From 48833c6d4acd5caa8e5467ab21f7ba65b89613efe328e5264c8a4a3a6933e777 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 26 Jul 2019 09:01:37 +0000 Subject: [PATCH 1/4] Accepting request 714378 from home:brassh:branches:network:utilities - fix uninitialized tcpflags variables in knockd.c (Bug#1138376: Knockd unable to start after upgrade to LEAP 15.1) OBS-URL: https://build.opensuse.org/request/show/714378 OBS-URL: https://build.opensuse.org/package/show/network:utilities/knock?expand=0&rev=17 --- knock.changes | 7 ++++++- knock.spec | 4 +++- knockd-init-tcpflags-vars.patch | 15 +++++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 knockd-init-tcpflags-vars.patch diff --git a/knock.changes b/knock.changes index 3eddb9c..a6b9492 100644 --- a/knock.changes +++ b/knock.changes @@ -1,9 +1,14 @@ +Wed Jul 10 08:48 CET 2019 - brassh + +- fix uninitialized tcpflags variables in knockd.c + (Bug#1138376: Knockd unable to start after upgrade to LEAP 15.1) + ------------------------------------------------------------------- Thu Nov 23 13:46:18 UTC 2017 - rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - + ------------------------------------------------------------------- Tue Dec 1 14:49:38 UTC 2015 - p.drouand@gmail.com diff --git a/knock.spec b/knock.spec index bd69c95..0a8a700 100644 --- a/knock.spec +++ b/knock.spec @@ -29,7 +29,7 @@ Name: knock Version: 0.7 -Release: 0 +Release: 1 Summary: A Port-Knocking Client License: GPL-2.0+ Group: Productivity/Networking/Security @@ -41,6 +41,7 @@ Source3: %{name}d.conf Source4: %{name}d.service Patch0: %{name}-0.5.patch Patch1: %{name}-include.patch +Patch2: %{name}d-init-tcpflags-vars.patch BuildRequires: libpcap-devel %if %{with_systemd} BuildRequires: systemd-rpm-macros @@ -80,6 +81,7 @@ to open up holes in a firewall for quick access. %setup -q %patch0 %patch1 +%patch2 %build %configure diff --git a/knockd-init-tcpflags-vars.patch b/knockd-init-tcpflags-vars.patch new file mode 100644 index 0000000..892f8f5 --- /dev/null +++ b/knockd-init-tcpflags-vars.patch @@ -0,0 +1,15 @@ +--- src/knockd.c 2019-06-16 18:58:47.092584232 +0200 ++++ src/knockd.c 2019-06-16 18:58:31.544615113 +0200 +@@ -510,6 +510,12 @@ + door->start_command = NULL; + door->cmd_timeout = CMD_TIMEOUT; /* default command timeout (seconds) */ + door->stop_command = NULL; ++ door->flag_fin = DONT_CARE; ++ door->flag_syn = DONT_CARE; ++ door->flag_rst = DONT_CARE; ++ door->flag_psh = DONT_CARE; ++ door->flag_ack = DONT_CARE; ++ door->flag_urg = DONT_CARE; + door->one_time_sequences_fd = NULL; + door->pcap_filter_exp = NULL; + doors = list_add(doors, door); From d118abe08a19ec440ae73cfaf7f30c3aeac1f5058011c98e8fc3c3825f68cc72 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 26 Jul 2019 09:16:21 +0000 Subject: [PATCH 2/4] OBS-URL: https://build.opensuse.org/package/show/network:utilities/knock?expand=0&rev=18 --- knock.changes | 3 ++- knock.spec | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/knock.changes b/knock.changes index a6b9492..e425c7c 100644 --- a/knock.changes +++ b/knock.changes @@ -1,4 +1,5 @@ -Wed Jul 10 08:48 CET 2019 - brassh +------------------------------------------------------------------- +Wed Jul 10 08:48:00 CET 2019 - brassh@web.de - fix uninitialized tcpflags variables in knockd.c (Bug#1138376: Knockd unable to start after upgrade to LEAP 15.1) diff --git a/knock.spec b/knock.spec index 0a8a700..6be2be8 100644 --- a/knock.spec +++ b/knock.spec @@ -1,7 +1,7 @@ # # spec file for package knock # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,7 +29,7 @@ Name: knock Version: 0.7 -Release: 1 +Release: 0 Summary: A Port-Knocking Client License: GPL-2.0+ Group: Productivity/Networking/Security From 2b484108ff4c42ff24581add7fa6c175ec893bbc61a8b473fc3b36446a80704a Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Wed, 2 Jun 2021 11:20:41 +0000 Subject: [PATCH 3/4] Accepting request 895780 from home:danidoni:branches:network:utilities - Update to version 0.8 * Multiple fixes (#67, #77) * IPv6 support (Sebastien Valat) OBS-URL: https://build.opensuse.org/request/show/895780 OBS-URL: https://build.opensuse.org/package/show/network:utilities/knock?expand=0&rev=19 --- knock-0.5.patch | 17 ----------------- knock-0.7.tar.gz | 3 --- knock-0.8.tar.gz | 3 +++ knock-include.patch | 10 ---------- knock.changes | 7 +++++++ knock.spec | 20 ++++++++------------ knockd-init-tcpflags-vars.patch | 15 --------------- 7 files changed, 18 insertions(+), 57 deletions(-) delete mode 100644 knock-0.5.patch delete mode 100644 knock-0.7.tar.gz create mode 100644 knock-0.8.tar.gz delete mode 100644 knock-include.patch delete mode 100644 knockd-init-tcpflags-vars.patch diff --git a/knock-0.5.patch b/knock-0.5.patch deleted file mode 100644 index 9c4356d..0000000 --- a/knock-0.5.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- knockd.conf -+++ knockd.conf -@@ -4,12 +4,12 @@ - [openSSH] - sequence = 7000,8000,9000 - seq_timeout = 5 -- command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT -+ command = /usr/sbin/iptables -I input_ext 1 -p tcp -s %IP% -p tcp --dport 22 -j ACCEPT --dport 22 - tcpflags = syn - - [closeSSH] - sequence = 9000,8000,7000 - seq_timeout = 5 -- command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT -+ command = /usr/sbin/iptables -D input_ext -p tcp -s %IP% -p tcp --dport 22 -j ACCEPT --dport 22 - tcpflags = syn - diff --git a/knock-0.7.tar.gz b/knock-0.7.tar.gz deleted file mode 100644 index 8df7eae..0000000 --- a/knock-0.7.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9938479c321066424f74c61f6bee46dfd355a828263dc89561a1ece3f56578a4 -size 110791 diff --git a/knock-0.8.tar.gz b/knock-0.8.tar.gz new file mode 100644 index 0000000..4eb8458 --- /dev/null +++ b/knock-0.8.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:698d8c965624ea2ecb1e3df4524ed05afe387f6d20ded1e8a231209ad48169c7 +size 377107 diff --git a/knock-include.patch b/knock-include.patch deleted file mode 100644 index 7cf9ea8..0000000 --- a/knock-include.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- src/knockd.c -+++ src/knockd.c -@@ -41,6 +41,7 @@ - #include - #include - #include -+#include - #include - #include - #include diff --git a/knock.changes b/knock.changes index e425c7c..d68d6e7 100644 --- a/knock.changes +++ b/knock.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed May 19 08:49:35 UTC 2021 - Daniel Donisa + +- Update to version 0.8 + * Multiple fixes (#67, #77) + * IPv6 support (Sebastien Valat) + ------------------------------------------------------------------- Wed Jul 10 08:48:00 CET 2019 - brassh@web.de diff --git a/knock.spec b/knock.spec index 6be2be8..37dbe69 100644 --- a/knock.spec +++ b/knock.spec @@ -1,7 +1,7 @@ # # spec file for package knock # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -28,20 +28,17 @@ %endif Name: knock -Version: 0.7 +Version: 0.8 Release: 0 Summary: A Port-Knocking Client -License: GPL-2.0+ +License: GPL-2.0-or-later Group: Productivity/Networking/Security -Url: http://www.zeroflux.org/knock/ +URL: http://www.zeroflux.org/knock/ Source0: http://www.zeroflux.org/proj/knock/files/%{name}-%{version}.tar.gz Source1: %{name}d.sysconfig Source2: %{name}d.init Source3: %{name}d.conf Source4: %{name}d.service -Patch0: %{name}-0.5.patch -Patch1: %{name}-include.patch -Patch2: %{name}d-init-tcpflags-vars.patch BuildRequires: libpcap-devel %if %{with_systemd} BuildRequires: systemd-rpm-macros @@ -79,9 +76,6 @@ to open up holes in a firewall for quick access. %prep %setup -q -%patch0 -%patch1 -%patch2 %build %configure @@ -131,10 +125,12 @@ rm -rf %{buildroot}%{_datadir}/doc %defattr(-,root,root) %attr(0755,root,root) %{_bindir}/%{name} %{_mandir}/man?/%{name}.* +%{_sbindir}/knock_helper_ipt.sh %files -n knockd %defattr(-,root,root) -%doc README.md COPYING ChangeLog TODO +%doc README.md ChangeLog TODO +%license COPYING %{_sbindir}/%{name}d %if %{with_systemd} %{_unitdir}/%{name}d.service diff --git a/knockd-init-tcpflags-vars.patch b/knockd-init-tcpflags-vars.patch deleted file mode 100644 index 892f8f5..0000000 --- a/knockd-init-tcpflags-vars.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- src/knockd.c 2019-06-16 18:58:47.092584232 +0200 -+++ src/knockd.c 2019-06-16 18:58:31.544615113 +0200 -@@ -510,6 +510,12 @@ - door->start_command = NULL; - door->cmd_timeout = CMD_TIMEOUT; /* default command timeout (seconds) */ - door->stop_command = NULL; -+ door->flag_fin = DONT_CARE; -+ door->flag_syn = DONT_CARE; -+ door->flag_rst = DONT_CARE; -+ door->flag_psh = DONT_CARE; -+ door->flag_ack = DONT_CARE; -+ door->flag_urg = DONT_CARE; - door->one_time_sequences_fd = NULL; - door->pcap_filter_exp = NULL; - doors = list_add(doors, door); From 2b945db28ed01130c70958901c1a3dd1be24a5b202495a439f406c00a8edd0af Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 4 Jun 2021 09:23:14 +0000 Subject: [PATCH 4/4] - dropped knock-0.5.patch, knock-include.patch OBS-URL: https://build.opensuse.org/package/show/network:utilities/knock?expand=0&rev=20 --- knock.changes | 1 + 1 file changed, 1 insertion(+) diff --git a/knock.changes b/knock.changes index d68d6e7..325b5f2 100644 --- a/knock.changes +++ b/knock.changes @@ -4,6 +4,7 @@ Wed May 19 08:49:35 UTC 2021 - Daniel Donisa - Update to version 0.8 * Multiple fixes (#67, #77) * IPv6 support (Sebastien Valat) +- dropped knock-0.5.patch, knock-include.patch ------------------------------------------------------------------- Wed Jul 10 08:48:00 CET 2019 - brassh@web.de