From 39366733c3fe943363566756e2e152c45a1b3cb2 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 25 May 2018 23:29:36 +0000 Subject: Fri May 25 23:29:36 UTC 2018 patches/packages/glibc-zoneinfo-2018e-noarch-2_slack14.2.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific. --- ...nd.8-Clarify-state-file-usage-and-history.patch | 39 ++++ ...r-all-svc_getargs-calls-with-svc_freeargs.patch | 218 +++++++++++++++++++++ ...proc_dump-Fixed-typo-in-memory-leak-patch.patch | 29 +++ ...rpcbind-fix-building-without-enable-debug.patch | 69 +++++++ ..._callit_com-Stop-freeing-a-static-pointer.patch | 96 +++++++++ ...llit_com-No-need-to-allocate-output-buffe.patch | 96 +++++++++ .../01.rpcbind-manpage-statefile-explanation.patch | 25 +++ patches/source/rpcbind/doinst.sh | 24 +++ patches/source/rpcbind/rc.rpc | 64 ++++++ patches/source/rpcbind/rpcbind.SlackBuild | 155 +++++++++++++++ .../source/rpcbind/rpcbind.lwrap.needs.lnsl.diff | 14 ++ patches/source/rpcbind/slack-desc | 19 ++ 12 files changed, 848 insertions(+) create mode 100644 patches/source/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch create mode 100644 patches/source/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch create mode 100644 patches/source/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch create mode 100644 patches/source/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch create mode 100644 patches/source/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch create mode 100644 patches/source/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch create mode 100644 patches/source/rpcbind/01.rpcbind-manpage-statefile-explanation.patch create mode 100644 patches/source/rpcbind/doinst.sh create mode 100644 patches/source/rpcbind/rc.rpc create mode 100755 patches/source/rpcbind/rpcbind.SlackBuild create mode 100644 patches/source/rpcbind/rpcbind.lwrap.needs.lnsl.diff create mode 100644 patches/source/rpcbind/slack-desc (limited to 'patches/source/rpcbind') diff --git a/patches/source/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch b/patches/source/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch new file mode 100644 index 000000000..9ea5870d8 --- /dev/null +++ b/patches/source/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch @@ -0,0 +1,39 @@ +From a89ba6d07832cb62a86601971380fda7130c6826 Mon Sep 17 00:00:00 2001 +From: "Patrick J. Volkerding" +Date: Mon, 17 Jul 2017 23:09:36 -0500 +Subject: [PATCH 1/2] man/rpcibind.8: Clarify state file usage and history + +--- + man/rpcbind.8 | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/man/rpcbind.8 b/man/rpcbind.8 +index af6200f..bdfb1c8 100644 +--- a/man/rpcbind.8 ++++ b/man/rpcbind.8 +@@ -132,11 +132,20 @@ to connect to services from a privileged port. + .It Fl w + Cause + .Nm +-to do a "warm start" by read a state file when ++to do a "warm start" by attempting to read *.xdr state files from the ++state directory ++.%T /var/run/rpcbind ++when + .Nm +-starts up. The state file is created when ++starts up. The state files are created when + .Nm + terminates. ++.Pp ++This allows for restarting ++.Nm ++without the need to restart all RPC services that have previously registered. ++The state files serve a similar purpose to the files created/restored by the ++pmap_dump and pmap_set utilities distributed with the old portmap server package. + .El + .Sh NOTES + All RPC servers must be restarted if +-- +2.13.2 + diff --git a/patches/source/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch b/patches/source/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch new file mode 100644 index 000000000..060614cc9 --- /dev/null +++ b/patches/source/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch @@ -0,0 +1,218 @@ +From 7ea36eeece56b59f98e469934e4c20b4da043346 Mon Sep 17 00:00:00 2001 +From: Doran Moppert +Date: Thu, 11 May 2017 11:42:54 -0400 +Subject: [PATCH 2/6] rpcbind: pair all svc_getargs() calls with svc_freeargs() + to avoid memory leak + +This patch is to address CVE-2017-8779 "rpcbomb" in rpcbind, discussed +at [1], [2], [3]. The last link suggests this issue is actually a bug +in rpcbind, which led me here. + +The leak caused by the reproducer at [4] appears to come from +rpcb_service_4(), in the case where svc_getargs() returns false and the +function had an early return, rather than passing through the cleanup +path at done:, as would otherwise occur. + +It also addresses a couple of other locations where the same fault seems +to exist, though I haven't been able to exercise those. I hope someone +more intimate with rpc(3) can confirm my understanding is correct, and +that I haven't introduced any new bugs. + +Without this patch, using the reproducer (and variants) repeatedly +against rpcbind with a numBytes argument of 1_000_000_000, /proc/$(pidof +rpcbind)/status reports VmSize increase of 976564 kB each call, and +VmRSS increase of around 260 kB every 33 calls - the specific numbers +are probably an artifact of my rhel/glibc version. With the patch, +there is a small (~50 kB) VmSize increase with the first message, but +thereafter both VmSize and VmRSS remain steady. + +[1]: http://seclists.org/oss-sec/2017/q2/209 +[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1448124 +[3]: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html +[4]: https://github.com/guidovranken/rpcbomb/ + +Signed-off-by: Doran Moppert +Signed-off-by: Steve Dickson +--- + src/pmap_svc.c | 56 +++++++++++++++++++++++++++++++++++++++++++++--------- + src/rpcb_svc.c | 2 +- + src/rpcb_svc_4.c | 2 +- + src/rpcb_svc_com.c | 8 ++++++++ + 4 files changed, 57 insertions(+), 11 deletions(-) + +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index 4c744fe..e926cdc 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + long ans; + uid_t uid; + char uidbuf[32]; ++ int rc = TRUE; + + /* + * Can't use getpwnam here. We might end up calling ourselves +@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + #ifdef RPCBIND_DEBUG + if (debugging) +@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + + if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); +- return (FALSE); ++ rc = (FALSE); ++ goto done; + } + + rpcbreg.r_prog = reg.pm_prog; +@@ -258,7 +261,16 @@ done_change: + rpcbs_set(RPCBVERS_2_STAT, ans); + else + rpcbs_unset(RPCBVERS_2_STAT, ans); +- return (TRUE); ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + /* ARGSUSED */ +@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + #ifdef RPCBIND_DEBUG + char *uaddr; + #endif ++ int rc = TRUE; + + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + + if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); +- return FALSE; ++ rc = FALSE; ++ goto done; + } + + #ifdef RPCBIND_DEBUG +@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + pmap_ipprot2netid(reg.pm_prot) ?: "", + port ? udptrans : ""); + +- return (TRUE); ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + /* ARGSUSED */ + static bool_t + pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + { ++ int rc = TRUE; ++ + if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + + if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) { + svcerr_weakauth(xprt); +- return FALSE; ++ rc = FALSE; ++ goto done; + } + + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr, +@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + rpcbind_abort(); + } + } +- return (TRUE); ++ ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + int pmap_netid2ipprot(const char *netid) +diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c +index 709e3fb..091f530 100644 +--- a/src/rpcb_svc.c ++++ b/src/rpcb_svc.c +@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + svcerr_decode(transp); + if (debugging) + (void) xlog(LOG_DEBUG, "rpcbind: could not decode"); +- return; ++ goto done; + } + + if (rqstp->rq_proc == RPCBPROC_SET +diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c +index 5094879..eebbbbe 100644 +--- a/src/rpcb_svc_4.c ++++ b/src/rpcb_svc_4.c +@@ -218,7 +218,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + svcerr_decode(transp); + if (debugging) + (void) xlog(LOG_DEBUG, "rpcbind: could not decode\n"); +- return; ++ goto done; + } + + if (rqstp->rq_proc == RPCBPROC_SET +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 5862c26..cb63afd 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -927,6 +927,14 @@ error: + if (call_msg.rm_xid != 0) + (void) free_slot_by_xid(call_msg.rm_xid); + out: ++ if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } + if (local_uaddr) + free(local_uaddr); + if (buf_alloc) +-- +2.13.0 + diff --git a/patches/source/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch b/patches/source/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch new file mode 100644 index 000000000..6cf885ac4 --- /dev/null +++ b/patches/source/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch @@ -0,0 +1,29 @@ +From c49a7ea639eb700823e174fd605bbbe183e229aa Mon Sep 17 00:00:00 2001 +From: Steve Dickson +Date: Wed, 17 May 2017 10:52:25 -0400 +Subject: [PATCH 3/6] pmapproc_dump: Fixed typo in memory leak patch + +commit 7ea36eee introduce a typo that caused +NIS (aka ypbind) to fail. + +Signed-off-by: Steve Dickson +--- + src/pmap_svc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index e926cdc..26c31d0 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -384,7 +384,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + } + + done: +- if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) { ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) { + if (debugging) { + (void) xlog(LOG_DEBUG, "unable to free arguments\n"); + if (doabort) { +-- +2.13.0 + diff --git a/patches/source/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch b/patches/source/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch new file mode 100644 index 000000000..f7c307942 --- /dev/null +++ b/patches/source/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch @@ -0,0 +1,69 @@ +From c0e38c9fd1b2c6785af90c86b26a07724c2488e8 Mon Sep 17 00:00:00 2001 +From: Nick Alcock +Date: Thu, 25 May 2017 12:45:35 -0400 +Subject: [PATCH 4/6] rpcbind: fix building without --enable-debug + +All if (debugging) stanzas and their accompanying xlog()s and aborts +should be within #ifdef RPCBIND_DEBUG. + +Fixes a compilation failure due to non-inclusion of in the +non-debugging case. + +Signed-off-by: Nick Alcock +Signed-off-by: Steve Dickson +--- + src/pmap_svc.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index 26c31d0..a53dd5f 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -263,12 +263,14 @@ done_change: + rpcbs_unset(RPCBVERS_2_STAT, ans); + done: + if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++#ifdef RPCBIND_DEBUG + if (debugging) { + (void) xlog(LOG_DEBUG, "unable to free arguments\n"); + if (doabort) { + rpcbind_abort(); + } + } ++#endif + } + return (rc); + } +@@ -347,12 +349,14 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + + done: + if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++#ifdef RPCBIND_DEBUG + if (debugging) { + (void) xlog(LOG_DEBUG, "unable to free arguments\n"); + if (doabort) { + rpcbind_abort(); + } + } ++#endif + } + return (rc); + } +@@ -385,12 +389,14 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + + done: + if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) { ++#ifdef RPCBIND_DEBUG + if (debugging) { + (void) xlog(LOG_DEBUG, "unable to free arguments\n"); + if (doabort) { + rpcbind_abort(); + } + } ++#endif + } + return (rc); + } +-- +2.13.0 + diff --git a/patches/source/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch b/patches/source/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch new file mode 100644 index 000000000..ff42c9e43 --- /dev/null +++ b/patches/source/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch @@ -0,0 +1,96 @@ +From 7c7590ad536c0e24bef790cb1e65702fc54db566 Mon Sep 17 00:00:00 2001 +From: Steve Dickson +Date: Tue, 30 May 2017 11:27:22 -0400 +Subject: [PATCH 5/6] rpcbproc_callit_com: Stop freeing a static pointer + +commit 7ea36ee introduced a svc_freeargs() call +that ended up freeing static pointer. + +It turns out the allocations for the rmt_args +is not necessary . The xdr routines (xdr_bytes) will +handle the memory management and the largest +possible message size is UDPMSGSIZE (due to UDP only) +which is smaller than RPC_BUF_MAX + +Signed-off-by: Steve Dickson +--- + src/rpcb_svc_com.c | 39 ++++++--------------------------------- + 1 file changed, 6 insertions(+), 33 deletions(-) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index cb63afd..1fc2229 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -612,9 +612,9 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + struct netconfig *nconf; + struct netbuf *caller; + struct r_rmtcall_args a; +- char *buf_alloc = NULL, *outbufp; ++ char *outbufp; + char *outbuf_alloc = NULL; +- char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX]; ++ char outbuf[RPC_BUF_MAX]; + struct netbuf *na = (struct netbuf *) NULL; + struct rpc_msg call_msg; + int outlen; +@@ -635,36 +635,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + } + if (si.si_socktype != SOCK_DGRAM) + return; /* Only datagram type accepted */ +- sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE); +- if (sendsz == 0) { /* data transfer not supported */ +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- return; +- } +- /* +- * Should be multiple of 4 for XDR. +- */ +- sendsz = ((sendsz + 3) / 4) * 4; +- if (sendsz > RPC_BUF_MAX) { +-#ifdef notyet +- buf_alloc = alloca(sendsz); /* not in IDR2? */ +-#else +- buf_alloc = malloc(sendsz); +-#endif /* notyet */ +- if (buf_alloc == NULL) { +- if (debugging) +- xlog(LOG_DEBUG, +- "rpcbproc_callit_com: No Memory!\n"); +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- return; +- } +- a.rmt_args.args = buf_alloc; +- } else { +- a.rmt_args.args = buf; +- } ++ sendsz = UDPMSGSIZE; + + call_msg.rm_xid = 0; /* For error checking purposes */ ++ memset(&a, 0, sizeof(a)); /* Zero out the input buffer */ + if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { + if (reply_type == RPCBPROC_INDIRECT) + svcerr_decode(transp); +@@ -704,7 +678,8 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (rbl == (rpcblist_ptr)NULL) { + #ifdef RPCBIND_DEBUG + if (debugging) +- xlog(LOG_DEBUG, "not found\n"); ++ xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n", ++ a.rmt_prog, a.rmt_vers); + #endif + if (reply_type == RPCBPROC_INDIRECT) + svcerr_noprog(transp); +@@ -937,8 +912,6 @@ out: + } + if (local_uaddr) + free(local_uaddr); +- if (buf_alloc) +- free(buf_alloc); + if (outbuf_alloc) + free(outbuf_alloc); + if (na) { +-- +2.13.2 + diff --git a/patches/source/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch b/patches/source/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch new file mode 100644 index 000000000..1a0aa6cfb --- /dev/null +++ b/patches/source/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch @@ -0,0 +1,96 @@ +From 1e2ddd4ebd7a9266e6070f275fa35752752fdfd6 Mon Sep 17 00:00:00 2001 +From: Steve Dickson +Date: Tue, 30 May 2017 11:29:58 -0400 +Subject: [PATCH 6/6] rpcbproc_callit_com: No need to allocate output buffer + +Now that sendz is a fixed size (UDPMSGSIZE) which +is small then RPC_BUF_MAX, no need to check the +sendz size. + +Signed-off-by: Steve Dickson +--- + src/rpcb_svc_com.c | 33 +++++---------------------------- + 1 file changed, 5 insertions(+), 28 deletions(-) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 1fc2229..d36b090 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -612,8 +612,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + struct netconfig *nconf; + struct netbuf *caller; + struct r_rmtcall_args a; +- char *outbufp; +- char *outbuf_alloc = NULL; + char outbuf[RPC_BUF_MAX]; + struct netbuf *na = (struct netbuf *) NULL; + struct rpc_msg call_msg; +@@ -674,7 +672,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + + rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers, + a.rmt_proc, transp->xp_netid, rbl); +- + if (rbl == (rpcblist_ptr)NULL) { + #ifdef RPCBIND_DEBUG + if (debugging) +@@ -793,24 +790,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; + call_msg.rm_call.cb_prog = a.rmt_prog; + call_msg.rm_call.cb_vers = a.rmt_vers; +- if (sendsz > RPC_BUF_MAX) { +-#ifdef notyet +- outbuf_alloc = alloca(sendsz); /* not in IDR2? */ +-#else +- outbuf_alloc = malloc(sendsz); +-#endif /* notyet */ +- if (outbuf_alloc == NULL) { +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- if (debugging) +- xlog(LOG_DEBUG, +- "rpcbproc_callit_com: No memory!\n"); +- goto error; +- } +- xdrmem_create(&outxdr, outbuf_alloc, sendsz, XDR_ENCODE); +- } else { +- xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); +- } ++ ++ memset(outbuf, '\0', sendsz); /* Zero out the output buffer */ ++ xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); ++ + if (!xdr_callhdr(&outxdr, &call_msg)) { + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); +@@ -875,10 +858,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + goto error; + } + outlen = (int) XDR_GETPOS(&outxdr); +- if (outbuf_alloc) +- outbufp = outbuf_alloc; +- else +- outbufp = outbuf; + + na = uaddr2taddr(nconf, local_uaddr); + if (!na) { +@@ -887,7 +866,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + goto error; + } + +- if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len) ++ if (sendto(fd, outbuf, outlen, 0, (struct sockaddr *)na->buf, na->len) + != outlen) { + if (debugging) + xlog(LOG_DEBUG, +@@ -912,8 +891,6 @@ out: + } + if (local_uaddr) + free(local_uaddr); +- if (outbuf_alloc) +- free(outbuf_alloc); + if (na) { + free(na->buf); + free(na); +-- +2.13.2 + diff --git a/patches/source/rpcbind/01.rpcbind-manpage-statefile-explanation.patch b/patches/source/rpcbind/01.rpcbind-manpage-statefile-explanation.patch new file mode 100644 index 000000000..946dd1bd1 --- /dev/null +++ b/patches/source/rpcbind/01.rpcbind-manpage-statefile-explanation.patch @@ -0,0 +1,25 @@ +--- rpcbind-0.2.3/man/rpcbind.8 2015-04-27 16:07:43.000000000 +0200 ++++ rpcbind-0.2.3/man/rpcbind.8 2015-09-22 16:25:40.000000000 +0200 +@@ -132,11 +132,20 @@ + .It Fl w + Cause + .Nm +-to do a "warm start" by read a state file when ++to do a "warm start" by attempting to read *.xdr state files from the ++state directory ++.%T /var/state/rpcbind ++when + .Nm +-starts up. The state file is created when ++starts up. The state files are created when + .Nm + terminates. ++.Pp ++This allows for restarting ++.Nm ++without the need to restart all RPC services that have previously registered. ++The state file serves similar purpose like the file created/restored by ++pmap_dump and pmap_set utilities, distributed with old portmap server package. + .El + .Sh NOTES + All RPC servers must be restarted if diff --git a/patches/source/rpcbind/doinst.sh b/patches/source/rpcbind/doinst.sh new file mode 100644 index 000000000..5f7dfaf55 --- /dev/null +++ b/patches/source/rpcbind/doinst.sh @@ -0,0 +1,24 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.rpc.new diff --git a/patches/source/rpcbind/rc.rpc b/patches/source/rpcbind/rc.rpc new file mode 100644 index 000000000..c850c5560 --- /dev/null +++ b/patches/source/rpcbind/rc.rpc @@ -0,0 +1,64 @@ +#!/bin/sh +# rc.rpc: start/stop/restart RPC daemons needed to use NFS. +# +# You must run these daemons in order to mount NFS partitions +# (unless you use the mount option '-o nolock', which can +# corrupt files and is not generally recommended unless you +# are mounting the partition(s) as read-only). +# +# To run an NFS server, starting these is mandatory. +# + +rpc_start() { + if [ -x /sbin/rpcbind -a -x /sbin/rpc.statd ]; then + if ! ps axc | grep -q rpcbind ; then + echo "Starting RPC portmapper: /sbin/rpcbind -l $1" + /sbin/rpcbind -l $1 + fi + if ! ps axc | grep -q rpc.statd ; then + echo "Starting RPC NSM (Network Status Monitor): /sbin/rpc.statd" + /sbin/rpc.statd + fi + else + echo "WARNING: Cannot start RPC daemons needed for NFS. One or more of" + echo " these required daemons is not executable or is not present" + echo " on your system:" + echo + echo " /sbin/rpcbind or /sbin/rpc.statd" + echo + fi +} + +rpc_stop() { + killall rpc.statd 2> /dev/null + sleep 1 + killall rpcbind 2> /dev/null + sleep 1 + killall -9 rpc.statd 2> /dev/null # make sure :) + sleep 1 + killall -9 rpcbind 2> /dev/null # make sure :) + sleep 1 +} + +rpc_restart() { + rpc_stop + rpc_start +} + +case "$1" in +'start') + # Warm restart by default (see "man rpcbind" for details about the -w option) + rpc_start -w + ;; +'cold_start') # Start without -w option + rpc_start + ;; +'stop') + rpc_stop + ;; +'restart') + rpc_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac diff --git a/patches/source/rpcbind/rpcbind.SlackBuild b/patches/source/rpcbind/rpcbind.SlackBuild new file mode 100755 index 000000000..894c7dbda --- /dev/null +++ b/patches/source/rpcbind/rpcbind.SlackBuild @@ -0,0 +1,155 @@ +#!/bin/sh + +# Copyright 2015, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rpcbind +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack14.2} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# CVE-2017-8779 +zcat $CWD/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0004-rpcbind-fix-building-without-enable-debug.patch.gz | patch -p1 --verbose || exit 1 + +# Fixes from git master +zcat $CWD/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch.gz | patch -p1 --verbose || exit 1 + +zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch | patch -p1 --verbose || exit 1 +zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1 + +# This is needed after the libwrap patch above: +autoreconf -vif || exit 1 +./autogen.sh + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --bindir=/sbin \ + --libdir=/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-libwrap \ + --enable-warmstarts \ + --with-statedir=/var/run/rpcbind \ + --with-rpcuser=rpc \ + --with-nss-modules="files" \ + --without-systemdsystemunitdir \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Make state directory (not really needed as rpcbind does this on startup) +mkdir -p $PKG/var/run/rpcbind +chown rpc:root $PKG/var/run/rpcbind + +# Install init script: +mkdir -p $PKG/etc/rc.d +zcat $CWD/rc.rpc.gz > $PKG/etc/rc.d/rc.rpc.new + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rpcbind/rpcbind.lwrap.needs.lnsl.diff b/patches/source/rpcbind/rpcbind.lwrap.needs.lnsl.diff new file mode 100644 index 000000000..43f2bdf8f --- /dev/null +++ b/patches/source/rpcbind/rpcbind.lwrap.needs.lnsl.diff @@ -0,0 +1,14 @@ +--- ./configure.ac.orig 2015-04-27 09:07:43.000000000 -0500 ++++ ./configure.ac 2015-12-14 13:34:54.592931654 -0600 +@@ -52,6 +52,11 @@ + fi + AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ]) + ++AC_SEARCH_LIBS(yp_get_default_domain, nsl) ++AC_MSG_CHECKING([for hosts_access in -lwrap]) ++saved_LIBS="$LIBS" ++LIBS="$saved_LIBS -lwrap" ++ + AS_IF([test x$enable_libwrap = xyes], [ + AC_CHECK_LIB([wrap], [hosts_access], , + AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) diff --git a/patches/source/rpcbind/slack-desc b/patches/source/rpcbind/slack-desc new file mode 100644 index 000000000..70adeb78d --- /dev/null +++ b/patches/source/rpcbind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rpcbind: rpcbind (a daemon to manage RPC connections) +rpcbind: +rpcbind: This is a network daemon used to manage connections to RPC services. +rpcbind: It is meant as a replacement for the 'rpc.portmap' server from the +rpcbind: 'portmap' package. Daemons that offer RPC services (such as the +rpcbind: daemons for NFS) tell the rpcbind on what port they listen. +rpcbind: RPC network port numbers may change each time the system is booted. +rpcbind: +rpcbind: This package is required to use NFS or other RPC services. +rpcbind: +rpcbind: Homepage: http://sourceforge.net/projects/rpcbind/ -- cgit v1.2.3