diff --git a/ypserv-2.21-iface.patch b/ypserv-2.21-iface.patch deleted file mode 100644 index 0dd4039..0000000 --- a/ypserv-2.21-iface.patch +++ /dev/null @@ -1,197 +0,0 @@ -diff -up ypserv-2.21/ypserv/ypserv.8.iface ypserv-2.21/ypserv/ypserv.8 ---- ypserv-2.21/ypserv/ypserv.8.iface 2009-04-02 15:46:39.000000000 +0200 -+++ ypserv-2.21/ypserv/ypserv.8 2010-01-13 17:48:38.860249643 +0100 -@@ -171,7 +171,7 @@ ypserv \- NIS Server - .SH "Synopsis" - .fam C - .HP \w'\fB/usr/sbin/ypserv\fR\ 'u --\fB/usr/sbin/ypserv\fR [\-d\ [\fIpath\fR]] [\-p\ \fIport\fR] -+\fB/usr/sbin/ypserv\fR [\-d\ [\fIpath\fR]] [\-p\ \fIport\fR] [\-i\ \fIiface\fR] - .fam - .SH "DESCRIPTION" - .PP -@@ -212,13 +212,18 @@ parses the file - .RS 4 - Causes the server to run in debugging mode\&. Normally, - \fBypserv\fR --reports only errors (access violations, dbm failures) using the syslog(3) facility\&. In debug mode, the server does not background itself and prints extra status messages to stderr for each request that it revceives\&. -+reports only errors (access violations, dbm failures) using the syslog(3) facility\&. In debug mode, the server does not background itself and prints extra status messages to stderr for each request that it receives\&. - \fBpath\fR - is an optionally parameter\&. - \fBypserv\fR - is using this directory instead of /var/yp - .RE - .PP -+\fB\-i\fR, \fB\-\-iface\fR \fIiface\fR -+.RS 4 -+Causes the server to only be available via interface iface. Use this if you want ypserv to only provide service on a particular network interfaces. -+.RE -+.PP - \fB\-p\fR, \fB\-\-port\fR \fIport\fR - .RS 4 - \fBypserv\fR -diff -up ypserv-2.21/ypserv/ypserv.c.iface ypserv-2.21/ypserv/ypserv.c ---- ypserv-2.21/ypserv/ypserv.c.iface 2009-06-12 11:20:59.000000000 +0200 -+++ ypserv-2.21/ypserv/ypserv.c 2010-01-13 16:20:14.388249858 +0100 -@@ -33,12 +33,15 @@ - #include - #endif - #include -+#include - #include - #include - #include - #include - #include - #include -+#include -+#include - #if defined(HAVE_RPC_SVC_SOC_H) - #include /* for svcudp_create() */ - #endif /* HAVE_RPC_SVC_SOC_H */ -@@ -64,6 +67,8 @@ - #define YPOLDVERS 1 - #endif - -+struct in_addr my_iface_num = {INADDR_ANY}; -+ - static char *path_ypdb = YPMAPDIR; - - static void -@@ -96,7 +101,25 @@ ypprog_2 (struct svc_req *rqstp, registe - bool_t retval; - xdrproc_t _xdr_argument, _xdr_result; - bool_t (*local) (char *, void *, struct svc_req *); -+ struct sockaddr_in *rqhost; -+ struct in_addr rqnetwork; - -+ if (my_iface_num.s_addr != INADDR_ANY) { -+ /* -+ * If we are suppost only listen on one interface -+ * make this request comes from that inteface -+ * otherwise ignore it. -+ */ -+ rqhost = svc_getcaller (rqstp->rq_xprt); -+ rqnetwork.s_addr = inet_netof(rqhost->sin_addr); -+ if (rqnetwork.s_addr != inet_netof(my_iface_num)) { -+ if (debug_flag) { -+ log_msg("Ignoring request from %s: wrong network\n", -+ inet_ntoa(rqhost->sin_addr)); -+ } -+ return; -+ } -+ } - switch (rqstp->rq_proc) - { - case YPPROC_NULL: -@@ -254,6 +277,36 @@ mysvc_run (void) - } - #endif - -+static void -+get_inet_for_iface (char *iface, uint32_t *iface_num) -+{ -+ struct ifreq ifr; -+ struct in_addr inaddr; -+ int fd; -+ -+ *iface_num = INADDR_ANY; -+ -+ fd = socket (AF_INET, SOCK_DGRAM, 0); -+ if(fd < 0) -+ return; -+ -+ memset(&ifr, '\0', sizeof(ifr)); -+ strncpy (ifr.ifr_name, iface, -+ IFNAMSIZ > strlen (iface) ? strlen (iface) : IFNAMSIZ); -+ -+ if (ioctl (fd, SIOCGIFADDR, &ifr) < 0) -+ { -+ log_msg("ifr_name error: %d\n", errno); -+ close (fd); -+ return; -+ } -+ memcpy(&inaddr, &ifr.ifr_netmask.sa_data[2], sizeof(struct in_addr)); -+ *iface_num = inaddr.s_addr; -+ -+ close (fd); -+} -+ -+ - /* Create a pidfile on startup */ - static void - create_pidfile (void) -@@ -403,7 +456,7 @@ sig_child (int sig UNUSED) - static void - Usage (int exitcode) - { -- fputs ("usage: ypserv [-d [path]] [-p port]\n", stderr); -+ fputs ("usage: ypserv [-d [path]] [-p port] [-i interface]\n", stderr); - fputs (" ypserv --version\n", stderr); - - exit (exitcode); -@@ -414,6 +467,7 @@ main (int argc, char **argv) - { - SVCXPRT *transp_udp, *transp_tcp; - int my_port = -1, my_socket, result; -+ char *my_iface = NULL; - struct sockaddr_in s_in; - - openlog ("ypserv", LOG_PID, LOG_DAEMON); -@@ -426,12 +480,13 @@ main (int argc, char **argv) - {"version", no_argument, NULL, 'v'}, - {"debug", no_argument, NULL, 'd'}, - {"port", required_argument, NULL, 'p'}, -+ {"iface", required_argument, NULL, 'i'}, - {"usage", no_argument, NULL, 'u'}, - {"help", no_argument, NULL, 'h'}, - {NULL, 0, NULL, '\0'} - }; - -- c = getopt_long (argc, argv, "vdp:buh", long_options, &option_index); -+ c = getopt_long (argc, argv, "vdp:i:buh", long_options, &option_index); - if (c == -1) - break; - switch (c) -@@ -448,6 +503,11 @@ main (int argc, char **argv) - if (debug_flag) - log_msg ("Using port %d\n", my_port); - break; -+ case 'i': -+ my_iface = optarg; -+ if (debug_flag) -+ log_msg ("Using interface %s\n", my_iface); -+ break; - case 'u': - case 'h': - Usage (0); -@@ -554,6 +614,11 @@ main (int argc, char **argv) - pmap_unset (YPPROG, YPVERS); - pmap_unset (YPPROG, YPOLDVERS); - -+ if (my_iface) -+ { -+ get_inet_for_iface (my_iface, &my_iface_num.s_addr); -+ } -+ - if (my_port >= 0) - { - my_socket = socket (AF_INET, SOCK_DGRAM, 0); -@@ -565,7 +630,7 @@ main (int argc, char **argv) - - memset ((char *) &s_in, 0, sizeof (s_in)); - s_in.sin_family = AF_INET; -- s_in.sin_addr.s_addr = htonl (INADDR_ANY); -+ s_in.sin_addr.s_addr = htonl (my_iface_num.s_addr); - s_in.sin_port = htons (my_port); - - result = bind (my_socket, (struct sockaddr *) &s_in, -@@ -611,7 +676,7 @@ main (int argc, char **argv) - - memset (&s_in, 0, sizeof (s_in)); - s_in.sin_family = AF_INET; -- s_in.sin_addr.s_addr = htonl (INADDR_ANY); -+ s_in.sin_addr.s_addr = htonl (my_iface_num.s_addr); - s_in.sin_port = htons (my_port); - - result = bind (my_socket, (struct sockaddr *) &s_in, diff --git a/ypserv.spec b/ypserv.spec index 383ba1b..c10f098 100644 --- a/ypserv.spec +++ b/ypserv.spec @@ -4,7 +4,7 @@ Summary: The NIS (Network Information Service) server Url: http://www.linux-nis.org/nis/ypserv/index.html Name: ypserv Version: 2.21 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2 Group: System Environment/Daemons Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/ypserv-%{version}.tar.bz2 @@ -22,19 +22,15 @@ Requires(postun): initscripts Patch0: ypserv-2.5-redhat.patch Patch1: ypserv-2.21-path.patch Patch2: ypserv-2.5-nfsnobody2.patch -Patch3: ypserv-2.21-iface.patch -Patch4: ypserv-2.13-ypxfr-zeroresp.patch -Patch5: ypserv-2.19-inval-ports.patch -Patch6: ypserv-2.13-nonedomain.patch -Patch7: ypserv-2.19-slp-warning.patch +Patch3: ypserv-2.13-ypxfr-zeroresp.patch +Patch4: ypserv-2.19-inval-ports.patch +Patch5: ypserv-2.13-nonedomain.patch +Patch6: ypserv-2.19-slp-warning.patch # Modifies rpc.ypxfrd to create pidfile. -# The patch should be modified before sending it to upstream: -# create_pidfile() should go to /lib directory, and should be -# called by all daemons. -# Not sent to upstream. -Patch8: ypserv-2.21-pidfile.patch +# Improved version was accepted by upstream on 2010-01-28. +Patch7: ypserv-2.21-pidfile.patch # Accepted by upstream on 2010-01-27. -Patch9: ypserv-2.19-nodbclose.patch +Patch8: ypserv-2.19-nodbclose.patch Obsoletes: yppasswd BuildRequires: gdbm-devel BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -60,13 +56,12 @@ machines. %patch0 -p1 -b .redhat %patch1 -p1 -b .path %patch2 -p1 -b .nfsnobody -%patch3 -p1 -b .iface -%patch4 -p1 -b .respzero -%patch5 -p1 -b .ports -%patch6 -p1 -b .nonedomain -%patch7 -p1 -b .slp-warning -%patch8 -p1 -b .pidfile -%patch9 -p1 -b .nodbclose +%patch3 -p1 -b .respzero +%patch4 -p1 -b .ports +%patch5 -p1 -b .nonedomain +%patch6 -p1 -b .slp-warning +%patch7 -p1 -b .pidfile +%patch8 -p1 -b .nodbclose %build cp etc/README etc/README.etc @@ -152,6 +147,15 @@ exit 0 %{_includedir}/*/* %changelog +* Thu Jan 28 2010 Karel Klic - 2.21-4 +- Removed ypserv-2.21-iface.patch, because upstream refused to + merge it three times over 7 years. "Since this is + not supported by RPC (means portmapper still shows ypserv + for the other subnets and portmapper can forward requests + from other subnets via loopback), this will give quite some + unexpected behaviors and makes it pretty difficult to debug + such scenarios." + * Wed Jan 27 2010 Karel Klic - 2.21-3 - Added patch removing invalid ypdb_close call (#403621, #430902)