diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8e091bf --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/xinetd-2.3.15.tar.gz diff --git a/.xinetd.metadata b/.xinetd.metadata new file mode 100644 index 0000000..0f9d53c --- /dev/null +++ b/.xinetd.metadata @@ -0,0 +1 @@ +168d54aeb181e271e68f4c53847c3e6b2574dba6 SOURCES/xinetd-2.3.15.tar.gz diff --git a/SOURCES/xinetd-2.3.14-autoconf.patch b/SOURCES/xinetd-2.3.14-autoconf.patch new file mode 100644 index 0000000..7ce2276 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-autoconf.patch @@ -0,0 +1,251 @@ +--- xinetd-2.3.14/configure.in 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-mod/configure.in 2009-07-29 10:05:44.000000000 +0200 +@@ -20,34 +20,34 @@ AC_CHECK_FUNCS(ecvt, , + AC_CHECK_FUNCS(gcvt, , + AC_CHECK_LIB(m, gcvt)) + +-AC_CHECK_FUNC(strerror, [AC_DEFINE(HAVE_STRERROR)]) +-AC_CHECK_FUNC(strcasecmp, [AC_DEFINE(HAVE_STRCASECMP)]) ++AC_CHECK_FUNC(strerror, [AC_DEFINE(HAVE_STRERROR, 1, "")]) ++AC_CHECK_FUNC(strcasecmp, [AC_DEFINE(HAVE_STRCASECMP, 1, "")]) + AC_CHECK_FUNC(socket, , + AC_CHECK_LIB(socket, socket, , + AC_CHECK_LIB(nsl, socket))) + AC_CHECK_FUNC(inet_aton, , + AC_CHECK_LIB(nsl, inet_aton, , + AC_CHECK_LIB(socket, inet_aton, , +- AC_CHECK_LIB(resolv, inet_aton, ,[AC_DEFINE(NO_INET_ATON)])))) +-AC_CHECK_FUNC(setenv,[AC_DEFINE(HAVE_SETENV)]) +-AC_CHECK_FUNC(strsignal, [AC_DEFINE(HAVE_STRSIGNAL)]) +-AC_CHECK_LIB(c, sys_siglist, [AC_DEFINE(HAVE_SYS_SIGLIST)]) +-AC_CHECK_FUNC(gai_strerror,[AC_DEFINE(HAVE_GAI_STRERROR)]) +-AC_CHECK_FUNC(freeaddrinfo,[AC_DEFINE(HAVE_FREEADDRINFO)]) +-AC_CHECK_FUNC(getaddrinfo,[AC_DEFINE(HAVE_GETADDRINFO)]) ++ AC_CHECK_LIB(resolv, inet_aton, ,[AC_DEFINE(NO_INET_ATON, 1, "")])))) ++AC_CHECK_FUNC(setenv,[AC_DEFINE(HAVE_SETENV, 1, "")]) ++AC_CHECK_FUNC(strsignal, [AC_DEFINE(HAVE_STRSIGNAL, 1, "")]) ++AC_CHECK_LIB(c, sys_siglist, [AC_DEFINE(HAVE_SYS_SIGLIST, 1, "")]) ++AC_CHECK_FUNC(gai_strerror,[AC_DEFINE(HAVE_GAI_STRERROR, 1, "")]) ++AC_CHECK_FUNC(freeaddrinfo,[AC_DEFINE(HAVE_FREEADDRINFO, 1, "")]) ++AC_CHECK_FUNC(getaddrinfo,[AC_DEFINE(HAVE_GETADDRINFO, 1, "")]) + + AC_CHECK_HEADERS(sys/types.h sys/termios.h termios.h sys/ioctl.h sys/select.h rpc/rpc.h rpc/rpcent.h sys/file.h ftw.h machine/reg.h netdb.h) +-AC_CHECK_HEADER(sys/resource.h, [AC_DEFINE(HAVE_SYS_RESOURCE_H)]) +-AC_CHECK_HEADER(arpa/inet.h, [AC_DEFINE(HAVE_ARPA_INET_H)]) +-AC_CHECK_HEADER(grp.h, [AC_DEFINE(HAVE_GRP_H)]) +-AC_CHECK_HEADER(rpc/pmap_clnt.h, [AC_DEFINE(HAVE_RPC_PMAP_CLNT_H)]) +-AC_CHECK_HEADER(sys/socket.h, [AC_DEFINE(HAVE_SYS_SOCKET_H)]) +-AC_CHECK_HEADER(sys/signal.h, [AC_DEFINE(HAVE_SYS_SIGNAL_H)]) +-AC_CHECK_HEADER(crypt.h, [AC_DEFINE(HAVE_CRYPT_H)]) +-AC_CHECK_HEADER(stdint.h, [AC_DEFINE(HAVE_STDINT_H)]) +-AC_CHECK_HEADER(stdbool.h, [AC_DEFINE(HAVE_STDBOOL_H)]) +-AC_CHECK_HEADER(sys/filio.h, [AC_DEFINE(HAVE_SYS_FILIO_H)]) +-AC_CHECK_HEADER(DNSServiceDiscovery/DNSServiceDiscovery.h, [AC_DEFINE(HAVE_DNSREGISTRATION) AC_DEFINE(HAVE_MDNS)]) ++AC_CHECK_HEADER(sys/resource.h, [AC_DEFINE(HAVE_SYS_RESOURCE_H, 1, "")]) ++AC_CHECK_HEADER(arpa/inet.h, [AC_DEFINE(HAVE_ARPA_INET_H, 1, "")]) ++AC_CHECK_HEADER(grp.h, [AC_DEFINE(HAVE_GRP_H, 1, "")]) ++AC_CHECK_HEADER(rpc/pmap_clnt.h, [AC_DEFINE(HAVE_RPC_PMAP_CLNT_H, 1, "")]) ++AC_CHECK_HEADER(sys/socket.h, [AC_DEFINE(HAVE_SYS_SOCKET_H, 1, "")]) ++AC_CHECK_HEADER(sys/signal.h, [AC_DEFINE(HAVE_SYS_SIGNAL_H, 1, "")]) ++AC_CHECK_HEADER(crypt.h, [AC_DEFINE(HAVE_CRYPT_H, 1, "")]) ++AC_CHECK_HEADER(stdint.h, [AC_DEFINE(HAVE_STDINT_H, 1, "")]) ++AC_CHECK_HEADER(stdbool.h, [AC_DEFINE(HAVE_STDBOOL_H, 1, "")]) ++AC_CHECK_HEADER(sys/filio.h, [AC_DEFINE(HAVE_SYS_FILIO_H, 1, "")]) ++AC_CHECK_HEADER(DNSServiceDiscovery/DNSServiceDiscovery.h, [AC_DEFINE(HAVE_DNSREGISTRATION, 1, "") AC_DEFINE(HAVE_MDNS, 1, "")]) + + AC_ARG_WITH(howl, [ --with-howl=PATH Compile in howl support. + PATH is the prefix where howl is installed, +@@ -56,7 +56,7 @@ AC_ARG_WITH(howl, [ --with-howl=PATH + OLDLDFLAGS=$LDFLAGS; LDFLAGS="-L$withval/lib/ $LDFLAGS"; + OLDCPPFLAGS=$CPPFLAGS; CPPFLAGS="-I$withval/include/howl/ $CPPFLAGS"; + AC_CHECK_HEADER($withval/include/howl/howl.h, +- [AC_DEFINE(HAVE_HOWL) AC_DEFINE(HAVE_MDNS)], ++ [AC_DEFINE(HAVE_HOWL, 1, "") AC_DEFINE(HAVE_MDNS, 1, "")], + [CFLAGS=$OLDCFLAGS; LDFLAGS=$OLDLDFLAGS; CPPFLAGS=$OLDCPPFLAGS;]) + AC_CHECK_LIB(howl, sw_discovery_publish, [LIBS="-lhowl $LIBS"], [ + OLDLIBS=$LIBS; LIBS="-lpthread $LIBS"; +@@ -88,7 +88,7 @@ AC_CACHE_CHECK([for struct addrinfo], ac + ) + ]) + if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then +- AC_DEFINE(HAVE_STRUCT_ADDRINFO) ++ AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, "") + fi + + AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ +@@ -103,7 +103,7 @@ AC_CACHE_CHECK([for struct in6_addr], ac + ) + ]) + if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then +- AC_DEFINE(HAVE_STRUCT_IN6_ADDR) ++ AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, "") + fi + + AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ +@@ -118,7 +118,7 @@ AC_CACHE_CHECK([for struct sockaddr_in6] + ) + ]) + if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then +- AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6) ++ AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, "") + fi + + AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ +@@ -133,15 +133,15 @@ AC_CACHE_CHECK([for struct sockaddr_stor + ) + ]) + if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then +- AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE) ++ AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, "") + fi + + + case "$target_os" in + + solaris*) +- AC_DEFINE(N0_SIGLIST) +- AC_DEFINE(solaris) ++ AC_DEFINE(N0_SIGLIST, 1, "") ++ AC_DEFINE(solaris, 1, "") + + AC_MSG_CHECKING(whether to compile in loadavg) + AC_ARG_WITH(loadavg, +@@ -153,12 +153,12 @@ solaris*) + yes) + AC_MSG_RESULT(yes) + AC_CHECK_LIB(kstat, main) +- AC_CHECK_HEADER(kstat.h, [AC_DEFINE(HAVE_KSTAT_H)]) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_CHECK_HEADER(kstat.h, [AC_DEFINE(HAVE_KSTAT_H, 1, "")]) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + esac ], AC_MSG_RESULT(no) ) + ;; +@@ -172,11 +172,11 @@ osf*) + ;; + yes) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + esac ], AC_MSG_RESULT(no)) + ;; +@@ -191,18 +191,18 @@ linux*|freebsd*) + ;; + yes) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + esac ], AC_MSG_RESULT(no)) + ;; + darwin* | "Mac OS"*) + ac_cv_prog_RANLIB="ranlib" + # AC_CHECK_FUNCS doesn't look in the proper header file... +- AC_DEFINE(HAVE_ISATTY) ++ AC_DEFINE(HAVE_ISATTY, 1, "") + CFLAGS="$CFLAGS -no-cpp-precomp" + AC_MSG_CHECKING(whether to compile in loadavg) + AC_ARG_WITH(loadavg,, +@@ -212,11 +212,11 @@ darwin* | "Mac OS"*) + ;; + yes) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + esac ], AC_MSG_RESULT(no)) + ;; +@@ -229,13 +229,13 @@ darwin* | "Mac OS"*) + ;; + yes) + AC_MSG_RESULT(yes) +- AC_DEFINE(bsdi) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(bsdi, 1, "") ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(bsdi) +- AC_DEFINE(HAVE_LOADAVG) ++ AC_DEFINE(bsdi, 1, "") ++ AC_DEFINE(HAVE_LOADAVG, 1, "") + ;; + esac ], AC_MSG_RESULT(no)) + ;; +@@ -245,7 +245,7 @@ esac + AC_CHECK_LIB(c, crypt, [:], [ + AC_CHECK_LIB(crypt, crypt, [ + LIBS="-lcrypt $LIBS" +- AC_DEFINE(HAVE_LIBCRYPT) ], []) ]) ++ AC_DEFINE(HAVE_LIBCRYPT, 1, "") ], []) ]) + + AC_CHECK_LIB(m, log10, [ LIBS="-lm $LIBS" ], []) + +@@ -263,16 +263,16 @@ AC_ARG_WITH(libwrap, + yes) + AC_MSG_RESULT(yes) + AC_CHECK_LIB(wrap, request_init, [ +- AC_DEFINE(LIBWRAP) ++ AC_DEFINE(LIBWRAP, 1, "") + WRAPLIBS="-lwrap" +- AC_DEFINE(HAVE_LIBWRAP) ]) ++ AC_DEFINE(HAVE_LIBWRAP, 1, "") ]) + AC_CHECK_LIB(nsl, yp_get_default_domain, [ + WRAPLIBS="$WRAPLIBS -lnsl" ]) + LIBS="$WRAPLIBS $LIBS" + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(LIBWRAP) ++ AC_DEFINE(LIBWRAP, 1, "") + if test -d "$withval"; then + WRAPLIBS="-L$withval -lwrap" + else +@@ -299,13 +299,13 @@ AC_ARG_WITH(labeled-networking, + yes) + AC_MSG_RESULT(yes) + AC_CHECK_LIB(selinux, setexeccon, [ +- AC_DEFINE(LABELED_NET) ++ AC_DEFINE(LABELED_NET, 1, "") + LABELLIBS="-lselinux" ]) + LIBS="$LABELLIBS $LIBS" + ;; + *) + AC_MSG_RESULT(yes) +- AC_DEFINE(LABELED_NET) ++ AC_DEFINE(LABELED_NET, 1, "") + if test -d "$withval"; then + LABELLIBS="-L$withval -lselinux" + else +--- xinetd-2.3.14/aclocal.m4 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14-mod/aclocal.m4 2009-07-29 10:10:03.000000000 +0200 +@@ -22,6 +22,6 @@ AC_CACHE_VAL(xinetd_cv_type_$1, + #endif], xinetd_cv_type_$1=yes, xinetd_cv_type_$1=no)])dnl + AC_MSG_RESULT($xinetd_cv_type_$1) + if test $xinetd_cv_type_$1 = no; then +- AC_DEFINE($1, $2) ++ AC_DEFINE($1, $2, "") + fi + ]) diff --git a/SOURCES/xinetd-2.3.14-bind-ipv6.patch b/SOURCES/xinetd-2.3.14-bind-ipv6.patch new file mode 100644 index 0000000..4bce76f --- /dev/null +++ b/SOURCES/xinetd-2.3.14-bind-ipv6.patch @@ -0,0 +1,29 @@ +--- xinetd-2.3.14/xinetd/service.c.old 2007-05-16 15:33:41.000000000 +0200 ++++ xinetd-2.3.14/xinetd/service.c 2007-05-16 15:29:53.000000000 +0200 +@@ -335,6 +335,15 @@ + + if ( SVC_FD(sp) == -1 ) + { ++ if (SC_BIND_ADDR(scp) == NULL && SC_IPV6( scp )) ++ { ++ /* there was no bind address configured and IPv6 fails. Try IPv4 */ ++ msg( LOG_NOTICE, func, "IPv6 socket creation failed for service %s, trying IPv4", SC_ID( scp ) ) ; ++ M_CLEAR(SC_XFLAGS(scp), SF_IPV6); ++ M_SET(SC_XFLAGS(scp), SF_IPV4); ++ return svc_activate(sp); ++ } ++ + msg( LOG_ERR, func, + "socket creation failed (%m). service = %s", SC_ID( scp ) ) ; + return( FAILED ) ; +--- xinetd-2.3.14/xinetd/confparse.c.old 2007-05-16 15:33:26.000000000 +0200 ++++ xinetd-2.3.14/xinetd/confparse.c 2007-05-16 15:15:22.000000000 +0200 +@@ -245,7 +245,7 @@ + M_SET(SC_XFLAGS(scp), SF_IPV6); + } + else +- M_SET(SC_XFLAGS(scp), SF_IPV4); ++ M_SET(SC_XFLAGS(scp), SF_IPV6); /*try bind IPv6 by default*/ + } + + if (SC_ORIG_BIND_ADDR(scp)) diff --git a/SOURCES/xinetd-2.3.14-clean-pfd.patch b/SOURCES/xinetd-2.3.14-clean-pfd.patch new file mode 100644 index 0000000..2509848 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-clean-pfd.patch @@ -0,0 +1,10 @@ +--- xinetd-2.3.14/xinetd/service.c.orig 2010-03-18 17:09:20.000000000 +0100 ++++ xinetd-2.3.14/xinetd/service.c 2010-03-18 17:09:37.000000000 +0100 +@@ -470,6 +470,7 @@ void svc_deactivate( struct service *sp + { + #ifdef HAVE_POLL + SVC_EVENTS( sp ) = 0; ++ SVC_FD( sp ) = 0; + #else + FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; + #endif /* HAVE_POLL */ diff --git a/SOURCES/xinetd-2.3.14-file-limit.patch b/SOURCES/xinetd-2.3.14-file-limit.patch new file mode 100644 index 0000000..b5a8e3a --- /dev/null +++ b/SOURCES/xinetd-2.3.14-file-limit.patch @@ -0,0 +1,126 @@ +diff -Nurp xinetd-2.3.14-orig/xinetd/attr.h xinetd-2.3.14-files/xinetd/attr.h +--- xinetd-2.3.14-orig/xinetd/attr.h 2005-10-05 19:15:33.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/attr.h 2009-10-20 13:08:45.000000000 +0200 +@@ -61,12 +61,13 @@ + #define A_DISABLED 43 + #define A_MDNS 44 + #define A_LIBWRAP 45 ++#define A_RLIMIT_FILES 46 + + /* + * SERVICE_ATTRIBUTES is the number of service attributes and also + * the number from which defaults-only attributes start. + */ +-#define SERVICE_ATTRIBUTES ( A_MDNS + 1 ) ++#define SERVICE_ATTRIBUTES ( A_MDNS + 2 ) + + /* + * Mask of attributes that must be specified. +diff -Nurp xinetd-2.3.14-orig/xinetd/child.c xinetd-2.3.14-files/xinetd/child.c +--- xinetd-2.3.14-orig/xinetd/child.c 2009-10-20 13:07:34.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/child.c 2009-10-20 13:10:16.000000000 +0200 +@@ -109,6 +109,10 @@ void exec_server( const struct server *s + + + #ifdef RLIMIT_NOFILE ++ if ( SC_RLIM_FILES( scp )) ++ { ++ ps.ros.max_descriptors = SC_RLIM_FILES( scp ); ++ } + rl.rlim_max = rl.rlim_cur = ps.ros.max_descriptors ; + (void) setrlimit( RLIMIT_NOFILE, &rl ) ; + #endif +diff -Nurp xinetd-2.3.14-orig/xinetd/parse.c xinetd-2.3.14-files/xinetd/parse.c +--- xinetd-2.3.14-orig/xinetd/parse.c 2005-10-05 19:15:33.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/parse.c 2009-10-20 13:08:45.000000000 +0200 +@@ -92,6 +92,9 @@ static const struct attribute service_at + #ifdef RLIMIT_DATA + { "rlimit_data", A_RLIMIT_DATA, 1, rlim_data_parser }, + #endif ++#ifdef RLIMIT_NOFILE ++ { "rlimit_files", A_RLIMIT_FILES, 1, rlim_files_parser }, ++#endif + #ifdef RLIMIT_RSS + { "rlimit_rss", A_RLIMIT_RSS, 1, rlim_rss_parser }, + #endif +diff -Nurp xinetd-2.3.14-orig/xinetd/parsers.c xinetd-2.3.14-files/xinetd/parsers.c +--- xinetd-2.3.14-orig/xinetd/parsers.c 2005-10-05 23:45:41.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/parsers.c 2009-10-20 13:08:45.000000000 +0200 +@@ -1415,6 +1415,29 @@ status_e rlim_data_parser( pset_h values + } + #endif + ++#ifdef RLIMIT_NOFILE ++status_e rlim_files_parser( pset_h values, ++ struct service_config *scp, ++ enum assign_op op ) ++{ ++ char *mem = (char *) pset_pointer( values, 0 ) ; ++ const char *func = "rlim_files_parser" ; ++ ++ if ( EQ( mem, "UNLIMITED" ) ) ++ SC_RLIM_FILES(scp) = (rlim_t)RLIM_INFINITY ; ++ else ++ { ++ if ( get_limit ( mem, &SC_RLIM_FILES(scp)) ) ++ { ++ parsemsg( LOG_ERR, func, ++ "Max files limit is invalid: %s", mem ) ; ++ return( FAILED ) ; ++ } ++ } ++ return( OK ) ; ++} ++#endif ++ + #ifdef RLIMIT_RSS + status_e rlim_rss_parser( pset_h values, + struct service_config *scp, +diff -Nurp xinetd-2.3.14-orig/xinetd/parsers.h xinetd-2.3.14-files/xinetd/parsers.h +--- xinetd-2.3.14-orig/xinetd/parsers.h 2005-10-05 19:15:33.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/parsers.h 2009-10-20 13:08:45.000000000 +0200 +@@ -57,6 +57,9 @@ status_e rlim_cpu_parser(pset_h, struct + #ifdef RLIMIT_DATA + status_e rlim_data_parser(pset_h, struct service_config *, enum assign_op) ; + #endif ++#ifdef RLIMIT_NOFILE ++status_e rlim_files_parser(pset_h, struct service_config *, enum assign_op) ; ++#endif + #ifdef RLIMIT_RSS + status_e rlim_rss_parser(pset_h, struct service_config *, enum assign_op) ; + #endif +diff -Nurp xinetd-2.3.14-orig/xinetd/sconf.h xinetd-2.3.14-files/xinetd/sconf.h +--- xinetd-2.3.14-orig/xinetd/sconf.h 2009-10-20 13:07:34.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/sconf.h 2009-10-20 13:08:45.000000000 +0200 +@@ -143,6 +143,7 @@ struct service_config + rlim_t sc_rlim_as; + rlim_t sc_rlim_cpu; + rlim_t sc_rlim_data; ++ rlim_t sc_rlim_files; + rlim_t sc_rlim_rss; + rlim_t sc_rlim_stack; + mode_t sc_umask; +@@ -191,6 +192,7 @@ struct service_config + #define SC_RLIM_AS( scp ) (scp)->sc_rlim_as + #define SC_RLIM_CPU( scp ) (scp)->sc_rlim_cpu + #define SC_RLIM_DATA( scp ) (scp)->sc_rlim_data ++#define SC_RLIM_FILES( scp ) (scp)->sc_rlim_files + #define SC_RLIM_RSS( scp ) (scp)->sc_rlim_rss + #define SC_RLIM_STACK( scp ) (scp)->sc_rlim_stack + #define SC_TYPE( scp ) (scp)->sc_type +diff -Nurp xinetd-2.3.14-orig/xinetd/xinetd.conf.man xinetd-2.3.14-files/xinetd/xinetd.conf.man +--- xinetd-2.3.14-orig/xinetd/xinetd.conf.man 2009-10-20 13:07:34.000000000 +0200 ++++ xinetd-2.3.14-files/xinetd/xinetd.conf.man 2009-10-20 13:08:45.000000000 +0200 +@@ -569,6 +569,12 @@ is implemented, it is more useful to set + rlimit_rss and rlimit_stack. This resource limit is only implemented on + Linux systems. + .TP ++.B rlimit_files ++Sets the maximum number of open files that the service may use. ++One parameter is required, which is a positive integer representing ++the number of open file descriptors. Practical limit of this number ++is around 1024000. ++.TP + .B rlimit_cpu + Sets the maximum number of CPU seconds that the service may use. + One parameter is required, which is either a positive integer representing diff --git a/SOURCES/xinetd-2.3.14-fix-type-punned-ptr.patch b/SOURCES/xinetd-2.3.14-fix-type-punned-ptr.patch new file mode 100644 index 0000000..993169f --- /dev/null +++ b/SOURCES/xinetd-2.3.14-fix-type-punned-ptr.patch @@ -0,0 +1,22 @@ +diff --git a/sensor.c b/sensor.c +index 09d0877..e65018c 100644 +--- a/xinetd/sensor.c ++++ b/xinetd/sensor.c +@@ -100,14 +100,15 @@ void process_sensor( const struct service *sp, const union xsockaddr *addr) + { + /* Here again, eh?...update time stamp. */ + char *exp_time; +- time_t stored_time; ++ int stored_time; + + item_matched--; /* Is # plus 1, to even get here must be >= 1 */ + exp_time = pset_pointer( global_no_access_time, item_matched ) ; + if (exp_time == NULL) + return ; + +- if ( parse_base10(exp_time, (int *)&stored_time) ) ++ /* FIXME: Parse (long int) instead of (int) prior to possible Y2K38 bug. */ ++ if ( parse_base10(exp_time, &stored_time ) ) + { /* if never let them off, bypass */ + if (stored_time != -1) + { diff --git a/SOURCES/xinetd-2.3.14-ident-bind.patch b/SOURCES/xinetd-2.3.14-ident-bind.patch new file mode 100644 index 0000000..2df97ea --- /dev/null +++ b/SOURCES/xinetd-2.3.14-ident-bind.patch @@ -0,0 +1,42 @@ +448069: xinetd: socket bind: Invalid argument (errno = 22) when using USERID on ipv6 + +Use right size of addresses in bind() call. Also use getpeername addresses when +connecting to ident service to prevent address family mismatch between socket(), +bind() and connect() calls. + +Author: Jan Safranek +Reviewed-By: Adam Tkac + +diff -up xinetd-2.3.14/xinetd/ident.c.orig xinetd-2.3.14/xinetd/ident.c +--- xinetd-2.3.14/xinetd/ident.c.orig 2008-05-29 16:30:19.000000000 +0200 ++++ xinetd-2.3.14/xinetd/ident.c 2008-05-29 16:29:57.000000000 +0200 +@@ -97,7 +98,13 @@ idresult_e log_remote_user( const struct + } + + CLEAR( sin_contact ); +- sin_remote = *CONN_XADDRESS( SERVER_CONNECTION( serp ) ) ; ++ ++ sin_len = sizeof( sin_remote ); ++ if ( getpeername( SERVER_FD( serp ), &sin_remote.sa, &sin_len ) == -1 ) ++ { ++ msg( LOG_ERR, func, "(%d) getpeername: %m", getpid() ) ; ++ return( IDR_ERROR ) ; ++ } + sin_contact = sin_remote; + memcpy( &sin_bind, &sin_local, sizeof(sin_bind) ) ; + local_port = 0; +@@ -121,7 +128,13 @@ idresult_e log_remote_user( const struct + msg( LOG_ERR, func, "socket creation: %m" ) ; + return( IDR_ERROR ) ; + } +- if ( bind(sd, &sin_bind.sa, sizeof(sin_bind.sa)) == -1 ) ++ ++ if ( sin_bind.sa.sa_family == AF_INET ) ++ sin_len = sizeof( sin_bind.sa_in ) ; ++ else ++ sin_len = sizeof( sin_bind.sa_in6 ) ; ++ ++ if ( bind(sd, &sin_bind.sa, sin_len) == -1 ) + { + msg( LOG_ERR, func, "socket bind: %m" ) ; + (void) Sclose( sd ) ; diff --git a/SOURCES/xinetd-2.3.14-instances.patch b/SOURCES/xinetd-2.3.14-instances.patch new file mode 100644 index 0000000..6def242 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-instances.patch @@ -0,0 +1,22 @@ +--- xinetd-2.3.14/xinetd/access.c 2005-10-05 19:15:33.000000000 +0200 ++++ xinetd-2.3.14-mod/xinetd/access.c 2012-03-05 14:54:30.935416926 +0100 +@@ -73,6 +73,7 @@ static void cps_service_restart(void) + unsigned int i; + time_t nowtime; + const char *func = "cps_service_restart"; ++ int rs; + + nowtime = time(NULL); + for( i=0; i < pset_count( SERVICES(ps) ); i++ ) { +@@ -84,8 +85,11 @@ static void cps_service_restart(void) + if( SVC_STATE(sp) == SVC_DISABLED ) { + scp = SVC_CONF( sp ); + if ( SC_TIME_REENABLE(scp) <= nowtime ) { ++ rs = SVC_RUNNING_SERVERS(sp); + /* re-enable the service */ + if( svc_activate(sp) == OK ) { ++ /* remember running servers after restart */ ++ SVC_RUNNING_SERVERS(sp) = rs; + msg(LOG_ERR, func, + "Activating service %s", SC_NAME(scp)); + } else { diff --git a/SOURCES/xinetd-2.3.14-ipv6confusion.patch b/SOURCES/xinetd-2.3.14-ipv6confusion.patch new file mode 100644 index 0000000..5f0b431 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-ipv6confusion.patch @@ -0,0 +1,17 @@ +--- xinetd-2.3.14/xinetd/ident.c.jw 2010-03-10 17:49:53.000000000 +1100 ++++ xinetd-2.3.14/xinetd/ident.c 2010-03-10 17:50:30.000000000 +1100 +@@ -108,12 +108,12 @@ + memcpy( &sin_bind, &sin_local, sizeof(sin_bind) ) ; + local_port = 0; + remote_port = 0; +- if( sin_remote.sa.sa_family == AF_INET ) { ++ if( sin_remote.sa.sa_family == AF_INET6 ) { + local_port = ntohs( sin_local.sa_in6.sin6_port ) ; + remote_port = ntohs( sin_remote.sa_in6.sin6_port ) ; + sin_contact.sa_in6.sin6_port = htons( IDENTITY_SERVICE_PORT ) ; + sin_bind.sa_in.sin_port = 0 ; +- } else if( sin_remote.sa.sa_family == AF_INET6 ) { ++ } else if( sin_remote.sa.sa_family == AF_INET ) { + local_port = ntohs( sin_local.sa_in.sin_port ) ; + remote_port = ntohs( sin_remote.sa_in.sin_port ) ; + sin_contact.sa_in.sin_port = htons( IDENTITY_SERVICE_PORT ) ; diff --git a/SOURCES/xinetd-2.3.14-leaking-fds-2a.patch b/SOURCES/xinetd-2.3.14-leaking-fds-2a.patch new file mode 100644 index 0000000..90901e5 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-leaking-fds-2a.patch @@ -0,0 +1,41 @@ +diff -Naur xinetd-2.3.14-dist/xinetd/service.c xinetd-2.3.14/xinetd/service.c +--- xinetd-2.3.14-dist/xinetd/service.c 2012-04-03 08:59:19.000000000 +0200 ++++ xinetd-2.3.14/xinetd/service.c 2012-04-03 09:02:34.588160317 +0200 +@@ -366,12 +366,24 @@ + + msg( LOG_ERR, func, + "socket creation failed (%m). service = %s", SC_ID( scp ) ) ; ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = 0; ++ SVC_FD( sp ) = 0; ++#else ++ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif /* HAVE_POLL */ + return( FAILED ) ; + } + + if ( set_fd_modes( sp ) == FAILED ) + { + (void) Sclose( SVC_FD(sp) ) ; ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = 0; ++ SVC_FD( sp ) = 0; ++#else ++ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif /* HAVE_POLL */ + return( FAILED ) ; + } + +@@ -385,6 +397,12 @@ + if ( status == FAILED ) + { + (void) Sclose( SVC_FD(sp) ) ; ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = 0; ++ SVC_FD( sp ) = 0; ++#else ++ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif /* HAVE_POLL */ + return( FAILED ) ; + } + diff --git a/SOURCES/xinetd-2.3.14-leaking-fds.patch b/SOURCES/xinetd-2.3.14-leaking-fds.patch new file mode 100644 index 0000000..bc1b919 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-leaking-fds.patch @@ -0,0 +1,52 @@ +diff -up xinetd-2.3.14-dist/xinetd/service.c xinetd-2.3.14/xinetd/service.c +--- xinetd-2.3.14-dist/xinetd/service.c 2012-01-11 11:50:43.438650900 +0100 ++++ xinetd-2.3.14/xinetd/service.c 2012-01-16 08:18:09.462620084 +0100 +@@ -88,6 +88,7 @@ struct service *svc_new( struct service_ + CLEAR( *sp ) ; + + SVC_CONF(sp) = scp ; ++ sp->svc_pfd_index = -1; + return( sp ) ; + } + +@@ -346,7 +347,16 @@ status_e svc_activate( struct service *s + ps.rws.pfds_last)*sizeof(struct pollfd)); + ps.rws.pfd_array = tmp; + } +- SVC_POLLFD( sp ) = &ps.rws.pfd_array[ps.rws.pfds_last++] ; ++ if ( sp->svc_pfd_index >= 0 ) ++ { ++ SVC_POLLFD( sp ) = &ps.rws.pfd_array[sp->svc_pfd_index] ; ++ } ++ else ++ { ++ sp->svc_pfd_index = ps.rws.pfds_last ; ++ SVC_POLLFD( sp ) = &ps.rws.pfd_array[ps.rws.pfds_last++] ; ++ } ++ + #endif /* HAVE_POLL */ + + if( SC_IPV4( scp ) ) { +@@ -433,6 +443,11 @@ status_e svc_activate( struct service *s + static void deactivate( const struct service *sp ) + { + (void) Sclose( SVC_FD( sp ) ) ; ++#ifdef HAVE_POLL ++ SVC_FD( sp ) = 0; ++#else ++ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif + + #ifdef HAVE_MDNS + xinetd_mdns_deregister(SVC_CONF(sp)); +diff -up xinetd-2.3.14-dist/xinetd/service.h xinetd-2.3.14/xinetd/service.h +--- xinetd-2.3.14-dist/xinetd/service.h 2012-01-11 11:50:43.418650925 +0100 ++++ xinetd-2.3.14/xinetd/service.h 2012-01-16 08:02:59.667553008 +0100 +@@ -47,6 +47,7 @@ struct service + { + state_e svc_state ; + int svc_ref_count ; /* # of pters to this struct */ ++ int svc_pfd_index; /* index of pfd in pfd_array */ + struct service_config *svc_conf ; /* service configuration */ + + #ifdef HAVE_POLL diff --git a/SOURCES/xinetd-2.3.14-man-section.patch b/SOURCES/xinetd-2.3.14-man-section.patch new file mode 100644 index 0000000..03f1914 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-man-section.patch @@ -0,0 +1,16 @@ +117746: xinetd.log man page in wrong section + +Put xinetd.log to the right man section. + +diff -up xinetd-2.3.13/Makefile.in.orig xinetd-2.3.13/Makefile.in +--- xinetd-2.3.13/Makefile.in.orig 2007-12-06 10:58:32.000000000 +0100 ++++ xinetd-2.3.13/Makefile.in 2008-01-15 13:39:38.000000000 +0100 +@@ -80,7 +80,7 @@ install: build + $(INSTALL_CMD) -m 755 xinetd/itox $(DAEMONDIR) + $(INSTALL_CMD) -m 755 $(SRCDIR)/xinetd/xconv.pl $(DAEMONDIR) + $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.conf.man $(MANDIR)/man5/xinetd.conf.5 +- $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.log.man $(MANDIR)/man8/xinetd.log.8 ++ $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.log.man $(MANDIR)/man5/xinetd.log.5 + $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.man $(MANDIR)/man8/xinetd.8 + $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/itox.8 $(MANDIR)/man8/itox.8 + $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xconv.pl.8 $(MANDIR)/man8/xconv.pl.8 diff --git a/SOURCES/xinetd-2.3.14-many-services.patch b/SOURCES/xinetd-2.3.14-many-services.patch new file mode 100644 index 0000000..8459b6c --- /dev/null +++ b/SOURCES/xinetd-2.3.14-many-services.patch @@ -0,0 +1,27 @@ +--- xinetd-2.3.14-dist/xinetd/defs.h 2012-01-16 12:20:54.739041678 +0100 ++++ xinetd-2.3.14/xinetd/defs.h 2012-01-17 08:06:56.800762230 +0100 +@@ -115,8 +115,9 @@ union xsockaddr { + */ + + #ifdef HAVE_POLL +-#define INIT_POLLFDS 1024 +-#define MAX_POLLFDS 8192 ++#define INIT_POLLFDS 4096 ++/* FIXME: not used */ ++#define MAX_POLLFDS 16384 + #endif + + /* +--- xinetd-2.3.14-dist/xinetd/service.c 2012-01-16 12:20:54.741041678 +0100 ++++ xinetd-2.3.14/xinetd/service.c 2012-01-17 08:07:28.872746991 +0100 +@@ -343,9 +343,9 @@ status_e svc_activate( struct service *s + out_of_memory( func ); + return( FAILED ); + } ++ ps.rws.pfd_array = tmp; + memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated- + ps.rws.pfds_last)*sizeof(struct pollfd)); +- ps.rws.pfd_array = tmp; + } + if ( sp->svc_pfd_index >= 0 ) + { diff --git a/SOURCES/xinetd-2.3.14-poll.patch b/SOURCES/xinetd-2.3.14-poll.patch new file mode 100644 index 0000000..bd87ae5 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-poll.patch @@ -0,0 +1,1202 @@ +diff -Nurp xinetd-2.3.14-orig/config.h.in xinetd-2.3.14-poll/config.h.in +--- xinetd-2.3.14-orig/config.h.in 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/config.h.in 2009-09-02 11:30:27.000000000 +0200 +@@ -106,6 +106,8 @@ + + #undef HAVE_HOWL + ++#undef HAVE_POLL ++ + /* OS specific */ + #undef solaris + +diff -Nurp xinetd-2.3.14-orig/configure.in xinetd-2.3.14-poll/configure.in +--- xinetd-2.3.14-orig/configure.in 2009-09-02 11:32:54.000000000 +0200 ++++ xinetd-2.3.14-poll/configure.in 2009-09-02 11:30:27.000000000 +0200 +@@ -35,6 +35,7 @@ AC_CHECK_LIB(c, sys_siglist, [AC_DEFINE( + AC_CHECK_FUNC(gai_strerror,[AC_DEFINE(HAVE_GAI_STRERROR, 1, "")]) + AC_CHECK_FUNC(freeaddrinfo,[AC_DEFINE(HAVE_FREEADDRINFO, 1, "")]) + AC_CHECK_FUNC(getaddrinfo,[AC_DEFINE(HAVE_GETADDRINFO, 1, "")]) ++AC_CHECK_FUNC(poll, [AC_DEFINE(HAVE_POLL, 1, "")]) + + AC_CHECK_HEADERS(sys/types.h sys/termios.h termios.h sys/ioctl.h sys/select.h rpc/rpc.h rpc/rpcent.h sys/file.h ftw.h machine/reg.h netdb.h) + AC_CHECK_HEADER(sys/resource.h, [AC_DEFINE(HAVE_SYS_RESOURCE_H, 1, "")]) +diff -Nurp xinetd-2.3.14-orig/xinetd/conf.c xinetd-2.3.14-poll/xinetd/conf.c +--- xinetd-2.3.14-orig/xinetd/conf.c 2003-12-30 14:44:09.000000000 +0100 ++++ xinetd-2.3.14-poll/xinetd/conf.c 2009-09-02 11:30:27.000000000 +0200 +@@ -209,8 +209,13 @@ unsigned cnf_start_services( struct conf + pset_clear( sconfs ) ; + + if ( debug.on ) ++#ifdef HAVE_POLL ++ msg( LOG_DEBUG, func, "pfds_last = %d, services_started = %d", ++ ps.rws.pfds_last, services_started ) ; ++#else + msg( LOG_DEBUG, func, "mask_max = %d, services_started = %d", + ps.rws.mask_max, services_started ) ; ++#endif + + return( services_started ) ; + } +diff -Nurp xinetd-2.3.14-orig/xinetd/defs.h xinetd-2.3.14-poll/xinetd/defs.h +--- xinetd-2.3.14-orig/xinetd/defs.h 2005-03-29 17:50:34.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/defs.h 2009-09-02 11:30:27.000000000 +0200 +@@ -111,6 +111,15 @@ union xsockaddr { + #define LISTEN_BACKLOG 64 + + /* ++ * constants for limiting ps.rws.fd_list ++ */ ++ ++#ifdef HAVE_POLL ++#define INIT_POLLFDS 1024 ++#define MAX_POLLFDS 8192 ++#endif ++ ++/* + * When explicit values are given for enum's, that is because the structures + * that the enum's are in may be initialized by a memory clear operation. + */ +diff -Nurp xinetd-2.3.14-orig/xinetd/child.c xinetd-2.3.14-poll/xinetd/child.c +--- xinetd-2.3.14-orig/xinetd/child.c 2003-09-06 16:41:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/child.c 2009-09-02 11:30:27.000000000 +0200 +@@ -109,8 +109,7 @@ void exec_server( const struct server *s + + + #ifdef RLIMIT_NOFILE +- rl.rlim_max = ps.ros.orig_max_descriptors ; +- rl.rlim_cur = ps.ros.max_descriptors ; ++ rl.rlim_max = rl.rlim_cur = ps.ros.max_descriptors ; + (void) setrlimit( RLIMIT_NOFILE, &rl ) ; + #endif + #ifdef RLIMIT_AS +diff -Nurp xinetd-2.3.14-orig/xinetd/init.c xinetd-2.3.14-poll/xinetd/init.c +--- xinetd-2.3.14-orig/xinetd/init.c 2003-09-06 16:41:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/init.c 2009-09-02 11:30:27.000000000 +0200 +@@ -17,7 +17,7 @@ + #include + #include + #include +- ++#include + #include "sio.h" + #include "init.h" + #include "defs.h" +@@ -140,7 +140,6 @@ static void set_fd_limit(void) + { + #ifdef RLIMIT_NOFILE + struct rlimit rl ; +- rlim_t maxfd ; + + /* + * Set the soft file descriptor limit to the hard limit. +@@ -151,25 +150,9 @@ static void set_fd_limit(void) + exit( 1 ) ; + } + +- maxfd = rl.rlim_max; + if ( rl.rlim_max == RLIM_INFINITY ) + rl.rlim_max = FD_SETSIZE; + +- /* XXX: a dumb way to prevent fd_set overflow possibilities; the rest +- * of xinetd should be changed to use an OpenBSD inetd-like fd_grow(). */ +- if ( rl.rlim_max > FD_SETSIZE ) +- rl.rlim_max = FD_SETSIZE; +- +- rl.rlim_cur = rl.rlim_max ; +- if ( setrlimit( RLIMIT_NOFILE, &rl ) == -1 ) +- { +- syscall_failed("setrlimit(RLIMIT_NOFILE)"); +- ps.ros.max_descriptors = FD_SETSIZE; +- ps.ros.orig_max_descriptors = FD_SETSIZE; +- return ; +- } +- +- ps.ros.orig_max_descriptors = maxfd ; + ps.ros.max_descriptors = rl.rlim_max ; + #else /* ! RLIMIT_NOFILE */ + ps.ros.max_descriptors = getdtablesize() ; +@@ -292,15 +275,27 @@ static pset_h new_table( unsigned size ) + */ + static void init_rw_state( void ) + { ++ const char *func = "init_rw_state" ; + SERVERS( ps ) = new_table( 0 ) ; + RETRIES( ps ) = new_table( 0 ) ; + SERVICES( ps ) = new_table( 0 ) ; + + ps.rws.descriptors_free = ps.ros.max_descriptors - DESCRIPTORS_RESERVED ; + ++#ifdef HAVE_POLL ++ ps.rws.pfds_allocated = INIT_POLLFDS ; ++ ps.rws.pfd_array = (struct pollfd *) ++ malloc( sizeof( struct pollfd ) * ps.rws.pfds_allocated ) ; ++ if ( ps.rws.pfd_array == NULL ) ++ { ++ out_of_memory(func); ++ exit( 1 ) ; ++ } ++ ps.rws.pfds_last = 0 ; ++#else + FD_ZERO( &ps.rws.socket_mask ) ; + ps.rws.mask_max = 0 ; +- ++#endif /* HAVE_POLL */ + } + + +diff -Nurp xinetd-2.3.14-orig/xinetd/intcommon.c xinetd-2.3.14-poll/xinetd/intcommon.c +--- xinetd-2.3.14-orig/xinetd/intcommon.c 2003-08-06 08:12:10.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/intcommon.c 2009-09-03 16:15:49.000000000 +0200 +@@ -14,6 +14,9 @@ + #include + #include + #include ++#ifdef HAVE_POLL ++#include ++#endif + + #include "intcommon.h" + #include "msg.h" +@@ -36,27 +39,38 @@ void int_fail( const struct intercept_s + /* + * Returns either a positive number or -1 + */ ++#ifdef HAVE_POLL ++int int_poll( int pfds_last, struct pollfd *pfd_array ) ++{ ++ const char *func = "int_poll" ; ++#else + int int_select( int max, fd_set *read_mask ) + { + const char *func = "int_select" ; ++#endif + + for ( ;; ) + { + int n_ready ; + +- n_ready = select( max+1, read_mask, +- FD_SET_NULL, FD_SET_NULL, TIMEVAL_NULL ) ; ++ do { ++#ifdef HAVE_POLL ++ n_ready = poll( pfd_array, pfds_last, -1 ); ++#else ++ n_ready = select( max+1, read_mask, ++ FD_SET_NULL, FD_SET_NULL, TIMEVAL_NULL ) ; ++#endif ++ } while (n_ready == -1 && errno == EINTR); ++ ++ + if ( n_ready > 0 ) + return( n_ready ) ; +- else if ( n_ready == -1 ) { +- if ( errno == EINTR ) +- continue ; +- else +- { +- msg( LOG_ERR, func, "select: %m" ) ; +- return( -1 ) ; +- } +- } ++#ifdef HAVE_POLL ++ msg( LOG_ERR, func, "poll: %m" ) ; ++#else ++ msg( LOG_ERR, func, "select: %m" ) ; ++#endif ++ return( -1 ) ; + } + } + +diff -Nurp xinetd-2.3.14-orig/xinetd/internals.c xinetd-2.3.14-poll/xinetd/internals.c +--- xinetd-2.3.14-orig/xinetd/internals.c 2003-09-06 16:41:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/internals.c 2009-09-03 10:38:29.000000000 +0200 +@@ -53,6 +53,9 @@ void dump_internal_state(void) + const char *dump_file = DUMP_FILE ; + time_t current_time ; + int fd ; ++#ifdef HAVE_POLL ++ int *listed_fds; ++#endif + unsigned u ; + const char *func = "dump_internal_state" ; + +@@ -104,6 +107,41 @@ void dump_internal_state(void) + server_dump( SERP( pset_pointer( RETRIES( ps ), u ) ), dump_fd ) ; + Sputchar( dump_fd, '\n' ) ; + ++#ifdef HAVE_POLL ++ /* ++ * Dump the socket mask ++ */ ++ listed_fds = (int *)calloc(sizeof(int),ps.ros.max_descriptors); ++ if (listed_fds != NULL) ++ { ++ Sprint( dump_fd, "Socket mask:" ) ; ++ for ( fd = 0 ; fd < ps.rws.pfds_last ; fd++ ) ++ { ++ listed_fds[ps.rws.pfd_array[fd].fd] = 1; ++ Sprint( dump_fd, " %d", ps.rws.pfd_array[fd].fd ) ; ++ } ++ Sputchar( dump_fd, '\n' ) ; ++ Sprint( dump_fd, "pfds_last = %d\n", ps.rws.pfds_last ) ; ++ ++ /* ++ * Dump the descriptors that are open and are *not* in the socket list ++ */ ++ Sprint( dump_fd, "Open descriptors (not in socket mask):" ) ; ++ for ( fd = 0 ; (unsigned)fd < ps.ros.max_descriptors ; fd++ ) ++ { ++ struct stat st ; ++ ++ if ( !listed_fds[fd] && fstat( fd, &st ) != -1 ) ++ Sprint( dump_fd, " %d", fd ) ; ++ } ++ ++ Sputchar( dump_fd, '\n' ) ; ++ Sputchar( dump_fd, '\n' ) ; ++ free(listed_fds); ++ } ++ else ++ Sprint( dump_fd, "Could not dump open descriptors, not enough memory!\n" ); ++#else /* !HAVE_POLL */ + /* + * Dump the socket mask + */ +@@ -114,6 +152,7 @@ void dump_internal_state(void) + Sputchar( dump_fd, '\n' ) ; + Sprint( dump_fd, "mask_max = %d\n", ps.rws.mask_max ) ; + ++ + /* + * Dump the descriptors that are open and are *not* in the socket mask + */ +@@ -130,6 +169,7 @@ void dump_internal_state(void) + } + Sputchar( dump_fd, '\n' ) ; + Sputchar( dump_fd, '\n' ) ; ++#endif /* !HAVE_POLL */ + + Sprint( dump_fd, "active_services = %d\n", ps.rws.active_services ) ; + Sprint( dump_fd, "available_services = %d\n", ps.rws.available_services ) ; +@@ -162,7 +202,6 @@ enum check_type { PERIODIC, USER_REQUEST + static void consistency_check( enum check_type type ) + { + int fd ; +- fd_set socket_mask_copy ; + unsigned u ; + int errors ; + unsigned total_running_servers = 0 ; +@@ -171,7 +210,19 @@ static void consistency_check( enum chec + bool_int service_count_check_failed = FALSE ; + const char *func = "consistency_check" ; + ++ ++#ifdef HAVE_POLL ++ struct pollfd *pfd_array_copy = calloc(sizeof(struct pollfd), ps.rws.pfds_last); ++ if (pfd_array_copy == NULL) ++ { ++ msg( LOG_ERR, func, "Could not run consistency check! Not enough memory!\n" ) ; ++ return; ++ } ++ memcpy(pfd_array_copy, ps.rws.pfd_array, ps.rws.pfds_last*sizeof(struct pollfd)); ++#else /* !HAVE_POLL */ ++ fd_set socket_mask_copy ; + socket_mask_copy = ps.rws.socket_mask ; ++#endif /* HAVE_POLL */ + + for ( u = 0 ; u < pset_count( SERVICES( ps ) ) ; u++ ) + { +@@ -184,9 +235,22 @@ static void consistency_check( enum chec + + if ( SVC_IS_AVAILABLE( sp ) || SVC_IS_DISABLED ( sp ) ) + { ++ + /* + * In this case, there may be some servers running + */ ++#ifdef HAVE_POLL ++ if ( pfd_array_copy[ SVC_POLLFD_OFF( sp ) ].events ) ++ { ++ if ( SVC_IS_DISABLED( sp ) ) ++ { ++ msg( LOG_ERR, func, ++ "fd of disabled service %s still in socket mask", sid ) ; ++ error_count++ ; ++ } ++ pfd_array_copy[ SVC_POLLFD_OFF( sp ) ].events = 0; ++ } ++#else /* !HAVE_POLL */ + if ( FD_ISSET( SVC_FD( sp ), &socket_mask_copy ) ) + { + if ( SVC_IS_DISABLED( sp ) ) +@@ -197,8 +261,9 @@ static void consistency_check( enum chec + } + FD_CLR( SVC_FD( sp ), &socket_mask_copy ) ; + } +- error_count += thread_check( sp, running_servers, retry_servers ) ; ++#endif /* HAVE_POLL */ + ++ error_count += thread_check( sp, running_servers, retry_servers ) ; + errors = service_count_check( sp, running_servers, retry_servers ) ; + if ( ! errors && ! service_count_check_failed ) + { +@@ -248,6 +313,18 @@ static void consistency_check( enum chec + /* + * Check if there are any descriptors set in socket_mask_copy + */ ++#ifdef HAVE_POLL ++ for ( fd = 0 ; fd < ps.rws.pfds_last ; fd++) ++ if ( pfd_array_copy[fd].events && pfd_array_copy[fd].fd != signals_pending[0] && ++ pfd_array_copy[fd].fd != signals_pending[1] ) ++ { ++ msg( LOG_ERR, func, ++ "descriptor %d set in socket mask but there is no service for it", ++ fd ) ; ++ error_count++ ; ++ } ++ free(pfd_array_copy); ++#else /* !HAVE_POLL */ + for ( fd = 0 ; (unsigned)fd < ps.ros.max_descriptors ; fd++ ) + if ( FD_ISSET( fd, &socket_mask_copy ) && ((fd != signals_pending[0]) && fd != signals_pending[1])) + { +@@ -256,6 +333,7 @@ static void consistency_check( enum chec + fd ) ; + error_count++ ; + } ++#endif /* !HAVE_POLL */ + + if ( error_count != 0 ) + msg( LOG_WARNING, func, +@@ -304,7 +382,6 @@ static unsigned service_count_check( str + } + + +- + /* + * If the service is single-threaded: + * if the descriptor is set in the socket mask, there must +@@ -317,7 +394,11 @@ static unsigned thread_check( struct ser + unsigned retry_servers ) + { + unsigned error_count = 0 ; ++#ifdef HAVE_POLL ++ struct pollfd *pfd= SVC_POLLFD( sp ) ; ++#else + int sd = SVC_FD( sp ) ; ++#endif + char *sid = SVC_ID( sp ) ; + const char *func = "thread_check" ; + +@@ -325,13 +406,21 @@ static unsigned thread_check( struct ser + { + bool_int has_servers = ( running_servers + retry_servers != 0 ) ; + ++#ifdef HAVE_POLL ++ if ( has_servers && pfd->events ) ++#else + if ( has_servers && FD_ISSET( sd, &ps.rws.socket_mask ) ) ++#endif + { + msg( LOG_ERR, func, + "Active single-threaded service %s: server running, descriptor set", sid ) ; + error_count++ ; + } ++#ifdef HAVE_POLL ++ if ( !has_servers && !pfd->events ) ++#else + if ( !has_servers && !FD_ISSET( sd, &ps.rws.socket_mask ) ) ++#endif + { + msg( LOG_ERR, func, + "Active single-threaded service %s: no server running, descriptor not set", +@@ -340,7 +429,11 @@ static unsigned thread_check( struct ser + } + } + else ++#ifdef HAVE_POLL ++ if ( ! pfd->events ) ++#else + if ( ! FD_ISSET( sd, &ps.rws.socket_mask ) ) ++#endif + { + msg( LOG_ERR, func, + "Active multi-threaded service %s: descriptor not set", sid ) ; +diff -Nurp xinetd-2.3.14-orig/xinetd/main.c xinetd-2.3.14-poll/xinetd/main.c +--- xinetd-2.3.14-orig/xinetd/main.c 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/main.c 2009-09-03 16:23:11.000000000 +0200 +@@ -25,6 +25,9 @@ + #include "xtimer.h" + #include "sensor.h" + #include "xmdns.h" ++#ifdef HAVE_POLL ++#include "xpoll.h" ++#endif + + #ifdef __GNUC__ + __attribute__ ((noreturn)) +@@ -119,16 +122,24 @@ static void main_loop(void) + { + const char *func = "main_loop" ; + struct timeval tv, *tvptr = NULL; ++#ifdef HAVE_POLL ++ struct pollfd *signal_pfd; + +- FD_SET(signals_pending[0], &ps.rws.socket_mask); ++ ps.rws.pfd_array[ps.rws.pfds_last].fd = signals_pending[0] ; ++ ps.rws.pfd_array[ps.rws.pfds_last].events = POLLIN ; ++ signal_pfd = &ps.rws.pfd_array[ps.rws.pfds_last] ; ++ ps.rws.pfds_last++; ++#else ++ FD_SET(signals_pending[0], &ps.rws.socket_mask) ; + if ( signals_pending[0] > ps.rws.mask_max ) + ps.rws.mask_max = signals_pending[0] ; +- if ( signals_pending[1] > ps.rws.mask_max ) +- ps.rws.mask_max = signals_pending[1] ; ++#endif /* HAVE_POLL */ + + for ( ;; ) + { ++#ifndef HAVE_POLL + fd_set read_mask ; ++#endif + int n_active ; + unsigned u ; + +@@ -144,9 +155,14 @@ static void main_loop(void) + tvptr = NULL; + } + ++#ifdef HAVE_POLL ++ n_active = poll( ps.rws.pfd_array, ps.rws.pfds_last, ++ tvptr == NULL ? -1 : tvptr->tv_sec*1000 ) ; ++#else + read_mask = ps.rws.socket_mask ; + n_active = select( ps.rws.mask_max+1, &read_mask, + FD_SET_NULL, FD_SET_NULL, tvptr ) ; ++#endif + if ( n_active == -1 ) + { + if ( errno == EINTR ) { +@@ -165,11 +181,27 @@ static void main_loop(void) + + xtimer_poll(); + +- if( FD_ISSET(signals_pending[0], &read_mask) ) { ++#ifdef HAVE_POLL ++ if ( POLLFD_REVENTS( signal_pfd ) ) ++ { ++ if ( POLLFD_REVENTS( signal_pfd ) & (POLLERR | POLLHUP | ++ POLLNVAL) ) ++ find_bad_fd(); ++ else ++ { ++ check_pipe(); ++ if ( --n_active == 0 ) ++ continue ; ++ } ++ } ++#else ++ if( FD_ISSET(signals_pending[0], &read_mask) ) ++ { + check_pipe(); + if ( --n_active == 0 ) + continue ; + } ++#endif + + #ifdef HAVE_MDNS + if( xinetd_mdns_poll() == 0 ) +@@ -186,19 +218,33 @@ static void main_loop(void) + if ( ! SVC_IS_ACTIVE( sp ) ) + continue ; + ++#ifdef HAVE_POLL ++ if ( SVC_REVENTS( sp ) ) ++ { ++ if ( SVC_REVENTS( sp ) & (POLLERR | POLLHUP | ++ POLLNVAL) ) ++ find_bad_fd(); ++ else ++ { ++ svc_request( sp ) ; ++ if ( --n_active == 0 ) ++ break ; ++ } ++ } ++#else + if ( FD_ISSET( SVC_FD( sp ), &read_mask ) ) + { + svc_request( sp ) ; + if ( --n_active == 0 ) + break ; + } ++#endif + } + if ( n_active > 0 ) + msg( LOG_ERR, func, "%d descriptors still set", n_active ) ; + } + } + +- + /* + * This function identifies if any of the fd's in the socket mask + * is bad. We use it in case select(2) returns EBADF +@@ -208,13 +254,29 @@ static void main_loop(void) + static void find_bad_fd(void) + { + int fd ; ++#ifdef HAVE_POLL ++ const char *reason; ++#else + struct stat st ; ++#endif + unsigned bad_fd_count = 0 ; + const char *func = "find_bad_fd" ; + ++#ifdef HAVE_POLL ++ for ( fd = 0 ; (unsigned)fd < ps.rws.pfds_last ; fd++ ) ++ if ( ps.rws.pfd_array[fd].revents & ( POLLHUP|POLLNVAL|POLLERR ) ) ++ { ++ if ( ps.rws.pfd_array[fd].revents & POLLHUP ) ++ reason = "hung up"; ++ else if ( ps.rws.pfd_array[fd].revents & POLLNVAL ) ++ reason = "been closed"; ++ else if ( ps.rws.pfd_array[fd].revents & POLLERR ) ++ reason = "reported error condition"; ++#else + for ( fd = 0 ; (unsigned)fd < ps.ros.max_descriptors ; fd++ ) + if ( FD_ISSET( fd, &ps.rws.socket_mask ) && fstat( fd, &st ) == -1 ) + { ++#endif + int found = FALSE ; + unsigned u ; + +@@ -239,7 +301,11 @@ static void find_bad_fd(void) + } + if ( ! found ) + { ++#ifdef HAVE_POLL ++ ps.rws.pfd_array[fd].events = 0; ++#else + FD_CLR( fd, &ps.rws.socket_mask ) ; ++#endif + msg( LOG_ERR, func, + "No active service for file descriptor %d\n", fd ) ; + bad_fd_count++ ; +diff -Nurp xinetd-2.3.14-orig/xinetd/redirect.c xinetd-2.3.14-poll/xinetd/redirect.c +--- xinetd-2.3.14-orig/xinetd/redirect.c 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/redirect.c 2009-09-02 16:00:34.000000000 +0200 +@@ -58,14 +58,19 @@ void redir_handler( struct server *serp + struct service *sp = SERVER_SERVICE( serp ); + struct service_config *scp = SVC_CONF( sp ); + int RedirDescrip = SERVER_FD( serp ); +- int maxfd; + ssize_t num_read, num_wrote=0, ret=0; + unsigned int sin_len = 0; + unsigned long bytes_in = 0, bytes_out = 0; + int no_to_nagle = 1; + int on = 1, v6on; + char buff[NET_BUFFER]; ++#ifdef HAVE_POLL ++ struct pollfd *pfd_array; ++ int pfds_last = 0; ++#else + fd_set rdfd, msfd; ++ int maxfd; ++#endif + struct timeval *timep = NULL; + const char *func = "redir_handler"; + union xsockaddr serveraddr ; +@@ -141,19 +146,43 @@ void redir_handler( struct server *serp + msg(LOG_ERR, func, "setsockopt RedirDescrip failed: %m"); + } + ++#ifdef HAVE_POLL ++#define REDIR_DESCRIP_INDEX 0 ++#define REDIR_SERVER_INDEX 1 ++ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ if (pfd_array == NULL) ++ { ++ msg( LOG_ERR, func, "Cannot allocate memory for file descriptors!\n"); ++ exit( 1 ); ++ } ++ pfd_array[ REDIR_DESCRIP_INDEX ].fd = RedirDescrip; ++ pfd_array[ REDIR_DESCRIP_INDEX ].events = POLLIN; ++ pfd_array[ REDIR_SERVER_INDEX ].fd = RedirServerFd; ++ pfd_array[ REDIR_SERVER_INDEX ].events = POLLIN; ++ pfds_last += 2; ++#else + maxfd = (RedirServerFd > RedirDescrip)?RedirServerFd:RedirDescrip; + FD_ZERO(&msfd); + FD_SET(RedirDescrip, &msfd); + FD_SET(RedirServerFd, &msfd); ++#endif + + while(1) { ++#ifdef HAVE_POLL ++ if ( poll( pfd_array, pfds_last, -1 ) <= 0 ) { ++#else + memcpy(&rdfd, &msfd, sizeof(rdfd)); + if (select(maxfd + 1, &rdfd, (fd_set *)0, (fd_set *)0, timep) <= 0) { ++#endif + /* place for timeout code, currently does not time out */ + break; + } + ++#ifdef HAVE_POLL ++ if ( pfd_array[REDIR_DESCRIP_INDEX].revents ) { ++#else + if (FD_ISSET(RedirDescrip, &rdfd)) { ++#endif + do { + num_read = read(RedirDescrip, + buff, sizeof(buff)); +@@ -179,7 +208,11 @@ void redir_handler( struct server *serp + } + } + ++#ifdef HAVE_POLL ++ if ( pfd_array[REDIR_SERVER_INDEX].revents ) { ++#else + if (FD_ISSET(RedirServerFd, &rdfd)) { ++#endif + do { + num_read = read(RedirServerFd, + buff, sizeof(buff)); +diff -Nurp xinetd-2.3.14-orig/xinetd/server.c xinetd-2.3.14-poll/xinetd/server.c +--- xinetd-2.3.14-orig/xinetd/server.c 2005-03-29 17:50:34.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/server.c 2009-09-02 11:30:27.000000000 +0200 +@@ -298,7 +298,11 @@ void server_end( struct server *serp ) + + /* Added this for when accepting wait=yes services */ + if( SVC_WAITS( sp ) ) ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = POLLIN ; ++#else + FD_SET( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif /* HAVE_POLL */ + + svc_postmortem( sp, serp ) ; + server_release( serp ) ; +diff -Nurp xinetd-2.3.14-orig/xinetd/service.c xinetd-2.3.14-poll/xinetd/service.c +--- xinetd-2.3.14-orig/xinetd/service.c 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/service.c 2009-09-02 17:03:49.000000000 +0200 +@@ -71,8 +71,6 @@ static const struct name_value service_s + { "BAD STATE", 0 } + } ; + +- +- + /* + * Allocate a new struct service and initialize it from scp + */ +@@ -115,6 +113,10 @@ struct service *svc_make_special( struct + + void svc_free( struct service *sp ) + { ++#ifdef HAVE_POLL ++ *SVC_POLLFD( sp ) = ps.rws.pfd_array[--ps.rws.pfds_last] ; ++#endif /* HAVE_POLL */ ++ + sc_free( SVC_CONF(sp) ) ; + CLEAR( *sp ) ; + FREE_SVC( sp ) ; +@@ -325,6 +327,25 @@ status_e svc_activate( struct service *s + return( OK ); + } + ++#ifdef HAVE_POLL ++ if ( ps.rws.pfds_last >= ps.rws.pfds_allocated ) ++ { ++ int pos; ++ ps.rws.pfds_allocated += INIT_POLLFDS; ++ struct pollfd *tmp = (struct pollfd *)realloc( ps.rws.pfd_array, ++ ps.rws.pfds_allocated*sizeof(struct pollfd)); ++ if ( tmp == NULL ) ++ { ++ out_of_memory( func ); ++ return( FAILED ); ++ } ++ memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated- ++ ps.rws.pfds_last)*sizeof(struct pollfd)); ++ ps.rws.pfd_array = tmp; ++ } ++ SVC_POLLFD( sp ) = &ps.rws.pfd_array[ps.rws.pfds_last++] ; ++#endif /* HAVE_POLL */ ++ + if( SC_IPV4( scp ) ) { + SVC_FD(sp) = socket( AF_INET, + SC_SOCKET_TYPE( scp ), SC_PROTOVAL( scp ) ) ; +@@ -390,9 +411,14 @@ status_e svc_activate( struct service *s + + SVC_STATE(sp) = SVC_ACTIVE ; + ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = POLLIN ; ++#else + FD_SET( SVC_FD(sp), &ps.rws.socket_mask ) ; ++ + if ( SVC_FD(sp) > ps.rws.mask_max ) + ps.rws.mask_max = SVC_FD(sp) ; ++#endif /* HAVE_POLL */ + + ps.rws.active_services++ ; + ps.rws.available_services++ ; +@@ -442,7 +468,11 @@ void svc_deactivate( struct service *sp + + if ( SVC_IS_ACTIVE( sp ) ) + { ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = 0; ++#else + FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif /* HAVE_POLL */ + ps.rws.active_services-- ; + } + +@@ -465,7 +495,15 @@ void svc_suspend( struct service *sp ) + return ; + } + ++#ifdef HAVE_POLL ++ /* ++ * don't reap the pfd from pfd_array, since we must have it allocated for ++ * SVC_FD( sp ) ++ */ ++ SVC_EVENTS( sp ) = 0; ++#else + FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif + ps.rws.active_services-- ; + if ( debug.on ) + msg( LOG_DEBUG, func, "Suspended service %s", SVC_ID( sp ) ) ; +@@ -481,7 +519,12 @@ void svc_resume( struct service *sp ) + { + const char *func = "svc_resume" ; + ++#ifdef HAVE_POLL ++ SVC_EVENTS( sp ) = POLLIN ; ++#else + FD_SET( SVC_FD( sp ), &ps.rws.socket_mask ) ; ++#endif ++ + ps.rws.active_services++ ; + if ( debug.on ) + msg( LOG_DEBUG, func, "Resumed service %s", SVC_ID( sp ) ) ; +diff -Nurp xinetd-2.3.14-orig/xinetd/service.h xinetd-2.3.14-poll/xinetd/service.h +--- xinetd-2.3.14-orig/xinetd/service.h 2005-03-29 17:50:34.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/service.h 2009-09-03 16:24:16.000000000 +0200 +@@ -17,6 +17,9 @@ + #include "pset.h" + #include "xlog.h" + #include "server.h" ++#ifdef HAVE_POLL ++#include "xpoll.h" ++#endif + + /* + * $Id: service.h,v 1.6 2012-05-09 15:40:29 bbraun Exp $ +@@ -45,7 +48,13 @@ struct service + state_e svc_state ; + int svc_ref_count ; /* # of pters to this struct */ + struct service_config *svc_conf ; /* service configuration */ ++ ++#ifdef HAVE_POLL ++ struct pollfd *svc_pfd ; /* pointer to the pollfd */ ++#else + int svc_fd ; /* The Listening FD for the service */ ++#endif /* HAVE_POLL */ ++ + unsigned svc_running_servers ; + unsigned svc_retry_servers ; + unsigned svc_attempts ; /* # of attempts to start server */ +@@ -70,7 +79,17 @@ struct service + * Field access macros + */ + #define SVC_CONF( sp ) ( (sp)->svc_conf ) ++ ++#ifdef HAVE_POLL ++#define SVC_POLLFD( sp ) ( (sp)->svc_pfd ) ++#define SVC_POLLFD_OFF( sp ) ( SVC_POLLFD( sp )-ps.rws.pfd_array ) ++#define SVC_EVENTS( sp ) ( POLLFD_EVENTS( SVC_POLLFD( sp ) ) ) ++#define SVC_REVENTS( sp ) ( POLLFD_REVENTS( SVC_POLLFD( sp ) ) ) ++#define SVC_FD( sp ) ( POLLFD_FD( SVC_POLLFD( sp ) ) ) ++#else + #define SVC_FD( sp ) ( (sp)->svc_fd ) ++#endif /* HAVE_POLL */ ++ + #define SVC_RUNNING_SERVERS( sp ) (sp)->svc_running_servers + #define SVC_RETRIES( sp ) (sp)->svc_retry_servers + #define SVC_LOG( sp ) (sp)->svc_log +diff -Nurp xinetd-2.3.14-orig/xinetd/state.h xinetd-2.3.14-poll/xinetd/state.h +--- xinetd-2.3.14-orig/xinetd/state.h 2005-03-31 01:15:28.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/state.h 2009-09-02 11:30:27.000000000 +0200 +@@ -21,7 +21,10 @@ + #endif + #include "libportable.h" + +-#ifdef HAVE_SYS_SELECT_H ++#ifdef HAVE_POLL ++#include ++#endif ++#if HAVE_SYS_SELECT_H + #include + #endif + +@@ -32,7 +35,6 @@ + + struct read_only_state + { +- rlim_t orig_max_descriptors ; /* original soft rlimit */ + rlim_t max_descriptors ; /* original hard rlimit or OPEN_MAX */ + rlim_t process_limit ; /* if 0, there is no limit */ + int cc_interval ; /* # of seconds the cc gets invoked. */ +@@ -58,8 +60,15 @@ struct read_write_state + int available_services ; /* # of available services */ + int active_services ; /* services with descriptors set */ + /* in socket mask */ ++#ifdef HAVE_POLL ++ struct pollfd *pfd_array; /* array passed to poll(2) */ ++ int pfds_last; /* index of last fd in the array */ ++ int pfds_allocated; /* size of the array */ ++#else + fd_set socket_mask ; + int mask_max ; ++#endif /* HAVE_POLL */ ++ + pset_h servers ; /* table of running servers */ + pset_h retries ; /* table of servers to retry */ + pset_h services ; /* table of services */ +diff -Nurp xinetd-2.3.14-orig/xinetd/tcpint.c xinetd-2.3.14-poll/xinetd/tcpint.c +--- xinetd-2.3.14-orig/xinetd/tcpint.c 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/tcpint.c 2009-09-02 16:49:32.000000000 +0200 +@@ -63,7 +63,15 @@ struct intercept_s *si_init( struct serv + return( ip ) ; + } + ++#ifdef HAVE_POLL ++static status_e handle_io( psi_h iter, channel_s *chp, ++ struct pollfd *pfd_handled, ++ struct pollfd *pfd_array, ++ int *pfds_last, ++ stream_status_e (*iofunc)() ); ++#else + static status_e handle_io( psi_h iter, channel_s *chp, fd_set *maskp, stream_status_e (*iofunc)() ); ++#endif + static stream_status_e tcp_local_to_remote( channel_s *chp ); + static stream_status_e tcp_remote_to_local( channel_s *chp ); + static void connection_request( struct intercept_s *ip, channel_s **chpp ); +@@ -82,14 +90,26 @@ void si_exit(void) + static void si_mux(void) + { + struct intercept_s *ip = &stream_intercept_state ; ++#ifdef HAVE_POLL ++ struct pollfd *pfd_array; ++ int pfds_last = 0; ++ int pfds_allocated = INIT_POLLFDS; ++#else + fd_set socket_mask ; + int mask_max ; ++#endif + psi_h iter ; + const char *func = "si_mux" ; + ++#ifdef HAVE_POLL ++ pfd_array = calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ pfd_array[ pfds_last ].fd = INT_REMOTE( ip ) ; ++ pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT; ++#else + FD_ZERO( &socket_mask ) ; + FD_SET( INT_REMOTE( ip ), &socket_mask ) ; + mask_max = INT_REMOTE( ip ) ; ++#endif + + iter = psi_create( INT_CONNECTIONS( ip ) ) ; + if ( iter == NULL ) +@@ -101,26 +121,43 @@ static void si_mux(void) + for ( ;; ) + { + channel_s *chp ; ++#ifndef HAVE_POLL + fd_set read_mask ; ++#endif + int n_ready ; + ++#ifdef HAVE_POLL ++ n_ready = int_poll( pfds_last, pfd_array ) ; ++#else + read_mask = socket_mask ; + n_ready = int_select( mask_max+1, &read_mask ) ; ++#endif + + if ( n_ready == -1 ) + return ; + ++#ifdef HAVE_POLL ++ if ( pfd_array[0].revents & ( POLLIN | POLLOUT ) ) ++#else + if ( FD_ISSET( INT_REMOTE( ip ), &read_mask ) ) ++#endif + { + connection_request( ip, &chp ) ; + if ( chp != NULL ) + { ++#ifdef HAVE_POLL ++ pfd_array[ pfds_last ].fd = chp->ch_local_socket ; ++ pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT ; ++ pfd_array[ pfds_last ].fd = chp->ch_remote_socket ; ++ pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT ; ++#else + FD_SET( chp->ch_local_socket, &socket_mask ) ; + if ( chp->ch_local_socket > mask_max ) + mask_max = chp->ch_local_socket ; + FD_SET( chp->ch_remote_socket, &socket_mask ) ; + if ( chp->ch_remote_socket > mask_max ) + mask_max = chp->ch_remote_socket ; ++#endif + } + if ( --n_ready == 0 ) + continue ; +@@ -128,27 +165,57 @@ static void si_mux(void) + + for ( chp = CHP( psi_start(iter) ) ; chp ; chp = CHP( psi_next(iter) ) ) + { ++#ifdef HAVE_POLL ++ int i; ++ struct pollfd *local_pfd = NULL, *remote_pfd = NULL; ++ ++ /* TODO: detection with O(n)=1 */ ++ for (i = 0 ; i < pfds_last ; i++ ) ++ if (pfd_array[i].fd == chp->ch_local_socket) ++ local_pfd = &pfd_array[i]; ++ else if (pfd_array[i] .fd== chp->ch_remote_socket) ++ remote_pfd = &pfd_array[i]; ++ ++ if ( local_pfd != NULL && ++ local_pfd->revents & ( POLLIN | POLLOUT) ) ++#else + if ( FD_ISSET( chp->ch_local_socket, &read_mask ) ) ++#endif + { + #ifdef DEBUG_TCPINT + if ( debug.on ) + msg( LOG_DEBUG, func, "Input available on local socket %d", + chp->ch_local_socket ) ; + #endif ++#ifdef HAVE_POLL ++ if ( handle_io( iter, chp, local_pfd, pfd_array, ++ &pfds_last, tcp_local_to_remote ) == FAILED ) ++#else + if ( handle_io( iter, chp, &socket_mask, tcp_local_to_remote ) == FAILED ) ++#endif + return ; + if ( --n_ready == 0 ) + break ; + } + ++#ifdef HAVE_POLL ++ if ( remote_pfd != NULL && ++ remote_pfd->revents & ( POLLIN | POLLOUT) ) ++#else + if ( FD_ISSET( chp->ch_remote_socket, &read_mask ) ) ++#endif + { + #ifdef DEBUG_TCPINT + msg( LOG_DEBUG, func, "Input available on remote socket %d", + chp->ch_remote_socket ) ; + #endif ++#ifdef HAVE_POLL ++ if ( handle_io( iter, chp, remote_pfd, pfd_array, ++ &pfds_last, tcp_local_to_remote ) == FAILED ) ++#else + if ( handle_io( iter, chp, + &socket_mask, tcp_remote_to_local ) == FAILED ) ++#endif + return ; + if ( --n_ready == 0 ) + break ; +@@ -158,10 +225,19 @@ static void si_mux(void) + } + + ++#ifdef HAVE_POLL ++static status_e handle_io( psi_h iter, ++ channel_s *chp, ++ struct pollfd *pfd_handled, ++ struct pollfd *pfd_array, ++ int *pfds_last, ++ stream_status_e (*iofunc)() ) ++#else + static status_e handle_io( psi_h iter, + channel_s *chp, + fd_set *maskp, + stream_status_e (*iofunc)() ) ++#endif + { + const char *func = "handle_io" ; + +@@ -178,8 +254,13 @@ static status_e handle_io( psi_h iter, + xaddrname( &chp->ch_from ), ntohs(xaddrport( &chp->ch_from )), + chp->ch_local_socket, chp->ch_remote_socket ) ; + ++#ifdef HAVE_POLL ++ if ( pfd_handled != NULL) ++ *pfd_handled = pfd_array[ --( *pfds_last ) ]; ++#else + FD_CLR( chp->ch_local_socket, maskp ) ; + FD_CLR( chp->ch_remote_socket, maskp ) ; ++#endif + (void) Sclose( chp->ch_remote_socket ) ; + (void) Sclose( chp->ch_local_socket ) ; + psi_remove( iter ) ; +diff -Nurp xinetd-2.3.14-orig/xinetd/udpint.c xinetd-2.3.14-poll/xinetd/udpint.c +--- xinetd-2.3.14-orig/xinetd/udpint.c 2009-07-27 13:27:59.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/udpint.c 2009-09-02 16:59:33.000000000 +0200 +@@ -15,6 +15,9 @@ + #include + #include + ++#ifdef HAVE_POLL ++#include ++#endif + #ifdef HAVE_SYS_SELECT_H + #include + #endif +@@ -97,34 +100,61 @@ void di_exit(void) + static void di_mux(void) + { + struct intercept_s *ip = &dgram_intercept_state ; ++#ifdef HAVE_POLL ++ struct pollfd *pfd_array; ++ int pfds_last = 0; ++ int pfds_allocated = INIT_POLLFDS; ++#else + fd_set socket_mask ; + int mask_max ; ++#endif + ++#ifdef HAVE_POLL ++ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ pfd_array[ pfds_last ].fd = INT_REMOTE( ip ); ++ pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT; ++#else + FD_ZERO( &socket_mask ) ; + FD_SET( INT_REMOTE( ip ), &socket_mask ) ; + mask_max = INT_REMOTE( ip ) ; ++#endif + + for ( ;; ) + { + unsigned u ; + channel_s *chp ; ++#ifndef HAVE_POLL + fd_set read_mask ; ++#endif + int n_ready ; + ++#ifdef HAVE_POLL ++ n_ready = int_poll( pfds_last, pfd_array ) ; ++#else + read_mask = socket_mask ; + n_ready = int_select( mask_max+1, &read_mask ) ; ++#endif + + if ( n_ready == -1 ) + return ; + ++#ifdef HAVE_POLL ++ if ( pfd_array[0].revents & ( POLLIN | POLLOUT ) ) ++#else + if ( FD_ISSET( INT_REMOTE( ip ), &read_mask ) ) ++#endif + { + udp_remote_to_local( ip, &chp ) ; + if ( chp != NULL ) + { ++#ifdef HAVE_POLL ++ pfd_array[ pfds_last ].fd = chp->ch_local_socket ; ++ pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT ; ++#else + FD_SET( chp->ch_local_socket, &socket_mask ) ; + if ( chp->ch_local_socket > mask_max ) + mask_max = chp->ch_local_socket ; ++#endif + } + if ( --n_ready == 0 ) + continue ; +@@ -134,7 +164,17 @@ static void di_mux(void) + { + chp = CHP( pset_pointer( INT_CONNECTIONS( ip ), u ) ) ; + ++#ifdef HAVE_POLL ++ int i; ++ /* TODO: detection with O(n)=1 */ ++ for (i = 0 ; i < pfds_last ; i++) ++ if (pfd_array[i].fd == chp->ch_local_socket) ++ break; ++ if (pfd_array[i].fd == chp->ch_local_socket && ++ (pfd_array[i].revents & ( POLLIN | POLLOUT ))) ++#else + if ( FD_ISSET( chp->ch_local_socket, &read_mask ) ) ++#endif + { + if ( udp_local_to_remote( chp ) == FAILED ) + return ; +diff -Nurp xinetd-2.3.14-orig/xinetd/xmdns.c xinetd-2.3.14-poll/xinetd/xmdns.c +--- xinetd-2.3.14-orig/xinetd/xmdns.c 2005-04-08 23:23:07.000000000 +0200 ++++ xinetd-2.3.14-poll/xinetd/xmdns.c 2009-09-02 17:01:54.000000000 +0200 +@@ -109,7 +109,26 @@ int xinetd_mdns_init(void) { + ps.rws.mdns_state = NULL; + return -1; + } ++#ifdef HAVE_POLL ++ if ( ps.rws.pfds_last >= ps.rws.pfds_allocated ) ++ { ++ ps.rws.pfds_allocated += INIT_POLLFDS; ++ struct pollfd *tmp = (struct pollfd *)realloc( ps.rws.pfd_array, ++ ps.rws.pfds_allocated*sizeof(struct pollfd)); ++ if ( tmp == NULL ) ++ { ++ out_of_memory( func ); ++ return -1; ++ } ++ memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated- ++ ps.rws.pfds_last)*sizeof(struct pollfd)); ++ ps.rws.pfd_array = tmp; ++ } ++ ps.rws.pfd_array[ ps.rws.pfds_last ].fd = sw_discovery_socket(*(sw_discovery *)ps.rws.mdns_state); ++ ps.rws.pfd_array[ ps.rws.pfds_last++ ].events = POLLIN; ++#else + FD_SET( sw_discovery_socket(*(sw_discovery *)ps.rws.mdns_state), &ps.rws.socket_mask ) ; ++#endif + return 0; + #endif + } +diff -Nurp xinetd-2.3.14-orig/xinetd/xpoll.h xinetd-2.3.14-poll/xinetd/xpoll.h +--- xinetd-2.3.14-orig/xinetd/xpoll.h 1970-01-01 01:00:00.000000000 +0100 ++++ xinetd-2.3.14-poll/xinetd/xpoll.h 2009-09-02 11:30:27.000000000 +0200 +@@ -0,0 +1,23 @@ ++/* ++ * (c) Copyright 2009 by Red Hat Inc. ++ * All rights reserved. The file named COPYRIGHT specifies the terms ++ * and conditions for redistribution. ++ */ ++#include "config.h" ++#ifdef HAVE_POLL ++#ifndef _X_POLL_H ++#define _X_POLL_H ++ ++#include ++#include "defs.h" ++ ++ ++/* Field accessor methods for pollfd in defined in poll.h */ ++#define POLLFD_FD( pfd ) ( (pfd)->fd ) ++#define POLLFD_EVENTS( pfd ) ( (pfd)->events ) ++#define POLLFD_REVENTS( pfd ) ( (pfd)->revents ) ++ ++/* TODO: write memory management stuff in xpoll.c if needed */ ++ ++#endif /* _X_POLL_H */ ++#endif /* HAVE_POLL */ diff --git a/SOURCES/xinetd-2.3.14-readable-debuginfo.patch b/SOURCES/xinetd-2.3.14-readable-debuginfo.patch new file mode 100644 index 0000000..174791b --- /dev/null +++ b/SOURCES/xinetd-2.3.14-readable-debuginfo.patch @@ -0,0 +1,77 @@ +Generate debuginfo package with all include files readable. + +The support libraries would install their header files with 640 permissions, +which is not what we want. + +diff -up xinetd-2.3.14/libs/src/misc/Makefile.in.orig xinetd-2.3.14/libs/src/misc/Makefile.in +--- xinetd-2.3.14/libs/src/misc/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/misc/Makefile.in 2008-09-18 10:18:59.000000000 +0200 +@@ -49,7 +49,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a +diff -up xinetd-2.3.14/libs/src/portable/Makefile.in.orig xinetd-2.3.14/libs/src/portable/Makefile.in +--- xinetd-2.3.14/libs/src/portable/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/portable/Makefile.in 2008-09-18 10:19:09.000000000 +0200 +@@ -44,7 +44,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a +diff -up xinetd-2.3.14/libs/src/pset/Makefile.in.orig xinetd-2.3.14/libs/src/pset/Makefile.in +--- xinetd-2.3.14/libs/src/pset/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/pset/Makefile.in 2008-09-18 10:19:17.000000000 +0200 +@@ -41,7 +41,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a +diff -up xinetd-2.3.14/libs/src/sio/Makefile.in.orig xinetd-2.3.14/libs/src/sio/Makefile.in +--- xinetd-2.3.14/libs/src/sio/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/sio/Makefile.in 2008-09-18 10:19:25.000000000 +0200 +@@ -40,7 +40,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a +diff -up xinetd-2.3.14/libs/src/str/Makefile.in.orig xinetd-2.3.14/libs/src/str/Makefile.in +--- xinetd-2.3.14/libs/src/str/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/str/Makefile.in 2008-09-18 10:19:33.000000000 +0200 +@@ -51,7 +51,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a +diff -up xinetd-2.3.14/libs/src/xlog/Makefile.in.orig xinetd-2.3.14/libs/src/xlog/Makefile.in +--- xinetd-2.3.14/libs/src/xlog/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100 ++++ xinetd-2.3.14/libs/src/xlog/Makefile.in 2008-09-18 10:19:41.000000000 +0200 +@@ -46,7 +46,7 @@ CC_FLAGS = $(DEBUG) + CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) + + INSTALL = @INSTALL@ +-FMODE = -m 640 # used by install ++FMODE = -m 644 # used by install + RANLIB = @RANLIB@ + + LIBNAME = lib$(NAME).a diff --git a/SOURCES/xinetd-2.3.14-realloc-remove.patch b/SOURCES/xinetd-2.3.14-realloc-remove.patch new file mode 100644 index 0000000..6fd1902 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-realloc-remove.patch @@ -0,0 +1,134 @@ +diff -rup xinetd-2.3.14/xinetd/defs.h xinetd-2.3.14-mod/xinetd/defs.h +--- xinetd-2.3.14/xinetd/defs.h 2012-01-18 14:22:20.811100158 +0100 ++++ xinetd-2.3.14-mod/xinetd/defs.h 2012-01-18 13:32:46.000000000 +0100 +@@ -114,11 +114,7 @@ union xsockaddr { + * constants for limiting ps.rws.fd_list + */ + +-#ifdef HAVE_POLL +-#define INIT_POLLFDS 4096 +-/* FIXME: not used */ +-#define MAX_POLLFDS 16384 +-#endif ++#define MAX_FDS 4096 + + /* + * When explicit values are given for enum's, that is because the structures +diff -rup xinetd-2.3.14/xinetd/init.c xinetd-2.3.14-mod/xinetd/init.c +--- xinetd-2.3.14/xinetd/init.c 2012-01-18 14:22:20.779100171 +0100 ++++ xinetd-2.3.14-mod/xinetd/init.c 2012-01-18 14:07:34.000000000 +0100 +@@ -151,7 +151,7 @@ static void set_fd_limit(void) + } + + if ( rl.rlim_max == RLIM_INFINITY ) +- rl.rlim_max = FD_SETSIZE; ++ rl.rlim_max = MAX_FDS; + + ps.ros.max_descriptors = rl.rlim_max ; + #else /* ! RLIMIT_NOFILE */ +@@ -283,12 +283,12 @@ static void init_rw_state( void ) + ps.rws.descriptors_free = ps.ros.max_descriptors - DESCRIPTORS_RESERVED ; + + #ifdef HAVE_POLL +- ps.rws.pfds_allocated = INIT_POLLFDS ; ++ ps.rws.pfds_allocated = ps.ros.max_descriptors ; + ps.rws.pfd_array = (struct pollfd *) + malloc( sizeof( struct pollfd ) * ps.rws.pfds_allocated ) ; + if ( ps.rws.pfd_array == NULL ) + { +- out_of_memory(func); ++ out_of_memory(func) ; + exit( 1 ) ; + } + ps.rws.pfds_last = 0 ; +diff -rup xinetd-2.3.14/xinetd/redirect.c xinetd-2.3.14-mod/xinetd/redirect.c +--- xinetd-2.3.14/xinetd/redirect.c 2012-01-18 14:22:20.780100170 +0100 ++++ xinetd-2.3.14-mod/xinetd/redirect.c 2012-01-18 12:22:08.000000000 +0100 +@@ -149,7 +149,7 @@ void redir_handler( struct server *serp + #ifdef HAVE_POLL + #define REDIR_DESCRIP_INDEX 0 + #define REDIR_SERVER_INDEX 1 +- pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),MAX_FDS); + if (pfd_array == NULL) + { + msg( LOG_ERR, func, "Cannot allocate memory for file descriptors!\n"); +diff -rup xinetd-2.3.14/xinetd/service.c xinetd-2.3.14-mod/xinetd/service.c +--- xinetd-2.3.14/xinetd/service.c 2012-01-18 14:22:20.812100157 +0100 ++++ xinetd-2.3.14-mod/xinetd/service.c 2012-01-18 14:07:27.000000000 +0100 +@@ -114,10 +114,6 @@ struct service *svc_make_special( struct + + void svc_free( struct service *sp ) + { +-#ifdef HAVE_POLL +- *SVC_POLLFD( sp ) = ps.rws.pfd_array[--ps.rws.pfds_last] ; +-#endif /* HAVE_POLL */ +- + sc_free( SVC_CONF(sp) ) ; + CLEAR( *sp ) ; + FREE_SVC( sp ) ; +@@ -332,20 +328,10 @@ status_e svc_activate( struct service *s + } + + #ifdef HAVE_POLL +- if ( ps.rws.pfds_last >= ps.rws.pfds_allocated ) ++ if ( ps.rws.descriptors_free <= 0 ) + { +- int pos; +- ps.rws.pfds_allocated += INIT_POLLFDS; +- struct pollfd *tmp = (struct pollfd *)realloc( ps.rws.pfd_array, +- ps.rws.pfds_allocated*sizeof(struct pollfd)); +- if ( tmp == NULL ) +- { +- out_of_memory( func ); +- return( FAILED ); +- } +- ps.rws.pfd_array = tmp; +- memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated- +- ps.rws.pfds_last)*sizeof(struct pollfd)); ++ msg(LOG_ERR, func, "Maximum number of services reached") ; ++ return( FAILED ) ; + } + if ( sp->svc_pfd_index >= 0 ) + { +diff -rup xinetd-2.3.14/xinetd/tcpint.c xinetd-2.3.14-mod/xinetd/tcpint.c +--- xinetd-2.3.14/xinetd/tcpint.c 2012-01-18 14:22:20.782100169 +0100 ++++ xinetd-2.3.14-mod/xinetd/tcpint.c 2012-01-18 13:30:22.000000000 +0100 +@@ -93,7 +93,7 @@ static void si_mux(void) + #ifdef HAVE_POLL + struct pollfd *pfd_array; + int pfds_last = 0; +- int pfds_allocated = INIT_POLLFDS; ++ int pfds_allocated = MAX_FDS; + #else + fd_set socket_mask ; + int mask_max ; +@@ -102,7 +102,7 @@ static void si_mux(void) + const char *func = "si_mux" ; + + #ifdef HAVE_POLL +- pfd_array = calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ pfd_array = calloc(sizeof(struct pollfd),MAX_FDS); + pfd_array[ pfds_last ].fd = INT_REMOTE( ip ) ; + pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT; + #else +diff -rup xinetd-2.3.14/xinetd/udpint.c xinetd-2.3.14-mod/xinetd/udpint.c +--- xinetd-2.3.14/xinetd/udpint.c 2012-01-18 14:22:20.783100169 +0100 ++++ xinetd-2.3.14-mod/xinetd/udpint.c 2012-01-18 12:22:00.000000000 +0100 +@@ -103,14 +103,14 @@ static void di_mux(void) + #ifdef HAVE_POLL + struct pollfd *pfd_array; + int pfds_last = 0; +- int pfds_allocated = INIT_POLLFDS; ++ int pfds_allocated = MAX_FDS; + #else + fd_set socket_mask ; + int mask_max ; + #endif + + #ifdef HAVE_POLL +- pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS); ++ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),MAX_FDS); + pfd_array[ pfds_last ].fd = INT_REMOTE( ip ); + pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT; + #else diff --git a/SOURCES/xinetd-2.3.14-retry-svc-activate-in-cps-restart.patch b/SOURCES/xinetd-2.3.14-retry-svc-activate-in-cps-restart.patch new file mode 100644 index 0000000..7ff5c0b --- /dev/null +++ b/SOURCES/xinetd-2.3.14-retry-svc-activate-in-cps-restart.patch @@ -0,0 +1,54 @@ +diff -Napur xinetd-2.3.14.old/xinetd/access.c xinetd-2.3.14.new/xinetd/access.c +--- xinetd-2.3.14.old/xinetd/access.c 2005-10-05 10:15:33.000000000 -0700 ++++ xinetd-2.3.14.new/xinetd/access.c 2012-02-22 20:12:09.120973124 -0800 +@@ -89,9 +89,20 @@ static void cps_service_restart(void) + msg(LOG_ERR, func, + "Activating service %s", SC_NAME(scp)); + } else { +- msg(LOG_ERR, func, +- "Error activating service %s", +- SC_NAME(scp)) ; ++ /* Try to restart the service */ ++ SVC_ATTEMPTS(sp) += 1; ++ if ( SVC_ATTEMPTS(sp) < MAX_SVC_ATTEMPTS ) { ++ msg(LOG_ERR, func, ++ "Error activating service %s, retrying %d more time(s)...", ++ SC_NAME(scp), ++ MAX_SVC_ATTEMPTS - SVC_ATTEMPTS(sp)); ++ xtimer_add(cps_service_restart, 1); ++ } else { ++ /* Give up */ ++ msg(LOG_ERR, func, ++ "Error activating service %s", ++ SC_NAME(scp)); ++ } + } /* else */ + } + } +diff -Napur xinetd-2.3.14.old/xinetd/service.c xinetd-2.3.14.new/xinetd/service.c +--- xinetd-2.3.14.old/xinetd/service.c 2012-02-22 19:16:56.288912783 -0800 ++++ xinetd-2.3.14.new/xinetd/service.c 2012-02-22 19:25:03.059356909 -0800 +@@ -397,6 +408,7 @@ status_e svc_activate( struct service *s + * Initialize the service data + */ + SVC_RUNNING_SERVERS(sp) = SVC_RETRIES(sp) = 0 ; ++ SVC_ATTEMPTS(sp) = 0; + + if ( SC_MUST_LISTEN( scp ) ) + (void) listen( SVC_FD(sp), LISTEN_BACKLOG ) ; +diff -Napur xinetd-2.3.14.old/xinetd/xconfig.h xinetd-2.3.14.new/xinetd/xconfig.h +--- xinetd-2.3.14.old/xinetd/xconfig.h 2003-02-19 09:29:28.000000000 -0800 ++++ xinetd-2.3.14.new/xinetd/xconfig.h 2012-02-22 19:20:20.360855514 -0800 +@@ -59,6 +59,12 @@ + #define DEFAULT_LOOP_TIME 10 + + /* ++ * The number of times to attempt re-activating a service after being ++ * deactivated due to the above. ++ */ ++#define MAX_SVC_ATTEMPTS 30 ++ ++/* + * Signal-to-action mapping + */ + #ifndef RECONFIG_HARD_SIG diff --git a/SOURCES/xinetd-2.3.14-rpc-specific-port.patch b/SOURCES/xinetd-2.3.14-rpc-specific-port.patch new file mode 100644 index 0000000..19376fd --- /dev/null +++ b/SOURCES/xinetd-2.3.14-rpc-specific-port.patch @@ -0,0 +1,30 @@ +commit 1b91f7b0f67fba11ea8bbcdddef844656434c53c +Author: Jeffrey Bastian +Date: Tue Aug 17 13:45:20 2010 -0500 + + Let RPC services bind to a port + +diff --git a/xinetd/service.c b/xinetd/service.c +index 9f21f93..5d26885 100644 +--- a/xinetd/service.c ++++ b/xinetd/service.c +@@ -165,6 +165,7 @@ static status_e activate_rpc( struct service *sp ) + socklen_t sin_len = sizeof(tsin); + unsigned long vers ; + struct service_config *scp = SVC_CONF( sp ) ; ++ uint16_t service_port = SC_PORT( scp ) ; + struct rpc_data *rdp = SC_RPCDATA( scp ) ; + char *sid = SC_ID( scp ) ; + unsigned registered_versions = 0 ; +@@ -181,9 +182,11 @@ static status_e activate_rpc( struct service *sp ) + } + if( SC_IPV4( scp ) ) { + tsin.sa_in.sin_family = AF_INET ; ++ tsin.sa_in.sin_port = htons( service_port ) ; + sin_len = sizeof(struct sockaddr_in); + } else if( SC_IPV6( scp ) ) { + tsin.sa_in6.sin6_family = AF_INET6 ; ++ tsin.sa_in6.sin6_port = htons( service_port ); + sin_len = sizeof(struct sockaddr_in6); + } + diff --git a/SOURCES/xinetd-2.3.14-signal-log-hang.patch b/SOURCES/xinetd-2.3.14-signal-log-hang.patch new file mode 100644 index 0000000..18fd1a1 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-signal-log-hang.patch @@ -0,0 +1,27 @@ +--- a/xinetd/signals.c 2009-05-07 05:56:52.000000000 -0400 ++++ b/xinetd/signals.c.new 2009-05-07 05:56:44.000000000 -0400 +@@ -389,9 +390,11 @@ + break ; + + default: +- msg( LOG_NOTICE, func, "Unexpected signal %s", sig_name( sig ) ) ; +- if ( debug.on && sig == SIGINT ) +- exit( 1 ) ; ++ /* Let my_handler() queue this signal for later logging. ++ Calling msg() and thus syslog() directly here can hang up ++ the process, trying to acquire an already acquired lock, ++ because another syslog() could have been the interrupted code. */ ++ my_handler(sig); + } + } + +@@ -495,6 +497,9 @@ + default: + msg(LOG_ERR, func, "unexpected signal: %s in signal pipe", + sig_name(sig)); ++ ++ if ( debug.on && sig == SIGINT ) ++ exit( 1 ) ; + } + } + } diff --git a/SOURCES/xinetd-2.3.14-tcpmux.patch b/SOURCES/xinetd-2.3.14-tcpmux.patch new file mode 100644 index 0000000..dd93a67 --- /dev/null +++ b/SOURCES/xinetd-2.3.14-tcpmux.patch @@ -0,0 +1,16 @@ +--- xinetd-2.3.14/xinetd/service.c.tcpmux 2010-01-21 09:50:05.000000000 +0100 ++++ xinetd-2.3.14/xinetd/service.c 2010-01-21 10:21:14.000000000 +0100 +@@ -952,7 +952,12 @@ void close_all_svc_descriptors(void) + out_of_memory( "close_all_svc_descriptors" ) ; + + for ( osp = SP( psi_start( iter ) ) ; osp ; osp = SP( psi_next( iter ) ) ) +- (void) Sclose( SVC_FD( osp ) ) ; ++ { ++#ifdef HAVE_POLL ++ if ( osp && SVC_POLLFD( osp ) ) ++#endif ++ (void) Sclose( SVC_FD( osp ) ) ; ++ } + + psi_destroy( iter ) ; + } diff --git a/SOURCES/xinetd-2.3.14-udp-reconfig.patch b/SOURCES/xinetd-2.3.14-udp-reconfig.patch new file mode 100644 index 0000000..07e733e --- /dev/null +++ b/SOURCES/xinetd-2.3.14-udp-reconfig.patch @@ -0,0 +1,12 @@ +--- xinetd-2.3.14/xinetd/reconfig.c.orig 2010-06-01 12:58:18.000000000 +0200 ++++ xinetd-2.3.14/xinetd/reconfig.c 2010-06-01 12:58:23.000000000 +0200 +@@ -138,8 +138,8 @@ void hard_reconfig( void ) + * b. Terminate running servers and cancel retry attempts, in case + * of reconfiguration + */ +- svc_deactivate( osp ) ; + terminate_servers( osp ) ; ++ svc_deactivate( osp ) ; + cancel_service_retries( osp ) ; + + /* diff --git a/SOURCES/xinetd-2.3.15-PIE.patch b/SOURCES/xinetd-2.3.15-PIE.patch new file mode 100644 index 0000000..d601949 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-PIE.patch @@ -0,0 +1,22 @@ +--- xinetd-2.3.15/Makefile.in 2012-05-14 09:22:22.661617117 +0200 ++++ xinetd-2.3.15.new/Makefile.in 2012-05-14 09:32:05.260103054 +0200 +@@ -14,7 +14,7 @@ topdir = @top_srcdir@ + + LIBS = -lsio -lstr -lmisc -lxlog -lportable -lpset @LIBS@ + +-CFLAGS += @CFLAGS@ ++CFLAGS += @CFLAGS@ -fPIE + DCFLAGS = -Wall -Wredundant-decls -W -Wfloat-equal -Wundef -Wcast-qual -Wwrite-strings -Wmissing-noreturn -Wmissing-format-attribute -Wshadow -Wpointer-arith -Wno-unused -g + + +--- xinetd-2.3.15/xinetd/Makefile.in 2005-03-31 01:15:28.000000000 +0200 ++++ xinetd-2.3.15.new/xinetd/Makefile.in 2012-05-14 09:32:24.183659971 +0200 +@@ -119,7 +119,7 @@ itox: itox.c + $(CC) $(CFLAGS) $(DEBUG) $(SRCDIR)/itox.c -o $@ $(LDFLAGS) $(LIBS) + + xinetd: $(OBJS) +- $(CC) $(CFLAGS) $(DEBUG) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@ ++ $(CC) $(CFLAGS) $(DEBUG) -o $@ -PIE $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@ + + clean: + rm -f $(OBJS) $(NAME) core itox diff --git a/SOURCES/xinetd-2.3.15-bad-port-check.patch b/SOURCES/xinetd-2.3.15-bad-port-check.patch new file mode 100644 index 0000000..7849a96 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-bad-port-check.patch @@ -0,0 +1,106 @@ +Re-introduce bad_port_check(), which upstream dropped between 2.3.13 and 2.3.14 +for it having been "rather antiquated for years", with no justification given +for that claim. + +--- xinetd-2.3.15/xinetd/builtins.c 2012-05-09 17:40:29.000000000 +0200 ++++ xinetd-2.3.15.new/xinetd/builtins.c 2012-05-14 10:25:00.431529805 +0200 +@@ -52,6 +52,7 @@ static void dgram_daytime(const struct s + static void stream_chargen(const struct server *) ; + static void dgram_chargen(const struct server *) ; + static void tcpmux_handler(const struct server *) ; ++static int bad_port_check(const union xsockaddr *, const char *); + + /* + * SG - This is the call sequence to get to a built-in service +@@ -163,6 +164,25 @@ static void stream_echo( const struct se + Sclose(descriptor); + } + ++/* For internal UDP services, make sure we don't respond to our ports ++ * on other servers and to low ports of other services (such as DNS). ++ * This can cause looping. ++ */ ++static int bad_port_check( const union xsockaddr *sa, const char *func ) ++{ ++ uint16_t port = 0; ++ ++ port = ntohs( xaddrport( sa ) ); ++ ++ if ( port < 1024 ) { ++ msg(LOG_WARNING, func, ++ "Possible Denial of Service attack from %s %d", xaddrname(sa), port); ++ return (-1); ++ } ++ ++ return (0); ++} ++ + static void dgram_echo( const struct server *serp ) + { + char buf[ DATAGRAM_SIZE ] ; +@@ -170,6 +190,7 @@ static void dgram_echo( const struct ser + ssize_t cc ; + socklen_t sin_len = 0; + int descriptor = SERVER_FD( serp ) ; ++ const char *func = "dgram_echo" ; + + if( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) ) + sin_len = sizeof( struct sockaddr_in ); +@@ -178,6 +199,7 @@ static void dgram_echo( const struct ser + + cc = recvfrom( descriptor, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len ) ; + if ( cc != (ssize_t)-1 ) { ++ if( bad_port_check(&lsin, func) != 0 ) return; + (void) sendto( descriptor, buf, (size_t)cc, 0, SA( &lsin ), sizeof( lsin ) ) ; + } + } +@@ -292,6 +314,7 @@ static void dgram_daytime( const struct + unsigned int buflen = sizeof( time_buf ) ; + int descriptor = SERVER_FD( serp ) ; + ssize_t val; ++ const char *func = "dgram_daytime" ; + + if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) ) + sin_len = sizeof( struct sockaddr_in ); +@@ -303,6 +326,8 @@ static void dgram_daytime( const struct + if ( val == (ssize_t)-1 ) + return ; + ++ if( bad_port_check(&lsin, func) != 0 ) return; ++ + daytime_protocol( time_buf, &buflen ) ; + + (void) sendto( descriptor, time_buf, buflen, 0, SA(&lsin), sizeof( lsin ) ) ; +@@ -359,6 +384,7 @@ static void dgram_time( const struct ser + socklen_t sin_len = 0 ; + int fd = SERVER_FD( serp ) ; + ssize_t val; ++ const char *func = "dgram_time" ; + + if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) ) + sin_len = sizeof( struct sockaddr_in ); +@@ -368,6 +394,7 @@ static void dgram_time( const struct ser + val = recvfrom( fd, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len ); + if ( val == (ssize_t)-1 ) + return ; ++ if( bad_port_check(&lsin, func) != 0 ) return; + + time_protocol( time_buf ) ; + (void) sendto( fd, (char *) time_buf, 4, 0, SA( &lsin ), sin_len ) ; +@@ -466,6 +493,7 @@ static void dgram_chargen( const struct + int fd = SERVER_FD( serp ) ; + unsigned int left = sizeof( buf ) ; + ssize_t val; ++ const char *func = "dgram_chargen" ; + + if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) ) + sin_len = sizeof( struct sockaddr_in ); +@@ -480,6 +508,8 @@ static void dgram_chargen( const struct + bad_variable = 1 ; /* this will cause a compilation error */ + #endif + ++ if( bad_port_check(&lsin, func) != 0 ) return; ++ + for ( p = buf ; left > 2 ; left -= len, p += len ) + { + len = min( LINE_LENGTH+2, left ) ; diff --git a/SOURCES/xinetd-2.3.15-context-exepath.patch b/SOURCES/xinetd-2.3.15-context-exepath.patch new file mode 100644 index 0000000..1ecc432 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-context-exepath.patch @@ -0,0 +1,11 @@ +--- xinetd-2.3.15/xinetd/child.c 2013-06-25 14:12:24.599767760 +0200 ++++ xinetd-2.3.15/xinetd/child.c.new 2013-06-25 14:14:57.463905500 +0200 +@@ -532,7 +532,7 @@ static int set_context_from_socket( cons + if (getpeercon(fd, &peer_context) < 0) + goto fail; + +- exepath = SC_SERVER_ARGV( scp )[0]; ++ exepath = SC_SERVER( scp ); + if (getfilecon(exepath, &exec_context) < 0) + goto fail; + diff --git a/SOURCES/xinetd-2.3.15-covscan.patch b/SOURCES/xinetd-2.3.15-covscan.patch new file mode 100644 index 0000000..6a6a134 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-covscan.patch @@ -0,0 +1,49 @@ +diff --git a/xinetd/inet.c b/xinetd/inet.c +index 1cb2ba2..4e1237e 100644 +--- a/xinetd/inet.c ++++ b/xinetd/inet.c +@@ -190,7 +190,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, + nvp = nv_find_value( service_types, "RPC" ); + if ( nvp == NULL ) + { +- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; ++ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ; + pset_destroy(args); + sc_free(scp); + return -1; +@@ -281,7 +281,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, + nvp = nv_find_value( service_types, "INTERNAL" ); + if ( nvp == NULL ) + { +- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; ++ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ; + pset_destroy(args); + sc_free(scp); + return -1; +@@ -359,7 +359,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, + nvp = nv_find_value( service_flags, "REUSE" ); + if ( nvp == NULL ) + { +- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; ++ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ; + pset_destroy(args); + sc_free(scp); + return -1; +@@ -370,7 +370,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, + nvp = nv_find_value( service_flags, "NOLIBWRAP" ); + if ( nvp == NULL ) + { +- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; ++ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ; + pset_destroy(args); + sc_free(scp); + return -1; +@@ -381,7 +381,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, + nvp = nv_find_value( service_flags, "NAMEINARGS" ); + if ( nvp == NULL ) + { +- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; ++ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ; + pset_destroy(args); + sc_free(scp); + return (-1); diff --git a/SOURCES/xinetd-2.3.15-creds.patch b/SOURCES/xinetd-2.3.15-creds.patch new file mode 100644 index 0000000..a9f1db9 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-creds.patch @@ -0,0 +1,15 @@ +Patch by Thomas Swan + +diff --git a/xinetd/builtins.c b/xinetd/builtins.c +index e61502f..a414cf3 100644 +--- a/xinetd/builtins.c ++++ b/xinetd/builtins.c +@@ -695,7 +695,7 @@ static void tcpmux_handler( const struct server *serp ) + if( SC_IS_INTERNAL( scp ) ) { + SC_INTERNAL(scp, nserp); + } else { +- exec_server(nserp); ++ child_process(nserp); + } + } + diff --git a/SOURCES/xinetd-2.3.15-pie.patch b/SOURCES/xinetd-2.3.15-pie.patch new file mode 100644 index 0000000..255a10a --- /dev/null +++ b/SOURCES/xinetd-2.3.15-pie.patch @@ -0,0 +1,22 @@ +--- xinetd-2.3.15/Makefile.in 2012-05-14 09:22:22.661617117 +0200 ++++ xinetd-2.3.15.new/Makefile.in 2012-05-14 09:32:05.260103054 +0200 +@@ -14,7 +14,7 @@ topdir = @top_srcdir@ + + LIBS = -lsio -lstr -lmisc -lxlog -lportable -lpset @LIBS@ + +-CFLAGS += @CFLAGS@ ++CFLAGS += @CFLAGS@ -fpie + DCFLAGS = -Wall -Wredundant-decls -W -Wfloat-equal -Wundef -Wcast-qual -Wwrite-strings -Wmissing-noreturn -Wmissing-format-attribute -Wshadow -Wpointer-arith -Wno-unused -g + + +--- xinetd-2.3.15/xinetd/Makefile.in 2005-03-31 01:15:28.000000000 +0200 ++++ xinetd-2.3.15.new/xinetd/Makefile.in 2012-05-14 09:32:24.183659971 +0200 +@@ -119,7 +119,7 @@ itox: itox.c + $(CC) $(CFLAGS) $(DEBUG) $(SRCDIR)/itox.c -o $@ $(LDFLAGS) $(LIBS) + + xinetd: $(OBJS) +- $(CC) $(CFLAGS) $(DEBUG) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@ ++ $(CC) $(CFLAGS) $(DEBUG) -o $@ -pie $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@ + + clean: + rm -f $(OBJS) $(NAME) core itox diff --git a/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch b/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch new file mode 100644 index 0000000..a42bd84 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch @@ -0,0 +1,50 @@ +Xinetd parses and applies its configuration line by line. If a user wants to +specify NAMEINARGS as a flag, it has to be *before* specifying 'server_args'. + +Author: Jan Synacek +Resolves: #1033528 + +--- a/xinetd/parse.c 2013-11-21 10:51:25.025436376 +0100 ++++ b/xinetd/parse.c 2013-11-21 14:45:44.374121057 +0100 +@@ -633,7 +633,28 @@ static status_e identify_attribute( entr + + if ( (*ap->a_parser)( attr_values, scp, op ) == OK ) + { /* This is the normal path. */ +- SC_SPECIFY( scp, ap->a_id ) ; ++ /* If flags contain NAMEINARGS and server_args is already set, disable the service. ++ Server args are already set incorrectly. */ ++ if ( strcmp( ap->a_name, "flags" ) == 0 && ++ SC_SERVER_ARGV( scp ) ) ++ { ++ int i = 0, n = pset_count( attr_values ) ; ++ for ( ; i < n ; i++ ) { ++ char *v = (char *)pset_pointer( attr_values, i ) ; ++ if ( strcmp( v, "NAMEINARGS" ) == 0 ) ++ break ; ++ } ++ ++ if ( i != n ) { ++ parsemsg( LOG_ERR, func, ++ "NAMEINARGS flag is set after server_args - DISABLING SERVICE" ) ; ++ SC_DISABLE( scp ) ; ++ } ++ } ++ else ++ { ++ SC_SPECIFY( scp, ap->a_id ) ; ++ } + } + else if ( entry_type == SERVICE_ENTRY ) + { +--- a/xinetd/xinetd.conf.man 2013-12-03 10:06:35.717977075 +0100 ++++ b/xinetd/xinetd.conf.man 2013-12-03 10:41:14.779089430 +0100 +@@ -106,7 +106,8 @@ + This will cause the first argument in "server_args" to be argv[0] when + executing the server, as specified in "server". This allows you to use + tcpd by putting tcpd in "server" and the name of the server in "server_args" +-like in normal inetd. ++like in normal inetd. This flag has to be specified before "server_args", ++otherwise is not taken into account. + .TP + .B NODELAY + If the service is a tcp service and the NODELAY flag is set, then the diff --git a/SOURCES/xinetd.service b/SOURCES/xinetd.service new file mode 100644 index 0000000..abf097d --- /dev/null +++ b/SOURCES/xinetd.service @@ -0,0 +1,16 @@ +[Unit] +Description=Xinetd A Powerful Replacement For Inetd +After=syslog.target network.target +Documentation=man:xinetd +Documentation=man:xinetd.conf +Documentation=man:xinetd.log + +[Service] +Type=forking +PIDFile=/var/run/xinetd.pid +ExecStart=/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid +ExecReload=/usr/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target + diff --git a/SPECS/xinetd.spec b/SPECS/xinetd.spec new file mode 100644 index 0000000..ca2a8ca --- /dev/null +++ b/SPECS/xinetd.spec @@ -0,0 +1,451 @@ +Summary: A secure replacement for inetd +Name: xinetd +Version: 2.3.15 +Release: 24%{?dist} +License: xinetd +Group: System Environment/Daemons +Epoch: 2 +URL: https://github.com/xinetd-org/xinetd +# source can be downloaded at +# https://github.com/xinetd-org/xinetd/archive/xinetd-2-3-15.tar.gz +Source: xinetd-%{version}.tar.gz +Source1: xinetd.service +Patch0: xinetd-2.3.15-pie.patch +Patch4: xinetd-2.3.14-bind-ipv6.patch +Patch6: xinetd-2.3.14-man-section.patch +Patch7: xinetd-2.3.15-PIE.patch +Patch8: xinetd-2.3.14-ident-bind.patch +Patch9: xinetd-2.3.14-readable-debuginfo.patch +# Patch for clean reconfiguration using newer versions of autotools +Patch10: xinetd-2.3.14-autoconf.patch +# Completely rewritten socket handling code (it uses poll() instead +# of select() function) +Patch11: xinetd-2.3.14-poll.patch +# New configuration option (limit for files opened by child process) +Patch12: xinetd-2.3.14-file-limit.patch +# When using tcpmux, xinetd ended up with sigsegv +# (detection of NULL pointer in pollfd structure was missing) +Patch13: xinetd-2.3.14-tcpmux.patch +# When service is destroyed, destroy also its +# file descriptor in array given to poll function +Patch14: xinetd-2.3.14-clean-pfd.patch +# xinetd confuses ipv6 and ipv4 port parsing +# - furtunately, they have the same format, so everything +# works even without this patch +Patch15: xinetd-2.3.14-ipv6confusion.patch +# This fixes bug #593904 - online reconfiguration caused log message +# flood when turning off UDP service +Patch16: xinetd-2.3.14-udp-reconfig.patch +Patch18: xinetd-2.3.14-rpc-specific-port.patch +Patch19: xinetd-2.3.14-signal-log-hang.patch +Patch20: xinetd-2.3.14-fix-type-punned-ptr.patch +# Fix leaking file descriptors and pfd_array wasting +# This fixes #702670 +Patch21: xinetd-2.3.14-leaking-fds.patch +# Fix memory corruption when loading a large number of services +# This fixes #720390 +Patch22: xinetd-2.3.14-many-services.patch +# Remove realloc of fds that was causing memory corruption +Patch23: xinetd-2.3.14-realloc-remove.patch +# Fix leaking descriptor when starting a service fails +Patch24: xinetd-2.3.14-leaking-fds-2a.patch +# Fix #770858 - Instances limit in xinetd can be easily bypassed +Patch25: xinetd-2.3.14-instances.patch +# Fix #809272 - Service disabled due to bind failure +Patch26: xinetd-2.3.14-retry-svc-activate-in-cps-restart.patch +Patch27: xinetd-2.3.15-bad-port-check.patch +# Fix #977873 - Use full path to server when checking selinux context +Patch28: xinetd-2.3.15-context-exepath.patch +Patch29: xinetd-2.3.15-creds.patch +# Fix #1033528 - xinetd segfaults when connecting to tcpmux service +Patch30: xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch +Patch31: xinetd-2.3.15-covscan.patch + +BuildRequires: autoconf, automake, libtirpc-devel +BuildRequires: libselinux-devel >= 1.30 +BuildRequires: systemd-units +Requires(post): systemd-sysv +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units +Requires: filesystem >= 2.0.1, setup +Provides: inetd + + +%description +Xinetd is a secure replacement for inetd, the Internet services +daemon. Xinetd provides access control for all services based on the +address of the remote host and/or on time of access and can prevent +denial-of-access attacks. Xinetd provides extensive logging, has no +limit on the number of server arguments, and lets you bind specific +services to specific IP addresses on your host machine. Each service +has its own specific configuration file for Xinetd; the files are +located in the /etc/xinetd.d directory. + +%prep +%setup -q + +# SPARC/SPARC64 needs -fPIE/-PIE +# This really should be detected by configure. +%ifarch sparcv9 sparc64 +%patch7 -p1 -b .PIE +%else +%patch0 -p1 -b .pie +%endif +%patch4 -p1 -b .bind +%patch6 -p1 -b .man-section +%patch8 -p1 -b .ident-bind +%patch9 -p1 -b .readable-debuginfo +%patch10 -p1 -b .autoconf +%patch11 -p1 -b .poll +%patch12 -p1 -b .file-limit +%patch13 -p1 -b .tcpmux +%patch14 -p1 -b .clean-pfd +%patch15 -p1 -b .ipv6confusion +%patch16 -p1 -b .udp-reconfig +%patch18 -p1 -b .rpc-specific-port +%patch19 -p1 -b .signal-log-hang +%patch20 -p1 -b .fix-type-punned-ptr +%patch21 -p1 -b .leaking-fds +%patch22 -p1 -b .many-services +%patch23 -p1 -b .realloc-remove +%patch24 -p1 -b .leaking-fds-2a +%patch25 -p1 -b .instances +%patch26 -p1 -b .retry-svc-activate +%patch27 -p1 -b .bad-port-check +%patch28 -p1 -b .context-exepath +%patch29 -p1 -b .creds +%patch30 -p1 +%patch31 -p1 + +aclocal +autoconf + +%build +# -pie -PIE flags added by separate patches +%configure --with-loadavg --with-inet6 --with-labeled-networking +make CFLAGS="$CFLAGS $(pkg-config --cflags libtirpc)" LDFLAGS="$LDFLAGS $(pkg-config --libs libtirpc) -Wl,-z,relro,-z,now" + +%install +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +mkdir -m 700 -p $RPM_BUILD_ROOT/etc/xinetd.d/ +# Remove unneeded service +rm -f contrib/xinetd.d/ftp-sensor +%make_install DAEMONDIR=$RPM_BUILD_ROOT/usr/sbin MANDIR=$RPM_BUILD_ROOT/%{_mandir} +install -m 600 contrib/xinetd.conf $RPM_BUILD_ROOT/etc +install -m 600 contrib/xinetd.d/* $RPM_BUILD_ROOT/etc/xinetd.d +install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir} + +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/itox* +rm -f $RPM_BUILD_ROOT/usr/sbin/itox +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/xconv.pl* +rm -f $RPM_BUILD_ROOT/usr/sbin/xconv.pl + +%post +%systemd_post xinetd.service + +%preun +%systemd_preun xinetd.service + +%postun +%systemd_postun_with_restart xinetd.service + +%files +%doc CHANGELOG COPYRIGHT README xinetd/sample.conf contrib/empty.conf +%config(noreplace) /etc/xinetd.conf +%{_unitdir}/xinetd.service +%config(noreplace) /etc/xinetd.d/* +/usr/sbin/xinetd +%{_mandir}/*/* + +%changelog +* Mon Aug 5 2019 Jan Synáček - 2:2.3.15-24 +- fix covscan (#1607030) + +* Tue May 22 2018 Jan Synáček - 2:2.3.15-23 +- fix compilation, missing rpc headers (#1580970) + +* Mon Dec 4 2017 Jan Synáček - 2:2.3.15-22 +- remove build dependency on tcp_wrappers (#1518797) + +* Tue Nov 07 2017 Igor Gnatenko - 2:2.3.15-21 +- Remove old crufty coreutils requires + +* Thu Aug 03 2017 Fedora Release Engineering - 2:2.3.15-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2:2.3.15-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 2:2.3.15-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Feb 05 2016 Fedora Release Engineering - 2:2.3.15-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jun 19 2015 Fedora Release Engineering - 2:2.3.15-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Aug 18 2014 Fedora Release Engineering - 2:2.3.15-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 2:2.3.15-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Mon Feb 24 2014 Jan Synáček - 2:2.3.15-13 +- drop sysconfig-related stuff +- add documentation reference to the service file + +* Tue Jan 14 2014 Jan Synáček - 2:2.3.15-12 +- fix bad URL + +* Fri Dec 13 2013 Jan Synáček - 2:2.3.15-11 +- fixup of the previous patch +- Resolves: #1042652 +- Related: #1033528 + +* Tue Dec 3 2013 Jan Synáček - 2:2.3.15-10 +- xinetd segfaults when connecting to tcpmux service +- Resolves: #1033528 + +* Fri Oct 4 2013 Jan Synáček - 2:2.3.15-9 +- xinetd should not depend on NetworkManager-wait-online +- Resolves: #1002294 + +* Thu Oct 3 2013 Jan Synáček - 2:2.3.15-8 +- Honor user and group directives +- Resolves: CVE-2013-4342 + +* Sun Aug 04 2013 Fedora Release Engineering - 2:2.3.15-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Jun 26 2013 Jan Synáček - 2:2.3.15-6 +- Use full path to server when checking selinux context +- Resolves: #977873 + +* Fri Feb 15 2013 Fedora Release Engineering - 2:2.3.15-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Mon Sep 03 2012 Jan Synáček - 2:2.3.15-4 +- Change config files' permissions +- Resolves: #853144 + +* Wed Aug 22 2012 Jan Synáček - 2:2.3.15-3 +- Replace the makeinstall macro +- Add systemd-rpm macros +- Resolves: #850370 + +* Sun Jul 22 2012 Fedora Release Engineering - 2:2.3.15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon May 14 2012 Jan Synáček - 2:2.3.15-1 +- Update to 2.3.15 +- Drop patches merged by upstream + (-log-crash, -tcp_rpc, -label, -contextconf, -ssize_t) +- Update -pie, -PIE, -poll patch +- Resolves: #820927 +- Add -bad-port-check patch + +* Fri Apr 13 2012 Jan Synáček - 2:2.3.14-46 +- Fix: service file: avoid problems when name resolution is not ready +- Resolves: #748931 + +* Fri Apr 13 2012 Jan Synáček - 2:2.3.14-45 +- Fix: Service disabled due to bind failure +- Update patch: xinetd-2.3.14-leaking-fds-2.patch +- Resolves: #809272 + +* Mon Mar 05 2012 Jan Synáček - 2:2.3.14-44 +- Fix: Instances limit in xinetd can be easily bypassed +- Resolves: #770858 + +* Mon Mar 05 2012 Jan Synáček - 2:2.3.14-43 +- Fix xinetd.service permissions +- Remove useless INSTALL from package documentation +- Implement reload in xinetd.service + +* Fri Mar 02 2012 Jan Synáček - 2:2.3.14-42 +- Fix leaking descriptor when starting a service fails (#795188) + +* Wed Jan 18 2012 Jan Synáček - 2:2.3.14-41 +- Remove realloc inside svc_activate that was causing memory corruption +- Number of alloc'd file descriptors is now determined by system limits (ulimit -n) +- Add patch -realloc-remove + +* Tue Jan 17 2012 Jan Synáček - 2:2.3.14-40 +- Fix memory corruption when loading a large number of services +- Resolves #720390 + +* Mon Jan 16 2012 Jan Synáček - 2:2.3.14-39 +- Fix leaking file descriptors +- Resolves: #702670 + +* Sat Jan 14 2012 Fedora Release Engineering - 2:2.3.14-38 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Sep 12 2011 Tom Callaway - 2:2.3.14-37 +- covert to systemd + +* Thu Apr 21 2011 Vojtech Vitek (V-Teq) - 2:2.3.14-36 +- Fix build warning about "dereferencing type-punned pointer" + Related: #695674 +- Avoid possible hang while logging an unexpected signal + Related: #501604 +- Let RPC services bind to a specific port + Related: #624800 + +* Fri Feb 18 2011 Vojtech Vitek (V-Teq) - 2:2.3.14-35 +- fix crash when application's logfile hit size limit + Related: #244063 + +* Mon Feb 14 2011 Vojtech Vitek (V-Teq) - 2:2.3.14-34 +- Add -Wl,-z,relro,-z,now to LDFLAGS + +* Mon Feb 07 2011 Fedora Release Engineering - 2:2.3.14-33 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Jun 02 2010 Jan Zeleny - 2:2.3.14-32 +- fixed log message flooding when turning off UDP service during online + reconfiguration (#593904) + +* Fri Mar 19 2010 Jan Zeleny - 2:2.3.14-31 +- corrected port parsing code (IPv4 and IPv6 were switched) +- commented patches I'm familiar with in spec file + +* Fri Mar 19 2010 Jan Zeleny - 2:2.3.14-30 +- fixed flooding log with error messages when disabled service at runtime +- updated release number to 30 to prevent rpm from detecting this as downgrade + +* Thu Jan 21 2010 Jan Zeleny - 2:2.3.14-28 +- fixed issue with tcpmux service (#543968) + +* Tue Oct 20 2009 Jan Zeleny - 2:2.3.14-27 +- last update of init script modified to work with SELinux correctly +- added support for new configuration option - file limit for service + +* Mon Oct 12 2009 Jan Zeleny - 2:2.3.14-26 +- updated init script (LSB compliance - #528154) + +* Thu Sep 17 2009 Jan Zeleny - 2:2.3.14-25 +- correction of last patch replacing select() with poll() + +* Mon Sep 14 2009 Jan Zeleny - 2:2.3.14-24 +- select() function and it's supporting macros replaced by poll() and it's supporting macros +- added patch of configure.in for clean compilation + +* Mon Jul 27 2009 Fedora Release Engineering - 2:2.3.14-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Feb 26 2009 Fedora Release Engineering - 2:2.3.14-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Thu Sep 18 2008 Jan Safranek - 2:2.3.14-21 +- fix glitches found during package review (#226560) +- make all files in .debuginfo package readable by everyone + +* Wed Jul 16 2008 Jan Safranek - 2:2.3.14-20 +- fix wrong bind() call (#448069) + +* Thu May 29 2008 Tom "spot" Callaway - 2:2.3.14-19 +- fix sparc fPIE issues + +* Thu Jan 31 2008 Jan Safranek - 2:2.3.14-18 +- fixed LABEL flag (#430929) + +* Wed Jan 30 2008 Jan Safranek - 2:2.3.14-17 +- fixing init scripts (#430816) + +* Mon Jan 28 2008 Jan Safranek - 2:2.3.14-16 +- xinetd.log man page is in the right section now (#428812) + +* Thu Sep 6 2007 Jan Safranek - 2:2.3.14-15 +- initscript made LSB compliant (#247099) + +* Thu Sep 6 2007 Jan Safranek - 2:2.3.14-14 +- removed inetdconvert script, nobody is using inetd + +* Wed Aug 22 2007 Jan Safranek - 2:2.3.14-13 +- updated license field + +* Wed May 16 2007 Jan Safranek - 2:2.3.14-12 +- bind IPv6 socket by default and switch to IPv4 on error + (bz#195265) +- service xinetd status returns actual status (bz#232887) +- use ssize_t instead of int (bz#211776) + +* Mon Dec 4 2006 Thomas Woerner - 2:2.3.14-11 +- tcp_wrappers has a new devel and libs sub package, therefore changing build + requirement for tcp_wrappers to tcp_wrappers-devel + +* Fri Dec 01 2006 James Antill - 2:2.3.14-9 +- Fix getpeercon() for LABELED networking MLS environments +- Resolves: rhbz#209379 + +* Sun Oct 01 2006 Jesse Keating - 2:2.3.14-8 +- rebuilt for unwind info generation, broken in gcc-4.1.1-21 + +* Wed Sep 20 2006 Steve Grubb 2:2.3.14-7 +- Revised labeled networking patch to not allow redirection + +* Tue Aug 29 2006 Steve Grubb 2:2.3.14-6 +- Revised labeled networking patch again + +* Thu Aug 24 2006 Steve Grubb 2:2.3.14-5 +- Revised labeled networking patch + +* Wed Aug 23 2006 Steve Grubb 2:2.3.14-4 +- Added labeled networking patch + +* Wed Jul 12 2006 Jesse Keating - 2:2.3.14-3.1 +- rebuild + +* Fri Jun 16 2006 Steve Grubb 2:2.3.14-3 +- Rework spec file & use xinetd's sevice config files + +* Fri Mar 24 2006 Jay Fenlason 2:2.3.14-2 +- Upgrade to new upstream version. This obsoletes the -libwrap, + -rpc, -banner, -bug140084 and -gcc4 patches. + +* Fri Feb 10 2006 Jesse Keating - 2:2.3.13-6.2.1 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 2:2.3.13-6.2 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Thu Feb 17 2005 Jay Fenlason 2:2.3.13-6 +- include new patch to allow gcc4 to compile xinetd. + +* Sat Jan 8 2005 Jay Fenlason 2:2.3.13-4 +- Added patch committed to upstream CVS to fix bz#140084 + (error logging accidentally using one of [012] as the syslog + descriptor) + +* Fri Jun 18 2004 Jay Fenlason 2:2.3.13-3 +- Add patch to fix #126242: banner's don't work + +* Thu Jun 17 2004 Jay Fenlason +- Remove the configuration for the no-longer-present "services" service. + Closes #126169 + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Fri May 14 2004 Jay Fenlason +- Add patch to allow multiple rpc services to cooexist as long as they're + different program numbers or different versions. + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Thu Jan 29 2004 Jay Fenlason 2.3.13-1 +- Upgrade to new upstream version, which obsoletes most patches. +- Add new tcp_rpc patch, to turn on the nolibwrap flag on tcp rpc services, + since libwrap cannot be used on them. + +* Sun Dec 28 2003 Florian La Roche +- use new technology to filter python dep for inetdconvert instead + of changing the -x bit on file permissions +