diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4ed69c8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/rpcbind-0.2.0.tar.bz2 diff --git a/.rpcbind.metadata b/.rpcbind.metadata new file mode 100644 index 0000000..c41f61b --- /dev/null +++ b/.rpcbind.metadata @@ -0,0 +1 @@ +02f077372a76a8f9adfa696004aa437212c28617 SOURCES/rpcbind-0.2.0.tar.bz2 diff --git a/SOURCES/rpcbind-0.2.0-CVE20157236-memcorrup.patch b/SOURCES/rpcbind-0.2.0-CVE20157236-memcorrup.patch new file mode 100644 index 0000000..c4904cb --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-CVE20157236-memcorrup.patch @@ -0,0 +1,38 @@ +diff -up rpcbind-0.2.0/src/rpcb_svc_com.c.orig rpcbind-0.2.0/src/rpcb_svc_com.c +--- rpcbind-0.2.0/src/rpcb_svc_com.c.orig 2015-11-30 14:57:10.267576072 -0500 ++++ rpcbind-0.2.0/src/rpcb_svc_com.c 2015-11-30 14:59:06.305393416 -0500 +@@ -1204,12 +1204,33 @@ check_rmtcalls(struct pollfd *pfds, int + return (ncallbacks_found); + } + ++/* ++ * This is really a helper function defined in libtirpc, ++ * but unfortunately, it hasn't been exported yet. ++ */ ++static struct netbuf * ++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len) ++{ ++ if (nb->len != len) { ++ if (nb->len) ++ mem_free(nb->buf, nb->len); ++ nb->buf = mem_alloc(len); ++ if (nb->buf == NULL) ++ return NULL; ++ ++ nb->maxlen = nb->len = len; ++ } ++ memcpy(nb->buf, ptr, len); ++ return nb; ++} ++ + static void + xprt_set_caller(SVCXPRT *xprt, struct finfo *fi) + { ++ const struct netbuf *caller = fi->caller_addr; + u_int32_t *xidp; + +- *(svc_getrpccaller(xprt)) = *(fi->caller_addr); ++ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len); + xidp = __rpcb_get_dg_xidp(xprt); + *xidp = fi->caller_xid; + } diff --git a/SOURCES/rpcbind-0.2.0-configure.ac.patch b/SOURCES/rpcbind-0.2.0-configure.ac.patch new file mode 100644 index 0000000..50eecf0 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-configure.ac.patch @@ -0,0 +1,101 @@ +commit 5618b2f89a752e8bacf9f7c847fd99484a9d3bbc +Author: Mike Frysinger +Date: Tue Mar 26 10:59:42 2013 -0400 + + Rename configure.in to configure.ac + + Newer autotools wants this to end in .ac. + + Signed-off-by: Mike Frysinger + Signed-off-by: Steve Dickson + +diff --git a/configure.ac b/configure.ac +new file mode 100644 +index 0000000..2b67720 +--- /dev/null ++++ b/configure.ac +@@ -0,0 +1,39 @@ ++AC_INIT(rpcbind, 0.2.0) ++ ++AM_INIT_AUTOMAKE ++AC_CONFIG_SRCDIR([src/rpcbind.c]) ++AC_PREFIX_DEFAULT(/usr) ++AC_PROG_CC ++ ++AC_ARG_ENABLE([libwrap], ++ AS_HELP_STRING([--enable-libwrap], [Enables host name checking through tcpd @<:@default=no@:>@])) ++AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes) ++ ++AC_ARG_ENABLE([debug], ++ AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@])) ++AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes) ++ ++AC_ARG_ENABLE([warmstarts], ++ AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@])) ++AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes) ++ ++AC_ARG_WITH([statedir], ++ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@]) ++ ,, [with_statedir=/tmp]) ++AC_SUBST([statedir], [$with_statedir]) ++ ++AC_ARG_WITH([rpcuser], ++ AS_HELP_STRING([--with-rpcuser=ARG], [use ARG for RPC @<:@default=root@:>@]), ++ ,, [with_rpcuser=root]) ++AC_SUBST([rpcuser], [$with_rpcuser]) ++ ++PKG_CHECK_MODULES([TIRPC], [libtirpc]) ++ ++AS_IF([test x$enable_libwrap = xyes], [ ++ AC_CHECK_LIB([wrap], [hosts_access], , ++ AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) ++]) ++ ++AC_SEARCH_LIBS([pthread_create], [pthread]) ++ ++AC_OUTPUT([Makefile]) +diff --git a/configure.in b/configure.in +deleted file mode 100644 +index 2b67720..0000000 +--- a/configure.in ++++ /dev/null +@@ -1,39 +0,0 @@ +-AC_INIT(rpcbind, 0.2.0) +- +-AM_INIT_AUTOMAKE +-AC_CONFIG_SRCDIR([src/rpcbind.c]) +-AC_PREFIX_DEFAULT(/usr) +-AC_PROG_CC +- +-AC_ARG_ENABLE([libwrap], +- AS_HELP_STRING([--enable-libwrap], [Enables host name checking through tcpd @<:@default=no@:>@])) +-AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes) +- +-AC_ARG_ENABLE([debug], +- AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@])) +-AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes) +- +-AC_ARG_ENABLE([warmstarts], +- AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@])) +-AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes) +- +-AC_ARG_WITH([statedir], +- AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@]) +- ,, [with_statedir=/tmp]) +-AC_SUBST([statedir], [$with_statedir]) +- +-AC_ARG_WITH([rpcuser], +- AS_HELP_STRING([--with-rpcuser=ARG], [use ARG for RPC @<:@default=root@:>@]), +- ,, [with_rpcuser=root]) +-AC_SUBST([rpcuser], [$with_rpcuser]) +- +-PKG_CHECK_MODULES([TIRPC], [libtirpc]) +- +-AS_IF([test x$enable_libwrap = xyes], [ +- AC_CHECK_LIB([wrap], [hosts_access], , +- AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) +-]) +- +-AC_SEARCH_LIBS([pthread_create], [pthread]) +- +-AC_OUTPUT([Makefile]) diff --git a/SOURCES/rpcbind-0.2.0-debug.patch b/SOURCES/rpcbind-0.2.0-debug.patch new file mode 100644 index 0000000..c94b25b --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-debug.patch @@ -0,0 +1,1261 @@ +diff --git a/Makefile.am b/Makefile.am +index 264ffa6..0cbea8c 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -15,6 +15,10 @@ AM_CPPFLAGS += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL + AM_CPPFLAGS += -DND_DEBUG -DBIND_DEBUG + endif + ++if LIBSETDEBUG ++AM_CPPFLAGS += -DLIB_SET_DEBUG ++endif ++ + if WARMSTART + AM_CPPFLAGS += -DWARMSTART + endif +@@ -36,7 +40,8 @@ rpcbind_SOURCES = \ + src/rpcbind.h \ + src/security.c \ + src/util.c \ +- src/warmstart.c ++ src/warmstart.c \ ++ src/xlog.c + rpcbind_LDADD = $(TIRPC_LIBS) + + if SYSTEMD +diff --git a/configure.ac b/configure.ac +index b97b5a0..a260577 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -12,6 +12,10 @@ AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes) + AC_ARG_ENABLE([debug], + AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@])) + AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes) ++if test x"$enable_debug" = xyes; then ++ AC_CHECK_LIB([tirpc], [libtirpc_set_debug], [lib_setdebug=yes]) ++fi ++AM_CONDITIONAL(LIBSETDEBUG, test x$lib_setdebug = xyes) + + AC_ARG_ENABLE([warmstarts], + AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@])) +diff --git a/man/rpcbind.8 b/man/rpcbind.8 +index da32701..af6200f 100644 +--- a/man/rpcbind.8 ++++ b/man/rpcbind.8 +@@ -76,8 +76,8 @@ do an abort on errors. + Run in debug mode. + In this mode, + .Nm +-will not fork when it starts, will print additional information +-during operation, and will abort on certain errors if ++will log additional information during operation, ++and will abort on certain errors if + .Fl a + is also specified. + With this option, the name-to-address translation consistency +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index 337e64d..ad28b93 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -54,9 +54,11 @@ static char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro"; + #include + #include + #ifdef RPCBIND_DEBUG ++#include + #include + #endif + #include "rpcbind.h" ++#include "xlog.h" + #include /* svc_getcaller routine definition */ + static struct pmaplist *find_service_pmap __P((rpcprog_t, rpcvers_t, + rpcprot_t)); +@@ -78,7 +80,7 @@ pmap_service(struct svc_req *rqstp, SVCXPRT *xprt) + */ + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "PMAPPROC_NULL\n"); ++ xlog(LOG_DEBUG, "PMAPPROC_NULL\n"); + #endif + check_access(xprt, rqstp->rq_proc, 0, PMAPVERS); + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_void, NULL)) && +@@ -117,7 +119,7 @@ pmap_service(struct svc_req *rqstp, SVCXPRT *xprt) + */ + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "PMAPPROC_DUMP\n"); ++ xlog(LOG_DEBUG, "PMAPPROC_DUMP\n"); + #endif + pmapproc_dump(rqstp, xprt); + break; +@@ -196,7 +198,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "%s request for (%lu, %lu) : ", ++ xlog(LOG_DEBUG, "%s request for (%lu, %lu) : ", + op == PMAPPROC_SET ? "PMAP_SET" : "PMAP_UNSET", + reg.pm_prog, reg.pm_vers); + #endif +@@ -243,14 +245,14 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + done_change: + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_long, (caddr_t) &ans)) && + debugging) { +- fprintf(stderr, "portmap: svc_sendreply\n"); ++ xlog(L_ERROR, "portmap: svc_sendreply failed!\n"); + if (doabort) { + rpcbind_abort(); + } + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "%s\n", ans == TRUE ? "succeeded" : "failed"); ++ xlog(LOG_DEBUG, "%s\n", ans == TRUE ? "succeeded" : "failed"); + #endif + if (op == PMAPPROC_SET) + rpcbs_set(RPCBVERS_2_STAT, ans); +@@ -285,7 +287,7 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + if (debugging) { + uaddr = taddr2uaddr(rpcbind_get_conf(xprt->xp_netid), + svc_getrpccaller(xprt)); +- fprintf(stderr, "PMAP_GETPORT req for (%lu, %lu, %s) from %s :", ++ xlog(LOG_DEBUG, "PMAP_GETPORT req for (%lu, %lu, %s) from %s :", + reg.pm_prog, reg.pm_vers, + pmap_ipprot2netid(reg.pm_prot)?: "", + uaddr); +@@ -315,14 +317,14 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + lport = port; + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_long, (caddr_t)&lport)) && + debugging) { +- (void) fprintf(stderr, "portmap: svc_sendreply\n"); ++ xlog(L_ERROR, "portmap: svc_sendreply failed!\n"); + if (doabort) { + rpcbind_abort(); + } + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "port = %d\n", port); ++ xlog(LOG_DEBUG, "port = %d\n", port); + #endif + rpcbs_getaddr(RPCBVERS_2_STAT, reg.pm_prog, reg.pm_vers, + pmap_ipprot2netid(reg.pm_prot) ?: "", +@@ -347,8 +349,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr, + (caddr_t)&list_pml)) && debugging) { +- if (debugging) +- (void) fprintf(stderr, "portmap: svc_sendreply\n"); ++ xlog(L_ERROR, "portmap: svc_sendreply failed!\n"); + if (doabort) { + rpcbind_abort(); + } +diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c +index e350f85..92361a2 100644 +--- a/src/rpcb_svc.c ++++ b/src/rpcb_svc.c +@@ -86,7 +86,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + */ + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_NULL\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_NULL"); + #endif + /* This call just logs, no actual checks */ + check_access(transp, rqstp->rq_proc, 0, RPCBVERS); +@@ -114,7 +114,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_DUMP: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_DUMP\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_DUMP"); + #endif + xdr_argument = (xdrproc_t)xdr_void; + xdr_result = (xdrproc_t)xdr_rpcblist_ptr; +@@ -128,7 +128,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_GETTIME: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_GETTIME\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_GETTIME"); + #endif + xdr_argument = (xdrproc_t)xdr_void; + xdr_result = (xdrproc_t)xdr_u_long; +@@ -138,7 +138,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_UADDR2TADDR: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_UADDR2TADDR\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_UADDR2TADDR"); + #endif + xdr_argument = (xdrproc_t)xdr_wrapstring; + xdr_result = (xdrproc_t)xdr_netbuf; +@@ -148,7 +148,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_TADDR2UADDR: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_TADDR2UADDR\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_TADDR2UADDR"); + #endif + xdr_argument = (xdrproc_t)xdr_netbuf; + xdr_result = (xdrproc_t)xdr_wrapstring; +@@ -164,7 +164,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + (char *) &argument)) { + svcerr_decode(transp); + if (debugging) +- (void) fprintf(stderr, "rpcbind: could not decode\n"); ++ (void) xlog(LOG_DEBUG, "rpcbind: could not decode"); + return; + } + +@@ -182,7 +182,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + result)) { + svcerr_systemerr(transp); + if (debugging) { +- (void) fprintf(stderr, "rpcbind: svc_sendreply\n"); ++ (void) xlog(LOG_DEBUG, "rpcbind: svc_sendreply"); + if (doabort) { + rpcbind_abort(); + } +@@ -192,7 +192,7 @@ done: + if (!svc_freeargs(transp, (xdrproc_t)xdr_argument, (char *) + &argument)) { + if (debugging) { +- (void) fprintf(stderr, "unable to free arguments\n"); ++ (void) xlog(LOG_DEBUG, "unable to free arguments"); + if (doabort) { + rpcbind_abort(); + } +@@ -220,7 +220,7 @@ rpcbproc_getaddr_3_local(void *arg, struct svc_req *rqstp /*__unused*/, + + uaddr = taddr2uaddr(rpcbind_get_conf(transp->xp_netid), + svc_getrpccaller(transp)); +- fprintf(stderr, "RPCB_GETADDR req for (%lu, %lu, %s) from %s: ", ++ xlog(LOG_DEBUG, "RPCB_GETADDR req for (%lu, %lu, %s) from %s: ", + (unsigned long)regp->r_prog, (unsigned long)regp->r_vers, + regp->r_netid, uaddr); + free(uaddr); +diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c +index 313e6d1..f1a72a6 100644 +--- a/src/rpcb_svc_4.c ++++ b/src/rpcb_svc_4.c +@@ -89,7 +89,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + */ + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_NULL\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_NULL\n"); + #endif + check_access(transp, rqstp->rq_proc, 0, RPCBVERS4); + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, +@@ -125,7 +125,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_GETVERSADDR: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_GETVERSADDR\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_GETVERSADDR\n"); + #endif + xdr_argument = (xdrproc_t)xdr_rpcb; + xdr_result = (xdrproc_t)xdr_wrapstring; +@@ -135,7 +135,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_DUMP: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_DUMP\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_DUMP\n"); + #endif + xdr_argument = (xdrproc_t)xdr_void; + xdr_result = (xdrproc_t)xdr_rpcblist_ptr; +@@ -145,7 +145,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_INDIRECT: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_INDIRECT\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_INDIRECT\n"); + #endif + rpcbproc_callit_com(rqstp, transp, rqstp->rq_proc, RPCBVERS4); + return; +@@ -154,7 +154,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_BCAST: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_BCAST\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_BCAST\n"); + #endif + rpcbproc_callit_com(rqstp, transp, rqstp->rq_proc, RPCBVERS4); + return; +@@ -162,7 +162,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_GETTIME: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_GETTIME\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_GETTIME\n"); + #endif + xdr_argument = (xdrproc_t)xdr_void; + xdr_result = (xdrproc_t)xdr_u_long; +@@ -172,7 +172,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_UADDR2TADDR: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_UADDR2TADDR\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_UADDR2TADDR\n"); + #endif + xdr_argument = (xdrproc_t)xdr_wrapstring; + xdr_result = (xdrproc_t)xdr_netbuf; +@@ -182,7 +182,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_TADDR2UADDR: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_TADDR2UADDR\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_TADDR2UADDR\n"); + #endif + xdr_argument = (xdrproc_t)xdr_netbuf; + xdr_result = (xdrproc_t)xdr_wrapstring; +@@ -192,7 +192,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_GETADDRLIST: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_GETADDRLIST\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_GETADDRLIST\n"); + #endif + xdr_argument = (xdrproc_t)xdr_rpcb; + xdr_result = (xdrproc_t)xdr_rpcb_entry_list_ptr; +@@ -202,7 +202,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + case RPCBPROC_GETSTAT: + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCBPROC_GETSTAT\n"); ++ xlog(LOG_DEBUG, "RPCBPROC_GETSTAT\n"); + #endif + xdr_argument = (xdrproc_t)xdr_void; + xdr_result = (xdrproc_t)xdr_rpcb_stat_byvers; +@@ -218,7 +218,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + (char *)&argument)) { + svcerr_decode(transp); + if (debugging) +- (void) fprintf(stderr, "rpcbind: could not decode\n"); ++ (void) xlog(LOG_DEBUG, "rpcbind: could not decode\n"); + return; + } + +@@ -236,7 +236,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + result)) { + svcerr_systemerr(transp); + if (debugging) { +- (void) fprintf(stderr, "rpcbind: svc_sendreply\n"); ++ (void) xlog(LOG_DEBUG, "rpcbind: svc_sendreply\n"); + if (doabort) { + rpcbind_abort(); + } +@@ -246,7 +246,7 @@ done: + if (!svc_freeargs(transp, (xdrproc_t) xdr_argument, + (char *)&argument)) { + if (debugging) { +- (void) fprintf(stderr, "unable to free arguments\n"); ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); + if (doabort) { + rpcbind_abort(); + } +@@ -277,7 +277,7 @@ rpcbproc_getaddr_4_local(void *arg, struct svc_req *rqstp, SVCXPRT *transp, + + uaddr = taddr2uaddr(rpcbind_get_conf(transp->xp_netid), + svc_getrpccaller(transp)); +- fprintf(stderr, "RPCB_GETADDR req for (%lu, %lu, %s) from %s: ", ++ xlog(LOG_DEBUG, "RPCB_GETADDR req for (%lu, %lu, %s) from %s: ", + (unsigned long)regp->r_prog, (unsigned long)regp->r_vers, + regp->r_netid, uaddr); + free(uaddr); +@@ -307,7 +307,7 @@ rpcbproc_getversaddr_4_local(void *arg, struct svc_req *rqstp, SVCXPRT *transp, + + uaddr = taddr2uaddr(rpcbind_get_conf(transp->xp_netid), + svc_getrpccaller(transp)); +- fprintf(stderr, "RPCB_GETVERSADDR rqst for (%lu, %lu, %s)" ++ xlog(LOG_DEBUG, "RPCB_GETVERSADDR rqst for (%lu, %lu, %s)" + " from %s : ", + (unsigned long)regp->r_prog, (unsigned long)regp->r_vers, + regp->r_netid, uaddr); +@@ -353,7 +353,7 @@ rpcbproc_getaddrlist_4_local(void *arg, struct svc_req *rqstp /*__unused*/, + } + #ifdef RPCBIND_DEBUG + if (debugging) { +- fprintf(stderr, "r_addr: %s r_netid: %s nc_protofmly: %s\n", ++ xlog(LOG_DEBUG, "r_addr: %s r_netid: %s nc_protofmly: %s\n", + regp->r_addr, regp->r_netid, reg_nconf->nc_protofmly); + } + #endif +@@ -369,20 +369,20 @@ rpcbproc_getaddrlist_4_local(void *arg, struct svc_req *rqstp /*__unused*/, + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "\tmerge with: %s\n", ++ xlog(LOG_DEBUG, "\tmerge with: %s\n", + rbl->rpcb_map.r_addr); + #endif + if ((maddr = mergeaddr(transp, rbl->rpcb_map.r_netid, + rbl->rpcb_map.r_addr, saddr)) == NULL) { + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, " FAILED\n"); ++ xlog(LOG_DEBUG, " FAILED\n"); + #endif + continue; + } else if (!maddr[0]) { + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, " SUCCEEDED, but port died - maddr: nullstring\n"); ++ xlog(LOG_DEBUG, " SUCCEEDED, but port died - maddr: nullstring\n"); + #endif + /* The server died. Unset this combination */ + delete_prog(regp->r_prog); +@@ -390,7 +390,7 @@ rpcbproc_getaddrlist_4_local(void *arg, struct svc_req *rqstp /*__unused*/, + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, " SUCCEEDED maddr: %s\n", maddr); ++ xlog(LOG_DEBUG, " SUCCEEDED maddr: %s\n", maddr); + #endif + /* + * Add it to rlist. +@@ -418,7 +418,7 @@ rpcbproc_getaddrlist_4_local(void *arg, struct svc_req *rqstp /*__unused*/, + #ifdef RPCBIND_DEBUG + if (debugging) { + for (rp = rlist; rp; rp = rp->rpcb_entry_next) { +- fprintf(stderr, "\t%s %s\n", rp->rpcb_entry_map.r_maddr, ++ xlog(LOG_DEBUG, "\t%s %s\n", rp->rpcb_entry_map.r_maddr, + rp->rpcb_entry_map.r_nc_proto); + } + } +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 69a6d2d..3716f04 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -137,14 +137,14 @@ rpcbproc_set_com(void *arg, struct svc_req *rqstp /*__unused*/, SVCXPRT *transp, + + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCB_SET request for (%lu, %lu, %s, %s) : ", ++ xlog(LOG_DEBUG, "RPCB_SET request for (%lu, %lu, %s, %s) : ", + (unsigned long)regp->r_prog, (unsigned long)regp->r_vers, + regp->r_netid, regp->r_addr); + #endif + ans = map_set(regp, getowner(transp, owner, sizeof owner)); + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "%s\n", ans == TRUE ? "succeeded" : "failed"); ++ xlog(LOG_DEBUG, "RPCB_SET: %s", ans == TRUE ? "succeeded" : "failed"); + #endif + /* XXX: should have used some defined constant here */ + rpcbs_set(rpcbversnum - 2, ans); +@@ -225,7 +225,7 @@ rpcbproc_unset_com(void *arg, struct svc_req *rqstp /*__unused*/, SVCXPRT *trans + + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "RPCB_UNSET request for (%lu, %lu, %s) : ", ++ xlog(LOG_DEBUG, "RPCB_UNSET request for (%lu, %lu, %s) : ", + (unsigned long)regp->r_prog, (unsigned long)regp->r_vers, + regp->r_netid); + #endif +@@ -233,7 +233,7 @@ rpcbproc_unset_com(void *arg, struct svc_req *rqstp /*__unused*/, SVCXPRT *trans + ans = map_unset(regp, getowner(transp, owner, sizeof owner)); + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "%s\n", ans == TRUE ? "succeeded" : "failed"); ++ xlog(LOG_DEBUG, "RPCB_UNSET: %s", ans == TRUE ? "succeeded" : "failed"); + #endif + /* XXX: should have used some defined constant here */ + rpcbs_unset(rpcbversnum - 2, ans); +@@ -264,9 +264,9 @@ map_unset(RPCB *regp, char *owner) + * if superuser or the owner itself. + */ + #ifdef RPCBIND_DEBUG +- fprintf(stderr,"Suppression RPC_UNSET(map_unset)\n "); +- fprintf(stderr,"rbl->rpcb_map.r_owner=%s\n ",rbl->rpcb_map.r_owner); +- fprintf(stderr,"owner=%s\n ",owner); ++ xlog(LOG_DEBUG,"Suppression RPC_UNSET(map_unset) "); ++ xlog(LOG_DEBUG,"rbl->rpcb_map.r_owner=%s ",rbl->rpcb_map.r_owner); ++ xlog(LOG_DEBUG,"owner=%s ",owner); + #endif + if (strcmp(owner, "superuser") && + strcmp(rbl->rpcb_map.r_owner, owner)) +@@ -349,7 +349,7 @@ rpcbproc_getaddr_com(RPCB *regp, struct svc_req *rqstp /*__unused*/, + } + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "getaddr: %s\n", uaddr); ++ xlog(LOG_DEBUG, "getaddr: %s", uaddr); + #endif + /* XXX: should have used some defined constant here */ + rpcbs_getaddr(rpcbversnum - 2, regp->r_prog, regp->r_vers, +@@ -506,7 +506,7 @@ create_rmtcall_fd(struct netconfig *nconf) + + if ((fd = __rpc_nconf2fd(nconf)) == -1) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "create_rmtcall_fd: couldn't open \"%s\" (errno %d)\n", + nconf->nc_device, errno); + return (-1); +@@ -514,7 +514,7 @@ create_rmtcall_fd(struct netconfig *nconf) + xprt = svc_tli_create(fd, 0, (struct t_bind *) 0, 0, 0); + if (xprt == NULL) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "create_rmtcall_fd: svc_tli_create failed\n"); + return (-1); + } +@@ -656,7 +656,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + #endif /* notyet */ + if (buf_alloc == NULL) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: No Memory!\n"); + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); +@@ -672,7 +672,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_decode(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: svc_getargs failed\n"); + goto error; + } +@@ -686,7 +686,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + #ifdef RPCBIND_DEBUG + if (debugging) { + uaddr = taddr2uaddr(rpcbind_get_conf(transp->xp_netid), caller); +- fprintf(stderr, "%s %s req for (%lu, %lu, %lu, %s) from %s : ", ++ xlog(LOG_DEBUG, "%s %s req for (%lu, %lu, %lu, %s) from %s : ", + versnum == PMAPVERS ? "pmap_rmtcall" : + versnum == RPCBVERS ? "rpcb_rmtcall" : + versnum == RPCBVERS4 ? "rpcb_indirect" : "unknown", +@@ -707,7 +707,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (rbl == (rpcblist_ptr)NULL) { + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "not found\n"); ++ xlog(LOG_DEBUG, "not found\n"); + #endif + if (reply_type == RPCBPROC_INDIRECT) + svcerr_noprog(transp); +@@ -726,7 +726,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "found at uaddr %s\n", rbl->rpcb_map.r_addr); ++ xlog(LOG_DEBUG, "found at uaddr %s\n", rbl->rpcb_map.r_addr); + #endif + /* + * Check whether this entry is valid and a server is present +@@ -750,14 +750,14 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: rpcbind_get_conf failed\n"); + goto error; + } + localsa = local_sa(((struct sockaddr *)caller->buf)->sa_family); + if (localsa == NULL) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: no local address\n"); + goto error; + } +@@ -780,7 +780,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + nconf->nc_netid); + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, "merged uaddr %s\n", m_uaddr); ++ xlog(LOG_DEBUG, "merged uaddr %s\n", m_uaddr); + #endif + if ((fd = find_rmtcallfd_by_netid(nconf->nc_netid)) == -1) { + if (reply_type == RPCBPROC_INDIRECT) +@@ -800,20 +800,20 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + * beat on it any more. + */ + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: duplicate request\n"); + goto error; + case -1: + /* forward_register failed. Perhaps no memory. */ + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: forward_register failed\n"); + goto error; + } + + #ifdef DEBUG_RMTCALL + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: original XID %x, new XID %x\n", + *xidp, call_msg.rm_xid); + #endif +@@ -831,7 +831,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: No memory!\n"); + goto error; + } +@@ -843,7 +843,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: xdr_callhdr failed\n"); + goto error; + } +@@ -851,7 +851,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: xdr_u_long failed\n"); + goto error; + } +@@ -870,7 +870,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + } else { + /* we do not support any other authentication scheme */ + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: oa_flavor != AUTH_NONE and oa_flavor != AUTH_SYS\n"); + if (reply_type == RPCBPROC_INDIRECT) + svcerr_weakauth(transp); /* XXX too strong.. */ +@@ -880,7 +880,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: authwhatever_create returned NULL\n"); + goto error; + } +@@ -889,7 +889,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + svcerr_systemerr(transp); + AUTH_DESTROY(auth); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: AUTH_MARSHALL failed\n"); + goto error; + } +@@ -898,7 +898,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: xdr_opaque_parms failed\n"); + goto error; + } +@@ -918,7 +918,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len) + != outlen) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "rpcbproc_callit_com: sendto failed: errno %d\n", errno); + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); +@@ -1123,15 +1123,7 @@ my_svc_run() + } + nfds = p - pollfds; + poll_ret = 0; +-#ifdef SVC_RUN_DEBUG +- if (debugging) { +- fprintf(stderr, "polling for read on fd < "); +- for (i = 0, p = pollfds; i < nfds; i++, p++) +- if (p->events) +- fprintf(stderr, "%d ", p->fd); +- fprintf(stderr, ">\n"); +- } +-#endif ++ + switch (poll_ret = poll(pollfds, nfds, 30 * 1000)) { + case -1: + /* +@@ -1144,15 +1136,6 @@ my_svc_run() + __svc_clean_idle(&cleanfds, 30, FALSE); + continue; + default: +-#ifdef SVC_RUN_DEBUG +- if (debugging) { +- fprintf(stderr, "poll returned read fds < "); +- for (i = 0, p = pollfds; i < nfds; i++, p++) +- if (p->revents) +- fprintf(stderr, "%d ", p->fd); +- fprintf(stderr, ">\n"); +- } +-#endif + /* + * If we found as many replies on callback fds + * as the number of descriptors selectable which +@@ -1165,11 +1148,6 @@ my_svc_run() + continue; + svc_getreq_poll(pollfds, poll_ret-check_ret); + } +-#ifdef SVC_RUN_DEBUG +- if (debugging) { +- fprintf(stderr, "svc_maxfd now %u\n", svc_maxfd); +- } +-#endif + } + } + +@@ -1189,7 +1167,7 @@ check_rmtcalls(struct pollfd *pfds, int nfds) + ncallbacks_found++; + #ifdef DEBUG_RMTCALL + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "my_svc_run: polled on forwarding fd %d, netid %s - calling handle_reply\n", + pfds[j].fd, xprt->xp_netid); + #endif +@@ -1274,7 +1252,7 @@ handle_reply(int fd, SVCXPRT *xprt) + } while (inlen < 0 && errno == EINTR); + if (inlen < 0) { + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "handle_reply: recvfrom returned %d, errno %d\n", inlen, errno); + goto done; + } +@@ -1286,14 +1264,14 @@ handle_reply(int fd, SVCXPRT *xprt) + xdrmem_create(&reply_xdrs, buffer, (u_int)inlen, XDR_DECODE); + if (!xdr_replymsg(&reply_xdrs, &reply_msg)) { + if (debugging) +- (void) fprintf(stderr, ++ (void) xlog(LOG_DEBUG, + "handle_reply: xdr_replymsg failed\n"); + goto done; + } + fi = forward_find(reply_msg.rm_xid); + #ifdef SVC_RUN_DEBUG + if (debugging) { +- fprintf(stderr, "handle_reply: reply xid: %d fi addr: %p\n", ++ xlog(LOG_DEBUG, "handle_reply: reply xid: %d fi addr: %p\n", + reply_msg.rm_xid, fi); + } + #endif +@@ -1303,7 +1281,7 @@ handle_reply(int fd, SVCXPRT *xprt) + _seterr_reply(&reply_msg, &reply_error); + if (reply_error.re_status != RPC_SUCCESS) { + if (debugging) +- (void) fprintf(stderr, "handle_reply: %s\n", ++ (void) xlog(LOG_DEBUG, "handle_reply: %s\n", + clnt_sperrno(reply_error.re_status)); + send_svcsyserr(xprt, fi); + goto done; +@@ -1327,7 +1305,7 @@ done: + if (reply_msg.rm_xid == 0) { + #ifdef SVC_RUN_DEBUG + if (debugging) { +- fprintf(stderr, "handle_reply: NULL xid on exit!\n"); ++ xlog(LOG_DEBUG, "handle_reply: NULL xid on exit!\n"); + } + #endif + } else +diff --git a/src/rpcbind.c b/src/rpcbind.c +index bf40807..2789baf 100644 +--- a/src/rpcbind.c ++++ b/src/rpcbind.c +@@ -72,6 +72,7 @@ + #include + #include + #include "rpcbind.h" ++#include "xlog.h" + + /*#define RPCBIND_DEBUG*/ + +@@ -110,6 +111,9 @@ int nhosts = 0; + int on = 1; + int rpcbindlockfd; + ++#ifdef LIB_SET_DEBUG ++void libtirpc_set_debug(char *name, int level, int use_stderr); ++#endif + #ifdef WARMSTART + /* Local Variable */ + static int warmstart = 0; /* Grab an old copy of registrations. */ +@@ -159,7 +163,7 @@ main(int argc, char *argv[]) + rl.rlim_cur = 128; + setrlimit(RLIMIT_NOFILE, &rl); + } +- openlog("rpcbind", LOG_CONS, LOG_DAEMON); ++ + if (geteuid()) { /* This command allowed only to root */ + fprintf(stderr, "Sorry. You are not superuser\n"); + exit(1); +@@ -184,7 +188,20 @@ main(int argc, char *argv[]) + syslog(LOG_ERR, "%s: can't find local transport\n", argv[0]); + exit(1); + } +- ++ xlog_open("rpcbind"); ++ if (dofork) { ++ xlog_syslog(TRUE); ++ xlog_stderr(FALSE); ++ } else { ++ xlog_syslog(FALSE); ++ xlog_stderr(TRUE); ++ } ++ if (debugging) { ++ xlog_config(D_ALL, 1); ++#ifdef LIB_SET_DEBUG ++ libtirpc_set_debug("rpcbind", debugging, (dofork == 0)); ++#endif ++ } + rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec); + + init_transport(nconf); +@@ -213,18 +230,16 @@ main(int argc, char *argv[]) + (void) signal(SIGUSR1, SIG_IGN); + (void) signal(SIGUSR2, SIG_IGN); + +- if (debugging) { + #ifdef RPCBIND_DEBUG +- printf("rpcbind debugging enabled."); +- if (doabort) { +- printf(" Will abort on errors!\n"); +- } else { +- printf("\n"); +- } ++ if (debugging) { ++ xlog(LOG_DEBUG, "debugging enabled."); ++ if (doabort) ++ xlog(LOG_DEBUG, "Will abort on errors!\n"); ++ } + #endif +- } else if (dofork) { ++ if (dofork) { + if (daemon(0, 0)) +- err(1, "fork failed"); ++ err(1, "fork failed"); + } + + if (runasdaemon || rpcbinduser) { +@@ -306,11 +321,11 @@ init_transport(struct netconfig *nconf) + int i; + char **s; + +- (void) fprintf(stderr, "%s: %ld lookup routines :\n", ++ (void) xlog(LOG_DEBUG, "%s: %ld lookup routines :\n", + nconf->nc_netid, nconf->nc_nlookups); + for (i = 0, s = nconf->nc_lookups; i < nconf->nc_nlookups; + i++, s++) +- fprintf(stderr, "[%d] - %s\n", i, *s); ++ xlog(LOG_DEBUG, "[%d] - %s\n", i, *s); + } + #endif + if (!__rpc_nconf2sockinfo(nconf, &si)) { +@@ -540,7 +555,7 @@ init_transport(struct netconfig *nconf) + } + nb.len = nb.maxlen = sa_size; + uaddr = taddr2uaddr(nconf, &nb); +- (void) fprintf(stderr, ++ (void) xlog(LOG_DEBUG, + "rpcbind : my address is %s\n", uaddr); + (void) free(uaddr); + } +@@ -617,7 +632,7 @@ init_transport(struct netconfig *nconf) + } + nb.len = nb.maxlen = sa_size2; + uaddr = taddr2uaddr(nconf, &nb); +- (void) fprintf(stderr, "rpcbind : my address is %s\n", ++ (void) xlog(LOG_DEBUG, "rpcbind : my address is %s\n", + uaddr); + (void) free(uaddr); + } +@@ -724,13 +739,13 @@ got_socket: + #ifdef RPCBIND_DEBUG + if (debugging) { + if (status < 0) { +- fprintf(stderr, "Error in finding bind status for %s\n", ++ xlog(LOG_DEBUG, "Error in finding bind status for %s\n", + nconf->nc_netid); + } else if (status == 0) { +- fprintf(stderr, "check binding for %s\n", ++ xlog(LOG_DEBUG, "check binding for %s\n", + nconf->nc_netid); + } else if (status > 0) { +- fprintf(stderr, "No check binding for %s\n", ++ xlog(LOG_DEBUG, "No check binding for %s\n", + nconf->nc_netid); + } + } +@@ -744,11 +759,11 @@ got_socket: + #ifdef RPCBIND_DEBUG + if (debugging) { + if (status < 0) { +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "Could not create rmtcall fd for %s\n", + nconf->nc_netid); + } else { +- fprintf(stderr, "rmtcall fd for %s is %d\n", ++ xlog(LOG_DEBUG, "rmtcall fd for %s is %d\n", + nconf->nc_netid, status); + } + } +@@ -773,8 +788,8 @@ rbllist_add(rpcprog_t prog, rpcvers_t vers, struct netconfig *nconf, + } + #ifdef RPCBIND_DEBUG + if (debugging){ +- fprintf(stderr,"FUNCTION rbllist_add"); +- fprintf(stderr,"Add the prog %lu vers %lu to the rpcbind list\n", ++ xlog(LOG_DEBUG,"FUNCTION rbllist_add"); ++ xlog(LOG_DEBUG,"Add the prog %lu vers %lu to the rpcbind list", + (ulong)prog, (ulong)vers); + } + #endif +@@ -824,7 +839,7 @@ parseargs(int argc, char *argv[]) + break; /* errors; for rpcbind developers */ + /* only! */ + case 'd': +- debugging = 1; ++ debugging++; + break; + case 'h': + ++nhosts; +diff --git a/src/security.c b/src/security.c +index d272f74..70edef4 100644 +--- a/src/security.c ++++ b/src/security.c +@@ -80,7 +80,7 @@ check_access(SVCXPRT *xprt, rpcproc_t proc, rpcprog_t prog, unsigned int rpcbver + if (!insecure && !is_loopback(caller)) { + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, " declined (non-loopback sender) \n"); ++ xlog(LOG_DEBUG, " declined (non-loopback sender) \n"); + #endif + if (verboselog) + logit(log_severity, addr, proc, prog, +@@ -134,7 +134,7 @@ is_loopback(struct netbuf *nbuf) + sin = (struct sockaddr_in *)addr; + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "Checking caller's adress (port = %d)\n", + ntohs(sin->sin_port)); + #endif +@@ -146,7 +146,7 @@ is_loopback(struct netbuf *nbuf) + sin6 = (struct sockaddr_in6 *)addr; + #ifdef RPCBIND_DEBUG + if (debugging) +- fprintf(stderr, ++ xlog(LOG_DEBUG, + "Checking caller's adress (port = %d)\n", + ntohs(sin6->sin6_port)); + #endif +diff --git a/src/xlog.c b/src/xlog.c +new file mode 100644 +index 0000000..ab6c717 +--- /dev/null ++++ b/src/xlog.c +@@ -0,0 +1,234 @@ ++/* ++ * support/nfs/xlog.c ++ * ++ * This module handles the logging of requests. ++ * ++ * TODO: Merge the two "XXX_log() calls. ++ * ++ * Authors: Donald J. Becker, ++ * Rick Sladkey, ++ * Fred N. van Kempen, ++ * Olaf Kirch, ++ * ++ * This software maybe be used for any purpose provided ++ * the above copyright notice is retained. It is supplied ++ * as is, with no warranty expressed or implied. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include ++#endif ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "xlog.h" ++ ++#undef VERBOSE_PRINTF ++ ++static int log_stderr = 1; ++static int log_syslog = 1; ++static int logging = 0; /* enable/disable DEBUG logs */ ++static int logmask = 0; /* What will be logged */ ++static char log_name[256]; /* name of this program */ ++static int log_pid = -1; /* PID of this program */ ++ ++int export_errno = 0; ++ ++static void xlog_toggle(int sig); ++static struct xlog_debugfac debugnames[] = { ++ { "general", D_GENERAL, }, ++ { "call", D_CALL, }, ++ { "auth", D_AUTH, }, ++ { "parse", D_PARSE, }, ++ { "all", D_ALL, }, ++ { NULL, 0, }, ++}; ++ ++void ++xlog_open(char *progname) ++{ ++ openlog(progname, LOG_PID, LOG_DAEMON); ++ ++ strncpy(log_name, progname, sizeof (log_name) - 1); ++ log_name [sizeof (log_name) - 1] = '\0'; ++ log_pid = getpid(); ++ ++ signal(SIGUSR1, xlog_toggle); ++ signal(SIGUSR2, xlog_toggle); ++} ++ ++void ++xlog_stderr(int on) ++{ ++ log_stderr = on; ++} ++ ++void ++xlog_syslog(int on) ++{ ++ log_syslog = on; ++} ++ ++static void ++xlog_toggle(int sig) ++{ ++ unsigned int tmp, i; ++ ++ if (sig == SIGUSR1) { ++ if ((logmask & D_ALL) && !logging) { ++ xlog(D_GENERAL, "turned on logging"); ++ logging = 1; ++ return; ++ } ++ tmp = ~logmask; ++ logmask |= ((logmask & D_ALL) << 1) | D_GENERAL; ++ for (i = -1, tmp &= logmask; tmp; tmp >>= 1, i++) ++ if (tmp & 1) ++ xlog(D_GENERAL, ++ "turned on logging level %d", i); ++ } else { ++ xlog(D_GENERAL, "turned off logging"); ++ logging = 0; ++ } ++ signal(sig, xlog_toggle); ++} ++ ++void ++xlog_config(int fac, int on) ++{ ++ if (on) ++ logmask |= fac; ++ else ++ logmask &= ~fac; ++ if (on) ++ logging = 1; ++} ++ ++void ++xlog_sconfig(char *kind, int on) ++{ ++ struct xlog_debugfac *tbl = debugnames; ++ ++ while (tbl->df_name != NULL && strcasecmp(tbl->df_name, kind)) ++ tbl++; ++ if (!tbl->df_name) { ++ xlog (L_WARNING, "Invalid debug facility: %s\n", kind); ++ return; ++ } ++ xlog_config(tbl->df_fac, on); ++} ++ ++int ++xlog_enabled(int fac) ++{ ++ return (logging && (fac & logmask)); ++} ++ ++ ++/* Write something to the system logfile and/or stderr */ ++void ++xlog_backend(int kind, const char *fmt, va_list args) ++{ ++ va_list args2; ++ ++ if (!(kind & (L_ALL)) && !(logging && (kind & logmask))) ++ return; ++ ++ if (log_stderr) ++ va_copy(args2, args); ++ ++ if (log_syslog) { ++ switch (kind) { ++ case L_FATAL: ++ vsyslog(LOG_ERR, fmt, args); ++ break; ++ case L_ERROR: ++ vsyslog(LOG_ERR, fmt, args); ++ break; ++ case L_WARNING: ++ vsyslog(LOG_WARNING, fmt, args); ++ break; ++ case L_NOTICE: ++ vsyslog(LOG_NOTICE, fmt, args); ++ break; ++ default: ++ if (!log_stderr) ++ vsyslog(LOG_INFO, fmt, args); ++ break; ++ } ++ } ++ ++ if (log_stderr) { ++#ifdef VERBOSE_PRINTF ++ time_t now; ++ struct tm *tm; ++ ++ time(&now); ++ tm = localtime(&now); ++ fprintf(stderr, "%s[%d] %04d-%02d-%02d %02d:%02d:%02d ", ++ log_name, log_pid, ++ tm->tm_year+1900, tm->tm_mon + 1, tm->tm_mday, ++ tm->tm_hour, tm->tm_min, tm->tm_sec); ++#else ++ fprintf(stderr, "%s: ", log_name); ++#endif ++ vfprintf(stderr, fmt, args2); ++ fprintf(stderr, "\n"); ++ va_end(args2); ++ } ++ ++ if (kind == L_FATAL) ++ exit(1); ++} ++ ++void ++xlog(int kind, const char* fmt, ...) ++{ ++ va_list args; ++ ++ if (kind & (L_ERROR|D_GENERAL)) ++ export_errno = 1; ++ ++ va_start(args, fmt); ++ xlog_backend(kind, fmt, args); ++ va_end(args); ++} ++ ++void ++xlog_warn(const char* fmt, ...) ++{ ++ va_list args; ++ ++ va_start(args, fmt); ++ xlog_backend(L_WARNING, fmt, args); ++ va_end(args); ++} ++ ++ ++void ++xlog_err(const char* fmt, ...) ++{ ++ va_list args; ++ ++ va_start(args, fmt); ++ xlog_backend(L_FATAL, fmt, args); ++ va_end(args); ++} ++ ++void ++xlog_errno(int err, const char *fmt, ...) ++{ ++ va_list args; ++ ++ errno = err; ++ va_start(args, fmt); ++ xlog_backend(L_FATAL, fmt, args); ++ va_end(args); ++} +diff --git a/src/xlog.h b/src/xlog.h +new file mode 100644 +index 0000000..a57b96c +--- /dev/null ++++ b/src/xlog.h +@@ -0,0 +1,52 @@ ++/* ++ * xlog Logging functionality ++ * ++ * Copyright (C) 1995 Olaf Kirch ++ */ ++ ++#ifndef XLOG_H ++#define XLOG_H ++ ++#include ++ ++/* These are logged always. L_FATAL also does exit(1) */ ++#define L_FATAL 0x0100 ++#define L_ERROR 0x0200 ++#define L_WARNING 0x0400 ++#define L_NOTICE 0x0800 ++#define L_ALL 0xFF00 ++ ++/* These are logged if enabled with xlog_[s]config */ ++/* NB: code does not expect ORing together D_ and L_ */ ++#define D_GENERAL 0x0001 /* general debug info */ ++#define D_CALL 0x0002 ++#define D_AUTH 0x0004 ++#define D_FAC3 0x0008 ++#define D_FAC4 0x0010 ++#define D_FAC5 0x0020 ++#define D_PARSE 0x0040 ++#define D_FAC7 0x0080 ++#define D_ALL 0x00FF ++ ++/* This can be used to define symbolic log names that can be passed to ++ * xlog_config. ++ */ ++struct xlog_debugfac { ++ char *df_name; ++ int df_fac; ++}; ++ ++extern int export_errno; ++void xlog_open(char *progname); ++void xlog_stderr(int on); ++void xlog_syslog(int on); ++void xlog_config(int fac, int on); ++void xlog_sconfig(char *, int on); ++int xlog_enabled(int fac); ++void xlog(int fac, const char *fmt, ...); ++void xlog_warn(const char *fmt, ...); ++void xlog_err(const char *fmt, ...); ++void xlog_errno(int err, const char *fmt, ...); ++void xlog_backend(int fac, const char *fmt, va_list args); ++ ++#endif /* XLOG_H */ diff --git a/SOURCES/rpcbind-0.2.0-freeing-static-memory.patch b/SOURCES/rpcbind-0.2.0-freeing-static-memory.patch new file mode 100644 index 0000000..bd8490b --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-freeing-static-memory.patch @@ -0,0 +1,128 @@ +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 0c34632..0f104a6 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -616,9 +616,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + struct netconfig *nconf; + struct netbuf *caller; + struct r_rmtcall_args a; +- char *buf_alloc = NULL, *outbufp; +- char *outbuf_alloc = NULL; +- char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX]; ++ char outbuf[RPC_BUF_MAX]; + struct netbuf *na = (struct netbuf *) NULL; + struct rpc_msg call_msg; + int outlen; +@@ -639,36 +637,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + } + if (si.si_socktype != SOCK_DGRAM) + return; /* Only datagram type accepted */ +- sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE); +- if (sendsz == 0) { /* data transfer not supported */ +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- return; +- } +- /* +- * Should be multiple of 4 for XDR. +- */ +- sendsz = ((sendsz + 3) / 4) * 4; +- if (sendsz > RPC_BUF_MAX) { +-#ifdef notyet +- buf_alloc = alloca(sendsz); /* not in IDR2? */ +-#else +- buf_alloc = malloc(sendsz); +-#endif /* notyet */ +- if (buf_alloc == NULL) { +- if (debugging) +- xlog(LOG_DEBUG, +- "rpcbproc_callit_com: No Memory!\n"); +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- return; +- } +- a.rmt_args.args = buf_alloc; +- } else { +- a.rmt_args.args = buf; +- } ++ sendsz = UDPMSGSIZE; + + call_msg.rm_xid = 0; /* For error checking purposes */ ++ memset(&a, 0, sizeof(a)); /* Zero out the input buffer */ + if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { + if (reply_type == RPCBPROC_INDIRECT) + svcerr_decode(transp); +@@ -704,11 +676,11 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + + rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers, + a.rmt_proc, transp->xp_netid, rbl); +- + if (rbl == (rpcblist_ptr)NULL) { + #ifdef RPCBIND_DEBUG + if (debugging) +- xlog(LOG_DEBUG, "not found\n"); ++ xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n", ++ a.rmt_prog, a.rmt_vers); + #endif + if (reply_type == RPCBPROC_INDIRECT) + svcerr_noprog(transp); +@@ -822,24 +794,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; + call_msg.rm_call.cb_prog = a.rmt_prog; + call_msg.rm_call.cb_vers = a.rmt_vers; +- if (sendsz > RPC_BUF_MAX) { +-#ifdef notyet +- outbuf_alloc = alloca(sendsz); /* not in IDR2? */ +-#else +- outbuf_alloc = malloc(sendsz); +-#endif /* notyet */ +- if (outbuf_alloc == NULL) { +- if (reply_type == RPCBPROC_INDIRECT) +- svcerr_systemerr(transp); +- if (debugging) +- xlog(LOG_DEBUG, +- "rpcbproc_callit_com: No memory!\n"); +- goto error; +- } +- xdrmem_create(&outxdr, outbuf_alloc, sendsz, XDR_ENCODE); +- } else { +- xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); +- } ++ ++ memset(outbuf, '\0', sendsz); /* Zero out the output buffer */ ++ xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); ++ + if (!xdr_callhdr(&outxdr, &call_msg)) { + if (reply_type == RPCBPROC_INDIRECT) + svcerr_systemerr(transp); +@@ -904,10 +862,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + goto error; + } + outlen = (int) XDR_GETPOS(&outxdr); +- if (outbuf_alloc) +- outbufp = outbuf_alloc; +- else +- outbufp = outbuf; + + na = uaddr2taddr(nconf, local_uaddr); + if (!na) { +@@ -916,7 +870,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, + goto error; + } + +- if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len) ++ if (sendto(fd, outbuf, outlen, 0, (struct sockaddr *)na->buf, na->len) + != outlen) { + if (debugging) + xlog(LOG_DEBUG, +@@ -941,10 +895,6 @@ out: + } + if (local_uaddr) + free(local_uaddr); +- if (buf_alloc) +- free(buf_alloc); +- if (outbuf_alloc) +- free(outbuf_alloc); + if (na) { + free(na->buf); + free(na); diff --git a/SOURCES/rpcbind-0.2.0-good-term.patch b/SOURCES/rpcbind-0.2.0-good-term.patch new file mode 100644 index 0000000..153faa3 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-good-term.patch @@ -0,0 +1,16 @@ +diff -up rpcbind-0.2.0/src/rpcbind.c.orig rpcbind-0.2.0/src/rpcbind.c +--- rpcbind-0.2.0/src/rpcbind.c.orig 2015-05-04 10:03:47.261693706 -0400 ++++ rpcbind-0.2.0/src/rpcbind.c 2015-05-04 11:07:35.570042694 -0400 +@@ -797,11 +797,9 @@ terminate(int dummy /*__unused*/) + unlink(_PATH_RPCBINDSOCK); + unlink(RPCBINDDLOCK); + #ifdef WARMSTART +- syslog(LOG_ERR, +- "rpcbind terminating on signal. Restart with \"rpcbind -w\""); + write_warmstart(); /* Dump yourself */ + #endif +- exit(2); ++ exit(0); /* exit gracefully */ + } + + void diff --git a/SOURCES/rpcbind-0.2.0-i-warn.patch b/SOURCES/rpcbind-0.2.0-i-warn.patch new file mode 100644 index 0000000..33ba234 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-i-warn.patch @@ -0,0 +1,13 @@ +diff -up rpcbind-0.2.0/src/rpcb_svc_com.c.orig rpcbind-0.2.0/src/rpcb_svc_com.c +--- rpcbind-0.2.0/src/rpcb_svc_com.c.orig 2017-02-25 14:47:09.839325988 -0500 ++++ rpcbind-0.2.0/src/rpcb_svc_com.c 2017-02-25 14:47:57.424187563 -0500 +@@ -1106,9 +1106,6 @@ my_svc_run() + struct pollfd pollfds[FD_SETSIZE]; + int poll_ret, check_ret; + int n; +-#ifdef SVC_RUN_DEBUG +- int i; +-#endif + register struct pollfd *p; + fd_set cleanfds; + diff --git a/SOURCES/rpcbind-0.2.0-memleaks.patch b/SOURCES/rpcbind-0.2.0-memleaks.patch new file mode 100644 index 0000000..ceb4962 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-memleaks.patch @@ -0,0 +1,177 @@ +diff -up rpcbind-0.2.0/src/pmap_svc.c.orig rpcbind-0.2.0/src/pmap_svc.c +--- rpcbind-0.2.0/src/pmap_svc.c.orig 2017-05-11 13:15:17.199851080 -0400 ++++ rpcbind-0.2.0/src/pmap_svc.c 2017-05-11 13:15:58.573156590 -0400 +@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /* + long ans; + uid_t uid; + char uidbuf[32]; ++ int rc = TRUE; + + /* + * Can't use getpwnam here. We might end up calling ourselves +@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /* + + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + #ifdef RPCBIND_DEBUG + if (debugging) +@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /* + + if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); +- return (FALSE); ++ rc = (FALSE); ++ goto done; + } + + rpcbreg.r_prog = reg.pm_prog; +@@ -258,7 +261,16 @@ done_change: + rpcbs_set(RPCBVERS_2_STAT, ans); + else + rpcbs_unset(RPCBVERS_2_STAT, ans); +- return (TRUE); ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + /* ARGSUSED */ +@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp / + #ifdef RPCBIND_DEBUG + char *uaddr; + #endif ++ int rc = TRUE; + + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + + if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); +- return FALSE; ++ rc = FALSE; ++ goto done; + } + + #ifdef RPCBIND_DEBUG +@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp / + pmap_ipprot2netid(reg.pm_prot) ?: "", + port ? udptrans : ""); + +- return (TRUE); ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + /* ARGSUSED */ + static bool_t + pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + { ++ int rc = TRUE; ++ + if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) { + svcerr_decode(xprt); +- return (FALSE); ++ rc = FALSE; ++ goto done; + } + + if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) { + svcerr_weakauth(xprt); +- return FALSE; ++ rc = FALSE; ++ goto done; + } + + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr, +@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__ + rpcbind_abort(); + } + } +- return (TRUE); ++ ++done: ++ if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } ++ return (rc); + } + + int pmap_netid2ipprot(const char *netid) +diff -up rpcbind-0.2.0/src/rpcb_svc_4.c.orig rpcbind-0.2.0/src/rpcb_svc_4.c +--- rpcbind-0.2.0/src/rpcb_svc_4.c.orig 2017-05-11 13:15:17.199851080 -0400 ++++ rpcbind-0.2.0/src/rpcb_svc_4.c 2017-05-11 13:15:58.574156573 -0400 +@@ -219,7 +219,7 @@ rpcb_service_4(struct svc_req *rqstp, SV + svcerr_decode(transp); + if (debugging) + (void) xlog(LOG_DEBUG, "rpcbind: could not decode\n"); +- return; ++ goto done; + } + + if (rqstp->rq_proc == RPCBPROC_SET +diff -up rpcbind-0.2.0/src/rpcb_svc_com.c.orig rpcbind-0.2.0/src/rpcb_svc_com.c +--- rpcbind-0.2.0/src/rpcb_svc_com.c.orig 2017-05-11 13:15:17.203851012 -0400 ++++ rpcbind-0.2.0/src/rpcb_svc_com.c 2017-05-11 13:18:58.197141434 -0400 +@@ -62,6 +62,7 @@ + #include + + #include "rpcbind.h" ++#include "xlog.h" + + #define RPC_BUF_MAX 65536 /* can be raised if required */ + +@@ -930,6 +931,14 @@ error: + if (call_msg.rm_xid != 0) + (void) free_slot_by_xid(call_msg.rm_xid); + out: ++ if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { ++ if (debugging) { ++ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); ++ if (doabort) { ++ rpcbind_abort(); ++ } ++ } ++ } + if (local_uaddr) + free(local_uaddr); + if (buf_alloc) +diff -up rpcbind-0.2.0/src/rpcb_svc.c.orig rpcbind-0.2.0/src/rpcb_svc.c +--- rpcbind-0.2.0/src/rpcb_svc.c.orig 2017-05-11 13:15:17.199851080 -0400 ++++ rpcbind-0.2.0/src/rpcb_svc.c 2017-05-11 13:15:58.573156590 -0400 +@@ -165,7 +165,7 @@ rpcb_service_3(struct svc_req *rqstp, SV + svcerr_decode(transp); + if (debugging) + (void) xlog(LOG_DEBUG, "rpcbind: could not decode"); +- return; ++ goto done; + } + + if (rqstp->rq_proc == RPCBPROC_SET diff --git a/SOURCES/rpcbind-0.2.0-nss-altfiles.patch b/SOURCES/rpcbind-0.2.0-nss-altfiles.patch new file mode 100644 index 0000000..6f925e7 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-nss-altfiles.patch @@ -0,0 +1,62 @@ +diff -up rpcbind-0.2.0/configure.ac.orig rpcbind-0.2.0/configure.ac +--- rpcbind-0.2.0/configure.ac.orig 2015-05-04 08:09:47.390954657 -0400 ++++ rpcbind-0.2.0/configure.ac 2015-05-04 08:10:23.707550057 -0400 +@@ -27,6 +27,13 @@ AC_ARG_WITH([rpcuser], + ,, [with_rpcuser=root]) + AC_SUBST([rpcuser], [$with_rpcuser]) + ++AC_ARG_WITH([nss_modules], ++ AS_HELP_STRING([--with-nss-modules=NSS_MODULES] ++ , [Sets the nss module search list to the given space-delimited string. ++ For example --with-nss-modules="files altfiles" @<:@default=files@:>@]) ++ ,, [with_nss_modules=files]) ++AC_SUBST([nss_modules], [$with_nss_modules]) ++ + PKG_CHECK_MODULES([TIRPC], [libtirpc]) + + AS_IF([test x$enable_libwrap = xyes], [ +diff -up rpcbind-0.2.0/Makefile.am.orig rpcbind-0.2.0/Makefile.am +--- rpcbind-0.2.0/Makefile.am.orig 2015-05-04 08:09:47.386954591 -0400 ++++ rpcbind-0.2.0/Makefile.am 2015-05-04 08:10:23.707550057 -0400 +@@ -6,6 +6,7 @@ AM_CPPFLAGS = \ + -DINET6 \ + -DRPCBIND_STATEDIR="\"$(statedir)\"" \ + -DRPCBIND_USER="\"$(rpcuser)\"" \ ++ -DNSS_MODULES="\"$(nss_modules)\"" \ + -D_GNU_SOURCE \ + $(TIRPC_CFLAGS) + +diff -up rpcbind-0.2.0/src/rpcbind.c.orig rpcbind-0.2.0/src/rpcbind.c +--- rpcbind-0.2.0/src/rpcbind.c.orig 2015-05-04 08:09:47.387954608 -0400 ++++ rpcbind-0.2.0/src/rpcbind.c 2015-05-04 08:10:23.707550057 -0400 +@@ -86,6 +86,12 @@ char *rpcbinduser = RPCBIND_USER; + char *rpcbinduser = NULL; + #endif + ++#ifdef NSS_MODULES ++char *nss_modules = NSS_MODULES; ++#else ++char *nss_modules = "files"; ++#endif ++ + /* who to suid to if -s is given */ + #define RUN_AS "daemon" + +@@ -160,7 +166,7 @@ main(int argc, char *argv[]) + * Make sure we use the local service file + * for service lookkups + */ +- __nss_configure_lookup("services", "files"); ++ __nss_configure_lookup("services", nss_modules); + + nc_handle = setnetconfig(); /* open netconfig file */ + if (nc_handle == NULL) { +@@ -226,7 +232,7 @@ main(int argc, char *argv[]) + * Make sure we use the local password file + * for these lookups. + */ +- __nss_configure_lookup("passwd", "files"); ++ __nss_configure_lookup("passwd", nss_modules); + + if((p = getpwnam(id)) == NULL) { + syslog(LOG_ERR, "cannot get uid of '%s': %m", id); diff --git a/SOURCES/rpcbind-0.2.0-rpcinfo-buf-overflow.patch b/SOURCES/rpcbind-0.2.0-rpcinfo-buf-overflow.patch new file mode 100644 index 0000000..f865959 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-rpcinfo-buf-overflow.patch @@ -0,0 +1,40 @@ +diff -up rpcbind-0.2.0/src/rpcinfo.c.orig rpcbind-0.2.0/src/rpcinfo.c +--- rpcbind-0.2.0/src/rpcinfo.c.orig 2009-05-29 09:38:22.000000000 -0400 ++++ rpcbind-0.2.0/src/rpcinfo.c 2019-01-22 11:43:16.000000000 -0500 +@@ -984,6 +984,7 @@ rpcbdump (dumptype, netid, argc, argv) + (" program version(s) netid(s) service owner\n"); + for (rs = rs_head; rs; rs = rs->next) + { ++ size_t netidmax = sizeof(buf) - 1; + char *p = buf; + + printf ("%10ld ", rs->prog); +@@ -996,12 +997,22 @@ rpcbdump (dumptype, netid, argc, argv) + } + printf ("%-10s", buf); + buf[0] = '\0'; +- for (nl = rs->nlist; nl; nl = nl->next) +- { +- strcat (buf, nl->netid); +- if (nl->next) +- strcat (buf, ","); +- } ++ ++ for (nl = rs->nlist; nl; nl = nl->next) ++ { ++ strncat (buf, nl->netid, netidmax); ++ if (strlen (nl->netid) < netidmax) ++ netidmax -= strlen(nl->netid); ++ else ++ break; ++ ++ if (nl->next && netidmax > 1) ++ { ++ strncat (buf, ",", netidmax); ++ netidmax --; ++ } ++ } ++ + printf ("%-32s", buf); + rpc = getrpcbynumber (rs->prog); + if (rpc) diff --git a/SOURCES/rpcbind-0.2.0-rpcinfo-mantypo.patch b/SOURCES/rpcbind-0.2.0-rpcinfo-mantypo.patch new file mode 100644 index 0000000..2f85edf --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-rpcinfo-mantypo.patch @@ -0,0 +1,22 @@ +commit 6e67b1e5e3a36649ad05829f8bae9d2a9e703594 +Author: Steve Dickson +Date: Mon Sep 22 08:49:08 2014 -0400 + + rpcinfo: Fixed typo in rpcinfo man page + + Signed-off-by: Steve Dickson + +diff --git a/man/rpcinfo.8 b/man/rpcinfo.8 +index 5ece18f..750ffce 100644 +--- a/man/rpcinfo.8 ++++ b/man/rpcinfo.8 +@@ -20,8 +20,7 @@ + .Nm "rpcinfo" + .Fl l + .Op Fl T Ar transport +-.Ar host Ar prognum +-.Op Ar versnum ++.Ar host Ar prognum Ar versnum + .Nm "rpcinfo" + .Op Fl n Ar portnum + .Fl u diff --git a/SOURCES/rpcbind-0.2.0-systemd-socket.patch b/SOURCES/rpcbind-0.2.0-systemd-socket.patch new file mode 100644 index 0000000..3776499 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-systemd-socket.patch @@ -0,0 +1,157 @@ +diff -up rpcbind-0.2.0/configure.ac.orig rpcbind-0.2.0/configure.ac +--- rpcbind-0.2.0/configure.ac.orig 2015-05-04 08:15:10.394432254 -0400 ++++ rpcbind-0.2.0/configure.ac 2015-05-04 08:48:36.463258254 -0400 +@@ -36,6 +36,18 @@ AC_SUBST([nss_modules], [$with_nss_modul + + PKG_CHECK_MODULES([TIRPC], [libtirpc]) + ++PKG_PROG_PKG_CONFIG ++AC_ARG_WITH([systemdsystemunitdir], ++ AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]), ++ [], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)]) ++ if test "x$with_systemdsystemunitdir" != xno; then ++ AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir]) ++ PKG_CHECK_MODULES([SYSTEMD], [libsystemd], [], ++ [PKG_CHECK_MODULES([SYSTEMD], [libsystemd-daemon], [], ++ AC_MSG_ERROR([libsystemd support requested but found]))]) ++ fi ++AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ]) ++ + AS_IF([test x$enable_libwrap = xyes], [ + AC_CHECK_LIB([wrap], [hosts_access], , + AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) +diff -up rpcbind-0.2.0/Makefile.am.orig rpcbind-0.2.0/Makefile.am +--- rpcbind-0.2.0/Makefile.am.orig 2015-05-04 08:15:10.394432254 -0400 ++++ rpcbind-0.2.0/Makefile.am 2015-05-04 08:48:36.463258254 -0400 +@@ -39,6 +39,12 @@ rpcbind_SOURCES = \ + src/warmstart.c + rpcbind_LDADD = $(TIRPC_LIBS) + ++if SYSTEMD ++AM_CPPFLAGS += $(SYSTEMD_CFLAGS) -DSYSTEMD ++ ++rpcbind_LDADD += $(SYSTEMD_LIBS) ++endif ++ + rpcinfo_SOURCES = src/rpcinfo.c + rpcinfo_LDADD = $(TIRPC_LIBS) + +diff -up rpcbind-0.2.0/src/rpcbind.c.orig rpcbind-0.2.0/src/rpcbind.c +--- rpcbind-0.2.0/src/rpcbind.c.orig 2015-05-04 08:15:10.394432254 -0400 ++++ rpcbind-0.2.0/src/rpcbind.c 2015-05-04 08:48:36.463258254 -0400 +@@ -56,6 +56,9 @@ + #include + #endif + #include ++#ifdef SYSTEMD ++#include ++#endif + #include + #include + #include +@@ -291,6 +294,7 @@ init_transport(struct netconfig *nconf) + u_int32_t host_addr[4]; /* IPv4 or IPv6 */ + struct sockaddr_un sun; + mode_t oldmask; ++ int n; + res = NULL; + + if ((nconf->nc_semantics != NC_TPI_CLTS) && +@@ -309,6 +313,76 @@ init_transport(struct netconfig *nconf) + fprintf(stderr, "[%d] - %s\n", i, *s); + } + #endif ++ if (!__rpc_nconf2sockinfo(nconf, &si)) { ++ syslog(LOG_ERR, "cannot get information for %s", ++ nconf->nc_netid); ++ return (1); ++ } ++ ++#ifdef SYSTEMD ++ n = sd_listen_fds(0); ++ if (n < 0) { ++ syslog(LOG_ERR, "failed to acquire systemd sockets: %s", strerror(-n)); ++ return 1; ++ } ++ ++ /* Try to find if one of the systemd sockets we were given match ++ * our netconfig structure. */ ++ ++ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) { ++ struct __rpc_sockinfo si_other; ++ union { ++ struct sockaddr sa; ++ struct sockaddr_un un; ++ struct sockaddr_in in4; ++ struct sockaddr_in6 in6; ++ struct sockaddr_storage storage; ++ } sa; ++ socklen_t addrlen = sizeof(sa); ++ ++ if (!__rpc_fd2sockinfo(fd, &si_other)) { ++ syslog(LOG_ERR, "cannot get information for fd %i", fd); ++ return 1; ++ } ++ ++ if (si.si_af != si_other.si_af || ++ si.si_socktype != si_other.si_socktype || ++ si.si_proto != si_other.si_proto) ++ continue; ++ ++ if (getsockname(fd, &sa.sa, &addrlen) < 0) { ++ syslog(LOG_ERR, "failed to query socket name: %s", ++ strerror(errno)); ++ goto error; ++ } ++ ++ /* Copy the address */ ++ taddr.addr.maxlen = taddr.addr.len = addrlen; ++ taddr.addr.buf = malloc(addrlen); ++ if (taddr.addr.buf == NULL) { ++ syslog(LOG_ERR, ++ "cannot allocate memory for %s address", ++ nconf->nc_netid); ++ goto error; ++ } ++ memcpy(taddr.addr.buf, &sa, addrlen); ++ ++ my_xprt = (SVCXPRT *)svc_tli_create(fd, nconf, &taddr, ++ RPC_MAXDATASIZE, RPC_MAXDATASIZE); ++ if (my_xprt == (SVCXPRT *)NULL) { ++ syslog(LOG_ERR, "%s: could not create service", ++ nconf->nc_netid); ++ goto error; ++ } ++ } ++ ++ /* ++ * If none of the systemd sockets matched, we set up the socket in ++ * the normal way: ++ */ ++#endif ++ if (my_xprt != NULL) ++ goto got_socket; + + /* + * XXX - using RPC library internal functions. For NC_TPI_CLTS +@@ -322,12 +396,6 @@ init_transport(struct netconfig *nconf) + } + } + +- if (!__rpc_nconf2sockinfo(nconf, &si)) { +- syslog(LOG_ERR, "cannot get information for %s", +- nconf->nc_netid); +- return (1); +- } +- + if ((strcmp(nconf->nc_netid, "local") == 0) || + (strcmp(nconf->nc_netid, "unix") == 0)) { + memset(&sun, 0, sizeof sun); +@@ -564,6 +632,7 @@ init_transport(struct netconfig *nconf) + goto error; + } + } ++got_socket: + + #ifdef PORTMAP + /* diff --git a/SOURCES/rpcbind-0.2.0-warmstart-noerror.patch b/SOURCES/rpcbind-0.2.0-warmstart-noerror.patch new file mode 100644 index 0000000..6882310 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-warmstart-noerror.patch @@ -0,0 +1,17 @@ +diff -up rpcbind-0.2.0/src/warmstart.c.orig rpcbind-0.2.0/src/warmstart.c +--- rpcbind-0.2.0/src/warmstart.c.orig 2015-07-30 13:54:52.236810612 -0400 ++++ rpcbind-0.2.0/src/warmstart.c 2015-07-30 13:56:25.469502104 -0400 +@@ -106,9 +106,10 @@ read_struct(char *filename, xdrproc_t st + fprintf(stderr, "rpcbind: using '%s' startup file\n", filename); + + if ((fp = fopen(filename, "r")) == NULL) { +- syslog(LOG_ERR, +- "Cannot open '%s' file for reading, errno %d (%s)", +- filename, errno, strerror(errno)); ++ if (errno != ENOENT) ++ syslog(LOG_ERR, ++ "Cannot open '%s' file for reading, errno %d (%s)", ++ filename, errno, strerror(errno)); + goto error; + } + diff --git a/SOURCES/rpcbind-0.2.0-warnings.patch b/SOURCES/rpcbind-0.2.0-warnings.patch new file mode 100644 index 0000000..f586406 --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-warnings.patch @@ -0,0 +1,39 @@ +commit d62f79d7905149719715f74c188b47d7911c928c +Author: Steve Dickson +Date: Mon Aug 18 11:44:19 2014 -0400 + + rpcbind: Remove a strict-aliasing warning + + src/util.c: In function ?in6_fillscopeid?: + src/util.c:106:3: warning: dereferencing type-punned pointer will break + strict-aliasing rules [-Wstrict-aliasing] + ifindex = ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); + ^ + + src/util.c:109:4: warning: dereferencing type-punned pointer will break + strict-aliasing rules [-Wstrict-aliasing] + *(u_int16_t *)&sin6->sin6_addr.s6_addr[2] = 0; + + Signed-off-by: Steve Dickson + +diff --git a/src/util.c b/src/util.c +index 9a5fb69..7d56479 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -101,12 +101,14 @@ static void + in6_fillscopeid(struct sockaddr_in6 *sin6) + { + u_int16_t ifindex; ++ u_int16_t *addr; + + if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) { +- ifindex = ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); ++ addr = (u_int16_t *)&sin6->sin6_addr.s6_addr[2]; ++ ifindex = ntohs(*addr); + if (sin6->sin6_scope_id == 0 && ifindex != 0) { + sin6->sin6_scope_id = ifindex; +- *(u_int16_t *)&sin6->sin6_addr.s6_addr[2] = 0; ++ *addr = 0; + } + } + } diff --git a/SOURCES/rpcbind-0.2.0-xlog-warn.patch b/SOURCES/rpcbind-0.2.0-xlog-warn.patch new file mode 100644 index 0000000..b5c7b6b --- /dev/null +++ b/SOURCES/rpcbind-0.2.0-xlog-warn.patch @@ -0,0 +1,24 @@ +commit de47f6323d8fb20feefee21d0195cf0529151e04 +Author: Steve Dickson +Date: Thu Sep 17 15:57:35 2015 -0400 + + security.c: removed warning + + src/security.c:100:8: warning: implicit declaration of function 'xlog' + [-Wimplicit-function-declaration] + + Signed-off-by: Steve Dickson + +diff --git a/src/security.c b/src/security.c +index 0c9453f..c54ce26 100644 +--- a/src/security.c ++++ b/src/security.c +@@ -17,6 +17,8 @@ + #include + #include + ++#include "xlog.h" ++ + /* + * XXX for special case checks in check_callit. + */ diff --git a/SOURCES/rpcbind-0_2_1-rc4.patch b/SOURCES/rpcbind-0_2_1-rc4.patch new file mode 100644 index 0000000..44b8cb9 --- /dev/null +++ b/SOURCES/rpcbind-0_2_1-rc4.patch @@ -0,0 +1,1093 @@ +diff --git a/.gitignore b/.gitignore +index 5a7546c..bee4bab 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -1,3 +1,4 @@ ++INSTALL + Makefile + Makefile.in + aclocal.m4 +@@ -13,18 +14,14 @@ depcomp + install-sh + libtool + ltmain.sh +-man/Makefile +-man/Makefile.in + missing +-src/.deps/ +-src/Makefile +-src/Makefile.in + src/config.h + src/stamp-h2 + stamp-h1 + # file generated during compilation ++.deps + *.o +-src/rpcbind +-src/rpcinfo ++rpcbind ++rpcinfo + # cscope database files + cscope.* +diff --git a/INSTALL b/INSTALL +index 98e5d87..7d1c323 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -1,32 +1,25 @@ +-Copyright 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software +-Foundation, Inc. ++Installation Instructions ++************************* + +- This file is free documentation; the Free Software Foundation gives +-unlimited permission to copy, distribute and modify it. +- +- +-rpcbind Quick Installation +-========================== +- +-$ ./configure +-$ make +-# make install +- +- The install phase will install the rpcbind and rpcinfo commands +-under /usr/bin. If you wish they replace the basic portmap and +-rpcinfo commands, you can run: +- +-# mv /sbin/portmap /sbin/portmap.sav +-# ln -s /usr/bin/rpcbind /sbin/portmap +- +-# mv /usr/sbin/rpcinfo /usr/sbin/rpcinfo.sav +-# ln -s /usr/bin/rpcinfo /usr/sbin/rpcinfo ++Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005, ++2006, 2007, 2008, 2009 Free Software Foundation, Inc. + ++ Copying and distribution of this file, with or without modification, ++are permitted in any medium without royalty provided the copyright ++notice and this notice are preserved. This file is offered as-is, ++without warranty of any kind. + + Basic Installation + ================== + +- These are generic installation instructions. ++ Briefly, the shell commands `./configure; make; make install' should ++configure, build, and install this package. The following ++more-detailed instructions are generic; see the `README' file for ++instructions specific to this package. Some packages provide this ++`INSTALL' file but do not implement all of the features documented ++below. The lack of an optional feature in a given package is not ++necessarily a bug. More recommendations for GNU packages can be found ++in *note Makefile Conventions: (standards)Makefile Conventions. + + The `configure' shell script attempts to guess correct values for + various system-dependent variables used during compilation. It uses +@@ -39,9 +32,9 @@ debugging `configure'). + + It can also use an optional file (typically called `config.cache' + and enabled with `--cache-file=config.cache' or simply `-C') that saves +-the results of its tests to speed up reconfiguring. (Caching is ++the results of its tests to speed up reconfiguring. Caching is + disabled by default to prevent problems with accidental use of stale +-cache files.) ++cache files. + + If you need to do unusual things to compile the package, please try + to figure out how `configure' could check whether to do them, and mail +@@ -51,30 +44,37 @@ some point `config.cache' contains results you don't want to keep, you + may remove or edit it. + + The file `configure.ac' (or `configure.in') is used to create +-`configure' by a program called `autoconf'. You only need +-`configure.ac' if you want to change it or regenerate `configure' using +-a newer version of `autoconf'. ++`configure' by a program called `autoconf'. You need `configure.ac' if ++you want to change it or regenerate `configure' using a newer version ++of `autoconf'. + +-The simplest way to compile this package is: ++ The simplest way to compile this package is: + + 1. `cd' to the directory containing the package's source code and type +- `./configure' to configure the package for your system. If you're +- using `csh' on an old version of System V, you might need to type +- `sh ./configure' instead to prevent `csh' from trying to execute +- `configure' itself. ++ `./configure' to configure the package for your system. + +- Running `configure' takes awhile. While running, it prints some +- messages telling which features it is checking for. ++ Running `configure' might take a while. While running, it prints ++ some messages telling which features it is checking for. + + 2. Type `make' to compile the package. + + 3. Optionally, type `make check' to run any self-tests that come with +- the package. ++ the package, generally using the just-built uninstalled binaries. + + 4. Type `make install' to install the programs and any data files and +- documentation. +- +- 5. You can remove the program binaries and object files from the ++ documentation. When installing into a prefix owned by root, it is ++ recommended that the package be configured and built as a regular ++ user, and only the `make install' phase executed with root ++ privileges. ++ ++ 5. Optionally, type `make installcheck' to repeat any self-tests, but ++ this time using the binaries in their final installed location. ++ This target does not install anything. Running this target as a ++ regular user, particularly if the prior `make install' required ++ root privileges, verifies that the installation completed ++ correctly. ++ ++ 6. You can remove the program binaries and object files from the + source code directory by typing `make clean'. To also remove the + files that `configure' created (so you can compile the package for + a different kind of computer), type `make distclean'. There is +@@ -83,6 +83,16 @@ The simplest way to compile this package is: + all sorts of other programs in order to regenerate files that came + with the distribution. + ++ 7. Often, you can also type `make uninstall' to remove the installed ++ files again. In practice, not all packages have tested that ++ uninstallation works correctly, even though it is required by the ++ GNU Coding Standards. ++ ++ 8. Some packages, particularly those that use Automake, provide `make ++ distcheck', which can by used by developers to test that all other ++ targets like `make install' and `make uninstall' work correctly. ++ This target is generally not run by end users. ++ + Compilers and Options + ===================== + +@@ -94,7 +104,7 @@ for details on some of the pertinent environment variables. + by setting variables in the command line or in the environment. Here + is an example: + +- ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix ++ ./configure CC=c99 CFLAGS=-g LIBS=-lposix + + *Note Defining Variables::, for more details. + +@@ -103,44 +113,89 @@ Compiling For Multiple Architectures + + You can compile the package for more than one kind of computer at the + same time, by placing the object files for each architecture in their +-own directory. To do this, you must use a version of `make' that +-supports the `VPATH' variable, such as GNU `make'. `cd' to the ++own directory. To do this, you can use GNU `make'. `cd' to the + directory where you want the object files and executables to go and run + the `configure' script. `configure' automatically checks for the +-source code in the directory that `configure' is in and in `..'. ++source code in the directory that `configure' is in and in `..'. This ++is known as a "VPATH" build. + +- If you have to use a `make' that does not support the `VPATH' +-variable, you have to compile the package for one architecture at a +-time in the source code directory. After you have installed the +-package for one architecture, use `make distclean' before reconfiguring +-for another architecture. ++ With a non-GNU `make', it is safer to compile the package for one ++architecture at a time in the source code directory. After you have ++installed the package for one architecture, use `make distclean' before ++reconfiguring for another architecture. ++ ++ On MacOS X 10.5 and later systems, you can create libraries and ++executables that work on multiple system types--known as "fat" or ++"universal" binaries--by specifying multiple `-arch' options to the ++compiler but only a single `-arch' option to the preprocessor. Like ++this: ++ ++ ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ ++ CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ ++ CPP="gcc -E" CXXCPP="g++ -E" ++ ++ This is not guaranteed to produce working output in all cases, you ++may have to build one architecture at a time and combine the results ++using the `lipo' tool if you have problems. + + Installation Names + ================== + +- By default, `make install' will install the package's files in +-`/usr/local/bin', `/usr/local/man', etc. You can specify an +-installation prefix other than `/usr/local' by giving `configure' the +-option `--prefix=PATH'. ++ By default, `make install' installs the package's commands under ++`/usr/local/bin', include files under `/usr/local/include', etc. You ++can specify an installation prefix other than `/usr/local' by giving ++`configure' the option `--prefix=PREFIX', where PREFIX must be an ++absolute file name. + + You can specify separate installation prefixes for + architecture-specific files and architecture-independent files. If you +-give `configure' the option `--exec-prefix=PATH', the package will use +-PATH as the prefix for installing programs and libraries. +-Documentation and other data files will still use the regular prefix. ++pass the option `--exec-prefix=PREFIX' to `configure', the package uses ++PREFIX as the prefix for installing programs and libraries. ++Documentation and other data files still use the regular prefix. + + In addition, if you use an unusual directory layout you can give +-options like `--bindir=PATH' to specify different values for particular ++options like `--bindir=DIR' to specify different values for particular + kinds of files. Run `configure --help' for a list of the directories +-you can set and what kinds of files go in them. ++you can set and what kinds of files go in them. In general, the ++default for these options is expressed in terms of `${prefix}', so that ++specifying just `--prefix' will affect all of the other directory ++specifications that were not explicitly provided. ++ ++ The most portable way to affect installation locations is to pass the ++correct locations to `configure'; however, many packages provide one or ++both of the following shortcuts of passing variable assignments to the ++`make install' command line to change installation locations without ++having to reconfigure or recompile. ++ ++ The first method involves providing an override variable for each ++affected directory. For example, `make install ++prefix=/alternate/directory' will choose an alternate location for all ++directory configuration variables that were expressed in terms of ++`${prefix}'. Any directories that were specified during `configure', ++but not in terms of `${prefix}', must each be overridden at install ++time for the entire installation to be relocated. The approach of ++makefile variable overrides for each directory variable is required by ++the GNU Coding Standards, and ideally causes no recompilation. ++However, some platforms have known limitations with the semantics of ++shared libraries that end up requiring recompilation when using this ++method, particularly noticeable in packages that use GNU Libtool. ++ ++ The second method involves providing the `DESTDIR' variable. For ++example, `make install DESTDIR=/alternate/directory' will prepend ++`/alternate/directory' before all installation names. The approach of ++`DESTDIR' overrides is not required by the GNU Coding Standards, and ++does not work on platforms that have drive letters. On the other hand, ++it does better at avoiding recompilation issues, and works well even ++when some directory options were not specified in terms of `${prefix}' ++at `configure' time. ++ ++Optional Features ++================= + + If the package supports it, you can cause programs to be installed + with an extra prefix or suffix on their names by giving `configure' the + option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. + +-Optional Features +-================= +- + Some packages pay attention to `--enable-FEATURE' options to + `configure', where FEATURE indicates an optional part of the package. + They may also pay attention to `--with-PACKAGE' options, where PACKAGE +@@ -153,6 +208,45 @@ find the X include and library files automatically, but if it doesn't, + you can use the `configure' options `--x-includes=DIR' and + `--x-libraries=DIR' to specify their locations. + ++ Some packages offer the ability to configure how verbose the ++execution of `make' will be. For these packages, running `./configure ++--enable-silent-rules' sets the default to minimal output, which can be ++overridden with `make V=1'; while running `./configure ++--disable-silent-rules' sets the default to verbose, which can be ++overridden with `make V=0'. ++ ++Particular systems ++================== ++ ++ On HP-UX, the default C compiler is not ANSI C compatible. If GNU ++CC is not installed, it is recommended to use the following options in ++order to use an ANSI C compiler: ++ ++ ./configure CC="cc -Ae -D_XOPEN_SOURCE=500" ++ ++and if that doesn't work, install pre-built binaries of GCC for HP-UX. ++ ++ On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot ++parse its `' header file. The option `-nodtk' can be used as ++a workaround. If GNU CC is not installed, it is therefore recommended ++to try ++ ++ ./configure CC="cc" ++ ++and if that doesn't work, try ++ ++ ./configure CC="cc -nodtk" ++ ++ On Solaris, don't put `/usr/ucb' early in your `PATH'. This ++directory contains several dysfunctional programs; working variants of ++these programs are available in `/usr/bin'. So, if you need `/usr/ucb' ++in your `PATH', put it _after_ `/usr/bin'. ++ ++ On Haiku, software installed for all users goes in `/boot/common', ++not `/usr/local'. It is recommended to use the following options: ++ ++ ./configure --prefix=/boot/common ++ + Specifying the System Type + ========================== + +@@ -168,14 +262,15 @@ type, such as `sun4', or a canonical name which has the form: + + where SYSTEM can have one of these forms: + +- OS KERNEL-OS ++ OS ++ KERNEL-OS + + See the file `config.sub' for the possible values of each field. If + `config.sub' isn't included in this package, then this package doesn't + need to know the machine type. + + If you are _building_ compiler tools for cross-compiling, you should +-use the `--target=TYPE' option to select the type of system they will ++use the option `--target=TYPE' to select the type of system they will + produce code for. + + If you want to _use_ a cross compiler, that generates code for a +@@ -205,9 +300,14 @@ them in the `configure' command line, using `VAR=value'. For example: + + ./configure CC=/usr/local2/bin/gcc + +-will cause the specified gcc to be used as the C compiler (unless it is ++causes the specified `gcc' to be used as the C compiler (unless it is + overridden in the site shell script). + ++Unfortunately, this technique does not work for `CONFIG_SHELL' due to ++an Autoconf bug. Until the bug is fixed you can use this workaround: ++ ++ CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash ++ + `configure' Invocation + ====================== + +@@ -216,7 +316,14 @@ operates. + + `--help' + `-h' +- Print a summary of the options to `configure', and exit. ++ Print a summary of all of the options to `configure', and exit. ++ ++`--help=short' ++`--help=recursive' ++ Print a summary of the options unique to this package's ++ `configure', and exit. The `short' variant lists options used ++ only in the top level, while the `recursive' variant lists options ++ also present in any nested packages. + + `--version' + `-V' +@@ -243,6 +350,16 @@ operates. + Look for the package's source code in directory DIR. Usually + `configure' can determine that directory automatically. + ++`--prefix=DIR' ++ Use DIR as the installation prefix. *note Installation Names:: ++ for more details, including other options available for fine-tuning ++ the installation locations. ++ ++`--no-create' ++`-n' ++ Run the configure checks, but stop before creating any output ++ files. ++ + `configure' also accepts some other, not widely useful, options. Run + `configure --help' for more details. + +diff --git a/Makefile.am b/Makefile.am +index cd56148..d10c906 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,2 +1,44 @@ +-SUBDIRS= src man ++AM_CPPFLAGS = \ ++ -DCHECK_LOCAL \ ++ -DPORTMAP \ ++ -DFACILITY=LOG_MAIL \ ++ -DSEVERITY=LOG_INFO \ ++ -DINET6 \ ++ -DRPCBIND_STATEDIR="\"$(statedir)\"" \ ++ -DRPCBIND_USER="\"$(rpcuser)\"" \ ++ -D_GNU_SOURCE \ ++ $(TIRPC_CFLAGS) + ++if DEBUG ++AM_CPPFLAGS += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL ++AM_CPPFLAGS += -DND_DEBUG -DBIND_DEBUG ++endif ++ ++if WARMSTART ++AM_CPPFLAGS += -DWARMSTART ++endif ++ ++if LIBWRAP ++AM_CPPFLAGS += -DLIBWRAP ++endif ++ ++bin_PROGRAMS = rpcbind rpcinfo ++ ++rpcbind_SOURCES = \ ++ src/check_bound.c \ ++ src/pmap_svc.c \ ++ src/rpcb_stat.c \ ++ src/rpcb_svc.c \ ++ src/rpcb_svc_4.c \ ++ src/rpcb_svc_com.c \ ++ src/rpcbind.c \ ++ src/rpcbind.h \ ++ src/security.c \ ++ src/util.c \ ++ src/warmstart.c ++rpcbind_LDADD = $(TIRPC_LIBS) ++ ++rpcinfo_SOURCES = src/rpcinfo.c ++rpcinfo_LDADD = $(TIRPC_LIBS) ++ ++dist_man8_MANS = man/rpcbind.8 man/rpcinfo.8 +diff --git a/autogen.sh b/autogen.sh +index 1613b6d..761db90 100755 +--- a/autogen.sh ++++ b/autogen.sh +@@ -36,7 +36,7 @@ if test x"${1}" = x"clean"; then + fi + + aclocal +-libtoolize --force --copy +-autoheader ++#libtoolize --force --copy ++#autoheader + automake --add-missing --copy --gnu # -Wall + autoconf # -Wall +diff --git a/configure.in b/configure.in +index de1c730..2b67720 100644 +--- a/configure.in ++++ b/configure.in +@@ -1,66 +1,39 @@ +- AC_INIT(rpcbind, 0.2.0) ++AC_INIT(rpcbind, 0.2.0) + +- AM_INIT_AUTOMAKE +-# AM_MAINTAINER_MODE ++AM_INIT_AUTOMAKE + AC_CONFIG_SRCDIR([src/rpcbind.c]) +- AC_PROG_CC +- AM_CONFIG_HEADER(config.h) +- AC_HEADER_DIRENT +- AC_PREFIX_DEFAULT(/usr) +- +-AC_CONFIG_SRCDIR([src/config.h.in]) +-AC_CONFIG_HEADERS([src/config.h]) +- +-AC_PROG_LIBTOOL +- +-AC_ARG_ENABLE(debug,[ --enable-debug Turns on rpcbind debugging], +- [case "${enableval}" in +- yes) debug=true ;; +- no) debug=no ;; +- *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;; +- esac],[debug=false]) +-AM_CONDITIONAL(DEBUG, test x$debug = xtrue) +- +-AC_ARG_ENABLE(warmstarts,[ --enable-warmstarts Enables Warm Starts], +- [case "${enableval}" in +- yes) warmstarts=true ;; +- no) warmstarts=no ;; +- *) AC_MSG_ERROR(bad value ${enableval} for --enable-warmstarts) ;; +- esac],[warmstarts=false]) +-AM_CONDITIONAL(WARMSTART, test x$warmstarts = xtrue) +- +-if test "$warmstarts" = "true" ; then +- AC_ARG_WITH(statedir, +- [ --with-statedir=/foo use state dir /foo [/tmp]], +- statedir=$withval, +- statedir=/tmp) +- AC_SUBST(statedir) +- AC_DEFINE_UNQUOTED(RPCBIND_STATEDIR, "$statedir", [This defines the location where the state files will be kept for warm starts]) +-fi +-AC_ARG_WITH(rpcuser, +- [ --with-rpcuser=user uid to use [root]], +- rpcuser=$withval, +- rpcuser=root) +- AC_SUBST(rpcuser) +-AC_DEFINE_UNQUOTED(RPCBIND_USER, "$rpcuser", [This defines the uid to run as]) ++AC_PREFIX_DEFAULT(/usr) ++AC_PROG_CC ++ ++AC_ARG_ENABLE([libwrap], ++ AS_HELP_STRING([--enable-libwrap], [Enables host name checking through tcpd @<:@default=no@:>@])) ++AM_CONDITIONAL(LIBWRAP, test x$enable_libwrap = xyes) ++ ++AC_ARG_ENABLE([debug], ++ AS_HELP_STRING([--enable-debug], [Turns on rpcbind debugging @<:@default=no@:>@])) ++AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes) ++ ++AC_ARG_ENABLE([warmstarts], ++ AS_HELP_STRING([--enable-warmstarts], [Enables Warm Starts @<:@default=no@:>@])) ++AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes) ++ ++AC_ARG_WITH([statedir], ++ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@]) ++ ,, [with_statedir=/tmp]) ++AC_SUBST([statedir], [$with_statedir]) ++ ++AC_ARG_WITH([rpcuser], ++ AS_HELP_STRING([--with-rpcuser=ARG], [use ARG for RPC @<:@default=root@:>@]), ++ ,, [with_rpcuser=root]) ++AC_SUBST([rpcuser], [$with_rpcuser]) ++ ++PKG_CHECK_MODULES([TIRPC], [libtirpc]) + +-AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h \ +- netinet/in.h stdlib.h string.h \ +- sys/param.h sys/socket.h \ +- sys/time.h syslog.h \ +- unistd.h nss.h]) ++AS_IF([test x$enable_libwrap = xyes], [ ++ AC_CHECK_LIB([wrap], [hosts_access], , ++ AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) ++]) + +-AC_CHECK_LIB([pthread], [pthread_create]) +-AC_CHECK_LIB([tirpc], [clnt_create]) +-AC_ARG_ENABLE(libwrap,[ --enable-libwrap Enables host name checking], +- [case "${enableval}" in +- yes) libwarp=true +- AC_CHECK_LIB([wrap], [hosts_access]) ;; +- no) libwarp=no ;; +- *) AC_MSG_ERROR(bad value ${enableval} for --enable-libwrap) ;; +- esac],[libwarp=false]) +-AM_CONDITIONAL(LIBWRAP, test x$libwarp = xtrue) ++AC_SEARCH_LIBS([pthread_create], [pthread]) + +-AC_CONFIG_FILES([Makefile src/Makefile man/Makefile]) +-AC_OUTPUT() +- ++AC_OUTPUT([Makefile]) +diff --git a/man/Makefile.am b/man/Makefile.am +deleted file mode 100644 +index 84818e9..0000000 +--- a/man/Makefile.am ++++ /dev/null +@@ -1,2 +0,0 @@ +-man8_MANS = rpcbind.8 +-EXTRA_DIST = $(man8_MANS) +diff --git a/man/rpcbind.8 b/man/rpcbind.8 +index 32806d4..da32701 100644 +--- a/man/rpcbind.8 ++++ b/man/rpcbind.8 +@@ -82,6 +82,8 @@ during operation, and will abort on certain errors if + is also specified. + With this option, the name-to-address translation consistency + checks are shown in detail. ++.It Fl f ++Do not fork and become a background process. + .It Fl h + Specify specific IP addresses to bind to for UDP requests. + This option +@@ -141,7 +143,6 @@ All RPC servers must be restarted if + .Nm + is restarted. + .Sh SEE ALSO +-.Xr rpcbind 3 , + .Xr rpcinfo 8 + .Sh LINUX PORT + .Bl Aurelien Charbon +diff --git a/src/Makefile.am b/src/Makefile.am +deleted file mode 100644 +index cc0a85b..0000000 +--- a/src/Makefile.am ++++ /dev/null +@@ -1,34 +0,0 @@ +-INCLUDES = -I$(srcdir)/tirpc -DPORTMAP -DINET6 -DVERSION="\"$(VERSION)\"" \ +- -D_GNU_SOURCE -Wall -pipe +-if DEBUG +-INCLUDES += -DRPCBIND_DEBUG -DSVC_RUN_DEBUG -DDEBUG_RMTCALL +-INCLUDES += -DND_DEBUG -DBIND_DEBUG +-endif +- +-if WARMSTART +-INCLUDES += -DWARMSTART +-endif +- +-if LIBWRAP +-INCLUDES += -DLIBWRAP +-endif +- +- +-bin_PROGRAMS = rpcbind rpcinfo +- +-rpcbind_SOURCES = check_bound.c rpcbind.c \ +- rpcb_svc_4.c rpcb_svc_com.c \ +- util.c pmap_svc.c rpcb_stat.c \ +- rpcb_svc.c security.c warmstart.c \ +- rpcbind.h +- +-rpcinfo_SOURCES = rpcinfo.c +-rpcinfo_LDFLAGS = -lpthread -ltirpc +-rpcinfo_LDADD = $(LIB_TIRPC) +- +- +-rpcbind_LDFLAGS = -lpthread -ltirpc +-rpcbind_LDADD = $(LIB_TIRPC) +-AM_CPPFLAGS = -I/usr/include/tirpc -DCHECK_LOCAL -DPORTMAP \ +- -DFACILITY=LOG_MAIL -DSEVERITY=LOG_INFO +- +diff --git a/src/config.h.in b/src/config.h.in +deleted file mode 100644 +index 67a0e39..0000000 +--- a/src/config.h.in ++++ /dev/null +@@ -1,105 +0,0 @@ +-/* config.h.in. Generated from configure.in by autoheader. */ +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_ARPA_INET_H +- +-/* Define to 1 if you have the header file, and it defines `DIR'. +- */ +-#undef HAVE_DIRENT_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_FCNTL_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_INTTYPES_H +- +-/* Define to 1 if you have the `pthread' library (-lpthread). */ +-#undef HAVE_LIBPTHREAD +- +-/* Define to 1 if you have the `tirpc' library (-ltirpc). */ +-#undef HAVE_LIBTIRPC +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_MEMORY_H +- +-/* Define to 1 if you have the header file, and it defines `DIR'. */ +-#undef HAVE_NDIR_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_NETDB_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_NETINET_IN_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_STDINT_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_STDLIB_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_STRINGS_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_STRING_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYSLOG_H +- +-/* Define to 1 if you have the header file, and it defines `DIR'. +- */ +-#undef HAVE_SYS_DIR_H +- +-/* Define to 1 if you have the header file, and it defines `DIR'. +- */ +-#undef HAVE_SYS_NDIR_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYS_PARAM_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYS_SOCKET_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYS_STAT_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYS_TIME_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_SYS_TYPES_H +- +-/* Define to 1 if you have the header file. */ +-#undef HAVE_UNISTD_H +- +-/* Name of package */ +-#undef PACKAGE +- +-/* Define to the address where bug reports for this package should be sent. */ +-#undef PACKAGE_BUGREPORT +- +-/* Define to the full name of this package. */ +-#undef PACKAGE_NAME +- +-/* Define to the full name and version of this package. */ +-#undef PACKAGE_STRING +- +-/* Define to the one symbol short name of this package. */ +-#undef PACKAGE_TARNAME +- +-/* Define to the version of this package. */ +-#undef PACKAGE_VERSION +- +-/* Define to 1 if you have the ANSI C header files. */ +-#undef STDC_HEADERS +- +-/* Version number of package */ +-#undef VERSION +- +-/* This defines the location where the state files will be kept for warm +- starts */ +-#undef RPCBIND_STATEDIR +- +-/* This defines the uid to run as */ +-#undef RPCBIND_USER +- +diff --git a/src/pmap_svc.c b/src/pmap_svc.c +index 4736700..337e64d 100644 +--- a/src/pmap_svc.c ++++ b/src/pmap_svc.c +@@ -80,7 +80,7 @@ pmap_service(struct svc_req *rqstp, SVCXPRT *xprt) + if (debugging) + fprintf(stderr, "PMAPPROC_NULL\n"); + #endif +- check_access(xprt, rqstp->rq_proc, NULL, PMAPVERS); ++ check_access(xprt, rqstp->rq_proc, 0, PMAPVERS); + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_void, NULL)) && + debugging) { + if (doabort) { +@@ -201,11 +201,11 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long + reg.pm_prog, reg.pm_vers); + #endif + +- if (!check_access(xprt, op, ®, PMAPVERS)) { ++ if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); + return (FALSE); + } +- ++ + rpcbreg.r_prog = reg.pm_prog; + rpcbreg.r_vers = reg.pm_vers; + +@@ -276,7 +276,7 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + return (FALSE); + } + +- if (!check_access(xprt, PMAPPROC_GETPORT, ®, PMAPVERS)) { ++ if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) { + svcerr_weakauth(xprt); + return FALSE; + } +@@ -340,7 +340,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) + return (FALSE); + } + +- if (!check_access(xprt, PMAPPROC_DUMP, NULL, PMAPVERS)) { ++ if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) { + svcerr_weakauth(xprt); + return FALSE; + } +diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c +index 0514ba5..e350f85 100644 +--- a/src/rpcb_svc.c ++++ b/src/rpcb_svc.c +@@ -75,6 +75,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + char *result; + xdrproc_t xdr_argument, xdr_result; + void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++ rpcprog_t setprog = 0; + + rpcbs_procinfo(RPCBVERS_3_STAT, rqstp->rq_proc); + +@@ -88,7 +89,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + fprintf(stderr, "RPCBPROC_NULL\n"); + #endif + /* This call just logs, no actual checks */ +- check_access(transp, rqstp->rq_proc, NULL, RPCBVERS); ++ check_access(transp, rqstp->rq_proc, 0, RPCBVERS); + (void) svc_sendreply(transp, (xdrproc_t)xdr_void, (char *)NULL); + return; + +@@ -166,7 +167,13 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) + (void) fprintf(stderr, "rpcbind: could not decode\n"); + return; + } +- if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS)) { ++ ++ if (rqstp->rq_proc == RPCBPROC_SET ++ || rqstp->rq_proc == RPCBPROC_UNSET ++ || rqstp->rq_proc == RPCBPROC_GETADDR) ++ setprog = argument.rpcbproc_set_3_arg.r_prog; ++ ++ if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS)) { + svcerr_weakauth(transp); + goto done; + } +diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c +index 9fd5bef..313e6d1 100644 +--- a/src/rpcb_svc_4.c ++++ b/src/rpcb_svc_4.c +@@ -78,6 +78,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + char *result; + xdrproc_t xdr_argument, xdr_result; + void *(*local) __P((void *, struct svc_req *, SVCXPRT *, rpcvers_t)); ++ rpcprog_t setprog = 0; + + rpcbs_procinfo(RPCBVERS_4_STAT, rqstp->rq_proc); + +@@ -90,7 +91,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + if (debugging) + fprintf(stderr, "RPCBPROC_NULL\n"); + #endif +- check_access(transp, rqstp->rq_proc, NULL, RPCBVERS4); ++ check_access(transp, rqstp->rq_proc, 0, RPCBVERS4); + (void) svc_sendreply(transp, (xdrproc_t) xdr_void, + (char *)NULL); + return; +@@ -220,7 +221,13 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) + (void) fprintf(stderr, "rpcbind: could not decode\n"); + return; + } +- if (!check_access(transp, rqstp->rq_proc, &argument, RPCBVERS4)) { ++ ++ if (rqstp->rq_proc == RPCBPROC_SET ++ || rqstp->rq_proc == RPCBPROC_UNSET ++ || rqstp->rq_proc == RPCBPROC_GETADDR) ++ setprog = argument.rpcbproc_set_4_arg.r_prog; ++ ++ if (!check_access(transp, rqstp->rq_proc, setprog, RPCBVERS4)) { + svcerr_weakauth(transp); + goto done; + } +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 291421f..f6bd6bd 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -1227,6 +1227,8 @@ send_svcsyserr(SVCXPRT *xprt, struct finfo *fi) + return; + } + ++extern SVCAUTH svc_auth_none; ++ + static void + handle_reply(int fd, SVCXPRT *xprt) + { +@@ -1293,7 +1295,10 @@ handle_reply(int fd, SVCXPRT *xprt) + a.rmt_localvers = fi->versnum; + + xprt_set_caller(xprt, fi); ++ xprt->xp_auth = &svc_auth_none; + svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a); ++ SVCAUTH_DESTROY(xprt->xp_auth); ++ xprt->xp_auth = NULL; + done: + if (buffer) + free(buffer); +@@ -1372,10 +1377,13 @@ static char * + getowner(SVCXPRT *transp, char *owner, size_t ownersize) + { + uid_t uid; +- +- if (__rpc_get_local_uid(transp, &uid) < 0) +- snprintf(owner, ownersize, "unknown"); +- else if (uid == 0) ++ ++ if (__rpc_get_local_uid(transp, &uid) < 0) { ++ if (is_localroot(svc_getrpccaller(transp))) ++ snprintf(owner, ownersize, "superuser"); ++ else ++ snprintf(owner, ownersize, "unknown"); ++ } else if (uid == 0) + snprintf(owner, ownersize, "superuser"); + else + snprintf(owner, ownersize, "%d", uid); +diff --git a/src/rpcbind.c b/src/rpcbind.c +index 525ffba..9a0504d 100644 +--- a/src/rpcbind.c ++++ b/src/rpcbind.c +@@ -68,7 +68,6 @@ + #include + #include + #include +-#include "config.h" + #include "rpcbind.h" + + /*#define RPCBIND_DEBUG*/ +@@ -77,6 +76,7 @@ + + int debugging = 0; /* Tell me what's going on */ + int doabort = 0; /* When debugging, do an abort on errors */ ++int dofork = 1; /* fork? */ + + rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */ + +@@ -213,8 +213,8 @@ main(int argc, char *argv[]) + printf("\n"); + } + #endif +- } else { +- if (daemon(0, 0)) ++ } else if (dofork) { ++ if (daemon(0, 0)) + err(1, "fork failed"); + } + +@@ -236,6 +236,10 @@ main(int argc, char *argv[]) + syslog(LOG_ERR, "setgid to '%s' (%d) failed: %m", id, p->pw_gid); + exit(1); + } ++ if (setgroups(0, NULL) == -1) { ++ syslog(LOG_ERR, "dropping supplemental groups failed: %m"); ++ exit(1); ++ } + if (setuid(p->pw_uid) == -1) { + syslog(LOG_ERR, "setuid to '%s' (%d) failed: %m", id, p->pw_uid); + exit(1); +@@ -276,6 +280,7 @@ init_transport(struct netconfig *nconf) + int addrlen = 0; + int nhostsbak; + int checkbind; ++ int on = 1; + struct sockaddr *sa = NULL; + u_int32_t host_addr[4]; /* IPv4 or IPv6 */ + struct sockaddr_un sun; +@@ -493,6 +498,14 @@ init_transport(struct netconfig *nconf) + } + oldmask = umask(S_IXUSR|S_IXGRP|S_IXOTH); + __rpc_fd2sockinfo(fd, &si); ++ if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on, ++ sizeof(on)) != 0) { ++ syslog(LOG_ERR, "cannot set SO_REUSEADDR on %s", ++ nconf->nc_netid); ++ if (res != NULL) ++ freeaddrinfo(res); ++ return 1; ++ } + if (bind(fd, sa, addrlen) < 0) { + syslog(LOG_ERR, "cannot bind %s: %m", nconf->nc_netid); + if (res != NULL) +@@ -731,7 +744,7 @@ parseargs(int argc, char *argv[]) + { + int c; + oldstyle_local = 1; +- while ((c = getopt(argc, argv, "dwah:ils")) != -1) { ++ while ((c = getopt(argc, argv, "adh:ilswf")) != -1) { + switch (c) { + case 'a': + doabort = 1; /* when debugging, do an abort on */ +@@ -758,13 +771,16 @@ parseargs(int argc, char *argv[]) + case 's': + runasdaemon = 1; + break; ++ case 'f': ++ dofork = 0; ++ break; + #ifdef WARMSTART + case 'w': + warmstart = 1; + break; + #endif + default: /* error */ +- fprintf(stderr, "usage: rpcbind [-Idwils]\n"); ++ fprintf(stderr, "usage: rpcbind [-adhilswf]\n"); + exit (1); + } + } +diff --git a/src/rpcbind.h b/src/rpcbind.h +index c800577..74f9591 100644 +--- a/src/rpcbind.h ++++ b/src/rpcbind.h +@@ -119,7 +119,7 @@ void rpcbind_abort(void); + void reap(int); + void toggle_verboselog(int); + +-int check_access(SVCXPRT *, rpcproc_t, void *, unsigned int); ++int check_access(SVCXPRT *, rpcproc_t, rpcprog_t, unsigned int); + int check_callit(SVCXPRT *, struct r_rmtcall_args *, int); + void logit(int, struct sockaddr *, rpcproc_t, rpcprog_t, const char *); + int is_loopback(struct netbuf *); +diff --git a/src/security.c b/src/security.c +index 0edeac6..d272f74 100644 +--- a/src/security.c ++++ b/src/security.c +@@ -62,34 +62,21 @@ int log_severity = PORTMAP_LOG_FACILITY|PORTMAP_LOG_SEVERITY; + extern int verboselog; + + int +-check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers) ++check_access(SVCXPRT *xprt, rpcproc_t proc, rpcprog_t prog, unsigned int rpcbvers) + { + struct netbuf *caller = svc_getrpccaller(xprt); + struct sockaddr *addr = (struct sockaddr *)caller->buf; + #ifdef LIBWRAP + struct request_info req; + #endif +- rpcprog_t prog = 0; +- rpcb *rpcbp; +- struct pmap *pmap; + + /* + * The older PMAP_* equivalents have the same numbers, so + * they are accounted for here as well. + */ + switch (proc) { +- case RPCBPROC_GETADDR: + case RPCBPROC_SET: + case RPCBPROC_UNSET: +- if (rpcbvers > PMAPVERS) { +- rpcbp = (rpcb *)args; +- prog = rpcbp->r_prog; +- } else { +- pmap = (struct pmap *)args; +- prog = pmap->pm_prog; +- } +- if (proc == RPCBPROC_GETADDR) +- break; + if (!insecure && !is_loopback(caller)) { + #ifdef RPCBIND_DEBUG + if (debugging) +@@ -101,6 +88,7 @@ check_access(SVCXPRT *xprt, rpcproc_t proc, void *args, unsigned int rpcbvers) + return 0; + } + break; ++ case RPCBPROC_GETADDR: + case RPCBPROC_CALLIT: + case RPCBPROC_INDIRECT: + case RPCBPROC_DUMP: +@@ -150,8 +138,7 @@ is_loopback(struct netbuf *nbuf) + "Checking caller's adress (port = %d)\n", + ntohs(sin->sin_port)); + #endif +- return ((sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK)) && +- (ntohs(sin->sin_port) < IPPORT_RESERVED)); ++ return (sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK)); + #ifdef INET6 + case AF_INET6: + if (!oldstyle_local) +@@ -163,10 +150,9 @@ is_loopback(struct netbuf *nbuf) + "Checking caller's adress (port = %d)\n", + ntohs(sin6->sin6_port)); + #endif +- return ((IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) || ++ return (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) || + (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr) && +- sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK))) && +- (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED)); ++ sin6->sin6_addr.s6_addr32[3] == htonl(INADDR_LOOPBACK))); + #endif + case AF_LOCAL: + return 1; +diff --git a/src/warmstart.c b/src/warmstart.c +index 25e5d89..d1bb971 100644 +--- a/src/warmstart.c ++++ b/src/warmstart.c +@@ -46,7 +46,6 @@ + #include + #include + +-#include "config.h" + #include "rpcbind.h" + + #ifndef RPCBIND_STATEDIR diff --git a/SOURCES/rpcbind.conf b/SOURCES/rpcbind.conf new file mode 100644 index 0000000..2f8af45 --- /dev/null +++ b/SOURCES/rpcbind.conf @@ -0,0 +1,2 @@ +#Type Path Mode UID GID Age Argument +D /run/rpcbind 0700 rpc rpc - - diff --git a/SOURCES/rpcbind.service b/SOURCES/rpcbind.service new file mode 100644 index 0000000..1ca83a4 --- /dev/null +++ b/SOURCES/rpcbind.service @@ -0,0 +1,17 @@ +[Unit] +Description=RPC bind service +DefaultDependencies=no + +# Make sure we use the IP addresses listed for +# rpcbind.socket, no matter how this unit is started. +Requires=rpcbind.socket +Wants=rpcbind.target +After=systemd-tmpfiles-setup.service + +[Service] +Type=forking +EnvironmentFile=/etc/sysconfig/rpcbind +ExecStart=/sbin/rpcbind -w $RPCBIND_ARGS + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/rpcbind.socket b/SOURCES/rpcbind.socket new file mode 100644 index 0000000..814e143 --- /dev/null +++ b/SOURCES/rpcbind.socket @@ -0,0 +1,15 @@ +[Unit] +Description=RPCbind Server Activation Socket + +[Socket] +ListenStream=/var/run/rpcbind.sock + +# RPC netconfig can't handle ipv6/ipv4 dual sockets +BindIPv6Only=ipv6-only +ListenStream=0.0.0.0:111 +ListenDatagram=0.0.0.0:111 +ListenStream=[::]:111 +ListenDatagram=[::]:111 + +[Install] +WantedBy=sockets.target diff --git a/SOURCES/rpcbind.sysconfig b/SOURCES/rpcbind.sysconfig new file mode 100644 index 0000000..4b35e37 --- /dev/null +++ b/SOURCES/rpcbind.sysconfig @@ -0,0 +1,3 @@ +# +# Optional arguments passed to rpcbind. See rpcbind(8) +RPCBIND_ARGS="" diff --git a/SPECS/rpcbind.spec b/SPECS/rpcbind.spec new file mode 100644 index 0000000..4aec408 --- /dev/null +++ b/SPECS/rpcbind.spec @@ -0,0 +1,470 @@ +Name: rpcbind +Version: 0.2.0 +Release: 48%{?dist} +Summary: Universal Addresses to RPC Program Number Mapper +Group: System Environment/Daemons +License: BSD +URL: http://git.linux-nfs.org/?p=steved/rpcbind.git;a=summary + +BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) +Source0: http://downloads.sourceforge.net/rpcbind/%{name}-%{version}.tar.bz2 +Source1: rpcbind.service +Source2: rpcbind.socket +Source3: rpcbind.sysconfig +Source4: rpcbind.conf + +Patch001: rpcbind-0_2_1-rc4.patch +Patch002: rpcbind-0.2.0-warnings.patch +Patch003: rpcbind-0.2.0-rpcinfo-mantypo.patch +# +# RHEL7.2 +# +Patch004: rpcbind-0.2.0-configure.ac.patch +Patch005: rpcbind-0.2.0-nss-altfiles.patch +Patch006: rpcbind-0.2.0-systemd-socket.patch +Patch007: rpcbind-0.2.0-good-term.patch +Patch008: rpcbind-0.2.0-warmstart-noerror.patch +# +# RHEL7.3 +# +Patch009: rpcbind-0.2.0-CVE20157236-memcorrup.patch +Patch010: rpcbind-0.2.0-debug.patch +# +# RHEL7.4 +# +Patch011: rpcbind-0.2.0-xlog-warn.patch +Patch012: rpcbind-0.2.0-i-warn.patch +Patch013: rpcbind-0.2.0-memleaks.patch +Patch014: rpcbind-0.2.0-freeing-static-memory.patch +# +# RHEL7.7 +# +Patch015: rpcbind-0.2.0-rpcinfo-buf-overflow.patch + + +Requires: glibc-common setup +Requires: libtirpc >= 0.2.4-0.7 +Conflicts: man-pages < 2.43-12 +BuildRequires: automake, autoconf, libtool, systemd-units +BuildRequires: libtirpc-devel, quota-devel, tcp_wrappers-devel, systemd-devel +Requires(pre): coreutils shadow-utils +Requires(post): chkconfig systemd-units systemd-sysv +Requires(preun): systemd-units +Requires(postun): systemd-units coreutils + +Provides: portmap = %{version}-%{release} +Obsoletes: portmap <= 4.0-65.3 + +%description +The rpcbind utility is a server that converts RPC program numbers into +universal addresses. It must be running on the host to be able to make +RPC calls on a server on that machine. + +%prep +%setup -q +%patch001 -p1 +# 884165 - Package rpcbind-0.2.0-16.el7 failed RHEL7 RPMdiff testing +%patch002 -p1 +# 963512 - Cmd rpcinfo usage info is not correct +%patch003 -p1 +# 1171291 - Add nss-altfiles to rpcbind user lookup path +%patch004 -p1 +%patch005 -p1 +# 1203820 - First nfs mount command taking long time after every reboot +%patch006 -p1 +# 1174653 - rpcbind does not shutdown cleanly +%patch007 -p1 +# 1227852 - rpcbind-0.2.0-27.el7 emits error messages after every reboot +%patch008 -p1 +# 1283641 - CVE-2015-7236 rpcbind: Use-after-free vulnerability in PMAP_CALLIT +%patch009 -p1 +# 1358890 - Enable upstream debugging +%patch010 -p1 +# 1377531 - Compiler warning: implicit declaration of function 'xlog'.... +%patch011 -p1 +# 1377560 - Compiler warning: unused variable 'i' [-Wunused-variable] +%patch012 -p1 +# 1449456 rpcbind: Memory leak when failing to parse XDR strings... +%patch013 -p1 +# 1454876 - rpcbind crash on start +%patch014 -p1 +# 1637567 - rpcinfo: Fix stack buffer overflow +%patch015 -p1 + +%build +%ifarch s390 s390x +PIE="-fPIE" +%else +PIE="-fpie" +%endif +export PIE + +RELRO="-Wl,-z,relro,-z,now" + +RPCBUSR=rpc +RPCBDIR=/run/rpcbind +CFLAGS="`echo $RPM_OPT_FLAGS $ARCH_OPT_FLAGS $PIE $RELRO`" + +autoreconf -fisv +%configure CFLAGS="$CFLAGS" LDFLAGS="-pie" \ + --enable-warmstarts \ + --with-statedir="$RPCBDIR" \ + --with-rpcuser="$RPCBUSR" \ + --with-nss-modules="files altfiles" \ + --enable-libwrap \ + --enable-debug + +make all + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}{/sbin,/usr/sbin,/etc/sysconfig} +mkdir -p %{buildroot}%{_unitdir} +mkdir -p %{buildroot}%{_mandir}/man8 +mkdir -p %{buildroot}%%{_prefix}/lib/tmpfiles.d/ +mkdir -p %{buildroot}/var/lib/rpcbind +make DESTDIR=$RPM_BUILD_ROOT install + +mv -f ${RPM_BUILD_ROOT}%{_bindir}/rpcbind ${RPM_BUILD_ROOT}%{_sbindir} +mv -f ${RPM_BUILD_ROOT}%{_bindir}/rpcinfo ${RPM_BUILD_ROOT}%{_sbindir} +install -m644 %{SOURCE1} %{buildroot}%{_unitdir} +install -m644 %{SOURCE2} %{buildroot}%{_unitdir} +install -m644 %{SOURCE3} %{buildroot}/etc/sysconfig/rpcbind +install -d -m 0755 %{buildroot}%{_prefix}/lib/tmpfiles.d/ +install -m644 %{SOURCE4} %{buildroot}%{_prefix}/lib/tmpfiles.d/rpcbind.conf + +%clean +rm -rf %{buildroot} + +%pre + +# Softly static allocate the rpc uid and gid. +getent group rpc >/dev/null || groupadd -f -g 32 -r rpc +if ! getent passwd rpc >/dev/null ; then + if ! getent passwd 32 >/dev/null ; then + useradd -l -c "Rpcbind Daemon" -d /var/lib/rpcbind \ + -g rpc -M -s /sbin/nologin -o -u 32 rpc > /dev/null 2>&1 + else + useradd -l -c "Rpcbind Daemon" -d /var/lib/rpcbind \ + -g rpc -M -s /sbin/nologin rpc > /dev/null 2>&1 + fi +fi +%post +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl enable rpcbind.service >/dev/null 2>&1 || : +fi + +%preun +if [ $1 -eq 0 ]; then + # Package removal, not upgrade + /bin/systemctl --no-reload disable rpcbind.service >/dev/null 2>&1 || : + /bin/systemctl stop rpcbind.service >/dev/null 2>&1 || : + rm -rf /var/lib/rpcbind +fi + +%postun +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ]; then + # Package upgrade, not uninstall + /bin/systemctl try-restart rpcbind.service >/dev/null 2>&1 || : +fi + +%triggerun -- rpcbind < 0.2.0-15 +%{_bindir}/systemd-sysv-convert --save rpcbind >/dev/null 2>&1 ||: +/bin/systemctl --no-reload enable rpcbind.service >/dev/null 2>&1 +/sbin/chkconfig --del rpcbind >/dev/null 2>&1 || : +/bin/systemctl try-restart rpcbind.service >/dev/null 2>&1 || : + +%triggerin -- rpcbind > 0.2.0-26 +/bin/systemctl enable rpcbind.socket >/dev/null 2>&1 || : +/bin/systemctl restart rpcbind.socket >/dev/null 2>&1 || : + +%triggerpostun -- rpcbind < -2.2.0-29 +[ ! -d /run/rpcbind ] && mkdir /run/rpcbind || : +/usr/bin/chown rpc:rpc /run/rpcbind +[ -f /var/lib/rpcbind/rpcbind.xdr ] && \ + mv /var/lib/rpcbind/rpcbind.xdr /run/rpcbind || : +[ -f /var/lib/rpcbind/portmap.xdr ] && \ + mv /var/lib/rpcbind/portmap.xdr /run/rpcbind || : +[ -x /sbin/restorecon ] && /sbin/restorecon -R /run/rpcbind +/bin/systemctl try-restart nfs-server >/dev/null 2>&1 || : + +%files +%defattr(-,root,root) +%config(noreplace) /etc/sysconfig/rpcbind +%doc AUTHORS ChangeLog README +%{_sbindir}/rpcbind +%{_sbindir}/rpcinfo +%{_mandir}/man8/* +%{_unitdir}/rpcbind.service +%{_unitdir}/rpcbind.socket +%{_prefix}/lib/tmpfiles.d/rpcbind.conf +%dir %attr(700,rpc,rpc) /var/lib/rpcbind + +%changelog +* Tue Jan 22 2019 Steve Dickson - 0.2.0-48 +- rpcinfo: Fix stack buffer overflow (bz 1637567) + +* Sat Aug 25 2018 Steve Dickson - 0.2.0-47 +- rpcbind.service: Not pulling the rpcbind.target (bz 1613210) + +* Mon Aug 20 2018 Steve Dickson - 0.2.0-46 +- Updated the upsteam URL (bz 1583921) + +* Thu Apr 19 2018 Steve Dickson - 0.2.0-45 +- Added back the ListenStream stanzas from rpcbind.socket (bz 1530721) + +* Fri Jan 5 2018 Steve Dickson - 0.2.0-44 +* Removed ListenStream stanzas from rpcbind.socket (bz 1425758) + +* Wed Oct 25 2017 Steve Dickson - 0.2.0-43 +- Updated rpcbind.service to upstream version (bz 1425663) + +* Tue May 30 2017 Steve Dickson - 0.2.0-42 +- Stop freeing static memory (bz 1454876) + +* Wed May 17 2017 Steve Dickson - 0.2.0-41 +- Fixed typo in memory leaks patch (bz 1449456) + +* Thu May 11 2017 Steve Dickson - 0.2.0-40 +- Fixed memory leaks (bz 1449456) + +* Sat Feb 25 2017 Steve Dickson - 0.2.0-39 +- Added libtirpc dependency (bz 1396291) +- Removed xlog warning (bz 1377531) +- Removed an 'i' warning (bz 1377560) + +* Tue Aug 2 2016 Steve Dickson - 0.2.0-38 +- Removing the braces from the ${RPCBIND_ARGS} in rpcbind.service (bz 1362232) + +* Fri Jul 29 2016 Steve Dickson - 0.2.0-37 +- Make sure rpcbind.socket listens for remote IPv6 connections (bz 1359592) + +* Thu Jul 21 2016 Steve Dickson - 0.2.0-36 +- Added upstream debugging (bz 1358890) + +* Sat Apr 9 2016 Steve Dickson - 0.2.0-35 +- Restart rpcbind.socket on restarts (bz 1303751) +- Added localhost:111 to rpcbind socket activation (bz 1293430) +- Soft static allocate rpc uid/gid (bz 1321279) + +* Mon Nov 30 2015 Steve Dickson - 0.2.0-34 +- Fix memory corruption in PMAP_CALLIT code (bz 1283641) + +* Tue Oct 20 2015 Steve Dickson - 0.2.0-33 +- More triggerpostu typos (bz 1272841) + +* Fri Oct 2 2015 Steve Dickson - 0.2.0-32 +- Fixed typo in triggerpostu (bz 1268139) + +* Mon Sep 28 2015 Steve Dickson - 0.2.0-31 +- Use systemd-tmpfiles to create the warmstart direcory (bz 1240817) + +* Tue Sep 22 2015 Steve Dickson - 0.2.0-30 +- Create the warmstart file with the correct uid/gid (bz 1240817) + +* Thu Sep 10 2015 Steve Dickson - 0.2.0-29 +- Change RPCBDIR to be /run since that will exist after a + reboot and bindings wil be perserved during upgrades + but not reboots. (bz 1240817) + +* Thu Jul 30 2015 Steve Dickson - 0.2.0-28 +- Remove error message on warmstart (bz 1227852) + +* Mon May 4 2015 Steve Dickson - 0.2.0-27 +- Add nss-altfiles to rpcbind user lookup path (bz 1171291) +- Add support for systemd socket activation (bz 1203820) +- Added a tmpfiles.d configuration (bz 1181779) +- Shutdown cleanly (bz 1174653) + +* Sat Nov 15 2014 Steve Dickson - 0.2.0-26 +- Moved rpcbind from /sbin to /usr/sbin (bz 1159683) + +* Mon Sep 22 2014 Steve Dickson - 0.2.0-25 +- Fixed some warnings in in6_fillscopeid() (bz 884165) +- Fixed typo in rpcinfo manpage (bz 963512) +- Removed unnecessary targets from rpcbind.service (bz 1036791) + +* Fri Sep 19 2014 Steve Dickson - 0.2.0-24 +- Added the RELRO CFLAGS (bz 1092513) + +* Fri Jan 24 2014 Daniel Mach - 0.2.0-23 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 0.2.0-22 +- Mass rebuild 2013-12-27 + +* Thu Feb 14 2013 Fedora Release Engineering - 0.2.0-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Tue Oct 23 2012 Steve Dickson - 0.2.0-20 +- Update to the latest upstream release: rpcbind-0_2_1-rc4 (bz 869365) + +* Tue Oct 16 2012 Steve Dickson - 0.2.0-19 +- Renamed RPCBINDOPTS to RPCBIND_ARGS for backward compatibility (bz 861025) + +* Sun Oct 14 2012 Steve Dickson - 0.2.0-18 +- Fixed typo causing rpcbind to run as root (bz 734598) +- Added /etc/sysconfig/rpcbind config file (bz 861025) + +* Sat Jul 21 2012 Fedora Release Engineering - 0.2.0-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jan 14 2012 Fedora Release Engineering - 0.2.0-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Sep 12 2011 Steve Dickson - 0.2.0-15 +- Bumped up the tigger version to this version, 0.2.0-15 (bz 713574) + +* Fri Sep 9 2011 Tom Callaway - 0.2.0-14 +- fix scriptlets to enable service by default + +* Fri Jul 8 2011 Steve Dickson - 0.2.0-13 +- Spec file clean up + +* Thu Jul 7 2011 Steve Dickson - 0.2.0-12 +- Migrated SysV initscripts to systemd (bz 713574) + +* Thu Mar 17 2011 Steve Dickson - 0.2.0-11 +- Updated to the latest upstream release: rpcbind-0_2_1-rc3 + +* Wed Feb 09 2011 Fedora Release Engineering - 0.2.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Dec 13 2010 Steve Dickson - 0.2.0-9 +- Fixed an incorrect exit code for service rpcbind status (bz 662411) + +* Tue Nov 30 2010 Steve Dickson - 0.2.0-8 +- Updated to the latest upstream release: rpcbind-0.2.1-rc2 + +* Fri Jul 16 2010 Tom "spot" Callaway - 0.2.0-7 +- correct license tag to BSD + +* Tue Jul 13 2010 Steve Dickson - 0.2.0-6 +- Made initscript LSB compliant (bz 614193) +- Added no fork patch + +* Tue Jul 6 2010 Steve Dickson - 0.2.0-5 +- Set SO_REUSEADDR on listening sockets (bz 597356) + +* Sun Jul 26 2009 Fedora Release Engineering - 0.2.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Jul 06 2009 Adam Jackson 0.2.0-3 +- Requires(pre): coreutils for cut(1). + +* Thu Jun 25 2009 Steve Dickson - 0.2.0-2 +- Fixed pre scriptle failure during upgrades (bz 507364) +- Corrected the usage info to match what the rpcbind man + page says. (bz 466332) +- Correct package issues (bz 503508) + +* Fri May 29 2009 Steve Dickson - 0.2.0-1 +- Updated to latest upstream release: 0.2.0 + +* Tue May 19 2009 Tom "spot" Callaway - 0.1.7-3 +- Replace the Sun RPC license with the BSD license, with the explicit permission of Sun Microsystems + +* Wed Feb 25 2009 Fedora Release Engineering - 0.1.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Nov 19 2008 Steve Dickson 0.1.7-1 +- Update to latest upstream release: 0.1.7 + +* Tue Sep 30 2008 Steve Dickson 0.1.6-3 +- Fixed a typo in the rpcbind.init script that stop warm starts + from happening with conrestarts +- Fixed scriptlet failure (bz 462533) + +* Tue Sep 16 2008 Steve Dickson 0.1.6-2 +- Added usptream patches 01 thru 03 that do: + * Introduce helpers for ipprot/netid mapping + * Change how we decide on the netids to use for portmap + * Simplify port live check in pmap_svc.c + +* Wed Jul 9 2008 Steve Dickson 0.1.6-1 +- Updated to latest upstream release 0.1.6 + +* Wed Jul 2 2008 Steve Dickson 0.1.5-5 +- Fixed SYNOPSIS section in the rpcinfo man page (bz 453729) + +* Fri Jun 27 2008 Steve Dickson 0.1.5-4 +- Removed the documentation about the non-existent + '-L' flag (bz 446915) + +* Fri Jun 27 2008 Steve Dickson 0.1.5-3 +- Set password and service lookups to be local (bz 447092) + +* Mon Jun 23 2008 Steve Dickson 0.1.5-2 +- rpcbind needs to downgrade to non-priviledgied group. + +* Mon Jun 23 2008 Steve Dickson 0.1.5-1 +- Updated to latest upstream release 0.1.5 + +* Mon Feb 11 2008 Steve Dickson 0.1.4-14 +- Fixed a warning in pmap_svc.c +- Cleaned up warmstarts so uid are longer needed, also + changed condrestarts to use warmstarts. (bz 428496) + +* Thu Jan 24 2008 Steve Dickson 0.1.4-13 +- Fixed connectivity with Mac OS clients by making sure handle_reply() + sets the correct fromlen in its recvfrom() call (bz 244492) + +* Mon Dec 17 2007 Steve Dickson 0.1.4-12 +- Changed is_loopback() and check_access() see if the calling + address is an address on a local interface, just not a loopback + address (bz 358621). + +* Wed Oct 17 2007 Steve Dickson 0.1.4-11 +- Reworked logic in initscript so the correct exit is + used when networking does not exist or is set up + incorrectly. + +* Tue Oct 16 2007 Steve Dickson 0.1.4-10 +- Corrected a typo in the initscript from previous + commit. + +* Mon Oct 15 2007 Steve Dickson 0.1.4-9 +- Fixed typo in Summary (bz 331811) +- Corrected init script (bz 247046) + +* Sat Sep 15 2007 Steve Dickson 0.1.4-8 +- Fixed typo in init script (bz 248285) +- Added autoconf rules to turn on secure host checking + via libwrap. Also turned on host check by default (bz 248284) +- Changed init script to start service in runlevel 2 (bz 251568) +- Added a couple missing Requires(pre) (bz 247134) + +* Fri May 25 2007 Steve Dickson 0.1.4-7 +- Fixed condrestarts (bz 241332) + +* Tue May 22 2007 Steve Dickson 0.1.4-6 +- Fixed an ipv6 related segfault on startup (bz 240873) + +* Wed Apr 18 2007 Steve Dickson 0.1.4-5 +- Added dependency on setup which contains the correct + rpcbind /etc/service entry which in turns stops + rpcbind from haning when NIS is enabled. (bz 236865) + +* Wed Apr 11 2007 Jeremy Katz - 0.1.4-4 +- change man-pages requires into a conflicts as we don't have to have + man-pages installed, but if we do, we need the newer version + +* Fri Apr 6 2007 Steve Dickson 0.1.4-3 +- Fixed the Provides and Obsoletes statments to correctly + obsolete the portmap package. +* Tue Apr 3 2007 Steve Dickson 0.1.4-2 +- Added dependency on glibc-common which allows the + rpcinfo command to be installed in the correct place. +- Added dependency on man-pages so the rpcinfo man + pages don't conflict. +- Added the creation of /var/lib/rpcbind which will be + used to store state files. +- Make rpcbind run with the 'rpc' uid/gid when it exists. + +* Wed Feb 21 2007 Steve Dickson 0.1.4-1 +- Initial commit +- Spec reviewed (bz 228894) +- Added the Provides/Obsoletes which should + cause rpcbind to replace portmapper