diff options
-rw-r--r-- | main/nfs-utils/APKBUILD | 7 | ||||
-rw-r--r-- | main/nfs-utils/musl-svcgssd-sysconf.patch | 103 | ||||
-rw-r--r-- | main/nfs-utils/nfs-utils-svcgssd_undefined_reference.patch | 40 |
3 files changed, 149 insertions, 1 deletions
diff --git a/main/nfs-utils/APKBUILD b/main/nfs-utils/APKBUILD index 90c4747e77..921d09be1a 100644 --- a/main/nfs-utils/APKBUILD +++ b/main/nfs-utils/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=nfs-utils pkgver=2.3.1 -pkgrel=3 +pkgrel=4 pkgdesc="kernel-mode NFS" url="http://linux-nfs.org" arch="all" @@ -17,8 +17,10 @@ source="https://www.kernel.org/pub/linux/utils/nfs-utils/$pkgver/nfs-utils-$pkgv 0011-exportfs-only-do-glibc-specific-hackery-on-glibc.patch nfs-utils-mtab-sym.patch + nfs-utils-svcgssd_undefined_reference.patch musl-getservbyport.patch musl-res_querydomain.patch + musl-svcgssd-sysconf.patch idmapd-dnotify-to-inotify.patch limits.patch @@ -57,6 +59,7 @@ build() { --enable-nfsv4 \ --enable-uuid \ --enable-gss \ + --enable-svcgss \ --enable-libmount-mount make } @@ -93,8 +96,10 @@ rpcgen() { sha512sums="340201a8e793de9a4755fbcbff6b364dfd13c01a961e34cc54d1c94b576cc10bf0076962b7fc02872aa75f65a25e80cdcd93df44fb7e438c685eb7e10f1afaea nfs-utils-2.3.1.tar.gz e55dbcc6df1626f992b660ae4ca80eac07ad539f3660448a27b34b6cc63764d59074a10c34e97c1b05f356cf60f68ec724f3dbdc1986be024773a2fe957b55fa 0011-exportfs-only-do-glibc-specific-hackery-on-glibc.patch 674ecf2c4bc8e9364ddd0f34cc03c96674753494cbc5a5d157bd70ed4342ff90356c3e85c544510648dbe90cb43b7fd83ba50653bddffc4b3b5550367b6d0b8e nfs-utils-mtab-sym.patch +21361593415c497fa5a0bbd547b2cb0e0512ad8b3deb2397aba6a453cce840876d607015e46d8c3a367cd478395420d8b24e2f3a7f73d0e75d5a2445e4e46ef2 nfs-utils-svcgssd_undefined_reference.patch 94d7ba23164660f1da9298494dff75c57f5a300cb32b2922bc2226fcdaded7eaaa0c50a59a145ac7c75639d177558b5f5594fb1f03a50f60f4c577c93b135748 musl-getservbyport.patch c86c2f01f5534d4cbd612b9f7fe11cb4cb0cdab81172be386ee97ca37e9cc099576c8087e0f52fefeacafad8022c98a1186b7c002366a5429f9c8ee59a17d161 musl-res_querydomain.patch +3827c725606152ca6b4c79d167323a0eb7659e114132bf8762b423bdc25a67dcd55602823256f9706fa1b39a845f16479225ea8fa2f7ef1aae14b51f31230e09 musl-svcgssd-sysconf.patch 33410c469348adf5e6b5ec91d8cda6b246f1a38a0b234a52f54a49ab8395ede43dfedd58914a59c342923ba45722f6fd4e4aebeffbe4a730f31c9d1ad19de9a9 idmapd-dnotify-to-inotify.patch b75c87917d86ce6e0e8b9bc2651e7f77851170b47b2a9c7628475e8aed73e89c858e7030885e2904e42c2133906705bb1243d19308ccb876d563cbc0655c66ce limits.patch f7feb79cfcab0478affb640d1e5ad059757c88d51cc790fd54cde2fd7ed2e3cfd8f7f4c2de993d99da03e8ce3bdfb2750a4cb997b850fe33d0ef76d9b91c9018 nfs.initd diff --git a/main/nfs-utils/musl-svcgssd-sysconf.patch b/main/nfs-utils/musl-svcgssd-sysconf.patch new file mode 100644 index 0000000000..267c96ddbe --- /dev/null +++ b/main/nfs-utils/musl-svcgssd-sysconf.patch @@ -0,0 +1,103 @@ +--- a/support/nfsidmap/libnfsidmap.c ++++ b/support/nfsidmap/libnfsidmap.c +@@ -481,11 +481,17 @@ + + nobody_user = conf_get_str("Mapping", "Nobody-User"); + if (nobody_user) { +- size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ size_t buflen = 1024; /*value on my gentoo glibc system that has _SC_GETPW_R_SIZE_MAX*/ + struct passwd *buf; + struct passwd *pw = NULL; + int err; + ++ /*sysconf can return -1 when _SC_GETPW_R_SIZE_MAX is not defined, like on musl systems, if cast to size_t this will lead ++ to an integer overflow, which leads to a buffer overflow and crashes svcgssd */ ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; ++ + buf = malloc(sizeof(*buf) + buflen); + if (buf) { + err = getpwnam_r(nobody_user, buf, ((char *)buf) + sizeof(*buf), buflen, &pw); +@@ -502,10 +508,16 @@ + + nobody_group = conf_get_str("Mapping", "Nobody-Group"); + if (nobody_group) { +- size_t buflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ size_t buflen = 1024; /*value on my gentoo glibc system that has _SC_GETGR_R_SIZE_MAX*/ + struct group *buf; + struct group *gr = NULL; + int err; ++ ++ /*sysconf can return -1 when _SC_GETGR_R_SIZE_MAX is not defined, like on musl systems, if cast to size_t this will lead ++ to an integer overflow, which leads to a buffer overflow and crashes svcgssd */ ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; + + buf = malloc(sizeof(*buf) + buflen); + if (buf) { +--- a/support/nfsidmap/static.c ++++ b/support/nfsidmap/static.c +@@ -98,10 +98,14 @@ + { + struct passwd *pw; + struct pwbuf *buf; +- size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ size_t buflen = 1024; + char *localname; + int err; + ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; ++ + buf = malloc(sizeof(*buf) + buflen); + if (!buf) { + err = ENOMEM; +@@ -149,9 +153,13 @@ + { + struct group *gr; + struct grbuf *buf; +- size_t buflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ size_t buflen = 1024; + char *localgroup; + int err; ++ ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; + + buf = malloc(sizeof(*buf) + buflen); + if (!buf) { +--- a/support/nfsidmap/nss.c ++++ b/support/nfsidmap/nss.c +@@ -90,9 +90,13 @@ + struct passwd *pw = NULL; + struct passwd pwbuf; + char *buf; +- size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); ++ size_t buflen = 1024; + int err = -ENOMEM; + ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; ++ + buf = malloc(buflen); + if (!buf) + goto out; +@@ -118,8 +122,12 @@ + struct group *gr = NULL; + struct group grbuf; + char *buf; +- size_t buflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ long scbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); ++ size_t buflen = 1024; + int err; ++ ++ if (scbuflen > 0) ++ buflen = (size_t)scbuflen; + + if (domain == NULL) + domain = get_default_domain(); diff --git a/main/nfs-utils/nfs-utils-svcgssd_undefined_reference.patch b/main/nfs-utils/nfs-utils-svcgssd_undefined_reference.patch new file mode 100644 index 0000000000..77c902f272 --- /dev/null +++ b/main/nfs-utils/nfs-utils-svcgssd_undefined_reference.patch @@ -0,0 +1,40 @@ +From 1451d7585bf1c622658ccc04abac7e79ffe40263 Mon Sep 17 00:00:00 2001 +From: Justin Mitchell <jumitche@redhat.com> +Date: Mon, 8 Jan 2018 09:14:11 -0500 +Subject: [PATCH] svcgssd: Update svcgssd so that it builds + +Since a15bd948 the --enable-svcgss option no longer builds +as svcgssd references functions which were changed at that time. +Fix those, and other function changes since then. + +Signed-off-by: Justin Mitchell <jumitche@redhat.com> +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + utils/gssd/svcgssd.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c +index 3514ae1..23f0c0b 100644 +--- a/utils/gssd/svcgssd.c ++++ b/utils/gssd/svcgssd.c +@@ -63,6 +63,8 @@ + #include "err_util.h" + #include "conffile.h" + ++struct state_paths etab; ++ + void + sig_die(int signal) + { +@@ -101,7 +103,7 @@ main(int argc, char *argv[]) + char *principal = NULL; + char *s; + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + + s = conf_get_str("svcgssd", "principal"); + if (!s) +-- +1.8.3.1 + |