rpms
/
glibc
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Auto-sync with upstream master 

Drop glibc-nsswitch-Add-group-merging-support.patch, applied upstream.
Drop glibc-rh1252570.patch, alternative fixes applied upstream.
Adjust glibc-rh1315108.patch to minor upstream change.
Update SUPPORTED file.
This commit is contained in:
Florian Weimer 2016-05-09 13:47:51 +02:00
parent 4f51555190
commit ddd7733205
5 changed files with 119 additions and 975 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SUPPORTED
View File

@ -86,6 +86,7 @@ ca_FR/ISO-8859-15 \
ca_IT.UTF-8/UTF-8 \
ca_IT/ISO-8859-15 \
ce_RU/UTF-8 \
chr_US/UTF-8 \
cmn_TW/UTF-8 \
crh_UA/UTF-8 \
cs_CZ.UTF-8/UTF-8 \
@ -376,6 +377,7 @@ sc_IT/UTF-8 \
sd_IN/UTF-8 \
sd_IN@devanagari/UTF-8 \
se_NO/UTF-8 \
sgs_LT/UTF-8 \
shs_CA/UTF-8 \
si_LK/UTF-8 \
sid_ET/UTF-8 \

858
glibc-nsswitch-Add-group-merging-support.patch
View File

@ -1,858 +0,0 @@
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: nsswitch: Add group merging support
From: Stephen Gallagher <sgallagh@redhat.com>
X-Patchwork-Id: 10289
Message-Id: <1452213991-6499-1-git-send-email-sgallagh@redhat.com>
To: libc-alpha@sourceware.org
Date: Thu, 7 Jan 2016 19:46:31 -0500
https://sourceware.org/glibc/wiki/Proposals/GroupMerging
== Justification ==
It is common today for users to rely on centrally-managed user stores for
handling their user accounts. However, much software existing today does
not have an innate understanding of such accounts. Instead, they commonly
rely on membership in known groups for managing access-control (for
example the "wheel" group on Fedora and RHEL systems or the "adm" group
on Debian-derived systems). In the present incarnation of nsswitch, the
only way to have such groups managed by a remote user store such as
FreeIPA or Active Directory would be to manually remove the groups from
/etc/group on the clients so that nsswitch would then move past nss_files
and into the SSSD, nss-ldap or other remote user database.
== Solution ==
With this patch, a new action is introduced for nsswitch:
NSS_ACTION_MERGE. To take advantage of it, one will add [SUCCESS=merge]
between two database entries in the nsswitch.conf file. When a group is
located in the first of the two group entries, processing will continue
on to the next one. If the group is also found in the next entry (and the
group name and GID are an exact match), the member list of the second
entry will be added to the group object to be returned.
== Implementation ==
After each DL_LOOKUP_FN() returns, the next action is checked. If the
function returned NSS_STATUS_SUCCESS and the next action is
NSS_ACTION_MERGE, a copy of the result buffer is saved for the next pass
through the loop. If on this next pass through the loop the database
returns another instance of a group matching both the group name and GID,
the member list is added to the previous list and it is returned as a
single object. If the following database does not contain the same group,
then the original is copied back into the destination buffer.
This patch implements merge functionality only for the group database.
For other databases, there is a default implementation that will return
the EINVAL errno if a merge is requested. The merge functionality can be
implemented for other databases at a later time if such is needed. Each
database must provide a unique implementation of the deep-copy and merge
functions.
If [SUCCESS=merge] is present in nsswitch.conf for a glibc version that
does not support it, glibc will process results up until that operation,
at which time it will return results if it has found them or else will
simply return an error. In practical terms, this ends up behaving like
the remainder of the nsswitch.conf line does not exist.
== Iterators ==
This feature does not modify the iterator functionality from its current
behavior. If getgrnam() or getgrgid() is called, glibc will iterate
through all entries in the `group` line in nsswitch.conf and display the
list of members without attempting to merge them. This is consistent with
the behavior of nss_files where if two separate lines are specified for
the same group in /etc/groups, getgrnam()/getgrgid() will display both.
Clients are already expected to handle this gracefully.
== No Premature Optimizations ==
The following is a list of places that might be eligible for
optimization, but were not overengineered for this initial contribution:
* Any situation where a merge may occur will result in one malloc() of
the same size as the input buffer.
* Any situation where a merge does occur will result in a second
malloc() to hold the list of pointers to member name strings.
* The list of members is simply concatenated together and is not tested
for uniqueness (which is identical to the behavior for nss_files,
which will simply return identical values if they both exist on the
line in the file. This could potentially be optimized to reduce space
usage in the buffer, but it is both complex and computationally
expensive to do so.
== Testing ==
I performed testing by running the getent utility against my newly-built
glibc and configuring /etc/nsswitch.conf with the following entry:
group: group: files [SUCCESS=merge] sss
In /etc/group I included the line:
wheel:x:10:sgallagh
I then configured my local SSSD using the id_provider=local to respond
with:
wheel:*:10:localuser,localuser2
I then ran `getent group wheel` against the newly-built glibc in
multiple situations and received the expected output as described
above:
* When SSSD was running.
* When SSSD was configured in nsswitch.conf but the daemon was not
running.
* When SSSD was configured in nsswitch.conf but nss_sss.so.2 was not
installed on the system.
* When the order of 'sss' and 'files' was reversed.
* All of the above with the [SUCCESS=merge] removed (to ensure no
regressions).
* All of the above with `getent group 10`.
* All of the above with `getent group` with and without
`enumerate=true` set in SSSD.
* All of the above with and without nscd enabled on the system.
== NEWS ==
* A new NSS action is added to facilitate large distribution system
administration. The action, MERGE, allows remote user stores like
LDAP to be merged into local user stores like /etc/groups in order
to provide easy to use, updated, and managed sets of merged
credentials. The new action can be used by configuring it in
/etc/nsswitch.conf:
group: files [SUCCESS=merge] nis
Implemented by Stephen Gallagher (Red Hat).
== ChangeLog ==
2015-12-16 Stephen Gallagher <sgallagh@redhat.com>
[BZ #19072]
* grp/Makefile (headers): Add grp-merge.h
(routines): Add grp-merge.
* grp/getgrgid_r.c: Include grp-merge.h.
(DEEPCOPY_FN): Define.
(MERGE_FN): Define.
* grp/getgrname_r.c: Include grp-merge.h.
(DEEPCOPY_FN): Define.
(MERGE_FN): Define.
* grp/grp-merge.c: New file.
* grp/grp-merge.h: New file.
* manual/nss.texi (Actions in the NSS configuration): Describe
return, continue, and merge.
* nscd/Makefile: Add vpath to find grp-merge.c
(nscd-modules): Add grp-merge.
* nscd/getgrgid_r.c: Include grp/grp-merge.h.
(DEEPCOPY_FN): Define.
(MERGE_FN): Define.
* nscd/getgrnam_r.c: Include grp/grp-merge.h.
(DEEPCOPY_FN): Define.
(MERGE_FN): Define.
* nss/getXXbyYY_r.c [!DEEPCOPY_FN]: Define __copy_einval.
[!MERGE_FN]: Define __merge_einval.
(CHECK_MERGE): Define.
(REENTRANT_NAME): Process merge if do_merge is true.
* nss/getnssent_r.c (__nss_setent): Process NSS_ACTION_MERGE.
(__nss_getent_r): Likewise.
* nss/nsswitch.c (nss_parse_service_list): Likewise.
* nss/nsswitch.h (lookup_actions): Define NSS_ACTION_MERGE.
Resolves BZ #19072
---
grp/Makefile | 5 +-
grp/getgrgid_r.c | 3 +
grp/getgrnam_r.c | 4 ++
grp/grp-merge.c | 178 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
grp/grp-merge.h | 35 +++++++++++
manual/nss.texi | 46 +++++++++++++-
nscd/Makefile | 5 +-
nscd/getgrgid_r.c | 4 ++
nscd/getgrnam_r.c | 4 ++
nss/getXXbyYY_r.c | 105 +++++++++++++++++++++++++++++++-
nss/getnssent_r.c | 34 ++++++++++-
nss/nsswitch.c | 3 +
nss/nsswitch.h | 3 +-
13 files changed, 419 insertions(+), 10 deletions(-)
create mode 100644 grp/grp-merge.c
create mode 100644 grp/grp-merge.h
diff --git a/grp/Makefile b/grp/Makefile
index ed8cc2b0564f0e3842cd78f24a4e0788d659bbc4..52af992365268aae8cf8a80cd7216160b1431e84 100644
--- a/grp/Makefile
+++ b/grp/Makefile
@@ -20,15 +20,16 @@
#
subdir := grp
include ../Makeconfig
-headers := grp.h
+headers := grp.h grp-merge.h
routines := fgetgrent initgroups setgroups \
getgrent getgrgid getgrnam putgrent \
- getgrent_r getgrgid_r getgrnam_r fgetgrent_r
+ getgrent_r getgrgid_r getgrnam_r fgetgrent_r \
+ grp-merge
tests := testgrp tst-putgrent
ifeq (yes,$(build-shared))
test-srcs := tst_fgetgrent
diff --git a/grp/getgrgid_r.c b/grp/getgrgid_r.c
index 05d4d772d3ef0bfae8f9375387c41310885ce41a..447fa633807deec8f26d654ebeb6386a150d3a37 100644
--- a/grp/getgrgid_r.c
+++ b/grp/getgrgid_r.c
@@ -16,14 +16,17 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <grp.h>
+#include "grp-merge.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrgid
#define DATABASE_NAME group
#define ADD_PARAMS gid_t gid
#define ADD_VARIABLES gid
#define BUFLEN NSS_BUFLEN_GROUP
+#define DEEPCOPY_FN __copy_grp
+#define MERGE_FN __merge_grp
#include <nss/getXXbyYY_r.c>
diff --git a/grp/getgrnam_r.c b/grp/getgrnam_r.c
index 0061cb2f7e0bd311d19775e49eb3fdd8a93447f1..c5535f4057ddfc40965f27789c34345045c8bf3b 100644
--- a/grp/getgrnam_r.c
+++ b/grp/getgrnam_r.c
@@ -16,13 +16,17 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <grp.h>
+#include "grp-merge.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrnam
#define DATABASE_NAME group
#define ADD_PARAMS const char *name
#define ADD_VARIABLES name
+#define DEEPCOPY_FN __copy_grp
+#define MERGE_FN __merge_grp
+
#include <nss/getXXbyYY_r.c>
diff --git a/grp/grp-merge.c b/grp/grp-merge.c
new file mode 100644
index 0000000000000000000000000000000000000000..ca959dbfe403c89d6f3184f2b361b0c6488c9182
--- /dev/null
+++ b/grp/grp-merge.c
@@ -0,0 +1,178 @@
+/* Group merging implementation.
+ Copyright (C) 2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <grp.h>
+#include "grp-merge.h"
+
+#define BUFCHECK(size) \
+ do { \
+ if (c + size > buflen) \
+ { \
+ free (members); \
+ return ERANGE; \
+ } \
+ } while(0)
+
+int
+__copy_grp (const struct group srcgrp, const size_t buflen,
+ struct group *destgrp, char *destbuf, char **endptr)
+{
+ size_t i;
+ size_t c = 0;
+ size_t len;
+ size_t memcount;
+ char **members = NULL;
+
+ /* Copy the GID. */
+ destgrp->gr_gid = srcgrp.gr_gid;
+
+ /* Copy the name. */
+ len = strlen (srcgrp.gr_name) + 1;
+ BUFCHECK (len);
+ memcpy (&destbuf[c], srcgrp.gr_name, len);
+ destgrp->gr_name = &destbuf[c];
+ c += len;
+
+ /* Copy the password. */
+ len = strlen (srcgrp.gr_passwd) + 1;
+ BUFCHECK (len);
+ memcpy (&destbuf[c], srcgrp.gr_passwd, len);
+ destgrp->gr_passwd = &destbuf[c];
+ c += len;
+
+ /* Count all of the members. */
+ for (memcount = 0; srcgrp.gr_mem[memcount]; memcount++)
+ ;
+
+ /* Allocate a temporary holding area for the pointers to the member
+ contents, including space for a NULL-terminator. */
+ members = malloc (sizeof (char *) * (memcount + 1));
+ if (members == NULL)
+ return ENOMEM;
+
+ /* Copy all of the group members to destbuf and add a pointer to each of
+ them into the 'members' array. */
+ for (i = 0; srcgrp.gr_mem[i]; i++)
+ {
+ len = strlen (srcgrp.gr_mem[i]) + 1;
+ BUFCHECK (len);
+ memcpy (&destbuf[c], srcgrp.gr_mem[i], len);
+ members[i] = &destbuf[c];
+ c += len;
+ }
+ members[i] = NULL;
+
+ /* Copy the pointers from the members array into the buffer and assign them
+ to the gr_mem member of destgrp. */
+ destgrp->gr_mem = (char **) &destbuf[c];
+ len = sizeof (char *) * (memcount + 1);
+ BUFCHECK (len);
+ memcpy (&destbuf[c], members, len);
+ c += len;
+ free (members);
+ members = NULL;
+
+ /* Save the count of members at the end. */
+ BUFCHECK (sizeof (size_t));
+ memcpy (&destbuf[c], &memcount, sizeof (size_t));
+ c += sizeof (size_t);
+
+ if (endptr)
+ *endptr = destbuf + c;
+ return 0;
+}
+
+/* Check that the name, GID and passwd fields match, then
+ copy in the gr_mem array. */
+int
+__merge_grp (struct group *savedgrp, char *savedbuf, char *savedend,
+ size_t buflen, struct group *mergegrp, char *mergebuf)
+{
+ size_t c, i, len;
+ size_t savedmemcount;
+ size_t memcount;
+ size_t membersize;
+ char **members = NULL;
+
+ /* We only support merging members of groups with identical names and
+ GID values. If we hit this case, we need to overwrite the current
+ buffer with the saved one (which is functionally equivalent to
+ treating the new lookup as NSS_STATUS NOTFOUND. */
+ if (mergegrp->gr_gid != savedgrp->gr_gid
+ || strcmp (mergegrp->gr_name, savedgrp->gr_name))
+ return __copy_grp (*savedgrp, buflen, mergegrp, mergebuf, NULL);
+
+ /* Get the count of group members from the last sizeof (size_t) bytes in the
+ mergegrp buffer. */
+ savedmemcount = (size_t) *(savedend - sizeof (size_t));
+
+ /* Get the count of new members to add. */
+ for (memcount = 0; mergegrp->gr_mem[memcount]; memcount++)
+ ;
+
+ /* Create a temporary array to hold the pointers to the member values from
+ both the saved and merge groups. */
+ membersize = savedmemcount + memcount + 1;
+ members = malloc (sizeof (char *) * membersize);
+ if (members == NULL)
+ return ENOMEM;
+
+ /* Copy in the existing member pointers from the saved group
+ Note: this is not NULL-terminated yet. */
+ memcpy (members, savedgrp->gr_mem, sizeof (char *) * savedmemcount);
+
+ /* Back up into the savedbuf until we get back to the NULL-terminator of the
+ group member list. (This means walking back savedmemcount + 1 (char *) pointers
+ and the member count value.
+ The value of c is going to be the used length of the buffer backed up by
+ the member count and further backed up by the size of the pointers. */
+ c = savedend - savedbuf
+ - sizeof (size_t)
+ - sizeof (char *) * (savedmemcount + 1);
+
+ /* Add all the new group members, overwriting the old NULL-terminator while
+ adding the new pointers to the temporary array. */
+ for (i = 0; mergegrp->gr_mem[i]; i++)
+ {
+ len = strlen (mergegrp->gr_mem[i]) + 1;
+ BUFCHECK (len);
+ memcpy (&savedbuf[c], mergegrp->gr_mem[i], len);
+ members[savedmemcount + i] = &savedbuf[c];
+ c += len;
+ }
+ /* Add the NULL-terminator. */
+ members[savedmemcount + memcount] = NULL;
+
+ /* Copy the member array back into the buffer after the member list and free
+ the member array. */
+ savedgrp->gr_mem = (char **) &savedbuf[c];
+ len = sizeof (char *) * membersize;
+ BUFCHECK (len);
+ memcpy (&savedbuf[c], members, len);
+ c += len;
+
+ free (members);
+ members = NULL;
+
+ /* Finally, copy the results back into mergebuf, since that's the buffer
+ that we were provided by the caller. */
+ return __copy_grp (*savedgrp, buflen, mergegrp, mergebuf, NULL);
+}
diff --git a/grp/grp-merge.h b/grp/grp-merge.h
new file mode 100644
index 0000000000000000000000000000000000000000..59013487d0d907c76521ab504e265077937bfb5e
--- /dev/null
+++ b/grp/grp-merge.h
@@ -0,0 +1,35 @@
+/* Group merging implementation.
+ Copyright (C) 2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _GRP_MERGE_H
+#define _GRP_MERGE_H 1
+
+#include <grp.h>
+
+/* Duplicate a grp struct (and its members). When no longer needed, the
+ calling function must free(newbuf). */
+int
+__copy_grp (const struct group srcgrp, const size_t buflen,
+ struct group *destgrp, char *destbuf, char **endptr);
+
+/* Merge the member lists of two grp structs together. */
+int
+__merge_grp (struct group *savedgrp, char *savedbuf, char *savedend,
+ size_t buflen, struct group *mergegrp, char *mergebuf);
+
+#endif /* _GRP_MERGE_H */
diff --git a/manual/nss.texi b/manual/nss.texi
index 66dcceffe01f225f078e88dd006bb90e80c85723..95e3544bcd97995720e7154ec43df4090154bf4c 100644
--- a/manual/nss.texi
+++ b/manual/nss.texi
@@ -178,11 +178,11 @@ where
@var{action} @result{} return | continue
@end smallexample
The case of the keywords is insignificant. The @var{status}
values are the results of a call to a lookup function of a specific
-service. They mean
+service. They mean:
@ftable @samp
@item success
No error occurred and the wanted entry is returned. The default action
for this is @code{return}.
@@ -202,10 +202,54 @@ The service is temporarily unavailable. This could mean a file is
locked or a server currently cannot accept more connections. The
default action is @code{continue}.
@end ftable
@noindent
+The @var{action} values mean:
+
+@ftable @samp
+@item return
+
+If the status matches, stop the lookup process at this service
+specification. If an entry is available, provide it to the application.
+If an error occurred, report it to the application. In case of a prior
+@samp{merge} action, the data is combined with previous lookup results,
+as explained below.
+
+@item continue
+
+If the status matches, proceed with the lookup process at the next
+entry, discarding the result of the current lookup (and any merged
+data). An exception is the @samp{initgroups} database and the
+@samp{success} status, where @samp{continue} acts like @code{merge}
+below.
+
+@item merge
+
+Proceed with the lookup process, retaining the current lookup result.
+This action is useful only with the @samp{success} status. If a
+subsequent service lookup succeeds and has a matching @samp{return}
+specification, the results are merged, the lookup process ends, and the
+merged results are returned to the application. If the following service
+has a matching @samp{merge} action, the lookup process continues,
+retaining the combined data from this and any previous lookups.
+
+After a @code{merge} action, errors from subsequent lookups are ignored,
+and the data gathered so far will be returned.
+
+The @samp{merge} only applies to the @samp{success} status. It is
+currently implemented for the @samp{group} database and its group
+members field, @samp{gr_mem}. If specified for other databases, it
+causes the lookup to fail (if the @var{status} matches).
+
+When processing @samp{merge} for @samp{group} membership, the group GID
+and name must be identical for both entries. If only one or the other is
+a match, the behavior is undefined.
+
+@end ftable
+
+@noindent
If we have a line like
@smallexample
ethers: nisplus [NOTFOUND=return] db files
@end smallexample
diff --git a/nscd/Makefile b/nscd/Makefile
index e1a1aa92fc699aa132f7192da49f698a078e5910..3e6895573ae33221c728617f4c95bb3e8c5d5c47 100644
--- a/nscd/Makefile
+++ b/nscd/Makefile
@@ -29,16 +29,19 @@ aux := nscd_helper
endif
# To find xmalloc.c
vpath %.c ../locale/programs
+# To find grp-merge.c
+vpath %.c ../grp
+
nscd-modules := nscd connections pwdcache getpwnam_r getpwuid_r grpcache \
getgrnam_r getgrgid_r hstcache gethstbyad_r gethstbynm3_r \
getsrvbynm_r getsrvbypt_r servicescache \
dbg_log nscd_conf nscd_stat cache mem nscd_setup_thread \
xmalloc xstrdup aicache initgrcache gai res_hconf \
- netgroupcache
+ netgroupcache grp-merge
ifeq ($(build-nscd)$(have-thread-library),yesyes)
others += nscd
others-pie += nscd
diff --git a/nscd/getgrgid_r.c b/nscd/getgrgid_r.c
index fe5bda424169d56f642f125ef1f2df77a84de221..25de4a3b0b74841c44844a0541cf4d2365b22515 100644
--- a/nscd/getgrgid_r.c
+++ b/nscd/getgrgid_r.c
@@ -15,17 +15,21 @@
You should have received a copy of the GNU General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>. */
#include <grp.h>
+#include "grp/grp-merge.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrgid
#define DATABASE_NAME group
#define ADD_PARAMS gid_t gid
#define ADD_VARIABLES gid
#define BUFLEN NSS_BUFLEN_GROUP
+#define DEEPCOPY_FN __copy_grp
+#define MERGE_FN __merge_grp
+
/* We are nscd, so we don't want to be talking to ourselves. */
#undef USE_NSCD
#include <nss/getXXbyYY_r.c>
diff --git a/nscd/getgrnam_r.c b/nscd/getgrnam_r.c
index 5ec56877f5798ca34c2e0074d5093cc22b6d58dc..386d66c5832ffee68e95195f6e34b723f41d0984 100644
--- a/nscd/getgrnam_r.c
+++ b/nscd/getgrnam_r.c
@@ -15,16 +15,20 @@
You should have received a copy of the GNU General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>. */
#include <grp.h>
+#include "grp/grp-merge.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrnam
#define DATABASE_NAME group
#define ADD_PARAMS const char *name
#define ADD_VARIABLES name
+#define DEEPCOPY_FN __copy_grp
+#define MERGE_FN __merge_grp
+
/* We are nscd, so we don't want to be talking to ourselves. */
#undef USE_NSCD
#include <nss/getXXbyYY_r.c>
diff --git a/nss/getXXbyYY_r.c b/nss/getXXbyYY_r.c
index 198f8cfebd51be9c738f03f950f093b0855ab3cb..5f49ae8b828fce6dc30c7ccc9606319bffc52d5b 100644
--- a/nss/getXXbyYY_r.c
+++ b/nss/getXXbyYY_r.c
@@ -129,10 +129,52 @@
# define AF_VAL af
#else
# define AF_VAL AF_INET
#endif
+
+/* Set defaults for merge functions that haven't been defined. */
+#ifndef DEEPCOPY_FN
+static inline int
+__copy_einval (LOOKUP_TYPE a,
+ const size_t b,
+ LOOKUP_TYPE *c,
+ char *d,
+ char **e)
+{
+ return EINVAL;
+}
+# define DEEPCOPY_FN __copy_einval
+#endif
+
+#ifndef MERGE_FN
+static inline int
+__merge_einval (LOOKUP_TYPE *a,
+ char *b,
+ char *c,
+ size_t d,
+ LOOKUP_TYPE *e,
+ char *f)
+{
+ return EINVAL;
+}
+# define MERGE_FN __merge_einval
+#endif
+
+#define CHECK_MERGE(err, status) \
+do { \
+ if (err) \
+ { \
+ __set_errno (err); \
+ if (err == ERANGE) \
+ status = NSS_STATUS_TRYAGAIN; \
+ else \
+ status = NSS_STATUS_UNAVAIL; \
+ break; \
+ } \
+} while(0)
+
/* Type of the lookup function we need here. */
typedef enum nss_status (*lookup_function) (ADD_PARAMS, LOOKUP_TYPE *, char *,
size_t, int * H_ERRNO_PARM
EXTRA_PARAMS);
@@ -150,17 +192,20 @@ INTERNAL (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer,
{
static bool startp_initialized;
static service_user *startp;
static lookup_function start_fct;
service_user *nip;
+ int do_merge = 0;
+ LOOKUP_TYPE mergegrp;
+ char *mergebuf = NULL;
+ char *endptr = NULL;
union
{
lookup_function l;
void *ptr;
} fct;
-
- int no_more;
+ int no_more, err;
enum nss_status status = NSS_STATUS_UNAVAIL;
#ifdef USE_NSCD
int nscd_status;
#endif
#ifdef NEED_H_ERRNO
@@ -276,13 +321,69 @@ INTERNAL (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer,
&& *h_errnop == NETDB_INTERNAL
#endif
&& errno == ERANGE)
break;
+ if (do_merge)
+ {
+
+ if (status == NSS_STATUS_SUCCESS)
+ {
+ /* The previous loop saved a buffer for merging.
+ Perform the merge now. */
+ err = MERGE_FN (&mergegrp, mergebuf, endptr, buflen, resbuf,
+ buffer);
+ CHECK_MERGE (err,status);
+ do_merge = 0;
+ }
+ else
+ {
+ /* If the result wasn't SUCCESS, copy the saved buffer back
+ into the result buffer and set the status back to
+ NSS_STATUS_SUCCESS to match the previous pass through the loop.
+ * If the next action is CONTINUE, it will overwrite the value
+ currently in the buffer and return the new value.
+ * If the next action is RETURN, we'll return the previously-
+ acquired values.
+ * If the next action is MERGE, then it will be added to the buffer
+ saved from the previous source. */
+ err = DEEPCOPY_FN (mergegrp, buflen, resbuf, buffer, NULL);
+ CHECK_MERGE (err, status);
+ status = NSS_STATUS_SUCCESS;
+ }
+ }
+
+ /* If we were are configured to merge this value with the next one,
+ save the current value of the group struct. */
+ if (nss_next_action (nip, status) == NSS_ACTION_MERGE
+ && status == NSS_STATUS_SUCCESS)
+ {
+ /* Copy the current values into a buffer to be merged with the next
+ set of retrieved values. */
+ if (!mergebuf)
+ {
+ /* Only allocate once and reuse it for as many merges as we need
+ to perform. */
+ mergebuf = malloc (buflen);
+ if (!mergebuf)
+ {
+ __set_errno (ENOMEM);
+ status = NSS_STATUS_UNAVAIL;
+ break;
+ }
+ }
+
+ err = DEEPCOPY_FN (*resbuf, buflen, &mergegrp, mergebuf, &endptr);
+ CHECK_MERGE (err, status);
+ do_merge = 1;
+ }
+
no_more = __nss_next2 (&nip, REENTRANT_NAME_STRING,
REENTRANT2_NAME_STRING, &fct.ptr, status, 0);
}
+ free(mergebuf);
+ mergebuf = NULL;
#ifdef HANDLE_DIGITS_DOTS
done:
#endif
*result = status == NSS_STATUS_SUCCESS ? resbuf : NULL;
diff --git a/nss/getnssent_r.c b/nss/getnssent_r.c
index f5b903671ca53ccad108eeb4e49ea40a45fa5cdf..c0743436f661d4d83045a6353b49291a4c0f220b 100644
--- a/nss/getnssent_r.c
+++ b/nss/getnssent_r.c
@@ -77,11 +77,25 @@ __nss_setent (const char *func_name, db_lookup_function lookup_fct,
if (stayopen_tmp)
status = DL_CALL_FCT (fct.f, (*stayopen_tmp));
else
status = DL_CALL_FCT (fct.f, (0));
- no_more = __nss_next2 (nip, func_name, NULL, &fct.ptr, status, 0);
+ if (nss_next_action (*nip, status) == NSS_ACTION_MERGE)
+ {
+ /* This is a special-case. When [SUCCESS=merge] is in play,
+ _nss_next2() will skip to the next database. Due to the
+ implementation of that function, we can't know whether we're
+ in an enumeration or an individual lookup, which behaves
+ differently with regards to merging. We'll treat SUCCESS as
+ an indication to start the enumeration at this database. */
+ no_more = 1;
+ }
+ else
+ {
+ no_more = __nss_next2 (nip, func_name, NULL, &fct.ptr, status, 0);
+ }
+
if (is_last_nip)
*last_nip = *nip;
}
if (stayopen_tmp)
@@ -173,12 +187,26 @@ __nss_getent_r (const char *getent_func_name,
&& errno == ERANGE)
break;
do
{
- no_more = __nss_next2 (nip, getent_func_name, NULL, &fct.ptr,
- status, 0);
+ if (status == NSS_STATUS_SUCCESS
+ && nss_next_action (*nip, status) == NSS_ACTION_MERGE)
+ {
+ /* This is a special-case. When [SUCCESS=merge] is in play,
+ _nss_next2() will skip to the next database. Due to the
+ implementation of that function, we can't know whether we're
+ in an enumeration or an individual lookup, which behaves
+ differently with regards to merging. We'll treat SUCCESS as
+ an indication to return the results here. */
+ no_more = 1;
+ }
+ else
+ {
+ no_more = __nss_next2 (nip, getent_func_name, NULL, &fct.ptr,
+ status, 0);
+ }
if (is_last_nip)
*last_nip = *nip;
if (! no_more)
diff --git a/nss/nsswitch.c b/nss/nsswitch.c
index faf9d1a0d5680aa79e88b2dfeea18da371c336fb..f8f60ba05aad9a571f928a3ea7d3b14f908ccb2d 100644
--- a/nss/nsswitch.c
+++ b/nss/nsswitch.c
@@ -710,10 +710,13 @@ nss_parse_service_list (const char *line)
if (line - name == 6 && __strncasecmp (name, "RETURN", 6) == 0)
action = NSS_ACTION_RETURN;
else if (line - name == 8
&& __strncasecmp (name, "CONTINUE", 8) == 0)
action = NSS_ACTION_CONTINUE;
+ else if (line - name == 5
+ && __strncasecmp (name, "MERGE", 5) == 0)
+ action = NSS_ACTION_MERGE;
else
goto finish;
if (not)
{
diff --git a/nss/nsswitch.h b/nss/nsswitch.h
index a5318fa82be43c8314807ad76de231e572e91c06..5bc2de3b1d82978102ac7a129c0ba5b7eb3cfd25 100644
--- a/nss/nsswitch.h
+++ b/nss/nsswitch.h
@@ -30,11 +30,12 @@
/* Actions performed after lookup finished. */
typedef enum
{
NSS_ACTION_CONTINUE,
- NSS_ACTION_RETURN
+ NSS_ACTION_RETURN,
+ NSS_ACTION_MERGE
} lookup_actions;
typedef struct service_library
{

213
glibc-rh1315108.patch
View File

@ -264,8 +264,8 @@ Date: Sun Mar 1 23:22:45 2015 +0100
[BZ #18023]
* include/alloca.h (stackinfo_alloca_round, extend_alloca,
extend_alloca_account): Remove.
diff --git a/elf/dl-deps.c b/elf/dl-deps.c
index 6a82987..1458545 100644
Index: b/elf/dl-deps.c
===================================================================
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -27,6 +27,7 @@
@ -276,7 +276,7 @@ index 6a82987..1458545 100644
#include <dl-dst.h>
@@ -184,9 +185,8 @@ _dl_map_object_deps (struct link_map *map,
@@ -184,9 +185,8 @@ _dl_map_object_deps (struct link_map *ma
/* Pointer to last unique object. */
tail = &known[nlist - 1];
@ -288,7 +288,7 @@ index 6a82987..1458545 100644
/* Process each element of the search list, loading each of its
auxiliary objects and immediate dependencies. Auxiliary objects
@@ -217,13 +217,12 @@ _dl_map_object_deps (struct link_map *map,
@@ -217,13 +217,12 @@ _dl_map_object_deps (struct link_map *ma
if (l->l_searchlist.r_list == NULL && l->l_initfini == NULL
&& l != map && l->l_ldnum > 0)
{
@ -308,7 +308,7 @@ index 6a82987..1458545 100644
}
if (l->l_info[DT_NEEDED] || l->l_info[AUXTAG] || l->l_info[FILTERTAG])
@@ -463,8 +462,11 @@ _dl_map_object_deps (struct link_map *map,
@@ -463,8 +462,11 @@ _dl_map_object_deps (struct link_map *ma
struct link_map **l_initfini = (struct link_map **)
malloc ((2 * nneeded + 1) * sizeof needed[0]);
if (l_initfini == NULL)
@ -322,7 +322,7 @@ index 6a82987..1458545 100644
l_initfini[0] = l;
memcpy (&l_initfini[1], needed, nneeded * sizeof needed[0]);
memcpy (&l_initfini[nneeded + 1], l_initfini,
@@ -482,6 +484,8 @@ _dl_map_object_deps (struct link_map *map,
@@ -482,6 +484,8 @@ _dl_map_object_deps (struct link_map *ma
}
out:
@ -331,8 +331,8 @@ index 6a82987..1458545 100644
if (errno == 0 && errno_saved != 0)
__set_errno (errno_saved);
diff --git a/include/alloca.h b/include/alloca.h
index 0150025..f190b87 100644
Index: b/include/alloca.h
===================================================================
--- a/include/alloca.h
+++ b/include/alloca.h
@@ -20,57 +20,17 @@ libc_hidden_proto (__libc_alloca_cutoff)
@ -393,11 +393,11 @@ index 0150025..f190b87 100644
#endif
#endif
diff --git a/nis/nss_compat/compat-initgroups.c b/nis/nss_compat/compat-initgroups.c
index e65b10f..4843e5c 100644
Index: b/nis/nss_compat/compat-initgroups.c
===================================================================
--- a/nis/nss_compat/compat-initgroups.c
+++ b/nis/nss_compat/compat-initgroups.c
@@ -310,7 +310,6 @@ getgrent_next_nss (ent_t *ent, char *buffer, size_t buflen, const char *user,
@@ -310,7 +310,6 @@ getgrent_next_nss (ent_t *ent, char *buf
overwrite the pointer with one to a bigger buffer. */
char *tmpbuf = buffer;
size_t tmplen = buflen;
@ -405,7 +405,7 @@ index e65b10f..4843e5c 100644
for (int i = 0; i < mystart; i++)
{
@@ -319,29 +318,26 @@ getgrent_next_nss (ent_t *ent, char *buffer, size_t buflen, const char *user,
@@ -319,29 +318,26 @@ getgrent_next_nss (ent_t *ent, char *buf
== NSS_STATUS_TRYAGAIN
&& *errnop == ERANGE)
{
@ -455,7 +455,7 @@ index e65b10f..4843e5c 100644
}
if (__builtin_expect (status != NSS_STATUS_NOTFOUND, 1))
@@ -369,7 +365,7 @@ getgrent_next_nss (ent_t *ent, char *buffer, size_t buflen, const char *user,
@@ -369,7 +365,7 @@ getgrent_next_nss (ent_t *ent, char *buf
status = NSS_STATUS_NOTFOUND;
done:
@ -464,8 +464,8 @@ index e65b10f..4843e5c 100644
free (tmpbuf);
}
diff --git a/nis/nss_nis/nis-initgroups.c b/nis/nss_nis/nis-initgroups.c
index dec385c..9a3ac36 100644
Index: b/nis/nss_nis/nis-initgroups.c
===================================================================
--- a/nis/nss_nis/nis-initgroups.c
+++ b/nis/nss_nis/nis-initgroups.c
@@ -16,7 +16,6 @@
@ -484,7 +484,7 @@ index dec385c..9a3ac36 100644
#include "nss-nis.h"
#include <libnsl.h>
@@ -120,27 +120,30 @@ internal_getgrent_r (struct group *grp, char *buffer, size_t buflen,
@@ -120,27 +120,30 @@ internal_getgrent_r (struct group *grp,
static int
get_uid (const char *user, uid_t *uidp)
{
@ -519,7 +519,7 @@ index dec385c..9a3ac36 100644
return 1;
}
@@ -254,8 +257,6 @@ _nss_nis_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -254,8 +257,6 @@ _nss_nis_initgroups_dyn (const char *use
}
struct group grpbuf, *g;
@ -528,7 +528,7 @@ index dec385c..9a3ac36 100644
enum nss_status status;
intern_t intern = { NULL, NULL, 0 };
gid_t *groups = *groupsp;
@@ -264,15 +265,20 @@ _nss_nis_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -264,15 +265,20 @@ _nss_nis_initgroups_dyn (const char *use
if (status != NSS_STATUS_SUCCESS)
return status;
@ -560,8 +560,8 @@ index dec385c..9a3ac36 100644
return status;
}
diff --git a/nscd/aicache.c b/nscd/aicache.c
index a2e6cf8..e181fdc 100644
Index: b/nscd/aicache.c
===================================================================
--- a/nscd/aicache.c
+++ b/nscd/aicache.c
@@ -26,6 +26,7 @@
@ -572,7 +572,7 @@ index a2e6cf8..e181fdc 100644
#include "dbg_log.h"
#include "nscd.h"
@@ -113,10 +114,13 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -113,10 +114,13 @@ addhstaiX (struct database_dyn *db, int
int old_res_options = _res.options;
_res.options &= ~RES_USE_INET6;
@ -590,7 +590,7 @@ index a2e6cf8..e181fdc 100644
int32_t ttl = INT32_MAX;
ssize_t total = 0;
char *key_copy = NULL;
@@ -129,6 +133,7 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -129,6 +133,7 @@ addhstaiX (struct database_dyn *db, int
int status[2] = { NSS_STATUS_UNAVAIL, NSS_STATUS_UNAVAIL };
int naddrs = 0;
size_t addrslen = 0;
@ -598,7 +598,7 @@ index a2e6cf8..e181fdc 100644
char *canon = NULL;
size_t canonlen;
@@ -143,12 +148,17 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -143,12 +148,17 @@ addhstaiX (struct database_dyn *db, int
at = &atmem;
rc6 = 0;
herrno = 0;
@ -618,7 +618,7 @@ index a2e6cf8..e181fdc 100644
}
if (rc6 != 0 && herrno == NETDB_INTERNAL)
@@ -226,41 +236,38 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -226,41 +236,38 @@ addhstaiX (struct database_dyn *db, int
while (1)
{
rc6 = 0;
@ -676,7 +676,7 @@ index a2e6cf8..e181fdc 100644
}
if (rc4 != 0 && herrno == NETDB_INTERNAL)
@@ -286,13 +293,11 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -286,13 +293,11 @@ addhstaiX (struct database_dyn *db, int
cfct = __nss_lookup_function (nip, "getcanonname_r");
if (cfct != NULL)
{
@ -692,7 +692,7 @@ index a2e6cf8..e181fdc 100644
== NSS_STATUS_SUCCESS)
canon = s;
else
@@ -321,18 +326,20 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
@@ -321,18 +326,20 @@ addhstaiX (struct database_dyn *db, int
addrfamily = AF_INET6;
}
@ -729,11 +729,11 @@ index a2e6cf8..e181fdc 100644
return timeout;
}
diff --git a/nscd/connections.c b/nscd/connections.c
index f3b16f7..4e96e49 100644
Index: b/nscd/connections.c
===================================================================
--- a/nscd/connections.c
+++ b/nscd/connections.c
@@ -1353,64 +1353,83 @@ request from '%s' [%ld] not handled due to missing permission"),
@@ -1353,64 +1353,83 @@ request from '%s' [%ld] not handled due
}
}
@ -753,19 +753,20 @@ index f3b16f7..4e96e49 100644
- size_t readlen = 0;
int fd = open ("/proc/self/cmdline", O_RDONLY);
- if (fd == -1)
+ if (fd < 0)
+ return NULL;
+ size_t current = 0;
+ size_t limit = 1024;
+ char *buffer = malloc (limit);
+ if (buffer == NULL)
{
- {
- dbg_log (_("\
-cannot open /proc/self/cmdline: %s; disabling paranoia mode"),
- strerror (errno));
-
- paranoia = 0;
- return;
+ if (fd < 0)
+ return NULL;
+ size_t current = 0;
+ size_t limit = 1024;
+ char *buffer = malloc (limit);
+ if (buffer == NULL)
+ {
+ close (fd);
+ errno = ENOMEM;
+ return NULL;
@ -855,7 +856,7 @@ index f3b16f7..4e96e49 100644
{
argv[argc++] = cp;
cp = (char *) rawmemchr (cp, '\0') + 1;
@@ -1427,6 +1446,7 @@ cannot change to old UID: %s; disabling paranoia mode"),
@@ -1427,6 +1446,7 @@ cannot change to old UID: %s; disabling
strerror (errno));
paranoia = 0;
@ -863,7 +864,7 @@ index f3b16f7..4e96e49 100644
return;
}
@@ -1438,6 +1458,7 @@ cannot change to old GID: %s; disabling paranoia mode"),
@@ -1438,6 +1458,7 @@ cannot change to old GID: %s; disabling
ignore_value (setuid (server_uid));
paranoia = 0;
@ -871,7 +872,7 @@ index f3b16f7..4e96e49 100644
return;
}
}
@@ -1455,6 +1476,7 @@ cannot change to old working directory: %s; disabling paranoia mode"),
@@ -1455,6 +1476,7 @@ cannot change to old working directory:
ignore_value (setgid (server_gid));
}
paranoia = 0;
@ -879,7 +880,7 @@ index f3b16f7..4e96e49 100644
return;
}
@@ -1503,6 +1525,7 @@ cannot change to old working directory: %s; disabling paranoia mode"),
@@ -1503,6 +1525,7 @@ cannot change to old working directory:
dbg_log (_("cannot change current working directory to \"/\": %s"),
strerror (errno));
paranoia = 0;
@ -887,8 +888,8 @@ index f3b16f7..4e96e49 100644
/* Reenable the databases. */
time_t now = time (NULL);
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index 3831170..53a912b 100644
Index: b/nscd/grpcache.c
===================================================================
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -16,7 +16,6 @@
@ -907,7 +908,7 @@ index 3831170..53a912b 100644
#include "nscd.h"
#include "dbg_log.h"
@@ -437,12 +437,12 @@ addgrbyX (struct database_dyn *db, int fd, request_header *req,
@@ -437,12 +437,12 @@ addgrbyX (struct database_dyn *db, int f
look again in the table whether the dataset is now available. We
simply insert it. It does not matter if it is in there twice. The
pruning function only will look at the timestamp. */
@ -923,7 +924,7 @@ index 3831170..53a912b 100644
if (__glibc_unlikely (debug_level > 0))
{
@@ -452,43 +452,24 @@ addgrbyX (struct database_dyn *db, int fd, request_header *req,
@@ -452,43 +452,24 @@ addgrbyX (struct database_dyn *db, int f
dbg_log (_("Reloading \"%s\" in group cache!"), keystr);
}
@ -982,8 +983,8 @@ index 3831170..53a912b 100644
return timeout;
}
diff --git a/nscd/hstcache.c b/nscd/hstcache.c
index 04708ed..4ad4e87 100644
Index: b/nscd/hstcache.c
===================================================================
--- a/nscd/hstcache.c
+++ b/nscd/hstcache.c
@@ -34,6 +34,7 @@
@ -994,7 +995,7 @@ index 04708ed..4ad4e87 100644
#include "nscd.h"
#include "dbg_log.h"
@@ -463,11 +464,8 @@ addhstbyX (struct database_dyn *db, int fd, request_header *req,
@@ -463,11 +464,8 @@ addhstbyX (struct database_dyn *db, int
look again in the table whether the dataset is now available. We
simply insert it. It does not matter if it is in there twice. The
pruning function only will look at the timestamp. */
@ -1006,7 +1007,7 @@ index 04708ed..4ad4e87 100644
int errval = 0;
int32_t ttl = INT32_MAX;
@@ -487,46 +485,30 @@ addhstbyX (struct database_dyn *db, int fd, request_header *req,
@@ -487,46 +485,30 @@ addhstbyX (struct database_dyn *db, int
dbg_log (_("Reloading \"%s\" in hosts cache!"), (char *) str);
}
@ -1072,8 +1073,8 @@ index 04708ed..4ad4e87 100644
return timeout;
}
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index 6dd6746..0b0f52e 100644
Index: b/nscd/pwdcache.c
===================================================================
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -16,7 +16,6 @@
@ -1092,7 +1093,7 @@ index 6dd6746..0b0f52e 100644
#include "nscd.h"
#include "dbg_log.h"
@@ -415,12 +415,11 @@ addpwbyX (struct database_dyn *db, int fd, request_header *req,
@@ -415,12 +415,11 @@ addpwbyX (struct database_dyn *db, int f
look again in the table whether the dataset is now available. We
simply insert it. It does not matter if it is in there twice. The
pruning function only will look at the timestamp. */
@ -1107,7 +1108,7 @@ index 6dd6746..0b0f52e 100644
if (__glibc_unlikely (debug_level > 0))
{
@@ -430,45 +429,26 @@ addpwbyX (struct database_dyn *db, int fd, request_header *req,
@@ -430,45 +429,26 @@ addpwbyX (struct database_dyn *db, int f
dbg_log (_("Reloading \"%s\" in password cache!"), keystr);
}
@ -1168,8 +1169,8 @@ index 6dd6746..0b0f52e 100644
return timeout;
}
diff --git a/nscd/servicescache.c b/nscd/servicescache.c
index 00a2353..f90312d 100644
Index: b/nscd/servicescache.c
===================================================================
--- a/nscd/servicescache.c
+++ b/nscd/servicescache.c
@@ -16,7 +16,6 @@
@ -1188,7 +1189,7 @@ index 00a2353..f90312d 100644
#include "nscd.h"
#include "dbg_log.h"
@@ -374,12 +374,11 @@ addservbyX (struct database_dyn *db, int fd, request_header *req,
@@ -374,12 +374,11 @@ addservbyX (struct database_dyn *db, int
look again in the table whether the dataset is now available. We
simply insert it. It does not matter if it is in there twice. The
pruning function only will look at the timestamp. */
@ -1203,7 +1204,7 @@ index 00a2353..f90312d 100644
if (__glibc_unlikely (debug_level > 0))
{
@@ -389,43 +388,24 @@ addservbyX (struct database_dyn *db, int fd, request_header *req,
@@ -389,43 +388,24 @@ addservbyX (struct database_dyn *db, int
dbg_log (_("Reloading \"%s\" in services cache!"), key);
}
@ -1262,8 +1263,8 @@ index 00a2353..f90312d 100644
return timeout;
}
diff --git a/nss/getent.c b/nss/getent.c
index de7b83f..e85d761 100644
Index: b/nss/getent.c
===================================================================
--- a/nss/getent.c
+++ b/nss/getent.c
@@ -39,6 +39,7 @@
@ -1316,7 +1317,7 @@ index de7b83f..e85d761 100644
printf ("%-21s", key[i]);
for (int j = 0; j < n; ++j)
if (grps[j] != -1)
@@ -508,6 +513,8 @@ initgroups_keys (int number, char *key[])
@@ -508,6 +513,8 @@ initgroups_keys (int number, char *key[]
putchar_unlocked ('\n');
}
@ -1325,8 +1326,8 @@ index de7b83f..e85d761 100644
return 0;
}
diff --git a/nss/nss_files/files-hosts.c b/nss/nss_files/files-hosts.c
index 2a4a665..8eda308 100644
Index: b/nss/nss_files/files-hosts.c
===================================================================
--- a/nss/nss_files/files-hosts.c
+++ b/nss/nss_files/files-hosts.c
@@ -22,7 +22,7 @@
@ -1338,7 +1339,7 @@ index 2a4a665..8eda308 100644
/* Get implementation for some internal functions. */
#include "../resolv/mapv4v6addr.h"
@@ -145,15 +145,12 @@ _nss_files_gethostbyname3_r (const char *name, int af, struct hostent *result,
@@ -145,15 +145,12 @@ _nss_files_gethostbyname3_r (const char
&& _res_hconf.flags & HCONF_FLAG_MULTI)
{
/* We have to get all host entries from the file. */
@ -1356,7 +1357,7 @@ index 2a4a665..8eda308 100644
while (result->h_aliases[naliases] != NULL)
++naliases;
@@ -161,9 +158,9 @@ _nss_files_gethostbyname3_r (const char *name, int af, struct hostent *result,
@@ -161,9 +158,9 @@ _nss_files_gethostbyname3_r (const char
bufferend = (char *) &result->h_aliases[naliases + 1];
again:
@ -1369,7 +1370,7 @@ index 2a4a665..8eda308 100644
== NSS_STATUS_SUCCESS)
{
int matches = 1;
@@ -287,54 +284,13 @@ _nss_files_gethostbyname3_r (const char *name, int af, struct hostent *result,
@@ -287,54 +284,13 @@ _nss_files_gethostbyname3_r (const char
}
}
@ -1428,8 +1429,8 @@ index 2a4a665..8eda308 100644
}
internal_endent (&stream);
diff --git a/nss/nss_files/files-initgroups.c b/nss/nss_files/files-initgroups.c
index 6e0d825..13d45cc 100644
Index: b/nss/nss_files/files-initgroups.c
===================================================================
--- a/nss/nss_files/files-initgroups.c
+++ b/nss/nss_files/files-initgroups.c
@@ -16,7 +16,6 @@
@ -1448,7 +1449,7 @@ index 6e0d825..13d45cc 100644
enum nss_status
_nss_files_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -46,9 +46,8 @@ _nss_files_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -46,9 +46,8 @@ _nss_files_initgroups_dyn (const char *u
enum nss_status status = NSS_STATUS_SUCCESS;
bool any = false;
@ -1460,7 +1461,7 @@ index 6e0d825..13d45cc 100644
gid_t *groups = *groupsp;
@@ -67,26 +66,16 @@ _nss_files_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -67,26 +66,16 @@ _nss_files_initgroups_dyn (const char *u
}
struct group grp;
@ -1493,7 +1494,7 @@ index 6e0d825..13d45cc 100644
/* Reread current line, the parser has clobbered it. */
fsetpos (stream, &pos);
continue;
@@ -132,8 +121,7 @@ _nss_files_initgroups_dyn (const char *user, gid_t group, long int *start,
@@ -132,8 +121,7 @@ _nss_files_initgroups_dyn (const char *u
out:
/* Free memory. */
@ -1503,19 +1504,19 @@ index 6e0d825..13d45cc 100644
free (line);
fclose (stream);
diff --git a/posix/glob.c b/posix/glob.c
index 0c04c3c..0914eec 100644
Index: b/posix/glob.c
===================================================================
--- a/posix/glob.c
+++ b/posix/glob.c
@@ -25,6 +25,7 @@
#include <sys/types.h>
#include <sys/stat.h>
@@ -27,6 +27,7 @@
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
+#include <scratch_buffer.h>
/* Outcomment the following line for production quality code. */
/* #define NDEBUG 1 */
@@ -264,7 +265,7 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -293,7 +294,7 @@ glob (const char *pattern, int flags, in
glob_t dirs;
int retval = 0;
#ifdef _LIBC
@ -1524,7 +1525,7 @@ index 0c04c3c..0914eec 100644
#endif
if (pattern == NULL || pglob == NULL || (flags & ~__GLOB_FLAGS) != 0)
@@ -621,33 +622,13 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -650,33 +651,13 @@ glob (const char *pattern, int flags, in
{
struct passwd *p;
# if defined HAVE_GETPWNAM_R || defined _LIBC
@ -1562,7 +1563,7 @@ index 0c04c3c..0914eec 100644
{
if (errno != ERANGE)
{
@@ -655,67 +636,37 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -684,67 +665,37 @@ glob (const char *pattern, int flags, in
break;
}
@ -1644,7 +1645,7 @@ index 0c04c3c..0914eec 100644
retval = GLOB_NOMATCH;
goto out;
}
@@ -836,57 +787,24 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -865,57 +816,24 @@ glob (const char *pattern, int flags, in
{
struct passwd *p;
# if defined HAVE_GETPWNAM_R || defined _LIBC
@ -1710,7 +1711,7 @@ index 0c04c3c..0914eec 100644
}
__set_errno (save);
}
@@ -915,8 +833,7 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -944,8 +862,7 @@ glob (const char *pattern, int flags, in
dirname = malloc (home_len + rest_len + 1);
if (dirname == NULL)
{
@ -1720,7 +1721,7 @@ index 0c04c3c..0914eec 100644
retval = GLOB_NOSPACE;
goto out;
}
@@ -928,13 +845,11 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
@@ -957,13 +874,11 @@ glob (const char *pattern, int flags, in
dirlen = home_len + rest_len;
dirname_modified = 1;
@ -1736,8 +1737,8 @@ index 0c04c3c..0914eec 100644
if (flags & GLOB_TILDE_CHECK)
/* We have to regard it as an error if we cannot find the
diff --git a/posix/wordexp.c b/posix/wordexp.c
index ecc7615..1f5e7d9 100644
Index: b/posix/wordexp.c
===================================================================
--- a/posix/wordexp.c
+++ b/posix/wordexp.c
@@ -17,7 +17,6 @@
@ -1756,7 +1757,7 @@ index ecc7615..1f5e7d9 100644
#include <libc-lock.h>
#include <_itoa.h>
@@ -308,12 +308,7 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length,
@@ -308,12 +308,7 @@ parse_tilde (char **word, size_t *word_l
if (i == 1 + *offset)
{
/* Tilde appears on its own */
@ -1769,7 +1770,7 @@ index ecc7615..1f5e7d9 100644
/* POSIX.2 says ~ expands to $HOME and if HOME is unset the
results are unspecified. We do a lookup on the uid if
@@ -328,25 +323,38 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length,
@@ -328,25 +323,38 @@ parse_tilde (char **word, size_t *word_l
}
else
{
@ -1815,7 +1816,7 @@ index ecc7615..1f5e7d9 100644
}
}
else
@@ -354,13 +362,15 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length,
@@ -354,13 +362,15 @@ parse_tilde (char **word, size_t *word_l
/* Look up user name in database to get home directory */
char *user = strndupa (&words[1 + *offset], i - (1 + *offset));
struct passwd pwd, *tpwd;
@ -1835,7 +1836,7 @@ index ecc7615..1f5e7d9 100644
if (result == 0 && tpwd != NULL && pwd.pw_dir)
*word = w_addstr (*word, word_length, max_length, pwd.pw_dir);
@@ -372,6 +382,8 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length,
@@ -372,6 +382,8 @@ parse_tilde (char **word, size_t *word_l
*word = w_addstr (*word, word_length, max_length, user);
}
@ -1844,11 +1845,11 @@ index ecc7615..1f5e7d9 100644
*offset = i - 1;
}
return *word ? 0 : WRDE_NOSPACE;
diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index 1ef3f20..1d712af 100644
Index: b/sysdeps/posix/getaddrinfo.c
===================================================================
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -63,6 +63,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
@@ -63,6 +63,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBI
#include <nscd/nscd-client.h>
#include <nscd/nscd_proto.h>
#include <resolv/res_hconf.h>
@ -1856,7 +1857,7 @@ index 1ef3f20..1d712af 100644
#ifdef HAVE_LIBIDN
extern int __idna_to_ascii_lz (const char *input, char **output, int flags);
@@ -138,21 +139,22 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp,
@@ -138,21 +139,22 @@ gaih_inet_serv (const char *servicename,
const struct addrinfo *req, struct gaih_servtuple *st)
{
struct servent *s;
@ -1886,7 +1887,7 @@ index 1ef3f20..1d712af 100644
else
return -EAI_SERVICE;
}
@@ -164,7 +166,7 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp,
@@ -164,7 +166,7 @@ gaih_inet_serv (const char *servicename,
st->protocol = ((tp->protoflag & GAI_PROTO_PROTOANY)
? req->ai_protocol : tp->protocol);
st->port = s->s_port;
@ -1895,7 +1896,7 @@ index 1ef3f20..1d712af 100644
return 0;
}
@@ -178,25 +180,15 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp,
@@ -227,25 +229,15 @@ convert_hostent_to_gaih_addrtuple (const
no_data = 0; \
while (1) { \
rc = 0; \
@ -1926,7 +1927,7 @@ index 1ef3f20..1d712af 100644
} \
} \
if (status == NSS_STATUS_SUCCESS && rc == 0) \
@@ -280,7 +272,10 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -316,7 +308,10 @@ gaih_inet (const char *name, const struc
bool got_ipv6 = false;
const char *canon = NULL;
const char *orig_name = name;
@ -1938,7 +1939,7 @@ index 1ef3f20..1d712af 100644
if (req->ai_protocol || req->ai_socktype)
{
@@ -401,9 +396,10 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -437,9 +432,10 @@ gaih_inet (const char *name, const struc
struct gaih_addrtuple *addrmem = NULL;
bool malloc_canonbuf = false;
char *canonbuf = NULL;
@ -1951,7 +1952,7 @@ index 1ef3f20..1d712af 100644
if (name != NULL)
{
at = alloca_account (sizeof (struct gaih_addrtuple), alloca_used);
@@ -571,11 +567,8 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -607,11 +603,8 @@ gaih_inet (const char *name, const struc
if (req->ai_family == AF_INET
&& (req->ai_flags & AI_CANONNAME) == 0)
{
@ -1965,7 +1966,7 @@ index 1ef3f20..1d712af 100644
int rc;
struct hostent th;
struct hostent *h;
@@ -583,28 +576,15 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -619,28 +612,15 @@ gaih_inet (const char *name, const struc
while (1)
{
@ -2000,7 +2001,7 @@ index 1ef3f20..1d712af 100644
}
}
@@ -826,21 +806,8 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -834,21 +814,8 @@ gaih_inet (const char *name, const struc
old_res_options = _res.options;
_res.options &= ~RES_USE_INET6;
@ -2024,7 +2025,7 @@ index 1ef3f20..1d712af 100644
while (!no_more)
{
@@ -859,8 +826,9 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -867,8 +834,9 @@ gaih_inet (const char *name, const struc
while (1)
{
rc = 0;
@ -2036,7 +2037,7 @@ index 1ef3f20..1d712af 100644
NULL));
if (status == NSS_STATUS_SUCCESS)
break;
@@ -874,24 +842,11 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -882,24 +850,11 @@ gaih_inet (const char *name, const struc
break;
}
@ -2065,7 +2066,7 @@ index 1ef3f20..1d712af 100644
}
}
@@ -1278,8 +1233,7 @@ gaih_inet (const char *name, const struct gaih_service *service,
@@ -1286,8 +1241,7 @@ gaih_inet (const char *name, const struc
free (addrmem);
if (malloc_canonbuf)
free (canonbuf);
@ -2075,8 +2076,8 @@ index 1ef3f20..1d712af 100644
return result;
}
diff --git a/sysdeps/unix/sysv/linux/gethostid.c b/sysdeps/unix/sysv/linux/gethostid.c
index 73e5c76..41c9b46 100644
Index: b/sysdeps/unix/sysv/linux/gethostid.c
===================================================================
--- a/sysdeps/unix/sysv/linux/gethostid.c
+++ b/sysdeps/unix/sysv/linux/gethostid.c
@@ -63,13 +63,12 @@ sethostid (long int id)
@ -2129,8 +2130,8 @@ index 73e5c76..41c9b46 100644
/* For the return value to be not exactly the IP address we do some
bit fiddling. */
return (int32_t) (in.s_addr << 16 | in.s_addr >> 16);
diff --git a/sysdeps/unix/sysv/linux/getlogin_r.c b/sysdeps/unix/sysv/linux/getlogin_r.c
index 408907f..6e4c499 100644
Index: b/sysdeps/unix/sysv/linux/getlogin_r.c
===================================================================
--- a/sysdeps/unix/sysv/linux/getlogin_r.c
+++ b/sysdeps/unix/sysv/linux/getlogin_r.c
@@ -18,6 +18,7 @@
@ -2141,7 +2142,7 @@ index 408907f..6e4c499 100644
#define STATIC static
static int getlogin_r_fd0 (char *name, size_t namesize);
@@ -54,28 +55,19 @@ __getlogin_r_loginuid (char *name, size_t namesize)
@@ -54,28 +55,19 @@ __getlogin_r_loginuid (char *name, size_
endp == uidbuf || *endp != '\0'))
return -1;
@ -2177,7 +2178,7 @@ index 408907f..6e4c499 100644
}
if (res != 0 || tpwd == NULL)
@@ -95,9 +87,7 @@ __getlogin_r_loginuid (char *name, size_t namesize)
@@ -95,9 +87,7 @@ __getlogin_r_loginuid (char *name, size_
memcpy (name, pwd.pw_name, needed);
out:

19
glibc.spec
View File

@ -1,6 +1,6 @@
%define glibcsrcdir glibc-2.23-276-gb65b205
%define glibcsrcdir glibc-2.23-300-gb91a333
%define glibcversion 2.23.90
%define glibcrelease 14%{?dist}
%define glibcrelease 15%{?dist}
# Pre-release tarballs are pulled in from git using a command that is
# effectively:
#
@ -290,17 +290,11 @@ Patch2031: glibc-rh1070416.patch
Patch2033: glibc-aarch64-tls-fixes.patch
Patch2034: glibc-aarch64-workaround-nzcv-clobber-in-tlsdesc.patch
# Group Merge Patch:
Patch2035: glibc-nsswitch-Add-group-merging-support.patch
Patch2036: glibc-gcc-PR69537.patch
# extend_alloca removal, BZ 18023
Patch2037: glibc-rh1315108.patch
# Upstream BZ 19573, patch reverts problematic commit
Patch2099: glibc-rh1252570.patch
##############################################################################
# End of glibc patches.
##############################################################################
@ -776,10 +770,8 @@ microbenchmark tests on the system.
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch2035 -p1
%patch2036 -p1
%patch2037 -p1
%patch2099 -p1
##############################################################################
# %%prep - Additional prep required...
@ -2083,6 +2075,13 @@ rm -f *.filelist*
%endif
%changelog
* Mon May 09 2016 Florian Weimer <fweimer@redhat.com> - 2.23.90-15
- Auto-sync with upstream master.
- Drop glibc-nsswitch-Add-group-merging-support.patch, applied upstream.
- Drop glibc-rh1252570.patch, alternative fixes applied upstream.
- Adjust glibc-rh1315108.patch to minor upstream change.
- Update SUPPORTED file.
* Tue May 03 2016 Carlos O'Donell <carlos@systemhalted.org> - 2.23.90-14
- Require libselinux for nscd in non-bootstrap configuration.

2
sources
View File

@ -1 +1 @@
91fda2dd096d8dd9262097176281a35f glibc-2.23-276-gb65b205.tar.gz
6591008b546b6849845e06d9b1665943 glibc-2.23-300-gb91a333.tar.gz