From 24e0fea469059f4e0a7bae30155108248035f791 Mon Sep 17 00:00:00 2001 From: florian Date: Thu, 6 Sep 2007 12:54:58 +0000 Subject: [PATCH] Upgrade portmap to 6.0 (#2317) git-svn-id: svn://svn.openwrt.org/openwrt/packages@8650 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- net/portmap/Makefile | 12 +- net/portmap/patches/001-debian_subset.patch | 531 -------------------- 2 files changed, 6 insertions(+), 537 deletions(-) delete mode 100644 net/portmap/patches/001-debian_subset.patch diff --git a/net/portmap/Makefile b/net/portmap/Makefile index a86aaa456..4604a67b0 100644 --- a/net/portmap/Makefile +++ b/net/portmap/Makefile @@ -9,15 +9,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=portmap -PKG_VERSION:=5beta -PKG_RELEASE:=2 +PKG_VERSION:=6.0 +PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=ftp://ftp.porcupine.org/pub/security -PKG_MD5SUM:=781e16ed4487c4caa082c6fef09ead4f +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz +PKG_SOURCE_URL:=http://neil.brown.name/portmap/ +PKG_MD5SUM:=ac108ab68bf0f34477f8317791aaf1ff PKG_CAT:=zcat -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)_$(PKG_VERSION) +PKG_BUILD_DIR:=$(PKG_NAME)_$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk diff --git a/net/portmap/patches/001-debian_subset.patch b/net/portmap/patches/001-debian_subset.patch deleted file mode 100644 index c5fecf7c4..000000000 --- a/net/portmap/patches/001-debian_subset.patch +++ /dev/null @@ -1,531 +0,0 @@ ---- portmap-5.orig/Makefile -+++ portmap-5/Makefile -@@ -8,7 +8,7 @@ - # if you disagree. See `man 3 syslog' for examples. Some syslog versions - # do not provide this flexibility. - # --FACILITY=LOG_MAIL -+FACILITY=LOG_DAEMON - - # To disable tcp-wrapper style access control, comment out the following - # macro definitions. Access control can also be turned off by providing -@@ -16,7 +16,8 @@ - # daemon, is always treated as an authorized host. - - HOSTS_ACCESS= -DHOSTS_ACCESS --WRAP_LIB = $(WRAP_DIR)/libwrap.a -+#WRAP_LIB = $(WRAP_DIR)/libwrap.a -+WRAP_LIB = -lwrap - - # Comment out if your RPC library does not allocate privileged ports for - # requests from processes with root privilege, or the new portmap will -@@ -71,7 +72,7 @@ - # With verbose logging on, HP-UX 9.x and AIX 4.1 leave zombies behind when - # SIGCHLD is not ignored. Enable next macro for a fix. - # --# ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x -+ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x - - # Uncomment the following macro if your system does not have u_long. - # -@@ -81,11 +82,14 @@ - # libwrap.a object library. WRAP_DIR should specify the directory with - # that library. - --WRAP_DIR= ../tcp_wrappers -+WRAP_DIR= $(TCPD_DIR) - - # Auxiliary object files that may be missing from your C library. - # --AUX = daemon.o strerror.o -+#AUX = daemon.o strerror.o -+ -+# glibc has strerror() (it's POSIX) and daemon() (when compiling -D_BSD_SOURCE) -+AUX = - - # NEXTSTEP is a little different. The following seems to work with NS 3.2 - # -@@ -99,22 +103,31 @@ - - # Comment out if your compiler talks ANSI and understands const - # --CONST = -Dconst= -+#CONST = -Dconst= - - ### End of configurable stuff. - ############################## - -+GLIBC=$(shell grep -s -c __GLIBC__ /usr/include/features.h) -+ -+ifeq ($(GLIBC),0) -+LIBS += # -lbsd -+else -+LIBS += -lnsl -+endif -+ -+ - SHELL = /bin/sh - --COPT = $(CONST) -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \ -+COPT = $(CONST) $(HOSTS_ACCESS) $(CHECK_PORT) \ - $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) \ - $(LOOPBACK) $(SETPGRP) --CFLAGS = $(COPT) -O $(NSARCHS) -+CFLAGS = -Wall $(COPT) -O2 $(NSARCHS) - OBJECTS = portmap.o pmap_check.o from_local.o $(AUX) - - all: portmap pmap_dump pmap_set - --portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a -+portmap: $(OBJECTS) # $(WRAP_DIR)/libwrap.a - $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_LIB) $(LIBS) - - pmap_dump: pmap_dump.c -@@ -129,6 +142,17 @@ - get_myaddress: get_myaddress.c - cc $(CFLAGS) -DTEST -o $@ get_myaddress.c $(LIBS) - -+install: all -+ install -o root -g root -m 0755 -s portmap ${BASEDIR}/sbin -+ install -o root -g root -m 0755 -s pmap_dump ${BASEDIR}/sbin -+ install -o root -g root -m 0755 -s pmap_set ${BASEDIR}/sbin -+ install -o root -g root -m 0644 portmap.8 ${BASEDIR}/usr/share/man/man8 -+ install -o root -g root -m 0644 pmap_dump.8 ${BASEDIR}/usr/share/man/man8 -+ install -o root -g root -m 0644 pmap_set.8 ${BASEDIR}/usr/share/man/man8 -+ cat BLURB >${BASEDIR}/usr/share/doc/portmap/portmapper.txt -+ gzip -9f ${BASEDIR}/usr/share/doc/portmap/portmapper.txt -+ -+ - lint: - lint $(COPT) $(OBJECTS:%.o=%.c) - ---- portmap-5.orig/daemon.c -+++ portmap-5/daemon.c -@@ -36,11 +36,8 @@ - #endif /* LIBC_SCCS and not lint */ - - #include -- --/* From unistd.h */ --#define STDIN_FILENO 0 --#define STDOUT_FILENO 1 --#define STDERR_FILENO 2 -+#include -+#include - - /* From paths.h */ - #define _PATH_DEVNULL "/dev/null" ---- portmap-5.orig/pmap_check.c -+++ portmap-5/pmap_check.c -@@ -41,10 +41,14 @@ - #include - #include - #include -+#include - #ifdef SYSV40 - #include - #include - #endif -+#include -+#include -+#include - - extern char *inet_ntoa(); - -@@ -101,15 +105,25 @@ - * Give up root privileges so that we can never allocate a privileged - * port when forwarding an rpc request. - */ -+ if (setgid(1) == -1) { -+ syslog(LOG_ERR, "setgid(1) failed: %m"); -+ exit(1); -+ } -+ if (setgroups(0, 0) == -1) { -+ syslog(LOG_ERR, "setgroups(0, 0) failed: %m"); -+ exit(1); -+ } - if (setuid(1) == -1) { - syslog(LOG_ERR, "setuid(1) failed: %m"); - exit(1); - } -+ - (void) signal(SIGINT, toggle_verboselog); - } - - /* check_default - additional checks for NULL, DUMP, GETPORT and unknown */ - -+int - check_default(addr, proc, prog) - struct sockaddr_in *addr; - u_long proc; -@@ -128,6 +142,7 @@ - - /* check_privileged_port - additional checks for privileged-port updates */ - -+int - check_privileged_port(addr, proc, prog, port) - struct sockaddr_in *addr; - u_long proc; -@@ -173,6 +188,7 @@ - - #else - -+int - check_setunset(addr, proc, prog, port) - struct sockaddr_in *addr; - u_long proc; -@@ -197,6 +213,7 @@ - - /* check_callit - additional checks for forwarded requests */ - -+int - check_callit(addr, proc, prog, aproc) - struct sockaddr_in *addr; - u_long proc; -@@ -249,13 +266,13 @@ - }; - struct proc_map *procp; - static struct proc_map procmap[] = { -- PMAPPROC_CALLIT, "callit", -- PMAPPROC_DUMP, "dump", -- PMAPPROC_GETPORT, "getport", -- PMAPPROC_NULL, "null", -- PMAPPROC_SET, "set", -- PMAPPROC_UNSET, "unset", -- 0, 0, -+ {PMAPPROC_CALLIT, "callit"}, -+ {PMAPPROC_DUMP, "dump"}, -+ {PMAPPROC_GETPORT, "getport"}, -+ {PMAPPROC_NULL, "null"}, -+ {PMAPPROC_SET, "set"}, -+ {PMAPPROC_UNSET, "unset"}, -+ {0, 0}, - }; - - /* -@@ -269,7 +286,7 @@ - - if (prognum == 0) { - progname = ""; -- } else if (rpc = getrpcbynumber((int) prognum)) { -+ } else if ((rpc = getrpcbynumber((int) prognum))) { - progname = rpc->r_name; - } else { - sprintf(progname = progbuf, "%lu", prognum); ---- portmap-5.orig/from_local.c -+++ portmap-5/from_local.c -@@ -51,6 +51,9 @@ - #include - #include - #include -+#include -+#include -+#include - - #ifndef TRUE - #define TRUE 1 -@@ -96,6 +99,7 @@ - - /* find_local - find all IP addresses for this host */ - -+int - find_local() - { - struct ifconf ifc; -@@ -154,6 +158,7 @@ - - /* from_local - determine whether request comes from the local system */ - -+int - from_local(addr) - struct sockaddr_in *addr; - { ---- portmap-5.orig/pmap_dump.c -+++ portmap-5/pmap_dump.c -@@ -23,6 +23,20 @@ - - static char *protoname(); - -+#ifndef INADDR_LOOPBACK -+#define INADDR_LOOPBACK ntohl(inet_addr("127.0.0.1")) -+#endif -+ -+static void get_myloopaddress(addrp) -+struct sockaddr_in *addrp; -+{ -+ memset((char *) addrp, 0, sizeof(*addrp)); -+ addrp->sin_family = AF_INET; -+ addrp->sin_port = htons(PMAPPORT); -+ addrp->sin_addr.s_addr = htonl(INADDR_LOOPBACK); -+} -+ -+int - main(argc, argv) - int argc; - char **argv; -@@ -31,7 +45,7 @@ - register struct pmaplist *list; - register struct rpcent *rpc; - -- get_myaddress(&addr); -+ get_myloopaddress(&addr); - - for (list = pmap_getmaps(&addr); list; list = list->pml_next) { - rpc = getrpcbynumber((int) list->pml_map.pm_prog); ---- portmap-5.orig/pmap_set.c -+++ portmap-5/pmap_set.c -@@ -17,6 +17,10 @@ - #include - #include - -+int parse_line(char *buf, u_long *prog, u_long *vers, int *prot, -+ unsigned *port); -+ -+int - main(argc, argv) - int argc; - char **argv; -@@ -40,6 +44,7 @@ - - /* parse_line - convert line to numbers */ - -+int - parse_line(buf, prog, vers, prot, port) - char *buf; - u_long *prog; -@@ -47,9 +52,9 @@ - int *prot; - unsigned *port; - { -- char proto_name[BUFSIZ]; -+ char proto_name[256]; - -- if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) { -+ if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) { - return (0); - } - if (strcmp(proto_name, "tcp") == 0) { -@@ -65,3 +70,4 @@ - } - return (0); - } -+ ---- portmap-5.orig/portmap.c -+++ portmap-5/portmap.c -@@ -80,6 +80,10 @@ - * Mountain View, California 94043 - */ - -+#if defined(__GLIBC__) -+#define _BSD_SOURCE 1 /* for daemon(3) */ -+#include -+#endif /* __GLIBC__ */ - #include - #include - #include -@@ -91,11 +95,13 @@ - #include - #include - #include --#ifdef SYSV40 - #include --#endif -+#include -+#include -+#include -+#include -+#include - --extern char *strerror(); - #include - - #ifndef LOG_PERROR -@@ -124,7 +130,6 @@ - static void callit(); - struct pmaplist *pmaplist; - int debugging = 0; --extern int errno; - - #include "pmap_check.h" - -@@ -148,6 +153,7 @@ - #endif - #endif - -+int - main(argc, argv) - int argc; - char **argv; -@@ -157,22 +163,31 @@ - struct sockaddr_in addr; - int len = sizeof(struct sockaddr_in); - register struct pmaplist *pml; -+ char *chroot_path = NULL; -+ struct in_addr bindaddr; -+ int have_bindaddr = 0; - -- while ((c = getopt(argc, argv, "dv")) != EOF) { -+ while ((c = getopt(argc, argv, "dt:vi:")) != EOF) { - switch (c) { - - case 'd': - debugging = 1; - break; -- -+ case 't': -+ chroot_path = optarg; -+ break; - case 'v': - verboselog = 1; - break; -- -+ case 'i': -+ have_bindaddr = inet_aton(optarg, &bindaddr); -+ break; - default: -- (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]); -+ (void) fprintf(stderr, "usage: %s [-dv] [-t path] [-i address]\n", argv[0]); - (void) fprintf(stderr, "-d: debugging mode\n"); -+ (void) fprintf(stderr, "-t path: chroot into path\n"); - (void) fprintf(stderr, "-v: verbose logging\n"); -+ (void) fprintf(stderr, "-i address: bind to address\n"); - exit(1); - } - } -@@ -201,6 +216,9 @@ - addr.sin_addr.s_addr = 0; - addr.sin_family = AF_INET; - addr.sin_port = htons(PMAPPORT); -+ if (have_bindaddr) -+ memcpy(&addr.sin_addr, &bindaddr, sizeof(bindaddr)); -+ - if (bind(sock, (struct sockaddr *)&addr, len) != 0) { - syslog(LOG_ERR, "cannot bind udp: %m"); - exit(1); -@@ -227,7 +245,7 @@ - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on); - #endif - if (bind(sock, (struct sockaddr *)&addr, len) != 0) { -- syslog(LOG_ERR, "cannot bind udp: %m"); -+ syslog(LOG_ERR, "cannot bind tcp: %m"); - exit(1); - } - if ((xprt = svctcp_create(sock, RPCSMALLMSGSIZE, RPCSMALLMSGSIZE)) -@@ -280,6 +298,14 @@ - (void)svc_register(xprt, PMAPPROG, PMAPVERS, reg_service, FALSE); - - /* additional initializations */ -+ if (chroot_path) -+ { -+ if (-1 == chroot(chroot_path)) -+ { -+ syslog(LOG_ERR, "couldn't do chroot"); -+ exit(1); -+ } -+ } - check_startup(); - #ifdef IGNORE_SIGCHLD /* Lionel Cons */ - (void)signal(SIGCHLD, SIG_IGN); -@@ -350,7 +376,7 @@ - */ - /* remote host authorization check */ - check_default(svc_getcaller(xprt), rqstp->rq_proc, (u_long) 0); -- if (!svc_sendreply(xprt, xdr_void, (caddr_t)0) && debugging) { -+ if (!svc_sendreply(xprt, (xdrproc_t) xdr_void, (caddr_t)0) && debugging) { - abort(); - } - break; -@@ -359,7 +385,7 @@ - /* - * Set a program,version to port mapping - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) - svcerr_decode(xprt); - else { - /* reject non-local requests, protect priv. ports */ -@@ -401,7 +427,7 @@ - ans = 1; - } - done: -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -413,7 +439,7 @@ - /* - * Remove a program,version to port mapping. - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) - svcerr_decode(xprt); - else { - ans = 0; -@@ -447,7 +473,7 @@ - prevpml->pml_next = pml; - free(t); - } -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -459,7 +485,7 @@ - /* - * Lookup the mapping for a program,version and return its port - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) - svcerr_decode(xprt); - else { - /* remote host authorization check */ -@@ -474,7 +500,7 @@ - port = fnd->pml_map.pm_port; - else - port = 0; -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&port)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&port)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -486,7 +512,7 @@ - /* - * Return the current set of mapped program,version - */ -- if (!svc_getargs(xprt, xdr_void, NULL)) -+ if (!svc_getargs(xprt, (xdrproc_t) xdr_void, (caddr_t) NULL)) - svcerr_decode(xprt); - else { - /* remote host authorization check */ -@@ -497,7 +523,7 @@ - } else { - p = pmaplist; - } -- if ((!svc_sendreply(xprt, xdr_pmaplist, -+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist, - (caddr_t)&p)) && debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -645,7 +671,7 @@ - timeout.tv_sec = 5; - timeout.tv_usec = 0; - a.rmt_args.args = buf; -- if (!svc_getargs(xprt, xdr_rmtcall_args, &a)) -+ if (!svc_getargs(xprt, (xdrproc_t) xdr_rmtcall_args, (caddr_t) &a)) - return; - /* host and service access control */ - if (!check_callit(svc_getcaller(xprt), -@@ -674,9 +700,9 @@ - au->aup_uid, au->aup_gid, au->aup_len, au->aup_gids); - } - a.rmt_port = (u_long)port; -- if (clnt_call(client, a.rmt_proc, xdr_opaque_parms, &a, -- xdr_len_opaque_parms, &a, timeout) == RPC_SUCCESS) { -- svc_sendreply(xprt, xdr_rmtcall_result, (caddr_t)&a); -+ if (clnt_call(client, a.rmt_proc, (xdrproc_t) xdr_opaque_parms, (char*) &a, -+ (xdrproc_t) xdr_len_opaque_parms, (char*) &a, timeout) == RPC_SUCCESS) { -+ svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (caddr_t)&a); - } - AUTH_DESTROY(client->cl_auth); - clnt_destroy(client);