commit 566d285c943d15f3d850bc9662887fe8ed139e89 Author: Juergen Daubert <jue@jue.li> Date: Sat Dec 3 16:40:18 2016 +0100 rpcbind: update to 0.2.4 diff --git a/rpcbind/.md5sum b/rpcbind/.md5sum index 21a9db7..7176974 100644 --- a/rpcbind/.md5sum +++ b/rpcbind/.md5sum @@ -1,3 +1,2 @@ -06ea92b0f86f29b4c468694918da09c6 rpcbind -850a62791c4b55a78e2dba8756c7a450 rpcbind-0.2.3.patch -c8875246b2688a1adfbd6ad43480278d rpcbind-0.2.3.tar.bz2 +78bfe054cf620249b228350f5e8730f7 rpcbind +cf10cd41ed8228fc54c316191c1f07fe rpcbind-0.2.4.tar.bz2 diff --git a/rpcbind/Pkgfile b/rpcbind/Pkgfile index 8b4d593..49d9033 100644 --- a/rpcbind/Pkgfile +++ b/rpcbind/Pkgfile @@ -4,20 +4,17 @@ # Depends on: libtirpc name=rpcbind -version=0.2.3 -release=3 +version=0.2.4 +release=1 source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version... \ - $name-$version.patch rpcbind) + rpcbind) build() { cd $name-$version - patch -p1 -i $SRC/$name-$version.patch - ./configure --prefix=/usr \ --bindir=/sbin \ --disable-libwrap \ - --with-rpcuser=root \ --without-systemdsystemunitdir make diff --git a/rpcbind/rpcbind b/rpcbind/rpcbind index d2c08da..6596357 100644 --- a/rpcbind/rpcbind +++ b/rpcbind/rpcbind @@ -6,7 +6,7 @@ SSD=/sbin/start-stop-daemon PROG=/sbin/rpcbind PID=/var/run/rpcbind.pid -OPTS="-f" +OPTS="-f -s" case $1 in start) diff --git a/rpcbind/rpcbind-0.2.3.patch b/rpcbind/rpcbind-0.2.3.patch deleted file mode 100644 index e820a26..0000000 --- a/rpcbind/rpcbind-0.2.3.patch +++ /dev/null @@ -1,138 +0,0 @@ -commit de47f6323d8fb20feefee21d0195cf0529151e04 -Author: Steve Dickson <steved@redhat.com> -Date: Thu Sep 17 15:57:35 2015 -0400 - - security.c: removed warning - - src/security.c:100:8: warning: implicit declaration of function 'xlog' - [-Wimplicit-function-declaration] - - Signed-off-by: Steve Dickson <steved@redhat.com> - -diff --git a/src/security.c b/src/security.c -index 0c9453f..c54ce26 100644 ---- a/src/security.c -+++ b/src/security.c -@@ -17,6 +17,8 @@ - #include <syslog.h> - #include <netdb.h> - -+#include "xlog.h" -+ - /* - * XXX for special case checks in check_callit. - */ - -commit d5dace219953c45d26ae42db238052b68540649a -Author: Olaf Kirch <okir@suse.de> -Date: Fri Oct 30 10:18:20 2015 -0400 - - Fix memory corruption in PMAP_CALLIT code - - - A PMAP_CALLIT call comes in on IPv4 UDP - - rpcbind duplicates the caller's address to a netbuf and stores it in - FINFO[0].caller_addr. caller_addr->buf now points to a memory region A - with a size of 16 bytes - - rpcbind forwards the call to the local service, receives a reply - - when processing the reply, it does this in xprt_set_caller: - xprt->xp_rtaddr = *FINFO[0].caller_addr - It sends out the reply, and then frees the netbuf caller_addr and - caller_addr.buf. - However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers - to memory region A, which is free. - - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will - be called, which will set xp_rtaddr to the client's address. - It will reuse the buffer inside xp_rtaddr, ie it will write a - sockaddr_in to region A - - Some time down the road, an incoming TCP connection is accepted, - allocating a fresh SVCXPRT. The memory region A is inside the - new SVCXPRT - - - While processing the TCP call, another UDP call comes in, again - overwriting region A with the client's address - - TCP client closes connection. In svc_destroy, we now trip over - the garbage left in region A - - We ran into the case where a commercial scanner was triggering - occasional rpcbind segfaults. The core file that was captured showed - a corrupted xprt->xp_netid pointer that was really a sockaddr_in. - - Signed-off-by: Olaf Kirch <okir@suse.de> - Signed-off-by: Steve Dickson <steved@redhat.com> - -diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c -index ff9ce6b..4ae93f1 100644 ---- a/src/rpcb_svc_com.c -+++ b/src/rpcb_svc_com.c -@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds) - return (ncallbacks_found); - } - -+/* -+ * This is really a helper function defined in libtirpc, -+ * but unfortunately, it hasn't been exported yet. -+ */ -+static struct netbuf * -+__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len) -+{ -+ if (nb->len != len) { -+ if (nb->len) -+ mem_free(nb->buf, nb->len); -+ nb->buf = mem_alloc(len); -+ if (nb->buf == NULL) -+ return NULL; -+ -+ nb->maxlen = nb->len = len; -+ } -+ memcpy(nb->buf, ptr, len); -+ return nb; -+} -+ - static void - xprt_set_caller(SVCXPRT *xprt, struct finfo *fi) - { -+ const struct netbuf *caller = fi->caller_addr; - u_int32_t *xidp; - -- *(svc_getrpccaller(xprt)) = *(fi->caller_addr); -+ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len); - xidp = __rpcb_get_dg_xidp(xprt); - *xidp = fi->caller_xid; - } - -commit 9194122389f2a56b1cd1f935e64307e2e963c2da -Author: Steve Dickson <steved@redhat.com> -Date: Mon Nov 2 17:05:18 2015 -0500 - - handle_reply: Don't use the xp_auth pointer directly - - In the latest libtirpc version to access the xp_auth - one must use the SVC_XP_AUTH macro. To be backwards - compatible a couple ifdefs were added to use the - macro when it exists. - - Signed-off-by: Steve Dickson <steved@redhat.com> - -diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c -index 4ae93f1..22d6c84 100644 ---- a/src/rpcb_svc_com.c -+++ b/src/rpcb_svc_com.c -@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt) - a.rmt_localvers = fi->versnum; - - xprt_set_caller(xprt, fi); -+#if defined(SVC_XP_AUTH) -+ SVC_XP_AUTH(xprt) = svc_auth_none; -+#else - xprt->xp_auth = &svc_auth_none; -+#endif - svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a); -+#if !defined(SVC_XP_AUTH) - SVCAUTH_DESTROY(xprt->xp_auth); - xprt->xp_auth = NULL; -+#endif -+ - done: - if (buffer) - free(buffer);