/[packages]/cauldron/libtirpc/current/SOURCES/libtirpc-0.2.4-rc2.patch
ViewVC logotype

Contents of /cauldron/libtirpc/current/SOURCES/libtirpc-0.2.4-rc2.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 500749 - (show annotations) (download)
Tue Oct 15 15:06:50 2013 UTC (7 years, 4 months ago) by luigiwalser
File size: 6021 byte(s)
- 0.2.4-rc2 (upstream patch via fedora, fixes CVE-2013-1950)
- krb5 is now used instead of gssglue

1 diff -up libtirpc-0.2.3/autogen.sh.orig libtirpc-0.2.3/autogen.sh
2 --- libtirpc-0.2.3/autogen.sh.orig 2013-02-13 10:13:59.000000000 -0500
3 +++ libtirpc-0.2.3/autogen.sh 2013-07-01 10:08:16.723416858 -0400
4 @@ -37,6 +37,6 @@ fi
5
6 aclocal
7 libtoolize --force --copy
8 -autoheader
9 +#autoheader
10 automake --add-missing --copy --gnu # -Wall
11 autoconf # -Wall
12 diff -up libtirpc-0.2.3/configure.ac.orig libtirpc-0.2.3/configure.ac
13 --- libtirpc-0.2.3/configure.ac.orig 2013-02-13 10:13:59.000000000 -0500
14 +++ libtirpc-0.2.3/configure.ac 2013-07-01 10:08:16.723416858 -0400
15 @@ -1,19 +1,34 @@
16 AC_INIT(libtirpc, 0.2.3)
17 -AM_INIT_AUTOMAKE(libtirpc, 0.2.3)
18 +AM_INIT_AUTOMAKE
19 AM_MAINTAINER_MODE
20 AC_CONFIG_SRCDIR([src/auth_des.c])
21 AC_CONFIG_MACRO_DIR([m4])
22
23 AC_ARG_ENABLE(gss,[ --enable-gss Turn on gss api], [case "${enableval}" in
24 - yes) gss=true ; AC_CHECK_LIB([gssapi],[gss_init_sec_context]) ;;
25 + yes) gss=true ;;
26 no) gss=false ;;
27 *) AC_MSG_ERROR(bad value ${enableval} for --enable-gss) ;;
28 esac],[gss=false])
29 AM_CONDITIONAL(GSS, test x$gss = xtrue)
30 +AC_ARG_WITH(gssglue,
31 + [ --with-gssglue Use libgssglue],
32 + [case "${enableval}" in
33 + yes) gssglue=true ;;
34 + no) gssglue=false ;;
35 + *) AC_MSG_ERROR(bad value ${enableval} for --with-gssglue) ;;
36 + esac],
37 + [gssglue=false])
38 +AM_CONDITIONAL(USEGSSGLUE, test x$gssglue = xtrue)
39 if test x$gss = xtrue; then
40 - AC_DEFINE(HAVE_LIBGSSAPI, 1, [])
41 - PKG_CHECK_MODULES(GSSGLUE, libgssglue, [],
42 - AC_MSG_ERROR([Unable to locate information required to use libgssglue.]))
43 + if test x$gssglue = xtrue; then
44 + PKG_CHECK_MODULES(GSSAPI, libgssglue, [],
45 + AC_MSG_ERROR([Unable to locate information required to use libgssglue.]))
46 + else
47 + GSSAPI_CFLAGS=`krb5-config --cflags gssapi`
48 + GSSAPI_LIBS=`krb5-config --libs gssapi`
49 + AC_SUBST([GSSAPI_CFLAGS])
50 + AC_SUBST([GSSAPI_LIBS])
51 + fi
52 fi
53 AC_ARG_ENABLE(ipv6,
54 [AC_HELP_STRING([--disable-ipv6], [Disable IPv6 support @<:@default=no@:>@])],
55 @@ -24,7 +39,7 @@ if test "x$enable_ipv6" != xno; then
56 fi
57
58 AC_PROG_CC
59 -AM_CONFIG_HEADER(config.h)
60 +m4_pattern_allow(AM_CONFIG_HEADERS(config.h))
61 AC_PROG_LIBTOOL
62 AC_HEADER_DIRENT
63 AC_PREFIX_DEFAULT(/usr)
64 diff -up libtirpc-0.2.3/src/auth_gss.c.orig libtirpc-0.2.3/src/auth_gss.c
65 --- libtirpc-0.2.3/src/auth_gss.c.orig 2013-02-13 10:13:59.000000000 -0500
66 +++ libtirpc-0.2.3/src/auth_gss.c 2013-07-01 10:08:16.724416786 -0400
67 @@ -269,6 +269,7 @@ authgss_get_private_data(AUTH *auth, str
68 * send an RPCSEC_GSS_DESTROY request which might inappropriately
69 * destroy the context.
70 */
71 + gd->ctx = GSS_C_NO_CONTEXT;
72 gd->gc.gc_ctx.length = 0;
73 gd->gc.gc_ctx.value = NULL;
74
75 @@ -284,7 +285,8 @@ authgss_free_private_data(struct authgss
76 if (!pd)
77 return (FALSE);
78
79 - pd->pd_ctx = NULL;
80 + if (pd->pd_ctx != GSS_C_NO_CONTEXT)
81 + gss_delete_sec_context(&min_stat, &pd->pd_ctx, NULL);
82 gss_release_buffer(&min_stat, &pd->pd_ctx_hndl);
83 memset(&pd->pd_ctx_hndl, 0, sizeof(pd->pd_ctx_hndl));
84 pd->pd_seq_win = 0;
85 diff -up libtirpc-0.2.3/src/clnt_vc.c.orig libtirpc-0.2.3/src/clnt_vc.c
86 --- libtirpc-0.2.3/src/clnt_vc.c.orig 2013-02-13 10:13:59.000000000 -0500
87 +++ libtirpc-0.2.3/src/clnt_vc.c 2013-07-01 10:08:16.724416786 -0400
88 @@ -505,7 +505,7 @@ clnt_vc_control(cl, request, info)
89 sigset_t newmask;
90 int rpc_lock_value;
91 u_int32_t tmp;
92 - u_long ltmp;
93 + u_int32_t ltmp;
94
95 assert(cl != NULL);
96
97 diff -up libtirpc-0.2.3/src/Makefile.am.orig libtirpc-0.2.3/src/Makefile.am
98 --- libtirpc-0.2.3/src/Makefile.am.orig 2013-02-13 10:13:59.000000000 -0500
99 +++ libtirpc-0.2.3/src/Makefile.am 2013-07-01 10:08:16.723416858 -0400
100 @@ -6,7 +6,7 @@
101 ## anything like that.
102
103
104 -INCLUDES = -I$(top_srcdir)/tirpc -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \
105 +AM_CPPFLAGS = -I$(top_srcdir)/tirpc -DPORTMAP -DINET6 \
106 -D_GNU_SOURCE -Wall -pipe
107
108 lib_LTLIBRARIES = libtirpc.la
109 @@ -58,8 +58,8 @@ libtirpc_la_SOURCES += xdr.c xdr_rec.c x
110 ## Secure-RPC
111 if GSS
112 libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c
113 - libtirpc_la_LDFLAGS += $(GSSGLUE_LIBS)
114 - libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSGLUE_CFLAGS)
115 + libtirpc_la_LDFLAGS += $(GSSAPI_LIBS)
116 + libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSAPI_CFLAGS)
117 endif
118
119 ## libtirpc_a_SOURCES += key_call.c key_prot_xdr.c getpublickey.c
120 diff -up libtirpc-0.2.3/src/svc_dg.c.orig libtirpc-0.2.3/src/svc_dg.c
121 --- libtirpc-0.2.3/src/svc_dg.c.orig 2013-02-13 10:13:59.000000000 -0500
122 +++ libtirpc-0.2.3/src/svc_dg.c 2013-07-01 10:08:16.725416716 -0400
123 @@ -284,7 +284,6 @@ svc_dg_getargs(xprt, xdr_args, args_ptr)
124 {
125 if (! SVCAUTH_UNWRAP(xprt->xp_auth, &(su_data(xprt)->su_xdrs),
126 xdr_args, args_ptr)) {
127 - (void)svc_freeargs(xprt, xdr_args, args_ptr);
128 return FALSE;
129 }
130 return TRUE;
131 diff -up libtirpc-0.2.3/tirpc/rpc/auth.h.orig libtirpc-0.2.3/tirpc/rpc/auth.h
132 --- libtirpc-0.2.3/tirpc/rpc/auth.h.orig 2013-02-13 10:13:59.000000000 -0500
133 +++ libtirpc-0.2.3/tirpc/rpc/auth.h 2013-07-01 10:08:16.725416716 -0400
134 @@ -51,7 +51,6 @@
135 #include <sys/cdefs.h>
136 #include <sys/socket.h>
137 #include <sys/types.h>
138 -#include <stdio.h>
139
140
141 #define MAX_AUTH_BYTES 400
142 @@ -249,19 +248,11 @@ auth_put(AUTH *auth)
143 #define auth_refresh(auth, msg) \
144 ((*((auth)->ah_ops->ah_refresh))(auth, msg))
145
146 -#if defined(__GNUC__) && defined(DEBUG)
147 -#define auth_log_debug(fmt,args...) printf(stderr, fmt, args)
148 -#else
149 -#define auth_log_debug(fmt,args...)
150 -#endif
151 -
152 #define AUTH_DESTROY(auth) \
153 do { \
154 int refs; \
155 if ((refs = auth_put((auth))) == 0) \
156 ((*((auth)->ah_ops->ah_destroy))(auth));\
157 - auth_log_debug("%s: auth_put(), refs %d\n", \
158 - __func__, refs); \
159 } while (0)
160
161 #define auth_destroy(auth) \
162 @@ -269,8 +260,6 @@ auth_put(AUTH *auth)
163 int refs; \
164 if ((refs = auth_put((auth))) == 0) \
165 ((*((auth)->ah_ops->ah_destroy))(auth));\
166 - auth_log_debug("%s: auth_put(), refs %d\n", \
167 - __func__, refs); \
168 } while (0)
169
170 #define AUTH_WRAP(auth, xdrs, xfunc, xwhere) \

  ViewVC Help
Powered by ViewVC 1.1.28