mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-05 05:17:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/libtirpc: upgrade to 1.0.3, clarify license

Browse Source
This commit is contained in:
prspkt 2018-03-17 15:21:55 +00:00 committed by Jakub Jirutka
parent 2a87123b47
commit a57b2f99f0
4 changed files with 19 additions and 863 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
main/libtirpc/APKBUILD
View File

@ -1,19 +1,18 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libtirpc
pkgver=1.0.1
pkgrel=2
pkgver=1.0.3
pkgrel=0
pkgdesc="Transport Independent RPC library (SunRPC replacement)"
url="http://libtirpc.sourceforge.net/"
url="https://sourceforge.net/projects/libtirpc"
arch="all"
license="BSD"
license="BSD-3-Clause"
options="!check"
depends=
depends_dev="krb5-dev bsd-compat-headers"
makedepends="$depends_dev autoconf automake libtool linux-headers"
subpackages="$pkgname-dev $pkgname-doc $pkgname-dbg"
source="http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.bz2
exports.patch
git.patch
source="https://sourceforge.net/projects/$pkgname/files/$pkgname/$pkgver/$pkgname-$pkgver.tar.bz2
musl.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@ -39,6 +38,5 @@ package() {
make DESTDIR="$pkgdir" install
}
sha512sums="c9b449e737bc2bd3d56e31e8352f312e89a7ec2a11b73b5ac314e7d82d3b644c611e422b623912453b67b668f86a6de7bb7f18c9495dd15de8e2798ec2ff41c8 libtirpc-1.0.1.tar.bz2
b0620c54f673d130d7f2eb6cd41c618a6ef0eeaa3450575f507800d64a276ed1dc8d5c7b831d6cbd929ab199264339cc09f6a4fcb011e457e06bdd849645c6e2 exports.patch
4dd540470e9a25b5df0ea2c883dd647f26b71ed82e880c7efa4eed51dd98b898e18964a3ee998ceeadf39caed0a661f110f72157ec70584e33131d0a0f375a00 git.patch"
sha512sums="1f1cf7dd6f30ddddc919e4caf6db926f1d532f78d5a93e8aaa2acde6b046be0650c4c46549da0ffd5fa7fb9e550af1a871ed6e02ededf504c6667d2e82eba2cc libtirpc-1.0.3.tar.bz2
8e52246ae478ae9e4689426627e17d9c58d701f4fd21a40ffe3cf17c4ceaa4ab2e8e91d2fa3ba0d0c7adc52ae4b986fcda113ec86e370ede83903bb641de520c musl.patch"

11
main/libtirpc/exports.patch
View File

@ -1,11 +0,0 @@
--- a/src/libtirpc.map
+++ b/src/libtirpc.map
@@ -298,7 +298,7 @@
key_gendes;
key_get_conv;
key_setsecret;
- key_secret_is_set;
+ key_secretkey_is_set;
key_setnet;
netname2host;
netname2user;

842
main/libtirpc/git.patch
View File

@ -1,842 +0,0 @@
diff --git a/.gitignore b/.gitignore
index b7814a3..ef97e01 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,6 +34,9 @@ libtirpc.pc
lib*.a
src/libtirpc.la
src/libtirpc_la-*.lo
+tirpc/stamp-h2
+tirpc/tirpc-features.h
+
# generic editor backup et al
*~
.stgitmail.txt
diff --git a/src/Makefile.am b/src/Makefile.am
index e4ed8aa..fba2aa4 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -24,7 +24,7 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln
rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \
svc_auth_des.c \
svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
- auth_time.c auth_des.c authdes_prot.c debug.c
+ auth_time.c auth_des.c authdes_prot.c debug.c des_crypt.c des_impl.c
## XDR
libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c xdr_sizeof.c
diff --git a/src/auth_des.c b/src/auth_des.c
index 4d3639e..af2f61f 100644
--- a/src/auth_des.c
+++ b/src/auth_des.c
@@ -46,8 +46,8 @@
#include <rpc/clnt.h>
#include <rpc/xdr.h>
#include <sys/socket.h>
-#undef NIS
-#include <rpcsvc/nis.h>
+
+#include "nis.h"
#if defined(LIBC_SCCS) && !defined(lint)
#endif
diff --git a/src/auth_gss.c b/src/auth_gss.c
index 9b88c38..5959893 100644
--- a/src/auth_gss.c
+++ b/src/auth_gss.c
@@ -526,6 +526,14 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret)
gr.gr_major != GSS_S_CONTINUE_NEEDED)) {
options_ret->major_status = gr.gr_major;
options_ret->minor_status = gr.gr_minor;
+ if (call_stat != RPC_SUCCESS) {
+ struct rpc_err err;
+ clnt_geterr(gd->clnt, &err);
+ LIBTIRPC_DEBUG(1, ("authgss_refresh: %s errno: %s",
+ clnt_sperrno(call_stat), strerror(err.re_errno)));
+ } else
+ gss_log_status("authgss_refresh:",
+ gr.gr_major, gr.gr_minor);
return FALSE;
}
diff --git a/src/auth_time.c b/src/auth_time.c
index 10e58eb..7f83ab4 100644
--- a/src/auth_time.c
+++ b/src/auth_time.c
@@ -44,8 +44,8 @@
#include <rpc/rpcb_prot.h>
//#include <clnt_soc.h>
#include <sys/select.h>
-#undef NIS
-#include <rpcsvc/nis.h>
+
+#include "nis.h"
#ifdef TESTING
diff --git a/src/clnt_vc.c b/src/clnt_vc.c
index a72f9f7..a5fbe2f 100644
--- a/src/clnt_vc.c
+++ b/src/clnt_vc.c
@@ -72,6 +72,8 @@
#define CMGROUP_MAX 16
#define SCM_CREDS 0x03 /* process creds (struct cmsgcred) */
+#undef rpc_createerr /* make it clear it is a thread safe variable */
+
/*
* Credentials structure, used to verify the identity of a peer
* process that has sent us a message. This is allocated by the
@@ -188,10 +190,11 @@ clnt_vc_create(fd, raddr, prog, vers, sendsz, recvsz)
cl = (CLIENT *)mem_alloc(sizeof (*cl));
ct = (struct ct_data *)mem_alloc(sizeof (*ct));
if ((cl == (CLIENT *)NULL) || (ct == (struct ct_data *)NULL)) {
+ struct rpc_createerr *ce = &get_rpc_createerr();
+ ce->cf_stat = RPC_SYSTEMERROR;
+ ce->cf_error.re_errno = errno;
(void) syslog(LOG_ERR, clnt_vc_errstr,
clnt_vc_str, __no_mem_str);
- rpc_createerr.cf_stat = RPC_SYSTEMERROR;
- rpc_createerr.cf_error.re_errno = errno;
goto err;
}
ct->ct_addr.buf = NULL;
@@ -230,26 +233,29 @@ clnt_vc_create(fd, raddr, prog, vers, sendsz, recvsz)
assert(vc_cv != (cond_t *) NULL);
/*
- * XXX - fvdl connecting while holding a mutex?
+ * Do not hold mutex during connect
*/
+ mutex_unlock(&clnt_fd_lock);
+
slen = sizeof ss;
if (getpeername(fd, (struct sockaddr *)&ss, &slen) < 0) {
if (errno != ENOTCONN) {
- rpc_createerr.cf_stat = RPC_SYSTEMERROR;
- rpc_createerr.cf_error.re_errno = errno;
- mutex_unlock(&clnt_fd_lock);
+ struct rpc_createerr *ce = &get_rpc_createerr();
+ ce->cf_stat = RPC_SYSTEMERROR;
+ ce->cf_error.re_errno = errno;
thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
goto err;
}
if (connect(fd, (struct sockaddr *)raddr->buf, raddr->len) < 0){
- rpc_createerr.cf_stat = RPC_SYSTEMERROR;
- rpc_createerr.cf_error.re_errno = errno;
- mutex_unlock(&clnt_fd_lock);
- thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
- goto err;
+ if (errno != EISCONN) {
+ struct rpc_createerr *ce = &get_rpc_createerr();
+ ce->cf_stat = RPC_SYSTEMERROR;
+ ce->cf_error.re_errno = errno;
+ thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
+ goto err;
+ }
}
}
- mutex_unlock(&clnt_fd_lock);
if (!__rpc_fd2sockinfo(fd, &si))
goto err;
thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
diff --git a/src/des_impl.c b/src/des_impl.c
index c5b7ed6..15bec2a 100644
--- a/src/des_impl.c
+++ b/src/des_impl.c
@@ -6,7 +6,8 @@
/* see <http://www.gnu.org/licenses/> to obtain a copy. */
#include <string.h>
#include <stdint.h>
-#include <rpc/rpc_des.h>
+#include <sys/types.h>
+#include <rpc/des.h>
static const uint32_t des_SPtrans[8][64] =
@@ -587,7 +588,7 @@ _des_crypt (char *buf, unsigned len, struct desparams *desp)
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tbuf[0] = tbuf[1] = 0;
- __bzero (schedule, sizeof (schedule));
+ memset (schedule, 0, sizeof (schedule));
return (1);
}
diff --git a/src/getpublickey.c b/src/getpublickey.c
index 764a5f9..8cf4dc2 100644
--- a/src/getpublickey.c
+++ b/src/getpublickey.c
@@ -38,8 +38,10 @@
#include <pwd.h>
#include <rpc/rpc.h>
#include <rpc/key_prot.h>
+#ifdef YP
#include <rpcsvc/yp_prot.h>
#include <rpcsvc/ypclnt.h>
+#endif
#include <string.h>
#include <stdlib.h>
diff --git a/src/getrpcport.c b/src/getrpcport.c
index b452c99..c28cd61 100644
--- a/src/getrpcport.c
+++ b/src/getrpcport.c
@@ -57,8 +57,8 @@ getrpcport(host, prognum, versnum, proto)
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = 0;
- if (hp->h_length > sizeof(addr))
- hp->h_length = sizeof(addr);
+ if (hp->h_length > sizeof(addr.sin_addr.s_addr))
+ hp->h_length = sizeof(addr.sin_addr.s_addr);
memcpy(&addr.sin_addr.s_addr, hp->h_addr, (size_t)hp->h_length);
/* Inconsistent interfaces need casts! :-( */
return (pmap_getport(&addr, (u_long)prognum, (u_long)versnum,
diff --git a/src/nis.h b/src/nis.h
new file mode 100644
index 0000000..588c041
--- /dev/null
+++ b/src/nis.h
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2010, Oracle America, Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials
+ * provided with the distribution.
+ * * Neither the name of the "Oracle America, Inc." nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _INTERNAL_NIS_H
+#define _INTERNAL_NIS_H 1
+
+/* This file only contains the definition of nis_server, to be
+ able to compile libtirpc without the need to have a glibc
+ with sunrpc or a libnsl already installed. */
+
+#define NIS_PK_NONE 0
+
+struct nis_attr {
+ char *zattr_ndx;
+ struct {
+ u_int zattr_val_len;
+ char *zattr_val_val;
+ } zattr_val;
+};
+typedef struct nis_attr nis_attr;
+
+typedef char *nis_name;
+
+struct endpoint {
+ char *uaddr;
+ char *family;
+ char *proto;
+};
+typedef struct endpoint endpoint;
+
+struct nis_server {
+ nis_name name;
+ struct {
+ u_int ep_len;
+ endpoint *ep_val;
+ } ep;
+ uint32_t key_type;
+ netobj pkey;
+};
+typedef struct nis_server nis_server;
+
+#endif /* ! _INTERNAL_NIS_H */
diff --git a/src/rpc_dtablesize.c b/src/rpc_dtablesize.c
index 13d320c..3fe503a 100644
--- a/src/rpc_dtablesize.c
+++ b/src/rpc_dtablesize.c
@@ -27,22 +27,14 @@
*/
#include <unistd.h>
-
#include <sys/select.h>
-
-int _rpc_dtablesize(void); /* XXX */
+#include <rpc/clnt.h>
+#include <rpc/rpc_com.h>
/*
* Cache the result of getdtablesize(), so we don't have to do an
* expensive system call every time.
*/
-/*
- * XXX In FreeBSD 2.x, you can have the maximum number of open file
- * descriptors be greater than FD_SETSIZE (which us 256 by default).
- *
- * Since old programs tend to use this call to determine the first arg
- * for _select(), having this return > FD_SETSIZE is a Bad Idea(TM)!
- */
int
_rpc_dtablesize(void)
{
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
index 1ec7b3f..ed0892a 100644
--- a/src/rpc_soc.c
+++ b/src/rpc_soc.c
@@ -61,8 +61,8 @@
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
-#include <rpcsvc/nis.h>
+#include "nis.h"
#include "rpc_com.h"
extern mutex_t rpcsoc_lock;
diff --git a/src/rtime.c b/src/rtime.c
index c34e0af..b642840 100644
--- a/src/rtime.c
+++ b/src/rtime.c
@@ -46,6 +46,7 @@
#include <unistd.h>
#include <errno.h>
#include <sys/types.h>
+#include <sys/poll.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
@@ -67,7 +68,8 @@ rtime(addrp, timep, timeout)
struct timeval *timeout;
{
int s;
- fd_set readfds;
+ struct pollfd fd;
+ int milliseconds;
int res;
unsigned long thetime;
struct sockaddr_in from;
@@ -94,31 +96,32 @@ rtime(addrp, timep, timeout)
addrp->sin_port = serv->s_port;
if (type == SOCK_DGRAM) {
- res = sendto(s, (char *)&thetime, sizeof(thetime), 0,
+ res = sendto(s, (char *)&thetime, sizeof(thetime), 0,
(struct sockaddr *)addrp, sizeof(*addrp));
if (res < 0) {
do_close(s);
- return(-1);
+ return(-1);
}
- do {
- FD_ZERO(&readfds);
- FD_SET(s, &readfds);
- res = select(_rpc_dtablesize(), &readfds,
- (fd_set *)NULL, (fd_set *)NULL, timeout);
- } while (res < 0 && errno == EINTR);
+
+ milliseconds = (timeout->tv_sec * 1000) + (timeout->tv_usec / 1000);
+ fd.fd = s;
+ fd.events = POLLIN;
+ do
+ res = poll (&fd, 1, milliseconds);
+ while (res < 0 && errno == EINTR);
if (res <= 0) {
if (res == 0) {
errno = ETIMEDOUT;
}
do_close(s);
- return(-1);
+ return(-1);
}
fromlen = sizeof(from);
- res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0,
+ res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0,
(struct sockaddr *)&from, &fromlen);
do_close(s);
if (res < 0) {
- return(-1);
+ return(-1);
}
} else {
if (connect(s, (struct sockaddr *)addrp, sizeof(*addrp)) < 0) {
diff --git a/src/svc.c b/src/svc.c
index 9c41445..b59467b 100644
--- a/src/svc.c
+++ b/src/svc.c
@@ -99,7 +99,7 @@ xprt_register (xprt)
{
__svc_xports = (SVCXPRT **) calloc (_rpc_dtablesize(), sizeof (SVCXPRT *));
if (__svc_xports == NULL)
- return;
+ goto unlock;
}
if (sock < _rpc_dtablesize())
{
@@ -120,14 +120,14 @@ xprt_register (xprt)
svc_pollfd[i].fd = sock;
svc_pollfd[i].events = (POLLIN | POLLPRI |
POLLRDNORM | POLLRDBAND);
- return;
+ goto unlock;
}
new_svc_pollfd = (struct pollfd *) realloc (svc_pollfd,
sizeof (struct pollfd)
* (svc_max_pollfd + 1));
if (new_svc_pollfd == NULL) /* Out of memory */
- return;
+ goto unlock;
svc_pollfd = new_svc_pollfd;
++svc_max_pollfd;
@@ -135,6 +135,7 @@ xprt_register (xprt)
svc_pollfd[svc_max_pollfd - 1].events = (POLLIN | POLLPRI |
POLLRDNORM | POLLRDBAND);
}
+unlock:
rwlock_unlock (&svc_fd_lock);
}
diff --git a/src/svc_auth_des.c b/src/svc_auth_des.c
index 5bc264c..2e90146 100644
--- a/src/svc_auth_des.c
+++ b/src/svc_auth_des.c
@@ -86,13 +86,13 @@ static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */;
static short *authdes_lru/* [AUTHDES_CACHESZ] */;
static void cache_init(); /* initialize the cache */
-static short cache_spot(); /* find an entry in the cache */
-static void cache_ref(/*short sid*/); /* note that sid was ref'd */
+static short cache_spot(des_block *key, char *name, struct timeval *timestamp); /* find an entry in the cache */
+static void cache_ref(short sid); /* note that sid was ref'd */
-static void invalidate(); /* invalidate entry in cache */
+static void invalidate(char *cred); /* invalidate entry in cache */
/*
- * cache statistics
+ * cache statistics
*/
static struct {
u_long ncachehits; /* times cache hit, and is not replay */
diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c
index b6aa407..bece46a 100644
--- a/src/svc_auth_gss.c
+++ b/src/svc_auth_gss.c
@@ -129,6 +129,8 @@ struct svc_rpc_gss_data {
((struct svc_rpc_gss_data *)(auth)->svc_ah_private)
/* Global server credentials. */
+static u_int _svcauth_req_time = 0;
+static gss_OID_set_desc _svcauth_oid_set = {1, GSS_C_NULL_OID };
static gss_cred_id_t _svcauth_gss_creds;
static gss_name_t _svcauth_gss_name = GSS_C_NO_NAME;
static char * _svcauth_svc_name = NULL;
@@ -167,6 +169,7 @@ svcauth_gss_import_name(char *service)
gss_name_t name;
gss_buffer_desc namebuf;
OM_uint32 maj_stat, min_stat;
+ bool_t result;
gss_log_debug("in svcauth_gss_import_name()");
@@ -181,22 +184,21 @@ svcauth_gss_import_name(char *service)
maj_stat, min_stat);
return (FALSE);
}
- if (svcauth_gss_set_svc_name(name) != TRUE) {
- gss_release_name(&min_stat, &name);
- return (FALSE);
- }
- return (TRUE);
+ result = svcauth_gss_set_svc_name(name);
+ gss_release_name(&min_stat, &name);
+ return result;
}
static bool_t
-svcauth_gss_acquire_cred(u_int req_time, gss_OID_set_desc *oid_set)
+svcauth_gss_acquire_cred(void)
{
OM_uint32 maj_stat, min_stat;
gss_log_debug("in svcauth_gss_acquire_cred()");
- maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, req_time,
- oid_set, GSS_C_ACCEPT,
+ maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name,
+ _svcauth_req_time, &_svcauth_oid_set,
+ GSS_C_ACCEPT,
&_svcauth_gss_creds, NULL, NULL);
if (maj_stat != GSS_S_COMPLETE) {
@@ -300,6 +302,8 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst,
NULL,
&gd->deleg);
+ xdr_free((xdrproc_t)xdr_rpc_gss_init_args, (caddr_t)&recv_tok);
+
if (gr->gr_major != GSS_S_COMPLETE &&
gr->gr_major != GSS_S_CONTINUE_NEEDED) {
gss_log_status("svcauth_gss_accept_sec_context: accept_sec_context",
@@ -352,8 +356,11 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst,
return (FALSE);
rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS;
- rqst->rq_xprt->xp_verf.oa_base = checksum.value;
+ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value,
+ checksum.length);
rqst->rq_xprt->xp_verf.oa_length = checksum.length;
+
+ gss_release_buffer(&min_stat, &checksum);
}
return (TRUE);
}
@@ -435,10 +442,13 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num)
maj_stat, min_stat);
return (FALSE);
}
+
rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS;
- rqst->rq_xprt->xp_verf.oa_base = (caddr_t)checksum.value;
+ memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, checksum.length);
rqst->rq_xprt->xp_verf.oa_length = (u_int)checksum.length;
+ gss_release_buffer(&min_stat, &checksum);
+
return (TRUE);
}
@@ -568,6 +578,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
gss_qop_t qop;
struct svcauth_gss_cache_entry **ce;
time_t now;
+ enum auth_stat result = AUTH_OK;
+ OM_uint32 min_stat;
gss_log_debug("in svcauth_gss()");
@@ -621,19 +633,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
XDR_DESTROY(&xdrs);
/* Check version. */
- if (gc->gc_v != RPCSEC_GSS_VERSION)
- return (AUTH_BADCRED);
+ if (gc->gc_v != RPCSEC_GSS_VERSION) {
+ result = AUTH_BADCRED;
+ goto out;
+ }
/* Check RPCSEC_GSS service. */
if (gc->gc_svc != RPCSEC_GSS_SVC_NONE &&
gc->gc_svc != RPCSEC_GSS_SVC_INTEGRITY &&
- gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY)
- return (AUTH_BADCRED);
+ gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) {
+ result = AUTH_BADCRED;
+ goto out;
+ }
/* Check sequence number. */
if (gd->established) {
- if (gc->gc_seq > MAXSEQ)
- return (RPCSEC_GSS_CTXPROBLEM);
+ if (gc->gc_seq > MAXSEQ) {
+ result = RPCSEC_GSS_CTXPROBLEM;
+ goto out;
+ }
if ((offset = gd->seqlast - gc->gc_seq) < 0) {
gd->seqlast = gc->gc_seq;
@@ -643,7 +661,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
}
else if (offset >= gd->win || (gd->seqmask & (1 << offset))) {
*no_dispatch = 1;
- return (RPCSEC_GSS_CTXPROBLEM);
+ result = RPCSEC_GSS_CTXPROBLEM;
+ goto out;
}
gd->seq = gc->gc_seq;
gd->seqmask |= (1 << offset);
@@ -654,35 +673,52 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
rqst->rq_svcname = (char *)gd->ctx;
}
+ rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base;
+
/* Handle RPCSEC_GSS control procedure. */
switch (gc->gc_proc) {
case RPCSEC_GSS_INIT:
case RPCSEC_GSS_CONTINUE_INIT:
- if (rqst->rq_proc != NULLPROC)
- return (AUTH_FAILED); /* XXX ? */
+ if (rqst->rq_proc != NULLPROC) {
+ result = AUTH_FAILED; /* XXX ? */
+ break;
+ }
if (_svcauth_gss_name == GSS_C_NO_NAME) {
- if (!svcauth_gss_import_name("nfs"))
- return (AUTH_FAILED);
+ if (!svcauth_gss_import_name("nfs")) {
+ result = AUTH_FAILED;
+ break;
+ }
}
- if (!svcauth_gss_acquire_cred(0, GSS_C_NULL_OID_SET))
- return (AUTH_FAILED);
+ if (!svcauth_gss_acquire_cred()) {
+ result = AUTH_FAILED;
+ break;
+ }
- if (!svcauth_gss_accept_sec_context(rqst, &gr))
- return (AUTH_REJECTEDCRED);
+ if (!svcauth_gss_accept_sec_context(rqst, &gr)) {
+ result = AUTH_REJECTEDCRED;
+ break;
+ }
- if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win)))
- return (AUTH_FAILED);
+ if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) {
+ result = AUTH_FAILED;
+ break;
+ }
*no_dispatch = TRUE;
call_stat = svc_sendreply(rqst->rq_xprt,
(xdrproc_t)xdr_rpc_gss_init_res, (caddr_t)&gr);
- if (!call_stat)
- return (AUTH_FAILED);
+ gss_release_buffer(&min_stat, &gr.gr_token);
+ free(gr.gr_ctx.value);
+
+ if (!call_stat) {
+ result = AUTH_FAILED;
+ break;
+ }
if (gr.gr_major == GSS_S_COMPLETE)
gd->established = TRUE;
@@ -690,27 +726,37 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
break;
case RPCSEC_GSS_DATA:
- if (!svcauth_gss_validate(gd, msg, &qop))
- return (RPCSEC_GSS_CREDPROBLEM);
+ if (!svcauth_gss_validate(gd, msg, &qop)) {
+ result = RPCSEC_GSS_CREDPROBLEM;
+ break;
+ }
- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq)))
- return (AUTH_FAILED);
+ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) {
+ result = AUTH_FAILED;
+ break;
+ }
if (!gd->callback_done) {
gd->callback_done = TRUE;
gd->sec.qop = qop;
(void)rpc_gss_num_to_qop(gd->rcred.mechanism,
gd->sec.qop, &gd->rcred.qop);
- if (!svcauth_gss_callback(rqst, gd))
- return (AUTH_REJECTEDCRED);
+ if (!svcauth_gss_callback(rqst, gd)) {
+ result = AUTH_REJECTEDCRED;
+ break;
+ }
}
if (gd->locked) {
if (gd->rcred.service !=
- _rpc_gss_svc_to_service(gc->gc_svc))
- return (AUTH_FAILED);
- if (gd->sec.qop != qop)
- return (AUTH_BADVERF);
+ _rpc_gss_svc_to_service(gc->gc_svc)) {
+ result = AUTH_FAILED;
+ break;
+ }
+ if (gd->sec.qop != qop) {
+ result = AUTH_BADVERF;
+ break;
+ }
}
if (gd->sec.qop != qop) {
@@ -724,17 +770,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
break;
case RPCSEC_GSS_DESTROY:
- if (rqst->rq_proc != NULLPROC)
- return (AUTH_FAILED); /* XXX ? */
+ if (rqst->rq_proc != NULLPROC) {
+ result = AUTH_FAILED; /* XXX ? */
+ break;
+ }
- if (!svcauth_gss_validate(gd, msg, &qop))
- return (RPCSEC_GSS_CREDPROBLEM);
+ if (!svcauth_gss_validate(gd, msg, &qop)) {
+ result = RPCSEC_GSS_CREDPROBLEM;
+ break;
+ }
- if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq)))
- return (AUTH_FAILED);
+ if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) {
+ result = AUTH_FAILED;
+ break;
+ }
- if (!svcauth_gss_release_cred())
- return (AUTH_FAILED);
+ if (!svcauth_gss_release_cred()) {
+ result = AUTH_FAILED;
+ break;
+ }
SVCAUTH_DESTROY(&SVC_XP_AUTH(rqst->rq_xprt));
SVC_XP_AUTH(rqst->rq_xprt).svc_ah_ops = svc_auth_none.svc_ah_ops;
@@ -743,10 +797,12 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
break;
default:
- return (AUTH_REJECTEDCRED);
+ result = AUTH_REJECTEDCRED;
break;
}
- return (AUTH_OK);
+out:
+ xdr_free((xdrproc_t)xdr_rpc_gss_cred, (caddr_t)gc);
+ return result;
}
static bool_t
@@ -890,7 +946,6 @@ bool_t
rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time,
u_int UNUSED(program), u_int UNUSED(version))
{
- gss_OID_set_desc oid_set;
rpc_gss_OID oid;
char *save;
@@ -902,14 +957,13 @@ rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time,
if (!rpc_gss_mech_to_oid(mechanism, &oid))
goto out_err;
- oid_set.count = 1;
- oid_set.elements = (gss_OID)oid;
if (!svcauth_gss_import_name(principal))
goto out_err;
- if (!svcauth_gss_acquire_cred(req_time, &oid_set))
- goto out_err;
+ _svcauth_req_time = req_time;
+ _svcauth_oid_set.count = 1;
+ _svcauth_oid_set.elements = (gss_OID)oid;
free(_svcauth_svc_name);
_svcauth_svc_name = save;
return TRUE;
diff --git a/src/svc_vc.c b/src/svc_vc.c
index 6ae613d..97a76a3 100644
--- a/src/svc_vc.c
+++ b/src/svc_vc.c
@@ -270,14 +270,8 @@ makefd_xprt(fd, sendsize, recvsize)
struct cf_conn *cd;
const char *netid;
struct __rpc_sockinfo si;
-
- assert(fd != -1);
- if (fd >= FD_SETSIZE) {
- warnx("svc_vc: makefd_xprt: fd too high\n");
- xprt = NULL;
- goto done;
- }
+ assert(fd != -1);
xprt = mem_alloc(sizeof(SVCXPRT));
if (xprt == NULL) {
@@ -338,22 +332,10 @@ rendezvous_request(xprt, msg)
r = (struct cf_rendezvous *)xprt->xp_p1;
again:
len = sizeof addr;
- if ((sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr,
- &len)) < 0) {
+ sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, &len);
+ if (sock < 0) {
if (errno == EINTR)
goto again;
-
- if (errno == EMFILE || errno == ENFILE) {
- /* If there are no file descriptors available, then accept will fail.
- We want to delay here so the connection request can be dequeued;
- otherwise we can bounce between polling and accepting, never
- giving the request a chance to dequeue and eating an enormous
- amount of cpu time in svc_run if we're polling on many file
- descriptors. */
- struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
- nanosleep (&ts, NULL);
- goto again;
- }
return (FALSE);
}
/*
diff --git a/tirpc/rpc/des.h b/tirpc/rpc/des.h
index d2881ad..018aa48 100644
--- a/tirpc/rpc/des.h
+++ b/tirpc/rpc/des.h
@@ -82,6 +82,6 @@ struct desparams {
/*
* Software DES.
*/
-extern int _des_crypt( char *, int, struct desparams * );
+extern int _des_crypt( char *, unsigned, struct desparams * );
#endif
diff --git a/tirpc/rpc/rpcent.h b/tirpc/rpc/rpcent.h
index 147f909..e07503c 100644
--- a/tirpc/rpc/rpcent.h
+++ b/tirpc/rpc/rpcent.h
@@ -60,10 +60,11 @@ struct rpcent {
extern struct rpcent *getrpcbyname(const char *);
extern struct rpcent *getrpcbynumber(int);
extern struct rpcent *getrpcent(void);
-#endif
extern void setrpcent(int);
extern void endrpcent(void);
+#endif
+
#ifdef __cplusplus
}
#endif

11
main/libtirpc/musl.patch Normal file
View File

@ -0,0 +1,11 @@
--- ./tirpc/rpc/types.h.orig 2018-03-17 10:23:10.022055255 +0100
+++ ./tirpc/rpc/types.h 2018-03-17 10:23:30.877751656 +0100
@@ -66,7 +66,7 @@
#define mem_free(ptr, bsize) free(ptr)
-#if defined __APPLE_CC__ || defined __FreeBSD__
+#if defined __APPLE_CC__ || defined __FreeBSD__ || !defined(__GLIBC__)
# define __u_char_defined
# define __daddr_t_defined
#endif