diff options
-rw-r--r-- | meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch | 276 | ||||
-rw-r--r-- | meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch | 26 | ||||
-rw-r--r-- | meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch | 743 | ||||
-rw-r--r-- | meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb (renamed from meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb) | 7 |
4 files changed, 2 insertions, 1050 deletions
diff --git a/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch b/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch deleted file mode 100644 index b3bae675ee..0000000000 --- a/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch +++ /dev/null @@ -1,276 +0,0 @@ -From dd9c7cf4f8f375c6d641b760d124650c418c2ce3 Mon Sep 17 00:00:00 2001 -From: Guido Vranken <guidovranken@gmail.com> -Date: Mon, 15 May 2017 11:12:21 -0400 -Subject: [PATCH] Fix for CVE-2017-8779 - -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/rpc_generic.c | 8 ++++++++ - src/rpcb_prot.c | 22 ++++++++++++++-------- - src/rpcb_st_xdr.c | 9 +++++---- - src/xdr.c | 30 +++++++++++++++++++++++++----- - 4 files changed, 52 insertions(+), 17 deletions(-) - -CVE: CVE-2017-8779 -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -diff --git a/src/rpc_generic.c b/src/rpc_generic.c -index 2f09a8f..589cbd5 100644 ---- a/src/rpc_generic.c -+++ b/src/rpc_generic.c -@@ -615,6 +615,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) - - switch (af) { - case AF_INET: -+ if (nbuf->len < sizeof(*sin)) { -+ return NULL; -+ } - sin = nbuf->buf; - if (inet_ntop(af, &sin->sin_addr, namebuf, sizeof namebuf) - == NULL) -@@ -626,6 +629,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) - break; - #ifdef INET6 - case AF_INET6: -+ if (nbuf->len < sizeof(*sin6)) { -+ return NULL; -+ } - sin6 = nbuf->buf; - if (inet_ntop(af, &sin6->sin6_addr, namebuf6, sizeof namebuf6) - == NULL) -@@ -667,6 +673,8 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr) - - port = 0; - sin = NULL; -+ if (uaddr == NULL) -+ return NULL; - addrstr = strdup(uaddr); - if (addrstr == NULL) - return NULL; -diff --git a/src/rpcb_prot.c b/src/rpcb_prot.c -index 43fd385..a923c8e 100644 ---- a/src/rpcb_prot.c -+++ b/src/rpcb_prot.c -@@ -41,6 +41,7 @@ - #include <rpc/types.h> - #include <rpc/xdr.h> - #include <rpc/rpcb_prot.h> -+#include "rpc_com.h" - - bool_t - xdr_rpcb(xdrs, objp) -@@ -53,13 +54,13 @@ xdr_rpcb(xdrs, objp) - if (!xdr_u_int32_t(xdrs, &objp->r_vers)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_netid, RPC_MAXDATASIZE)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_addr, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_addr, RPC_MAXDATASIZE)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_owner, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_owner, RPC_MAXDATASIZE)) { - return (FALSE); - } - return (TRUE); -@@ -159,19 +160,19 @@ xdr_rpcb_entry(xdrs, objp) - XDR *xdrs; - rpcb_entry *objp; - { -- if (!xdr_string(xdrs, &objp->r_maddr, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_maddr, RPC_MAXDATASIZE)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_nc_netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_nc_netid, RPC_MAXDATASIZE)) { - return (FALSE); - } - if (!xdr_u_int32_t(xdrs, &objp->r_nc_semantics)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_nc_protofmly, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_nc_protofmly, RPC_MAXDATASIZE)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->r_nc_proto, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->r_nc_proto, RPC_MAXDATASIZE)) { - return (FALSE); - } - return (TRUE); -@@ -292,7 +293,7 @@ xdr_rpcb_rmtcallres(xdrs, p) - bool_t dummy; - struct r_rpcb_rmtcallres *objp = (struct r_rpcb_rmtcallres *)(void *)p; - -- if (!xdr_string(xdrs, &objp->addr, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->addr, RPC_MAXDATASIZE)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->results.results_len)) { -@@ -312,6 +313,11 @@ xdr_netbuf(xdrs, objp) - if (!xdr_u_int32_t(xdrs, (u_int32_t *) &objp->maxlen)) { - return (FALSE); - } -+ -+ if (objp->maxlen > RPC_MAXDATASIZE) { -+ return (FALSE); -+ } -+ - dummy = xdr_bytes(xdrs, (char **)&(objp->buf), - (u_int *)&(objp->len), objp->maxlen); - return (dummy); -diff --git a/src/rpcb_st_xdr.c b/src/rpcb_st_xdr.c -index 08db745..28e6a48 100644 ---- a/src/rpcb_st_xdr.c -+++ b/src/rpcb_st_xdr.c -@@ -37,6 +37,7 @@ - - - #include <rpc/rpc.h> -+#include "rpc_com.h" - - /* Link list of all the stats about getport and getaddr */ - -@@ -58,7 +59,7 @@ xdr_rpcbs_addrlist(xdrs, objp) - if (!xdr_int(xdrs, &objp->failure)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { - return (FALSE); - } - -@@ -109,7 +110,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) - IXDR_PUT_INT32(buf, objp->failure); - IXDR_PUT_INT32(buf, objp->indirect); - } -- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { - return (FALSE); - } - if (!xdr_pointer(xdrs, (char **)&objp->next, -@@ -147,7 +148,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) - objp->failure = (int)IXDR_GET_INT32(buf); - objp->indirect = (int)IXDR_GET_INT32(buf); - } -- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { - return (FALSE); - } - if (!xdr_pointer(xdrs, (char **)&objp->next, -@@ -175,7 +176,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) - if (!xdr_int(xdrs, &objp->indirect)) { - return (FALSE); - } -- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { -+ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { - return (FALSE); - } - if (!xdr_pointer(xdrs, (char **)&objp->next, -diff --git a/src/xdr.c b/src/xdr.c -index f3fb9ad..b9a1558 100644 ---- a/src/xdr.c -+++ b/src/xdr.c -@@ -42,8 +42,10 @@ - #include <stdlib.h> - #include <string.h> - -+#include <rpc/rpc.h> - #include <rpc/types.h> - #include <rpc/xdr.h> -+#include <rpc/rpc_com.h> - - typedef quad_t longlong_t; /* ANSI long long type */ - typedef u_quad_t u_longlong_t; /* ANSI unsigned long long type */ -@@ -53,7 +55,6 @@ typedef u_quad_t u_longlong_t; /* ANSI unsigned long long type */ - */ - #define XDR_FALSE ((long) 0) - #define XDR_TRUE ((long) 1) --#define LASTUNSIGNED ((u_int) 0-1) - - /* - * for unit alignment -@@ -629,6 +630,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) - { - char *sp = *cpp; /* sp is the actual string pointer */ - u_int nodesize; -+ bool_t ret, allocated = FALSE; - - /* - * first deal with the length since xdr bytes are counted -@@ -652,6 +654,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) - } - if (sp == NULL) { - *cpp = sp = mem_alloc(nodesize); -+ allocated = TRUE; - } - if (sp == NULL) { - warnx("xdr_bytes: out of memory"); -@@ -660,7 +663,14 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) - /* FALLTHROUGH */ - - case XDR_ENCODE: -- return (xdr_opaque(xdrs, sp, nodesize)); -+ ret = xdr_opaque(xdrs, sp, nodesize); -+ if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) { -+ if (allocated == TRUE) { -+ free(sp); -+ *cpp = NULL; -+ } -+ } -+ return (ret); - - case XDR_FREE: - if (sp != NULL) { -@@ -754,6 +764,7 @@ xdr_string(xdrs, cpp, maxsize) - char *sp = *cpp; /* sp is the actual string pointer */ - u_int size; - u_int nodesize; -+ bool_t ret, allocated = FALSE; - - /* - * first deal with the length since xdr strings are counted-strings -@@ -793,8 +804,10 @@ xdr_string(xdrs, cpp, maxsize) - switch (xdrs->x_op) { - - case XDR_DECODE: -- if (sp == NULL) -+ if (sp == NULL) { - *cpp = sp = mem_alloc(nodesize); -+ allocated = TRUE; -+ } - if (sp == NULL) { - warnx("xdr_string: out of memory"); - return (FALSE); -@@ -803,7 +816,14 @@ xdr_string(xdrs, cpp, maxsize) - /* FALLTHROUGH */ - - case XDR_ENCODE: -- return (xdr_opaque(xdrs, sp, size)); -+ ret = xdr_opaque(xdrs, sp, size); -+ if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) { -+ if (allocated == TRUE) { -+ free(sp); -+ *cpp = NULL; -+ } -+ } -+ return (ret); - - case XDR_FREE: - mem_free(sp, nodesize); -@@ -823,7 +843,7 @@ xdr_wrapstring(xdrs, cpp) - XDR *xdrs; - char **cpp; - { -- return xdr_string(xdrs, cpp, LASTUNSIGNED); -+ return xdr_string(xdrs, cpp, RPC_MAXDATASIZE); - } - - /* --- -1.9.1 - diff --git a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch b/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch deleted file mode 100644 index 4a785d344a..0000000000 --- a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch +++ /dev/null @@ -1,26 +0,0 @@ -Fix a possible overflow (reported by _FORTIFY_SOURCE=2) - -Ported from Gentoo - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Index: libtirpc-0.2.1/src/getrpcport.c -=================================================================== ---- libtirpc-0.2.1.orig/src/getrpcport.c -+++ libtirpc-0.2.1/src/getrpcport.c -@@ -54,11 +54,11 @@ getrpcport(host, prognum, versnum, proto - - if ((hp = gethostbyname(host)) == NULL) - return (0); -+ if (hp->h_length != sizeof(addr.sin_addr.s_addr)) -+ return (0); - memset(&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_port = 0; -- if (hp->h_length > sizeof(addr)) -- hp->h_length = sizeof(addr); - memcpy(&addr.sin_addr.s_addr, hp->h_addr, (size_t)hp->h_length); - /* Inconsistent interfaces need casts! :-( */ - return (pmap_getport(&addr, (u_long)prognum, (u_long)versnum, diff --git a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch b/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch deleted file mode 100644 index 113dabe13b..0000000000 --- a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch +++ /dev/null @@ -1,743 +0,0 @@ -Backport the 1.0.2 RC3 changes, this fixes issues with gcc7 - -Upstream-Status: Backport - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -diff --git a/src/Makefile.am b/src/Makefile.am -index e4ed8aa..fba2aa4 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -24,7 +24,7 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln - rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \ - svc_auth_des.c \ - svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \ -- auth_time.c auth_des.c authdes_prot.c debug.c -+ auth_time.c auth_des.c authdes_prot.c debug.c des_crypt.c des_impl.c - - ## XDR - libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c xdr_sizeof.c -diff --git a/src/auth_des.c b/src/auth_des.c -index 4d3639e..af2f61f 100644 ---- a/src/auth_des.c -+++ b/src/auth_des.c -@@ -46,8 +46,8 @@ - #include <rpc/clnt.h> - #include <rpc/xdr.h> - #include <sys/socket.h> --#undef NIS --#include <rpcsvc/nis.h> -+ -+#include "nis.h" - - #if defined(LIBC_SCCS) && !defined(lint) - #endif -diff --git a/src/auth_gss.c b/src/auth_gss.c -index 9b88c38..5959893 100644 ---- a/src/auth_gss.c -+++ b/src/auth_gss.c -@@ -526,6 +526,14 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret) - gr.gr_major != GSS_S_CONTINUE_NEEDED)) { - options_ret->major_status = gr.gr_major; - options_ret->minor_status = gr.gr_minor; -+ if (call_stat != RPC_SUCCESS) { -+ struct rpc_err err; -+ clnt_geterr(gd->clnt, &err); -+ LIBTIRPC_DEBUG(1, ("authgss_refresh: %s errno: %s", -+ clnt_sperrno(call_stat), strerror(err.re_errno))); -+ } else -+ gss_log_status("authgss_refresh:", -+ gr.gr_major, gr.gr_minor); - return FALSE; - } - -diff --git a/src/auth_time.c b/src/auth_time.c -index 10e58eb..7f83ab4 100644 ---- a/src/auth_time.c -+++ b/src/auth_time.c -@@ -44,8 +44,8 @@ - #include <rpc/rpcb_prot.h> - //#include <clnt_soc.h> - #include <sys/select.h> --#undef NIS --#include <rpcsvc/nis.h> -+ -+#include "nis.h" - - - #ifdef TESTING -diff --git a/src/des_impl.c b/src/des_impl.c -index c5b7ed6..9dbccaf 100644 ---- a/src/des_impl.c -+++ b/src/des_impl.c -@@ -6,7 +6,8 @@ - /* see <http://www.gnu.org/licenses/> to obtain a copy. */ - #include <string.h> - #include <stdint.h> --#include <rpc/rpc_des.h> -+#include <sys/types.h> -+#include <rpc/des.h> - - - static const uint32_t des_SPtrans[8][64] = -diff --git a/src/getpublickey.c b/src/getpublickey.c -index 764a5f9..8cf4dc2 100644 ---- a/src/getpublickey.c -+++ b/src/getpublickey.c -@@ -38,8 +38,10 @@ - #include <pwd.h> - #include <rpc/rpc.h> - #include <rpc/key_prot.h> -+#ifdef YP - #include <rpcsvc/yp_prot.h> - #include <rpcsvc/ypclnt.h> -+#endif - #include <string.h> - #include <stdlib.h> - -diff --git a/src/nis.h b/src/nis.h -new file mode 100644 -index 0000000..588c041 ---- /dev/null -+++ b/src/nis.h -@@ -0,0 +1,70 @@ -+/* -+ * Copyright (c) 2010, Oracle America, Inc. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are -+ * met: -+ * -+ * * Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * * Redistributions in binary form must reproduce the above -+ * copyright notice, this list of conditions and the following -+ * disclaimer in the documentation and/or other materials -+ * provided with the distribution. -+ * * Neither the name of the "Oracle America, Inc." nor the names of its -+ * contributors may be used to endorse or promote products derived -+ * from this software without specific prior written permission. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#ifndef _INTERNAL_NIS_H -+#define _INTERNAL_NIS_H 1 -+ -+/* This file only contains the definition of nis_server, to be -+ able to compile libtirpc without the need to have a glibc -+ with sunrpc or a libnsl already installed. */ -+ -+#define NIS_PK_NONE 0 -+ -+struct nis_attr { -+ char *zattr_ndx; -+ struct { -+ u_int zattr_val_len; -+ char *zattr_val_val; -+ } zattr_val; -+}; -+typedef struct nis_attr nis_attr; -+ -+typedef char *nis_name; -+ -+struct endpoint { -+ char *uaddr; -+ char *family; -+ char *proto; -+}; -+typedef struct endpoint endpoint; -+ -+struct nis_server { -+ nis_name name; -+ struct { -+ u_int ep_len; -+ endpoint *ep_val; -+ } ep; -+ uint32_t key_type; -+ netobj pkey; -+}; -+typedef struct nis_server nis_server; -+ -+#endif /* ! _INTERNAL_NIS_H */ -diff --git a/src/rpc_dtablesize.c b/src/rpc_dtablesize.c -index 13d320c..3fe503a 100644 ---- a/src/rpc_dtablesize.c -+++ b/src/rpc_dtablesize.c -@@ -27,22 +27,14 @@ - */ - - #include <unistd.h> -- - #include <sys/select.h> -- --int _rpc_dtablesize(void); /* XXX */ -+#include <rpc/clnt.h> -+#include <rpc/rpc_com.h> - - /* - * Cache the result of getdtablesize(), so we don't have to do an - * expensive system call every time. - */ --/* -- * XXX In FreeBSD 2.x, you can have the maximum number of open file -- * descriptors be greater than FD_SETSIZE (which us 256 by default). -- * -- * Since old programs tend to use this call to determine the first arg -- * for _select(), having this return > FD_SETSIZE is a Bad Idea(TM)! -- */ - int - _rpc_dtablesize(void) - { -diff --git a/src/rpc_soc.c b/src/rpc_soc.c -index 1ec7b3f..ed0892a 100644 ---- a/src/rpc_soc.c -+++ b/src/rpc_soc.c -@@ -61,8 +61,8 @@ - #include <string.h> - #include <unistd.h> - #include <fcntl.h> --#include <rpcsvc/nis.h> - -+#include "nis.h" - #include "rpc_com.h" - - extern mutex_t rpcsoc_lock; -diff --git a/src/rtime.c b/src/rtime.c -index c34e0af..b642840 100644 ---- a/src/rtime.c -+++ b/src/rtime.c -@@ -46,6 +46,7 @@ - #include <unistd.h> - #include <errno.h> - #include <sys/types.h> -+#include <sys/poll.h> - #include <sys/socket.h> - #include <sys/time.h> - #include <netinet/in.h> -@@ -67,7 +68,8 @@ rtime(addrp, timep, timeout) - struct timeval *timeout; - { - int s; -- fd_set readfds; -+ struct pollfd fd; -+ int milliseconds; - int res; - unsigned long thetime; - struct sockaddr_in from; -@@ -94,31 +96,32 @@ rtime(addrp, timep, timeout) - addrp->sin_port = serv->s_port; - - if (type == SOCK_DGRAM) { -- res = sendto(s, (char *)&thetime, sizeof(thetime), 0, -+ res = sendto(s, (char *)&thetime, sizeof(thetime), 0, - (struct sockaddr *)addrp, sizeof(*addrp)); - if (res < 0) { - do_close(s); -- return(-1); -+ return(-1); - } -- do { -- FD_ZERO(&readfds); -- FD_SET(s, &readfds); -- res = select(_rpc_dtablesize(), &readfds, -- (fd_set *)NULL, (fd_set *)NULL, timeout); -- } while (res < 0 && errno == EINTR); -+ -+ milliseconds = (timeout->tv_sec * 1000) + (timeout->tv_usec / 1000); -+ fd.fd = s; -+ fd.events = POLLIN; -+ do -+ res = poll (&fd, 1, milliseconds); -+ while (res < 0 && errno == EINTR); - if (res <= 0) { - if (res == 0) { - errno = ETIMEDOUT; - } - do_close(s); -- return(-1); -+ return(-1); - } - fromlen = sizeof(from); -- res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, -+ res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, - (struct sockaddr *)&from, &fromlen); - do_close(s); - if (res < 0) { -- return(-1); -+ return(-1); - } - } else { - if (connect(s, (struct sockaddr *)addrp, sizeof(*addrp)) < 0) { -diff --git a/src/svc.c b/src/svc.c -index 9c41445..b59467b 100644 ---- a/src/svc.c -+++ b/src/svc.c -@@ -99,7 +99,7 @@ xprt_register (xprt) - { - __svc_xports = (SVCXPRT **) calloc (_rpc_dtablesize(), sizeof (SVCXPRT *)); - if (__svc_xports == NULL) -- return; -+ goto unlock; - } - if (sock < _rpc_dtablesize()) - { -@@ -120,14 +120,14 @@ xprt_register (xprt) - svc_pollfd[i].fd = sock; - svc_pollfd[i].events = (POLLIN | POLLPRI | - POLLRDNORM | POLLRDBAND); -- return; -+ goto unlock; - } - - new_svc_pollfd = (struct pollfd *) realloc (svc_pollfd, - sizeof (struct pollfd) - * (svc_max_pollfd + 1)); - if (new_svc_pollfd == NULL) /* Out of memory */ -- return; -+ goto unlock; - svc_pollfd = new_svc_pollfd; - ++svc_max_pollfd; - -@@ -135,6 +135,7 @@ xprt_register (xprt) - svc_pollfd[svc_max_pollfd - 1].events = (POLLIN | POLLPRI | - POLLRDNORM | POLLRDBAND); - } -+unlock: - rwlock_unlock (&svc_fd_lock); - } - -diff --git a/src/svc_auth_des.c b/src/svc_auth_des.c -index 5bc264c..2e90146 100644 ---- a/src/svc_auth_des.c -+++ b/src/svc_auth_des.c -@@ -86,13 +86,13 @@ static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */; - static short *authdes_lru/* [AUTHDES_CACHESZ] */; - - static void cache_init(); /* initialize the cache */ --static short cache_spot(); /* find an entry in the cache */ --static void cache_ref(/*short sid*/); /* note that sid was ref'd */ -+static short cache_spot(des_block *key, char *name, struct timeval *timestamp); /* find an entry in the cache */ -+static void cache_ref(short sid); /* note that sid was ref'd */ - --static void invalidate(); /* invalidate entry in cache */ -+static void invalidate(char *cred); /* invalidate entry in cache */ - - /* -- * cache statistics -+ * cache statistics - */ - static struct { - u_long ncachehits; /* times cache hit, and is not replay */ -diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c -index b6aa407..bece46a 100644 ---- a/src/svc_auth_gss.c -+++ b/src/svc_auth_gss.c -@@ -129,6 +129,8 @@ struct svc_rpc_gss_data { - ((struct svc_rpc_gss_data *)(auth)->svc_ah_private) - - /* Global server credentials. */ -+static u_int _svcauth_req_time = 0; -+static gss_OID_set_desc _svcauth_oid_set = {1, GSS_C_NULL_OID }; - static gss_cred_id_t _svcauth_gss_creds; - static gss_name_t _svcauth_gss_name = GSS_C_NO_NAME; - static char * _svcauth_svc_name = NULL; -@@ -167,6 +169,7 @@ svcauth_gss_import_name(char *service) - gss_name_t name; - gss_buffer_desc namebuf; - OM_uint32 maj_stat, min_stat; -+ bool_t result; - - gss_log_debug("in svcauth_gss_import_name()"); - -@@ -181,22 +184,21 @@ svcauth_gss_import_name(char *service) - maj_stat, min_stat); - return (FALSE); - } -- if (svcauth_gss_set_svc_name(name) != TRUE) { -- gss_release_name(&min_stat, &name); -- return (FALSE); -- } -- return (TRUE); -+ result = svcauth_gss_set_svc_name(name); -+ gss_release_name(&min_stat, &name); -+ return result; - } - - static bool_t --svcauth_gss_acquire_cred(u_int req_time, gss_OID_set_desc *oid_set) -+svcauth_gss_acquire_cred(void) - { - OM_uint32 maj_stat, min_stat; - - gss_log_debug("in svcauth_gss_acquire_cred()"); - -- maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, req_time, -- oid_set, GSS_C_ACCEPT, -+ maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, -+ _svcauth_req_time, &_svcauth_oid_set, -+ GSS_C_ACCEPT, - &_svcauth_gss_creds, NULL, NULL); - - if (maj_stat != GSS_S_COMPLETE) { -@@ -300,6 +302,8 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, - NULL, - &gd->deleg); - -+ xdr_free((xdrproc_t)xdr_rpc_gss_init_args, (caddr_t)&recv_tok); -+ - if (gr->gr_major != GSS_S_COMPLETE && - gr->gr_major != GSS_S_CONTINUE_NEEDED) { - gss_log_status("svcauth_gss_accept_sec_context: accept_sec_context", -@@ -352,8 +356,11 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst, - return (FALSE); - - rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS; -- rqst->rq_xprt->xp_verf.oa_base = checksum.value; -+ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, -+ checksum.length); - rqst->rq_xprt->xp_verf.oa_length = checksum.length; -+ -+ gss_release_buffer(&min_stat, &checksum); - } - return (TRUE); - } -@@ -435,10 +442,13 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num) - maj_stat, min_stat); - return (FALSE); - } -+ - rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS; -- rqst->rq_xprt->xp_verf.oa_base = (caddr_t)checksum.value; -+ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, checksum.length); - rqst->rq_xprt->xp_verf.oa_length = (u_int)checksum.length; - -+ gss_release_buffer(&min_stat, &checksum); -+ - return (TRUE); - } - -@@ -568,6 +578,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - gss_qop_t qop; - struct svcauth_gss_cache_entry **ce; - time_t now; -+ enum auth_stat result = AUTH_OK; -+ OM_uint32 min_stat; - - gss_log_debug("in svcauth_gss()"); - -@@ -621,19 +633,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - XDR_DESTROY(&xdrs); - - /* Check version. */ -- if (gc->gc_v != RPCSEC_GSS_VERSION) -- return (AUTH_BADCRED); -+ if (gc->gc_v != RPCSEC_GSS_VERSION) { -+ result = AUTH_BADCRED; -+ goto out; -+ } - - /* Check RPCSEC_GSS service. */ - if (gc->gc_svc != RPCSEC_GSS_SVC_NONE && - gc->gc_svc != RPCSEC_GSS_SVC_INTEGRITY && -- gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) -- return (AUTH_BADCRED); -+ gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) { -+ result = AUTH_BADCRED; -+ goto out; -+ } - - /* Check sequence number. */ - if (gd->established) { -- if (gc->gc_seq > MAXSEQ) -- return (RPCSEC_GSS_CTXPROBLEM); -+ if (gc->gc_seq > MAXSEQ) { -+ result = RPCSEC_GSS_CTXPROBLEM; -+ goto out; -+ } - - if ((offset = gd->seqlast - gc->gc_seq) < 0) { - gd->seqlast = gc->gc_seq; -@@ -643,7 +661,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - } - else if (offset >= gd->win || (gd->seqmask & (1 << offset))) { - *no_dispatch = 1; -- return (RPCSEC_GSS_CTXPROBLEM); -+ result = RPCSEC_GSS_CTXPROBLEM; -+ goto out; - } - gd->seq = gc->gc_seq; - gd->seqmask |= (1 << offset); -@@ -654,35 +673,52 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - rqst->rq_svcname = (char *)gd->ctx; - } - -+ rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base; -+ - /* Handle RPCSEC_GSS control procedure. */ - switch (gc->gc_proc) { - - case RPCSEC_GSS_INIT: - case RPCSEC_GSS_CONTINUE_INIT: -- if (rqst->rq_proc != NULLPROC) -- return (AUTH_FAILED); /* XXX ? */ -+ if (rqst->rq_proc != NULLPROC) { -+ result = AUTH_FAILED; /* XXX ? */ -+ break; -+ } - - if (_svcauth_gss_name == GSS_C_NO_NAME) { -- if (!svcauth_gss_import_name("nfs")) -- return (AUTH_FAILED); -+ if (!svcauth_gss_import_name("nfs")) { -+ result = AUTH_FAILED; -+ break; -+ } - } - -- if (!svcauth_gss_acquire_cred(0, GSS_C_NULL_OID_SET)) -- return (AUTH_FAILED); -+ if (!svcauth_gss_acquire_cred()) { -+ result = AUTH_FAILED; -+ break; -+ } - -- if (!svcauth_gss_accept_sec_context(rqst, &gr)) -- return (AUTH_REJECTEDCRED); -+ if (!svcauth_gss_accept_sec_context(rqst, &gr)) { -+ result = AUTH_REJECTEDCRED; -+ break; -+ } - -- if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) -- return (AUTH_FAILED); -+ if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) { -+ result = AUTH_FAILED; -+ break; -+ } - - *no_dispatch = TRUE; - - call_stat = svc_sendreply(rqst->rq_xprt, - (xdrproc_t)xdr_rpc_gss_init_res, (caddr_t)&gr); - -- if (!call_stat) -- return (AUTH_FAILED); -+ gss_release_buffer(&min_stat, &gr.gr_token); -+ free(gr.gr_ctx.value); -+ -+ if (!call_stat) { -+ result = AUTH_FAILED; -+ break; -+ } - - if (gr.gr_major == GSS_S_COMPLETE) - gd->established = TRUE; -@@ -690,27 +726,37 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - break; - - case RPCSEC_GSS_DATA: -- if (!svcauth_gss_validate(gd, msg, &qop)) -- return (RPCSEC_GSS_CREDPROBLEM); -+ if (!svcauth_gss_validate(gd, msg, &qop)) { -+ result = RPCSEC_GSS_CREDPROBLEM; -+ break; -+ } - -- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) -- return (AUTH_FAILED); -+ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) { -+ result = AUTH_FAILED; -+ break; -+ } - - if (!gd->callback_done) { - gd->callback_done = TRUE; - gd->sec.qop = qop; - (void)rpc_gss_num_to_qop(gd->rcred.mechanism, - gd->sec.qop, &gd->rcred.qop); -- if (!svcauth_gss_callback(rqst, gd)) -- return (AUTH_REJECTEDCRED); -+ if (!svcauth_gss_callback(rqst, gd)) { -+ result = AUTH_REJECTEDCRED; -+ break; -+ } - } - - if (gd->locked) { - if (gd->rcred.service != -- _rpc_gss_svc_to_service(gc->gc_svc)) -- return (AUTH_FAILED); -- if (gd->sec.qop != qop) -- return (AUTH_BADVERF); -+ _rpc_gss_svc_to_service(gc->gc_svc)) { -+ result = AUTH_FAILED; -+ break; -+ } -+ if (gd->sec.qop != qop) { -+ result = AUTH_BADVERF; -+ break; -+ } - } - - if (gd->sec.qop != qop) { -@@ -724,17 +770,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - break; - - case RPCSEC_GSS_DESTROY: -- if (rqst->rq_proc != NULLPROC) -- return (AUTH_FAILED); /* XXX ? */ -+ if (rqst->rq_proc != NULLPROC) { -+ result = AUTH_FAILED; /* XXX ? */ -+ break; -+ } - -- if (!svcauth_gss_validate(gd, msg, &qop)) -- return (RPCSEC_GSS_CREDPROBLEM); -+ if (!svcauth_gss_validate(gd, msg, &qop)) { -+ result = RPCSEC_GSS_CREDPROBLEM; -+ break; -+ } - -- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) -- return (AUTH_FAILED); -+ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) { -+ result = AUTH_FAILED; -+ break; -+ } - -- if (!svcauth_gss_release_cred()) -- return (AUTH_FAILED); -+ if (!svcauth_gss_release_cred()) { -+ result = AUTH_FAILED; -+ break; -+ } - - SVCAUTH_DESTROY(&SVC_XP_AUTH(rqst->rq_xprt)); - SVC_XP_AUTH(rqst->rq_xprt).svc_ah_ops = svc_auth_none.svc_ah_ops; -@@ -743,10 +797,12 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch) - break; - - default: -- return (AUTH_REJECTEDCRED); -+ result = AUTH_REJECTEDCRED; - break; - } -- return (AUTH_OK); -+out: -+ xdr_free((xdrproc_t)xdr_rpc_gss_cred, (caddr_t)gc); -+ return result; - } - - static bool_t -@@ -890,7 +946,6 @@ bool_t - rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time, - u_int UNUSED(program), u_int UNUSED(version)) - { -- gss_OID_set_desc oid_set; - rpc_gss_OID oid; - char *save; - -@@ -902,14 +957,13 @@ rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time, - - if (!rpc_gss_mech_to_oid(mechanism, &oid)) - goto out_err; -- oid_set.count = 1; -- oid_set.elements = (gss_OID)oid; - - if (!svcauth_gss_import_name(principal)) - goto out_err; -- if (!svcauth_gss_acquire_cred(req_time, &oid_set)) -- goto out_err; - -+ _svcauth_req_time = req_time; -+ _svcauth_oid_set.count = 1; -+ _svcauth_oid_set.elements = (gss_OID)oid; - free(_svcauth_svc_name); - _svcauth_svc_name = save; - return TRUE; -diff --git a/src/svc_vc.c b/src/svc_vc.c -index 6ae613d..97a76a3 100644 ---- a/src/svc_vc.c -+++ b/src/svc_vc.c -@@ -270,14 +270,8 @@ makefd_xprt(fd, sendsize, recvsize) - struct cf_conn *cd; - const char *netid; - struct __rpc_sockinfo si; -- -- assert(fd != -1); - -- if (fd >= FD_SETSIZE) { -- warnx("svc_vc: makefd_xprt: fd too high\n"); -- xprt = NULL; -- goto done; -- } -+ assert(fd != -1); - - xprt = mem_alloc(sizeof(SVCXPRT)); - if (xprt == NULL) { -@@ -338,22 +332,10 @@ rendezvous_request(xprt, msg) - r = (struct cf_rendezvous *)xprt->xp_p1; - again: - len = sizeof addr; -- if ((sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, -- &len)) < 0) { -+ sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, &len); -+ if (sock < 0) { - if (errno == EINTR) - goto again; -- -- if (errno == EMFILE || errno == ENFILE) { -- /* If there are no file descriptors available, then accept will fail. -- We want to delay here so the connection request can be dequeued; -- otherwise we can bounce between polling and accepting, never -- giving the request a chance to dequeue and eating an enormous -- amount of cpu time in svc_run if we're polling on many file -- descriptors. */ -- struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 }; -- nanosleep (&ts, NULL); -- goto again; -- } - return (FALSE); - } - /* -diff --git a/tirpc/rpc/des.h b/tirpc/rpc/des.h -index d2881ad..018aa48 100644 ---- a/tirpc/rpc/des.h -+++ b/tirpc/rpc/des.h -@@ -82,6 +82,6 @@ struct desparams { - /* - * Software DES. - */ --extern int _des_crypt( char *, int, struct desparams * ); -+extern int _des_crypt( char *, unsigned, struct desparams * ); - - #endif -diff --git a/tirpc/rpc/rpcent.h b/tirpc/rpc/rpcent.h -index 147f909..e07503c 100644 ---- a/tirpc/rpc/rpcent.h -+++ b/tirpc/rpc/rpcent.h -@@ -60,10 +60,11 @@ struct rpcent { - extern struct rpcent *getrpcbyname(const char *); - extern struct rpcent *getrpcbynumber(int); - extern struct rpcent *getrpcent(void); --#endif - - extern void setrpcent(int); - extern void endrpcent(void); -+#endif -+ - #ifdef __cplusplus - } - #endif diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb b/meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb index 7be8e1062c..f9718c576b 100644 --- a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb +++ b/meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb @@ -11,20 +11,17 @@ PROVIDES = "virtual/librpc" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2;name=libtirpc \ ${GENTOO_MIRROR}/${BPN}-glibc-nfs.tar.xz;name=glibc-nfs \ - file://libtirpc-1.0.2-rc3.patch \ - file://libtirpc-0.2.1-fortify.patch \ file://export_key_secretkey_is_set.patch \ file://0001-replace-__bzero-with-memset-API.patch \ file://0001-include-stdint.h-for-uintptr_t.patch \ - file://0001-Fix-for-CVE-2017-8779.patch \ " SRC_URI_append_libc-musl = " \ file://Use-netbsd-queue.h.patch \ " -SRC_URI[libtirpc.md5sum] = "36ce1c0ff80863bb0839d54aa0b94014" -SRC_URI[libtirpc.sha256sum] = "5156974f31be7ccbc8ab1de37c4739af6d9d42c87b1d5caf4835dda75fcbb89e" +SRC_URI[libtirpc.md5sum] = "d5a37f1dccec484f9cabe2b97e54e9a6" +SRC_URI[libtirpc.sha256sum] = "723c5ce92706cbb601a8db09110df1b4b69391643158f20ff587e20e7c5f90f5" SRC_URI[glibc-nfs.md5sum] = "5ae500b9d0b6b72cb875bc04944b9445" SRC_URI[glibc-nfs.sha256sum] = "2677cfedf626f3f5a8f6e507aed5bb8f79a7453b589d684dbbc086e755170d83" |