Update to new upstream release that fixes several memory leaks

(Related: #845283)

.gitignore

@@ -2,3 +2,4 @@ ypserv-2.23.tar.bz2
 /ypserv-2.24.tar.bz2
 /ypserv-2.25.tar.bz2
 /ypserv-2.26.tar.bz2
+/ypserv-2.29.tar.bz2

sources

@@ -1 +1 @@
-b7fc218cbca885dc01cb798399b9ecc0  ypserv-2.26.tar.bz2
+9c7fb5ea6900367b3a15158190579daf  ypserv-2.29.tar.bz2

ypserv-2.19-inval-ports.patch

@@ -1,64 +0,0 @@
-diff -up ypserv-2.19/rpc.yppasswdd/yppasswdd.c.ports ypserv-2.19/rpc.yppasswdd/yppasswdd.c
---- ypserv-2.19/rpc.yppasswdd/yppasswdd.c.ports	2006-01-10 20:22:20.000000000 +0100
-+++ ypserv-2.19/rpc.yppasswdd/yppasswdd.c	2008-09-25 13:11:23.000000000 +0200
-@@ -333,6 +333,12 @@ main (int argc, char **argv)
- 	  break;
- 	case '\253':
-           my_port = atoi (optarg);
-+	  if (my_port <= 0 || my_port > 0xffff) {
-+		/* Invalid port number */
-+	    fprintf (stdout, "Warning: rpc.yppasswdd: Invalid port %d (0x%x)\n", 
-+			my_port, my_port);
-+		my_port = -1;
-+	  }
-           if (debug_flag)
-             log_msg ("Using port %d\n", my_port);
-           break;
-diff -up ypserv-2.19/rpc.ypxfrd/ypxfrd.c.ports ypserv-2.19/rpc.ypxfrd/ypxfrd.c
---- ypserv-2.19/rpc.ypxfrd/ypxfrd.c.ports	2006-01-10 20:22:20.000000000 +0100
-+++ ypserv-2.19/rpc.ypxfrd/ypxfrd.c	2008-09-25 13:11:23.000000000 +0200
-@@ -199,6 +199,12 @@ main (int argc, char **argv)
- 	  break;
- 	case 'p':
- 	  my_port = atoi(optarg);
-+	  if (my_port <= 0 || my_port > 0xffff) {
-+	    /* Invalid port number */
-+	    fprintf (stdout, "Warning: rpc.ypxfrd: Invalid port %d (0x%x)\n", 
-+			my_port, my_port);
-+	    my_port = -1;
-+	  }
- 	  if (debug_flag)
- 	    log_msg("Using port %d\n", my_port);
- 	  break;
-diff -up ypserv-2.19/yppush/yppush.c.ports ypserv-2.19/yppush/yppush.c
---- ypserv-2.19/yppush/yppush.c.ports	2005-05-31 11:14:40.000000000 +0200
-+++ ypserv-2.19/yppush/yppush.c	2008-09-25 13:11:23.000000000 +0200
-@@ -649,6 +649,12 @@ main (int argc, char **argv)
- 	      log_msg ("yppush cannot run in parallel with a fixed port");
- 	      return 1;
- 	    }
-+	  if (my_port <= 0 || my_port > 0xffff) {
-+	    /* Invalid port number */
-+	    fprintf (stdout, "Warning: yppush: Invalid port %d (0x%x)\n", 
-+			my_port, my_port);
-+	    my_port = -1;
-+	  }
- 	  break;
- 	default:
- 	  Usage (1);
-diff -up ypserv-2.19/ypserv/ypserv.c.ports ypserv-2.19/ypserv/ypserv.c
---- ypserv-2.19/ypserv/ypserv.c.ports	2008-09-25 13:11:23.000000000 +0200
-+++ ypserv-2.19/ypserv/ypserv.c	2008-09-25 13:11:23.000000000 +0200
-@@ -492,6 +492,12 @@ main (int argc, char **argv)
- 	  break;
- 	case 'p':
- 	  my_port = atoi (optarg);
-+	  if (my_port <= 0 || my_port > 0xffff) {
-+	    /* Invalid port number */
-+	    fprintf (stdout, "Warning: ypserv: Invalid port %d (0x%x)\n", 
-+			my_port, my_port);
-+	    my_port = -1;
-+	  }
- 	  if (debug_flag)
- 	    log_msg ("Using port %d\n", my_port);
- 	  break;

ypserv-2.21-path.patch

@@ -1,12 +1,12 @@
-diff -up ypserv-2.21/scripts/Makefile.in.path ypserv-2.21/scripts/Makefile.in
---- ypserv-2.21/scripts/Makefile.in.path	2009-06-12 11:32:02.000000000 +0200
-+++ ypserv-2.21/scripts/Makefile.in	2010-01-13 16:09:15.056375015 +0100
-@@ -168,7 +168,7 @@ AUTOMAKE_OPTIONS = 1.7 gnits
- #
- CLEANFILES = *~ ${SCRIPTS}
+diff -up ypserv-2.26/scripts/Makefile.am.path ypserv-2.26/scripts/Makefile.am
+--- ypserv-2.26/scripts/Makefile.am.path	2012-01-12 15:46:16.868219281 +0100
++++ ypserv-2.26/scripts/Makefile.am	2012-01-12 15:46:34.786218054 +0100
+@@ -8,7 +8,7 @@ CLEANFILES = *~ ${SCRIPTS}
+ 
  EXTRA_DIST = ${MANS} ${XMLS}
+ 
 -varypdir = /var/yp
-+varypdir = ${prefix}/../var/yp
++varypdir = $(prefix)/../var/yp
+ 
  man_MANS = pwupdate.8 ypinit.8
  XMLS = pwupdate.8.xml ypinit.8.xml
- libexec_SCRIPTS = ypxfr_1perhour ypxfr_1perday ypxfr_2perday \

ypserv-2.24-aliases.patch

@@ -1,12 +1,34 @@
-diff -up ypserv-2.24/configure.in.aliases ypserv-2.24/configure.in
---- ypserv-2.24/configure.in.aliases	2011-05-06 11:57:05.745509195 +0200
-+++ ypserv-2.24/configure.in	2011-05-06 11:57:16.327509192 +0200
+diff -up ypserv-2.26/acinclude.m4.aliases ypserv-2.26/acinclude.m4
+--- ypserv-2.26/acinclude.m4.aliases	2012-01-12 15:49:32.325205914 +0100
++++ ypserv-2.26/acinclude.m4	2012-01-12 15:50:07.570203506 +0100
+@@ -92,3 +92,18 @@ AC_DEFUN([TYPE_SOCKLEN_T],
+     AC_DEFINE([socklen_t], [int], [Define if socklen_t is missing])
+   fi
+ ])
++
++
++dnl
++dnl Find where aliases file is located
++dnl It can be in /etc/aliases or /etc/mail/aliases
++dnl If file path is specified in argument and file path exists, it is used.
++dnl 
++AC_DEFUN([FIND_ALIASES_PATH], [
++AC_MSG_CHECKING(for aliases file path)
++tmp_aliases="$1"
++test -f /etc/mail/aliases && tmp_aliases="/etc/mail/aliases"
++test -f /etc/aliases && tmp_aliases="/etc/aliases"
++AC_MSG_RESULT($tmp_aliases)
++AC_SUBST(ALIASES, $tmp_aliases)
++])
+diff -up ypserv-2.26/configure.in.aliases ypserv-2.26/configure.in
+--- ypserv-2.26/configure.in.aliases	2012-01-12 15:48:52.068208666 +0100
++++ ypserv-2.26/configure.in	2012-01-12 15:49:17.842206905 +0100
 @@ -149,7 +149,7 @@ fi
  AC_SUBST(MAKE)
  
  dnl Check for aliases path
 -AC_PATH_PROG(ALIASES, aliases, /etc/mail/aliases, /etc/mail:/etc)
-+AC_PATH_PROG(ALIASES, aliases, /etc/aliases, /etc/mail:/etc)
++FIND_ALIASES_PATH(/etc/aliases)
  
  
  

ypserv-2.26-emptydomain.patch

@@ -1,12 +0,0 @@
-diff -up ypserv-2.26/scripts/ypinit.in.emptydomain ypserv-2.26/scripts/ypinit.in
---- ypserv-2.26/scripts/ypinit.in.emptydomain	2011-11-24 09:12:31.267702768 +0100
-+++ ypserv-2.26/scripts/ypinit.in	2011-11-24 09:13:09.881700121 +0100
-@@ -156,7 +156,7 @@ then
- 	exit 1
- fi
- 
--if [ -z "$DOMAIN" ]
-+if [ "${DOMAIN}x" = "x" ] || [ "${DOMAIN}" = "(none)" ]
- then
- 	echo "The local host's domain name hasn't been set.  Please set it."
- 	exit 1

ypserv-2.26-errmsg.patch

@@ -1,21 +0,0 @@
-diff -up ypserv-2.26/rpc.yppasswdd/update.c.errmsg ypserv-2.26/rpc.yppasswdd/update.c
---- ypserv-2.26/rpc.yppasswdd/update.c.errmsg	2011-10-10 13:24:05.124197343 +0200
-+++ ypserv-2.26/rpc.yppasswdd/update.c	2011-10-10 13:24:38.955195031 +0200
-@@ -1006,7 +1006,7 @@ external_update_pipe (yppasswd *yppw, ch
-   if (!fgets(childresponse, 1024, fp))
-     {
-       childresponse[0] = '\0';
--      log_msg ("fgets() call failed.");
-+      log_msg ("fgets() call failed or EOF.");
-     }
-   fclose(fp);
- 
-@@ -1016,7 +1016,7 @@ external_update_pipe (yppasswd *yppw, ch
-   if (strspn(childresponse, "OK") < 2)
-     {
-       log_msg ("%s failed.  Change request: %s", logbuf, parentmsg);
--      log_msg ("Response was %s", childresponse);
-+      log_msg ("Response was '%s'", childresponse);
-       free (parentmsg);
-       return res;
-     }

ypserv-2.26-shadow.patch

@@ -1,133 +0,0 @@
-diff -up ypserv-2.26/rpc.yppasswdd/update.c.shadow ypserv-2.26/rpc.yppasswdd/update.c
---- ypserv-2.26/rpc.yppasswdd/update.c.shadow	2011-09-14 10:34:51.689163960 +0200
-+++ ypserv-2.26/rpc.yppasswdd/update.c	2011-09-14 10:44:16.592158574 +0200
-@@ -79,6 +79,8 @@ char *path_shadow_old = NULL;
- /* Will be set by the main function */
- char *external_update_program = NULL;
- 
-+static bool_t adjuct_used = FALSE;
-+
- static int external_update_env (yppasswd *yppw);
- static int external_update_pipe (yppasswd *yppw, char *logbuf);
- static int update_files (yppasswd *yppw, char *logbuf, int *shadow_changed,
-@@ -142,6 +144,76 @@ shell_ok (char *shell)
-   return 0;
- }
- 
-+/* Read shadow file manually, to handle different colons count. 
-+   When we use passwd.adjunct, shadow file contains 6 colons, but if 
-+   we don't use passwd.adjunct, shadow file contains 8 colons. 
-+   This function can handle both counts, but fgetspent doesn't */
-+static struct spwd *
-+fgetspent_adjunct(FILE *fp) 
-+{
-+  static char line_buffer[1024];
-+  char *buffer_mark;
-+  struct spwd* result;
-+  int i, colons = 0;
-+  
-+  /* Reserve two bytes for theoretic colons */
-+  while (fgets(line_buffer, sizeof(line_buffer) - 2, fp) != NULL) 
-+    {
-+      /* We don't need a new line character in the end */
-+      if ((buffer_mark = strchr(line_buffer, '\n')) != NULL)
-+          buffer_mark[0] = '\0';
-+        
-+      /* Skip commented or empty lines */
-+      if (line_buffer[0] == '\0' || line_buffer[0] == '#')
-+        continue;
-+
-+      /* Count number of colons in the line */
-+      for (i = 0; line_buffer[i] != '\0'; ++i) 
-+          if (line_buffer[i] == ':')
-+            ++colons;
-+        
-+      /* When we use passwd.adjunct, shadow file contains 6 colons, 
-+         but we need 8 colons to properly parse the line, so we
-+         just add two colons to the end of the line */
-+      if (colons == 6) 
-+        {
-+          strcat(line_buffer, "::");
-+          adjuct_used = TRUE;
-+        }
-+
-+      /* Try to parse the line, if not success, read the next line */
-+      if (result = sgetspent(line_buffer)) 
-+        return result;
-+    
-+    }
-+  return NULL;
-+}
-+
-+/* Write an entry to the given stream.
-+   When we use passwd.adjunct, shadow file contains 6 colons, but if 
-+   we don't use passwd.adjunct, shadow file contains 8 colons. 
-+   This function can handle both counts, but putspent doesn't  */
-+static int
-+putspent_adjunct (const struct spwd *p, FILE *stream)
-+{
-+  if (!adjuct_used)
-+    return putspent(p, stream);
-+
-+  int errors = 0;
-+
-+  flockfile (stream);
-+
-+  if (fprintf (stream, "%s:%s:::::", p->sp_namp, p->sp_pwdp ? p->sp_pwdp : "") < 0)
-+    ++errors;
-+
-+  if (putc_unlocked ('\n', stream) == EOF)
-+    ++errors;
-+
-+  funlockfile (stream);
-+
-+  return errors ? -1 : 0;
-+}
-+
- /* Check if the password the user supplied matches the old one */
- static int
- password_ok (char *plain, char *crypted, char *root)
-@@ -476,11 +548,12 @@ update_files (yppasswd *yppw, char *logb
- 
- 	  /* Check the password. At first check for a shadow password. */
- 	  if (oldsf != NULL &&
--	      pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0')
-+	      ((pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0') || 
-+              (pw->pw_passwd[0] == '#' && pw->pw_passwd[1] == '#')))
- 	    {
- #ifdef HAVE_GETSPNAM /* shadow password */
- 	      /* Search for the shadow entry of this user */
--	      while ((spw = fgetspent (oldsf)) != NULL)
-+	      while ((spw = fgetspent_adjunct (oldsf)) != NULL)
- 		{
- 		  if (strcmp (yppw->newpw.pw_name, spw->sp_namp) == 0)
- 		    {
-@@ -493,7 +566,7 @@ update_files (yppasswd *yppw, char *logb
- 		      /* Password is ok, leave while loop */
- 		      break;
- 		    }
--		  else if (putspent (spw, newsf) < 0)
-+		  else if (putspent_adjunct (spw, newsf) < 0)
- 		    {
- 		      log_msg ("%s failed", logbuf);
- 		      log_msg ("Error while writing new shadow file: %m");
-@@ -545,7 +618,7 @@ update_files (yppasswd *yppw, char *logb
- 			  goto error;
- 			}
- 		    }
--		  if (putspent (spw, newsf) < 0)
-+		  if (putspent_adjunct (spw, newsf) < 0)
- 		    {
- 		      log_msg ("%s failed", logbuf);
- 		      log_msg ("Error while writing new shadow file: %m");
-@@ -554,8 +627,8 @@ update_files (yppasswd *yppw, char *logb
- 		    }
- 
- 		  /* Copy all missing entries */
--		  while ((spw = fgetspent (oldsf)) != NULL)
--		    if (putspent (spw, newsf) < 0)
-+		  while ((spw = fgetspent_adjunct (oldsf)) != NULL)
-+		    if (putspent_adjunct (spw, newsf) < 0)
- 		      {
- 			log_msg ("%s failed", logbuf);
- 			log_msg ("Error while writing new shadow file: %m");

ypserv-2.27-cloexec.patch

@@ -0,0 +1,12 @@
+diff -up ypserv-2.26/lib/pidfile.c.cloexec ypserv-2.26/lib/pidfile.c
+--- ypserv-2.26/lib/pidfile.c.cloexec	2011-04-15 16:49:41.000000000 +0200
++++ ypserv-2.26/lib/pidfile.c	2012-04-13 20:49:55.643903727 +0200
+@@ -33,7 +33,7 @@ create_pidfile (const char *filename, co
+   char pbuf[50], *ptr;
+   struct flock lock;
+ 
+-  fd = open (filename, O_CREAT | O_RDWR,
++  fd = open (filename, O_CREAT | O_RDWR | O_CLOEXEC,
+ 	     S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+   if (fd < 0)
+     {

ypserv-pre-setdomain

@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# ypserv-domain
+#
+# description: This is part of former ypserv init script, which is used 
+#              to setup proper domainname before starting ypserv daemon 
+#              itself. If $NISDOMAIN is not defined, it fails. 
+#
+
+DOMAINNAME=`domainname`
+if [ "$DOMAINNAME" = "(none)" -o "$DOMAINNAME" = "" ]; then
+    echo -n $"Setting NIS domain: "
+    if [ -n "$NISDOMAIN" ]; then
+        domainname $NISDOMAIN
+        echo $"'$NISDOMAIN' (environment variable)"
+    else # no domainname found
+        logger -t ypserv $"domain not found"
+        exit 1
+    fi
+fi
+

ypserv.service

@@ -5,6 +5,7 @@ After=syslog.target network.target rpcbind.service
 
 [Service]
 EnvironmentFile=-/etc/sysconfig/network
+ExecStartPre=/usr/lib/ypserv/ypserv-pre-setdomain
 ExecStart=/usr/sbin/ypserv -f $YPSERV_ARGS
 
 [Install]

ypserv.spec

@@ -1,8 +1,8 @@
 Summary: The NIS (Network Information Service) server
 Url: http://www.linux-nis.org/nis/ypserv/index.html
 Name: ypserv
-Version: 2.26
-Release: 8%{?dist}
+Version: 2.29
+Release: 1%{?dist}
 License: GPLv2
 Group: System Environment/Daemons
 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/ypserv-%{version}.tar.bz2
@@ -10,6 +10,7 @@ Source1: ypserv.service
 Source2: yppasswdd.service
 Source3: ypxfrd.service
 Source4: rpc.yppasswdd.env
+Source5: ypserv-pre-setdomain
 
 Requires: gawk, make, portmap, bash >= 2.0
 Requires(post): systemd-units
@@ -21,20 +22,18 @@ Patch0: ypserv-2.5-redhat.patch
 Patch1: ypserv-2.21-path.patch
 Patch2: ypserv-2.5-nfsnobody2.patch
 Patch3: ypserv-2.13-ypxfr-zeroresp.patch
-Patch4: ypserv-2.19-inval-ports.patch
 Patch5: ypserv-2.13-nonedomain.patch
 Patch6: ypserv-2.19-slp-warning.patch
 Patch7: ypserv-2.24-manfix.patch
 Patch8: ypserv-2.24-aliases.patch
 Patch9: ypserv-2.25-systemd.patch
-Patch10: ypserv-2.25-portmanfix.patch
-Patch11: ypserv-2.26-request.patch
-Patch12: ypserv-2.26-shadow.patch
-Patch13: ypserv-2.26-errmsg.patch
-Patch14: ypserv-2.26-emptydomain.patch
-Patch15: ypserv-2.26-retval.patch
+Patch16: ypserv-2.27-cloexec.patch
 BuildRequires: gdbm-devel
 BuildRequires: systemd-units
+BuildRequires: autoconf, automake
+
+# Location where helper scripts are located
+%define scripts_path /usr/lib/%{name}
 
 %description
 The Network Information Service (NIS) is a system that provides
@@ -58,18 +57,14 @@ machines.
 %patch1 -p1 -b .path
 %patch2 -p1 -b .nfsnobody
 %patch3 -p1 -b .respzero
-%patch4 -p1 -b .ports
 %patch5 -p1 -b .nonedomain
 %patch6 -p1 -b .slp-warning
 %patch7 -p1 -b .manfix
 %patch8 -p1 -b .aliases
 %patch9 -p1 -b .systemd
-%patch10 -p1 -b .portmanfix
-%patch11 -p1 -b .request
-%patch12 -p1 -b .shadow
-%patch13 -p1 -b .errmsg
-%patch14 -p1 -b .emptydomain
-%patch15 -p1 -b .retval
+%patch16 -p1 -b .cloexec
+
+autoreconf
 
 %build
 cp etc/README etc/README.etc
@@ -86,11 +81,12 @@ rm -rf $RPM_BUILD_ROOT
 
 #make install ROOT=$RPM_BUILD_ROOT
 %makeinstall libexecdir=$RPM_BUILD_ROOT%{_libdir}/yp INSTALL_PROGRAM=install
-mkdir -p $RPM_BUILD_ROOT%{_unitdir} $RPM_BUILD_ROOT%{_sysconfdir}
-install -m644 etc/ypserv.conf $RPM_BUILD_ROOT%{_sysconfdir}
-install -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ypserv.service
-install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_unitdir}/yppasswdd.service
-install -m644 %{SOURCE3} $RPM_BUILD_ROOT%{_unitdir}/ypxfrd.service
+mkdir -p $RPM_BUILD_ROOT%{_unitdir} $RPM_BUILD_ROOT%{_sysconfdir} $RPM_BUILD_ROOT%{scripts_path}/
+install -m 644 etc/ypserv.conf $RPM_BUILD_ROOT%{_sysconfdir}
+install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ypserv.service
+install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_unitdir}/yppasswdd.service
+install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_unitdir}/ypxfrd.service
+install -m 755 %{SOURCE5} $RPM_BUILD_ROOT%{scripts_path}/ypserv-pre-setdomain
 
 mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
 cat >$RPM_BUILD_ROOT/etc/sysconfig/yppasswdd <<EOF
@@ -120,7 +116,7 @@ EOF
 # (ETCDIR, PASSWDFILE and SHADOWFILE). The script ensures, that the 
 # rpc.yppasswdd arguments are not used when the appropriate environment 
 # variables are empty.
-install -m755 %{SOURCE4} $RPM_BUILD_ROOT%{_sbindir}/rpc.yppasswdd.env
+install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_sbindir}/rpc.yppasswdd.env
 
 %post
 # Package with native systemd unit file is installed for the first time
@@ -164,12 +160,28 @@ exit 0
 %config(noreplace) %{_sysconfdir}/sysconfig/yppasswdd
 %config(noreplace) /var/yp/*
 %{_unitdir}/*
+%{scripts_path}/*
 %{_libdir}/yp
 %{_sbindir}/*
 %{_mandir}/*/*
 %{_includedir}/*/*
 
 %changelog
+* Mon Sep 03 2012 Honza Horak <hhorak@redhat.com> - 2.29-1
+- Update to new upstream release that fixes several memory leaks
+  (Related: #845283)
+
+* Fri Apr 13 2012 Honza Horak <hhorak@redhat.com> - 2.26-10
+- Use O_CLOEXEC when opening pid file to avoid SELinux issues
+  Resolves: #809120
+
+* Thu Jan 12 2012 Honza Horak <hhorak@redhat.com> - 2.26-9
+- Added ypserv-pre-setdomain to respect NISDOMAIN environment variable 
+  and set domainname if empty
+- Added autoreconf call (thus .path patch modified to keep impact)
+- Patch .aliases fixed
+  Resolves: #699826
+
 * Mon Nov 28 2011 Honza Horak <hhorak@redhat.com> - 2.26-8
 - Fixed returning success when shadow file is not writable
   Resolves: #747335