1*c2c66affSColin Finck2008-11-19 Steve Dickson <steved@redhat.com> 2*c2c66affSColin Finck 3*c2c66affSColin Finck * Version 0.1.10 released. 4*c2c66affSColin Finck 5*c2c66affSColin Finckcommit 32ec5931e3debf208972d5146578f08dc113a9b6 6*c2c66affSColin FinckMerge: 338af7f... 92cf0dd... 7*c2c66affSColin FinckAuthor: Steve Dickson <steved@redhat.com> 8*c2c66affSColin FinckDate: Mon Nov 17 12:26:22 2008 -0500 9*c2c66affSColin Finck 10*c2c66affSColin Finck Merge branch 'master' of git://git.infradead.org/~steved/libtirpc 11*c2c66affSColin Finck 12*c2c66affSColin Finckcommit 92cf0dde310ca341a2f29ff66b19eeb9994a649a 13*c2c66affSColin FinckAuthor: Ian Kent <ikent@redhat.com> 14*c2c66affSColin FinckDate: Tue Oct 28 11:19:07 2008 -0400 15*c2c66affSColin Finck 16*c2c66affSColin Finck Fixed a warings the IPV6 client routines 17*c2c66affSColin Finck 18*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 19*c2c66affSColin Finck 20*c2c66affSColin Finckcommit 338af7f9f00e096b65a6d823f885c4eeaf1d1f8c 21*c2c66affSColin FinckAuthor: Steve Dickson <steved@redhat.com> 22*c2c66affSColin FinckDate: Mon Oct 27 12:46:54 2008 -0400 23*c2c66affSColin Finck 24*c2c66affSColin Finck __rpc_taddr2uaddr_af() assumes the netbuf to always have a 25*c2c66affSColin Finck non-zero data. This is a bad assumption and can lead to a 26*c2c66affSColin Finck seg-fault. This patch adds a check for zero length and returns 27*c2c66affSColin Finck NULL when found. 28*c2c66affSColin Finck 29*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 30*c2c66affSColin Finck 31*c2c66affSColin Finckcommit d9a5ae7079d001a9e3b9b384f9153f591a7158bd 32*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 33*c2c66affSColin FinckDate: Tue Sep 30 15:10:43 2008 -0400 34*c2c66affSColin Finck 35*c2c66affSColin Finck Fix __rpc_getconfip 36*c2c66affSColin Finck 37*c2c66affSColin Finck __rpc_getconfip is supposed to return the first netconf 38*c2c66affSColin Finck entry supporting tcp or udp, respectively. The code will 39*c2c66affSColin Finck currently return the *last* entry, plus it will leak 40*c2c66affSColin Finck memory when there is more than one such entry. 41*c2c66affSColin Finck 42*c2c66affSColin Finck This patch fixes this issue. 43*c2c66affSColin Finck 44*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 45*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 46*c2c66affSColin Finck 47*c2c66affSColin Finckcommit 6c487efe74adb5c29f7bee5bd51b3ebef4968f7d 48*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 49*c2c66affSColin FinckDate: Tue Sep 30 15:09:06 2008 -0400 50*c2c66affSColin Finck 51*c2c66affSColin Finck Fix getpeereid 52*c2c66affSColin Finck 53*c2c66affSColin Finck getpeereid fails because it uses an incorrect getsockopt call to obtain 54*c2c66affSColin Finck the peer credentials on a AF_LOCAL socket. This in turn will cause all 55*c2c66affSColin Finck RPC services to be registered with rpcbind to show up as having been 56*c2c66affSColin Finck registered by "unknown". 57*c2c66affSColin Finck 58*c2c66affSColin Finck This has a serious impact on security - a service owned by "unknown" 59*c2c66affSColin Finck can essentially be unregistered (and thus replaced) by anyone. 60*c2c66affSColin Finck 61*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 62*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 63*c2c66affSColin Finck 64*c2c66affSColin Finckcommit 851b0f5c6dca22d634603f03f0a5e3e35c6db867 65*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 66*c2c66affSColin FinckDate: Tue Sep 30 15:08:07 2008 -0400 67*c2c66affSColin Finck 68*c2c66affSColin Finck svc_getcaller_netbuf macro seems broken 69*c2c66affSColin Finck 70*c2c66affSColin Finck I haven't found any documentation, but the comment in the header 71*c2c66affSColin Finck file seems to suggest that svc_getcaller_netbuf should return the 72*c2c66affSColin Finck xp_rtaddr netbuf. Returning the address of the socket descripor 73*c2c66affSColin Finck seems to be wrong at any rate. 74*c2c66affSColin Finck 75*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 76*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 77*c2c66affSColin Finck 78*c2c66affSColin Finckcommit d94b92d5125242ce595c1baf42a1e6d1004b7756 79*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 80*c2c66affSColin FinckDate: Tue Sep 30 15:06:54 2008 -0400 81*c2c66affSColin Finck 82*c2c66affSColin Finck Introduce __rpc_set_netbuf helper 83*c2c66affSColin Finck 84*c2c66affSColin Finck The RPC code contains a number of places where a netbuf 85*c2c66affSColin Finck is initialized with some data. All the mem_alloc/memcpy 86*c2c66affSColin Finck stuff is open-coded. Introduce a helper function and 87*c2c66affSColin Finck convert the code. 88*c2c66affSColin Finck 89*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 90*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 91*c2c66affSColin Finck 92*c2c66affSColin Finckcommit da5f9861ea3bae59c8eead26d38334721caa9f0a 93*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 94*c2c66affSColin FinckDate: Tue Sep 30 15:05:20 2008 -0400 95*c2c66affSColin Finck 96*c2c66affSColin Finck Kill map_ipv4_to_ipv6 97*c2c66affSColin Finck 98*c2c66affSColin Finck After the change to svc_vc.c performed in the previous patch, 99*c2c66affSColin Finck this function is no longer needed. 100*c2c66affSColin Finck 101*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 102*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 103*c2c66affSColin Finck 104*c2c66affSColin Finckcommit 59c374c4b507aeca957ed0096d98006edf601375 105*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 106*c2c66affSColin FinckDate: Tue Sep 30 15:04:17 2008 -0400 107*c2c66affSColin Finck 108*c2c66affSColin Finck Fix xp_raddr handling in svc_fd_create etc 109*c2c66affSColin Finck 110*c2c66affSColin Finck Currently svc_fd_create tries to do some clever tricks 111*c2c66affSColin Finck with IPv4/v6 address mapping. 112*c2c66affSColin Finck 113*c2c66affSColin Finck This is broken for several reasons. 114*c2c66affSColin Finck 1. We don't want IPv4 based transport to look like IPv6 115*c2c66affSColin Finck transports. Old applications compiled against tirpc 116*c2c66affSColin Finck will expect AF_INET addresses, and are not equipped 117*c2c66affSColin Finck to deal with AF_INET6. 118*c2c66affSColin Finck 2. There's a buffer overflow. 119*c2c66affSColin Finck memcpy(&sin6, &ss, sizeof(ss)); 120*c2c66affSColin Finck copies a full struct sockaddr to a sockaddr_in6 on 121*c2c66affSColin Finck the stack. Unlikely to be exploitable, but I wonder 122*c2c66affSColin Finck if this ever worked.... 123*c2c66affSColin Finck 124*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 125*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 126*c2c66affSColin Finck 127*c2c66affSColin Finckcommit 628788c1cc84c86ee4cb36ee5d4fe8954e90fca5 128*c2c66affSColin FinckAuthor: Steve Dickson <steved@redhat.com> 129*c2c66affSColin FinckDate: Tue Sep 16 11:32:31 2008 -0400 130*c2c66affSColin Finck 131*c2c66affSColin Finck - Fixed version-info in src/Makefile.am to reflect the correct version 132*c2c66affSColin Finck - Fixed some of warnings in: src/auth_time.c, src/clnt_dg.c and 133*c2c66affSColin Finck src/clnt_raw.c 134*c2c66affSColin Finck - Added some #ifdef NOTUSED around some code in src/rpbc_clnt.c 135*c2c66affSColin Finck that was not being used... 136*c2c66affSColin Finck 137*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 138*c2c66affSColin Finck 139*c2c66affSColin Finckcommit 9e7ba0c7a02031294fefadfbca42b3dd5f2d841f 140*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 141*c2c66affSColin FinckDate: Tue Sep 16 08:46:29 2008 -0400 142*c2c66affSColin Finck 143*c2c66affSColin Finck Fix for taddr2addr conversion bug of local addresses 144*c2c66affSColin Finck 145*c2c66affSColin Finck When converting af_local socket addresses in taddr2uaddr, an incorrect 146*c2c66affSColin Finck sizeof() would result in a truncated path string. As a result, 147*c2c66affSColin Finck rpcbind will report the local /var/lib/rpcbind address to clients 148*c2c66affSColin Finck as "/v" on a 32bit machine. 149*c2c66affSColin Finck 150*c2c66affSColin Finck Signed-off-by: okir@suse.de 151*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 152*c2c66affSColin Finck 153*c2c66affSColin Finckcommit ea9f048761d0b9a2ab6310bffa07351f0b04d8c5 154*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 155*c2c66affSColin FinckDate: Tue Sep 2 12:11:15 2008 -0400 156*c2c66affSColin Finck 157*c2c66affSColin Finck Always make IPv6 sockets V6ONLY 158*c2c66affSColin Finck 159*c2c66affSColin Finck Assume you have a netconfig file looking like this: 160*c2c66affSColin Finck 161*c2c66affSColin Finck udp tpi_clts v inet udp - - 162*c2c66affSColin Finck udp6 tpi_clts v inet6 udp - - 163*c2c66affSColin Finck ... 164*c2c66affSColin Finck 165*c2c66affSColin Finck a call to svc_tli_create(... &someaddr, "udp") will fail to create an 166*c2c66affSColin Finck IPv6 server socket. The problem is that on Linux, passive IPv6 sockets 167*c2c66affSColin Finck will also accept packets/connections from IPv4, and will simply map 168*c2c66affSColin Finck the sender's address to an IPv6 mapped IPv4 address. So if you want to 169*c2c66affSColin Finck bind both a UDPv4 and UDPv6 socket to the same port, this will fail with 170*c2c66affSColin Finck EADDRINUSE. 171*c2c66affSColin Finck 172*c2c66affSColin Finck The way to avoid this behavior is to change the socket to V6ONLY, 173*c2c66affSColin Finck which tells the kernel to avoid the autmatic mapping. 174*c2c66affSColin Finck 175*c2c66affSColin Finck The change proposed in the patch below does this. I *think* this is 176*c2c66affSColin Finck a good place to do this, as it will also fix applications that do not 177*c2c66affSColin Finck use svc_tli_create() - such as rpcbind, which creates the sockets on 178*c2c66affSColin Finck its own using __rpc_nconf2fd. 179*c2c66affSColin Finck 180*c2c66affSColin Finck I think this also improves portability, as BSD code assumes BSD 181*c2c66affSColin Finck behavior, where this mapping does not occur either. 182*c2c66affSColin Finck 183*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 184*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 185*c2c66affSColin Finck 186*c2c66affSColin Finckcommit 95c8f7227e6b15f2e430d7b87dadc95b2acd4a61 187*c2c66affSColin FinckAuthor: Olaf Kirch <okir@suse.de> 188*c2c66affSColin FinckDate: Tue Sep 2 12:09:39 2008 -0400 189*c2c66affSColin Finck 190*c2c66affSColin Finck Fix incorrect sizeof() in __rpc_getbroadifs 191*c2c66affSColin Finck 192*c2c66affSColin Finck __rpc_getbroadifs returns bad broadcast addresses on 32bit 193*c2c66affSColin Finck machines because when copying the broadcast addresses, ite 194*c2c66affSColin Finck applies the sizeof() operator to a pointer to a sockaddr, 195*c2c66affSColin Finck rather than the sockaddr itself. 196*c2c66affSColin Finck 197*c2c66affSColin Finck Signed-off-by: Olaf Kirch <okir@suse.de> 198*c2c66affSColin Finck Signed-off-by: Steve Dickson <steved@redhat.com> 199*c2c66affSColin Finck 200*c2c66affSColin Finck2004-10-13 Antoine Fraticelli <antoine.fraticellie@bull.net> 201*c2c66affSColin Finck 202*c2c66affSColin Finck * Version 0.1 released. 203*c2c66affSColin Finck 204*c2c66affSColin Finck2005-01-07 Gilles Quillard <Gilles.Quillard@bull.net> 205*c2c66affSColin Finck 206*c2c66affSColin Finck * Version 0.1.5 Fix problems links to the use of Kerberos. 207