- Related: #1821193
* Tue May 12 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.1-1
- update to https://github.com/rootless-containers/slirp4netns/archive/v1.0.1.tar.gz
- Related: #1821193
* Thu Feb 06 2020 Jindrich Novy <jnovy@redhat.com> - 0.4.2-3.git21fdece
- Fix CVE-2020-8608
- Resolves: #1798979
* Thu Jan 16 2020 Jindrich Novy <jnovy@redhat.com> - 0.4.2-2.git21fdece
- Fix CVE-2020-7039.
Resolves: #1791576
* Mon Nov 25 2019 Jindrich Novy <jnovy@redhat.com> - 0.4.2-1.git21fdece
- update to latest 0.4.2, fixes bug 1763454
- Related: RHELPLAN-25139
* Thu Oct 31 2019 Jindrich Novy <jnovy@redhat.com> - 0.4.0-2
- add new BR: libseccomp-devel
- Related: #1766774
* Wed Oct 30 2019 Jindrich Novy <jnovy@redhat.com> - 0.4.0-1
- update to v.0.4.0
- sync with fedora spec
- drop applied CVE-2019-14378 patch
- Resolves: #1766774
* Thu Sep 26 2019 Jindrich Novy <jnovy@redhat.com> - 0.3.0-4
- Fix CVE-2019-14378 (#1755595).
* Fri Jun 07 2019 Lokesh Mandvekar <lsm5@redhat.com> - 0.3.0-3
- Resolves: #1683217 - BR: glib2-devel
* Fri Jun 07 2019 Lokesh Mandvekar <lsm5@redhat.com> - 0.3.0-2
- Resolves: #1683217 - bump slirp4netns to v0.3.0
* Thu Feb 28 2019 Lokesh Mandvekar <lsm5@redhat.com> - 0.3.0-1.alpha.2.git30883b5
- bump to v0.3.0-alpha.2
* Fri Nov 16 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.1-2.dev.gitc4e1bc5
- changed summary
* Fri Aug 10 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.1-1.dev.gitc4e1bc5
- First package for RHEL 8
- import from Fedora rawhide
- Exclude ix86 and ppc64