From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 2436315808B for ; Sat, 17 Feb 2024 05:30:44 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B7A9AE2A77; Sat, 17 Feb 2024 05:30:42 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 96ACEE2A77 for ; Sat, 17 Feb 2024 05:30:42 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 972B133F9FD for ; Sat, 17 Feb 2024 05:30:41 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 0A1EA1301 for ; Sat, 17 Feb 2024 05:30:40 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1708147707.df46d37f10f7144857c0d723bced3c79cb0684a6.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/dhcpcd/, net-misc/dhcpcd/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch X-VCS-Directories: net-misc/dhcpcd/files/ net-misc/dhcpcd/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: df46d37f10f7144857c0d723bced3c79cb0684a6 X-VCS-Branch: master Date: Sat, 17 Feb 2024 05:30:40 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: a3556521-5a03-404a-b6a3-93df1b563b1f X-Archives-Hash: 2cade7fe4ff050f734d4fe8dc596fe8b commit: df46d37f10f7144857c0d723bced3c79cb0684a6 Author: Sam James gentoo org> AuthorDate: Sat Feb 17 05:28:27 2024 +0000 Commit: Sam James gentoo org> CommitDate: Sat Feb 17 05:28:27 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df46d37f net-misc/dhcpcd: backport crash fix ("every 5 days") Signed-off-by: Sam James gentoo.org> net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild | 170 ++++++++++++++++++++++++ net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch | 46 +++++++ 2 files changed, 216 insertions(+) diff --git a/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild b/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild new file mode 100644 index 000000000000..8ccbe2c41a96 --- /dev/null +++ b/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild @@ -0,0 +1,170 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit systemd toolchain-funcs + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/NetworkConfiguration/dhcpcd.git" +else + MY_P="${P/_alpha/-alpha}" + MY_P="${MY_P/_beta/-beta}" + MY_P="${MY_P/_rc/-rc}" + SRC_URI="https://github.com/NetworkConfiguration/dhcpcd/releases/download/v${PV}/${MY_P}.tar.xz" + S="${WORKDIR}/${MY_P}" + + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +fi + +DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client" +HOMEPAGE="https://github.com/NetworkConfiguration/dhcpcd/ https://roy.marples.name/projects/dhcpcd/" + +LICENSE="BSD-2 BSD ISC MIT" +SLOT="0" +IUSE="debug +embedded ipv6 privsep +udev" + +DEPEND="udev? ( virtual/udev )" +RDEPEND=" + ${DEPEND} + privsep? ( + acct-group/dhcpcd + acct-user/dhcpcd + ) +" + +QA_CONFIG_IMPL_DECL_SKIP=( + # These don't exist on Linux/glibc (bug #900264) + memset_explicit + memset_s + setproctitle + strtoi + consttime_memequal + SHA256_Init + hmac +) + +PATCHES=( + "${FILESDIR}"/${PN}-10.0.6-rebinding.patch + "${FILESDIR}"/${PN}-10.0.6-crash.patch +) + +src_configure() { + local myeconfargs=( + --dbdir="${EPREFIX}/var/lib/dhcpcd" + --libexecdir="${EPREFIX}/lib/dhcpcd" + --localstatedir="${EPREFIX}/var" + --prefix="${EPREFIX}" + --with-hook=ntp.conf + $(use_enable debug) + $(use_enable embedded) + $(use_enable ipv6) + $(use_enable privsep) + $(usex elibc_glibc '--with-hook=yp.conf' '') + --rundir=$(usex kernel_linux "${EPREFIX}/run/dhcpcd" "${EPREFIX}/var/run/dhcpcd") + $(usex privsep '--privsepuser=dhcpcd' '') + $(usex udev '' '--without-dev --without-udev') + CC="$(tc-getCC)" + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + keepdir /var/lib/dhcpcd + newinitd "${FILESDIR}"/dhcpcd.initd-r1 dhcpcd + systemd_newunit "${FILESDIR}"/dhcpcd.service-r1 dhcpcd.service +} + +pkg_postinst() { + local dbdir="${EROOT}"/var/lib/dhcpcd old_files=() + + local old_old_duid="${EROOT}"/var/lib/dhcpcd/dhcpcd.duid + local old_duid="${EROOT}"/etc/dhcpcd.duid + local new_duid="${dbdir}"/duid + if [[ -e "${old_old_duid}" ]] ; then + # Upgrade the duid file to the new format if needed + if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then + sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}" + fi + + # Move the duid to /etc, a more sensible location + if [[ ! -e "${old_duid}" ]] ; then + cp -p "${old_old_duid}" "${new_duid}" + fi + old_files+=( "${old_old_duid}" ) + fi + + # dhcpcd-7 moves the files out of /etc + if [[ -e "${old_duid}" ]] ; then + if [[ ! -e "${new_duid}" ]] ; then + cp -p "${old_duid}" "${new_duid}" + fi + old_files+=( "${old_duid}" ) + fi + local old_secret="${EROOT}"/etc/dhcpcd.secret + local new_secret="${dbdir}"/secret + if [[ -e "${old_secret}" ]] ; then + if [[ ! -e "${new_secret}" ]] ; then + cp -p "${old_secret}" "${new_secret}" + fi + old_files+=( "${old_secret}" ) + fi + + # dhcpcd-7 renames some files in /var/lib/dhcpcd + local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic + local new_rdm="${dbdir}"/rdm_monotonic + if [[ -e "${old_rdm}" ]] ; then + if [[ ! -e "${new_rdm}" ]] ; then + cp -p "${old_rdm}" "${new_rdm}" + fi + old_files+=( "${old_rdm}" ) + fi + local lease= + for lease in "${dbdir}"/dhcpcd-*.lease*; do + [[ -f "${lease}" ]] || continue + old_files+=( "${lease}" ) + local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//") + [[ -e "${dbdir}/${new_lease}" ]] && continue + cp "${lease}" "${dbdir}/${new_lease}" + done + + # Warn about removing stale files + if [[ -n "${old_files[@]}" ]] ; then + elog + elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from" + elog "${EROOT}/etc to ${dbdir}" + elog "and copied leases in ${dbdir} to new files with the dhcpcd-" + elog "prefix dropped." + elog + elog "You should remove these files if you don't plan on reverting" + elog "to an older version:" + local old_file= + for old_file in ${old_files[@]}; do + elog " ${old_file}" + done + fi + + if [ -z "${REPLACING_VERSIONS}" ]; then + elog + elog "dhcpcd has zeroconf support active by default." + elog "This means it will always obtain an IP address even if no" + elog "DHCP server can be contacted, which will break any existing" + elog "failover support you may have configured in your net configuration." + elog "This behaviour can be controlled with the noipv4ll configuration" + elog "file option or the -L command line switch." + elog "See the dhcpcd and dhcpcd.conf man pages for more details." + + elog + elog "Dhcpcd has duid enabled by default, and this may cause issues" + elog "with some dhcp servers. For more information, see" + elog "https://bugs.gentoo.org/show_bug.cgi?id=477356" + fi + + if ! has_version net-dns/bind-tools; then + elog + elog "If you activate the lookup-hostname hook to look up your hostname" + elog "using the dns, you need to install net-dns/bind-tools." + fi +} diff --git a/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch b/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch new file mode 100644 index 000000000000..5b61e3ca37ef --- /dev/null +++ b/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch @@ -0,0 +1,46 @@ +https://github.com/NetworkConfiguration/dhcpcd/issues/179 +https://github.com/NetworkConfiguration/dhcpcd/issues/283 +https://bugzilla.redhat.com/2262996 +https://github.com/NetworkConfiguration/dhcpcd/commit/727c78f503d456875e2a3cee7609288b537d9d25 + +From 727c78f503d456875e2a3cee7609288b537d9d25 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Fri, 16 Feb 2024 17:15:35 +0100 +Subject: [PATCH] Move dhcp(v4) packet size check earlier (#295) + +dhcp_handlebootp handled zero sized packets correctly, but +dhcp_redirect_dhcp did not have such protection. Move size check before +both of them. Size when called from dhcp_packet is checked by +is_packet_udp_bootp call. Only dhcp_recvmsg needs earlier checking to be +added. + +Fixes #283 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -3532,12 +3532,6 @@ dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len, + { + size_t v; + +- if (len < offsetof(struct bootp, vend)) { +- logerrx("%s: truncated packet (%zu) from %s", +- ifp->name, len, inet_ntoa(*from)); +- return; +- } +- + /* Unlikely, but appeases sanitizers. */ + if (len > FRAMELEN_MAX) { + logerrx("%s: packet exceeded frame length (%zu) from %s", +@@ -3670,6 +3664,13 @@ dhcp_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg) + logerr(__func__); + return; + } ++ ++ if (iov->iov_len < offsetof(struct bootp, vend)) { ++ logerrx("%s: truncated packet (%zu) from %s", ++ ifp->name, iov->iov_len, inet_ntoa(from->sin_addr)); ++ return; ++ } ++ + state = D_CSTATE(ifp); + if (state == NULL) { + /* Try re-directing it to another interface. */