Hello community,
here is the log from the commit of package libtirpc for openSUSE:Factory
checked in at 2018-06-27 10:13:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libtirpc (Old)
and /work/SRC/openSUSE:Factory/.libtirpc.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtirpc"
Wed Jun 27 10:13:28 2018 rev:49 rq:616443 version:1.0.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/libtirpc/libtirpc.changes 2018-03-24
16:06:44.290189229 +0100
+++ /work/SRC/openSUSE:Factory/.libtirpc.new/libtirpc.changes 2018-06-27
10:13:35.481129407 +0200
@@ -1,0 +2,14 @@
+Thu Apr 12 08:06:23 UTC 2018 - thomas.bl...@suse.com
+
+- fix socket leak introduced by change-rpc-protocol-version-order patch
+ (bsc#1087925)
+ - add 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch
+
+-------------------------------------------------------------------
+Thu Apr 5 13:26:43 CEST 2018 - ku...@suse.de
+
+- Revert binddynport changes as they break backward compatibility
+ [brc#1562169].
+ - add 002-revert-binddynport.patch
+
+-------------------------------------------------------------------
New:
----
0001-Fix-regression-introduced-by-change-rpc-version-orde.patch
002-revert-binddynport.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libtirpc.spec ++++++
--- /var/tmp/diff_new_pack.VWc6vh/_old 2018-06-27 10:13:36.177104082 +0200
+++ /var/tmp/diff_new_pack.VWc6vh/_new 2018-06-27 10:13:36.181103937 +0200
@@ -37,6 +37,9 @@
Patch0: 000-bindresvport_blacklist.patch
# only needed on openSUSE >= 13.1, SLE >= 12
Patch1: 001-new-rpcbindsock-path.patch
+# Revert upstream change until tirpc 1.0.4 with a final solutions comes out
+Patch2: 002-revert-binddynport.patch
+Patch3: 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define debug_package_requires libtirpc3 = %{version}-%{release}
@@ -85,9 +88,12 @@
%if 0%{suse_version} >= 1310
%patch1 -p1
%endif
+%patch2 -p1
+%patch3 -p1
%build
sed -i -e 's|@includedir@/tirpc|@includedir@|g' libtirpc.pc.in
+/bin/sh autogen.sh
%configure --disable-static \
%if 0%{suse_version} < 1200
--disable-gssapi \
++++++ 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch ++++++
>From 25d38d744997d5ff03d8b0f2cdd79c0fb7185cca Mon Sep 17 00:00:00 2001
From: Thomas Blume <thomas.bl...@suse.com>
Date: Wed, 18 Apr 2018 08:44:49 -0400
Subject: [PATCH] Fix regression introduced by change rpc version order patch
Fix a socket leak introduced by commit 5e7b57bc20bd9cadff
(rpcinfo: change order of version to be tried to 4, 3, 2)
The new function __try_protocol_version_2 doesn't return
the client, so it can't be closed via CLNT_DESTROY in the
calling function.
Signed-off-by: Thomas Blume <thomas.bl...@suse.com>
Signed-off-by: Steve Dickson <ste...@redhat.com>
---
src/rpcb_clnt.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
index a94fc73..4b44364 100644
--- a/src/rpcb_clnt.c
+++ b/src/rpcb_clnt.c
@@ -752,7 +752,7 @@ __try_protocol_version_2(program, version, nconf, host, tp)
client = getpmaphandle(nconf, host, &parms.r_addr);
if (client == NULL)
- return (NULL);
+ goto error;
/*
* Set retry timeout.
@@ -771,11 +771,11 @@ __try_protocol_version_2(program, version, nconf, host,
tp)
if (clnt_st != RPC_SUCCESS) {
rpc_createerr.cf_stat = RPC_PMAPFAILURE;
clnt_geterr(client, &rpc_createerr.cf_error);
- return (NULL);
+ goto error;
} else if (port == 0) {
pmapaddress = NULL;
rpc_createerr.cf_stat = RPC_PROGNOTREGISTERED;
- return (NULL);
+ goto error;
}
port = htons(port);
CLNT_CONTROL(client, CLGET_SVC_ADDR, (char *)&remote);
@@ -789,14 +789,24 @@ __try_protocol_version_2(program, version, nconf, host,
tp)
free(pmapaddress);
pmapaddress = NULL;
}
- return (NULL);
+ goto error;
}
memcpy(pmapaddress->buf, remote.buf, remote.len);
memcpy(&((char *)pmapaddress->buf)[sizeof (short)],
(char *)(void *)&port, sizeof (short));
pmapaddress->len = pmapaddress->maxlen = remote.len;
+ CLNT_DESTROY(client);
return pmapaddress;
+
+error:
+ if (client) {
+ CLNT_DESTROY(client);
+ client = NULL;
+
+ }
+ return (NULL);
+
}
#endif
--
2.13.6
++++++ 002-revert-binddynport.patch ++++++
diff --git a/src/Makefile.am b/src/Makefile.am
index 932414d..fba2aa4 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -15,9 +15,8 @@ lib_LTLIBRARIES = libtirpc.la
libtirpc_la_LDFLAGS = @LDFLAG_NOUNDEFINED@ -no-undefined -lpthread
libtirpc_la_LDFLAGS += -version-info @LT_VERSION_INFO@
-libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c \
- binddynport.c bindresvport.c \
- clnt_bcast.c clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c
clnt_simple.c \
+libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c
clnt_bcast.c \
+ clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c \
clnt_vc.c rpc_dtablesize.c getnetconfig.c getnetpath.c getrpcent.c \
getrpcport.c mt_misc.c pmap_clnt.c pmap_getmaps.c pmap_getport.c \
pmap_prot.c pmap_prot2.c pmap_rmt.c rpc_prot.c rpc_commondata.c \
diff --git a/src/binddynport.c b/src/binddynport.c
deleted file mode 100644
index 062629a..0000000
--- a/src/binddynport.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright (c) 2018, Oracle America, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * - Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * - Neither the name of "Oracle America, Inc." nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-
-#include <netdb.h>
-#include <netinet/in.h>
-
-#include <stdlib.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
-
-#include <rpc/rpc.h>
-
-#include "reentrant.h"
-#include "rpc_com.h"
-
-extern pthread_mutex_t port_lock;
-
-/*
- * Dynamic port range as defined in RFC 6335 Section 6.
- * This range avoids all IANA-assigned service port
- * numbers.
- */
-enum {
- LOWPORT = 49152,
- ENDPORT = 65534,
- NPORTS = ENDPORT - LOWPORT + 1,
-};
-
-/*
- * Bind a socket to a dynamically-assigned IP port.
- *
- * @fd is an open but unbound socket.
- *
- * On each call, a port number is chosen at random from
- * within the dynamic/private port range, even if the
- * caller has CAP_NET_ADMIN_BIND.
- *
- * Returns 0 on success, -1 on failure. errno may be
- * set to a non-determinant value.
- *
- * This function is re-entrant.
- */
-int __binddynport(int fd)
-{
- struct sockaddr_storage ss;
-#ifdef INET6
- struct sockaddr_in6 *sin6;
-#endif
- struct sockaddr_in *sin;
- static unsigned int seed;
- in_port_t port, *portp;
- struct sockaddr *sap;
- socklen_t salen;
- int i, res;
-
- if (__rpc_sockisbound(fd))
- return 0;
-
- res = -1;
- sap = (struct sockaddr *)(void *)&ss;
- salen = sizeof(ss);
- memset(sap, 0, salen);
-
- mutex_lock(&port_lock);
-
- if (getsockname(fd, sap, &salen) == -1)
- goto out;
-
- switch (ss.ss_family) {
- case AF_INET:
- sin = (struct sockaddr_in *)(void *)&ss;
- portp = &sin->sin_port;
- salen = sizeof(struct sockaddr_in);
- break;
-#ifdef INET6
- case AF_INET6:
- sin6 = (struct sockaddr_in6 *)(void *)&ss;
- portp = &sin6->sin6_port;
- salen = sizeof(struct sockaddr_in6);
- break;
-#endif
- default:
- goto out;
- }
-
- if (!seed) {
- struct timeval tv;
-
- gettimeofday(&tv, NULL);
- seed = tv.tv_usec * getpid();
- }
- port = (rand_r(&seed) % NPORTS) + LOWPORT;
- for (i = 0; i < NPORTS; ++i) {
- *portp = htons(port++);
- res = bind(fd, sap, salen);
- if (res >= 0) {
- res = 0;
- break;
- }
- if (errno != EADDRINUSE)
- break;
- if (port > ENDPORT)
- port = LOWPORT;
- }
-
-out:
- mutex_unlock(&port_lock);
- return res;
-}
diff --git a/src/clnt_generic.c b/src/clnt_generic.c
index e5a314f..3f3dabf 100644
--- a/src/clnt_generic.c
+++ b/src/clnt_generic.c
@@ -47,7 +47,6 @@
extern bool_t __rpc_is_local_host(const char *);
int __rpc_raise_fd(int);
-extern int __binddynport(int fd);
#ifndef NETIDLEN
#define NETIDLEN 32
@@ -341,8 +340,7 @@ clnt_tli_create(int fd, const struct netconfig *nconf,
servtype = nconf->nc_semantics;
if (!__rpc_fd2sockinfo(fd, &si))
goto err;
- if (__binddynport(fd) == -1)
- goto err;
+ bindresvport(fd, NULL);
} else {
if (!__rpc_fd2sockinfo(fd, &si))
goto err;
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
index af6c482..ed0892a 100644
--- a/src/rpc_soc.c
+++ b/src/rpc_soc.c
@@ -67,8 +67,6 @@
extern mutex_t rpcsoc_lock;
-extern int __binddynport(int fd);
-
static CLIENT *clnt_com_create(struct sockaddr_in *, rpcprog_t, rpcvers_t,
int *, u_int, u_int, char *, int);
static SVCXPRT *svc_com_create(int, u_int, u_int, char *);
@@ -147,8 +145,7 @@ clnt_com_create(raddr, prog, vers, sockp, sendsz, recvsz,
tp, flags)
bindaddr.maxlen = bindaddr.len = sizeof (struct sockaddr_in);
bindaddr.buf = raddr;
- if (__binddynport(fd) == -1)
- goto err;
+ bindresvport(fd, NULL);
cl = clnt_tli_create(fd, nconf, &bindaddr, prog, vers,
sendsz, recvsz);
if (cl) {
@@ -316,6 +313,7 @@ svc_com_create(fd, sendsize, recvsize, netid)
SVCXPRT *svc;
int madefd = FALSE;
int port;
+ struct sockaddr_in sin;
if ((nconf = __rpc_getconfip(netid)) == NULL) {
(void) syslog(LOG_ERR, "Could not get %s transport", netid);
@@ -332,6 +330,10 @@ svc_com_create(fd, sendsize, recvsize, netid)
madefd = TRUE;
}
+ memset(&sin, 0, sizeof sin);
+ sin.sin_family = AF_INET;
+ bindresvport(fd, &sin);
+ listen(fd, SOMAXCONN);
svc = svc_tli_create(fd, nconf, NULL, sendsize, recvsize);
(void) freenetconfigent(nconf);
if (svc == NULL) {
diff --git a/src/svc_generic.c b/src/svc_generic.c
index 52a56c2..7aae796 100644
--- a/src/svc_generic.c
+++ b/src/svc_generic.c
@@ -53,7 +53,6 @@
#include <rpc/svc.h>
extern int __svc_vc_setflag(SVCXPRT *, int);
-extern int __binddynport(int fd);
/*
* The highest level interface for server creation.
@@ -221,10 +220,15 @@ svc_tli_create(fd, nconf, bindaddr, sendsz, recvsz)
*/
if (madefd || !__rpc_sockisbound(fd)) {
if (bindaddr == NULL) {
- if (__binddynport(fd) == -1) {
- warnx(
+ if (bindresvport(fd, NULL) < 0) {
+ memset(&ss, 0, sizeof ss);
+ ss.ss_family = si.si_af;
+ if (bind(fd, (struct sockaddr *)(void *)&ss,
+ (socklen_t)si.si_alen) < 0) {
+ warnx(
"svc_tli_create: could not bind to anonymous port");
- goto freedata;
+ goto freedata;
+ }
}
listen(fd, SOMAXCONN);
} else {
