Accepting request 177264 from network:utilities

- tcpd-ocloexec.patch: Use O_CLOEXEC whenever neccesary, otherwise fd leaks will follow. (forwarded request 177206 from elvigia) OBS-URL: https://build.opensuse.org/request/show/177264 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tcpd?expand=0&rev=22
2013-06-05 11:38:29 +00:00 · 2013-06-05 11:38:29 +00:00 · 0882a4e515
commit 0882a4e515
parent 6d60641262 a25592e577
3 changed files with 78 additions and 1 deletions
--- a/tcpd-ocloexec.patch
+++ b/tcpd-ocloexec.patch
@ -0,0 +1,70 @@
+--- rfc931.c.orig
+++ rfc931.c
+@@ -45,7 +45,7 @@ int     protocol;
+     int     s;
+     FILE   *fp;
+ 
+-    if ((s = socket(domain, type, protocol)) < 0) {
+    if ((s = socket(domain, type | SOCK_CLOEXEC, protocol)) < 0) {
+ 	tcpd_warn("socket: %m");
+ 	return (0);
+     } else {
+--- tcpdchk.c.orig
+++ tcpdchk.c
+@@ -210,7 +210,7 @@ struct request_info *request;
+ 
+     saved_context = tcpd_context;		/* stupid compilers */
+ 
+-    if (fp = fopen(table, "r")) {
+    if (fp = fopen(table, "re")) {
+ 	tcpd_context.file = table;
+ 	tcpd_context.line = 0;
+ 	while (xgets(sv_list, sizeof(sv_list), fp)) {
+--- inetcf.c.orig
+++ inetcf.c
+@@ -81,12 +81,12 @@ char   *conf;
+      * guesses.
+      */
+     if (conf != 0) {
+-	if ((fp = fopen(conf, "r")) == 0) {
+	if ((fp = fopen(conf, "re")) == 0) {
+ 	    fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf);
+ 	    exit(1);
+ 	}
+     } else {
+-	for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++)
+	for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "re")) == 0; i++)
+ 	     /* void */ ;
+ 	if (!fp) {
+ 	    fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n");
+--- options.c.orig
+++ options.c
+@@ -227,7 +227,7 @@ struct request_info *request;
+     FILE   *fp;
+ 
+     sprintf(path, "%s/%s", value, eval_daemon(request));
+-    if ((fp = fopen(path, "r")) != 0) {
+    if ((fp = fopen(path, "re")) != 0) {
+ 	while ((ch = fgetc(fp)) == 0)
+ 	    write(request->fd, "", 1);
+ 	ungetc(ch, fp);
+--- hosts_access.c.orig
+++ hosts_access.c
+@@ -173,7 +173,7 @@ struct request_info *request;
+      * file descriptor leaks.
+      */
+ 
+-    if ((fp = fopen(table, "r")) != 0) {
+    if ((fp = fopen(table, "re")) != 0) {
+ 	tcpd_context.file = table;
+ 	tcpd_context.line = 0;
+ 	while (match == NO && xgets(sv_list, sizeof(sv_list), fp) != 0) {
+@@ -283,7 +283,7 @@ struct hosts_info *host;
+     int     match = NO;
+     FILE   *fp;
+ 
+-    if ((fp = fopen(path, "r")) != 0) {
+    if ((fp = fopen(path, "re")) != 0) {
+ 	while (fscanf(fp, "%s", tok) == 1 && !(match = host_match(tok, host)))
+ 	     /* void */ ;
+ 	fclose(fp);
--- a/tcpd.changes
+++ b/tcpd.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Jun  3 00:17:04 UTC 2013 - crrodriguez@opensuse.org
+
+- tcpd-ocloexec.patch: Use O_CLOEXEC whenever neccesary, 
+  otherwise fd leaks will follow.
+
 -------------------------------------------------------------------
 Fri Apr  5 10:39:36 UTC 2013 - idonmez@suse.com

--- a/tcpd.spec
+++ b/tcpd.spec
@ -62,6 +62,7 @@ Patch25:        tcp_wrappers_%{version}-shared-lib2.diff
 Patch26:        tcp_wrappers_%{version}-fedora-bug17795.diff
 Patch27:        tcp_wrappers_%{version}-fedora-bug17847.diff
 Patch28:        tcp_wrappers_7.6-implicit-decl.patch
+Patch29:        tcpd-ocloexec.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
@ -123,7 +124,7 @@ to compile and link programs against the TCP wrapper library.
 %patch26
 %patch27
 %patch28
-
+%patch29
 %build
 # make RPM_OPT_FLAGS="%{optflags} -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
 make %{?_smp_mflags} linux CC="gcc"