rpms/tcp_wrappers/F-7 tcp_wrappers-7.6-sigchld.patch, NONE, 1.1 tcp_wrappers-7.6-220015.patch, 1.1, 1.2 tcp_wrappers.spec, 1.25, 1.26

Tomas Janousek (tjanouse) fedora-extras-commits at redhat.com
Wed Jun 6 13:01:30 UTC 2007 

Author: tjanouse

Update of /cvs/pkgs/rpms/tcp_wrappers/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15100

Modified Files:
	tcp_wrappers-7.6-220015.patch tcp_wrappers.spec 
Added Files:
	tcp_wrappers-7.6-sigchld.patch 
Log Message:
* Wed Jun 06 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-47
- fix the hostname resolving patch for x86_64

* Mon May 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-46
- modified the fix for #112975 to fix #156373 as well

* Fri May 25 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-45
- unblock and catch SIGCHLD from spawned shell commands, fixes #112975


tcp_wrappers-7.6-sigchld.patch:

--- NEW FILE tcp_wrappers-7.6-sigchld.patch ---
--- tcp_wrappers_7.6/shell_cmd.c.sigchld	1994-12-28 17:42:44.000000000 +0100
+++ tcp_wrappers_7.6/shell_cmd.c	2007-05-28 15:06:28.000000000 +0200
@@ -20,6 +20,8 @@
 #include <stdio.h>
 #include <syslog.h>
 #include <string.h>
+#include <errno.h>
+#include <unistd.h>
 
 extern void exit();
 
@@ -31,13 +33,42 @@
 
 static void do_child();
 
+/*
+ * The sigchld handler. If there is a SIGCHLD caused by a child other than
+ * ours, we set a flag and raise the signal later.
+ */
+volatile static int foreign_sigchld;
+volatile static int our_child_pid;
+static void sigchld(int sig, siginfo_t *si, void *unused)
+{
+    if (si && si->si_pid != our_child_pid)
+	foreign_sigchld = 1;
+}
+
 /* shell_cmd - execute shell command */
 
 void    shell_cmd(command)
 char   *command;
 {
     int     child_pid;
-    int     wait_pid;
+
+    struct sigaction new_action, old_action;
+    sigset_t new_mask, old_mask, empty_mask;
+
+    new_action.sa_sigaction = &sigchld;
+    new_action.sa_flags = SA_SIGINFO;
+    sigemptyset(&new_action.sa_mask);
+    sigemptyset(&new_mask);
+    sigemptyset(&empty_mask);
+    sigaddset(&new_mask, SIGCHLD);
+
+    /*
+     * Set the variables for handler, set the handler and block the signal
+     * until we have the pid.
+     */
+    foreign_sigchld = 0; our_child_pid = 0;
+    sigprocmask(SIG_BLOCK, &new_mask, &old_mask);
+    sigaction(SIGCHLD, &new_action, &old_action);
 
     /*
      * Most of the work is done within the child process, to minimize the
@@ -49,12 +80,26 @@
 	tcpd_warn("cannot fork: %m");
 	break;
     case 00:					/* child */
+	/* Clear the blocked mask for the child not to be surprised. */
+	sigprocmask(SIG_SETMASK, &empty_mask, 0);
 	do_child(command);
 	/* NOTREACHED */
     default:					/* parent */
-	while ((wait_pid = wait((int *) 0)) != -1 && wait_pid != child_pid)
-	     /* void */ ;
+	our_child_pid = child_pid;
+	sigprocmask(SIG_UNBLOCK, &new_mask, 0);
+	while (waitpid(child_pid, (int *) 0, 0) == -1 && errno == EINTR);
     }
+
+    /*
+     * Revert the signal mask and the SIGCHLD handler.
+     */
+    sigprocmask(SIG_SETMASK, &old_mask, 0);
+    sigaction(SIGCHLD, &old_action, 0);
+
+    /* If there was a foreign SIGCHLD, raise it after we have restored the old
+     * mask and handler. */
+    if (foreign_sigchld)
+	raise(SIGCHLD);
 }
 
 /* do_child - exec command with { stdin, stdout, stderr } to /dev/null */

tcp_wrappers-7.6-220015.patch:

Index: tcp_wrappers-7.6-220015.patch
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers-7.6-220015.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- tcp_wrappers-7.6-220015.patch	9 Mar 2007 10:12:45 -0000	1.1
+++ tcp_wrappers-7.6-220015.patch	6 Jun 2007 13:00:39 -0000	1.2
@@ -1,5 +1,16 @@
---- tcp_wrappers_7.6/hosts_access.c.220015	2007-02-08 15:39:51.000000000 +0100
-+++ tcp_wrappers_7.6/hosts_access.c	2007-02-08 15:39:51.000000000 +0100
+--- tcp_wrappers_7.6/tcpd.h.220015	2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/tcpd.h	2007-06-06 14:50:44.000000000 +0200
+@@ -171,6 +171,8 @@
+ extern void sock_hostname __P((struct host_info *));
+ /* address to printable address */
+ extern void sock_hostaddr __P((struct host_info *));
++/* resolve hostname */
++extern const char * sock_resolve __P((const char *hostname, int family));
+ 
+ #define sock_methods(r) \
+ 	{ (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
+--- tcp_wrappers_7.6/hosts_access.c.220015	2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/hosts_access.c	2007-06-06 14:46:32.000000000 +0200
 @@ -312,8 +312,28 @@
      } else if ((mask = split_at(tok, '/')) != 0) {	/* net/mask */
  	return (masked_match(tok, mask, eval_hostaddr(host)));
@@ -31,8 +42,8 @@
      }
  }
  
---- tcp_wrappers_7.6/socket.c.220015	2007-02-08 15:39:51.000000000 +0100
-+++ tcp_wrappers_7.6/socket.c	2007-02-08 15:41:38.000000000 +0100
+--- tcp_wrappers_7.6/socket.c.220015	2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/socket.c	2007-06-06 14:46:32.000000000 +0200
 @@ -435,3 +435,43 @@
  
      (void) recvfrom(fd, buf, sizeof(buf), 0, (struct sockaddr *) & sin, &size);


Index: tcp_wrappers.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers.spec,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- tcp_wrappers.spec	16 Apr 2007 10:54:34 -0000	1.25
+++ tcp_wrappers.spec	6 Jun 2007 13:00:39 -0000	1.26
@@ -1,7 +1,7 @@
 Summary: A security tool which acts as a wrapper for TCP daemons.
 Name: tcp_wrappers
 Version: 7.6
-Release: 44%{?dist}
+Release: 47%{?dist}
 
 %define LIB_MAJOR 0
 %define LIB_MINOR 7
@@ -30,6 +30,7 @@
 Patch17: tcp_wrappers-7.6-220015.patch
 Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
 Patch19: tcp_wrappers-7.6-siglongjmp.patch
+Patch20: tcp_wrappers-7.6-sigchld.patch
 # required by sin_scope_id in ipv6 patch
 BuildRequires: glibc-devel >= 2.2		
 BuildRoot: %{_tmppath}/%{name}-root
@@ -85,6 +86,7 @@
 %patch17 -p1 -b .220015
 %patch18 -p1 -b .restore_sigalarm
 %patch19 -p1 -b .siglongjmp
+%patch20 -p1 -b .sigchld
 
 %build
 make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
@@ -141,6 +143,15 @@
 %{_mandir}/man3/*
 
 %changelog
+* Wed Jun 06 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-47
+- fix the hostname resolving patch for x86_64
+
+* Mon May 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-46
+- modified the fix for #112975 to fix #156373 as well
+
+* Fri May 25 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-45
+- unblock and catch SIGCHLD from spawned shell commands, fixes #112975
+
 * Mon Apr 16 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-44
 - added restore_sigalarm and siglongjmp patches from Debian, fixes #205129

More information about the fedora-extras-commits mailing list