| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There have been previous attempts to revert protocol tryout
algorithm from v4,v3,v2 to previous v2,v4,v3 :
https://www.spinics.net/lists/linux-nfs/msg89228.html
Apart from GETADDR/NAT issue originating that proposed change,
its possible that some legacy custom applications still use
v2 of protocol with libtirpc.
The change proposed here, introduces an environment variable
"RPCB_V2FIRST" so that, if defined, old behaviour is used.
This is more flexible and allow us to selectively pick what
application reverts to old behaviour instead of a system-wide
change.
Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During some valgrind test, the following is observed
==11391== 64 bytes in 4 blocks are definitely lost in loss record 11 of 16
==11391== at 0x4C2A2AF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==11391== by 0x50ECED9: strdup (in /lib64/libc-2.22.so)
==11391== by 0x4E4AFBF: getclnthandle (in /lib64/libtirpc.so.3.0.0)
==11391== by 0x4E4BD8A: __rpcb_findaddr_timed (in /lib64/libtirpc.so.3.0.0)
==11391== by 0x4E443AF: clnt_tp_create_timed (in /lib64/libtirpc.so.3.0.0)
==11391== by 0x4E44580: clnt_create_timed (in /lib64/libtirpc.so.3.0.0)
==11391== by 0x400755: main (in /local/02/xdtadti/tirpc-test/client)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
8652975 probably unintentionally replaced content of INSTALL with
symlink to /usr/share/automake-1.16/INSTALL. As it's not guaranteed it's
on each system, put the file back (version from automake 1.16,
previously older version was used).
Fixes: 8652975 ("Fix DoS vulnerability in libtirpc")
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Free the cbuf after obtaining the error number.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
For Android bionic, pthread is a part of that c library.
Signed-off-by: Hsia-Jun(Randy) Li <randy.li@synaptics.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
getdtablesize() is not specified in POSIX.1, Android won't
support it at all.
Signed-off-by: Hsia-Jun(Randy) Li <randy.li@synaptics.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Android bionic doesn't those glibc defined types.
Signed-off-by: Hsia-Jun(Randy) Li <randy.li@synaptics.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently svc_run does not handle poll timeout and rendezvous_request
does not handle EMFILE error returned from accept(2 as it used to.
These two missing functionality were removed by commit b2c9430f46c4.
The effect of not handling poll timeout allows idle TCP conections
to remain ESTABLISHED indefinitely. When the number of connections
reaches the limit of the open file descriptors (ulimit -n) then
accept(2) fails with EMFILE. Since there is no handling of EMFILE
error this causes svc_run() to get in a tight loop calling accept(2).
This resulting in the RPC service of svc_run is being down, it's
no longer able to service any requests.
RPC service rpcbind, statd and mountd are effected by this
problem.
Fix by enhancing rendezvous_request to keep the number of
SVCXPRT conections to 4/5 of the size of the file descriptor
table. When this thresold is reached, it destroys the idle
TCP connections or destroys the least active connection if
no idle connnction was found.
Fixes: 44bf15b8 rpcbind: don't use obsolete svc_fdset interface of libtirpc
Signed-off-by: dai.ngo@oracle.com
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
It was noticed there was a couple SunRPC licenses
were left from the work that was done in 2009-2010
(ea26246^..ba3945e). This converts them to BSD licenses.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1955239
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Added:
873 # rsyncd
992 # SSL-enabled telnet
994 # irc
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1854147
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Disallow calling auth_refresh from clnt_{dg,vc}_call if the client is
using RPCSEC_GSS. Doing so can recurse back into clnt_{dg,vc}_call,
where we'll self-deadlock waiting on the condition variable.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The unsupported AUTH_DES authentication has be
compiled out since commit d918e41d889 (Wed Oct 9 2019)
replaced by API routines that return errors.
To maintain a stable API and to cause future apps
to fail to build, this patch removes the functions
declaration from the header file.
This also has the side effect of not changing
the SONAME which always causes pain.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Fix the use of an fd_lock referenced from private client data after it
was freed.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently per-fd locks for the clients are pre-allocated up to
the soft limit of maximum allowed open file desciptors per process as
defined in __rpc_dtbsize():
if (getrlimit(RLIMIT_NOFILE, &rl) == 0) {
return (tbsize = (int)rl.rlim_cur);
}
This limit can be arbitrarily large for any given process resulting in
unreasonable memory allocation. For example, for systemd PID1 process
this limit is set to 1073741816 since version 240. systemd is an
indirect user of this library as it fetches information about users,
groups, etc...
This patch proposes a list implementation of per-fd locks based on glibc
doubly linked lists. It also includes support for a fixed array based
pre-allocation up to a compile-time defined limit of locks for
equivalence to the previous implementation.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In svc_fd_create(), upon error, freeing xp_ltaddr.buf and null
is returned to the caller as expected. The allocated SVCXPRT is
added to svc_pollfd and during destroy __svc_vc_dodestroy(),
xp_ltaddr.buf is being freed again causing double free.
Fix is to reset the pointer when ever freed first.
Reported-by: Sreedharbabu Vykuntam <sreedharbabu.vykuntam@quest.com>
Reviewed-by: Ian Kent <raven@themaw.net>
Signed-off-by: Srinivasarao Cheruku <srinivascheruku@yahoo.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the client code, rlim_max is used to allocate two
arrays used for multithread locking. These arrays are
indexed with open file descriptors.
With some recent changes to systemd, the rlim_max is
now a very large number and no longer represents the
max number of open file descriptors allowed causing
the locking arrays to be huge resulting in processes
being OOM killed.
It turns out the max number opens allowed in a process
is still fairly small (1023) which means rlim_cur (1024)
can be used instead of rlim_max.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
They are defined pkg-config variables for a reason, let's reuse them as
is the intended usage of pkg-config. This ensures various pkg-config
features continue to work as expected.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
bits/endian.h is an internal header. endian.h should be included.
Fixes compilation with recent musl.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
GCC 10 enables -fno-common by default.
Fixes: https://bugs.gentoo.org/705896
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bf8f0b82d added back authdes_create() and authdes_pk_create() interfaces
also when authdes compiled out. Add also authdes_seccreate().
Found by LTP rpc-tirpc test, which fails to link:
/usr/lib64/gcc/x86_64-suse-linux/9/../../../../x86_64-suse-linux/bin/ld: /tmp/ccFanCMm.o: in function `main':
testcases/network/rpc/rpc-tirpc/tests_pack/rpc_suite/tirpc/tirpc_auth_authdes_seccreate/tirpc_authdes_seccreate.c:55: undefined reference to `authdes_seccreate'
Fixes: bf8f0b82d ("Add back the authdes interfaces")
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Instead of compiling out the authdes interfaces
as commit d918e41d8 did, add them back but
they will fail if called.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
AUTH_DES authentication is dead! Has not been
supported in years and know the code is throwing
out coverity scan which don't make sense to fix.
The code is know compiled out by default.
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Don't redefine existing typedef (u_char, u_long, ...) on musl
Fixes:
- http://autobuild.buildroot.net/results/dbc07e383605a84eb19a2fd1899668612212518a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Optionally fixes compilation with uClibc-ng.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
In order to be more defensive, we should mask bits of u_int64_t
value if we want to use only the first 32bit.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Currently the publickey parameter of the authdes_pk_create() function is
not displayed because of a typo
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
depends on __UCLIBC_HAS_RPC__.
This is old patch from Buildroot commit c54af0a294 ("libtirpc: handle
the case where uClibc may have RPC support") by Thomas Petazzoni.
Fixes: 6d8d4b5a7bf6 ("Include string.h for memset")
Fixes: e45bf420983e ("Fix struct rpcent for uclibc-ng")
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
LDFLAGS shouldn't be used to link against libraries as this would break
positional flags like --as-needed
Use LIBADD instead
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1639032
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Ian Kent <raven@themaw.net>
EOF on a non-blocking socket is incorrectly detected causing
the socket to be closed if a client sends the RPC request in
more than one write.
This is becuase ->read_vc() returns 0 for a real EOF and for
the error cases of EAGAIN or EWOULDBLOCK when there could be
more data to come. The caller of ->read_vc() also fails to
handle this case correctly returning XPRT_DIED in both cases.
Also the stream context setting that indicates the request
header has been reveived is not set after receiving the
header which causes incorrect interpretation of the input
for the case of a multiple read receive.
Signed-off-by: Ian Kent <raven@themaw.net>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
In function ‘__getpublickey_real.part.0’,
inlined from ‘__getpublickey_real’:
getpublickey.c:77:9: warning: ‘strncpy’ output may be truncated copying 47 bytes from a string of length 143 [-Wstringop-truncation]
(void) strncpy(publickey, lookup, HEXKEYBYTES-1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Commit 55d146058 introduced the freeing of private data
of client connections due to a false positive from
a covscan.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Variable "xdrbuf" going out of scope leaks the storage it points to.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Variable "handle" going out of scope leaks the storage it points to.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Handle variable "s" going out of scope leaks the handle.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Variable "nc_handle" going out of scope leaks the storage it points to.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Calling strncpy with a maximum size argument of 108 bytes on
destination array "sun.sun_path" of size 108 bytes might
leave the destination string unterminated.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Variable "localhandle" going out of scope leaks the storage it points to.
Returning without closing handle "sock" leaks it.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Variable "handle" going out of scope leaks the storage it points to.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Variable "np_sessionp" going out of scope leaks the storage it points to.
Signed-off-by: Steve Dickson <steved@redhat.com>
|