Accepting request 131594 from home:elvigia:branches:network:utilities

- openslp-ocloexec.patch: open all internal fds with O_CLOEXEC so we do not leak them on fork() .. execve() particulary important in the shared library. OBS-URL: https://build.opensuse.org/request/show/131594 OBS-URL: https://build.opensuse.org/package/show/network:utilities/openslp?expand=0&rev=18
2012-08-30 23:50:58 +00:00 · 2012-08-30 23:50:58 +00:00 · 266e35ba89
commit 266e35ba89
parent 2794f2c8fa
3 changed files with 351 additions and 1 deletions
--- a/openslp-ocloexec.patch
+++ b/openslp-ocloexec.patch
@ -0,0 +1,336 @@
+--- slpd/slpd_main.c.orig
+++ slpd/slpd_main.c
+@@ -93,7 +93,7 @@ static void SLPDOpenDABackupFile()
+     char filename[1024];
+     snprintf(filename, sizeof(filename), "%s/slpd/%s", reg_file_dir, "DABackup");
+ 
+-    fp = fopen(filename, "a+");
+    fp = fopen(filename, "a+e");
+     if (!DABackupfp && !fp)
+ 	SLPDLog("Could not open DABackup file\n");
+     if (fp)
+--- slpd/slpd_outgoing.c.orig
+++ slpd/slpd_outgoing.c
+@@ -142,7 +142,7 @@ void OutgoingStreamReconnect(SLPList* so
+     /* socket                                                         */
+     /*----------------------------------------------------------------*/
+     CloseSocket(sock->fd);
+-    sock->fd = socket(PF_INET,SOCK_STREAM,0);
+    sock->fd = socket(PF_INET,SOCK_STREAM|SOCK_CLOEXEC,0);
+     if ( sock->fd < 0 )
+     {
+         sock->state = SOCKET_CLOSE;
+--- slpd/slpd_log.c.orig
+++ slpd/slpd_log.c
+@@ -99,11 +99,11 @@ int SLPDLogFileOpen(const char* path, in
+ #endif        
+         if (append)
+         {
+-            G_SlpdLogFile = fopen(path,"a");
+            G_SlpdLogFile = fopen(path,"ae");
+         }
+         else
+         {
+-            G_SlpdLogFile = fopen(path,"w");
+            G_SlpdLogFile = fopen(path,"we");
+         }
+ 
+         if (G_SlpdLogFile == 0)
+--- slpd/slpd_property.c.orig
+++ slpd/slpd_property.c
+@@ -80,7 +80,7 @@ int SLPDPropertyInit(const char* conffil
+     
+     if (conffile)
+     {
+-	G_SlpdConffileFP = fopen(conffile, "r");
+	G_SlpdConffileFP = fopen(conffile, "re");
+ 	if (G_SlpdConffileFP)
+ 	{
+ 	    SLPPropertySet("net.slp.OpenSLPConfigFile",conffile);
+--- slpd/slpd_socket.c.orig
+++ slpd/slpd_socket.c
+@@ -333,7 +333,7 @@ SLPDSocket* SLPDSocketCreateDatagram(str
+         if(sock->recvbuf && sock->sendbuf)
+         {
+ 
+-            sock->fd = socket(PF_INET, SOCK_DGRAM, 0);
+            sock->fd = socket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+             if(sock->fd >=0)
+             {
+                 switch(type)
+@@ -409,7 +409,7 @@ SLPDSocket* SLPDSocketCreateBoundDatagra
+     {
+         sock->recvbuf = SLPBufferAlloc(SLP_MAX_DATAGRAM_SIZE);
+         sock->sendbuf = SLPBufferAlloc(SLP_MAX_DATAGRAM_SIZE);
+-        sock->fd = socket(PF_INET, SOCK_DGRAM, 0);
+        sock->fd = socket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+         if(sock->fd >=0)
+         {
+ 	    if(myaddr != NULL)
+@@ -478,7 +478,7 @@ SLPDSocket* SLPDSocketCreateListen(struc
+     sock = SLPDSocketAlloc();
+     if(sock)
+     {
+-        sock->fd = socket(PF_INET, SOCK_STREAM, 0);
+        sock->fd = socket(PF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
+         if(sock->fd >= 0)
+         {
+ 	    if(peeraddr != NULL)
+@@ -492,9 +492,6 @@ SLPDSocket* SLPDSocketCreateListen(struc
+ #ifdef _WIN32
+                     fdflags = 1;
+                     ioctlsocket(sock->fd, FIONBIO, &fdflags);
+-#else
+-                    fdflags = fcntl(sock->fd, F_GETFL, 0);
+-                    fcntl(sock->fd,F_SETFL, fdflags | O_NONBLOCK);
+ #endif        
+                     sock->state = SOCKET_LISTEN;
+ 
+@@ -540,7 +537,7 @@ SLPDSocket* SLPDSocketCreateConnected(st
+     }
+ 
+     /* create the stream socket */
+-    sock->fd = socket(PF_INET,SOCK_STREAM,0);
+    sock->fd = socket(PF_INET,SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK,0);
+     if(sock->fd < 0)
+     {
+         goto FAILURE;                        
+@@ -550,9 +547,6 @@ SLPDSocket* SLPDSocketCreateConnected(st
+ #ifdef _WIN32
+     fdflags = 1;
+     ioctlsocket(sock->fd, FIONBIO, &fdflags);
+-#else
+-    fdflags = fcntl(sock->fd, F_GETFL, 0);
+-    fcntl(sock->fd,F_SETFL, fdflags | O_NONBLOCK);
+ #endif  
+ 
+     /* zero then set peeraddr to connect to */
+--- slpd/slpd_database.c.orig
+++ slpd/slpd_database.c
+@@ -877,7 +877,7 @@ int SLPDDatabaseInit(const char* regfile
+     {
+ 	fclose(regfileFP);
+     }
+-    regfileFP = fopen(regfile, "r");
+    regfileFP = fopen(regfile, "re");
+     return SLPDDatabaseReInit();
+ }
+ 
+@@ -958,7 +958,7 @@ enum {
+ 
+ static int reconnect_nl(int *fd)
+ {
+-    int new_fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_INET_DIAG);
+    int new_fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_INET_DIAG);
+ 
+     close (*fd);
+ 
+@@ -1115,15 +1115,15 @@ void SLPDDatabaseWatcher(void)
+     SLPSrvReg*          srvreg;
+ 
+     if (!initialized) {
+-	inet_diag = socket(AF_NETLINK, SOCK_RAW, NETLINK_INET_DIAG);
+-	proctcp = open("/proc/net/tcp_listen", O_RDONLY);
+	inet_diag = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_INET_DIAG);
+	proctcp = open("/proc/net/tcp_listen", O_RDONLY|O_CLOEXEC);
+ 	if (proctcp == -1)
+-	  proctcp = open("/proc/net/tcp", O_RDONLY);
+-	procudp = open("/proc/net/udp", O_RDONLY);
+-	proctcp6 = open("/proc/net/tcp6_listen", O_RDONLY);
+	  proctcp = open("/proc/net/tcp", O_RDONLY|O_CLOEXEC);
+	procudp = open("/proc/net/udp", O_RDONLY|O_CLOEXEC);
+	proctcp6 = open("/proc/net/tcp6_listen", O_RDONLY|O_CLOEXEC);
+ 	if (proctcp6 == -1)
+-	  proctcp6 = open("/proc/net/tcp6", O_RDONLY);
+-	procudp6 = open("/proc/net/udp6", O_RDONLY);
+	  proctcp6 = open("/proc/net/tcp6", O_RDONLY|O_CLOEXEC);
+	procudp6 = open("/proc/net/udp6", O_RDONLY|O_CLOEXEC);
+ 	initialized = 1;
+     }
+     flags = 0;
+@@ -1237,7 +1237,7 @@ int SLPDDatabaseReInit()
+ 
+              if ( strlen(filename)>4 && 
+                   strcmp(filename+strlen(filename)-4, ".reg") == 0 &&
+-                  (fd=fopen(filename,"rb")) )
+                  (fd=fopen(filename,"rbe")) )
+              {
+                  while ( SLPDRegFileReadSrvReg(fd, SLP_REG_SOURCE_STATIC, &msg, &buf) == 0 )
+                  {
+--- common/slp_property.c.orig
+++ common/slp_property.c
+@@ -345,7 +345,7 @@ int SLPPropertyReadFile(const char* conf
+     FILE*   fp;
+     int     ret;
+ 
+-    fp = fopen(conffile,"r");
+    fp = fopen(conffile,"re");
+     if (fp)
+     {
+ 	/* Set the property that keeps track of conffile */
+--- slpd/slpd_mdns.c.orig
+++ slpd/slpd_mdns.c
+@@ -70,7 +70,7 @@ SLPDSocket* SLPDMDNSCreateBoundDatagram(
+       sock->ifaddr.sin_addr = *myaddr;
+     sock->recvbuf = SLPBufferAlloc(MDNS_MAX_DATAGRAM_SIZE);
+     sock->sendbuf = SLPBufferAlloc(MDNS_MAX_DATAGRAM_SIZE);
+-    sock->fd = socket(PF_INET, SOCK_DGRAM, 0);
+    sock->fd = socket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+     if (sock->fd < 0)
+     {
+ 	SLPDSocketFree(sock);
+--- common/slp_xcast.c.orig
+++ common/slp_xcast.c
+@@ -116,7 +116,7 @@ int SLPBroadcastSend(const SLPIfaceInfo*
+          socks->sock_count < ifaceinfo->iface_count; 
+          socks->sock_count++)
+     {
+-        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM, 0);
+        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+         if (socks->sock[socks->sock_count] < 0)
+         {
+             /* error creating socket */
+@@ -190,7 +190,7 @@ int SLPMulticastSend(const SLPIfaceInfo*
+          socks->sock_count < ifaceinfo->iface_count;
+          socks->sock_count++)
+     {
+-        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM, 0);
+        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+         if (socks->sock[socks->sock_count] < 0)
+         {
+             /* error creating socket */
+--- common/slp_dhcp.c.orig
+++ common/slp_dhcp.c
+@@ -135,7 +135,7 @@ static int dhcpCreateBCSkt(struct sockad
+ #endif
+ 
+ 	/* setup dhcp broadcast-to-server address structure */
+-	if((sockfd = socket(AF_INET, SOCK_DGRAM, 0)) >= 0)
+	if((sockfd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0)) >= 0)
+ 	{
+ 		struct sockaddr_in localaddr;
+ 
+@@ -369,7 +369,7 @@ static int dhcpGetAddressInfo(unsigned c
+ 	struct arpreq arpreq;
+ 	struct sockaddr_in *sin;
+ 
+-	if ((sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+	if ((sockfd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0)
+ 		return -1;
+ 
+ 	*hlen = 0;
+--- common/slp_network.c.orig
+++ common/slp_network.c
+@@ -70,7 +70,7 @@ int SLPNetworkConnectStream(struct socka
+ 
+     /* TODO: Make this connect non-blocking so that it will timeout */
+ 
+-    result = socket(AF_INET,SOCK_STREAM,0);
+    result = socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,0);
+     if(result >= 0)
+     {
+         if(connect(result,
+@@ -132,7 +132,7 @@ int SLPNetworkConnectToMulticast(struct
+ 
+ 
+     /* setup multicast socket */
+-    sockfd = socket(AF_INET,SOCK_DGRAM,0);
+    sockfd = socket(AF_INET,SOCK_DGRAM|SOCK_CLOEXEC,0);
+     if(sockfd >= 0)
+     {
+         peeraddr->sin_family = AF_INET;
+@@ -190,7 +190,7 @@ int SLPNetworkConnectToBroadcast(struct
+ 
+ 
+     /* setup broadcast */
+-    sockfd = socket(AF_INET, SOCK_DGRAM, 0);
+    sockfd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+     if(sockfd >= 0)
+     {
+         peeraddr->sin_family = AF_INET;
+--- common/slp_xmalloc.c.orig
+++ common/slp_xmalloc.c
+@@ -317,7 +317,7 @@ char* _xstrdup(const char* file,
+ int xmalloc_init(const char* filename, size_t freemem)
+ /*=========================================================================*/
+ {
+-    G_xmalloc_fh = fopen(filename, "w");
+    G_xmalloc_fh = fopen(filename, "we");
+     if(G_xmalloc_fh)
+     {
+         return 0;
+--- common/slp_spi.c.orig
+++ common/slp_spi.c
+@@ -112,7 +112,7 @@ SLPCryptoDSAKey* SLPSpiReadKeyFile(const
+     FILE*            fp;
+     SLPCryptoDSAKey* result = 0;
+ 
+-    fp = fopen(keyfile,"r");
+    fp = fopen(keyfile,"re");
+     if(fp)
+     {
+         if(keytype == SLPSPI_KEY_TYPE_PUBLIC)
+@@ -264,7 +264,7 @@ SLPSpiHandle SLPSpiOpen(const char* spif
+     SLPSpiHandle    result = 0;
+     SLPSpiEntry*    spientry;      
+ 
+-    fp = fopen(spifile,"r");
+    fp = fopen(spifile,"re");
+     if(fp)
+     {
+         result = xmalloc(sizeof(struct _SLPSpiHandle));
+--- common/slp_iface.c.orig
+++ common/slp_iface.c
+@@ -111,7 +111,7 @@ int SLPIfaceGetInfo(const char* useiface
+     ifc.ifc_len = sizeof(struct ifreq) * SLP_MAX_IFACES ;
+     ifc.ifc_req = ifrlist;
+     
+-    fd = socket(AF_INET,SOCK_STREAM,0);
+    fd = socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,0);
+     if(fd == -1)
+     {
+         /* failed to create socket */
+--- libslp/libslp_network.c.orig
+++ libslp/libslp_network.c
+@@ -68,7 +68,7 @@ int NetworkConnectToSlpd(struct sockaddr
+ #endif
+     int result;
+ 
+-    result = socket(AF_INET,SOCK_STREAM,0);
+    result = socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,0);
+     if(result >= 0)
+     {
+         peeraddr->sin_family      = AF_INET;
+--- libslp/libslp_mdns.c.orig
+++ libslp/libslp_mdns.c
+@@ -665,7 +665,7 @@ int SLPMDNSMulticastSend(const SLPIfaceI
+          socks->sock_count < ifaceinfo->iface_count;
+          socks->sock_count++)
+     {
+-        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM, 0);
+        socks->sock[socks->sock_count] = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+         if (socks->sock[socks->sock_count] < 0)
+         {
+             /* error creating socket */
+@@ -892,7 +892,7 @@ int SLPMDNSXcastRecvMessage(const SLPXca
+ 		mhdr.msg_control = cmsgbuf;
+ 		mhdr.msg_controllen = sizeof(cmsgbuf);
+ 		mhdr.msg_flags = 0;
+-		bytesread = recvmsg(mdnssockets->sock[i], &mhdr, 0);
+		bytesread = recvmsg(mdnssockets->sock[i], &mhdr, MSG_CMSG_CLOEXEC);
+ 		if (bytesread < 12)
+ 		    continue;
+ 		cmsg = CMSG_FIRSTHDR(&mhdr);
+--- configure.in.orig
+++ configure.in
+@@ -111,7 +111,9 @@ fi
+ dnl ***********************************************************************
+ dnl Checks for programs.
+ dnl ***********************************************************************
+-AC_PROG_CC
+AC_PROG_CC_STDC
+AC_USE_SYSTEM_EXTENSIONS
+AC_SYS_LARGEFILE
+ AC_PROG_INSTALL
+ AM_PROG_LIBTOOL
+ AM_PROG_LEX
--- a/openslp.changes
+++ b/openslp.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Aug 25 15:56:43 UTC 2012 - crrodriguez@opensuse.org
+
+- openslp-ocloexec.patch: open all internal fds with O_CLOEXEC
+  so we do not leak them on fork() .. execve() particulary
+  important in the shared library.
+
 -------------------------------------------------------------------
 Wed Feb  8 20:14:48 UTC 2012 - coolo@suse.com

--- a/openslp.spec
+++ b/openslp.spec
@ -71,6 +71,7 @@ Patch21:        openslp.ignorespaces.diff
 Patch22:        openslp.parseext.diff
 Patch23:        openslp-1.2.0-visibility.patch
 Patch24:        openslp-1.2.0-daemon.diff
+Patch25:        openslp-ocloexec.patch

 %description
 Service Location Protocol is an IETF standards track protocol that
@ -102,7 +103,8 @@ services that should be used via an SLP client must run this server and
 register the service.

 %package devel
-Requires:       openssl-devel openslp = %version
+Requires:       openslp = %version
+Requires:       openssl-devel
 Summary:        OpenSLP Development SDK
 Group:          System/Daemons
 # bug437293
@ -149,6 +151,7 @@ such applications.
 %patch22
 %patch23
 %patch24 -p1
+%patch25 

 %build
 autoreconf -fiv
@ -204,6 +207,10 @@ install -D -m 644 %{S:7} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d
 install -D -m 644 %{S:9} %{buildroot}%{_unitdir}/slpd.service
 %endif

+#XXX test suite requires root
+#%check
+#make check
+
 %post   -p /sbin/ldconfig

 %postun -p /sbin/ldconfig