[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: 52738dd4838a6bdef10c7c086a11cad9d04fa6d0
Author: Matt Turner gentoo org>
AuthorDate: Sat Sep 28 18:08:29 2019 +
Commit: Matt Turner gentoo org>
CommitDate: Sat Sep 28 18:27:13 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=52738dd4
net-nds/rpcbind: Drop old versions
Signed-off-by: Matt Turner gentoo.org>
net-nds/rpcbind/Manifest | 1 -
.../files/rpcbind-0.2.4-CVE-2017-8779.patch| 21
net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild| 58 --
3 files changed, 80 deletions(-)
diff --git a/net-nds/rpcbind/Manifest b/net-nds/rpcbind/Manifest
index f3285ad8814..1e114d6b58e 100644
--- a/net-nds/rpcbind/Manifest
+++ b/net-nds/rpcbind/Manifest
@@ -1,2 +1 @@
-DIST rpcbind-0.2.4.tar.bz2 122781 BLAKE2B
ac1c374a1081559bf09bc209256daa1bb530d71f0c7fe45cec4c9b87cf110c15251a05dce2cf2b78ffa4d902f817efed30350ad08a23e12a7f219f10fe626aa8
SHA512
f3966a7284e94bdf120a9b3f0dd66efa1fe8761df2313545a031f77b7c06e27d7955d2780469943deb537d34f95c4cf3f30de523ec9fab9f571322d7224b210c
DIST rpcbind-1.2.5.tar.bz2 123502 BLAKE2B
de0d10406aeffd75195c1fa1d0179b2c7c0ba54c3f3ac58ce9d7e9448d1dbe91a296ad69c45dee115e0a739aa9cfec53b750d3a5ca405e16605a92bbb2006859
SHA512
e884c4757950ccead0f9a07f50625a63e6f18f9bfae9fcfffa3e5fa4b7a66c3a99d9fa303061848fe8211509d5456f24ff26e4579af6e161a35522268f3ef3e4
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
deleted file mode 100644
index cef088badc9..000
--- a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 5862c26..e11f61b 100644
a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -48,6 +48,7 @@
- #include
- #include
- #include
-+#include
- #include
- #include
- #include
-@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp
/*__unused*/,
- static bool_t
- xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
- {
-- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
-+ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen),
RPC_MAXDATASIZE));
- }
-
- /*
diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild
b/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild
deleted file mode 100644
index 8431b518c94..000
--- a/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit eutils systemd
-
-if [[ ${PV} == "" ]] ; then
- EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
- inherit autotools git-r3
-else
- SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
- KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc
x86"
-fi
-
-DESCRIPTION="portmap replacement which supports RPC over various protocols"
-HOMEPAGE="https://sourceforge.net/projects/rpcbind/";
-
-LICENSE="BSD"
-SLOT="0"
-IUSE="debug selinux systemd tcpd warmstarts"
-REQUIRED_USE="systemd? ( warmstarts )"
-
-CDEPEND=">=net-libs/libtirpc-1.0:=
- systemd? ( sys-apps/systemd:= )
- tcpd? ( sys-apps/tcp-wrappers )"
-DEPEND="${CDEPEND}
- virtual/pkgconfig"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-rpcbind )"
-
-PATCHES=(
- "${FILESDIR}/${P}-CVE-2017-8779.patch"
-)
-
-src_prepare() {
- [[ ${PV} == "" ]] && eautoreconf
- epatch "${PATCHES[@]}"
- epatch_user
-}
-
-src_configure() {
- econf \
- --bindir="${EPREFIX}"/sbin \
- --with-statedir="${EPREFIX}"/run/${PN} \
- --with-rpcuser=root \
- --with-systemdsystemunitdir=$(usex systemd
"$(systemd_get_unitdir)" "no") \
- $(use_enable tcpd libwrap) \
- $(use_enable debug) \
- $(use_enable warmstarts)
-}
-
-src_install() {
- default
-
- newinitd "${FILESDIR}"/${PN}.initd ${PN}
- newconfd "${FILESDIR}"/${PN}.confd ${PN}
-}
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: fbaf911f4355d5c9992694288b586dcbc5f154cc
Author: Mike Gilbert gentoo org>
AuthorDate: Sat Mar 10 14:09:43 2018 +
Commit: Mike Gilbert gentoo org>
CommitDate: Sat Mar 10 14:09:43 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbaf911f
net-nds/rpcbind: use upstream rpcbind.service
Closes: https://bugs.gentoo.org/650030
Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81
net-nds/rpcbind/files/rpcbind.service | 13 -
.../{rpcbind-0.2.4-r1.ebuild => rpcbind-0.2.4-r2.ebuild}| 4 +---
net-nds/rpcbind/rpcbind-.ebuild | 2 --
3 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/net-nds/rpcbind/files/rpcbind.service
b/net-nds/rpcbind/files/rpcbind.service
deleted file mode 100644
index 305ea9b10b7..000
--- a/net-nds/rpcbind/files/rpcbind.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=RPC Bind
-After=network.target
-Wants=rpcbind.target
-Before=rpcbind.target
-
-[Service]
-Type=forking
-ExecStart=/sbin/rpcbind
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
b/net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
similarity index 93%
rename from net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
rename to net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
index 8aff208b2db..aa7c610e94f 100644
--- a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
@@ -54,6 +54,4 @@ src_install() {
newinitd "${FILESDIR}"/${PN}.initd ${PN}
newconfd "${FILESDIR}"/${PN}.confd ${PN}
-
- systemd_dounit "${FILESDIR}"/${PN}.service
}
diff --git a/net-nds/rpcbind/rpcbind-.ebuild
b/net-nds/rpcbind/rpcbind-.ebuild
index 788cb937f34..bd9f7853dc4 100644
--- a/net-nds/rpcbind/rpcbind-.ebuild
+++ b/net-nds/rpcbind/rpcbind-.ebuild
@@ -47,6 +47,4 @@ src_install() {
newinitd "${FILESDIR}"/${PN}.initd ${PN}
newconfd "${FILESDIR}"/${PN}.confd ${PN}
-
- systemd_dounit "${FILESDIR}"/${PN}.service
}
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/
commit: 78aebe852d70109b7fe6073026d6a7262ebd94b3
Author: Michael Mair-Keimberger gmail com>
AuthorDate: Wed Jan 31 17:06:28 2018 +
Commit: Lars Wendler gentoo org>
CommitDate: Wed Jan 31 21:38:23 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78aebe85
net-nds/rpcbind: remove unused patches
Closes: https://github.com/gentoo/gentoo/pull/7010
net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch | 42
.../rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch | 86 ---
.../files/rpcbind-0.2.3-remove-P-macro.patch | 246 -
3 files changed, 374 deletions(-)
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
deleted file mode 100644
index 92ea22f0e4c..000
--- a/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-fix from upstream for building w/newer libtirpc
-
-From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
-From: Steve Dickson
-Date: Mon, 2 Nov 2015 17:05:18 -0500
-Subject: [PATCH rpcbind] handle_reply: Don't use the xp_auth pointer directly
-
-In the latest libtirpc version to access the xp_auth
-one must use the SVC_XP_AUTH macro. To be backwards
-compatible a couple ifdefs were added to use the
-macro when it exists.
-
-Signed-off-by: Steve Dickson
- src/rpcb_svc_com.c | 7 +++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 4ae93f1..22d6c84 100644
a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
- a.rmt_localvers = fi->versnum;
-
- xprt_set_caller(xprt, fi);
-+#if defined(SVC_XP_AUTH)
-+ SVC_XP_AUTH(xprt) = svc_auth_none;
-+#else
- xprt->xp_auth = &svc_auth_none;
-+#endif
- svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
-+#if !defined(SVC_XP_AUTH)
- SVCAUTH_DESTROY(xprt->xp_auth);
- xprt->xp_auth = NULL;
-+#endif
-+
- done:
- if (buffer)
- free(buffer);
---
-2.5.2
-
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
deleted file mode 100644
index 9c03bda80a0..000
--- a/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-https://bugs.gentoo.org/560990
-
-fix from upstream
-
-From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001
-From: Olaf Kirch
-Date: Fri, 30 Oct 2015 10:18:20 -0400
-Subject: [PATCH rpcbind] Fix memory corruption in PMAP_CALLIT code
-
- - A PMAP_CALLIT call comes in on IPv4 UDP
- - rpcbind duplicates the caller's address to a netbuf and stores it in
- FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
- with a size of 16 bytes
- - rpcbind forwards the call to the local service, receives a reply
- - when processing the reply, it does this in xprt_set_caller:
-xprt->xp_rtaddr = *FINFO[0].caller_addr
- It sends out the reply, and then frees the netbuf caller_addr and
- caller_addr.buf.
- However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
- to memory region A, which is free.
- - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
- be called, which will set xp_rtaddr to the client's address.
- It will reuse the buffer inside xp_rtaddr, ie it will write a
- sockaddr_in to region A
-
-Some time down the road, an incoming TCP connection is accepted,
-allocating a fresh SVCXPRT. The memory region A is inside the
-new SVCXPRT
-
- - While processing the TCP call, another UDP call comes in, again
- overwriting region A with the client's address
- - TCP client closes connection. In svc_destroy, we now trip over
- the garbage left in region A
-
-We ran into the case where a commercial scanner was triggering
-occasional rpcbind segfaults. The core file that was captured showed
-a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
-
-Signed-off-by: Olaf Kirch
-Signed-off-by: Steve Dickson
- src/rpcb_svc_com.c | 23 ++-
- 1 file changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index ff9ce6b..4ae93f1 100644
a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds)
- return (ncallbacks_found);
- }
-
-+/*
-+ * This is really a helper function defined in libtirpc,
-+ * but unfortunately, it hasn't been exported yet.
-+ */
-+static struct netbuf *
-+__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
-+{
-+ if (nb->len != len) {
-+ if (nb->len)
-+ mem_free(nb->buf, nb->len);
-+ nb->buf = mem_alloc(len);
-+ if (nb->buf == NULL)
-+ return NULL;
-+
-+ nb->maxlen = nb->len = len;
-+ }
-+ memcpy(nb->buf, ptr, len);
-+
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: eae6e7a80bc2934ae1557731fc0ad71cd92af99b
Author: Patrick McLean gentoo org>
AuthorDate: Mon May 8 18:39:36 2017 +
Commit: Patrick McLean gentoo org>
CommitDate: Mon May 8 18:39:36 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae6e7a8
net-nds/rpcbind: Revision bump to pull in patch for CVE-2017-8779
Gentoo-Bug: 617472
Package-Manager: Portage-2.3.5, Repoman-2.3.2
.../files/rpcbind-0.2.4-CVE-2017-8779.patch| 21
net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild| 59 ++
2 files changed, 80 insertions(+)
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
new file mode 100644
index 000..cef088badc9
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
@@ -0,0 +1,21 @@
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include
+ #include
+ #include
++#include
+ #include
+ #include
+ #include
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp
/*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen),
RPC_MAXDATASIZE));
+ }
+
+ /*
diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
new file mode 100644
index 000..5c16cb5c982
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "" ]] ; then
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="https://sourceforge.net/projects/rpcbind/";
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-1.0:=
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )"
+
+PATCHES=(
+ "${FILESDIR}/${P}-CVE-2017-8779.patch"
+)
+
+src_prepare() {
+ [[ ${PV} == "" ]] && eautoreconf
+ epatch "${PATCHES[@]}"
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ --with-systemdsystemunitdir=$(usex systemd
"$(systemd_get_unitdir)" "no") \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: 69aafed0a8dcbf6c4a108ecd3712f2d36a7bf3c7 Author: Anthony G. Basile gentoo org> AuthorDate: Thu Oct 6 21:21:17 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu Oct 6 21:21:35 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69aafed0 net-nds/rpcbind: remove _P() macro, bug #589666 Package-Manager: portage-2.2.28 .../files/rpcbind-0.2.3-remove-P-macro.patch | 246 + net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild| 58 + 2 files changed, 304 insertions(+) diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch new file mode 100644 index ..8e1b69b --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch @@ -0,0 +1,246 @@ +From 196e8f3abaa6e8899ba2655c6c2d8751e33a9795 Mon Sep 17 00:00:00 2001 +From: "Yann E. MORIN" +Date: Wed, 17 Aug 2016 10:16:47 -0400 +Subject: [PATCH] src: remove use of the __P() macro + +The __P() macro is a legacy compatibility macro aimed making pre-ANSI +(i.e. K&R) compilers that do not support function prototypes happy, +while still allowing such prototypes for ANSI-compliant compilers. + +Since virtually all compilers have been ANSI-compliant for a few decades +now, use of __P() is totally useless. + +Furthermore, __P() is defined in the non-standard sys/cdefs.h header. +This header is present in glibc and uClibc, and both have it included +from many of their headers. So, sys/cdefs.h is automagically included in +most cases and its macros are available. + +However, the musl C library does not provide this sys/cdefs.h header. +Thus, the build breaks on musl. + +For all the above reasons, get rid of __P() wherever it is used; just +always declare real function prototypes. + +Reviewed-by: Chuck Lever +Signed-off-by: "Yann E. MORIN" +Signed-off-by: Steve Dickson +Cc: Chuck Lever +Cc: Steve Dickson +Cc: Mike Frysinger +--- + src/check_bound.c | 2 +- + src/pmap_svc.c | 10 +- + src/rpcb_svc.c | 10 +- + src/rpcb_svc_4.c | 14 ++ + src/rpcb_svc_com.c | 46 +++--- + src/rpcbind.c | 12 ++-- + src/util.c | 2 +- + src/warmstart.c| 4 ++-- + 8 files changed, 49 insertions(+), 51 deletions(-) + +diff --git a/src/check_bound.c b/src/check_bound.c +index c70b845..92bfd36 100644 +--- a/src/check_bound.c b/src/check_bound.c +@@ -70,7 +70,7 @@ static struct fdlist *fdhead;/* Link list of the check fd's */ + static struct fdlist *fdtail; + static char *nullstring = ""; + +-static bool_t check_bound __P((struct fdlist *, char *uaddr)); ++static bool_t check_bound(struct fdlist *, char *uaddr); + + /* + * Returns 1 if the given address is bound for the given addr & transport +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index ad28b93..4c744fe 100644 +--- a/src/pmap_svc.c b/src/pmap_svc.c +@@ -60,11 +60,11 @@ static char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro"; + #include "rpcbind.h" + #include "xlog.h" + #include /* svc_getcaller routine definition */ +-static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t, +- rpcprot_t)); +-static bool_t pmapproc_change __P((struct svc_req *, SVCXPRT *, u_long)); +-static bool_t pmapproc_getport __P((struct svc_req *, SVCXPRT *)); +-static bool_t pmapproc_dump __P((struct svc_req *, SVCXPRT *)); ++static struct pmaplist *find_service_pmap(rpcprog_t, rpcvers_t, ++ rpcprot_t); ++static bool_t pmapproc_change(struct svc_req *, SVCXPRT *, u_long); ++static bool_t pmapproc_getport(struct svc_req *, SVCXPRT *); ++static bool_t pmapproc_dump(struct svc_req *, SVCXPRT *); + + /* + * Called for all the version 2 inquiries. +diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c +index bd92201..709e3fb 100644 +--- a/src/rpcb_svc.c b/src/rpcb_svc.c +@@ -53,10 +53,10 @@ + #include "rpcbind.h" + #include "xlog.h" + +-static void *rpcbproc_getaddr_3_local __P((void *, struct svc_req *, SVCXPRT *, +- rpcvers_t)); +-static void *rpcbproc_dump_3_local __P((void *, struct svc_req *, SVCXPRT *, +- rpcvers_t)); ++static void *rpcbproc_getaddr_3_local(void *, struct svc_req *, SVCXPRT *, ++ rpcvers_t); ++static void *rpcbproc_dump_3_local(void *, struct svc_req *, SVCXPRT *, ++ rpcvers_t); + + /* + * Called by svc_getreqset. There is a separate server handle for +@@ -75,7 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; +- void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++ void *(*local)(void *, struct svc_req *, SVCXPRT *, rpcvers_t); + rp
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: 87ec7f7f26cabc142eb8460a4d3287940fea9fa3
Author: Mike Frysinger gentoo org>
AuthorDate: Tue Nov 3 14:48:20 2015 +
Commit: Mike Frysinger gentoo org>
CommitDate: Tue Nov 3 15:08:05 2015 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87ec7f7f
net-nds/rpcbind: add upstream fix for building w/newer libtirpc
net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch | 42 ++
net-nds/rpcbind/rpcbind-0.2.3.ebuild | 1 +
2 files changed, 43 insertions(+)
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
new file mode 100644
index 000..92ea22f
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
@@ -0,0 +1,42 @@
+fix from upstream for building w/newer libtirpc
+
+From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
+From: Steve Dickson
+Date: Mon, 2 Nov 2015 17:05:18 -0500
+Subject: [PATCH rpcbind] handle_reply: Don't use the xp_auth pointer directly
+
+In the latest libtirpc version to access the xp_auth
+one must use the SVC_XP_AUTH macro. To be backwards
+compatible a couple ifdefs were added to use the
+macro when it exists.
+
+Signed-off-by: Steve Dickson
+---
+ src/rpcb_svc_com.c | 7 +++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 4ae93f1..22d6c84 100644
+--- a/src/rpcb_svc_com.c
b/src/rpcb_svc_com.c
+@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
+ a.rmt_localvers = fi->versnum;
+
+ xprt_set_caller(xprt, fi);
++#if defined(SVC_XP_AUTH)
++ SVC_XP_AUTH(xprt) = svc_auth_none;
++#else
+ xprt->xp_auth = &svc_auth_none;
++#endif
+ svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
++#if !defined(SVC_XP_AUTH)
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
++#endif
++
+ done:
+ if (buffer)
+ free(buffer);
+--
+2.5.2
+
diff --git a/net-nds/rpcbind/rpcbind-0.2.3.ebuild
b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
index 23a68ef..a2437fe 100644
--- a/net-nds/rpcbind/rpcbind-0.2.3.ebuild
+++ b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
@@ -31,6 +31,7 @@ RDEPEND="${CDEPEND}
src_prepare() {
[[ ${PV} == "" ]] && eautoreconf
+ epatch "${FILESDIR}"/${P}-libtirpc.patch
epatch_user
}
[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/
commit: de6d02b6cf69bec8e91b7e7e3b4a083f8b13b822
Author: Mike Frysinger gentoo org>
AuthorDate: Tue Nov 3 14:53:27 2015 +
Commit: Mike Frysinger gentoo org>
CommitDate: Tue Nov 3 15:08:06 2015 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de6d02b6
net-nds/rpcbind: add upstream fix for CVE-2015-7236 #560990
.../rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch | 86 ++
net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild| 57 ++
2 files changed, 143 insertions(+)
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
new file mode 100644
index 000..9c03bda
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
@@ -0,0 +1,86 @@
+https://bugs.gentoo.org/560990
+
+fix from upstream
+
+From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001
+From: Olaf Kirch
+Date: Fri, 30 Oct 2015 10:18:20 -0400
+Subject: [PATCH rpcbind] Fix memory corruption in PMAP_CALLIT code
+
+ - A PMAP_CALLIT call comes in on IPv4 UDP
+ - rpcbind duplicates the caller's address to a netbuf and stores it in
+ FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
+ with a size of 16 bytes
+ - rpcbind forwards the call to the local service, receives a reply
+ - when processing the reply, it does this in xprt_set_caller:
+xprt->xp_rtaddr = *FINFO[0].caller_addr
+ It sends out the reply, and then frees the netbuf caller_addr and
+ caller_addr.buf.
+ However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
+ to memory region A, which is free.
+ - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
+ be called, which will set xp_rtaddr to the client's address.
+ It will reuse the buffer inside xp_rtaddr, ie it will write a
+ sockaddr_in to region A
+
+Some time down the road, an incoming TCP connection is accepted,
+allocating a fresh SVCXPRT. The memory region A is inside the
+new SVCXPRT
+
+ - While processing the TCP call, another UDP call comes in, again
+ overwriting region A with the client's address
+ - TCP client closes connection. In svc_destroy, we now trip over
+ the garbage left in region A
+
+We ran into the case where a commercial scanner was triggering
+occasional rpcbind segfaults. The core file that was captured showed
+a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
+
+Signed-off-by: Olaf Kirch
+Signed-off-by: Steve Dickson
+---
+ src/rpcb_svc_com.c | 23 ++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index ff9ce6b..4ae93f1 100644
+--- a/src/rpcb_svc_com.c
b/src/rpcb_svc_com.c
+@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds)
+ return (ncallbacks_found);
+ }
+
++/*
++ * This is really a helper function defined in libtirpc,
++ * but unfortunately, it hasn't been exported yet.
++ */
++static struct netbuf *
++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
++{
++ if (nb->len != len) {
++ if (nb->len)
++ mem_free(nb->buf, nb->len);
++ nb->buf = mem_alloc(len);
++ if (nb->buf == NULL)
++ return NULL;
++
++ nb->maxlen = nb->len = len;
++ }
++ memcpy(nb->buf, ptr, len);
++ return nb;
++}
++
+ static void
+ xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
+ {
++ const struct netbuf *caller = fi->caller_addr;
+ u_int32_t *xidp;
+
+- *(svc_getrpccaller(xprt)) = *(fi->caller_addr);
++ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
+ xidp = __rpcb_get_dg_xidp(xprt);
+ *xidp = fi->caller_xid;
+ }
+--
+2.5.2
+
diff --git a/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild
b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild
new file mode 100644
index 000..937aaae
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "" ]] ; then
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/";
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3:=
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )"
+
+src_prepare() {
+ [[ ${PV} == "" ]] && eautoreconf
+
