summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/connman
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/connman')
-rw-r--r--meta/recipes-connectivity/connman/connman/0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch72
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2017-12865.patch87
-rw-r--r--meta/recipes-connectivity/connman/connman_1.35.bb (renamed from meta/recipes-connectivity/connman/connman_1.34.bb)6
3 files changed, 2 insertions, 163 deletions
diff --git a/meta/recipes-connectivity/connman/connman/0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch b/meta/recipes-connectivity/connman/connman/0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch
deleted file mode 100644
index cfafbd1271..0000000000
--- a/meta/recipes-connectivity/connman/connman/0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch
+++ /dev/null
@@ -1,72 +0,0 @@
1From 4058ce3186a99fd5f03350fc11a7fc8d38b6a381 Mon Sep 17 00:00:00 2001
2From: "Maxin B. John" <maxin.john@intel.com>
3Date: Mon, 8 May 2017 10:53:18 +0300
4Subject: [PATCH] firewall-nftables: fix build with libnftnl-1.0.7
5
6We need these updates to accommodate the changes caused by the following
7commit in libnftnl-1.0.7
8
9commit 907a9f8e5a93f5bcd449643eb3916a656d634758
10Author: Pablo Neira Ayuso <pablo@netfilter.org>
11Date: Tue Dec 20 13:47:11 2016 +0100
12
13src: get rid of aliases and compat
14
15This machinery was introduced to avoid sudden compilation breakage of
16old nftables releases. With the upcoming release of 0.7 (and 0.6 which
17is now 6 months old) this is not required anymore.
18
19Moreover, users gain nothing from older releases since they are
20half-boiled and buggy.
21
22So let's get rid of aliases now. Bump LIBVERSION and update map file.
23
24Upstream-Status: Submitted
25
26Signed-off-by: Maxin B. John <maxin.john@intel.com>
27---
28 src/firewall-nftables.c | 14 +++++++-------
29 1 file changed, 7 insertions(+), 7 deletions(-)
30
31diff --git a/src/firewall-nftables.c b/src/firewall-nftables.c
32index 583d1c4..83b137b 100644
33--- a/src/firewall-nftables.c
34+++ b/src/firewall-nftables.c
35@@ -387,9 +387,9 @@ static int add_cmp(struct nftnl_rule *rule, uint32_t sreg, uint32_t op,
36 if (!expr)
37 return -ENOMEM;
38
39- nftnl_expr_set_u32(expr, NFT_EXPR_CMP_SREG, sreg);
40- nftnl_expr_set_u32(expr, NFT_EXPR_CMP_OP, op);
41- nftnl_expr_set(expr, NFT_EXPR_CMP_DATA, data, data_len);
42+ nftnl_expr_set_u32(expr, NFTNL_EXPR_CMP_SREG, sreg);
43+ nftnl_expr_set_u32(expr, NFTNL_EXPR_CMP_OP, op);
44+ nftnl_expr_set(expr, NFTNL_EXPR_CMP_DATA, data, data_len);
45
46 nftnl_rule_add_expr(rule, expr);
47
48@@ -575,8 +575,8 @@ static int build_rule_nat(const char *address, unsigned char prefixlen,
49 expr = nftnl_expr_alloc("meta");
50 if (!expr)
51 goto err;
52- nftnl_expr_set_u32(expr, NFT_EXPR_META_KEY, NFT_META_OIFNAME);
53- nftnl_expr_set_u32(expr, NFT_EXPR_META_DREG, NFT_REG_1);
54+ nftnl_expr_set_u32(expr, NFTNL_EXPR_META_KEY, NFT_META_OIFNAME);
55+ nftnl_expr_set_u32(expr, NFTNL_EXPR_META_DREG, NFT_REG_1);
56 nftnl_rule_add_expr(rule, expr);
57 err = add_cmp(rule, NFT_REG_1, NFT_CMP_EQ, interface,
58 strlen(interface) + 1);
59@@ -677,8 +677,8 @@ static int build_rule_snat(int index, const char *address,
60 expr = nftnl_expr_alloc("meta");
61 if (!expr)
62 goto err;
63- nftnl_expr_set_u32(expr, NFT_EXPR_META_KEY, NFT_META_OIF);
64- nftnl_expr_set_u32(expr, NFT_EXPR_META_DREG, NFT_REG_1);
65+ nftnl_expr_set_u32(expr, NFTNL_EXPR_META_KEY, NFT_META_OIF);
66+ nftnl_expr_set_u32(expr, NFTNL_EXPR_META_DREG, NFT_REG_1);
67 nftnl_rule_add_expr(rule, expr);
68 err = add_cmp(rule, NFT_REG_1, NFT_CMP_EQ, &index, sizeof(index));
69 if (err < 0)
70--
712.4.0
72
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2017-12865.patch b/meta/recipes-connectivity/connman/connman/CVE-2017-12865.patch
deleted file mode 100644
index 45f78f10ea..0000000000
--- a/meta/recipes-connectivity/connman/connman/CVE-2017-12865.patch
+++ /dev/null
@@ -1,87 +0,0 @@
1From 5c281d182ecdd0a424b64f7698f32467f8f67b71 Mon Sep 17 00:00:00 2001
2From: Jukka Rissanen <jukka.rissanen@linux.intel.com>
3Date: Wed, 9 Aug 2017 10:16:46 +0300
4Subject: dnsproxy: Fix crash on malformed DNS response
5
6If the response query string is malformed, we might access memory
7pass the end of "name" variable in parse_response().
8
9CVE: CVE-2017-12865
10Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71]
11
12Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
13---
14 src/dnsproxy.c | 16 ++++++++++------
15 1 file changed, 10 insertions(+), 6 deletions(-)
16
17diff --git a/src/dnsproxy.c b/src/dnsproxy.c
18index 38ac5bf..40b4f15 100644
19--- a/src/dnsproxy.c
20+++ b/src/dnsproxy.c
21@@ -838,7 +838,7 @@ static struct cache_entry *cache_check(gpointer request, int *qtype, int proto)
22 static int get_name(int counter,
23 unsigned char *pkt, unsigned char *start, unsigned char *max,
24 unsigned char *output, int output_max, int *output_len,
25- unsigned char **end, char *name, int *name_len)
26+ unsigned char **end, char *name, size_t max_name, int *name_len)
27 {
28 unsigned char *p;
29
30@@ -859,7 +859,7 @@ static int get_name(int counter,
31
32 return get_name(counter + 1, pkt, pkt + offset, max,
33 output, output_max, output_len, end,
34- name, name_len);
35+ name, max_name, name_len);
36 } else {
37 unsigned label_len = *p;
38
39@@ -869,6 +869,9 @@ static int get_name(int counter,
40 if (*output_len > output_max)
41 return -ENOBUFS;
42
43+ if ((*name_len + 1 + label_len + 1) > max_name)
44+ return -ENOBUFS;
45+
46 /*
47 * We need the original name in order to check
48 * if this answer is the correct one.
49@@ -900,14 +903,14 @@ static int parse_rr(unsigned char *buf, unsigned char *start,
50 unsigned char *response, unsigned int *response_size,
51 uint16_t *type, uint16_t *class, int *ttl, int *rdlen,
52 unsigned char **end,
53- char *name)
54+ char *name, size_t max_name)
55 {
56 struct domain_rr *rr;
57 int err, offset;
58 int name_len = 0, output_len = 0, max_rsp = *response_size;
59
60 err = get_name(0, buf, start, max, response, max_rsp,
61- &output_len, end, name, &name_len);
62+ &output_len, end, name, max_name, &name_len);
63 if (err < 0)
64 return err;
65
66@@ -1033,7 +1036,8 @@ static int parse_response(unsigned char *buf, int buflen,
67 memset(rsp, 0, sizeof(rsp));
68
69 ret = parse_rr(buf, ptr, buf + buflen, rsp, &rsp_len,
70- type, class, ttl, &rdlen, &next, name);
71+ type, class, ttl, &rdlen, &next, name,
72+ sizeof(name) - 1);
73 if (ret != 0) {
74 err = ret;
75 goto out;
76@@ -1099,7 +1103,7 @@ static int parse_response(unsigned char *buf, int buflen,
77 */
78 ret = get_name(0, buf, next - rdlen, buf + buflen,
79 rsp, rsp_len, &output_len, &end,
80- name, &name_len);
81+ name, sizeof(name) - 1, &name_len);
82 if (ret != 0) {
83 /* just ignore the error at this point */
84 ptr = next;
85--
86cgit v1.1
87
diff --git a/meta/recipes-connectivity/connman/connman_1.34.bb b/meta/recipes-connectivity/connman/connman_1.35.bb
index dc2c688f49..950946fe76 100644
--- a/meta/recipes-connectivity/connman/connman_1.34.bb
+++ b/meta/recipes-connectivity/connman/connman_1.35.bb
@@ -2,17 +2,15 @@ require connman.inc
2 2
3SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ 3SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
4 file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ 4 file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \
5 file://0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch \
6 file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ 5 file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \
7 file://connman \ 6 file://connman \
8 file://no-version-scripts.patch \ 7 file://no-version-scripts.patch \
9 file://includes.patch \ 8 file://includes.patch \
10 file://CVE-2017-12865.patch \
11 " 9 "
12SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch \ 10SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch \
13 " 11 "
14 12
15SRC_URI[md5sum] = "e200028702c831d5f535d20d61e608ef" 13SRC_URI[md5sum] = "bae37b45ee9b3db5ec8115188f8a7652"
16SRC_URI[sha256sum] = "a9a0808c729c1f348fc36d8cecb52d19b72bc34cb411c502608cb0e0190fc71e" 14SRC_URI[sha256sum] = "66d7deb98371545c6e417239a9b3b3e3201c1529d08eedf40afbc859842cf2aa"
17 15
18RRECOMMENDS_${PN} = "connman-conf" 16RRECOMMENDS_${PN} = "connman-conf"