OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libtirpc?expand=0&rev=6

2008-11-18 16:28:47 +00:00 · 2008-11-18 16:28:47 +00:00 · 1a37a695af
commit 1a37a695af
parent 57c3a3a8c2
4 changed files with 122 additions and 1 deletions
--- a/libtirpc-clnt_broadcast_fix.patch
+++ b/libtirpc-clnt_broadcast_fix.patch
@ -0,0 +1,34 @@
+commit 8d096a0572b955835f7f64f267a29047091e0a8e
+Author: Olaf Kirch <okir@suse.de>
+Date:   Wed Nov 12 16:10:53 2008 +0100
+
+    Fix a bug in clnt broadcast
+    
+    Before calling the replyproc function on a broadcast reply,
+    we convert the server-provided address using uaddr2taddr.
+    This may fail (eg if the server provided a garbage address),
+    and return NULL. In this case, we should not call the replyproc
+    function - because the caller expects the address netbuf to
+    be a valid pointer, rather than NULL.
+    
+    Signed-off-by: Olaf Kirch <okir@suse.de>
+
+diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c
+index aa2b8f2..899eb76 100644
+--- a/src/clnt_bcast.c
+++ b/src/clnt_bcast.c
+@@ -607,9 +607,11 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
+ #endif
+ 						np = uaddr2taddr(
+ 						    fdlist[i].nconf, uaddrp);
+-						done = (*eachresult)(resultsp,
+-						    np, fdlist[i].nconf);
+-						free(np);
+						if (np != NULL) {
+							done = (*eachresult)(resultsp,
+							    np, fdlist[i].nconf);
+							free(np);
+						}
+ #ifdef PORTMAP
+ 					}
+ #endif				/* PORTMAP */
--- a/libtirpc-rpc_broadcast_misformed_replies.patch
+++ b/libtirpc-rpc_broadcast_misformed_replies.patch
@ -0,0 +1,74 @@
+commit 17619288497d76ade1671f0adbda682548d026d5
+Author: Olaf Kirch <okir@suse.de>
+Date:   Thu Nov 13 10:24:39 2008 +0100
+
+    rpc_broadcast: handle misformed rpcbind replies
+    
+    Some rpcbind implementations seem to return IPv6 uaddrs
+    in response to an IPv4 broadcast (which is probably due
+    to their using a single v6 socket to handle both v6 and
+    v4 requests).
+    
+    We can either discard these replies, or fix them up silently.
+    Here's a patch that implements the latter.
+    
+    Signed-off-by: Olaf Kirch <okir@suse.de>
+
+diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c
+index 899eb76..55efc9d 100644
+--- a/src/clnt_bcast.c
+++ b/src/clnt_bcast.c
+@@ -227,6 +227,39 @@ __rpc_broadenable(int af, int s, struct broadif *bip)
+ 	return 0;
+ }
+ 
+/*
+ * Some rpcbind implementations use an IPv6 socket to serve both 
+ * IPv4 and IPv6 messages, but neglect to check for the caller's
+ * address family when sending broadcast replies. These rpcbind
+ * implementations return an IPv6 address in reply to an IPv4
+ * broadcast. We can either ignore them, or try to patch them up.
+ */
+static struct netbuf *
+__ipv6v4_fixup(struct sockaddr_storage *ss, const char *uaddr)
+{
+	struct sockaddr_in sin;
+	struct netbuf *np;
+
+	/* ss is the remote rpcbind server's address */
+	if (ss->ss_family != AF_INET)
+		return NULL;
+	memcpy(&sin, ss, sizeof(sin));
+
+	np = __rpc_uaddr2taddr_af(AF_INET6, uaddr);
+	if (np == NULL)
+		return NULL;
+
+	/* Overwrite the port with that of the service we
+	 * wanted to talk to. */
+	sin.sin_port = ((struct sockaddr_in6 *) np)->sin6_port;
+
+	/* We know netbuf holds a sockaddr_in6, so it can easily
+	 * hold a sockaddr_in as well. */
+	memcpy(np->buf, &sin, sizeof(sin));
+	np->len = sizeof(sin);
+
+	return np;
+}
+ 
+ enum clnt_stat
+ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
+@@ -607,6 +640,13 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp,
+ #endif
+ 						np = uaddr2taddr(
+ 						    fdlist[i].nconf, uaddrp);
+						/* Some misguided rpcbind implemenations
+						 * seem to return an IPv6 uaddr in IPv4
+						 * responses. */
+						if (np == NULL)
+							np = __ipv6v4_fixup(
+								&fdlist[i].raddr,
+								uaddrp);
+ 						if (np != NULL) {
+ 							done = (*eachresult)(resultsp,
+ 							    np, fdlist[i].nconf);
--- a/libtirpc.changes
+++ b/libtirpc.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Nov 17 16:20:57 CET 2008 - mkoenig@suse.de
+
+- Fix a bug in clnt broadcast and handle misformed rpcbind replies
+  [bnc#436038]
+
 -------------------------------------------------------------------
 Wed Oct 22 16:17:26 CEST 2008 - mrueckert@suse.de

--- a/libtirpc.spec
+++ b/libtirpc.spec
@ -24,7 +24,7 @@ License:        Other uncritical OpenSource License; Sun Industry Standards Sour
 Group:          System/Libraries
 AutoReqProv:    on
 Version:        0.1.9
-Release:        3
+Release:        4
 Summary:        Transport Independent RPC Library
 Url:            http://nfsv4.bullopensource.org/doc/tirpc_rpcbind.php
 Source:         %{name}-%{version}.tar.bz2
@ -41,6 +41,8 @@ Patch9:         libtirpc-0.1.9-0009-Fix-getpeereid.patch
 Patch10:        libtirpc-0.1.9-0010-Fix-__rpc_getconfip.patch
 #
 Patch20:        libtirpc-0.1.7-use_sysconfdir.patch
+Patch21:        libtirpc-clnt_broadcast_fix.patch
+Patch22:        libtirpc-rpc_broadcast_misformed_replies.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define debug_package_requires libtirpc1 = %{version}-%{release}

@ -107,6 +109,8 @@ Authors:
 %patch9 -p1
 %patch10 -p1
 %patch20 -p1
+%patch21 -p1
+%patch22 -p1

 %build
 autoreconf -fi
@ -152,6 +156,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man3/*

 %changelog
+* Mon Nov 17 2008 mkoenig@suse.de
+- Fix a bug in clnt broadcast and handle misformed rpcbind replies
+  [bnc#436038]
 * Wed Oct 22 2008 mrueckert@suse.de
 - fix debug_packages_requires define
 * Wed Oct 01 2008 mkoenig@suse.de