rpms
/
ypserv
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to new upstream release that fixes several memory leaks 

(Related: #845283)
This commit is contained in:
Honza Horák 2012-09-03 13:07:58 +02:00
parent 44759b5a05
commit 7bed7eb4cb
7 changed files with 8 additions and 247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@ ypserv-2.23.tar.bz2
/ypserv-2.24.tar.bz2
/ypserv-2.25.tar.bz2
/ypserv-2.26.tar.bz2
/ypserv-2.29.tar.bz2

2
sources
View File

@ -1 +1 @@
b7fc218cbca885dc01cb798399b9ecc0 ypserv-2.26.tar.bz2
9c7fb5ea6900367b3a15158190579daf ypserv-2.29.tar.bz2

64
ypserv-2.19-inval-ports.patch
View File

@ -1,64 +0,0 @@
diff -up ypserv-2.19/rpc.yppasswdd/yppasswdd.c.ports ypserv-2.19/rpc.yppasswdd/yppasswdd.c
--- ypserv-2.19/rpc.yppasswdd/yppasswdd.c.ports 2006-01-10 20:22:20.000000000 +0100
+++ ypserv-2.19/rpc.yppasswdd/yppasswdd.c 2008-09-25 13:11:23.000000000 +0200
@@ -333,6 +333,12 @@ main (int argc, char **argv)
break;
case '\253':
my_port = atoi (optarg);
+ if (my_port <= 0 || my_port > 0xffff) {
+ /* Invalid port number */
+ fprintf (stdout, "Warning: rpc.yppasswdd: Invalid port %d (0x%x)\n",
+ my_port, my_port);
+ my_port = -1;
+ }
if (debug_flag)
log_msg ("Using port %d\n", my_port);
break;
diff -up ypserv-2.19/rpc.ypxfrd/ypxfrd.c.ports ypserv-2.19/rpc.ypxfrd/ypxfrd.c
--- ypserv-2.19/rpc.ypxfrd/ypxfrd.c.ports 2006-01-10 20:22:20.000000000 +0100
+++ ypserv-2.19/rpc.ypxfrd/ypxfrd.c 2008-09-25 13:11:23.000000000 +0200
@@ -199,6 +199,12 @@ main (int argc, char **argv)
break;
case 'p':
my_port = atoi(optarg);
+ if (my_port <= 0 || my_port > 0xffff) {
+ /* Invalid port number */
+ fprintf (stdout, "Warning: rpc.ypxfrd: Invalid port %d (0x%x)\n",
+ my_port, my_port);
+ my_port = -1;
+ }
if (debug_flag)
log_msg("Using port %d\n", my_port);
break;
diff -up ypserv-2.19/yppush/yppush.c.ports ypserv-2.19/yppush/yppush.c
--- ypserv-2.19/yppush/yppush.c.ports 2005-05-31 11:14:40.000000000 +0200
+++ ypserv-2.19/yppush/yppush.c 2008-09-25 13:11:23.000000000 +0200
@@ -649,6 +649,12 @@ main (int argc, char **argv)
log_msg ("yppush cannot run in parallel with a fixed port");
return 1;
}
+ if (my_port <= 0 || my_port > 0xffff) {
+ /* Invalid port number */
+ fprintf (stdout, "Warning: yppush: Invalid port %d (0x%x)\n",
+ my_port, my_port);
+ my_port = -1;
+ }
break;
default:
Usage (1);
diff -up ypserv-2.19/ypserv/ypserv.c.ports ypserv-2.19/ypserv/ypserv.c
--- ypserv-2.19/ypserv/ypserv.c.ports 2008-09-25 13:11:23.000000000 +0200
+++ ypserv-2.19/ypserv/ypserv.c 2008-09-25 13:11:23.000000000 +0200
@@ -492,6 +492,12 @@ main (int argc, char **argv)
break;
case 'p':
my_port = atoi (optarg);
+ if (my_port <= 0 || my_port > 0xffff) {
+ /* Invalid port number */
+ fprintf (stdout, "Warning: ypserv: Invalid port %d (0x%x)\n",
+ my_port, my_port);
+ my_port = -1;
+ }
if (debug_flag)
log_msg ("Using port %d\n", my_port);
break;

12
ypserv-2.26-emptydomain.patch
View File

@ -1,12 +0,0 @@
diff -up ypserv-2.26/scripts/ypinit.in.emptydomain ypserv-2.26/scripts/ypinit.in
--- ypserv-2.26/scripts/ypinit.in.emptydomain 2011-11-24 09:12:31.267702768 +0100
+++ ypserv-2.26/scripts/ypinit.in 2011-11-24 09:13:09.881700121 +0100
@@ -156,7 +156,7 @@ then
exit 1
fi
-if [ -z "$DOMAIN" ]
+if [ "${DOMAIN}x" = "x" ] || [ "${DOMAIN}" = "(none)" ]
then
echo "The local host's domain name hasn't been set. Please set it."
exit 1

21
ypserv-2.26-errmsg.patch
View File

@ -1,21 +0,0 @@
diff -up ypserv-2.26/rpc.yppasswdd/update.c.errmsg ypserv-2.26/rpc.yppasswdd/update.c
--- ypserv-2.26/rpc.yppasswdd/update.c.errmsg 2011-10-10 13:24:05.124197343 +0200
+++ ypserv-2.26/rpc.yppasswdd/update.c 2011-10-10 13:24:38.955195031 +0200
@@ -1006,7 +1006,7 @@ external_update_pipe (yppasswd *yppw, ch
if (!fgets(childresponse, 1024, fp))
{
childresponse[0] = '\0';
- log_msg ("fgets() call failed.");
+ log_msg ("fgets() call failed or EOF.");
}
fclose(fp);
@@ -1016,7 +1016,7 @@ external_update_pipe (yppasswd *yppw, ch
if (strspn(childresponse, "OK") < 2)
{
log_msg ("%s failed. Change request: %s", logbuf, parentmsg);
- log_msg ("Response was %s", childresponse);
+ log_msg ("Response was '%s'", childresponse);
free (parentmsg);
return res;
}

133
ypserv-2.26-shadow.patch
View File

@ -1,133 +0,0 @@
diff -up ypserv-2.26/rpc.yppasswdd/update.c.shadow ypserv-2.26/rpc.yppasswdd/update.c
--- ypserv-2.26/rpc.yppasswdd/update.c.shadow 2011-09-14 10:34:51.689163960 +0200
+++ ypserv-2.26/rpc.yppasswdd/update.c 2011-09-14 10:44:16.592158574 +0200
@@ -79,6 +79,8 @@ char *path_shadow_old = NULL;
/* Will be set by the main function */
char *external_update_program = NULL;
+static bool_t adjuct_used = FALSE;
+
static int external_update_env (yppasswd *yppw);
static int external_update_pipe (yppasswd *yppw, char *logbuf);
static int update_files (yppasswd *yppw, char *logbuf, int *shadow_changed,
@@ -142,6 +144,76 @@ shell_ok (char *shell)
return 0;
}
+/* Read shadow file manually, to handle different colons count.
+ When we use passwd.adjunct, shadow file contains 6 colons, but if
+ we don't use passwd.adjunct, shadow file contains 8 colons.
+ This function can handle both counts, but fgetspent doesn't */
+static struct spwd *
+fgetspent_adjunct(FILE *fp)
+{
+ static char line_buffer[1024];
+ char *buffer_mark;
+ struct spwd* result;
+ int i, colons = 0;
+
+ /* Reserve two bytes for theoretic colons */
+ while (fgets(line_buffer, sizeof(line_buffer) - 2, fp) != NULL)
+ {
+ /* We don't need a new line character in the end */
+ if ((buffer_mark = strchr(line_buffer, '\n')) != NULL)
+ buffer_mark[0] = '\0';
+
+ /* Skip commented or empty lines */
+ if (line_buffer[0] == '\0' || line_buffer[0] == '#')
+ continue;
+
+ /* Count number of colons in the line */
+ for (i = 0; line_buffer[i] != '\0'; ++i)
+ if (line_buffer[i] == ':')
+ ++colons;
+
+ /* When we use passwd.adjunct, shadow file contains 6 colons,
+ but we need 8 colons to properly parse the line, so we
+ just add two colons to the end of the line */
+ if (colons == 6)
+ {
+ strcat(line_buffer, "::");
+ adjuct_used = TRUE;
+ }
+
+ /* Try to parse the line, if not success, read the next line */
+ if (result = sgetspent(line_buffer))
+ return result;
+
+ }
+ return NULL;
+}
+
+/* Write an entry to the given stream.
+ When we use passwd.adjunct, shadow file contains 6 colons, but if
+ we don't use passwd.adjunct, shadow file contains 8 colons.
+ This function can handle both counts, but putspent doesn't */
+static int
+putspent_adjunct (const struct spwd *p, FILE *stream)
+{
+ if (!adjuct_used)
+ return putspent(p, stream);
+
+ int errors = 0;
+
+ flockfile (stream);
+
+ if (fprintf (stream, "%s:%s:::::", p->sp_namp, p->sp_pwdp ? p->sp_pwdp : "") < 0)
+ ++errors;
+
+ if (putc_unlocked ('\n', stream) == EOF)
+ ++errors;
+
+ funlockfile (stream);
+
+ return errors ? -1 : 0;
+}
+
/* Check if the password the user supplied matches the old one */
static int
password_ok (char *plain, char *crypted, char *root)
@@ -476,11 +548,12 @@ update_files (yppasswd *yppw, char *logb
/* Check the password. At first check for a shadow password. */
if (oldsf != NULL &&
- pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0')
+ ((pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0') ||
+ (pw->pw_passwd[0] == '#' && pw->pw_passwd[1] == '#')))
{
#ifdef HAVE_GETSPNAM /* shadow password */
/* Search for the shadow entry of this user */
- while ((spw = fgetspent (oldsf)) != NULL)
+ while ((spw = fgetspent_adjunct (oldsf)) != NULL)
{
if (strcmp (yppw->newpw.pw_name, spw->sp_namp) == 0)
{
@@ -493,7 +566,7 @@ update_files (yppasswd *yppw, char *logb
/* Password is ok, leave while loop */
break;
}
- else if (putspent (spw, newsf) < 0)
+ else if (putspent_adjunct (spw, newsf) < 0)
{
log_msg ("%s failed", logbuf);
log_msg ("Error while writing new shadow file: %m");
@@ -545,7 +618,7 @@ update_files (yppasswd *yppw, char *logb
goto error;
}
}
- if (putspent (spw, newsf) < 0)
+ if (putspent_adjunct (spw, newsf) < 0)
{
log_msg ("%s failed", logbuf);
log_msg ("Error while writing new shadow file: %m");
@@ -554,8 +627,8 @@ update_files (yppasswd *yppw, char *logb
}
/* Copy all missing entries */
- while ((spw = fgetspent (oldsf)) != NULL)
- if (putspent (spw, newsf) < 0)
+ while ((spw = fgetspent_adjunct (oldsf)) != NULL)
+ if (putspent_adjunct (spw, newsf) < 0)
{
log_msg ("%s failed", logbuf);
log_msg ("Error while writing new shadow file: %m");

22
ypserv.spec
View File

@ -1,8 +1,8 @@
Summary: The NIS (Network Information Service) server
Url: http://www.linux-nis.org/nis/ypserv/index.html
Name: ypserv
Version: 2.26
Release: 10%{?dist}
Version: 2.29
Release: 1%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/ypserv-%{version}.tar.bz2
@ -22,18 +22,11 @@ Patch0: ypserv-2.5-redhat.patch
Patch1: ypserv-2.21-path.patch
Patch2: ypserv-2.5-nfsnobody2.patch
Patch3: ypserv-2.13-ypxfr-zeroresp.patch
Patch4: ypserv-2.19-inval-ports.patch
Patch5: ypserv-2.13-nonedomain.patch
Patch6: ypserv-2.19-slp-warning.patch
Patch7: ypserv-2.24-manfix.patch
Patch8: ypserv-2.24-aliases.patch
Patch9: ypserv-2.25-systemd.patch
Patch10: ypserv-2.25-portmanfix.patch
Patch11: ypserv-2.26-request.patch
Patch12: ypserv-2.26-shadow.patch
Patch13: ypserv-2.26-errmsg.patch
Patch14: ypserv-2.26-emptydomain.patch
Patch15: ypserv-2.26-retval.patch
Patch16: ypserv-2.27-cloexec.patch
BuildRequires: gdbm-devel
BuildRequires: systemd-units
@ -64,18 +57,11 @@ machines.
%patch1 -p1 -b .path
%patch2 -p1 -b .nfsnobody
%patch3 -p1 -b .respzero
%patch4 -p1 -b .ports
%patch5 -p1 -b .nonedomain
%patch6 -p1 -b .slp-warning
%patch7 -p1 -b .manfix
%patch8 -p1 -b .aliases
%patch9 -p1 -b .systemd
%patch10 -p1 -b .portmanfix
%patch11 -p1 -b .request
%patch12 -p1 -b .shadow
%patch13 -p1 -b .errmsg
%patch14 -p1 -b .emptydomain
%patch15 -p1 -b .retval
%patch16 -p1 -b .cloexec
autoreconf
@ -181,6 +167,10 @@ exit 0
%{_includedir}/*/*
%changelog
* Mon Sep 03 2012 Honza Horak <hhorak@redhat.com> - 2.29-1
- Update to new upstream release that fixes several memory leaks
(Related: #845283)
* Fri Apr 13 2012 Honza Horak <hhorak@redhat.com> - 2.26-10
- Use O_CLOEXEC when opening pid file to avoid SELinux issues
Resolves: #809120