commit
861f2c25e2
@ -0,0 +1 @@
|
||||
SOURCES/xinetd-2.3.15.tar.gz
|
@ -0,0 +1 @@
|
||||
168d54aeb181e271e68f4c53847c3e6b2574dba6 SOURCES/xinetd-2.3.15.tar.gz
|
@ -0,0 +1,251 @@
|
||||
--- xinetd-2.3.14/configure.in 2009-07-27 13:27:59.000000000 +0200
|
||||
+++ xinetd-2.3.14-mod/configure.in 2009-07-29 10:05:44.000000000 +0200
|
||||
@@ -20,34 +20,34 @@ AC_CHECK_FUNCS(ecvt, ,
|
||||
AC_CHECK_FUNCS(gcvt, ,
|
||||
AC_CHECK_LIB(m, gcvt))
|
||||
|
||||
-AC_CHECK_FUNC(strerror, [AC_DEFINE(HAVE_STRERROR)])
|
||||
-AC_CHECK_FUNC(strcasecmp, [AC_DEFINE(HAVE_STRCASECMP)])
|
||||
+AC_CHECK_FUNC(strerror, [AC_DEFINE(HAVE_STRERROR, 1, "")])
|
||||
+AC_CHECK_FUNC(strcasecmp, [AC_DEFINE(HAVE_STRCASECMP, 1, "")])
|
||||
AC_CHECK_FUNC(socket, ,
|
||||
AC_CHECK_LIB(socket, socket, ,
|
||||
AC_CHECK_LIB(nsl, socket)))
|
||||
AC_CHECK_FUNC(inet_aton, ,
|
||||
AC_CHECK_LIB(nsl, inet_aton, ,
|
||||
AC_CHECK_LIB(socket, inet_aton, ,
|
||||
- AC_CHECK_LIB(resolv, inet_aton, ,[AC_DEFINE(NO_INET_ATON)]))))
|
||||
-AC_CHECK_FUNC(setenv,[AC_DEFINE(HAVE_SETENV)])
|
||||
-AC_CHECK_FUNC(strsignal, [AC_DEFINE(HAVE_STRSIGNAL)])
|
||||
-AC_CHECK_LIB(c, sys_siglist, [AC_DEFINE(HAVE_SYS_SIGLIST)])
|
||||
-AC_CHECK_FUNC(gai_strerror,[AC_DEFINE(HAVE_GAI_STRERROR)])
|
||||
-AC_CHECK_FUNC(freeaddrinfo,[AC_DEFINE(HAVE_FREEADDRINFO)])
|
||||
-AC_CHECK_FUNC(getaddrinfo,[AC_DEFINE(HAVE_GETADDRINFO)])
|
||||
+ AC_CHECK_LIB(resolv, inet_aton, ,[AC_DEFINE(NO_INET_ATON, 1, "")]))))
|
||||
+AC_CHECK_FUNC(setenv,[AC_DEFINE(HAVE_SETENV, 1, "")])
|
||||
+AC_CHECK_FUNC(strsignal, [AC_DEFINE(HAVE_STRSIGNAL, 1, "")])
|
||||
+AC_CHECK_LIB(c, sys_siglist, [AC_DEFINE(HAVE_SYS_SIGLIST, 1, "")])
|
||||
+AC_CHECK_FUNC(gai_strerror,[AC_DEFINE(HAVE_GAI_STRERROR, 1, "")])
|
||||
+AC_CHECK_FUNC(freeaddrinfo,[AC_DEFINE(HAVE_FREEADDRINFO, 1, "")])
|
||||
+AC_CHECK_FUNC(getaddrinfo,[AC_DEFINE(HAVE_GETADDRINFO, 1, "")])
|
||||
|
||||
AC_CHECK_HEADERS(sys/types.h sys/termios.h termios.h sys/ioctl.h sys/select.h rpc/rpc.h rpc/rpcent.h sys/file.h ftw.h machine/reg.h netdb.h)
|
||||
-AC_CHECK_HEADER(sys/resource.h, [AC_DEFINE(HAVE_SYS_RESOURCE_H)])
|
||||
-AC_CHECK_HEADER(arpa/inet.h, [AC_DEFINE(HAVE_ARPA_INET_H)])
|
||||
-AC_CHECK_HEADER(grp.h, [AC_DEFINE(HAVE_GRP_H)])
|
||||
-AC_CHECK_HEADER(rpc/pmap_clnt.h, [AC_DEFINE(HAVE_RPC_PMAP_CLNT_H)])
|
||||
-AC_CHECK_HEADER(sys/socket.h, [AC_DEFINE(HAVE_SYS_SOCKET_H)])
|
||||
-AC_CHECK_HEADER(sys/signal.h, [AC_DEFINE(HAVE_SYS_SIGNAL_H)])
|
||||
-AC_CHECK_HEADER(crypt.h, [AC_DEFINE(HAVE_CRYPT_H)])
|
||||
-AC_CHECK_HEADER(stdint.h, [AC_DEFINE(HAVE_STDINT_H)])
|
||||
-AC_CHECK_HEADER(stdbool.h, [AC_DEFINE(HAVE_STDBOOL_H)])
|
||||
-AC_CHECK_HEADER(sys/filio.h, [AC_DEFINE(HAVE_SYS_FILIO_H)])
|
||||
-AC_CHECK_HEADER(DNSServiceDiscovery/DNSServiceDiscovery.h, [AC_DEFINE(HAVE_DNSREGISTRATION) AC_DEFINE(HAVE_MDNS)])
|
||||
+AC_CHECK_HEADER(sys/resource.h, [AC_DEFINE(HAVE_SYS_RESOURCE_H, 1, "")])
|
||||
+AC_CHECK_HEADER(arpa/inet.h, [AC_DEFINE(HAVE_ARPA_INET_H, 1, "")])
|
||||
+AC_CHECK_HEADER(grp.h, [AC_DEFINE(HAVE_GRP_H, 1, "")])
|
||||
+AC_CHECK_HEADER(rpc/pmap_clnt.h, [AC_DEFINE(HAVE_RPC_PMAP_CLNT_H, 1, "")])
|
||||
+AC_CHECK_HEADER(sys/socket.h, [AC_DEFINE(HAVE_SYS_SOCKET_H, 1, "")])
|
||||
+AC_CHECK_HEADER(sys/signal.h, [AC_DEFINE(HAVE_SYS_SIGNAL_H, 1, "")])
|
||||
+AC_CHECK_HEADER(crypt.h, [AC_DEFINE(HAVE_CRYPT_H, 1, "")])
|
||||
+AC_CHECK_HEADER(stdint.h, [AC_DEFINE(HAVE_STDINT_H, 1, "")])
|
||||
+AC_CHECK_HEADER(stdbool.h, [AC_DEFINE(HAVE_STDBOOL_H, 1, "")])
|
||||
+AC_CHECK_HEADER(sys/filio.h, [AC_DEFINE(HAVE_SYS_FILIO_H, 1, "")])
|
||||
+AC_CHECK_HEADER(DNSServiceDiscovery/DNSServiceDiscovery.h, [AC_DEFINE(HAVE_DNSREGISTRATION, 1, "") AC_DEFINE(HAVE_MDNS, 1, "")])
|
||||
|
||||
AC_ARG_WITH(howl, [ --with-howl=PATH Compile in howl support.
|
||||
PATH is the prefix where howl is installed,
|
||||
@@ -56,7 +56,7 @@ AC_ARG_WITH(howl, [ --with-howl=PATH
|
||||
OLDLDFLAGS=$LDFLAGS; LDFLAGS="-L$withval/lib/ $LDFLAGS";
|
||||
OLDCPPFLAGS=$CPPFLAGS; CPPFLAGS="-I$withval/include/howl/ $CPPFLAGS";
|
||||
AC_CHECK_HEADER($withval/include/howl/howl.h,
|
||||
- [AC_DEFINE(HAVE_HOWL) AC_DEFINE(HAVE_MDNS)],
|
||||
+ [AC_DEFINE(HAVE_HOWL, 1, "") AC_DEFINE(HAVE_MDNS, 1, "")],
|
||||
[CFLAGS=$OLDCFLAGS; LDFLAGS=$OLDLDFLAGS; CPPFLAGS=$OLDCPPFLAGS;])
|
||||
AC_CHECK_LIB(howl, sw_discovery_publish, [LIBS="-lhowl $LIBS"], [
|
||||
OLDLIBS=$LIBS; LIBS="-lpthread $LIBS";
|
||||
@@ -88,7 +88,7 @@ AC_CACHE_CHECK([for struct addrinfo], ac
|
||||
)
|
||||
])
|
||||
if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
|
||||
- AC_DEFINE(HAVE_STRUCT_ADDRINFO)
|
||||
+ AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, "")
|
||||
fi
|
||||
|
||||
AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
|
||||
@@ -103,7 +103,7 @@ AC_CACHE_CHECK([for struct in6_addr], ac
|
||||
)
|
||||
])
|
||||
if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
|
||||
- AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
|
||||
+ AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, "")
|
||||
fi
|
||||
|
||||
AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
|
||||
@@ -118,7 +118,7 @@ AC_CACHE_CHECK([for struct sockaddr_in6]
|
||||
)
|
||||
])
|
||||
if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
|
||||
- AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
|
||||
+ AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, "")
|
||||
fi
|
||||
|
||||
AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
|
||||
@@ -133,15 +133,15 @@ AC_CACHE_CHECK([for struct sockaddr_stor
|
||||
)
|
||||
])
|
||||
if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
|
||||
- AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
|
||||
+ AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, "")
|
||||
fi
|
||||
|
||||
|
||||
case "$target_os" in
|
||||
|
||||
solaris*)
|
||||
- AC_DEFINE(N0_SIGLIST)
|
||||
- AC_DEFINE(solaris)
|
||||
+ AC_DEFINE(N0_SIGLIST, 1, "")
|
||||
+ AC_DEFINE(solaris, 1, "")
|
||||
|
||||
AC_MSG_CHECKING(whether to compile in loadavg)
|
||||
AC_ARG_WITH(loadavg,
|
||||
@@ -153,12 +153,12 @@ solaris*)
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_CHECK_LIB(kstat, main)
|
||||
- AC_CHECK_HEADER(kstat.h, [AC_DEFINE(HAVE_KSTAT_H)])
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_CHECK_HEADER(kstat.h, [AC_DEFINE(HAVE_KSTAT_H, 1, "")])
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
esac ], AC_MSG_RESULT(no) )
|
||||
;;
|
||||
@@ -172,11 +172,11 @@ osf*)
|
||||
;;
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
esac ], AC_MSG_RESULT(no))
|
||||
;;
|
||||
@@ -191,18 +191,18 @@ linux*|freebsd*)
|
||||
;;
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
esac ], AC_MSG_RESULT(no))
|
||||
;;
|
||||
darwin* | "Mac OS"*)
|
||||
ac_cv_prog_RANLIB="ranlib"
|
||||
# AC_CHECK_FUNCS doesn't look in the proper header file...
|
||||
- AC_DEFINE(HAVE_ISATTY)
|
||||
+ AC_DEFINE(HAVE_ISATTY, 1, "")
|
||||
CFLAGS="$CFLAGS -no-cpp-precomp"
|
||||
AC_MSG_CHECKING(whether to compile in loadavg)
|
||||
AC_ARG_WITH(loadavg,,
|
||||
@@ -212,11 +212,11 @@ darwin* | "Mac OS"*)
|
||||
;;
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
esac ], AC_MSG_RESULT(no))
|
||||
;;
|
||||
@@ -229,13 +229,13 @@ darwin* | "Mac OS"*)
|
||||
;;
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(bsdi)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(bsdi, 1, "")
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(bsdi)
|
||||
- AC_DEFINE(HAVE_LOADAVG)
|
||||
+ AC_DEFINE(bsdi, 1, "")
|
||||
+ AC_DEFINE(HAVE_LOADAVG, 1, "")
|
||||
;;
|
||||
esac ], AC_MSG_RESULT(no))
|
||||
;;
|
||||
@@ -245,7 +245,7 @@ esac
|
||||
AC_CHECK_LIB(c, crypt, [:], [
|
||||
AC_CHECK_LIB(crypt, crypt, [
|
||||
LIBS="-lcrypt $LIBS"
|
||||
- AC_DEFINE(HAVE_LIBCRYPT) ], []) ])
|
||||
+ AC_DEFINE(HAVE_LIBCRYPT, 1, "") ], []) ])
|
||||
|
||||
AC_CHECK_LIB(m, log10, [ LIBS="-lm $LIBS" ], [])
|
||||
|
||||
@@ -263,16 +263,16 @@ AC_ARG_WITH(libwrap,
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_CHECK_LIB(wrap, request_init, [
|
||||
- AC_DEFINE(LIBWRAP)
|
||||
+ AC_DEFINE(LIBWRAP, 1, "")
|
||||
WRAPLIBS="-lwrap"
|
||||
- AC_DEFINE(HAVE_LIBWRAP) ])
|
||||
+ AC_DEFINE(HAVE_LIBWRAP, 1, "") ])
|
||||
AC_CHECK_LIB(nsl, yp_get_default_domain, [
|
||||
WRAPLIBS="$WRAPLIBS -lnsl" ])
|
||||
LIBS="$WRAPLIBS $LIBS"
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(LIBWRAP)
|
||||
+ AC_DEFINE(LIBWRAP, 1, "")
|
||||
if test -d "$withval"; then
|
||||
WRAPLIBS="-L$withval -lwrap"
|
||||
else
|
||||
@@ -299,13 +299,13 @@ AC_ARG_WITH(labeled-networking,
|
||||
yes)
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_CHECK_LIB(selinux, setexeccon, [
|
||||
- AC_DEFINE(LABELED_NET)
|
||||
+ AC_DEFINE(LABELED_NET, 1, "")
|
||||
LABELLIBS="-lselinux" ])
|
||||
LIBS="$LABELLIBS $LIBS"
|
||||
;;
|
||||
*)
|
||||
AC_MSG_RESULT(yes)
|
||||
- AC_DEFINE(LABELED_NET)
|
||||
+ AC_DEFINE(LABELED_NET, 1, "")
|
||||
if test -d "$withval"; then
|
||||
LABELLIBS="-L$withval -lselinux"
|
||||
else
|
||||
--- xinetd-2.3.14/aclocal.m4 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14-mod/aclocal.m4 2009-07-29 10:10:03.000000000 +0200
|
||||
@@ -22,6 +22,6 @@ AC_CACHE_VAL(xinetd_cv_type_$1,
|
||||
#endif], xinetd_cv_type_$1=yes, xinetd_cv_type_$1=no)])dnl
|
||||
AC_MSG_RESULT($xinetd_cv_type_$1)
|
||||
if test $xinetd_cv_type_$1 = no; then
|
||||
- AC_DEFINE($1, $2)
|
||||
+ AC_DEFINE($1, $2, "")
|
||||
fi
|
||||
])
|
@ -0,0 +1,29 @@
|
||||
--- xinetd-2.3.14/xinetd/service.c.old 2007-05-16 15:33:41.000000000 +0200
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2007-05-16 15:29:53.000000000 +0200
|
||||
@@ -335,6 +335,15 @@
|
||||
|
||||
if ( SVC_FD(sp) == -1 )
|
||||
{
|
||||
+ if (SC_BIND_ADDR(scp) == NULL && SC_IPV6( scp ))
|
||||
+ {
|
||||
+ /* there was no bind address configured and IPv6 fails. Try IPv4 */
|
||||
+ msg( LOG_NOTICE, func, "IPv6 socket creation failed for service %s, trying IPv4", SC_ID( scp ) ) ;
|
||||
+ M_CLEAR(SC_XFLAGS(scp), SF_IPV6);
|
||||
+ M_SET(SC_XFLAGS(scp), SF_IPV4);
|
||||
+ return svc_activate(sp);
|
||||
+ }
|
||||
+
|
||||
msg( LOG_ERR, func,
|
||||
"socket creation failed (%m). service = %s", SC_ID( scp ) ) ;
|
||||
return( FAILED ) ;
|
||||
--- xinetd-2.3.14/xinetd/confparse.c.old 2007-05-16 15:33:26.000000000 +0200
|
||||
+++ xinetd-2.3.14/xinetd/confparse.c 2007-05-16 15:15:22.000000000 +0200
|
||||
@@ -245,7 +245,7 @@
|
||||
M_SET(SC_XFLAGS(scp), SF_IPV6);
|
||||
}
|
||||
else
|
||||
- M_SET(SC_XFLAGS(scp), SF_IPV4);
|
||||
+ M_SET(SC_XFLAGS(scp), SF_IPV6); /*try bind IPv6 by default*/
|
||||
}
|
||||
|
||||
if (SC_ORIG_BIND_ADDR(scp))
|
@ -0,0 +1,10 @@
|
||||
--- xinetd-2.3.14/xinetd/service.c.orig 2010-03-18 17:09:20.000000000 +0100
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2010-03-18 17:09:37.000000000 +0100
|
||||
@@ -470,6 +470,7 @@ void svc_deactivate( struct service *sp
|
||||
{
|
||||
#ifdef HAVE_POLL
|
||||
SVC_EVENTS( sp ) = 0;
|
||||
+ SVC_FD( sp ) = 0;
|
||||
#else
|
||||
FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ;
|
||||
#endif /* HAVE_POLL */
|
@ -0,0 +1,126 @@
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/attr.h xinetd-2.3.14-files/xinetd/attr.h
|
||||
--- xinetd-2.3.14-orig/xinetd/attr.h 2005-10-05 19:15:33.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/attr.h 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -61,12 +61,13 @@
|
||||
#define A_DISABLED 43
|
||||
#define A_MDNS 44
|
||||
#define A_LIBWRAP 45
|
||||
+#define A_RLIMIT_FILES 46
|
||||
|
||||
/*
|
||||
* SERVICE_ATTRIBUTES is the number of service attributes and also
|
||||
* the number from which defaults-only attributes start.
|
||||
*/
|
||||
-#define SERVICE_ATTRIBUTES ( A_MDNS + 1 )
|
||||
+#define SERVICE_ATTRIBUTES ( A_MDNS + 2 )
|
||||
|
||||
/*
|
||||
* Mask of attributes that must be specified.
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/child.c xinetd-2.3.14-files/xinetd/child.c
|
||||
--- xinetd-2.3.14-orig/xinetd/child.c 2009-10-20 13:07:34.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/child.c 2009-10-20 13:10:16.000000000 +0200
|
||||
@@ -109,6 +109,10 @@ void exec_server( const struct server *s
|
||||
|
||||
|
||||
#ifdef RLIMIT_NOFILE
|
||||
+ if ( SC_RLIM_FILES( scp ))
|
||||
+ {
|
||||
+ ps.ros.max_descriptors = SC_RLIM_FILES( scp );
|
||||
+ }
|
||||
rl.rlim_max = rl.rlim_cur = ps.ros.max_descriptors ;
|
||||
(void) setrlimit( RLIMIT_NOFILE, &rl ) ;
|
||||
#endif
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/parse.c xinetd-2.3.14-files/xinetd/parse.c
|
||||
--- xinetd-2.3.14-orig/xinetd/parse.c 2005-10-05 19:15:33.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/parse.c 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -92,6 +92,9 @@ static const struct attribute service_at
|
||||
#ifdef RLIMIT_DATA
|
||||
{ "rlimit_data", A_RLIMIT_DATA, 1, rlim_data_parser },
|
||||
#endif
|
||||
+#ifdef RLIMIT_NOFILE
|
||||
+ { "rlimit_files", A_RLIMIT_FILES, 1, rlim_files_parser },
|
||||
+#endif
|
||||
#ifdef RLIMIT_RSS
|
||||
{ "rlimit_rss", A_RLIMIT_RSS, 1, rlim_rss_parser },
|
||||
#endif
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/parsers.c xinetd-2.3.14-files/xinetd/parsers.c
|
||||
--- xinetd-2.3.14-orig/xinetd/parsers.c 2005-10-05 23:45:41.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/parsers.c 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -1415,6 +1415,29 @@ status_e rlim_data_parser( pset_h values
|
||||
}
|
||||
#endif
|
||||
|
||||
+#ifdef RLIMIT_NOFILE
|
||||
+status_e rlim_files_parser( pset_h values,
|
||||
+ struct service_config *scp,
|
||||
+ enum assign_op op )
|
||||
+{
|
||||
+ char *mem = (char *) pset_pointer( values, 0 ) ;
|
||||
+ const char *func = "rlim_files_parser" ;
|
||||
+
|
||||
+ if ( EQ( mem, "UNLIMITED" ) )
|
||||
+ SC_RLIM_FILES(scp) = (rlim_t)RLIM_INFINITY ;
|
||||
+ else
|
||||
+ {
|
||||
+ if ( get_limit ( mem, &SC_RLIM_FILES(scp)) )
|
||||
+ {
|
||||
+ parsemsg( LOG_ERR, func,
|
||||
+ "Max files limit is invalid: %s", mem ) ;
|
||||
+ return( FAILED ) ;
|
||||
+ }
|
||||
+ }
|
||||
+ return( OK ) ;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
#ifdef RLIMIT_RSS
|
||||
status_e rlim_rss_parser( pset_h values,
|
||||
struct service_config *scp,
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/parsers.h xinetd-2.3.14-files/xinetd/parsers.h
|
||||
--- xinetd-2.3.14-orig/xinetd/parsers.h 2005-10-05 19:15:33.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/parsers.h 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -57,6 +57,9 @@ status_e rlim_cpu_parser(pset_h, struct
|
||||
#ifdef RLIMIT_DATA
|
||||
status_e rlim_data_parser(pset_h, struct service_config *, enum assign_op) ;
|
||||
#endif
|
||||
+#ifdef RLIMIT_NOFILE
|
||||
+status_e rlim_files_parser(pset_h, struct service_config *, enum assign_op) ;
|
||||
+#endif
|
||||
#ifdef RLIMIT_RSS
|
||||
status_e rlim_rss_parser(pset_h, struct service_config *, enum assign_op) ;
|
||||
#endif
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/sconf.h xinetd-2.3.14-files/xinetd/sconf.h
|
||||
--- xinetd-2.3.14-orig/xinetd/sconf.h 2009-10-20 13:07:34.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/sconf.h 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -143,6 +143,7 @@ struct service_config
|
||||
rlim_t sc_rlim_as;
|
||||
rlim_t sc_rlim_cpu;
|
||||
rlim_t sc_rlim_data;
|
||||
+ rlim_t sc_rlim_files;
|
||||
rlim_t sc_rlim_rss;
|
||||
rlim_t sc_rlim_stack;
|
||||
mode_t sc_umask;
|
||||
@@ -191,6 +192,7 @@ struct service_config
|
||||
#define SC_RLIM_AS( scp ) (scp)->sc_rlim_as
|
||||
#define SC_RLIM_CPU( scp ) (scp)->sc_rlim_cpu
|
||||
#define SC_RLIM_DATA( scp ) (scp)->sc_rlim_data
|
||||
+#define SC_RLIM_FILES( scp ) (scp)->sc_rlim_files
|
||||
#define SC_RLIM_RSS( scp ) (scp)->sc_rlim_rss
|
||||
#define SC_RLIM_STACK( scp ) (scp)->sc_rlim_stack
|
||||
#define SC_TYPE( scp ) (scp)->sc_type
|
||||
diff -Nurp xinetd-2.3.14-orig/xinetd/xinetd.conf.man xinetd-2.3.14-files/xinetd/xinetd.conf.man
|
||||
--- xinetd-2.3.14-orig/xinetd/xinetd.conf.man 2009-10-20 13:07:34.000000000 +0200
|
||||
+++ xinetd-2.3.14-files/xinetd/xinetd.conf.man 2009-10-20 13:08:45.000000000 +0200
|
||||
@@ -569,6 +569,12 @@ is implemented, it is more useful to set
|
||||
rlimit_rss and rlimit_stack. This resource limit is only implemented on
|
||||
Linux systems.
|
||||
.TP
|
||||
+.B rlimit_files
|
||||
+Sets the maximum number of open files that the service may use.
|
||||
+One parameter is required, which is a positive integer representing
|
||||
+the number of open file descriptors. Practical limit of this number
|
||||
+is around 1024000.
|
||||
+.TP
|
||||
.B rlimit_cpu
|
||||
Sets the maximum number of CPU seconds that the service may use.
|
||||
One parameter is required, which is either a positive integer representing
|
@ -0,0 +1,22 @@
|
||||
diff --git a/sensor.c b/sensor.c
|
||||
index 09d0877..e65018c 100644
|
||||
--- a/xinetd/sensor.c
|
||||
+++ b/xinetd/sensor.c
|
||||
@@ -100,14 +100,15 @@ void process_sensor( const struct service *sp, const union xsockaddr *addr)
|
||||
{
|
||||
/* Here again, eh?...update time stamp. */
|
||||
char *exp_time;
|
||||
- time_t stored_time;
|
||||
+ int stored_time;
|
||||
|
||||
item_matched--; /* Is # plus 1, to even get here must be >= 1 */
|
||||
exp_time = pset_pointer( global_no_access_time, item_matched ) ;
|
||||
if (exp_time == NULL)
|
||||
return ;
|
||||
|
||||
- if ( parse_base10(exp_time, (int *)&stored_time) )
|
||||
+ /* FIXME: Parse (long int) instead of (int) prior to possible Y2K38 bug. */
|
||||
+ if ( parse_base10(exp_time, &stored_time ) )
|
||||
{ /* if never let them off, bypass */
|
||||
if (stored_time != -1)
|
||||
{
|
@ -0,0 +1,42 @@
|
||||
448069: xinetd: socket bind: Invalid argument (errno = 22) when using USERID on ipv6
|
||||
|
||||
Use right size of addresses in bind() call. Also use getpeername addresses when
|
||||
connecting to ident service to prevent address family mismatch between socket(),
|
||||
bind() and connect() calls.
|
||||
|
||||
Author: Jan Safranek <jsafrane@redhat.com>
|
||||
Reviewed-By: Adam Tkac <atkac@redhat.com>
|
||||
|
||||
diff -up xinetd-2.3.14/xinetd/ident.c.orig xinetd-2.3.14/xinetd/ident.c
|
||||
--- xinetd-2.3.14/xinetd/ident.c.orig 2008-05-29 16:30:19.000000000 +0200
|
||||
+++ xinetd-2.3.14/xinetd/ident.c 2008-05-29 16:29:57.000000000 +0200
|
||||
@@ -97,7 +98,13 @@ idresult_e log_remote_user( const struct
|
||||
}
|
||||
|
||||
CLEAR( sin_contact );
|
||||
- sin_remote = *CONN_XADDRESS( SERVER_CONNECTION( serp ) ) ;
|
||||
+
|
||||
+ sin_len = sizeof( sin_remote );
|
||||
+ if ( getpeername( SERVER_FD( serp ), &sin_remote.sa, &sin_len ) == -1 )
|
||||
+ {
|
||||
+ msg( LOG_ERR, func, "(%d) getpeername: %m", getpid() ) ;
|
||||
+ return( IDR_ERROR ) ;
|
||||
+ }
|
||||
sin_contact = sin_remote;
|
||||
memcpy( &sin_bind, &sin_local, sizeof(sin_bind) ) ;
|
||||
local_port = 0;
|
||||
@@ -121,7 +128,13 @@ idresult_e log_remote_user( const struct
|
||||
msg( LOG_ERR, func, "socket creation: %m" ) ;
|
||||
return( IDR_ERROR ) ;
|
||||
}
|
||||
- if ( bind(sd, &sin_bind.sa, sizeof(sin_bind.sa)) == -1 )
|
||||
+
|
||||
+ if ( sin_bind.sa.sa_family == AF_INET )
|
||||
+ sin_len = sizeof( sin_bind.sa_in ) ;
|
||||
+ else
|
||||
+ sin_len = sizeof( sin_bind.sa_in6 ) ;
|
||||
+
|
||||
+ if ( bind(sd, &sin_bind.sa, sin_len) == -1 )
|
||||
{
|
||||
msg( LOG_ERR, func, "socket bind: %m" ) ;
|
||||
(void) Sclose( sd ) ;
|
@ -0,0 +1,22 @@
|
||||
--- xinetd-2.3.14/xinetd/access.c 2005-10-05 19:15:33.000000000 +0200
|
||||
+++ xinetd-2.3.14-mod/xinetd/access.c 2012-03-05 14:54:30.935416926 +0100
|
||||
@@ -73,6 +73,7 @@ static void cps_service_restart(void)
|
||||
unsigned int i;
|
||||
time_t nowtime;
|
||||
const char *func = "cps_service_restart";
|
||||
+ int rs;
|
||||
|
||||
nowtime = time(NULL);
|
||||
for( i=0; i < pset_count( SERVICES(ps) ); i++ ) {
|
||||
@@ -84,8 +85,11 @@ static void cps_service_restart(void)
|
||||
if( SVC_STATE(sp) == SVC_DISABLED ) {
|
||||
scp = SVC_CONF( sp );
|
||||
if ( SC_TIME_REENABLE(scp) <= nowtime ) {
|
||||
+ rs = SVC_RUNNING_SERVERS(sp);
|
||||
/* re-enable the service */
|
||||
if( svc_activate(sp) == OK ) {
|
||||
+ /* remember running servers after restart */
|
||||
+ SVC_RUNNING_SERVERS(sp) = rs;
|
||||
msg(LOG_ERR, func,
|
||||
"Activating service %s", SC_NAME(scp));
|
||||
} else {
|
@ -0,0 +1,17 @@
|
||||
--- xinetd-2.3.14/xinetd/ident.c.jw 2010-03-10 17:49:53.000000000 +1100
|
||||
+++ xinetd-2.3.14/xinetd/ident.c 2010-03-10 17:50:30.000000000 +1100
|
||||
@@ -108,12 +108,12 @@
|
||||
memcpy( &sin_bind, &sin_local, sizeof(sin_bind) ) ;
|
||||
local_port = 0;
|
||||
remote_port = 0;
|
||||
- if( sin_remote.sa.sa_family == AF_INET ) {
|
||||
+ if( sin_remote.sa.sa_family == AF_INET6 ) {
|
||||
local_port = ntohs( sin_local.sa_in6.sin6_port ) ;
|
||||
remote_port = ntohs( sin_remote.sa_in6.sin6_port ) ;
|
||||
sin_contact.sa_in6.sin6_port = htons( IDENTITY_SERVICE_PORT ) ;
|
||||
sin_bind.sa_in.sin_port = 0 ;
|
||||
- } else if( sin_remote.sa.sa_family == AF_INET6 ) {
|
||||
+ } else if( sin_remote.sa.sa_family == AF_INET ) {
|
||||
local_port = ntohs( sin_local.sa_in.sin_port ) ;
|
||||
remote_port = ntohs( sin_remote.sa_in.sin_port ) ;
|
||||
sin_contact.sa_in.sin_port = htons( IDENTITY_SERVICE_PORT ) ;
|
@ -0,0 +1,41 @@
|
||||
diff -Naur xinetd-2.3.14-dist/xinetd/service.c xinetd-2.3.14/xinetd/service.c
|
||||
--- xinetd-2.3.14-dist/xinetd/service.c 2012-04-03 08:59:19.000000000 +0200
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2012-04-03 09:02:34.588160317 +0200
|
||||
@@ -366,12 +366,24 @@
|
||||
|
||||
msg( LOG_ERR, func,
|
||||
"socket creation failed (%m). service = %s", SC_ID( scp ) ) ;
|
||||
+#ifdef HAVE_POLL
|
||||
+ SVC_EVENTS( sp ) = 0;
|
||||
+ SVC_FD( sp ) = 0;
|
||||
+#else
|
||||
+ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ;
|
||||
+#endif /* HAVE_POLL */
|
||||
return( FAILED ) ;
|
||||
}
|
||||
|
||||
if ( set_fd_modes( sp ) == FAILED )
|
||||
{
|
||||
(void) Sclose( SVC_FD(sp) ) ;
|
||||
+#ifdef HAVE_POLL
|
||||
+ SVC_EVENTS( sp ) = 0;
|
||||
+ SVC_FD( sp ) = 0;
|
||||
+#else
|
||||
+ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ;
|
||||
+#endif /* HAVE_POLL */
|
||||
return( FAILED ) ;
|
||||
}
|
||||
|
||||
@@ -385,6 +397,12 @@
|
||||
if ( status == FAILED )
|
||||
{
|
||||
(void) Sclose( SVC_FD(sp) ) ;
|
||||
+#ifdef HAVE_POLL
|
||||
+ SVC_EVENTS( sp ) = 0;
|
||||
+ SVC_FD( sp ) = 0;
|
||||
+#else
|
||||
+ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ;
|
||||
+#endif /* HAVE_POLL */
|
||||
return( FAILED ) ;
|
||||
}
|
||||
|
@ -0,0 +1,52 @@
|
||||
diff -up xinetd-2.3.14-dist/xinetd/service.c xinetd-2.3.14/xinetd/service.c
|
||||
--- xinetd-2.3.14-dist/xinetd/service.c 2012-01-11 11:50:43.438650900 +0100
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2012-01-16 08:18:09.462620084 +0100
|
||||
@@ -88,6 +88,7 @@ struct service *svc_new( struct service_
|
||||
CLEAR( *sp ) ;
|
||||
|
||||
SVC_CONF(sp) = scp ;
|
||||
+ sp->svc_pfd_index = -1;
|
||||
return( sp ) ;
|
||||
}
|
||||
|
||||
@@ -346,7 +347,16 @@ status_e svc_activate( struct service *s
|
||||
ps.rws.pfds_last)*sizeof(struct pollfd));
|
||||
ps.rws.pfd_array = tmp;
|
||||
}
|
||||
- SVC_POLLFD( sp ) = &ps.rws.pfd_array[ps.rws.pfds_last++] ;
|
||||
+ if ( sp->svc_pfd_index >= 0 )
|
||||
+ {
|
||||
+ SVC_POLLFD( sp ) = &ps.rws.pfd_array[sp->svc_pfd_index] ;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ sp->svc_pfd_index = ps.rws.pfds_last ;
|
||||
+ SVC_POLLFD( sp ) = &ps.rws.pfd_array[ps.rws.pfds_last++] ;
|
||||
+ }
|
||||
+
|
||||
#endif /* HAVE_POLL */
|
||||
|
||||
if( SC_IPV4( scp ) ) {
|
||||
@@ -433,6 +443,11 @@ status_e svc_activate( struct service *s
|
||||
static void deactivate( const struct service *sp )
|
||||
{
|
||||
(void) Sclose( SVC_FD( sp ) ) ;
|
||||
+#ifdef HAVE_POLL
|
||||
+ SVC_FD( sp ) = 0;
|
||||
+#else
|
||||
+ FD_CLR( SVC_FD( sp ), &ps.rws.socket_mask ) ;
|
||||
+#endif
|
||||
|
||||
#ifdef HAVE_MDNS
|
||||
xinetd_mdns_deregister(SVC_CONF(sp));
|
||||
diff -up xinetd-2.3.14-dist/xinetd/service.h xinetd-2.3.14/xinetd/service.h
|
||||
--- xinetd-2.3.14-dist/xinetd/service.h 2012-01-11 11:50:43.418650925 +0100
|
||||
+++ xinetd-2.3.14/xinetd/service.h 2012-01-16 08:02:59.667553008 +0100
|
||||
@@ -47,6 +47,7 @@ struct service
|
||||
{
|
||||
state_e svc_state ;
|
||||
int svc_ref_count ; /* # of pters to this struct */
|
||||
+ int svc_pfd_index; /* index of pfd in pfd_array */
|
||||
struct service_config *svc_conf ; /* service configuration */
|
||||
|
||||
#ifdef HAVE_POLL
|
@ -0,0 +1,16 @@
|
||||
117746: xinetd.log man page in wrong section
|
||||
|
||||
Put xinetd.log to the right man section.
|
||||
|
||||
diff -up xinetd-2.3.13/Makefile.in.orig xinetd-2.3.13/Makefile.in
|
||||
--- xinetd-2.3.13/Makefile.in.orig 2007-12-06 10:58:32.000000000 +0100
|
||||
+++ xinetd-2.3.13/Makefile.in 2008-01-15 13:39:38.000000000 +0100
|
||||
@@ -80,7 +80,7 @@ install: build
|
||||
$(INSTALL_CMD) -m 755 xinetd/itox $(DAEMONDIR)
|
||||
$(INSTALL_CMD) -m 755 $(SRCDIR)/xinetd/xconv.pl $(DAEMONDIR)
|
||||
$(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.conf.man $(MANDIR)/man5/xinetd.conf.5
|
||||
- $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.log.man $(MANDIR)/man8/xinetd.log.8
|
||||
+ $(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.log.man $(MANDIR)/man5/xinetd.log.5
|
||||
$(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xinetd.man $(MANDIR)/man8/xinetd.8
|
||||
$(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/itox.8 $(MANDIR)/man8/itox.8
|
||||
$(INSTALL_CMD) -m 644 $(SRCDIR)/xinetd/xconv.pl.8 $(MANDIR)/man8/xconv.pl.8
|
@ -0,0 +1,27 @@
|
||||
--- xinetd-2.3.14-dist/xinetd/defs.h 2012-01-16 12:20:54.739041678 +0100
|
||||
+++ xinetd-2.3.14/xinetd/defs.h 2012-01-17 08:06:56.800762230 +0100
|
||||
@@ -115,8 +115,9 @@ union xsockaddr {
|
||||
*/
|
||||
|
||||
#ifdef HAVE_POLL
|
||||
-#define INIT_POLLFDS 1024
|
||||
-#define MAX_POLLFDS 8192
|
||||
+#define INIT_POLLFDS 4096
|
||||
+/* FIXME: not used */
|
||||
+#define MAX_POLLFDS 16384
|
||||
#endif
|
||||
|
||||
/*
|
||||
--- xinetd-2.3.14-dist/xinetd/service.c 2012-01-16 12:20:54.741041678 +0100
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2012-01-17 08:07:28.872746991 +0100
|
||||
@@ -343,9 +343,9 @@ status_e svc_activate( struct service *s
|
||||
out_of_memory( func );
|
||||
return( FAILED );
|
||||
}
|
||||
+ ps.rws.pfd_array = tmp;
|
||||
memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated-
|
||||
ps.rws.pfds_last)*sizeof(struct pollfd));
|
||||
- ps.rws.pfd_array = tmp;
|
||||
}
|
||||
if ( sp->svc_pfd_index >= 0 )
|
||||
{
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,77 @@
|
||||
Generate debuginfo package with all include files readable.
|
||||
|
||||
The support libraries would install their header files with 640 permissions,
|
||||
which is not what we want.
|
||||
|
||||
diff -up xinetd-2.3.14/libs/src/misc/Makefile.in.orig xinetd-2.3.14/libs/src/misc/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/misc/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/misc/Makefile.in 2008-09-18 10:18:59.000000000 +0200
|
||||
@@ -49,7 +49,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
||||
diff -up xinetd-2.3.14/libs/src/portable/Makefile.in.orig xinetd-2.3.14/libs/src/portable/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/portable/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/portable/Makefile.in 2008-09-18 10:19:09.000000000 +0200
|
||||
@@ -44,7 +44,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
||||
diff -up xinetd-2.3.14/libs/src/pset/Makefile.in.orig xinetd-2.3.14/libs/src/pset/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/pset/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/pset/Makefile.in 2008-09-18 10:19:17.000000000 +0200
|
||||
@@ -41,7 +41,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
||||
diff -up xinetd-2.3.14/libs/src/sio/Makefile.in.orig xinetd-2.3.14/libs/src/sio/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/sio/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/sio/Makefile.in 2008-09-18 10:19:25.000000000 +0200
|
||||
@@ -40,7 +40,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS) -I$(INCLUDEDIR)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
||||
diff -up xinetd-2.3.14/libs/src/str/Makefile.in.orig xinetd-2.3.14/libs/src/str/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/str/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/str/Makefile.in 2008-09-18 10:19:33.000000000 +0200
|
||||
@@ -51,7 +51,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
||||
diff -up xinetd-2.3.14/libs/src/xlog/Makefile.in.orig xinetd-2.3.14/libs/src/xlog/Makefile.in
|
||||
--- xinetd-2.3.14/libs/src/xlog/Makefile.in.orig 2003-02-19 18:29:27.000000000 +0100
|
||||
+++ xinetd-2.3.14/libs/src/xlog/Makefile.in 2008-09-18 10:19:41.000000000 +0200
|
||||
@@ -46,7 +46,7 @@ CC_FLAGS = $(DEBUG)
|
||||
CFLAGS = @CFLAGS@ $(CPP_FLAGS) $(CC_FLAGS)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
-FMODE = -m 640 # used by install
|
||||
+FMODE = -m 644 # used by install
|
||||
RANLIB = @RANLIB@
|
||||
|
||||
LIBNAME = lib$(NAME).a
|
@ -0,0 +1,134 @@
|
||||
diff -rup xinetd-2.3.14/xinetd/defs.h xinetd-2.3.14-mod/xinetd/defs.h
|
||||
--- xinetd-2.3.14/xinetd/defs.h 2012-01-18 14:22:20.811100158 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/defs.h 2012-01-18 13:32:46.000000000 +0100
|
||||
@@ -114,11 +114,7 @@ union xsockaddr {
|
||||
* constants for limiting ps.rws.fd_list
|
||||
*/
|
||||
|
||||
-#ifdef HAVE_POLL
|
||||
-#define INIT_POLLFDS 4096
|
||||
-/* FIXME: not used */
|
||||
-#define MAX_POLLFDS 16384
|
||||
-#endif
|
||||
+#define MAX_FDS 4096
|
||||
|
||||
/*
|
||||
* When explicit values are given for enum's, that is because the structures
|
||||
diff -rup xinetd-2.3.14/xinetd/init.c xinetd-2.3.14-mod/xinetd/init.c
|
||||
--- xinetd-2.3.14/xinetd/init.c 2012-01-18 14:22:20.779100171 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/init.c 2012-01-18 14:07:34.000000000 +0100
|
||||
@@ -151,7 +151,7 @@ static void set_fd_limit(void)
|
||||
}
|
||||
|
||||
if ( rl.rlim_max == RLIM_INFINITY )
|
||||
- rl.rlim_max = FD_SETSIZE;
|
||||
+ rl.rlim_max = MAX_FDS;
|
||||
|
||||
ps.ros.max_descriptors = rl.rlim_max ;
|
||||
#else /* ! RLIMIT_NOFILE */
|
||||
@@ -283,12 +283,12 @@ static void init_rw_state( void )
|
||||
ps.rws.descriptors_free = ps.ros.max_descriptors - DESCRIPTORS_RESERVED ;
|
||||
|
||||
#ifdef HAVE_POLL
|
||||
- ps.rws.pfds_allocated = INIT_POLLFDS ;
|
||||
+ ps.rws.pfds_allocated = ps.ros.max_descriptors ;
|
||||
ps.rws.pfd_array = (struct pollfd *)
|
||||
malloc( sizeof( struct pollfd ) * ps.rws.pfds_allocated ) ;
|
||||
if ( ps.rws.pfd_array == NULL )
|
||||
{
|
||||
- out_of_memory(func);
|
||||
+ out_of_memory(func) ;
|
||||
exit( 1 ) ;
|
||||
}
|
||||
ps.rws.pfds_last = 0 ;
|
||||
diff -rup xinetd-2.3.14/xinetd/redirect.c xinetd-2.3.14-mod/xinetd/redirect.c
|
||||
--- xinetd-2.3.14/xinetd/redirect.c 2012-01-18 14:22:20.780100170 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/redirect.c 2012-01-18 12:22:08.000000000 +0100
|
||||
@@ -149,7 +149,7 @@ void redir_handler( struct server *serp
|
||||
#ifdef HAVE_POLL
|
||||
#define REDIR_DESCRIP_INDEX 0
|
||||
#define REDIR_SERVER_INDEX 1
|
||||
- pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS);
|
||||
+ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),MAX_FDS);
|
||||
if (pfd_array == NULL)
|
||||
{
|
||||
msg( LOG_ERR, func, "Cannot allocate memory for file descriptors!\n");
|
||||
diff -rup xinetd-2.3.14/xinetd/service.c xinetd-2.3.14-mod/xinetd/service.c
|
||||
--- xinetd-2.3.14/xinetd/service.c 2012-01-18 14:22:20.812100157 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/service.c 2012-01-18 14:07:27.000000000 +0100
|
||||
@@ -114,10 +114,6 @@ struct service *svc_make_special( struct
|
||||
|
||||
void svc_free( struct service *sp )
|
||||
{
|
||||
-#ifdef HAVE_POLL
|
||||
- *SVC_POLLFD( sp ) = ps.rws.pfd_array[--ps.rws.pfds_last] ;
|
||||
-#endif /* HAVE_POLL */
|
||||
-
|
||||
sc_free( SVC_CONF(sp) ) ;
|
||||
CLEAR( *sp ) ;
|
||||
FREE_SVC( sp ) ;
|
||||
@@ -332,20 +328,10 @@ status_e svc_activate( struct service *s
|
||||
}
|
||||
|
||||
#ifdef HAVE_POLL
|
||||
- if ( ps.rws.pfds_last >= ps.rws.pfds_allocated )
|
||||
+ if ( ps.rws.descriptors_free <= 0 )
|
||||
{
|
||||
- int pos;
|
||||
- ps.rws.pfds_allocated += INIT_POLLFDS;
|
||||
- struct pollfd *tmp = (struct pollfd *)realloc( ps.rws.pfd_array,
|
||||
- ps.rws.pfds_allocated*sizeof(struct pollfd));
|
||||
- if ( tmp == NULL )
|
||||
- {
|
||||
- out_of_memory( func );
|
||||
- return( FAILED );
|
||||
- }
|
||||
- ps.rws.pfd_array = tmp;
|
||||
- memset(&ps.rws.pfd_array[ps.rws.pfds_last], 0, (ps.rws.pfds_allocated-
|
||||
- ps.rws.pfds_last)*sizeof(struct pollfd));
|
||||
+ msg(LOG_ERR, func, "Maximum number of services reached") ;
|
||||
+ return( FAILED ) ;
|
||||
}
|
||||
if ( sp->svc_pfd_index >= 0 )
|
||||
{
|
||||
diff -rup xinetd-2.3.14/xinetd/tcpint.c xinetd-2.3.14-mod/xinetd/tcpint.c
|
||||
--- xinetd-2.3.14/xinetd/tcpint.c 2012-01-18 14:22:20.782100169 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/tcpint.c 2012-01-18 13:30:22.000000000 +0100
|
||||
@@ -93,7 +93,7 @@ static void si_mux(void)
|
||||
#ifdef HAVE_POLL
|
||||
struct pollfd *pfd_array;
|
||||
int pfds_last = 0;
|
||||
- int pfds_allocated = INIT_POLLFDS;
|
||||
+ int pfds_allocated = MAX_FDS;
|
||||
#else
|
||||
fd_set socket_mask ;
|
||||
int mask_max ;
|
||||
@@ -102,7 +102,7 @@ static void si_mux(void)
|
||||
const char *func = "si_mux" ;
|
||||
|
||||
#ifdef HAVE_POLL
|
||||
- pfd_array = calloc(sizeof(struct pollfd),INIT_POLLFDS);
|
||||
+ pfd_array = calloc(sizeof(struct pollfd),MAX_FDS);
|
||||
pfd_array[ pfds_last ].fd = INT_REMOTE( ip ) ;
|
||||
pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT;
|
||||
#else
|
||||
diff -rup xinetd-2.3.14/xinetd/udpint.c xinetd-2.3.14-mod/xinetd/udpint.c
|
||||
--- xinetd-2.3.14/xinetd/udpint.c 2012-01-18 14:22:20.783100169 +0100
|
||||
+++ xinetd-2.3.14-mod/xinetd/udpint.c 2012-01-18 12:22:00.000000000 +0100
|
||||
@@ -103,14 +103,14 @@ static void di_mux(void)
|
||||
#ifdef HAVE_POLL
|
||||
struct pollfd *pfd_array;
|
||||
int pfds_last = 0;
|
||||
- int pfds_allocated = INIT_POLLFDS;
|
||||
+ int pfds_allocated = MAX_FDS;
|
||||
#else
|
||||
fd_set socket_mask ;
|
||||
int mask_max ;
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_POLL
|
||||
- pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),INIT_POLLFDS);
|
||||
+ pfd_array = (struct pollfd *)calloc(sizeof(struct pollfd),MAX_FDS);
|
||||
pfd_array[ pfds_last ].fd = INT_REMOTE( ip );
|
||||
pfd_array[ pfds_last++ ].events = POLLIN | POLLOUT;
|
||||
#else
|
@ -0,0 +1,54 @@
|
||||
diff -Napur xinetd-2.3.14.old/xinetd/access.c xinetd-2.3.14.new/xinetd/access.c
|
||||
--- xinetd-2.3.14.old/xinetd/access.c 2005-10-05 10:15:33.000000000 -0700
|
||||
+++ xinetd-2.3.14.new/xinetd/access.c 2012-02-22 20:12:09.120973124 -0800
|
||||
@@ -89,9 +89,20 @@ static void cps_service_restart(void)
|
||||
msg(LOG_ERR, func,
|
||||
"Activating service %s", SC_NAME(scp));
|
||||
} else {
|
||||
- msg(LOG_ERR, func,
|
||||
- "Error activating service %s",
|
||||
- SC_NAME(scp)) ;
|
||||
+ /* Try to restart the service */
|
||||
+ SVC_ATTEMPTS(sp) += 1;
|
||||
+ if ( SVC_ATTEMPTS(sp) < MAX_SVC_ATTEMPTS ) {
|
||||
+ msg(LOG_ERR, func,
|
||||
+ "Error activating service %s, retrying %d more time(s)...",
|
||||
+ SC_NAME(scp),
|
||||
+ MAX_SVC_ATTEMPTS - SVC_ATTEMPTS(sp));
|
||||
+ xtimer_add(cps_service_restart, 1);
|
||||
+ } else {
|
||||
+ /* Give up */
|
||||
+ msg(LOG_ERR, func,
|
||||
+ "Error activating service %s",
|
||||
+ SC_NAME(scp));
|
||||
+ }
|
||||
} /* else */
|
||||
}
|
||||
}
|
||||
diff -Napur xinetd-2.3.14.old/xinetd/service.c xinetd-2.3.14.new/xinetd/service.c
|
||||
--- xinetd-2.3.14.old/xinetd/service.c 2012-02-22 19:16:56.288912783 -0800
|
||||
+++ xinetd-2.3.14.new/xinetd/service.c 2012-02-22 19:25:03.059356909 -0800
|
||||
@@ -397,6 +408,7 @@ status_e svc_activate( struct service *s
|
||||
* Initialize the service data
|
||||
*/
|
||||
SVC_RUNNING_SERVERS(sp) = SVC_RETRIES(sp) = 0 ;
|
||||
+ SVC_ATTEMPTS(sp) = 0;
|
||||
|
||||
if ( SC_MUST_LISTEN( scp ) )
|
||||
(void) listen( SVC_FD(sp), LISTEN_BACKLOG ) ;
|
||||
diff -Napur xinetd-2.3.14.old/xinetd/xconfig.h xinetd-2.3.14.new/xinetd/xconfig.h
|
||||
--- xinetd-2.3.14.old/xinetd/xconfig.h 2003-02-19 09:29:28.000000000 -0800
|
||||
+++ xinetd-2.3.14.new/xinetd/xconfig.h 2012-02-22 19:20:20.360855514 -0800
|
||||
@@ -59,6 +59,12 @@
|
||||
#define DEFAULT_LOOP_TIME 10
|
||||
|
||||
/*
|
||||
+ * The number of times to attempt re-activating a service after being
|
||||
+ * deactivated due to the above.
|
||||
+ */
|
||||
+#define MAX_SVC_ATTEMPTS 30
|
||||
+
|
||||
+/*
|
||||
* Signal-to-action mapping
|
||||
*/
|
||||
#ifndef RECONFIG_HARD_SIG
|
@ -0,0 +1,30 @@
|
||||
commit 1b91f7b0f67fba11ea8bbcdddef844656434c53c
|
||||
Author: Jeffrey Bastian <jbastian@redhat.com>
|
||||
Date: Tue Aug 17 13:45:20 2010 -0500
|
||||
|
||||
Let RPC services bind to a port
|
||||
|
||||
diff --git a/xinetd/service.c b/xinetd/service.c
|
||||
index 9f21f93..5d26885 100644
|
||||
--- a/xinetd/service.c
|
||||
+++ b/xinetd/service.c
|
||||
@@ -165,6 +165,7 @@ static status_e activate_rpc( struct service *sp )
|
||||
socklen_t sin_len = sizeof(tsin);
|
||||
unsigned long vers ;
|
||||
struct service_config *scp = SVC_CONF( sp ) ;
|
||||
+ uint16_t service_port = SC_PORT( scp ) ;
|
||||
struct rpc_data *rdp = SC_RPCDATA( scp ) ;
|
||||
char *sid = SC_ID( scp ) ;
|
||||
unsigned registered_versions = 0 ;
|
||||
@@ -181,9 +182,11 @@ static status_e activate_rpc( struct service *sp )
|
||||
}
|
||||
if( SC_IPV4( scp ) ) {
|
||||
tsin.sa_in.sin_family = AF_INET ;
|
||||
+ tsin.sa_in.sin_port = htons( service_port ) ;
|
||||
sin_len = sizeof(struct sockaddr_in);
|
||||
} else if( SC_IPV6( scp ) ) {
|
||||
tsin.sa_in6.sin6_family = AF_INET6 ;
|
||||
+ tsin.sa_in6.sin6_port = htons( service_port );
|
||||
sin_len = sizeof(struct sockaddr_in6);
|
||||
}
|
||||
|
@ -0,0 +1,27 @@
|
||||
--- a/xinetd/signals.c 2009-05-07 05:56:52.000000000 -0400
|
||||
+++ b/xinetd/signals.c.new 2009-05-07 05:56:44.000000000 -0400
|
||||
@@ -389,9 +390,11 @@
|
||||
break ;
|
||||
|
||||
default:
|
||||
- msg( LOG_NOTICE, func, "Unexpected signal %s", sig_name( sig ) ) ;
|
||||
- if ( debug.on && sig == SIGINT )
|
||||
- exit( 1 ) ;
|
||||
+ /* Let my_handler() queue this signal for later logging.
|
||||
+ Calling msg() and thus syslog() directly here can hang up
|
||||
+ the process, trying to acquire an already acquired lock,
|
||||
+ because another syslog() could have been the interrupted code. */
|
||||
+ my_handler(sig);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -495,6 +497,9 @@
|
||||
default:
|
||||
msg(LOG_ERR, func, "unexpected signal: %s in signal pipe",
|
||||
sig_name(sig));
|
||||
+
|
||||
+ if ( debug.on && sig == SIGINT )
|
||||
+ exit( 1 ) ;
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,16 @@
|
||||
--- xinetd-2.3.14/xinetd/service.c.tcpmux 2010-01-21 09:50:05.000000000 +0100
|
||||
+++ xinetd-2.3.14/xinetd/service.c 2010-01-21 10:21:14.000000000 +0100
|
||||
@@ -952,7 +952,12 @@ void close_all_svc_descriptors(void)
|
||||
out_of_memory( "close_all_svc_descriptors" ) ;
|
||||
|
||||
for ( osp = SP( psi_start( iter ) ) ; osp ; osp = SP( psi_next( iter ) ) )
|
||||
- (void) Sclose( SVC_FD( osp ) ) ;
|
||||
+ {
|
||||
+#ifdef HAVE_POLL
|
||||
+ if ( osp && SVC_POLLFD( osp ) )
|
||||
+#endif
|
||||
+ (void) Sclose( SVC_FD( osp ) ) ;
|
||||
+ }
|
||||
|
||||
psi_destroy( iter ) ;
|
||||
}
|
@ -0,0 +1,12 @@
|
||||
--- xinetd-2.3.14/xinetd/reconfig.c.orig 2010-06-01 12:58:18.000000000 +0200
|
||||
+++ xinetd-2.3.14/xinetd/reconfig.c 2010-06-01 12:58:23.000000000 +0200
|
||||
@@ -138,8 +138,8 @@ void hard_reconfig( void )
|
||||
* b. Terminate running servers and cancel retry attempts, in case
|
||||
* of reconfiguration
|
||||
*/
|
||||
- svc_deactivate( osp ) ;
|
||||
terminate_servers( osp ) ;
|
||||
+ svc_deactivate( osp ) ;
|
||||
cancel_service_retries( osp ) ;
|
||||
|
||||
/*
|
@ -0,0 +1,22 @@
|
||||
--- xinetd-2.3.15/Makefile.in 2012-05-14 09:22:22.661617117 +0200
|
||||
+++ xinetd-2.3.15.new/Makefile.in 2012-05-14 09:32:05.260103054 +0200
|
||||
@@ -14,7 +14,7 @@ topdir = @top_srcdir@
|
||||
|
||||
LIBS = -lsio -lstr -lmisc -lxlog -lportable -lpset @LIBS@
|
||||
|
||||
-CFLAGS += @CFLAGS@
|
||||
+CFLAGS += @CFLAGS@ -fPIE
|
||||
DCFLAGS = -Wall -Wredundant-decls -W -Wfloat-equal -Wundef -Wcast-qual -Wwrite-strings -Wmissing-noreturn -Wmissing-format-attribute -Wshadow -Wpointer-arith -Wno-unused -g
|
||||
|
||||
|
||||
--- xinetd-2.3.15/xinetd/Makefile.in 2005-03-31 01:15:28.000000000 +0200
|
||||
+++ xinetd-2.3.15.new/xinetd/Makefile.in 2012-05-14 09:32:24.183659971 +0200
|
||||
@@ -119,7 +119,7 @@ itox: itox.c
|
||||
$(CC) $(CFLAGS) $(DEBUG) $(SRCDIR)/itox.c -o $@ $(LDFLAGS) $(LIBS)
|
||||
|
||||
xinetd: $(OBJS)
|
||||
- $(CC) $(CFLAGS) $(DEBUG) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@
|
||||
+ $(CC) $(CFLAGS) $(DEBUG) -o $@ -PIE $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@
|
||||
|
||||
clean:
|
||||
rm -f $(OBJS) $(NAME) core itox
|
@ -0,0 +1,106 @@
|
||||
Re-introduce bad_port_check(), which upstream dropped between 2.3.13 and 2.3.14
|
||||
for it having been "rather antiquated for years", with no justification given
|
||||
for that claim.
|
||||
|
||||
--- xinetd-2.3.15/xinetd/builtins.c 2012-05-09 17:40:29.000000000 +0200
|
||||
+++ xinetd-2.3.15.new/xinetd/builtins.c 2012-05-14 10:25:00.431529805 +0200
|
||||
@@ -52,6 +52,7 @@ static void dgram_daytime(const struct s
|
||||
static void stream_chargen(const struct server *) ;
|
||||
static void dgram_chargen(const struct server *) ;
|
||||
static void tcpmux_handler(const struct server *) ;
|
||||
+static int bad_port_check(const union xsockaddr *, const char *);
|
||||
|
||||
/*
|
||||
* SG - This is the call sequence to get to a built-in service
|
||||
@@ -163,6 +164,25 @@ static void stream_echo( const struct se
|
||||
Sclose(descriptor);
|
||||
}
|
||||
|
||||
+/* For internal UDP services, make sure we don't respond to our ports
|
||||
+ * on other servers and to low ports of other services (such as DNS).
|
||||
+ * This can cause looping.
|
||||
+ */
|
||||
+static int bad_port_check( const union xsockaddr *sa, const char *func )
|
||||
+{
|
||||
+ uint16_t port = 0;
|
||||
+
|
||||
+ port = ntohs( xaddrport( sa ) );
|
||||
+
|
||||
+ if ( port < 1024 ) {
|
||||
+ msg(LOG_WARNING, func,
|
||||
+ "Possible Denial of Service attack from %s %d", xaddrname(sa), port);
|
||||
+ return (-1);
|
||||
+ }
|
||||
+
|
||||
+ return (0);
|
||||
+}
|
||||
+
|
||||
static void dgram_echo( const struct server *serp )
|
||||
{
|
||||
char buf[ DATAGRAM_SIZE ] ;
|
||||
@@ -170,6 +190,7 @@ static void dgram_echo( const struct ser
|
||||
ssize_t cc ;
|
||||
socklen_t sin_len = 0;
|
||||
int descriptor = SERVER_FD( serp ) ;
|
||||
+ const char *func = "dgram_echo" ;
|
||||
|
||||
if( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
|
||||
sin_len = sizeof( struct sockaddr_in );
|
||||
@@ -178,6 +199,7 @@ static void dgram_echo( const struct ser
|
||||
|
||||
cc = recvfrom( descriptor, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len ) ;
|
||||
if ( cc != (ssize_t)-1 ) {
|
||||
+ if( bad_port_check(&lsin, func) != 0 ) return;
|
||||
(void) sendto( descriptor, buf, (size_t)cc, 0, SA( &lsin ), sizeof( lsin ) ) ;
|
||||
}
|
||||
}
|
||||
@@ -292,6 +314,7 @@ static void dgram_daytime( const struct
|
||||
unsigned int buflen = sizeof( time_buf ) ;
|
||||
int descriptor = SERVER_FD( serp ) ;
|
||||
ssize_t val;
|
||||
+ const char *func = "dgram_daytime" ;
|
||||
|
||||
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
|
||||
sin_len = sizeof( struct sockaddr_in );
|
||||
@@ -303,6 +326,8 @@ static void dgram_daytime( const struct
|
||||
if ( val == (ssize_t)-1 )
|
||||
return ;
|
||||
|
||||
+ if( bad_port_check(&lsin, func) != 0 ) return;
|
||||
+
|
||||
daytime_protocol( time_buf, &buflen ) ;
|
||||
|
||||
(void) sendto( descriptor, time_buf, buflen, 0, SA(&lsin), sizeof( lsin ) ) ;
|
||||
@@ -359,6 +384,7 @@ static void dgram_time( const struct ser
|
||||
socklen_t sin_len = 0 ;
|
||||
int fd = SERVER_FD( serp ) ;
|
||||
ssize_t val;
|
||||
+ const char *func = "dgram_time" ;
|
||||
|
||||
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
|
||||
sin_len = sizeof( struct sockaddr_in );
|
||||
@@ -368,6 +394,7 @@ static void dgram_time( const struct ser
|
||||
val = recvfrom( fd, buf, sizeof( buf ), 0, (struct sockaddr *)( &lsin ), &sin_len );
|
||||
if ( val == (ssize_t)-1 )
|
||||
return ;
|
||||
+ if( bad_port_check(&lsin, func) != 0 ) return;
|
||||
|
||||
time_protocol( time_buf ) ;
|
||||
(void) sendto( fd, (char *) time_buf, 4, 0, SA( &lsin ), sin_len ) ;
|
||||
@@ -466,6 +493,7 @@ static void dgram_chargen( const struct
|
||||
int fd = SERVER_FD( serp ) ;
|
||||
unsigned int left = sizeof( buf ) ;
|
||||
ssize_t val;
|
||||
+ const char *func = "dgram_chargen" ;
|
||||
|
||||
if ( SC_IPV4( SVC_CONF( SERVER_SERVICE( serp ) ) ) )
|
||||
sin_len = sizeof( struct sockaddr_in );
|
||||
@@ -480,6 +508,8 @@ static void dgram_chargen( const struct
|
||||
bad_variable = 1 ; /* this will cause a compilation error */
|
||||
#endif
|
||||
|
||||
+ if( bad_port_check(&lsin, func) != 0 ) return;
|
||||
+
|
||||
for ( p = buf ; left > 2 ; left -= len, p += len )
|
||||
{
|
||||
len = min( LINE_LENGTH+2, left ) ;
|
@ -0,0 +1,11 @@
|
||||
--- xinetd-2.3.15/xinetd/child.c 2013-06-25 14:12:24.599767760 +0200
|
||||
+++ xinetd-2.3.15/xinetd/child.c.new 2013-06-25 14:14:57.463905500 +0200
|
||||
@@ -532,7 +532,7 @@ static int set_context_from_socket( cons
|
||||
if (getpeercon(fd, &peer_context) < 0)
|
||||
goto fail;
|
||||
|
||||
- exepath = SC_SERVER_ARGV( scp )[0];
|
||||
+ exepath = SC_SERVER( scp );
|
||||
if (getfilecon(exepath, &exec_context) < 0)
|
||||
goto fail;
|
||||
|
@ -0,0 +1,49 @@
|
||||
diff --git a/xinetd/inet.c b/xinetd/inet.c
|
||||
index 1cb2ba2..4e1237e 100644
|
||||
--- a/xinetd/inet.c
|
||||
+++ b/xinetd/inet.c
|
||||
@@ -190,7 +190,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs,
|
||||
nvp = nv_find_value( service_types, "RPC" );
|
||||
if ( nvp == NULL )
|
||||
{
|
||||
- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ;
|
||||
+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ;
|
||||
pset_destroy(args);
|
||||
sc_free(scp);
|
||||
return -1;
|
||||
@@ -281,7 +281,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs,
|
||||
nvp = nv_find_value( service_types, "INTERNAL" );
|
||||
if ( nvp == NULL )
|
||||
{
|
||||
- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ;
|
||||
+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ;
|
||||
pset_destroy(args);
|
||||
sc_free(scp);
|
||||
return -1;
|
||||
@@ -359,7 +359,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs,
|
||||
nvp = nv_find_value( service_flags, "REUSE" );
|
||||
if ( nvp == NULL )
|
||||
{
|
||||
- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ;
|
||||
+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ;
|
||||
pset_destroy(args);
|
||||
sc_free(scp);
|
||||
return -1;
|
||||
@@ -370,7 +370,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs,
|
||||
nvp = nv_find_value( service_flags, "NOLIBWRAP" );
|
||||
if ( nvp == NULL )
|
||||
{
|
||||
- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ;
|
||||
+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ;
|
||||
pset_destroy(args);
|
||||
sc_free(scp);
|
||||
return -1;
|
||||
@@ -381,7 +381,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs,
|
||||
nvp = nv_find_value( service_flags, "NAMEINARGS" );
|
||||
if ( nvp == NULL )
|
||||
{
|
||||
- parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ;
|
||||
+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", SC_NAME(scp) ) ;
|
||||
pset_destroy(args);
|
||||
sc_free(scp);
|
||||
return (-1);
|
@ -0,0 +1,15 @@
|
||||
Patch by Thomas Swan <thomas.swan@gmail.com>
|
||||
|
||||
diff --git a/xinetd/builtins.c b/xinetd/builtins.c
|
||||
index e61502f..a414cf3 100644
|
||||
--- a/xinetd/builtins.c
|
||||
+++ b/xinetd/builtins.c
|
||||
@@ -695,7 +695,7 @@ static void tcpmux_handler( const struct server *serp )
|
||||
if( SC_IS_INTERNAL( scp ) ) {
|
||||
SC_INTERNAL(scp, nserp);
|
||||
} else {
|
||||
- exec_server(nserp);
|
||||
+ child_process(nserp);
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,22 @@
|
||||
--- xinetd-2.3.15/Makefile.in 2012-05-14 09:22:22.661617117 +0200
|
||||
+++ xinetd-2.3.15.new/Makefile.in 2012-05-14 09:32:05.260103054 +0200
|
||||
@@ -14,7 +14,7 @@ topdir = @top_srcdir@
|
||||
|
||||
LIBS = -lsio -lstr -lmisc -lxlog -lportable -lpset @LIBS@
|
||||
|
||||
-CFLAGS += @CFLAGS@
|
||||
+CFLAGS += @CFLAGS@ -fpie
|
||||
DCFLAGS = -Wall -Wredundant-decls -W -Wfloat-equal -Wundef -Wcast-qual -Wwrite-strings -Wmissing-noreturn -Wmissing-format-attribute -Wshadow -Wpointer-arith -Wno-unused -g
|
||||
|
||||
|
||||
--- xinetd-2.3.15/xinetd/Makefile.in 2005-03-31 01:15:28.000000000 +0200
|
||||
+++ xinetd-2.3.15.new/xinetd/Makefile.in 2012-05-14 09:32:24.183659971 +0200
|
||||
@@ -119,7 +119,7 @@ itox: itox.c
|
||||
$(CC) $(CFLAGS) $(DEBUG) $(SRCDIR)/itox.c -o $@ $(LDFLAGS) $(LIBS)
|
||||
|
||||
xinetd: $(OBJS)
|
||||
- $(CC) $(CFLAGS) $(DEBUG) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@
|
||||
+ $(CC) $(CFLAGS) $(DEBUG) -o $@ -pie $(OBJS) $(LDFLAGS) $(LIBS) || rm -f $@
|
||||
|
||||
clean:
|
||||
rm -f $(OBJS) $(NAME) core itox
|
@ -0,0 +1,50 @@
|
||||
Xinetd parses and applies its configuration line by line. If a user wants to
|
||||
specify NAMEINARGS as a flag, it has to be *before* specifying 'server_args'.
|
||||
|
||||
Author: Jan Synacek <jsynacek@redhat.com>
|
||||
Resolves: #1033528
|
||||
|
||||
--- a/xinetd/parse.c 2013-11-21 10:51:25.025436376 +0100
|
||||
+++ b/xinetd/parse.c 2013-11-21 14:45:44.374121057 +0100
|
||||
@@ -633,7 +633,28 @@ static status_e identify_attribute( entr
|
||||
|
||||
if ( (*ap->a_parser)( attr_values, scp, op ) == OK )
|
||||
{ /* This is the normal path. */
|
||||
- SC_SPECIFY( scp, ap->a_id ) ;
|
||||
+ /* If flags contain NAMEINARGS and server_args is already set, disable the service.
|
||||
+ Server args are already set incorrectly. */
|
||||
+ if ( strcmp( ap->a_name, "flags" ) == 0 &&
|
||||
+ SC_SERVER_ARGV( scp ) )
|
||||
+ {
|
||||
+ int i = 0, n = pset_count( attr_values ) ;
|
||||
+ for ( ; i < n ; i++ ) {
|
||||
+ char *v = (char *)pset_pointer( attr_values, i ) ;
|
||||
+ if ( strcmp( v, "NAMEINARGS" ) == 0 )
|
||||
+ break ;
|
||||
+ }
|
||||
+
|
||||
+ if ( i != n ) {
|
||||
+ parsemsg( LOG_ERR, func,
|
||||
+ "NAMEINARGS flag is set after server_args - DISABLING SERVICE" ) ;
|
||||
+ SC_DISABLE( scp ) ;
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ SC_SPECIFY( scp, ap->a_id ) ;
|
||||
+ }
|
||||
}
|
||||
else if ( entry_type == SERVICE_ENTRY )
|
||||
{
|
||||
--- a/xinetd/xinetd.conf.man 2013-12-03 10:06:35.717977075 +0100
|
||||
+++ b/xinetd/xinetd.conf.man 2013-12-03 10:41:14.779089430 +0100
|
||||
@@ -106,7 +106,8 @@
|
||||
This will cause the first argument in "server_args" to be argv[0] when
|
||||
executing the server, as specified in "server". This allows you to use
|
||||
tcpd by putting tcpd in "server" and the name of the server in "server_args"
|
||||
-like in normal inetd.
|
||||
+like in normal inetd. This flag has to be specified before "server_args",
|
||||
+otherwise is not taken into account.
|
||||
.TP
|
||||
.B NODELAY
|
||||
If the service is a tcp service and the NODELAY flag is set, then the
|
@ -0,0 +1,17 @@
|
||||
[Unit]
|
||||
Description=Xinetd A Powerful Replacement For Inetd
|
||||
After=syslog.target network.target network-online.target
|
||||
Wants=network-online.target
|
||||
Documentation=man:xinetd
|
||||
Documentation=man:xinetd.conf
|
||||
Documentation=man:xinetd.log
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/var/run/xinetd.pid
|
||||
ExecStart=/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
|
||||
ExecReload=/usr/bin/kill -HUP $MAINPID
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
@ -0,0 +1,454 @@
|
||||
Summary: A secure replacement for inetd
|
||||
Name: xinetd
|
||||
Version: 2.3.15
|
||||
Release: 25%{?dist}
|
||||
License: xinetd
|
||||
Group: System Environment/Daemons
|
||||
Epoch: 2
|
||||
URL: https://github.com/xinetd-org/xinetd
|
||||
# source can be downloaded at
|
||||
# https://github.com/xinetd-org/xinetd/archive/xinetd-2-3-15.tar.gz
|
||||
Source: xinetd-%{version}.tar.gz
|
||||
Source1: xinetd.service
|
||||
Patch0: xinetd-2.3.15-pie.patch
|
||||
Patch4: xinetd-2.3.14-bind-ipv6.patch
|
||||
Patch6: xinetd-2.3.14-man-section.patch
|
||||
Patch7: xinetd-2.3.15-PIE.patch
|
||||
Patch8: xinetd-2.3.14-ident-bind.patch
|
||||
Patch9: xinetd-2.3.14-readable-debuginfo.patch
|
||||
# Patch for clean reconfiguration using newer versions of autotools
|
||||
Patch10: xinetd-2.3.14-autoconf.patch
|
||||
# Completely rewritten socket handling code (it uses poll() instead
|
||||
# of select() function)
|
||||
Patch11: xinetd-2.3.14-poll.patch
|
||||
# New configuration option (limit for files opened by child process)
|
||||
Patch12: xinetd-2.3.14-file-limit.patch
|
||||
# When using tcpmux, xinetd ended up with sigsegv
|
||||
# (detection of NULL pointer in pollfd structure was missing)
|
||||
Patch13: xinetd-2.3.14-tcpmux.patch
|
||||
# When service is destroyed, destroy also its
|
||||
# file descriptor in array given to poll function
|
||||
Patch14: xinetd-2.3.14-clean-pfd.patch
|
||||
# xinetd confuses ipv6 and ipv4 port parsing
|
||||
# - furtunately, they have the same format, so everything
|
||||
# works even without this patch
|
||||
Patch15: xinetd-2.3.14-ipv6confusion.patch
|
||||
# This fixes bug #593904 - online reconfiguration caused log message
|
||||
# flood when turning off UDP service
|
||||
Patch16: xinetd-2.3.14-udp-reconfig.patch
|
||||
Patch18: xinetd-2.3.14-rpc-specific-port.patch
|
||||
Patch19: xinetd-2.3.14-signal-log-hang.patch
|
||||
Patch20: xinetd-2.3.14-fix-type-punned-ptr.patch
|
||||
# Fix leaking file descriptors and pfd_array wasting
|
||||
# This fixes #702670
|
||||
Patch21: xinetd-2.3.14-leaking-fds.patch
|
||||
# Fix memory corruption when loading a large number of services
|
||||
# This fixes #720390
|
||||
Patch22: xinetd-2.3.14-many-services.patch
|
||||
# Remove realloc of fds that was causing memory corruption
|
||||
Patch23: xinetd-2.3.14-realloc-remove.patch
|
||||
# Fix leaking descriptor when starting a service fails
|
||||
Patch24: xinetd-2.3.14-leaking-fds-2a.patch
|
||||
# Fix #770858 - Instances limit in xinetd can be easily bypassed
|
||||
Patch25: xinetd-2.3.14-instances.patch
|
||||
# Fix #809272 - Service disabled due to bind failure
|
||||
Patch26: xinetd-2.3.14-retry-svc-activate-in-cps-restart.patch
|
||||
Patch27: xinetd-2.3.15-bad-port-check.patch
|
||||
# Fix #977873 - Use full path to server when checking selinux context
|
||||
Patch28: xinetd-2.3.15-context-exepath.patch
|
||||
Patch29: xinetd-2.3.15-creds.patch
|
||||
# Fix #1033528 - xinetd segfaults when connecting to tcpmux service
|
||||
Patch30: xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch
|
||||
Patch31: xinetd-2.3.15-covscan.patch
|
||||
|
||||
BuildRequires: autoconf, automake, libtirpc-devel
|
||||
BuildRequires: libselinux-devel >= 1.30
|
||||
BuildRequires: systemd-units
|
||||
Requires(post): systemd-sysv
|
||||
Requires(post): systemd-units
|
||||
Requires(preun): systemd-units
|
||||
Requires(postun): systemd-units
|
||||
Requires: filesystem >= 2.0.1, setup
|
||||
Provides: inetd
|
||||
|
||||
|
||||
%description
|
||||
Xinetd is a secure replacement for inetd, the Internet services
|
||||
daemon. Xinetd provides access control for all services based on the
|
||||
address of the remote host and/or on time of access and can prevent
|
||||
denial-of-access attacks. Xinetd provides extensive logging, has no
|
||||
limit on the number of server arguments, and lets you bind specific
|
||||
services to specific IP addresses on your host machine. Each service
|
||||
has its own specific configuration file for Xinetd; the files are
|
||||
located in the /etc/xinetd.d directory.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
# SPARC/SPARC64 needs -fPIE/-PIE
|
||||
# This really should be detected by configure.
|
||||
%ifarch sparcv9 sparc64
|
||||
%patch7 -p1 -b .PIE
|
||||
%else
|
||||
%patch0 -p1 -b .pie
|
||||
%endif
|
||||
%patch4 -p1 -b .bind
|
||||
%patch6 -p1 -b .man-section
|
||||
%patch8 -p1 -b .ident-bind
|
||||
%patch9 -p1 -b .readable-debuginfo
|
||||
%patch10 -p1 -b .autoconf
|
||||
%patch11 -p1 -b .poll
|
||||
%patch12 -p1 -b .file-limit
|
||||
%patch13 -p1 -b .tcpmux
|
||||
%patch14 -p1 -b .clean-pfd
|
||||
%patch15 -p1 -b .ipv6confusion
|
||||
%patch16 -p1 -b .udp-reconfig
|
||||
%patch18 -p1 -b .rpc-specific-port
|
||||
%patch19 -p1 -b .signal-log-hang
|
||||
%patch20 -p1 -b .fix-type-punned-ptr
|
||||
%patch21 -p1 -b .leaking-fds
|
||||
%patch22 -p1 -b .many-services
|
||||
%patch23 -p1 -b .realloc-remove
|
||||
%patch24 -p1 -b .leaking-fds-2a
|
||||
%patch25 -p1 -b .instances
|
||||
%patch26 -p1 -b .retry-svc-activate
|
||||
%patch27 -p1 -b .bad-port-check
|
||||
%patch28 -p1 -b .context-exepath
|
||||
%patch29 -p1 -b .creds
|
||||
%patch30 -p1
|
||||
%patch31 -p1
|
||||
|
||||
aclocal
|
||||
autoconf
|
||||
|
||||
%build
|
||||
# -pie -PIE flags added by separate patches
|
||||
%configure --with-loadavg --with-inet6 --with-labeled-networking
|
||||
make CFLAGS="$CFLAGS $(pkg-config --cflags libtirpc)" LDFLAGS="$LDFLAGS $(pkg-config --libs libtirpc) -Wl,-z,relro,-z,now"
|
||||
|
||||
%install
|
||||
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
||||
mkdir -m 700 -p $RPM_BUILD_ROOT/etc/xinetd.d/
|
||||
# Remove unneeded service
|
||||
rm -f contrib/xinetd.d/ftp-sensor
|
||||
%make_install DAEMONDIR=$RPM_BUILD_ROOT/usr/sbin MANDIR=$RPM_BUILD_ROOT/%{_mandir}
|
||||
install -m 600 contrib/xinetd.conf $RPM_BUILD_ROOT/etc
|
||||
install -m 600 contrib/xinetd.d/* $RPM_BUILD_ROOT/etc/xinetd.d
|
||||
install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}
|
||||
|
||||
rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/itox*
|
||||
rm -f $RPM_BUILD_ROOT/usr/sbin/itox
|
||||
rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/xconv.pl*
|
||||
rm -f $RPM_BUILD_ROOT/usr/sbin/xconv.pl
|
||||
|
||||
%post
|
||||
%systemd_post xinetd.service
|
||||
|
||||
%preun
|
||||
%systemd_preun xinetd.service
|
||||
|
||||
%postun
|
||||
%systemd_postun_with_restart xinetd.service
|
||||
|
||||
%files
|
||||
%doc CHANGELOG COPYRIGHT README xinetd/sample.conf contrib/empty.conf
|
||||
%config(noreplace) /etc/xinetd.conf
|
||||
%{_unitdir}/xinetd.service
|
||||
%config(noreplace) /etc/xinetd.d/*
|
||||
/usr/sbin/xinetd
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Thu Jul 21 2022 Lukas Nykryn <lnykryn@redhat.com> - 2:2.3.15-25
|
||||
- Add dependency on network-online.target
|
||||
|
||||
* Mon Aug 5 2019 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-24
|
||||
- fix covscan (#1607030)
|
||||
|
||||
* Tue May 22 2018 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-23
|
||||
- fix compilation, missing rpc headers (#1580970)
|
||||
|
||||
* Mon Dec 4 2017 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-22
|
||||
- remove build dependency on tcp_wrappers (#1518797)
|
||||
|
||||
* Tue Nov 07 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2:2.3.15-21
|
||||
- Remove old crufty coreutils requires
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.3.15-20
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.3.15-19
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.3.15-18
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.3.15-17
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-16
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-15
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-14
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Mon Feb 24 2014 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-13
|
||||
- drop sysconfig-related stuff
|
||||
- add documentation reference to the service file
|
||||
|
||||
* Tue Jan 14 2014 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-12
|
||||
- fix bad URL
|
||||
|
||||
* Fri Dec 13 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-11
|
||||
- fixup of the previous patch
|
||||
- Resolves: #1042652
|
||||
- Related: #1033528
|
||||
|
||||
* Tue Dec 3 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-10
|
||||
- xinetd segfaults when connecting to tcpmux service
|
||||
- Resolves: #1033528
|
||||
|
||||
* Fri Oct 4 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-9
|
||||
- xinetd should not depend on NetworkManager-wait-online
|
||||
- Resolves: #1002294
|
||||
|
||||
* Thu Oct 3 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-8
|
||||
- Honor user and group directives
|
||||
- Resolves: CVE-2013-4342
|
||||
|
||||
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Wed Jun 26 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-6
|
||||
- Use full path to server when checking selinux context
|
||||
- Resolves: #977873
|
||||
|
||||
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Mon Sep 03 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-4
|
||||
- Change config files' permissions
|
||||
- Resolves: #853144
|
||||
|
||||
* Wed Aug 22 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-3
|
||||
- Replace the makeinstall macro
|
||||
- Add systemd-rpm macros
|
||||
- Resolves: #850370
|
||||
|
||||
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.15-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Mon May 14 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-1
|
||||
- Update to 2.3.15
|
||||
- Drop patches merged by upstream
|
||||
(-log-crash, -tcp_rpc, -label, -contextconf, -ssize_t)
|
||||
- Update -pie, -PIE, -poll patch
|
||||
- Resolves: #820927
|
||||
- Add -bad-port-check patch
|
||||
|
||||
* Fri Apr 13 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-46
|
||||
- Fix: service file: avoid problems when name resolution is not ready
|
||||
- Resolves: #748931
|
||||
|
||||
* Fri Apr 13 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-45
|
||||
- Fix: Service disabled due to bind failure
|
||||
- Update patch: xinetd-2.3.14-leaking-fds-2.patch
|
||||
- Resolves: #809272
|
||||
|
||||
* Mon Mar 05 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-44
|
||||
- Fix: Instances limit in xinetd can be easily bypassed
|
||||
- Resolves: #770858
|
||||
|
||||
* Mon Mar 05 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-43
|
||||
- Fix xinetd.service permissions
|
||||
- Remove useless INSTALL from package documentation
|
||||
- Implement reload in xinetd.service
|
||||
|
||||
* Fri Mar 02 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-42
|
||||
- Fix leaking descriptor when starting a service fails (#795188)
|
||||
|
||||
* Wed Jan 18 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-41
|
||||
- Remove realloc inside svc_activate that was causing memory corruption
|
||||
- Number of alloc'd file descriptors is now determined by system limits (ulimit -n)
|
||||
- Add patch -realloc-remove
|
||||
|
||||
* Tue Jan 17 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-40
|
||||
- Fix memory corruption when loading a large number of services
|
||||
- Resolves #720390
|
||||
|
||||
* Mon Jan 16 2012 Jan Synáček <jsynacek@redhat.com> - 2:2.3.14-39
|
||||
- Fix leaking file descriptors
|
||||
- Resolves: #702670
|
||||
|
||||
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.14-38
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Mon Sep 12 2011 Tom Callaway <spot@fedoraproject.org> - 2:2.3.14-37
|
||||
- covert to systemd
|
||||
|
||||
* Thu Apr 21 2011 Vojtech Vitek (V-Teq) <vvitek@redhat.com> - 2:2.3.14-36
|
||||
- Fix build warning about "dereferencing type-punned pointer"
|
||||
Related: #695674
|
||||
- Avoid possible hang while logging an unexpected signal
|
||||
Related: #501604
|
||||
- Let RPC services bind to a specific port
|
||||
Related: #624800
|
||||
|
||||
* Fri Feb 18 2011 Vojtech Vitek (V-Teq) <vvitek@redhat.com> - 2:2.3.14-35
|
||||
- fix crash when application's logfile hit size limit
|
||||
Related: #244063
|
||||
|
||||
* Mon Feb 14 2011 Vojtech Vitek (V-Teq) <vvitek@redhat.com> - 2:2.3.14-34
|
||||
- Add -Wl,-z,relro,-z,now to LDFLAGS
|
||||
|
||||
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.14-33
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Wed Jun 02 2010 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-32
|
||||
- fixed log message flooding when turning off UDP service during online
|
||||
reconfiguration (#593904)
|
||||
|
||||
* Fri Mar 19 2010 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-31
|
||||
- corrected port parsing code (IPv4 and IPv6 were switched)
|
||||
- commented patches I'm familiar with in spec file
|
||||
|
||||
* Fri Mar 19 2010 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-30
|
||||
- fixed flooding log with error messages when disabled service at runtime
|
||||
- updated release number to 30 to prevent rpm from detecting this as downgrade
|
||||
|
||||
* Thu Jan 21 2010 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-28
|
||||
- fixed issue with tcpmux service (#543968)
|
||||
|
||||
* Tue Oct 20 2009 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-27
|
||||
- last update of init script modified to work with SELinux correctly
|
||||
- added support for new configuration option - file limit for service
|
||||
|
||||
* Mon Oct 12 2009 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-26
|
||||
- updated init script (LSB compliance - #528154)
|
||||
|
||||
* Thu Sep 17 2009 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-25
|
||||
- correction of last patch replacing select() with poll()
|
||||
|
||||
* Mon Sep 14 2009 Jan Zeleny <jzeleny@redhat.com> - 2:2.3.14-24
|
||||
- select() function and it's supporting macros replaced by poll() and it's supporting macros
|
||||
- added patch of configure.in for clean compilation
|
||||
|
||||
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.14-23
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:2.3.14-22
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Thu Sep 18 2008 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-21
|
||||
- fix glitches found during package review (#226560)
|
||||
- make all files in .debuginfo package readable by everyone
|
||||
|
||||
* Wed Jul 16 2008 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-20
|
||||
- fix wrong bind() call (#448069)
|
||||
|
||||
* Thu May 29 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 2:2.3.14-19
|
||||
- fix sparc fPIE issues
|
||||
|
||||
* Thu Jan 31 2008 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-18
|
||||
- fixed LABEL flag (#430929)
|
||||
|
||||
* Wed Jan 30 2008 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-17
|
||||
- fixing init scripts (#430816)
|
||||
|
||||
* Mon Jan 28 2008 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-16
|
||||
- xinetd.log man page is in the right section now (#428812)
|
||||
|
||||
* Thu Sep 6 2007 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-15
|
||||
- initscript made LSB compliant (#247099)
|
||||
|
||||
* Thu Sep 6 2007 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-14
|
||||
- removed inetdconvert script, nobody is using inetd
|
||||
|
||||
* Wed Aug 22 2007 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-13
|
||||
- updated license field
|
||||
|
||||
* Wed May 16 2007 Jan Safranek <jsafranek@redhat.com> - 2:2.3.14-12
|
||||
- bind IPv6 socket by default and switch to IPv4 on error
|
||||
(bz#195265)
|
||||
- service xinetd status returns actual status (bz#232887)
|
||||
- use ssize_t instead of int (bz#211776)
|
||||
|
||||
* Mon Dec 4 2006 Thomas Woerner <twoerner@redhat.com> - 2:2.3.14-11
|
||||
- tcp_wrappers has a new devel and libs sub package, therefore changing build
|
||||
requirement for tcp_wrappers to tcp_wrappers-devel
|
||||
|
||||
* Fri Dec 01 2006 James Antill <james.antill@redhat.com> - 2:2.3.14-9
|
||||
- Fix getpeercon() for LABELED networking MLS environments
|
||||
- Resolves: rhbz#209379
|
||||
|
||||
* Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 2:2.3.14-8
|
||||
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
|
||||
|
||||
* Wed Sep 20 2006 Steve Grubb <sgrubb@redhat.com> 2:2.3.14-7
|
||||
- Revised labeled networking patch to not allow redirection
|
||||
|
||||
* Tue Aug 29 2006 Steve Grubb <sgrubb@redhat.com> 2:2.3.14-6
|
||||
- Revised labeled networking patch again
|
||||
|
||||
* Thu Aug 24 2006 Steve Grubb <sgrubb@redhat.com> 2:2.3.14-5
|
||||
- Revised labeled networking patch
|
||||
|
||||
* Wed Aug 23 2006 Steve Grubb <sgrubb@redhat.com> 2:2.3.14-4
|
||||
- Added labeled networking patch
|
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2:2.3.14-3.1
|
||||
- rebuild
|
||||
|
||||
* Fri Jun 16 2006 Steve Grubb <sgrubb@redhat.com> 2:2.3.14-3
|
||||
- Rework spec file & use xinetd's sevice config files
|
||||
|
||||
* Fri Mar 24 2006 Jay Fenlason <fenlason@redhat.com> 2:2.3.14-2
|
||||
- Upgrade to new upstream version. This obsoletes the -libwrap,
|
||||
-rpc, -banner, -bug140084 and -gcc4 patches.
|
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2:2.3.13-6.2.1
|
||||
- bump again for double-long bug on ppc(64)
|
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2:2.3.13-6.2
|
||||
- rebuilt for new gcc4.1 snapshot and glibc changes
|
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Thu Feb 17 2005 Jay Fenlason <fenlason@redhat.com> 2:2.3.13-6
|
||||
- include new patch to allow gcc4 to compile xinetd.
|
||||
|
||||
* Sat Jan 8 2005 Jay Fenlason <fenlason@redhat.com> 2:2.3.13-4
|
||||
- Added patch committed to upstream CVS to fix bz#140084
|
||||
(error logging accidentally using one of [012] as the syslog
|
||||
descriptor)
|
||||
|
||||
* Fri Jun 18 2004 Jay Fenlason <fenlason@redhat.com> 2:2.3.13-3
|
||||
- Add patch to fix #126242: banner's don't work
|
||||
|
||||
* Thu Jun 17 2004 Jay Fenlason <fenlason@redhat.com>
|
||||
- Remove the configuration for the no-longer-present "services" service.
|
||||
Closes #126169
|
||||
|
||||
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Fri May 14 2004 Jay Fenlason <fenlason@redhat.com>
|
||||
- Add patch to allow multiple rpc services to cooexist as long as they're
|
||||
different program numbers or different versions.
|
||||
|
||||
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Thu Jan 29 2004 Jay Fenlason <fenlason@redhat.com> 2.3.13-1
|
||||
- Upgrade to new upstream version, which obsoletes most patches.
|
||||
- Add new tcp_rpc patch, to turn on the nolibwrap flag on tcp rpc services,
|
||||
since libwrap cannot be used on them.
|
||||
|
||||
* Sun Dec 28 2003 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- use new technology to filter python dep for inetdconvert instead
|
||||
of changing the -x bit on file permissions
|
||||
|
Loading…
Reference in new issue