rpms/krb5/devel krb5-1.6.3-ftp_fdleak.patch, NONE, 1.1 krb5.spec, 1.156, 1.157

Nalin Somabhai Dahyabhai (nalin) fedora-extras-commits at redhat.com
Mon Feb 25 19:51:17 UTC 2008 

Author: nalin

Update of /cvs/pkgs/rpms/krb5/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2886

Modified Files:
	krb5.spec 
Added Files:
	krb5-1.6.3-ftp_fdleak.patch 
Log Message:
- ftp: don't lose track of a descriptor on passive get when the server fails to
  open a file


krb5-1.6.3-ftp_fdleak.patch:

--- NEW FILE krb5-1.6.3-ftp_fdleak.patch ---
Don't open a new socket without closing a possibly already-open one. RT#5597.
diff -uNr krb5/src/appl/gssftp/ftp/ftp.c krb5/src/appl/gssftp/ftp/ftp.c
--- krb5/src/appl/gssftp/ftp/ftp.c
+++ krb5/src/appl/gssftp/ftp/ftp.c
@@ -196,7 +196,7 @@ char *
 hookup(char* host, int port)
 {
 	register struct hostent *hp = 0;
-	int s;
+	int s, t;
 	socklen_t len;
 #ifdef IP_TOS
 #ifdef IPTOS_LOWDELAY
@@ -274,8 +274,13 @@ hookup(char* host, int port)
 	}
 #endif
 #endif
+#ifndef _WIN32
+	t = dup(s);
+#else
+	t = s;
+#endif
 	cin = FDOPEN_SOCKET(s, "r");
-	cout = FDOPEN_SOCKET(s, "w");
+	cout = FDOPEN_SOCKET(t, "w");
 	if (cin == NULL || cout == NULL) {
 		fprintf(stderr, "ftp: fdopen failed.\n");
 		if (cin) {
@@ -1448,6 +1453,8 @@
 	int a1,a2,a3,a4,p1,p2;
 
 	if (passivemode) {
+		if (data != INVALID_SOCKET)
+			(void) closesocket(data);
 		data = socket(AF_INET, SOCK_STREAM, 0);
 		if (data == INVALID_SOCKET) {
 			PERROR_SOCKET("ftp: socket");
@@ -2366,4 +2371,16 @@ FILE* fdopen_socket(SOCKET s, char* mode
 
 	return f;
 }
+#else
+/* Non-Win32 case takes the address of the variable so that we can "take
+ * ownership" of the descriptor number. */
+FILE* fdopen_socket(int *s, char* mode)
+{
+	FILE *fp;
+	fp = fdopen(*s, mode);
+	if (fp) {
+		*s = INVALID_SOCKET;
+	}
+	return fp;
+}
 #endif /* _WIN32 */
diff -up krb5-1.3.4/src/appl/gssftp/ftp/ftp_var.h krb5-1.3.4/src/appl/gssftp/ftp/ftp_var.h
--- krb5-1.3.4/src/appl/gssftp/ftp/ftp_var.h	2007-08-03 00:53:35.000000000 -0400
+++ krb5-1.3.4/src/appl/gssftp/ftp/ftp_var.h	2007-08-03 00:53:39.000000000 -0400
@@ -48,7 +48,8 @@ FILE* fdopen_socket(SOCKET s, char* mode
 #define PERROR_SOCKET(str) do { errno = SOCKET_ERRNO; perror(str); } while(0)
 #else
 #define FCLOSE_SOCKET(f) fclose(f)
-#define FDOPEN_SOCKET(s, mode) fdopen(s, mode)
+FILE* fdopen_socket(int *s, char* mode);
+#define FDOPEN_SOCKET(s, mode) fdopen_socket(&s, mode)
 #define SOCKETNO(fd) (fd)
 #define PERROR_SOCKET(str) perror(str)
 #endif


Index: krb5.spec
===================================================================
RCS file: /cvs/pkgs/rpms/krb5/devel/krb5.spec,v
retrieving revision 1.156
retrieving revision 1.157
diff -u -r1.156 -r1.157
--- krb5.spec	25 Feb 2008 18:33:34 -0000	1.156
+++ krb5.spec	25 Feb 2008 19:50:42 -0000	1.157
@@ -96,6 +96,7 @@
 Patch69: krb5-trunk-seqnum.patch
 Patch70: krb5-trunk-kpasswd_tcp2.patch
 Patch71: krb5-1.6.2-dirsrv-accountlock.patch
+Patch72: krb5-1.6.3-ftp_fdleak.patch
 
 License: MIT, freely distributable.
 URL: http://web.mit.edu/kerberos/www/
@@ -227,6 +228,10 @@
 
 %changelog
 * Mon Feb 25 2008 Nalin Dahyabhai <nalin at redhat.com>
+- ftp: don't lose track of a descriptor on passive get when the server fails to
+  open a file
+
+* Mon Feb 25 2008 Nalin Dahyabhai <nalin at redhat.com>
 - in login, allow PAM to interact with the user when they've been strongly
   authenticated
 - in login, signal PAM when we're changing an expired password that it's an
@@ -1309,6 +1314,7 @@
 %patch69 -p0 -b .seqnum
 #%patch70 -p0 -b .kpasswd_tcp2
 %patch71 -p1 -b .dirsrv-accountlock
+%patch72 -p1 -b .ftp_fdleak
 cp src/krb524/README README.krb524
 gzip doc/*.ps

More information about the fedora-extras-commits mailing list