rpcbind/0006-don-t-use-svc_fdset.patch
Dirk Mueller 1abcad9219 Accepting request 360882 from home:kukuk:branches:network
- Add 0006-don-t-use-svc_fdset.patch: don't use the svc_fdset 
  interface for libtirpc, which is limited to 1024 connections.

- Sync with current git:
  - Replace 0002-revert-auth.patch with 
    0002-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
  - Add 0003-Delete-the-unix-socket-only-if-we-have-created-it.patch
    to fix problems with activation via sockets by systemd
  - Replace 0032-CVE-2015-7236.patch with 
    0004-Fix-memory-corruption-in-PMAP_CALLIT-code.patch
  - Add 0005-security.c-removed-warning.patch to fix compiler warnings
- Temporary remove 099-poll.patch

- Disable 0030-systemd-fix-rmtcall.patch, needs the other disabled
  patches. 
- Submit for SLE12SP2 [FATE#320393]

- Add patch 0032-CVE-2015-7236.patch to fix a segfault on certain
  remote scans [CVE-2015-7236, bsc#940191, bsc#946204]

- Document how to restrict addresses that rpcbind will listen on
  [bsc#935102]
  Added 0031-rpcbind-manpage.patch

- Add patch 0030-systemd-fix-rmtcall.patch to fix rmtcall
  forwarding (bnc#932423)

OBS-URL: https://build.opensuse.org/request/show/360882
OBS-URL: https://build.opensuse.org/package/show/network/rpcbind?expand=0&rev=58
2016-02-22 15:04:42 +00:00

114 lines
3.0 KiB
Diff

From e97a3d42704ac83453cc85d09ed48eb9755696a5 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Fri, 19 Feb 2016 15:55:38 +0100
Subject: [PATCH 1/1] rpcbind and libtirpc are both using poll in svc_run(),
but rpcbind used the old svc_fdset interface for this. This limits the
possible connections to 1024, while both could handle much more. rpcbind is
now accessing directly the svc_pollfd data of libtirpc.
Signed-off-by: Thorsten Kukuk <kukuk@thkukuk.de>
---
src/rpcb_svc_com.c | 48 ++++++++++++++++--------------------------------
1 file changed, 16 insertions(+), 32 deletions(-)
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index 22d6c84..148fe42 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -536,10 +536,6 @@ create_rmtcall_fd(struct netconfig *nconf)
rmttail->next = rmt;
rmttail = rmt;
}
- /* XXX not threadsafe */
- if (fd > svc_maxfd)
- svc_maxfd = fd;
- FD_SET(fd, &svc_fdset);
return (fd);
}
@@ -1056,9 +1052,6 @@ free_slot_by_index(int index)
fi = &FINFO[index];
if (fi->flag & FINFO_ACTIVE) {
netbuffree(fi->caller_addr);
- /* XXX may be too big, but can't access xprt array here */
- if (fi->forward_fd >= svc_maxfd)
- svc_maxfd--;
free(fi->uaddr);
fi->flag &= ~FINFO_ACTIVE;
rpcb_rmtcalls--;
@@ -1097,35 +1090,28 @@ netbuffree(struct netbuf *ap)
}
-#define MASKVAL (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND)
-extern bool_t __svc_clean_idle(fd_set *, int, bool_t);
-
void
my_svc_run()
{
- size_t nfds;
- struct pollfd pollfds[FD_SETSIZE];
int poll_ret, check_ret;
int n;
-#ifdef SVC_RUN_DEBUG
- int i;
-#endif
- register struct pollfd *p;
- fd_set cleanfds;
for (;;) {
- p = pollfds;
- for (n = 0; n <= svc_maxfd; n++) {
- if (FD_ISSET(n, &svc_fdset)) {
- p->fd = n;
- p->events = MASKVAL;
- p++;
- }
- }
- nfds = p - pollfds;
- poll_ret = 0;
+ struct pollfd my_pollfd[svc_max_pollfd];
+ int i;
+
+ if (svc_max_pollfd == 0 && svc_pollfd == NULL)
+ return;
+
+
+ for (i = 0; i < svc_max_pollfd; ++i)
+ {
+ my_pollfd[i].fd = svc_pollfd[i].fd;
+ my_pollfd[i].events = svc_pollfd[i].events;
+ my_pollfd[i].revents = 0;
+ }
- switch (poll_ret = poll(pollfds, nfds, 30 * 1000)) {
+ switch (poll_ret = poll(my_pollfd, svc_max_pollfd, 30 * 1000)) {
case -1:
/*
* We ignore all errors, continuing with the assumption
@@ -1133,8 +1119,6 @@ my_svc_run()
* other outside event) and not caused by poll().
*/
case 0:
- cleanfds = svc_fdset;
- __svc_clean_idle(&cleanfds, 30, FALSE);
continue;
default:
/*
@@ -1144,10 +1128,10 @@ my_svc_run()
* don't call svc_getreq_poll. Otherwise, there
* must be another so we must call svc_getreq_poll.
*/
- if ((check_ret = check_rmtcalls(pollfds, nfds)) ==
+ if ((check_ret = check_rmtcalls(my_pollfd, svc_max_pollfd)) ==
poll_ret)
continue;
- svc_getreq_poll(pollfds, poll_ret-check_ret);
+ svc_getreq_poll(my_pollfd, poll_ret-check_ret);
}
}
}
--
1.8.5.6