[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Mike Frysinger]

commit:     87ec7f7f26cabc142eb8460a4d3287940fea9fa3
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Tue Nov  3 14:48:20 2015 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Tue Nov  3 15:08:05 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87ec7f7f

net-nds/rpcbind: add upstream fix for building w/newer libtirpc

 net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch | 42 ++++++++++++++++++++++
 net-nds/rpcbind/rpcbind-0.2.3.ebuild               |  1 +
 2 files changed, 43 insertions(+)

diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
new file mode 100644
index 0000000..92ea22f
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.3-libtirpc.patch
@@ -0,0 +1,42 @@
+fix from upstream for building w/newer libtirpc
+
+From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Mon, 2 Nov 2015 17:05:18 -0500
+Subject: [PATCH rpcbind] handle_reply: Don't use the xp_auth pointer directly
+
+In the latest libtirpc version to access the xp_auth
+one must use the SVC_XP_AUTH macro. To be backwards
+compatible a couple ifdefs were added to use the
+macro when it exists.
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 4ae93f1..22d6c84 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
+ 	a.rmt_localvers = fi->versnum;
+ 
+ 	xprt_set_caller(xprt, fi);
++#if defined(SVC_XP_AUTH)
++	SVC_XP_AUTH(xprt) = svc_auth_none;
++#else 
+ 	xprt->xp_auth = &svc_auth_none;
++#endif
+ 	svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
++#if !defined(SVC_XP_AUTH)
+ 	SVCAUTH_DESTROY(xprt->xp_auth);
+ 	xprt->xp_auth = NULL;
++#endif
++
+ done:
+ 	if (buffer)
+ 		free(buffer);
+-- 
+2.5.2
+

diff --git a/net-nds/rpcbind/rpcbind-0.2.3.ebuild b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
index 23a68ef..a2437fe 100644
--- a/net-nds/rpcbind/rpcbind-0.2.3.ebuild
+++ b/net-nds/rpcbind/rpcbind-0.2.3.ebuild
@@ -31,6 +31,7 @@ RDEPEND="${CDEPEND}
 
 src_prepare() {
 	[[ ${PV} == "9999" ]] && eautoreconf
+	epatch "${FILESDIR}"/${P}-libtirpc.patch
 	epatch_user
 }
 

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Mike Frysinger]

commit:     de6d02b6cf69bec8e91b7e7e3b4a083f8b13b822
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Tue Nov  3 14:53:27 2015 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Tue Nov  3 15:08:06 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de6d02b6

net-nds/rpcbind: add upstream fix for CVE-2015-7236 #560990

 .../rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch  | 86 ++++++++++++++++++++++
 net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild            | 57 ++++++++++++++
 2 files changed, 143 insertions(+)

diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
new file mode 100644
index 0000000..9c03bda
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.3-mem-corrupt.patch
@@ -0,0 +1,86 @@
+https://bugs.gentoo.org/560990
+
+fix from upstream
+
+From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001
+From: Olaf Kirch <okir@suse.de>
+Date: Fri, 30 Oct 2015 10:18:20 -0400
+Subject: [PATCH rpcbind] Fix memory corruption in PMAP_CALLIT code
+
+ - A PMAP_CALLIT call comes in on IPv4 UDP
+ - rpcbind duplicates the caller's address to a netbuf and stores it in
+   FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
+   with a size of 16 bytes
+ - rpcbind forwards the call to the local service, receives a reply
+ - when processing the reply, it does this in xprt_set_caller:
+    xprt->xp_rtaddr = *FINFO[0].caller_addr
+   It sends out the reply, and then frees the netbuf caller_addr and
+   caller_addr.buf.
+   However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
+   to memory region A, which is free.
+ - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
+   be called, which will set xp_rtaddr to the client's address.
+   It will reuse the buffer inside xp_rtaddr, ie it will write a
+   sockaddr_in to region A
+
+Some time down the road, an incoming TCP connection is accepted,
+allocating a fresh SVCXPRT. The memory region A is inside the
+new SVCXPRT
+
+ - While processing the TCP call, another UDP call comes in, again
+   overwriting region A with the client's address
+ - TCP client closes connection. In svc_destroy, we now trip over
+   the garbage left in region A
+
+We ran into the case where a commercial scanner was triggering
+occasional rpcbind segfaults. The core file that was captured showed
+a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
+
+Signed-off-by: Olaf Kirch <okir@suse.de>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 23 ++++++++++++++++++++++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index ff9ce6b..4ae93f1 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds)
+ 	return (ncallbacks_found);
+ }
+ 
++/*
++ * This is really a helper function defined in libtirpc, 
++ * but unfortunately, it hasn't been exported yet.
++ */
++static struct netbuf *
++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
++{
++	if (nb->len != len) {
++		if (nb->len)
++			mem_free(nb->buf, nb->len);
++		nb->buf = mem_alloc(len);
++		if (nb->buf == NULL)
++			return NULL;
++
++		nb->maxlen = nb->len = len;
++	}
++	memcpy(nb->buf, ptr, len);
++	return nb;
++}
++
+ static void
+ xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
+ {
++	const struct netbuf *caller = fi->caller_addr;
+ 	u_int32_t *xidp;
+ 
+-	*(svc_getrpccaller(xprt)) = *(fi->caller_addr);
++	__rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
+ 	xidp = __rpcb_get_dg_xidp(xprt);
+ 	*xidp = fi->caller_xid;
+ }
+-- 
+2.5.2
+

diff --git a/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild
new file mode 100644
index 0000000..937aaae
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.3-r1.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+	EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+	inherit autotools git-r3
+else
+	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="http://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3:=
+	systemd? ( sys-apps/systemd:= )
+	tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+	virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-rpcbind )"
+
+src_prepare() {
+	[[ ${PV} == "9999" ]] && eautoreconf
+	epatch "${FILESDIR}"/${P}-libtirpc.patch
+	epatch "${FILESDIR}"/${P}-mem-corrupt.patch #560990
+	epatch_user
+}
+
+src_configure() {
+	econf \
+		--bindir="${EPREFIX}"/sbin \
+		--with-statedir="${EPREFIX}"/run/${PN} \
+		--with-rpcuser=root \
+		--with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+		$(use_enable tcpd libwrap) \
+		$(use_enable debug) \
+		$(use_enable warmstarts)
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/${PN}.initd ${PN}
+	newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Anthony G. Basile]

commit:     69aafed0a8dcbf6c4a108ecd3712f2d36a7bf3c7
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Thu Oct  6 21:21:17 2016 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Oct  6 21:21:35 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69aafed0

net-nds/rpcbind: remove _P() macro, bug #589666

Package-Manager: portage-2.2.28

 .../files/rpcbind-0.2.3-remove-P-macro.patch       | 246 +++++++++++++++++++++
 net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild            |  58 +++++
 2 files changed, 304 insertions(+)

diff --git a/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch
new file mode 100644
index 00000000..8e1b69b
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.3-remove-P-macro.patch
@@ -0,0 +1,246 @@
+From 196e8f3abaa6e8899ba2655c6c2d8751e33a9795 Mon Sep 17 00:00:00 2001
+From: "Yann E. MORIN" <yann.morin.1998@free.fr>
+Date: Wed, 17 Aug 2016 10:16:47 -0400
+Subject: [PATCH] src: remove use of the __P() macro
+
+The __P() macro is a legacy compatibility macro aimed making pre-ANSI
+(i.e. K&R) compilers that do not support function prototypes happy,
+while still allowing such prototypes for ANSI-compliant compilers.
+
+Since virtually all compilers have been ANSI-compliant for a few decades
+now, use of __P() is totally useless.
+
+Furthermore, __P() is defined in the non-standard sys/cdefs.h header.
+This header is present in glibc and uClibc, and both have it included
+from many of their headers. So, sys/cdefs.h is automagically included in
+most cases and its macros are available.
+
+However, the musl C library does not provide this sys/cdefs.h header.
+Thus, the build breaks on musl.
+
+For all the above reasons, get rid of __P() wherever it is used; just
+always declare real function prototypes.
+
+Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+Cc: Chuck Lever <chuck.lever@oracle.com>
+Cc: Steve Dickson <SteveD@redhat.com>
+Cc: Mike Frysinger <vapier@gentoo.org>
+---
+ src/check_bound.c  |  2 +-
+ src/pmap_svc.c     | 10 +++++-----
+ src/rpcb_svc.c     | 10 +++++-----
+ src/rpcb_svc_4.c   | 14 ++++++--------
+ src/rpcb_svc_com.c | 46 +++++++++++++++++++++++-----------------------
+ src/rpcbind.c      | 12 ++++++------
+ src/util.c         |  2 +-
+ src/warmstart.c    |  4 ++--
+ 8 files changed, 49 insertions(+), 51 deletions(-)
+
+diff --git a/src/check_bound.c b/src/check_bound.c
+index c70b845..92bfd36 100644
+--- a/src/check_bound.c
++++ b/src/check_bound.c
+@@ -70,7 +70,7 @@ static struct fdlist *fdhead;	/* Link list of the check fd's */
+ static struct fdlist *fdtail;
+ static char *nullstring = "";
+ 
+-static bool_t check_bound __P((struct fdlist *, char *uaddr));
++static bool_t check_bound(struct fdlist *, char *uaddr);
+ 
+ /*
+  * Returns 1 if the given address is bound for the given addr & transport
+diff --git a/src/pmap_svc.c b/src/pmap_svc.c
+index ad28b93..4c744fe 100644
+--- a/src/pmap_svc.c
++++ b/src/pmap_svc.c
+@@ -60,11 +60,11 @@ static	char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro";
+ #include "rpcbind.h"
+ #include "xlog.h"
+ #include <rpc/svc_soc.h> /* svc_getcaller routine definition */
+-static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t,
+-					       rpcprot_t));
+-static bool_t pmapproc_change __P((struct svc_req *, SVCXPRT *, u_long));
+-static bool_t pmapproc_getport __P((struct svc_req *, SVCXPRT *));
+-static bool_t pmapproc_dump __P((struct svc_req *, SVCXPRT *));
++static struct pmaplist *find_service_pmap(rpcprog_t, rpcvers_t,
++					       rpcprot_t);
++static bool_t pmapproc_change(struct svc_req *, SVCXPRT *, u_long);
++static bool_t pmapproc_getport(struct svc_req *, SVCXPRT *);
++static bool_t pmapproc_dump(struct svc_req *, SVCXPRT *);
+ 
+ /*
+  * Called for all the version 2 inquiries.
+diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
+index bd92201..709e3fb 100644
+--- a/src/rpcb_svc.c
++++ b/src/rpcb_svc.c
+@@ -53,10 +53,10 @@
+ #include "rpcbind.h"
+ #include "xlog.h"
+ 
+-static void *rpcbproc_getaddr_3_local __P((void *, struct svc_req *, SVCXPRT *,
+-					   rpcvers_t));
+-static void *rpcbproc_dump_3_local __P((void *, struct svc_req *, SVCXPRT *,
+-					rpcvers_t));
++static void *rpcbproc_getaddr_3_local(void *, struct svc_req *, SVCXPRT *,
++					   rpcvers_t);
++static void *rpcbproc_dump_3_local(void *, struct svc_req *, SVCXPRT *,
++					rpcvers_t);
+ 
+ /*
+  * Called by svc_getreqset. There is a separate server handle for
+@@ -75,7 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
+ 	} argument;
+ 	char *result;
+ 	xdrproc_t xdr_argument, xdr_result;
+-	void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
++	void *(*local)(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
+ 	rpcprog_t setprog = 0;
+ 
+ 	rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc);
+diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
+index b673452..5094879 100644
+--- a/src/rpcb_svc_4.c
++++ b/src/rpcb_svc_4.c
+@@ -54,13 +54,11 @@
+ #include "rpcbind.h"
+ #include "xlog.h"
+ 
+-static void *rpcbproc_getaddr_4_local __P((void *, struct svc_req *, SVCXPRT *,
+-				      rpcvers_t));
+-static void *rpcbproc_getversaddr_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
+-static void *rpcbproc_getaddrlist_4_local
+-	__P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
+-static void free_rpcb_entry_list __P((rpcb_entry_list_ptr *));
+-static void *rpcbproc_dump_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
++static void *rpcbproc_getaddr_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
++static void *rpcbproc_getversaddr_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
++static void *rpcbproc_getaddrlist_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
++static void free_rpcb_entry_list(rpcb_entry_list_ptr *);
++static void *rpcbproc_dump_4_local(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
+ 
+ /*
+  * Called by svc_getreqset. There is a separate server handle for
+@@ -78,7 +76,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
+ 	} argument;
+ 	char *result;
+ 	xdrproc_t xdr_argument, xdr_result;
+-	void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
++	void *(*local)(void *, struct svc_req *, SVCXPRT *, rpcvers_t);
+ 	rpcprog_t setprog = 0;
+ 
+ 	rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 148fe42..5862c26 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -100,29 +100,29 @@ struct finfo {
+ static struct finfo     FINFO[NFORWARD];
+ 
+ 
+-static bool_t xdr_encap_parms __P((XDR *, struct encap_parms *));
+-static bool_t xdr_rmtcall_args __P((XDR *, struct r_rmtcall_args *));
+-static bool_t xdr_rmtcall_result __P((XDR *, struct r_rmtcall_args *));
+-static bool_t xdr_opaque_parms __P((XDR *, struct r_rmtcall_args *));
+-static int find_rmtcallfd_by_netid __P((char *));
+-static SVCXPRT *find_rmtcallxprt_by_fd __P((int));
+-static int forward_register __P((u_int32_t, struct netbuf *, int, char *,
+-    rpcproc_t, rpcvers_t, u_int32_t *));
+-static struct finfo *forward_find __P((u_int32_t));
+-static int free_slot_by_xid __P((u_int32_t));
+-static int free_slot_by_index __P((int));
+-static int netbufcmp __P((struct netbuf *, struct netbuf *));
+-static struct netbuf *netbufdup __P((struct netbuf *));
+-static void netbuffree __P((struct netbuf *));
+-static int check_rmtcalls __P((struct pollfd *, int));
+-static void xprt_set_caller __P((SVCXPRT *, struct finfo *));
+-static void send_svcsyserr __P((SVCXPRT *, struct finfo *));
+-static void handle_reply __P((int, SVCXPRT *));
+-static void find_versions __P((rpcprog_t, char *, rpcvers_t *, rpcvers_t *));
+-static rpcblist_ptr find_service __P((rpcprog_t, rpcvers_t, char *));
+-static char *getowner __P((SVCXPRT *, char *, size_t));
+-static int add_pmaplist __P((RPCB *));
+-static int del_pmaplist __P((RPCB *));
++static bool_t xdr_encap_parms(XDR *, struct encap_parms *);
++static bool_t xdr_rmtcall_args(XDR *, struct r_rmtcall_args *);
++static bool_t xdr_rmtcall_result(XDR *, struct r_rmtcall_args *);
++static bool_t xdr_opaque_parms(XDR *, struct r_rmtcall_args *);
++static int find_rmtcallfd_by_netid(char *);
++static SVCXPRT *find_rmtcallxprt_by_fd(int);
++static int forward_register(u_int32_t, struct netbuf *, int, char *,
++    rpcproc_t, rpcvers_t, u_int32_t *);
++static struct finfo *forward_find(u_int32_t);
++static int free_slot_by_xid(u_int32_t);
++static int free_slot_by_index(int);
++static int netbufcmp(struct netbuf *, struct netbuf *);
++static struct netbuf *netbufdup(struct netbuf *);
++static void netbuffree(struct netbuf *);
++static int check_rmtcalls(struct pollfd *, int);
++static void xprt_set_caller(SVCXPRT *, struct finfo *);
++static void send_svcsyserr(SVCXPRT *, struct finfo *);
++static void handle_reply(int, SVCXPRT *);
++static void find_versions(rpcprog_t, char *, rpcvers_t *, rpcvers_t *);
++static rpcblist_ptr find_service(rpcprog_t, rpcvers_t, char *);
++static char *getowner(SVCXPRT *, char *, size_t);
++static int add_pmaplist(RPCB *);
++static int del_pmaplist(RPCB *);
+ 
+ /*
+  * Set a mapping of program, version, netid
+diff --git a/src/rpcbind.c b/src/rpcbind.c
+index c4265cd..87ccdc2 100644
+--- a/src/rpcbind.c
++++ b/src/rpcbind.c
+@@ -136,13 +136,13 @@ char *tcp_uaddr;	/* Universal TCP address */
+ static char servname[] = "rpcbind";
+ static char superuser[] = "superuser";
+ 
+-int main __P((int, char *[]));
++int main(int, char *[]);
+ 
+-static int init_transport __P((struct netconfig *));
+-static void rbllist_add __P((rpcprog_t, rpcvers_t, struct netconfig *,
+-			     struct netbuf *));
+-static void terminate __P((int));
+-static void parseargs __P((int, char *[]));
++static int init_transport(struct netconfig *);
++static void rbllist_add(rpcprog_t, rpcvers_t, struct netconfig *,
++			     struct netbuf *);
++static void terminate(int);
++static void parseargs(int, char *[]);
+ 
+ int
+ main(int argc, char *argv[])
+diff --git a/src/util.c b/src/util.c
+index a6c835b..74b0284 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -70,7 +70,7 @@ static struct sockaddr_in *local_in4;
+ static struct sockaddr_in6 *local_in6;
+ #endif
+ 
+-static int bitmaskcmp __P((void *, void *, void *, int));
++static int bitmaskcmp(void *, void *, void *, int);
+ 
+ /*
+  * For all bits set in "mask", compare the corresponding bits in
+diff --git a/src/warmstart.c b/src/warmstart.c
+index b6eb73e..122a058 100644
+--- a/src/warmstart.c
++++ b/src/warmstart.c
+@@ -58,8 +58,8 @@
+ #define	PMAPFILE	RPCBIND_STATEDIR "/portmap.xdr"
+ #endif
+ 
+-static bool_t write_struct __P((char *, xdrproc_t, void *));
+-static bool_t read_struct __P((char *, xdrproc_t, void *));
++static bool_t write_struct(char *, xdrproc_t, void *);
++static bool_t read_struct(char *, xdrproc_t, void *);
+ 
+ static bool_t
+ write_struct(char *filename, xdrproc_t structproc, void *list)
+-- 
+1.8.3.1
+

diff --git a/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild b/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild
new file mode 100644
index 00000000..a8bfe3d
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.3-r2.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+	EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+	inherit autotools git-r3
+else
+	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="https://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-0.2.3:=
+	systemd? ( sys-apps/systemd:= )
+	tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+	virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-rpcbind )"
+
+src_prepare() {
+	[[ ${PV} == "9999" ]] && eautoreconf
+	epatch "${FILESDIR}"/${P}-libtirpc.patch
+	epatch "${FILESDIR}"/${P}-mem-corrupt.patch #560990
+	epatch "${FILESDIR}"/${P}-remove-P-macro.patch #589666
+	epatch_user
+}
+
+src_configure() {
+	econf \
+		--bindir="${EPREFIX}"/sbin \
+		--with-statedir="${EPREFIX}"/run/${PN} \
+		--with-rpcuser=root \
+		--with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+		$(use_enable tcpd libwrap) \
+		$(use_enable debug) \
+		$(use_enable warmstarts)
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/${PN}.initd ${PN}
+	newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Patrick McLean]

commit:     eae6e7a80bc2934ae1557731fc0ad71cd92af99b
Author:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>
AuthorDate: Mon May  8 18:39:36 2017 +0000
Commit:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>
CommitDate: Mon May  8 18:39:36 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae6e7a8

net-nds/rpcbind: Revision bump to pull in patch for CVE-2017-8779

Gentoo-Bug: 617472
Package-Manager: Portage-2.3.5, Repoman-2.3.2

 .../files/rpcbind-0.2.4-CVE-2017-8779.patch        | 21 ++++++++
 net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild            | 59 ++++++++++++++++++++++
 2 files changed, 80 insertions(+)

diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
new file mode 100644
index 00000000000..cef088badc9
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
@@ -0,0 +1,21 @@
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include <rpc/rpc.h>
+ #include <rpc/rpcb_prot.h>
+ #include <rpc/svc_dg.h>
++#include <rpc/rpc_com.h>
+ #include <netconfig.h>
+ #include <errno.h>
+ #include <syslog.h>
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+-	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
+ }
+ 
+ /*

diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
new file mode 100644
index 00000000000..5c16cb5c982
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+	EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+	inherit autotools git-r3
+else
+	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="https://sourceforge.net/projects/rpcbind/"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-1.0:=
+	systemd? ( sys-apps/systemd:= )
+	tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+	virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-rpcbind )"
+
+PATCHES=(
+	"${FILESDIR}/${P}-CVE-2017-8779.patch"
+)
+
+src_prepare() {
+	[[ ${PV} == "9999" ]] && eautoreconf
+	epatch "${PATCHES[@]}"
+	epatch_user
+}
+
+src_configure() {
+	econf \
+		--bindir="${EPREFIX}"/sbin \
+		--with-statedir="${EPREFIX}"/run/${PN} \
+		--with-rpcuser=root \
+		--with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
+		$(use_enable tcpd libwrap) \
+		$(use_enable debug) \
+		$(use_enable warmstarts)
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/${PN}.initd ${PN}
+	newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Mike Gilbert]

commit:     fbaf911f4355d5c9992694288b586dcbc5f154cc
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Sat Mar 10 14:09:43 2018 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Mar 10 14:09:43 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbaf911f

net-nds/rpcbind: use upstream rpcbind.service

Closes: https://bugs.gentoo.org/650030
Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81

 net-nds/rpcbind/files/rpcbind.service                       | 13 -------------
 .../{rpcbind-0.2.4-r1.ebuild => rpcbind-0.2.4-r2.ebuild}    |  4 +---
 net-nds/rpcbind/rpcbind-9999.ebuild                         |  2 --
 3 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/net-nds/rpcbind/files/rpcbind.service b/net-nds/rpcbind/files/rpcbind.service
deleted file mode 100644
index 305ea9b10b7..00000000000
--- a/net-nds/rpcbind/files/rpcbind.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=RPC Bind
-After=network.target
-Wants=rpcbind.target
-Before=rpcbind.target
-
-[Service]
-Type=forking
-ExecStart=/sbin/rpcbind
-Restart=always
-
-[Install]
-WantedBy=multi-user.target

diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
similarity index 93%
rename from net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
rename to net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
index 8aff208b2db..aa7c610e94f 100644
--- a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="5"
@@ -54,6 +54,4 @@ src_install() {
 
 	newinitd "${FILESDIR}"/${PN}.initd ${PN}
 	newconfd "${FILESDIR}"/${PN}.confd ${PN}
-
-	systemd_dounit "${FILESDIR}"/${PN}.service
 }

diff --git a/net-nds/rpcbind/rpcbind-9999.ebuild b/net-nds/rpcbind/rpcbind-9999.ebuild
index 788cb937f34..bd9f7853dc4 100644
--- a/net-nds/rpcbind/rpcbind-9999.ebuild
+++ b/net-nds/rpcbind/rpcbind-9999.ebuild
@@ -47,6 +47,4 @@ src_install() {
 
 	newinitd "${FILESDIR}"/${PN}.initd ${PN}
 	newconfd "${FILESDIR}"/${PN}.confd ${PN}
-
-	systemd_dounit "${FILESDIR}"/${PN}.service
 }

[gentoo-commits] repo/gentoo:master commit in: net-nds/rpcbind/files/, net-nds/rpcbind/

[Matt Turner]

commit:     52738dd4838a6bdef10c7c086a11cad9d04fa6d0
Author:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 28 18:08:29 2019 +0000
Commit:     Matt Turner <mattst88 <AT> gentoo <DOT> org>
CommitDate: Sat Sep 28 18:27:13 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=52738dd4

net-nds/rpcbind: Drop old versions

Signed-off-by: Matt Turner <mattst88 <AT> gentoo.org>

 net-nds/rpcbind/Manifest                           |  1 -
 .../files/rpcbind-0.2.4-CVE-2017-8779.patch        | 21 --------
 net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild            | 58 ----------------------
 3 files changed, 80 deletions(-)

diff --git a/net-nds/rpcbind/Manifest b/net-nds/rpcbind/Manifest
index f3285ad8814..1e114d6b58e 100644
--- a/net-nds/rpcbind/Manifest
+++ b/net-nds/rpcbind/Manifest
@@ -1,2 +1 @@
-DIST rpcbind-0.2.4.tar.bz2 122781 BLAKE2B ac1c374a1081559bf09bc209256daa1bb530d71f0c7fe45cec4c9b87cf110c15251a05dce2cf2b78ffa4d902f817efed30350ad08a23e12a7f219f10fe626aa8 SHA512 f3966a7284e94bdf120a9b3f0dd66efa1fe8761df2313545a031f77b7c06e27d7955d2780469943deb537d34f95c4cf3f30de523ec9fab9f571322d7224b210c
 DIST rpcbind-1.2.5.tar.bz2 123502 BLAKE2B de0d10406aeffd75195c1fa1d0179b2c7c0ba54c3f3ac58ce9d7e9448d1dbe91a296ad69c45dee115e0a739aa9cfec53b750d3a5ca405e16605a92bbb2006859 SHA512 e884c4757950ccead0f9a07f50625a63e6f18f9bfae9fcfffa3e5fa4b7a66c3a99d9fa303061848fe8211509d5456f24ff26e4579af6e161a35522268f3ef3e4

diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
deleted file mode 100644
index cef088badc9..00000000000
--- a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 5862c26..e11f61b 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -48,6 +48,7 @@
- #include <rpc/rpc.h>
- #include <rpc/rpcb_prot.h>
- #include <rpc/svc_dg.h>
-+#include <rpc/rpc_com.h>
- #include <netconfig.h>
- #include <errno.h>
- #include <syslog.h>
-@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
- static bool_t
- xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
- {
--	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
-+	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
- }
- 
- /*

diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild
deleted file mode 100644
index 8431b518c94..00000000000
--- a/net-nds/rpcbind/rpcbind-0.2.4-r3.ebuild
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit eutils systemd
-
-if [[ ${PV} == "9999" ]] ; then
-	EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
-	inherit autotools git-r3
-else
-	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-	KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86"
-fi
-
-DESCRIPTION="portmap replacement which supports RPC over various protocols"
-HOMEPAGE="https://sourceforge.net/projects/rpcbind/"
-
-LICENSE="BSD"
-SLOT="0"
-IUSE="debug selinux systemd tcpd warmstarts"
-REQUIRED_USE="systemd? ( warmstarts )"
-
-CDEPEND=">=net-libs/libtirpc-1.0:=
-	systemd? ( sys-apps/systemd:= )
-	tcpd? ( sys-apps/tcp-wrappers )"
-DEPEND="${CDEPEND}
-	virtual/pkgconfig"
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-rpcbind )"
-
-PATCHES=(
-	"${FILESDIR}/${P}-CVE-2017-8779.patch"
-)
-
-src_prepare() {
-	[[ ${PV} == "9999" ]] && eautoreconf
-	epatch "${PATCHES[@]}"
-	epatch_user
-}
-
-src_configure() {
-	econf \
-		--bindir="${EPREFIX}"/sbin \
-		--with-statedir="${EPREFIX}"/run/${PN} \
-		--with-rpcuser=root \
-		--with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \
-		$(use_enable tcpd libwrap) \
-		$(use_enable debug) \
-		$(use_enable warmstarts)
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/${PN}.initd ${PN}
-	newconfd "${FILESDIR}"/${PN}.confd ${PN}
-}