rpms/tcp_wrappers/F-7 tcp_wrappers-7.6-sigchld.patch, NONE, 1.1 tcp_wrappers-7.6-220015.patch, 1.1, 1.2 tcp_wrappers.spec, 1.25, 1.26
Tomas Janousek (tjanouse)
fedora-extras-commits at redhat.com
Wed Jun 6 13:01:30 UTC 2007
Author: tjanouse
Update of /cvs/pkgs/rpms/tcp_wrappers/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15100
Modified Files:
tcp_wrappers-7.6-220015.patch tcp_wrappers.spec
Added Files:
tcp_wrappers-7.6-sigchld.patch
Log Message:
* Wed Jun 06 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-47
- fix the hostname resolving patch for x86_64
* Mon May 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-46
- modified the fix for #112975 to fix #156373 as well
* Fri May 25 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-45
- unblock and catch SIGCHLD from spawned shell commands, fixes #112975
tcp_wrappers-7.6-sigchld.patch:
--- NEW FILE tcp_wrappers-7.6-sigchld.patch ---
--- tcp_wrappers_7.6/shell_cmd.c.sigchld 1994-12-28 17:42:44.000000000 +0100
+++ tcp_wrappers_7.6/shell_cmd.c 2007-05-28 15:06:28.000000000 +0200
@@ -20,6 +20,8 @@
#include <stdio.h>
#include <syslog.h>
#include <string.h>
+#include <errno.h>
+#include <unistd.h>
extern void exit();
@@ -31,13 +33,42 @@
static void do_child();
+/*
+ * The sigchld handler. If there is a SIGCHLD caused by a child other than
+ * ours, we set a flag and raise the signal later.
+ */
+volatile static int foreign_sigchld;
+volatile static int our_child_pid;
+static void sigchld(int sig, siginfo_t *si, void *unused)
+{
+ if (si && si->si_pid != our_child_pid)
+ foreign_sigchld = 1;
+}
+
/* shell_cmd - execute shell command */
void shell_cmd(command)
char *command;
{
int child_pid;
- int wait_pid;
+
+ struct sigaction new_action, old_action;
+ sigset_t new_mask, old_mask, empty_mask;
+
+ new_action.sa_sigaction = &sigchld;
+ new_action.sa_flags = SA_SIGINFO;
+ sigemptyset(&new_action.sa_mask);
+ sigemptyset(&new_mask);
+ sigemptyset(&empty_mask);
+ sigaddset(&new_mask, SIGCHLD);
+
+ /*
+ * Set the variables for handler, set the handler and block the signal
+ * until we have the pid.
+ */
+ foreign_sigchld = 0; our_child_pid = 0;
+ sigprocmask(SIG_BLOCK, &new_mask, &old_mask);
+ sigaction(SIGCHLD, &new_action, &old_action);
/*
* Most of the work is done within the child process, to minimize the
@@ -49,12 +80,26 @@
tcpd_warn("cannot fork: %m");
break;
case 00: /* child */
+ /* Clear the blocked mask for the child not to be surprised. */
+ sigprocmask(SIG_SETMASK, &empty_mask, 0);
do_child(command);
/* NOTREACHED */
default: /* parent */
- while ((wait_pid = wait((int *) 0)) != -1 && wait_pid != child_pid)
- /* void */ ;
+ our_child_pid = child_pid;
+ sigprocmask(SIG_UNBLOCK, &new_mask, 0);
+ while (waitpid(child_pid, (int *) 0, 0) == -1 && errno == EINTR);
}
+
+ /*
+ * Revert the signal mask and the SIGCHLD handler.
+ */
+ sigprocmask(SIG_SETMASK, &old_mask, 0);
+ sigaction(SIGCHLD, &old_action, 0);
+
+ /* If there was a foreign SIGCHLD, raise it after we have restored the old
+ * mask and handler. */
+ if (foreign_sigchld)
+ raise(SIGCHLD);
}
/* do_child - exec command with { stdin, stdout, stderr } to /dev/null */
tcp_wrappers-7.6-220015.patch:
Index: tcp_wrappers-7.6-220015.patch
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers-7.6-220015.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- tcp_wrappers-7.6-220015.patch 9 Mar 2007 10:12:45 -0000 1.1
+++ tcp_wrappers-7.6-220015.patch 6 Jun 2007 13:00:39 -0000 1.2
@@ -1,5 +1,16 @@
---- tcp_wrappers_7.6/hosts_access.c.220015 2007-02-08 15:39:51.000000000 +0100
-+++ tcp_wrappers_7.6/hosts_access.c 2007-02-08 15:39:51.000000000 +0100
+--- tcp_wrappers_7.6/tcpd.h.220015 2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/tcpd.h 2007-06-06 14:50:44.000000000 +0200
+@@ -171,6 +171,8 @@
+ extern void sock_hostname __P((struct host_info *));
+ /* address to printable address */
+ extern void sock_hostaddr __P((struct host_info *));
++/* resolve hostname */
++extern const char * sock_resolve __P((const char *hostname, int family));
+
+ #define sock_methods(r) \
+ { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
+--- tcp_wrappers_7.6/hosts_access.c.220015 2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/hosts_access.c 2007-06-06 14:46:32.000000000 +0200
@@ -312,8 +312,28 @@
} else if ((mask = split_at(tok, '/')) != 0) { /* net/mask */
return (masked_match(tok, mask, eval_hostaddr(host)));
@@ -31,8 +42,8 @@
}
}
---- tcp_wrappers_7.6/socket.c.220015 2007-02-08 15:39:51.000000000 +0100
-+++ tcp_wrappers_7.6/socket.c 2007-02-08 15:41:38.000000000 +0100
+--- tcp_wrappers_7.6/socket.c.220015 2007-06-06 14:46:32.000000000 +0200
++++ tcp_wrappers_7.6/socket.c 2007-06-06 14:46:32.000000000 +0200
@@ -435,3 +435,43 @@
(void) recvfrom(fd, buf, sizeof(buf), 0, (struct sockaddr *) & sin, &size);
Index: tcp_wrappers.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers.spec,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- tcp_wrappers.spec 16 Apr 2007 10:54:34 -0000 1.25
+++ tcp_wrappers.spec 6 Jun 2007 13:00:39 -0000 1.26
@@ -1,7 +1,7 @@
Summary: A security tool which acts as a wrapper for TCP daemons.
Name: tcp_wrappers
Version: 7.6
-Release: 44%{?dist}
+Release: 47%{?dist}
%define LIB_MAJOR 0
%define LIB_MINOR 7
@@ -30,6 +30,7 @@
Patch17: tcp_wrappers-7.6-220015.patch
Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
Patch19: tcp_wrappers-7.6-siglongjmp.patch
+Patch20: tcp_wrappers-7.6-sigchld.patch
# required by sin_scope_id in ipv6 patch
BuildRequires: glibc-devel >= 2.2
BuildRoot: %{_tmppath}/%{name}-root
@@ -85,6 +86,7 @@
%patch17 -p1 -b .220015
%patch18 -p1 -b .restore_sigalarm
%patch19 -p1 -b .siglongjmp
+%patch20 -p1 -b .sigchld
%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
@@ -141,6 +143,15 @@
%{_mandir}/man3/*
%changelog
+* Wed Jun 06 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-47
+- fix the hostname resolving patch for x86_64
+
+* Mon May 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-46
+- modified the fix for #112975 to fix #156373 as well
+
+* Fri May 25 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-45
+- unblock and catch SIGCHLD from spawned shell commands, fixes #112975
+
* Mon Apr 16 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-44
- added restore_sigalarm and siglongjmp patches from Debian, fixes #205129
More information about the fedora-extras-commits
mailing list