rpcbind: 0.2.3 -> 0.2.4

Drop obsolete patch - 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch Drop backport patches: - 0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch - cve-2015-7236.patch (From OE-Core rev: 6d65a58f5c062b503ab41b38fb2e74df71a9a8c6) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Hongxu Jia <hongxu.jia@windriver.com> 2017-02-07 00:37:22 -0500
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-02-15 20:06:42 -0800
commit: 3026b4cdd98daf667ca5996ed43c1fcf98cb1cfe (patch)
tree: 107357bf984bed234bbfac16bf137a9820c3ebb8
parent: 1831b720c2b939bd2b3c0841c797b39ff8f5493c (diff)
download: poky-3026b4cdd98daf667ca5996ed43c1fcf98cb1cfe.tar.gz
4 files changed, 2 insertions, 353 deletions
diff --git a/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch b/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
deleted file mode 100644
index eeef9f152f..0000000000
--- a/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
+++ /dev/null
@@ -1,221 +0,0 @@
-From 2a44d862233f2126581e290d568e1c8b8f2eb9f5 Mon Sep 17 00:00:00 2001
-From: Carlo Landmeter <clandmeter@gmail.com>
-Date: Thu, 19 Feb 2015 15:28:45 +0000
-Subject: [PATCH] Avoid use of glibc sys/cdefs.h header
-Upstream-Status: Pending
---
- src/check_bound.c  |    2 +-
- src/pmap_svc.c     |   10 +++++-----
- src/rpcb_svc.c     |   10 +++++-----
- src/rpcb_svc_4.c   |   14 +++++++-------
- src/rpcb_svc_com.c |   46 +++++++++++++++++++++++-----------------------
- src/rpcbind.c      |   12 ++++++------
- src/util.c         |    2 +-
- src/warmstart.c    |    4 ++--
- 8 files changed, 50 insertions(+), 50 deletions(-)
-diff --git a/src/check_bound.c b/src/check_bound.c
-index c70b845..5d21730 100644
--- a/src/check_bound.c
-+++ b/src/check_bound.c
-@@ -70,7 +70,7 @@ static struct fdlist *fdhead; /* Link list of the check fd's */
- static struct fdlist *fdtail;
- static char *nullstring = "";
- 
-static bool_t check_bound __P((struct fdlist *, char *uaddr));
-+static bool_t check_bound (struct fdlist *, char *uaddr);
- 
- /*
-  * Returns 1 if the given address is bound for the given addr & transport
-diff --git a/src/pmap_svc.c b/src/pmap_svc.c
-index ad28b93..9c7d409 100644
--- a/src/pmap_svc.c
-+++ b/src/pmap_svc.c
-@@ -60,11 +60,11 @@ static      char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro";
- #include "rpcbind.h"
- #include "xlog.h"
- #include <rpc/svc_soc.h> /* svc_getcaller routine definition */
-static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t,
-                                              rpcprot_t));
-static bool_t pmapproc_change __P((struct svc_req *, SVCXPRT *, u_long));
-static bool_t pmapproc_getport __P((struct svc_req *, SVCXPRT *));
-static bool_t pmapproc_dump __P((struct svc_req *, SVCXPRT *));
-+static struct pmaplist *find_service_pmap (rpcprog_t, rpcvers_t,
-+                                              rpcprot_t);
-+static bool_t pmapproc_change (struct svc_req *, SVCXPRT *, u_long);
-+static bool_t pmapproc_getport (struct svc_req *, SVCXPRT *);
-+static bool_t pmapproc_dump (struct svc_req *, SVCXPRT *);
- 
- /*
-  * Called for all the version 2 inquiries.
-diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
-index bd92201..6c7f7fe 100644
--- a/src/rpcb_svc.c
-+++ b/src/rpcb_svc.c
-@@ -53,10 +53,10 @@
- #include "rpcbind.h"
- #include "xlog.h"
- 
-static void *rpcbproc_getaddr_3_local __P((void *, struct svc_req *, SVCXPRT *,
-                                          rpcvers_t));
-static void *rpcbproc_dump_3_local __P((void *, struct svc_req *, SVCXPRT *,
-                                       rpcvers_t));
-+static void *rpcbproc_getaddr_3_local (void *, struct svc_req *, SVCXPRT *,
-+                                          rpcvers_t);
-+static void *rpcbproc_dump_3_local (void *, struct svc_req *, SVCXPRT *,
-+                                       rpcvers_t);
- 
- /*
-  * Called by svc_getreqset. There is a separate server handle for
-@@ -75,7 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
-        } argument;
-        char *result;
-        xdrproc_t xdr_argument, xdr_result;
-       void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
-+       void *(*local) (void *, struct svc_req *, SVCXPRT *, rpcvers_t);
-        rpcprog_t setprog = 0;
- 
-        rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc);
-diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
-index b673452..6764c0a 100644
--- a/src/rpcb_svc_4.c
-+++ b/src/rpcb_svc_4.c
-@@ -54,13 +54,13 @@
- #include "rpcbind.h"
- #include "xlog.h"
- 
-static void *rpcbproc_getaddr_4_local __P((void *, struct svc_req *, SVCXPRT *,
-                                     rpcvers_t));
-static void *rpcbproc_getversaddr_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
-+static void *rpcbproc_getaddr_4_local (void *, struct svc_req *, SVCXPRT *,
-+                                     rpcvers_t);
-+static void *rpcbproc_getversaddr_4_local (void *, struct svc_req *, SVCXPRT *, rpcvers_t);
- static void *rpcbproc_getaddrlist_4_local
-       __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
-static void free_rpcb_entry_list __P((rpcb_entry_list_ptr *));
-static void *rpcbproc_dump_4_local __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
-+       (void *, struct svc_req *, SVCXPRT *, rpcvers_t);
-+static void free_rpcb_entry_list (rpcb_entry_list_ptr *);
-+static void *rpcbproc_dump_4_local (void *, struct svc_req *, SVCXPRT *, rpcvers_t);
- 
- /*
-  * Called by svc_getreqset. There is a separate server handle for
-@@ -78,7 +78,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
-        } argument;
-        char *result;
-        xdrproc_t xdr_argument, xdr_result;
-       void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t));
-+       void *(*local) (void *, struct svc_req *, SVCXPRT *, rpcvers_t);
-        rpcprog_t setprog = 0;
- 
-        rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index ff9ce6b..8aef9e5 100644
--- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -100,29 +100,29 @@ struct finfo {
- static struct finfo     FINFO[NFORWARD];
- 
- 
-static bool_t xdr_encap_parms __P((XDR *, struct encap_parms *));
-static bool_t xdr_rmtcall_args __P((XDR *, struct r_rmtcall_args *));
-static bool_t xdr_rmtcall_result __P((XDR *, struct r_rmtcall_args *));
-static bool_t xdr_opaque_parms __P((XDR *, struct r_rmtcall_args *));
-static int find_rmtcallfd_by_netid __P((char *));
-static SVCXPRT *find_rmtcallxprt_by_fd __P((int));
-static int forward_register __P((u_int32_t, struct netbuf *, int, char *,
-    rpcproc_t, rpcvers_t, u_int32_t *));
-static struct finfo *forward_find __P((u_int32_t));
-static int free_slot_by_xid __P((u_int32_t));
-static int free_slot_by_index __P((int));
-static int netbufcmp __P((struct netbuf *, struct netbuf *));
-static struct netbuf *netbufdup __P((struct netbuf *));
-static void netbuffree __P((struct netbuf *));
-static int check_rmtcalls __P((struct pollfd *, int));
-static void xprt_set_caller __P((SVCXPRT *, struct finfo *));
-static void send_svcsyserr __P((SVCXPRT *, struct finfo *));
-static void handle_reply __P((int, SVCXPRT *));
-static void find_versions __P((rpcprog_t, char *, rpcvers_t *, rpcvers_t *));
-static rpcblist_ptr find_service __P((rpcprog_t, rpcvers_t, char *));
-static char *getowner __P((SVCXPRT *, char *, size_t));
-static int add_pmaplist __P((RPCB *));
-static int del_pmaplist __P((RPCB *));
-+static bool_t xdr_encap_parms (XDR *, struct encap_parms *);
-+static bool_t xdr_rmtcall_args (XDR *, struct r_rmtcall_args *);
-+static bool_t xdr_rmtcall_result (XDR *, struct r_rmtcall_args *);
-+static bool_t xdr_opaque_parms (XDR *, struct r_rmtcall_args *);
-+static int find_rmtcallfd_by_netid (char *);
-+static SVCXPRT *find_rmtcallxprt_by_fd (int);
-+static int forward_register (u_int32_t, struct netbuf *, int, char *,
-+    rpcproc_t, rpcvers_t, u_int32_t *);
-+static struct finfo *forward_find (u_int32_t);
-+static int free_slot_by_xid (u_int32_t);
-+static int free_slot_by_index (int);
-+static int netbufcmp (struct netbuf *, struct netbuf *);
-+static struct netbuf *netbufdup (struct netbuf *);
-+static void netbuffree (struct netbuf *);
-+static int check_rmtcalls (struct pollfd *, int);
-+static void xprt_set_caller (SVCXPRT *, struct finfo *);
-+static void send_svcsyserr (SVCXPRT *, struct finfo *);
-+static void handle_reply (int, SVCXPRT *);
-+static void find_versions (rpcprog_t, char *, rpcvers_t *, rpcvers_t *);
-+static rpcblist_ptr find_service (rpcprog_t, rpcvers_t, char *);
-+static char *getowner (SVCXPRT *, char *, size_t);
-+static int add_pmaplist (RPCB *);
-+static int del_pmaplist (RPCB *);
- 
- /*
-  * Set a mapping of program, version, netid
-diff --git a/src/rpcbind.c b/src/rpcbind.c
-index 045daa1..137011b 100644
--- a/src/rpcbind.c
-+++ b/src/rpcbind.c
-@@ -135,13 +135,13 @@ char *tcp_uaddr;  /* Universal TCP address */
- static char servname[] = "rpcbind";
- static char superuser[] = "superuser";
- 
-int main __P((int, char *[]));
-+int main (int, char *[]);
- 
-static int init_transport __P((struct netconfig *));
-static void rbllist_add __P((rpcprog_t, rpcvers_t, struct netconfig *,
-                            struct netbuf *));
-static void terminate __P((int));
-static void parseargs __P((int, char *[]));
-+static int init_transport (struct netconfig *);
-+static void rbllist_add (rpcprog_t, rpcvers_t, struct netconfig *,
-+                            struct netbuf *);
-+static void terminate (int);
-+static void parseargs (int, char *[]);
- 
- int
- main(int argc, char *argv[])
-diff --git a/src/util.c b/src/util.c
-index a6c835b..33b9e4f 100644
--- a/src/util.c
-+++ b/src/util.c
-@@ -70,7 +70,7 @@ static struct sockaddr_in *local_in4;
- static struct sockaddr_in6 *local_in6;
- #endif
- 
-static int bitmaskcmp __P((void *, void *, void *, int));
-+static int bitmaskcmp (void *, void *, void *, int);
- 
- /*
-  * For all bits set in "mask", compare the corresponding bits in
-diff --git a/src/warmstart.c b/src/warmstart.c
-index b6eb73e..42dd3af 100644
--- a/src/warmstart.c
-+++ b/src/warmstart.c
-@@ -58,8 +58,8 @@
- #define        PMAPFILE        RPCBIND_STATEDIR "/portmap.xdr"
- #endif
- 
-static bool_t write_struct __P((char *, xdrproc_t, void *));
-static bool_t read_struct __P((char *, xdrproc_t, void *));
-+static bool_t write_struct (char *, xdrproc_t, void *);
-+static bool_t read_struct (char *, xdrproc_t, void *);
- 
- static bool_t
- write_struct(char *filename, xdrproc_t structproc, void *list)
diff --git a/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
deleted file mode 100644
index 16b763ef0d..0000000000
--- a/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Mon, 2 Nov 2015 17:05:18 -0500
-Subject: [PATCH] handle_reply: Don't use the xp_auth pointer directly
-In the latest libtirpc version to access the xp_auth
-one must use the SVC_XP_AUTH macro. To be backwards
-compatible a couple ifdefs were added to use the
-macro when it exists.
-Upstream-Status: Backport
-Signed-off-by: Steve Dickson <steved@redhat.com>
-Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
- src/rpcb_svc_com.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 4ae93f1..22d6c84 100644
--- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
-        a.rmt_localvers = fi->versnum;
- 
-        xprt_set_caller(xprt, fi);
-+#if defined(SVC_XP_AUTH)
-+       SVC_XP_AUTH(xprt) = svc_auth_none;
-+#else 
-        xprt->xp_auth = &svc_auth_none;
-+#endif
-        svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
-+#if !defined(SVC_XP_AUTH)
-        SVCAUTH_DESTROY(xprt->xp_auth);
-        xprt->xp_auth = NULL;
-+#endif
-+
- done:
-        if (buffer)
-                free(buffer);
-- 
-2.4.0
diff --git a/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch b/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch
deleted file mode 100644
index 741a99035c..0000000000
--- a/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-commit 06f7ebb1dade2f0dbf872ea2bedf17cff4734bdd
-Author: Olaf Kirch <okir@...e.de>
-Date:   Thu Aug 6 16:27:20 2015 +0200
-    Fix memory corruption in PMAP_CALLIT code
-    
-     - A PMAP_CALLIT call comes in on IPv4 UDP
-     - rpcbind duplicates the caller's address to a netbuf and stores it in
-       FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
-       with a size of 16 bytes
-     - rpcbind forwards the call to the local service, receives a reply
-     - when processing the reply, it does this in xprt_set_caller:
-         xprt->xp_rtaddr = *FINFO[0].caller_addr
-       It sends out the reply, and then frees the netbuf caller_addr and
-       caller_addr.buf.
-       However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
-       to memory region A, which is free.
-     - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
-       be called, which will set xp_rtaddr to the client's address.
-       It will reuse the buffer inside xp_rtaddr, ie it will write a
-       sockaddr_in to region A
-    
-    Some time down the road, an incoming TCP connection is accepted,
-    allocating a fresh SVCXPRT. The memory region A is inside the
-    new SVCXPRT
-    
-     - While processing the TCP call, another UDP call comes in, again
-       overwriting region A with the client's address
-     - TCP client closes connection. In svc_destroy, we now trip over
-       the garbage left in region A
-    
-    We ran into the case where a commercial scanner was triggering
-    occasional rpcbind segfaults. The core file that was captured showed
-    a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
-    
-    Signed-off-by: Olaf Kirch <okir@...e.de>
-    Upstream-Status: Backport
-    CVE: CVE-2015-7236
-    Signed-off-by: Li Zhou <li.zhou@windriver.com>
---
- src/rpcb_svc_com.c |   23 ++++++++++++++++++++++-
- 1 file changed, 22 insertions(+), 1 deletion(-)
-Index: rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
-===================================================================
--- rpcbind-0.1.6+git20080930.orig/src/rpcb_svc_com.c
-+++ rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
-@@ -1298,12 +1298,33 @@ check_rmtcalls(struct pollfd *pfds, int
-        return (ncallbacks_found);
- }
- 
-+/*
-+ * This is really a helper function defined in libtirpc, but unfortunately, it hasn't
-+ * been exported yet.
-+ */
-+static struct netbuf *
-+__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
-+{
-+       if (nb->len != len) {
-+               if (nb->len)
-+                       mem_free(nb->buf, nb->len);
-+               nb->buf = mem_alloc(len);
-+               if (nb->buf == NULL)
-+                       return NULL;
-+
-+               nb->maxlen = nb->len = len;
-+       }
-+       memcpy(nb->buf, ptr, len);
-+       return nb;
-+}
-+
- static void
- xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
- {
-+       const struct netbuf *caller = fi->caller_addr;
-        u_int32_t *xidp;
- 
-       *(svc_getrpccaller(xprt)) = *(fi->caller_addr);
-+       __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
-        xidp = __rpcb_get_dg_xidp(xprt);
-        *xidp = fi->caller_xid;
- }
diff --git a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb b/meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb
index c19a1976a1..53cd59d833 100644
--- a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb
+++ b/meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb
@@ -12,23 +12,20 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b46486e4c4a416602693a711bb5bfa39 \
 SRC_URI = "${SOURCEFORGE_MIRROR}/rpcbind/rpcbind-${PV}.tar.bz2 \
           file://init.d \
-           file://0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch \
           file://remove-sys-queue.patch \
-           file://0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch \
           ${UCLIBCPATCHES} \
           ${MUSLPATCHES} \
           file://rpcbind.conf \
           file://rpcbind.socket \
           file://rpcbind.service \
-           file://cve-2015-7236.patch \
          "
 MUSLPATCHES_libc-musl = "file://musl-sunrpc.patch"
 UCLIBCPATCHES ?= ""
 MUSLPATCHES ?= ""
-SRC_URI[md5sum] = "c8875246b2688a1adfbd6ad43480278d"
+SRC_URI[md5sum] = "cf10cd41ed8228fc54c316191c1f07fe"
-SRC_URI[sha256sum] = "9897823a9d820ea011d9ea02054d5ab99469b9ca5346265fee380713c8fed27b"
+SRC_URI[sha256sum] = "074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66"
 inherit autotools update-rc.d systemd pkgconfig
author	Hongxu Jia <hongxu.jia@windriver.com>	2017-02-07 00:37:22 -0500
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-02-15 20:06:42 -0800
commit	3026b4cdd98daf667ca5996ed43c1fcf98cb1cfe (patch)
tree	107357bf984bed234bbfac16bf137a9820c3ebb8
parent	1831b720c2b939bd2b3c0841c797b39ff8f5493c (diff)
download	poky-3026b4cdd98daf667ca5996ed43c1fcf98cb1cfe.tar.gz

diff --git a/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch b/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch deleted file mode 100644 index eeef9f152f..0000000000 --- a/meta/recipes-extended/rpcbind/rpcbind/0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch +++ /dev/null
@@ -1,221 +0,0 @@
1	From 2a44d862233f2126581e290d568e1c8b8f2eb9f5 Mon Sep 17 00:00:00 2001
2	From: Carlo Landmeter <clandmeter@gmail.com>
3	Date: Thu, 19 Feb 2015 15:28:45 +0000
4	Subject: [PATCH] Avoid use of glibc sys/cdefs.h header
5
6	Upstream-Status: Pending
7	---
8	src/check_bound.c \| 2 +-
9	src/pmap_svc.c \| 10 +++++-----
10	src/rpcb_svc.c \| 10 +++++-----
11	src/rpcb_svc_4.c \| 14 +++++++-------
12	src/rpcb_svc_com.c \| 46 +++++++++++++++++++++++-----------------------
13	src/rpcbind.c \| 12 ++++++------
14	src/util.c \| 2 +-
15	src/warmstart.c \| 4 ++--
16	8 files changed, 50 insertions(+), 50 deletions(-)
17
18	diff --git a/src/check_bound.c b/src/check_bound.c
19	index c70b845..5d21730 100644
20	--- a/src/check_bound.c
21	+++ b/src/check_bound.c
22	@@ -70,7 +70,7 @@ static struct fdlist fdhead; / Link list of the check fd's */
23	static struct fdlist *fdtail;
24	static char *nullstring = "";
25
26	-static bool_t check_bound __P((struct fdlist , char uaddr));
27	+static bool_t check_bound (struct fdlist , char uaddr);
28
29	/*
30	* Returns 1 if the given address is bound for the given addr & transport
31	diff --git a/src/pmap_svc.c b/src/pmap_svc.c
32	index ad28b93..9c7d409 100644
33	--- a/src/pmap_svc.c
34	+++ b/src/pmap_svc.c
35	@@ -60,11 +60,11 @@ static char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro";
36	#include "rpcbind.h"
37	#include "xlog.h"
38	#include <rpc/svc_soc.h> /* svc_getcaller routine definition */
39	-static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t,
40	- rpcprot_t));
41	-static bool_t pmapproc_change __P((struct svc_req , SVCXPRT , u_long));
42	-static bool_t pmapproc_getport __P((struct svc_req , SVCXPRT ));
43	-static bool_t pmapproc_dump __P((struct svc_req , SVCXPRT ));
44	+static struct pmaplist *find_service_pmap (rpcprog_t, rpcvers_t,
45	+ rpcprot_t);
46	+static bool_t pmapproc_change (struct svc_req , SVCXPRT , u_long);
47	+static bool_t pmapproc_getport (struct svc_req , SVCXPRT );
48	+static bool_t pmapproc_dump (struct svc_req , SVCXPRT );
49
50	/*
51	* Called for all the version 2 inquiries.
52	diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
53	index bd92201..6c7f7fe 100644
54	--- a/src/rpcb_svc.c
55	+++ b/src/rpcb_svc.c
56	@@ -53,10 +53,10 @@
57	#include "rpcbind.h"
58	#include "xlog.h"
59
60	-static void rpcbproc_getaddr_3_local __P((void , struct svc_req , SVCXPRT ,
61	- rpcvers_t));
62	-static void rpcbproc_dump_3_local __P((void , struct svc_req , SVCXPRT ,
63	- rpcvers_t));
64	+static void rpcbproc_getaddr_3_local (void , struct svc_req , SVCXPRT ,
65	+ rpcvers_t);
66	+static void rpcbproc_dump_3_local (void , struct svc_req , SVCXPRT ,
67	+ rpcvers_t);
68
69	/*
70	* Called by svc_getreqset. There is a separate server handle for
71	@@ -75,7 +75,7 @@ rpcb_service_3(struct svc_req rqstp, SVCXPRT transp)
72	} argument;
73	char *result;
74	xdrproc_t xdr_argument, xdr_result;
75	- void (local) __P((void , struct svc_req , SVCXPRT *, rpcvers_t));
76	+ void (local) (void , struct svc_req , SVCXPRT *, rpcvers_t);
77	rpcprog_t setprog = 0;
78
79	rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc);
80	diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
81	index b673452..6764c0a 100644
82	--- a/src/rpcb_svc_4.c
83	+++ b/src/rpcb_svc_4.c
84	@@ -54,13 +54,13 @@
85	#include "rpcbind.h"
86	#include "xlog.h"
87
88	-static void rpcbproc_getaddr_4_local __P((void , struct svc_req , SVCXPRT ,
89	- rpcvers_t));
90	-static void rpcbproc_getversaddr_4_local __P((void , struct svc_req , SVCXPRT , rpcvers_t));
91	+static void rpcbproc_getaddr_4_local (void , struct svc_req , SVCXPRT ,
92	+ rpcvers_t);
93	+static void rpcbproc_getversaddr_4_local (void , struct svc_req , SVCXPRT , rpcvers_t);
94	static void *rpcbproc_getaddrlist_4_local
95	- __P((void , struct svc_req , SVCXPRT *, rpcvers_t));
96	-static void free_rpcb_entry_list __P((rpcb_entry_list_ptr *));
97	-static void rpcbproc_dump_4_local __P((void , struct svc_req , SVCXPRT , rpcvers_t));
98	+ (void , struct svc_req , SVCXPRT *, rpcvers_t);
99	+static void free_rpcb_entry_list (rpcb_entry_list_ptr *);
100	+static void rpcbproc_dump_4_local (void , struct svc_req , SVCXPRT , rpcvers_t);
101
102	/*
103	* Called by svc_getreqset. There is a separate server handle for
104	@@ -78,7 +78,7 @@ rpcb_service_4(struct svc_req rqstp, SVCXPRT transp)
105	} argument;
106	char *result;
107	xdrproc_t xdr_argument, xdr_result;
108	- void (local) __P((void , struct svc_req , SVCXPRT *, rpcvers_t));
109	+ void (local) (void , struct svc_req , SVCXPRT *, rpcvers_t);
110	rpcprog_t setprog = 0;
111
112	rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc);
113	diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
114	index ff9ce6b..8aef9e5 100644
115	--- a/src/rpcb_svc_com.c
116	+++ b/src/rpcb_svc_com.c
117	@@ -100,29 +100,29 @@ struct finfo {
118	static struct finfo FINFO[NFORWARD];
119
120
121	-static bool_t xdr_encap_parms __P((XDR , struct encap_parms ));
122	-static bool_t xdr_rmtcall_args __P((XDR , struct r_rmtcall_args ));
123	-static bool_t xdr_rmtcall_result __P((XDR , struct r_rmtcall_args ));
124	-static bool_t xdr_opaque_parms __P((XDR , struct r_rmtcall_args ));
125	-static int find_rmtcallfd_by_netid __P((char *));
126	-static SVCXPRT *find_rmtcallxprt_by_fd __P((int));
127	-static int forward_register __P((u_int32_t, struct netbuf , int, char ,
128	- rpcproc_t, rpcvers_t, u_int32_t *));
129	-static struct finfo *forward_find __P((u_int32_t));
130	-static int free_slot_by_xid __P((u_int32_t));
131	-static int free_slot_by_index __P((int));
132	-static int netbufcmp __P((struct netbuf , struct netbuf ));
133	-static struct netbuf netbufdup __P((struct netbuf ));
134	-static void netbuffree __P((struct netbuf *));
135	-static int check_rmtcalls __P((struct pollfd *, int));
136	-static void xprt_set_caller __P((SVCXPRT , struct finfo ));
137	-static void send_svcsyserr __P((SVCXPRT , struct finfo ));
138	-static void handle_reply __P((int, SVCXPRT *));
139	-static void find_versions __P((rpcprog_t, char , rpcvers_t , rpcvers_t *));
140	-static rpcblist_ptr find_service __P((rpcprog_t, rpcvers_t, char *));
141	-static char getowner __P((SVCXPRT , char *, size_t));
142	-static int add_pmaplist __P((RPCB *));
143	-static int del_pmaplist __P((RPCB *));
144	+static bool_t xdr_encap_parms (XDR , struct encap_parms );
145	+static bool_t xdr_rmtcall_args (XDR , struct r_rmtcall_args );
146	+static bool_t xdr_rmtcall_result (XDR , struct r_rmtcall_args );
147	+static bool_t xdr_opaque_parms (XDR , struct r_rmtcall_args );
148	+static int find_rmtcallfd_by_netid (char *);
149	+static SVCXPRT *find_rmtcallxprt_by_fd (int);
150	+static int forward_register (u_int32_t, struct netbuf , int, char ,
151	+ rpcproc_t, rpcvers_t, u_int32_t *);
152	+static struct finfo *forward_find (u_int32_t);
153	+static int free_slot_by_xid (u_int32_t);
154	+static int free_slot_by_index (int);
155	+static int netbufcmp (struct netbuf , struct netbuf );
156	+static struct netbuf netbufdup (struct netbuf );
157	+static void netbuffree (struct netbuf *);
158	+static int check_rmtcalls (struct pollfd *, int);
159	+static void xprt_set_caller (SVCXPRT , struct finfo );
160	+static void send_svcsyserr (SVCXPRT , struct finfo );
161	+static void handle_reply (int, SVCXPRT *);
162	+static void find_versions (rpcprog_t, char , rpcvers_t , rpcvers_t *);
163	+static rpcblist_ptr find_service (rpcprog_t, rpcvers_t, char *);
164	+static char getowner (SVCXPRT , char *, size_t);
165	+static int add_pmaplist (RPCB *);
166	+static int del_pmaplist (RPCB *);
167
168	/*
169	* Set a mapping of program, version, netid
170	diff --git a/src/rpcbind.c b/src/rpcbind.c
171	index 045daa1..137011b 100644
172	--- a/src/rpcbind.c
173	+++ b/src/rpcbind.c
174	@@ -135,13 +135,13 @@ char tcp_uaddr; / Universal TCP address */
175	static char servname[] = "rpcbind";
176	static char superuser[] = "superuser";
177
178	-int main __P((int, char *[]));
179	+int main (int, char *[]);
180
181	-static int init_transport __P((struct netconfig *));
182	-static void rbllist_add __P((rpcprog_t, rpcvers_t, struct netconfig *,
183	- struct netbuf *));
184	-static void terminate __P((int));
185	-static void parseargs __P((int, char *[]));
186	+static int init_transport (struct netconfig *);
187	+static void rbllist_add (rpcprog_t, rpcvers_t, struct netconfig *,
188	+ struct netbuf *);
189	+static void terminate (int);
190	+static void parseargs (int, char *[]);
191
192	int
193	main(int argc, char *argv[])
194	diff --git a/src/util.c b/src/util.c
195	index a6c835b..33b9e4f 100644
196	--- a/src/util.c
197	+++ b/src/util.c
198	@@ -70,7 +70,7 @@ static struct sockaddr_in *local_in4;
199	static struct sockaddr_in6 *local_in6;
200	#endif
201
202	-static int bitmaskcmp __P((void , void , void *, int));
203	+static int bitmaskcmp (void , void , void *, int);
204
205	/*
206	* For all bits set in "mask", compare the corresponding bits in
207	diff --git a/src/warmstart.c b/src/warmstart.c
208	index b6eb73e..42dd3af 100644
209	--- a/src/warmstart.c
210	+++ b/src/warmstart.c
211	@@ -58,8 +58,8 @@
212	#define PMAPFILE RPCBIND_STATEDIR "/portmap.xdr"
213	#endif
214
215	-static bool_t write_struct __P((char , xdrproc_t, void ));
216	-static bool_t read_struct __P((char , xdrproc_t, void ));
217	+static bool_t write_struct (char , xdrproc_t, void );
218	+static bool_t read_struct (char , xdrproc_t, void );
219
220	static bool_t
221	write_struct(char filename, xdrproc_t structproc, void list)


diff --git a/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch deleted file mode 100644 index 16b763ef0d..0000000000 --- a/meta/recipes-extended/rpcbind/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch +++ /dev/null
@@ -1,43 +0,0 @@
1	From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
2	From: Steve Dickson <steved@redhat.com>
3	Date: Mon, 2 Nov 2015 17:05:18 -0500
4	Subject: [PATCH] handle_reply: Don't use the xp_auth pointer directly
5
6	In the latest libtirpc version to access the xp_auth
7	one must use the SVC_XP_AUTH macro. To be backwards
8	compatible a couple ifdefs were added to use the
9	macro when it exists.
10
11	Upstream-Status: Backport
12
13	Signed-off-by: Steve Dickson <steved@redhat.com>
14	Signed-off-by: Maxin B. John <maxin.john@intel.com>
15	---
16	src/rpcb_svc_com.c \| 7 +++++++
17	1 file changed, 7 insertions(+)
18
19	diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
20	index 4ae93f1..22d6c84 100644
21	--- a/src/rpcb_svc_com.c
22	+++ b/src/rpcb_svc_com.c
23	@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
24	a.rmt_localvers = fi->versnum;
25
26	xprt_set_caller(xprt, fi);
27	+#if defined(SVC_XP_AUTH)
28	+ SVC_XP_AUTH(xprt) = svc_auth_none;
29	+#else
30	xprt->xp_auth = &svc_auth_none;
31	+#endif
32	svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
33	+#if !defined(SVC_XP_AUTH)
34	SVCAUTH_DESTROY(xprt->xp_auth);
35	xprt->xp_auth = NULL;
36	+#endif
37	+
38	done:
39	if (buffer)
40	free(buffer);
41	--
42	2.4.0
43


diff --git a/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch b/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch deleted file mode 100644 index 741a99035c..0000000000 --- a/meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch +++ /dev/null
@@ -1,84 +0,0 @@
1	commit 06f7ebb1dade2f0dbf872ea2bedf17cff4734bdd
2	Author: Olaf Kirch <okir@...e.de>
3	Date: Thu Aug 6 16:27:20 2015 +0200
4
5	Fix memory corruption in PMAP_CALLIT code
6
7	- A PMAP_CALLIT call comes in on IPv4 UDP
8	- rpcbind duplicates the caller's address to a netbuf and stores it in
9	FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
10	with a size of 16 bytes
11	- rpcbind forwards the call to the local service, receives a reply
12	- when processing the reply, it does this in xprt_set_caller:
13	xprt->xp_rtaddr = *FINFO[0].caller_addr
14	It sends out the reply, and then frees the netbuf caller_addr and
15	caller_addr.buf.
16	However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
17	to memory region A, which is free.
18	- When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
19	be called, which will set xp_rtaddr to the client's address.
20	It will reuse the buffer inside xp_rtaddr, ie it will write a
21	sockaddr_in to region A
22
23	Some time down the road, an incoming TCP connection is accepted,
24	allocating a fresh SVCXPRT. The memory region A is inside the
25	new SVCXPRT
26
27	- While processing the TCP call, another UDP call comes in, again
28	overwriting region A with the client's address
29	- TCP client closes connection. In svc_destroy, we now trip over
30	the garbage left in region A
31
32	We ran into the case where a commercial scanner was triggering
33	occasional rpcbind segfaults. The core file that was captured showed
34	a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
35
36	Signed-off-by: Olaf Kirch <okir@...e.de>
37
38	Upstream-Status: Backport
39	CVE: CVE-2015-7236
40
41	Signed-off-by: Li Zhou <li.zhou@windriver.com>
42	---
43	src/rpcb_svc_com.c \| 23 ++++++++++++++++++++++-
44	1 file changed, 22 insertions(+), 1 deletion(-)
45
46	Index: rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
47	===================================================================
48	--- rpcbind-0.1.6+git20080930.orig/src/rpcb_svc_com.c
49	+++ rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
50	@@ -1298,12 +1298,33 @@ check_rmtcalls(struct pollfd *pfds, int
51	return (ncallbacks_found);
52	}
53
54	+/*
55	+ * This is really a helper function defined in libtirpc, but unfortunately, it hasn't
56	+ * been exported yet.
57	+ */
58	+static struct netbuf *
59	+__rpc_set_netbuf(struct netbuf nb, const void ptr, size_t len)
60	+{
61	+ if (nb->len != len) {
62	+ if (nb->len)
63	+ mem_free(nb->buf, nb->len);
64	+ nb->buf = mem_alloc(len);
65	+ if (nb->buf == NULL)
66	+ return NULL;
67	+
68	+ nb->maxlen = nb->len = len;
69	+ }
70	+ memcpy(nb->buf, ptr, len);
71	+ return nb;
72	+}
73	+
74	static void
75	xprt_set_caller(SVCXPRT xprt, struct finfo fi)
76	{
77	+ const struct netbuf *caller = fi->caller_addr;
78	u_int32_t *xidp;
79
80	- (svc_getrpccaller(xprt)) = (fi->caller_addr);
81	+ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
82	xidp = __rpcb_get_dg_xidp(xprt);
83	*xidp = fi->caller_xid;
84	}


diff --git a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb b/meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb index c19a1976a1..53cd59d833 100644 --- a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb +++ b/meta/recipes-extended/rpcbind/rpcbind_0.2.4.bb
@@ -12,23 +12,20 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b46486e4c4a416602693a711bb5bfa39 \
12		12
13	SRC_URI = "${SOURCEFORGE_MIRROR}/rpcbind/rpcbind-${PV}.tar.bz2 \	13	SRC_URI = "${SOURCEFORGE_MIRROR}/rpcbind/rpcbind-${PV}.tar.bz2 \
14	file://init.d \	14	file://init.d \
15	file://0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch \
16	file://remove-sys-queue.patch \	15	file://remove-sys-queue.patch \
17	file://0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch \
18	${UCLIBCPATCHES} \	16	${UCLIBCPATCHES} \
19	${MUSLPATCHES} \	17	${MUSLPATCHES} \
20	file://rpcbind.conf \	18	file://rpcbind.conf \
21	file://rpcbind.socket \	19	file://rpcbind.socket \
22	file://rpcbind.service \	20	file://rpcbind.service \
23	file://cve-2015-7236.patch \
24	"	21	"
25	MUSLPATCHES_libc-musl = "file://musl-sunrpc.patch"	22	MUSLPATCHES_libc-musl = "file://musl-sunrpc.patch"
26		23
27	UCLIBCPATCHES ?= ""	24	UCLIBCPATCHES ?= ""
28	MUSLPATCHES ?= ""	25	MUSLPATCHES ?= ""
29		26
30	SRC_URI[md5sum] = "c8875246b2688a1adfbd6ad43480278d"	27	SRC_URI[md5sum] = "cf10cd41ed8228fc54c316191c1f07fe"
31	SRC_URI[sha256sum] = "9897823a9d820ea011d9ea02054d5ab99469b9ca5346265fee380713c8fed27b"	28	SRC_URI[sha256sum] = "074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66"
32		29
33	inherit autotools update-rc.d systemd pkgconfig	30	inherit autotools update-rc.d systemd pkgconfig
34		31