From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- net-nds/rpcbind/Manifest | 17 ++ net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch | 42 ++++ .../rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch | 86 +++++++ .../files/rpcbind-0.2.3-remove-P-macro.patch | 246 +++++++++++++++++++++ .../files/rpcbind-0.2.4-CVE-2017-8779.patch | 21 ++ net-nds/rpcbind/files/rpcbind.confd | 4 + net-nds/rpcbind/files/rpcbind.initd | 21 ++ net-nds/rpcbind/files/rpcbind.service | 13 ++ net-nds/rpcbind/metadata.xml | 13 ++ net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild | 56 +++++ net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild | 57 +++++ net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild | 59 +++++ net-nds/rpcbind/rpcbind-0.2.4.ebuild | 54 +++++ net-nds/rpcbind/rpcbind-9999.ebuild | 54 +++++ 14 files changed, 743 insertions(+) create mode 100644 net-nds/rpcbind/Manifest create mode 100644 net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch create mode 100644 net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch create mode 100644 net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch create mode 100644 net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch create mode 100644 net-nds/rpcbind/files/rpcbind.confd create mode 100644 net-nds/rpcbind/files/rpcbind.initd create mode 100644 net-nds/rpcbind/files/rpcbind.service create mode 100644 net-nds/rpcbind/metadata.xml create mode 100644 net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild create mode 100644 net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild create mode 100644 net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild create mode 100644 net-nds/rpcbind/rpcbind-0.2.4.ebuild create mode 100644 net-nds/rpcbind/rpcbind-9999.ebuild (limited to 'net-nds/rpcbind') diff --git a/net-nds/rpcbind/Manifest b/net-nds/rpcbind/Manifest new file mode 100644 index 000000000000..10de62c5145d --- /dev/null +++ b/net-nds/rpcbind/Manifest @@ -0,0 +1,17 @@ +AUX rpcbind-0.2.3-libtirpc.patch 1154 SHA256 8f4e2499eccf96b0e49b040f23fffa06ce5cf11ffad39af07fa91a577eafa32e SHA512 2172e18c02bf4111de59110b00798c423f89620b2576dd2fa2de7530ab1a091e4e7f60a9d18d610778110a965e551bc447c1c2566d131c3b18642fb408c7a4b8 WHIRLPOOL 06006bc418ac3c36b51758b4ef9d04929bec29b9ad8492c362fd0ac5f9feed71784a0edb22c292f5e66c74129705b929585f5f8c6ec67ec669127171fb2060df +AUX rpcbind-0.2.3-mem-corrupt.patch 2831 SHA256 5960af91ee3e716326f121811f3f3372cf0956e3bb0449404de67eb15321ac03 SHA512 3423067b552e7ea76fe783eb3cd8f4299887312509a6cbdcd56fc20c5bcb28f3737f04b79d63876d1218cc1fcb9c5385806e203d937feb140d16a9c67e8fe263 WHIRLPOOL 63ce4676b2f8f4d870e803e20ca6f93f7a6a03393fde4a22e28f6c9f5d6f6301290610b0cb64921aa04eafc51d20687c830aff981c3c90b2659a7c1adf9a8a43 +AUX rpcbind-0.2.3-remove-P-macro.patch 10070 SHA256 5b8da280f43a10e8de32c3197274fb03089483342396ff91662c16775237ab3a SHA512 6f8a4b98aae39fe0ddbb0750cce98292564d9f0852513e85ff4f140b484fdf3191a6e934980d22c97f7de358f314d0c6331fe5a89b271b1ac38a1e697061219e WHIRLPOOL 66d55250fbc498533420d86b351e91d45b9e0299bdbfc099dad93c7b942ad87f32056e29c84a57b1a612781be9acc6cadb394ed047d720a161b2df1c2a9f6aa5 +AUX rpcbind-0.2.4-CVE-2017-8779.patch 646 SHA256 bfb7f022b44ca83309dec6dfcb1ff4a5e0b0a40078e3688a2c7ceaaaa19a9686 SHA512 a4be0f33b6e680ab0255191f959c911deb7e8a12bd2bb3c82b61943e100d9de64a1a8f0b2e3cd2009e2b83e3d091a6461de28cb564d90a838fe39a7098b638e2 WHIRLPOOL f94f8674889a9285f62037ee34c9ba86a44b1192ef3d3120393070c02c3c3c31bdc92e7609db75a192f398ce8cb61f3795a1fe9e9bd15287be9002d33b8d1a25 +AUX rpcbind.confd 68 SHA256 38bb95aefc38d843d0890d9c15affd28f19f2133c17f463396c62970e7e2dffc SHA512 f11f6785708bde3ace7b55c1585e283ed07078faf310077c3d26e8e584baec6152d3f86f3d99d7a34fd10f22a7de4d8d70568c9e7f914a82eeb786b08b379044 WHIRLPOOL c9ce4d7d02c7573c96ceaa1a07732e9c8966d79e9266a8767cdd7fa56725b7757d25c31c47821e1ff858983955e3d278ba09da377d40efb6499e9830aaefeb3a +AUX rpcbind.initd 414 SHA256 da992f87b5043e22dfd340b4a5440b76dce29cc14d3ef7b0ce586726fe4b220b SHA512 43f26570fbff0970c5aa0a1ee5f4f561645d31c90e3bb997bd63e05678814f199263a5aaa5051bfe88622a156f8260825ffd905301d158cb410f25631d75cc55 WHIRLPOOL 780614e16dd92e2eb98a4d090abd86f4283079e1abe7fd907aab227f5bbb4050c2c98f4470f15ec4386bd225c3a8738e57420d6ef07ca5c5efa55e9d001eff17 +AUX rpcbind.service 193 SHA256 a7a648529f9480b50dd8e8e5906fa7d97320e7eba25875dba23189ce5e75aa67 SHA512 7ec717ebd69cdf3230d09c51c9b3f926a0860967baccbc2345bf8214a2251441b528bbceaa571c84bdcca17c272d43697567885b517501515d15d42f913f3f49 WHIRLPOOL 23f35d918152baa46278334e8a0fea6540adf96eec70dd7619dbe7a1ffb2975d1146e134ba2b6d2f4b00a9e1cd41ca7bc551ee2cde00413ae5eb07b4d50e6cd0 +DIST rpcbind-0.2.3.tar.bz2 121306 SHA256 9897823a9d820ea011d9ea02054d5ab99469b9ca5346265fee380713c8fed27b SHA512 b91cb4e0849213d344063ccf32d16c49819906b65e4d07c4aa7d3c8842bd83acb408d07aa285da902c389f3c9716f01678012b93a11863eb174a2577cd6ba1d6 WHIRLPOOL f8ff512974e6092faf786ef2f5fe23f404a48c28017809c22a3705cb3dfd22220dc3b230235de8a7b64bc46b21f38562ba18af23539bfff439f6e39d6d44cfb3 +DIST rpcbind-0.2.4.tar.bz2 122781 SHA256 074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66 SHA512 f3966a7284e94bdf120a9b3f0dd66efa1fe8761df2313545a031f77b7c06e27d7955d2780469943deb537d34f95c4cf3f30de523ec9fab9f571322d7224b210c WHIRLPOOL 9eec5752e3b80f0c3feccf1667e54fb9630b9fabad6613e3f7030489d7b9cfbb5585e173545274f0b3656d27085f71b7c3290da7a2ec022f1948a62a336e278e +EBUILD rpcbind-0.2.3-r1.ebuild 1410 SHA256 5b141acec9cc4428b78c737fd74caf00f3c711a3fcfb81a6c7aa825d7b43a8aa SHA512 e9df1c9785881072b6db598a952e74dff2714272260dc721a419083bf29c861197c832e63463deb1907664d8155a7114e095def23d8460f853ad0615d9981cfb WHIRLPOOL 8c2f2a74b3140bece61be09ae2a582a38ac9a08acdd7deda5b4aa44c8a232166fb1eec8b18ad8c5cb1696cb8d0b616c9981f1d65ebb6d33435f01680b74c84fe +EBUILD rpcbind-0.2.3-r2.ebuild 1478 SHA256 e55e86a95eb2746e00d8da272852bd759b056a5db25a7d10244ccdc8f367dea6 SHA512 c408d69cf97dace84a85069f567646fbf50baa1971fd465b56c9168978ed9a6fad319b199fe6c8b046286189de5881e406a8331c2bd0ad33f83b93a6787d0995 WHIRLPOOL 9643f529e7f4bc638a678a0872d054556c8bcc5b7c0134b2b1a163baa743d0c09d97f751be7520500af10a3a73ac1228fbdc6d70f8fc911c797831358549b6b2 +EBUILD rpcbind-0.2.4-r1.ebuild 1393 SHA256 4c9a551db3a1d25358791c84ed89e155723f220b70fafdf29bd0487e75d875d2 SHA512 998133c2c2fdb4251e3dfd47d0f3ce993b37f5d6832f520f871df6bf297ad5a24904e5f5d71b207da9b7626ef1ac914e7095264e88be57317256e552daf8c5cf WHIRLPOOL 6e2901612b359b93b1b236007218e3d4c1a5ef0090b0f2840353dd58e49becaf7f2d5dda1f3e5dca708eba6259d151e1cea92f9122d25a7bd1247afaabdc84da +EBUILD rpcbind-0.2.4.ebuild 1316 SHA256 65bec0f36ea131c3656e6d4f119689b8b34b9dff2aba5aef4f1908021f8b4244 SHA512 1a80496539d3727c0ce19423d6e8f29f4d2e747c3864fb55d572312668b6c037b80176bb74a91f19af2edfb8503170e39aa36f28189ac97f71aefd2fbca26550 WHIRLPOOL 96092cd553ea1653ef76bd42f01ea90dd52b96251955b6e7e57ea1a65d2e3b3c46867b31100ca2ba29b89d6d5cc93dd2755edf440f74abd2b542f85ef4402475 +EBUILD rpcbind-9999.ebuild 1327 SHA256 2249fce590fc3f3747c4a595bb502cc3d0d7377346cf57beb65469f069a233ed SHA512 677c6dce60b05a5b04973968e1e1b7a9735df76cb7bb0d6fb5cc6ae713277dafa55beea7d35f70745f52997c37e6535b2b022cfdd2f813283bc96c0fded5c521 WHIRLPOOL c35619e13c63c184981648c77b057f86b9a655cf062a7e7af7b48236592834f3d1817bfdb1903fa77ec90315000e5436f2b80f6a40b1c0be55043ed746c9589f +MISC ChangeLog 6198 SHA256 ade342025c1f6dbb4481c040578f4c28326b85750dfeb898f363967f2dac8b77 SHA512 62a7c4b76f375afaf6c3f3a977d45159175a9159feb19352f1dab692cf4d0039528d2cf1a697760c0812034808cfd1be1c387975019e90ad349de8b3caca621a WHIRLPOOL 1b3c464a5cc39294268b351a03c762e07e876450b7c453ca3c6934549fd9ca0801c43f1db0e4727bf173b8c32ef657d809fa80c4d490f63bf991000762d81e61 +MISC ChangeLog-2015 5908 SHA256 064fb710a31bc7f3ccca52d220832a71fd12e9d2bc44d924821eb59b9f802577 SHA512 380ae6c889bbabbaed12ab1a4a360c974024acdfbdbea27be8a4edb3d1824951ba17472e9f564debeb9928224d4014b01cddef6fe89e9286ffd941602c8339fa WHIRLPOOL d7e7eb9723819fd77f583f32800a532c190469e79303dfc5c2d48d32ee74c1dfff48d0f15cb08a706d6e6abfe8b1d8d5cbda7273542e68e01eaf32620cd036dc +MISC metadata.xml 405 SHA256 f00aa4ca742840a4285cf6ee239cc319f88af5ba60d5aa1d3f0b62b2db50f99c SHA512 accad1ef4202c9ebd7292ae6e1e68a1c59ddbfb741779a635058d54aa1efbf8b70b5e045d53dc9dba61256d5981e11c57b540a1c7b8fb38207863a6f2c50a5af WHIRLPOOL 9726f030b21142d38207cfdfb784673473346c719e81cbc53a7170a3f0c4838697f7f83de9757ffbc3700477ebc5b9b9b07e8d0194ec34c26727bbdd1ec4b84a diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch new file mode 100644 index 000000000000..92ea22f0e4ce --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch @@ -0,0 +1,42 @@ +fix from upstream for building w/newer libtirpc + +From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001 +From: Steve Dickson +Date: Mon, 2 Nov 2015 17:05:18 -0500 +Subject: [PATCH rpcbind] handle_reply: Don't use the xp_auth pointer directly + +In the latest libtirpc version to access the xp_auth +one must use the SVC_XP_AUTH macro. To be backwards +compatible a couple ifdefs were added to use the +macro when it exists. + +Signed-off-by: Steve Dickson +--- + src/rpcb_svc_com.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 4ae93f1..22d6c84 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt) + a.rmt_localvers = fi->versnum; + + xprt_set_caller(xprt, fi); ++#if defined(SVC_XP_AUTH) ++ SVC_XP_AUTH(xprt) = svc_auth_none; ++#else + xprt->xp_auth = &svc_auth_none; ++#endif + svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a); ++#if !defined(SVC_XP_AUTH) + SVCAUTH_DESTROY(xprt->xp_auth); + xprt->xp_auth = NULL; ++#endif ++ + done: + if (buffer) + free(buffer); +-- +2.5.2 + diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch new file mode 100644 index 000000000000..9c03bda80a08 --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch @@ -0,0 +1,86 @@ +https://bugs.gentoo.org/560990 + +fix from upstream + +From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001 +From: Olaf Kirch +Date: Fri, 30 Oct 2015 10:18:20 -0400 +Subject: [PATCH rpcbind] Fix memory corruption in PMAP_CALLIT code + + - A PMAP_CALLIT call comes in on IPv4 UDP + - rpcbind duplicates the caller's address to a netbuf and stores it in + FINFO[0].caller_addr. caller_addr->buf now points to a memory region A + with a size of 16 bytes + - rpcbind forwards the call to the local service, receives a reply + - when processing the reply, it does this in xprt_set_caller: + xprt->xp_rtaddr = *FINFO[0].caller_addr + It sends out the reply, and then frees the netbuf caller_addr and + caller_addr.buf. + However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers + to memory region A, which is free. + - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will + be called, which will set xp_rtaddr to the client's address. + It will reuse the buffer inside xp_rtaddr, ie it will write a + sockaddr_in to region A + +Some time down the road, an incoming TCP connection is accepted, +allocating a fresh SVCXPRT. The memory region A is inside the +new SVCXPRT + + - While processing the TCP call, another UDP call comes in, again + overwriting region A with the client's address + - TCP client closes connection. In svc_destroy, we now trip over + the garbage left in region A + +We ran into the case where a commercial scanner was triggering +occasional rpcbind segfaults. The core file that was captured showed +a corrupted xprt->xp_netid pointer that was really a sockaddr_in. + +Signed-off-by: Olaf Kirch +Signed-off-by: Steve Dickson +--- + src/rpcb_svc_com.c | 23 ++++++++++++++++++++++- + 1 file changed, 22 insertions(+), 1 deletion(-) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index ff9ce6b..4ae93f1 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds) + return (ncallbacks_found); + } + ++/* ++ * This is really a helper function defined in libtirpc, ++ * but unfortunately, it hasn't been exported yet. ++ */ ++static struct netbuf * ++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len) ++{ ++ if (nb->len != len) { ++ if (nb->len) ++ mem_free(nb->buf, nb->len); ++ nb->buf = mem_alloc(len); ++ if (nb->buf == NULL) ++ return NULL; ++ ++ nb->maxlen = nb->len = len; ++ } ++ memcpy(nb->buf, ptr, len); ++ return nb; ++} ++ + static void + xprt_set_caller(SVCXPRT *xprt, struct finfo *fi) + { ++ const struct netbuf *caller = fi->caller_addr; + u_int32_t *xidp; + +- *(svc_getrpccaller(xprt)) = *(fi->caller_addr); ++ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len); + xidp = __rpcb_get_dg_xidp(xprt); + *xidp = fi->caller_xid; + } +-- +2.5.2 + diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch new file mode 100644 index 000000000000..8e1b69beb180 --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch @@ -0,0 +1,246 @@ +From 196e8f3abaa6e8899ba2655c6c2d8751e33a9795 Mon Sep 17 00:00:00 2001 +From: "Yann E. MORIN" +Date: Wed, 17 Aug 2016 10:16:47 -0400 +Subject: [PATCH] src: remove use of the __P() macro + +The __P() macro is a legacy compatibility macro aimed making pre-ANSI +(i.e. K&R) compilers that do not support function prototypes happy, +while still allowing such prototypes for ANSI-compliant compilers. + +Since virtually all compilers have been ANSI-compliant for a few decades +now, use of __P() is totally useless. + +Furthermore, __P() is defined in the non-standard sys/cdefs.h header. +This header is present in glibc and uClibc, and both have it included +from many of their headers. So, sys/cdefs.h is automagically included in +most cases and its macros are available. + +However, the musl C library does not provide this sys/cdefs.h header. +Thus, the build breaks on musl. + +For all the above reasons, get rid of __P() wherever it is used; just +always declare real function prototypes. + +Reviewed-by: Chuck Lever +Signed-off-by: "Yann E. MORIN" +Signed-off-by: Steve Dickson +Cc: Chuck Lever +Cc: Steve Dickson +Cc: Mike Frysinger +--- + src/check_bound.c | 2 +- + src/pmap_svc.c | 10 +++++----- + src/rpcb_svc.c | 10 +++++----- + src/rpcb_svc_4.c | 14 ++++++-------- + src/rpcb_svc_com.c | 46 +++++++++++++++++++++++----------------------- + src/rpcbind.c | 12 ++++++------ + src/util.c | 2 +- + src/warmstart.c | 4 ++-- + 8 files changed, 49 insertions(+), 51 deletions(-) + +diff --git a/src/check_bound.c b/src/check_bound.c +index c70b845..92bfd36 100644 +--- a/src/check_bound.c ++++ b/src/check_bound.c +@@ -70,7 +70,7 @@ static struct fdlist *fdhead; /* Link list of the check fd's */ + static struct fdlist *fdtail; + static char *nullstring = ""; + +-static bool_t check_bound __P((struct fdlist *, char *uaddr)); ++static bool_t check_bound(struct fdlist *, char *uaddr); + + /* + * Returns 1 if the given address is bound for the given addr & transport +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index ad28b93..4c744fe 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -60,11 +60,11 @@ static char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro"; + #include "rpcbind.h" + #include "xlog.h" + #include /* svc_getcaller routine definition */ +-static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t, +- rpcprot_t)); +-static bool_t pmapproc_change __P((struct svc_req *, SVCXPRT *, u_long)); +-static bool_t pmapproc_getport __P((struct svc_req *, SVCXPRT *)); +-static bool_t pmapproc_dump __P((struct svc_req *, SVCXPRT *)); ++static struct pmaplist *find_service_pmap(rpcprog_t, rpcvers_t, ++ rpcprot_t); ++static bool_t pmapproc_change(struct svc_req *, SVCXPRT *, u_long); ++static bool_t pmapproc_getport(struct svc_req *, SVCXPRT *); ++static bool_t pmapproc_dump(struct svc_req *, SVCXPRT *); + + /* + * Called for all the version 2 inquiries. +diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c +index bd92201..709e3fb 100644 +--- a/src/rpcb_svc.c ++++ b/src/rpcb_svc.c +@@ -53,10 +53,10 @@ + #include "rpcbind.h" + #include "xlog.h" + +-static void *rpcbproc_getaddr_3_local __P((void *, struct svc_req *, SVCXPRT *, +- rpcvers_t)); +-static void *rpcbproc_dump_3_local __P((void *, struct svc_req *, SVCXPRT *, +- rpcvers_t)); ++static void *rpcbproc_getaddr_3_local(void *, struct svc_req *, SVCXPRT *, ++ rpcvers_t); ++static void *rpcbproc_dump_3_local(void *, struct svc_req *, SVCXPRT *, ++ rpcvers_t); + + /* + * Called by svc_getreqset. There is a separate server handle for +@@ -75,7 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; +- void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++ void *(*local)(void *, struct svc_req *, SVCXPRT *, rpcvers_t); + rpcprog_t setprog = 0; + + rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc); +diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c +index b673452..5094879 100644 +--- a/src/rpcb_svc_4.c ++++ b/src/rpcb_svc_4.c +@@ -54,13 +54,11 @@ + #include "rpcbind.h" + #include "xlog.h" + +-static void *rpcbproc_getaddr_4_local __P((void *, struct svc_req *, SVCXPRT *, +- rpcvers_t)); +-static void *rpcbproc_getversaddr_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); +-static void *rpcbproc_getaddrlist_4_local +- __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); +-static void free_rpcb_entry_list __P((rpcb_entry_list_ptr *)); +-static void *rpcbproc_dump_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++static void *rpcbproc_getaddr_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t); ++static void *rpcbproc_getversaddr_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t); ++static void *rpcbproc_getaddrlist_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t); ++static void free_rpcb_entry_list(rpcb_entry_list_ptr *); ++static void *rpcbproc_dump_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t); + + /* + * Called by svc_getreqset. There is a separate server handle for +@@ -78,7 +76,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + } argument; + char *result; + xdrproc_t xdr_argument, xdr_result; +- void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++ void *(*local)(void *, struct svc_req *, SVCXPRT *, rpcvers_t); + rpcprog_t setprog = 0; + + rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc); +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 148fe42..5862c26 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -100,29 +100,29 @@ struct finfo { + static struct finfo FINFO[NFORWARD]; + + +-static bool_t xdr_encap_parms __P((XDR *, struct encap_parms *)); +-static bool_t xdr_rmtcall_args __P((XDR *, struct r_rmtcall_args *)); +-static bool_t xdr_rmtcall_result __P((XDR *, struct r_rmtcall_args *)); +-static bool_t xdr_opaque_parms __P((XDR *, struct r_rmtcall_args *)); +-static int find_rmtcallfd_by_netid __P((char *)); +-static SVCXPRT *find_rmtcallxprt_by_fd __P((int)); +-static int forward_register __P((u_int32_t, struct netbuf *, int, char *, +- rpcproc_t, rpcvers_t, u_int32_t *)); +-static struct finfo *forward_find __P((u_int32_t)); +-static int free_slot_by_xid __P((u_int32_t)); +-static int free_slot_by_index __P((int)); +-static int netbufcmp __P((struct netbuf *, struct netbuf *)); +-static struct netbuf *netbufdup __P((struct netbuf *)); +-static void netbuffree __P((struct netbuf *)); +-static int check_rmtcalls __P((struct pollfd *, int)); +-static void xprt_set_caller __P((SVCXPRT *, struct finfo *)); +-static void send_svcsyserr __P((SVCXPRT *, struct finfo *)); +-static void handle_reply __P((int, SVCXPRT *)); +-static void find_versions __P((rpcprog_t, char *, rpcvers_t *, rpcvers_t *)); +-static rpcblist_ptr find_service __P((rpcprog_t, rpcvers_t, char *)); +-static char *getowner __P((SVCXPRT *, char *, size_t)); +-static int add_pmaplist __P((RPCB *)); +-static int del_pmaplist __P((RPCB *)); ++static bool_t xdr_encap_parms(XDR *, struct encap_parms *); ++static bool_t xdr_rmtcall_args(XDR *, struct r_rmtcall_args *); ++static bool_t xdr_rmtcall_result(XDR *, struct r_rmtcall_args *); ++static bool_t xdr_opaque_parms(XDR *, struct r_rmtcall_args *); ++static int find_rmtcallfd_by_netid(char *); ++static SVCXPRT *find_rmtcallxprt_by_fd(int); ++static int forward_register(u_int32_t, struct netbuf *, int, char *, ++ rpcproc_t, rpcvers_t, u_int32_t *); ++static struct finfo *forward_find(u_int32_t); ++static int free_slot_by_xid(u_int32_t); ++static int free_slot_by_index(int); ++static int netbufcmp(struct netbuf *, struct netbuf *); ++static struct netbuf *netbufdup(struct netbuf *); ++static void netbuffree(struct netbuf *); ++static int check_rmtcalls(struct pollfd *, int); ++static void xprt_set_caller(SVCXPRT *, struct finfo *); ++static void send_svcsyserr(SVCXPRT *, struct finfo *); ++static void handle_reply(int, SVCXPRT *); ++static void find_versions(rpcprog_t, char *, rpcvers_t *, rpcvers_t *); ++static rpcblist_ptr find_service(rpcprog_t, rpcvers_t, char *); ++static char *getowner(SVCXPRT *, char *, size_t); ++static int add_pmaplist(RPCB *); ++static int del_pmaplist(RPCB *); + + /* + * Set a mapping of program, version, netid +diff --git a/src/rpcbind.c b/src/rpcbind.c +index c4265cd..87ccdc2 100644 +--- a/src/rpcbind.c ++++ b/src/rpcbind.c +@@ -136,13 +136,13 @@ char *tcp_uaddr; /* Universal TCP address */ + static char servname[] = "rpcbind"; + static char superuser[] = "superuser"; + +-int main __P((int, char *[])); ++int main(int, char *[]); + +-static int init_transport __P((struct netconfig *)); +-static void rbllist_add __P((rpcprog_t, rpcvers_t, struct netconfig *, +- struct netbuf *)); +-static void terminate __P((int)); +-static void parseargs __P((int, char *[])); ++static int init_transport(struct netconfig *); ++static void rbllist_add(rpcprog_t, rpcvers_t, struct netconfig *, ++ struct netbuf *); ++static void terminate(int); ++static void parseargs(int, char *[]); + + int + main(int argc, char *argv[]) +diff --git a/src/util.c b/src/util.c +index a6c835b..74b0284 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -70,7 +70,7 @@ static struct sockaddr_in *local_in4; + static struct sockaddr_in6 *local_in6; + #endif + +-static int bitmaskcmp __P((void *, void *, void *, int)); ++static int bitmaskcmp(void *, void *, void *, int); + + /* + * For all bits set in "mask", compare the corresponding bits in +diff --git a/src/warmstart.c b/src/warmstart.c +index b6eb73e..122a058 100644 +--- a/src/warmstart.c ++++ b/src/warmstart.c +@@ -58,8 +58,8 @@ + #define PMAPFILE RPCBIND_STATEDIR "/portmap.xdr" + #endif + +-static bool_t write_struct __P((char *, xdrproc_t, void *)); +-static bool_t read_struct __P((char *, xdrproc_t, void *)); ++static bool_t write_struct(char *, xdrproc_t, void *); ++static bool_t read_struct(char *, xdrproc_t, void *); + + static bool_t + write_struct(char *filename, xdrproc_t structproc, void *list) +-- +1.8.3.1 + diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch new file mode 100644 index 000000000000..cef088badc91 --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch @@ -0,0 +1,21 @@ +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 5862c26..e11f61b 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -48,6 +48,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/, + static bool_t + xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) + { +- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); ++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE)); + } + + /* diff --git a/net-nds/rpcbind/files/rpcbind.confd b/net-nds/rpcbind/files/rpcbind.confd new file mode 100644 index 000000000000..ddc09172d10d --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind.confd @@ -0,0 +1,4 @@ +# /etc/conf.d/rpcbind + +# Options for `rpcbind`. +#RPCBIND_OPTS="-l" diff --git a/net-nds/rpcbind/files/rpcbind.initd b/net-nds/rpcbind/files/rpcbind.initd new file mode 100644 index 000000000000..18329778c38c --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + use net + before inetd xinetd + provide portmap +} + +start() { + ebegin "Starting rpcbind" + start-stop-daemon --start --quiet --exec /sbin/rpcbind -- ${RPCBIND_OPTS} + eend $? +} + +stop() { + ebegin "Stopping rpcbind" + start-stop-daemon --stop --quiet --exec /sbin/rpcbind + eend $? +} diff --git a/net-nds/rpcbind/files/rpcbind.service b/net-nds/rpcbind/files/rpcbind.service new file mode 100644 index 000000000000..305ea9b10b71 --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind.service @@ -0,0 +1,13 @@ +[Unit] +Description=RPC Bind +After=network.target +Wants=rpcbind.target +Before=rpcbind.target + +[Service] +Type=forking +ExecStart=/sbin/rpcbind +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/net-nds/rpcbind/metadata.xml b/net-nds/rpcbind/metadata.xml new file mode 100644 index 000000000000..664c6a547a01 --- /dev/null +++ b/net-nds/rpcbind/metadata.xml @@ -0,0 +1,13 @@ + + + + + base-system@gentoo.org + + + Enables rpcbind to cache configuration for warm restarts + + + rpcbind + + diff --git a/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild new file mode 100644 index 000000000000..cdbbee00c44a --- /dev/null +++ b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-0.2.3:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch "${FILESDIR}"/${P}-libtirpc.patch + epatch "${FILESDIR}"/${P}-mem-corrupt.patch #560990 + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} diff --git a/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild b/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild new file mode 100644 index 000000000000..1d4183d7905b --- /dev/null +++ b/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-0.2.3:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch "${FILESDIR}"/${P}-libtirpc.patch + epatch "${FILESDIR}"/${P}-mem-corrupt.patch #560990 + epatch "${FILESDIR}"/${P}-remove-P-macro.patch #589666 + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild new file mode 100644 index 000000000000..9afcf79d3283 --- /dev/null +++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-1.0:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +PATCHES=( + "${FILESDIR}/${P}-CVE-2017-8779.patch" +) + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch "${PATCHES[@]}" + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} diff --git a/net-nds/rpcbind/rpcbind-0.2.4.ebuild b/net-nds/rpcbind/rpcbind-0.2.4.ebuild new file mode 100644 index 000000000000..79f8f8fe713d --- /dev/null +++ b/net-nds/rpcbind/rpcbind-0.2.4.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-1.0:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} diff --git a/net-nds/rpcbind/rpcbind-9999.ebuild b/net-nds/rpcbind/rpcbind-9999.ebuild new file mode 100644 index 000000000000..8ed5edc7bbf4 --- /dev/null +++ b/net-nds/rpcbind/rpcbind-9999.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-0.2.3:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} -- cgit v1.2.3