From 71d9c020de323cd50eae7206989990f7ad667203 Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Mar 04 2014 09:29:46 +0000 Subject: import net-snmp-5.7.2-18.el7.src.rpm --- diff --git a/SOURCES/net-snmp-5.5-python-retcodes.patch b/SOURCES/net-snmp-5.5-python-retcodes.patch new file mode 100644 index 0000000..d542008 --- /dev/null +++ b/SOURCES/net-snmp-5.5-python-retcodes.patch @@ -0,0 +1,104 @@ +1064338 - various net-snmp-python return code errors + +commit 71a31dabc05e4e86ba14deff427a6911c167e713 +Author: Wes Hardaker +Date: Fri Jul 30 13:00:49 2010 +0000 + + CHANGES: python: patch 3035578: from sws: keep error codes up to date + + git-svn-id: file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@19268 06827809-a52a-0410-b366-d66718629ded + + +commit 7e1cae42bd79a0cdfb70521558a0dedc5aa0c42d +Author: Dave Shield +Date: Thu Apr 14 21:31:09 2011 +0000 + + CHANGES: python: PATCHES: 3185085: Fix segfault on 64-bit systems + git-svn-id: file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@20180 06827809-a52a-0410-b366-d66718629ded + +commit 9a2bfc8f95d6e926dcbf16ff44b53b27e38c8437 +Author: Jan Safranek +Date: Mon Jul 1 13:54:38 2013 +0200 + + CHANGES: python: Fixed returning of empty strings. + Varbind type (SNMP_NOSUCHOBJECT etc.) should be used to detect errors instead of length of the variable - it can be empty string. + +commit 408cc9732c346111fc1fda23e136d60883cdb7e4 +Author: Jan Safranek +Date: Mon Jul 1 14:25:41 2013 +0200 + + CHANGES: python: correctly report error when parsing malformed OID. + +diff -up net-snmp-5.7.2/python/netsnmp/client_intf.c.test net-snmp-5.7.2/python/netsnmp/client_intf.c +--- net-snmp-5.7.2/python/netsnmp/client_intf.c.test 2014-02-13 09:34:37.456480927 +0100 ++++ net-snmp-5.7.2/python/netsnmp/client_intf.c 2014-02-13 09:51:22.475642391 +0100 +@@ -658,7 +658,10 @@ int best_guess; + newname_len = MAX_OID_LEN; + if (read_objid(tag, newname, &newname_len)) { /* long name */ + rtp = tp = get_tree(newname, newname_len, get_tree_head()); +- } ++ } else { ++ /* failed to parse the OID */ ++ newname_len = 0; ++ } + } + else { + rtp = tp = get_tree(newname, newname_len, get_tree_head()); +@@ -885,6 +887,15 @@ int *err_ind; + goto done; + } + ++ tmp_err_str = calloc(1, STR_BUF_SIZE); ++ if (tmp_err_str == NULL) { ++ *err_num = errno; ++ *err_ind = SNMPERR_MALLOC; ++ status = SNMPERR_MALLOC; ++ strncpy(err_str, snmp_api_errstring(*err_ind), STR_BUF_SIZE - 1); ++ goto done; ++ } ++ + retry: + + Py_BEGIN_ALLOW_THREADS +@@ -1589,10 +1600,16 @@ netsnmp_get(PyObject *self, PyObject *ar + py_netsnmp_attr_set_string(varbind, "val", (char *) str_buf, len); + + /* save in return tuple as well */ +- PyTuple_SetItem(val_tuple, varlist_ind, +- (len ? Py_BuildValue("s#", str_buf, len) : +- Py_BuildValue(""))); +- ++ if ((type == SNMP_ENDOFMIBVIEW) || ++ (type == SNMP_NOSUCHOBJECT) || ++ (type == SNMP_NOSUCHINSTANCE)) { ++ /* Translate error to None */ ++ PyTuple_SetItem(val_tuple, varlist_ind, ++ Py_BuildValue("")); ++ } else { ++ PyTuple_SetItem(val_tuple, varlist_ind, ++ Py_BuildValue("s#", str_buf, len)); ++ } + Py_DECREF(varbind); + } else { + printf("netsnmp_get: bad varbind (%d)\n", varlist_ind); +@@ -1801,10 +1818,16 @@ netsnmp_getnext(PyObject *self, PyObject + py_netsnmp_attr_set_string(varbind, "val", (char *) str_buf, len); + + /* save in return tuple as well */ +- PyTuple_SetItem(val_tuple, varlist_ind, +- (len ? Py_BuildValue("s#", str_buf, len) : +- Py_BuildValue(""))); +- ++ if ((type == SNMP_ENDOFMIBVIEW) || ++ (type == SNMP_NOSUCHOBJECT) || ++ (type == SNMP_NOSUCHINSTANCE)) { ++ /* Translate error to None */ ++ PyTuple_SetItem(val_tuple, varlist_ind, ++ Py_BuildValue("")); ++ } else { ++ PyTuple_SetItem(val_tuple, varlist_ind, ++ Py_BuildValue("s#", str_buf, len)); ++ } + Py_DECREF(varbind); + } else { + printf("netsnmp_getnext: bad varbind (%d)\n", varlist_ind); diff --git a/SOURCES/net-snmp-5.7.2-clientaddr-port.patch b/SOURCES/net-snmp-5.7.2-clientaddr-port.patch index 43eacac..e82a277 100644 --- a/SOURCES/net-snmp-5.7.2-clientaddr-port.patch +++ b/SOURCES/net-snmp-5.7.2-clientaddr-port.patch @@ -102,11 +102,12 @@ diff -up net-snmp-5.7.2/snmplib/snmp_api.c.port net-snmp-5.7.2/snmplib/snmp_api. diff -up net-snmp-5.7.2/snmplib/transports/snmpUDPIPv4BaseDomain.c.port net-snmp-5.7.2/snmplib/transports/snmpUDPIPv4BaseDomain.c --- net-snmp-5.7.2/snmplib/transports/snmpUDPIPv4BaseDomain.c.port 2012-11-13 10:51:32.781812675 +0100 +++ net-snmp-5.7.2/snmplib/transports/snmpUDPIPv4BaseDomain.c 2012-11-13 10:51:35.190801898 +0100 -@@ -183,7 +183,29 @@ netsnmp_udpipv4base_transport(struct soc +@@ -183,8 +183,29 @@ netsnmp_udpipv4base_transport(struct soc NETSNMP_DS_LIB_CLIENT_ADDR); if (client_socket) { struct sockaddr_in client_addr; - netsnmp_sockaddr_in2(&client_addr, client_socket, NULL); +- client_addr.sin_port = 0; + + char *client_address = client_socket; + int uses_port = netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, @@ -130,9 +131,9 @@ diff -up net-snmp-5.7.2/snmplib/transports/snmpUDPIPv4BaseDomain.c.port net-snmp + free(client_address); + } + - client_addr.sin_port = 0; DEBUGMSGTL(("netsnmp_udpbase", "binding socket: %d\n", t->sock)); rc = bind(t->sock, (struct sockaddr *)&client_addr, + sizeof(struct sockaddr)); commit 9e00fff692081e36c9d883fab7b6bd8881c670fc Author: Jan Safranek Date: Tue Aug 7 12:27:18 2012 +0200 diff --git a/SOURCES/net-snmp-5.7.2-icmp-mib.patch b/SOURCES/net-snmp-5.7.2-icmp-mib.patch new file mode 100644 index 0000000..35c70b7 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-icmp-mib.patch @@ -0,0 +1,146 @@ +1072092 - net-snmp: denial of service flaw in Linux implementation of ICMP-MIB + +commit 8407b6ce46ca7159b3c816d1024e20a53f9a1c6c +Author: Wes Hardaker +Date: Wed Feb 19 15:21:57 2014 -0800 + + bug fix from fenner: fix ICMP mib table handling on linux + +diff --git a/agent/mibgroup/mibII/icmp.c b/agent/mibgroup/mibII/icmp.c +index 14c73a6..6d10426 100644 +--- a/agent/mibgroup/mibII/icmp.c ++++ b/agent/mibgroup/mibII/icmp.c +@@ -106,10 +106,20 @@ struct icmp_msg_stats_table_entry { + int flags; + }; + ++#ifdef linux ++/* Linux keeps track of all possible message types */ ++#define ICMP_MSG_STATS_IPV4_COUNT 256 ++#else + #define ICMP_MSG_STATS_IPV4_COUNT 11 ++#endif + + #ifdef NETSNMP_ENABLE_IPV6 ++#ifdef linux ++/* Linux keeps track of all possible message types */ ++#define ICMP_MSG_STATS_IPV6_COUNT 256 ++#else + #define ICMP_MSG_STATS_IPV6_COUNT 14 ++#endif + #else + #define ICMP_MSG_STATS_IPV6_COUNT 0 + #endif /* NETSNMP_ENABLE_IPV6 */ +@@ -177,7 +187,7 @@ icmp_msg_stats_load(netsnmp_cache *cache, void *vmagic) + inc = 0; + linux_read_icmp_msg_stat(&v4icmp, &v4icmpmsg, &flag); + if (flag) { +- while (254 != k) { ++ while (255 >= k) { + if (v4icmpmsg.vals[k].InType) { + icmp_msg_stats_table[i].ipVer = 1; + icmp_msg_stats_table[i].icmpMsgStatsType = k; +@@ -267,7 +277,7 @@ icmp_msg_stats_load(netsnmp_cache *cache, void *vmagic) + inc = 0; + linux_read_icmp6_msg_stat(&v6icmp, &v6icmpmsg, &flag); + if (flag) { +- while (254 != k) { ++ while (255 >= k) { + if (v6icmpmsg.vals[k].InType) { + icmp_msg_stats_table[i].ipVer = 2; + icmp_msg_stats_table[i].icmpMsgStatsType = k; +@@ -1050,6 +1060,12 @@ icmp_stats_table_handler(netsnmp_mib_handler *handler, + continue; + table_info = netsnmp_extract_table_info(request); + subid = table_info->colnum; ++ DEBUGMSGTL(( "mibII/icmpStatsTable", "oid: " )); ++ DEBUGMSGOID(( "mibII/icmpStatsTable", request->requestvb->name, ++ request->requestvb->name_length )); ++ DEBUGMSG(( "mibII/icmpStatsTable", " In %d InErr %d Out %d OutErr %d\n", ++ entry->icmpStatsInMsgs, entry->icmpStatsInErrors, ++ entry->icmpStatsOutMsgs, entry->icmpStatsOutErrors )); + + switch (subid) { + case ICMP_STAT_INMSG: +@@ -1117,6 +1133,11 @@ icmp_msg_stats_table_handler(netsnmp_mib_handler *handler, + continue; + table_info = netsnmp_extract_table_info(request); + subid = table_info->colnum; ++ DEBUGMSGTL(( "mibII/icmpMsgStatsTable", "oid: " )); ++ DEBUGMSGOID(( "mibII/icmpMsgStatsTable", request->requestvb->name, ++ request->requestvb->name_length )); ++ DEBUGMSG(( "mibII/icmpMsgStatsTable", " In %d Out %d Flags 0x%x\n", ++ entry->icmpMsgStatsInPkts, entry->icmpMsgStatsOutPkts, entry->flags )); + + switch (subid) { + case ICMP_MSG_STAT_IN_PKTS: +diff --git a/agent/mibgroup/mibII/kernel_linux.c b/agent/mibgroup/mibII/kernel_linux.c +index b21a166..ba320c7 100644 +--- a/agent/mibgroup/mibII/kernel_linux.c ++++ b/agent/mibgroup/mibII/kernel_linux.c +@@ -81,9 +81,9 @@ decode_icmp_msg(char *line, char *data, struct icmp4_msg_mib *msg) + index = strtol(token, &delim, 0); + if (ERANGE == errno) { + continue; +- } else if (index > LONG_MAX) { ++ } else if (index > 255) { + continue; +- } else if (index < LONG_MIN) { ++ } else if (index < 0) { + continue; + } + if (NULL == (token = strtok_r(dataptr, " ", &saveptr1))) +@@ -94,9 +94,9 @@ decode_icmp_msg(char *line, char *data, struct icmp4_msg_mib *msg) + index = strtol(token, &delim, 0); + if (ERANGE == errno) { + continue; +- } else if (index > LONG_MAX) { ++ } else if (index > 255) { + continue; +- } else if (index < LONG_MIN) { ++ } else if (index < 0) { + continue; + } + if(NULL == (token = strtok_r(dataptr, " ", &saveptr1))) +@@ -426,14 +426,21 @@ linux_read_icmp6_parse(struct icmp6_mib *icmp6stat, + + vals = name; + if (NULL != icmp6msgstat) { ++ int type; + if (0 == strncmp(name, "Icmp6OutType", 12)) { + strsep(&vals, "e"); +- icmp6msgstat->vals[atoi(vals)].OutType = stats; ++ type = atoi(vals); ++ if ( type < 0 || type > 255 ) ++ continue; ++ icmp6msgstat->vals[type].OutType = stats; + *support = 1; + continue; + } else if (0 == strncmp(name, "Icmp6InType", 11)) { + strsep(&vals, "e"); +- icmp6msgstat->vals[atoi(vals)].InType = stats; ++ type = atoi(vals); ++ if ( type < 0 || type > 255 ) ++ continue; ++ icmp6msgstat->vals[type].InType = stats; + *support = 1; + continue; + } +diff --git a/agent/mibgroup/mibII/kernel_linux.h b/agent/mibgroup/mibII/kernel_linux.h +index 6bf5d47..c6dfca9 100644 +--- a/agent/mibgroup/mibII/kernel_linux.h ++++ b/agent/mibgroup/mibII/kernel_linux.h +@@ -121,11 +121,11 @@ struct icmp_msg_mib { + + /* Lets use wrapper structures for future expansion */ + struct icmp4_msg_mib { +- struct icmp_msg_mib vals[255]; ++ struct icmp_msg_mib vals[256]; + }; + + struct icmp6_msg_mib { +- struct icmp_msg_mib vals[255]; ++ struct icmp_msg_mib vals[256]; + }; + + struct udp_mib { diff --git a/SOURCES/net-snmp-5.7.2-trigger-crash.patch b/SOURCES/net-snmp-5.7.2-trigger-crash.patch new file mode 100644 index 0000000..069f818 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-trigger-crash.patch @@ -0,0 +1,51 @@ +1050971 - snmpd segfault with entry->sysUpTime = *sysUT_var.val.integer + +commit 9f4c572614091404decba0d4ef1a4cbaf9fc5bd2 +Author: Jan Safranek +Date: Thu Jan 9 13:35:27 2014 +0100 + + CHANGES: snmpd: Fixed monitoring based on non-delta trigger. + + snmpd crashed wit following snmpd.conf: + monitor -s -D -r 10 -e LOGMATCH -o logMatchCurrentCount "Log Match" != logMatchCurrentCount + logmatch LoginFailure1 /var/log/secure 10 su: .*fail.* + + The reason was unitialized variable sysUT_var in mteTrigger_run(), it was + filled only if the trigger was delta-valued, while its value was used for all + triggers. + + With this patch, sysUT_var is filled for all code branches where it is needed. + +diff --git a/agent/mibgroup/disman/event/mteTrigger.c b/agent/mibgroup/disman/event/mteTrigger.c +index bb585ed..11cb5b7 100644 +--- a/agent/mibgroup/disman/event/mteTrigger.c ++++ b/agent/mibgroup/disman/event/mteTrigger.c +@@ -533,6 +533,13 @@ mteTrigger_run( unsigned int reg, void *clientarg) + } /* !old_results - end of else block */ + } /* MTE_TRIGGER_EXISTENCE */ + ++ /* ++ * We'll need sysUpTime.0 regardless... ++ */ ++ DEBUGMSGTL(("disman:event:delta", "retrieve sysUpTime.0\n")); ++ memset( &sysUT_var, 0, sizeof( netsnmp_variable_list )); ++ snmp_set_var_objid( &sysUT_var, _sysUpTime_instance, _sysUpTime_inst_len ); ++ netsnmp_query_get( &sysUT_var, entry->session ); + + if (( entry->mteTriggerTest & MTE_TRIGGER_BOOLEAN ) || + ( entry->mteTriggerTest & MTE_TRIGGER_THRESHOLD )) { +@@ -582,14 +589,6 @@ mteTrigger_run( unsigned int reg, void *clientarg) + * (including sysUpTime.0 if not specified explicitly). + */ + if ( entry->flags & MTE_TRIGGER_FLAG_DELTA ) { +- /* +- * We'll need sysUpTime.0 regardless... +- */ +- DEBUGMSGTL(("disman:event:delta", "retrieve sysUpTime.0\n")); +- memset( &sysUT_var, 0, sizeof( netsnmp_variable_list )); +- snmp_set_var_objid( &sysUT_var, _sysUpTime_instance, +- _sysUpTime_inst_len ); +- netsnmp_query_get( &sysUT_var, entry->session ); + + if (!(entry->flags & MTE_TRIGGER_FLAG_SYSUPT)) { + /* diff --git a/SOURCES/net-snmp-config.h b/SOURCES/net-snmp-config.h index 81aaf5b..c849d6b 100644 --- a/SOURCES/net-snmp-config.h +++ b/SOURCES/net-snmp-config.h @@ -4,10 +4,10 @@ * out) in net-snmp-config.h. The original net-snmp-config.h has been renamed. * DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */ -#ifdef net-snmp-config_multilib_redirection_h -#error "Do not define net-snmp-config_multilib_redirection_h!" +#ifdef net_snmp_config_multilib_redirection_h +#error "Do not define net_snmp_config_multilib_redirection_h!" #endif -#define net-snmp-config_multilib_redirection_h +#define net_snmp_config_multilib_redirection_h #if defined(__i386__) #include "net-snmp-config-i386.h" @@ -33,4 +33,4 @@ #error "net-snmp-devel package does not work on your architecture" #endif -#undef net-snmp-config_multilib_redirection_h +#undef net_snmp_config_multilib_redirection_h diff --git a/SPECS/net-snmp.spec b/SPECS/net-snmp.spec index fbd7926..2c1f3a7 100644 --- a/SPECS/net-snmp.spec +++ b/SPECS/net-snmp.spec @@ -11,7 +11,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.7.2 -Release: 11%{?dist} +Release: 18%{?dist} Epoch: 1 License: BSD @@ -63,6 +63,9 @@ Patch26: net-snmp-5.5-ber-int-size.patch Patch27: net-snmp-5.5-ber-int-size2.patch Patch28: net-snmp-5.7.2-hrStorage-fs.patch Patch29: net-snmp-5.7.2-btrfs.patch +Patch30: net-snmp-5.7.2-trigger-crash.patch +Patch31: net-snmp-5.5-python-retcodes.patch +Patch32: net-snmp-5.7.2-icmp-mib.patch Requires(post): chkconfig Requires(preun): chkconfig @@ -244,6 +247,9 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons. %patch27 -p1 -b .ber-int-size2 %patch28 -p1 -b .hrStorage-fs %patch29 -p1 -b .btrfs +%patch30 -p1 -b .trigger-crash +%patch31 -p1 -b .python-retcodes +%patch32 -p1 -b .icmp-mib %ifarch sparc64 s390 s390x # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697 @@ -395,8 +401,8 @@ install -m 755 -d $RPM_BUILD_ROOT/usr/include/net-snmp/agent/util_funcs install -m 644 agent/mibgroup/util_funcs/*.h $RPM_BUILD_ROOT/usr/include/net-snmp/agent/util_funcs # systemd stuff -install -m 755 -d $RPM_BUILD_ROOT/%{_sysconfdir}/tmpfiles.d/ -install -m 644 %SOURCE9 $RPM_BUILD_ROOT/%{_sysconfdir}/tmpfiles.d/net-snmp.conf +install -m 755 -d $RPM_BUILD_ROOT/%{_prefix}/lib/tmpfiles.d +install -m 644 %SOURCE9 $RPM_BUILD_ROOT/%{_prefix}/lib/tmpfiles.d/net-snmp.conf install -m 755 -d $RPM_BUILD_ROOT/%{_unitdir} install -m 644 %SOURCE10 %SOURCE11 $RPM_BUILD_ROOT/%{_unitdir}/ @@ -472,7 +478,7 @@ rm -rf ${RPM_BUILD_ROOT} %dir %{_datadir}/snmp %{_datadir}/snmp/snmpconf-data %dir %{_localstatedir}/run/net-snmp -%config(noreplace) %{_sysconfdir}/tmpfiles.d/net-snmp.conf +%{_prefix}/lib/tmpfiles.d/net-snmp.conf %{_unitdir}/snmp* %config(noreplace) %{_sysconfdir}/sysconfig/snmpd %config(noreplace) %{_sysconfdir}/sysconfig/snmptrapd @@ -539,7 +545,30 @@ rm -rf ${RPM_BUILD_ROOT} %{_initrddir}/snmptrapd %changelog -* Wed Sep 11 2013 Jan Safranek +* Tue Mar 4 2014 Jan Safranek - 1:5.7.2-18 +- Fixed buffer overflow in ICMP-MIB (#1072092) + +* Thu Feb 13 2014 Jan Safranek - 1:5.7.2-17 +- fixed various error codes in Python module (#1064338) +- fixed net-snmp-config.h header file (#1064437) + +* Fri Jan 24 2014 Daniel Mach - 1:5.7.2-16 +- Mass rebuild 2014-01-24 + +* Wed Jan 15 2014 Honza Horak - 1:5.7.2-15 +- Rebuild for mariadb-libs + Related: #1045013 + +* Thu Jan 9 2014 Jan Safranek - 1:5.7.2-14 +- move tmpfiles.d config file to /usr/lib (#881218) +- fixed dashes in net-snmp-config.h (#1038642) +- fixed snmpd crashing on monitor trigger evaluation (#1050971) + +* Fri Dec 27 2013 Daniel Mach - 1:5.7.2-13 +- Mass rebuild 2013-12-27 + +* Thu Dec 5 2013 Jan Safranek - 1:5.7.2-12 +- fixed clientaddrUsesPort option (#833015) - added support of btrfs to hrStorageTable (#1006758) * Mon Aug 12 2013 Jan Safranek - 1:5.7.2-11