packages/openslp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Package init

Browse Source
This commit is contained in:
overweight 2019-09-30 11:10:48 -04:00
commit 659d0b7056
20 changed files with 812 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch Normal file
View File

@ -0,0 +1,43 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491502259 21600
# Thu Apr 06 12:10:59 2017 -0600
# Node ID 52e64208bc616a5def0f4d337c1adc18c23ef3ec
# Parent f9f53696e6bea9976d3c0e5c6825b9d7a026be7c
CVE-2012-4428: fix handling of string-list in slp_common.c
diff -r f9f53696e6be -r 52e64208bc61 common/slp_compare.c
--- a/common/slp_compare.c Thu Apr 06 12:04:31 2017 -0600
+++ b/common/slp_compare.c Thu Apr 06 12:10:59 2017 -0600
@@ -588,13 +588,10 @@
/* seek to the end of the next list item */
while(1)
{
- if(itemend == listend || *itemend == ',')
- {
- if(*(itemend - 1) != '\\')
- {
- break;
- }
- }
+ if(itemend == listend)
+ break;
+ if(*itemend == ',' && *(itemend - 1) != '\\')
+ break;
itemend++;
}
@@ -684,9 +681,10 @@
/* seek to the end of the next list item */
while (1)
{
- if (itemend == listend || *itemend == ',')
- if (*(itemend - 1) != '\\')
- break;
+ if(itemend == listend)
+ break;
+ if(*itemend == ',' && *(itemend - 1) != '\\')
+ break;
itemend++;
}

47
Change-default-slpreg-connection-from-UDP-to-TCP.patch Normal file
View File

@ -0,0 +1,47 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491590497 21600
# Fri Apr 07 12:41:37 2017 -0600
# Node ID 5f989105ddc62829adbb3ac1c36a51bd927ba1d9
# Parent 2faa881f0616fce98cf239e80989cd650347190d
BUG#139: Change default slpreg connection from UDP to TCP.
diff -r 2faa881f0616 -r 5f989105ddc6 libslp/libslp_network.c
--- a/libslp/libslp_network.c Fri Apr 07 12:25:06 2017 -0600
+++ b/libslp/libslp_network.c Fri Apr 07 12:41:37 2017 -0600
@@ -371,21 +371,29 @@
{
sockfd_t sock = SLP_INVALID_SOCKET;
- /*Note that these don't actually test the connection to slpd.
- They don't have to, since all code that calls this function eventually
- does a NetworkRqstRply, which has retry logic for the datagram case*/
+ /* Note that these don't actually test the connection to slpd.
+ * They don't have to, since all code that calls this function eventually
+ * does a NetworkRqstRply, which has retry logic for the datagram case.
+ */
+ struct timeval timeout;
+ timeout.tv_sec = SLPPropertyAsInteger(SLPGetProperty("net.slp.randomWaitBound"));
+ timeout.tv_usec = (timeout.tv_sec % 1000) * 1000;
+ timeout.tv_sec = timeout.tv_sec / 1000;
if (SLPNetIsIPV6())
- if (!SLPNetSetAddr(peeraddr, AF_INET6, (uint16_t)SLPPropertyAsInteger("net.slp.port"),
+ if (!SLPNetSetAddr(peeraddr, AF_INET6,
+ (uint16_t)SLPPropertyAsInteger("net.slp.port"),
&slp_in6addr_loopback))
- sock = SLPNetworkCreateDatagram(AF_INET6);
+ sock = SLPNetworkConnectStream(peeraddr, &timeout);
if (sock == SLP_INVALID_SOCKET && SLPNetIsIPV4())
{
int tempAddr = INADDR_LOOPBACK;
if (SLPNetSetAddr(peeraddr, AF_INET,
(uint16_t)SLPPropertyAsInteger("net.slp.port"), &tempAddr) == 0)
- sock = SLPNetworkCreateDatagram(AF_INET);
+ {
+ sock = SLPNetworkConnectStream(peeraddr, &timeout);
+ }
}
return sock;
}

32
Daemon-sends-wrong-service-reply-when-security-is-enabled.patch Normal file
View File

@ -0,0 +1,32 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491512136 21600
# Thu Apr 06 14:55:36 2017 -0600
# Node ID df49bc4f2972edbe5aa62598af00f57277f5bded
# Parent 07c9f60808790d038865b83b216d100848b2600a
BUG#155: Daemon sends wrong service reply when security is enabled.
diff -r 07c9f6080879 -r df49bc4f2972 slpd/slpd_process.c
--- a/slpd/slpd_process.c Thu Apr 06 12:27:49 2017 -0600
+++ b/slpd/slpd_process.c Thu Apr 06 14:55:36 2017 -0600
@@ -615,13 +615,17 @@
else
#endif
{
- /* Use an opaque copy if available (and authentication is
- * not being used).
- */
+ /* Use an opaque copy if available. */
/* TRICKY: Fix up the lifetime. */
TO_UINT16(urlentry->opaque + 1, urlentry->lifetime);
memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen);
+
+ /* TRICKY: Fix up the result authblock count. */
+ if (urlentry->authcount)
+ result->curpos[1 + 2 + 2 + urlentry->urllen] = (uint8_t)urlentry->authcount;
+ /* 1 reserved + 2 lifetime + 2 url length */
+
result->curpos += urlentry->opaquelen;
}
}

29
Fix-DAAddresses-hostname-resolution-issue.patch Normal file
View File

@ -0,0 +1,29 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491512773 21600
# Thu Apr 06 15:06:13 2017 -0600
# Node ID a33eb64be8d3ad17e6052fa23e118f166f11fd16
# Parent df49bc4f2972edbe5aa62598af00f57277f5bded
Bug#154: Fix DAAddresses hostname resolution issue.
diff -r df49bc4f2972 -r a33eb64be8d3 slpd/slpd_knownda.c
--- a/slpd/slpd_knownda.c Thu Apr 06 14:55:36 2017 -0600
+++ b/slpd/slpd_knownda.c Thu Apr 06 15:06:13 2017 -0600
@@ -574,7 +574,7 @@
{
if (SLPNetIsIPV6() && ai_ref->ai_addr->sa_family == AF_INET6)
{
- memcpy(&daaddr, &ai_ref->ai_addr,
+ memcpy(&daaddr, ai_ref->ai_addr,
sizeof(struct sockaddr_in6));
daaddr_isset = 1;
break;
@@ -584,7 +584,7 @@
&& !daaddr_isset
&& ai_ref->ai_addr->sa_family == AF_INET)
{
- memcpy(&daaddr, &ai_ref->ai_addr,
+ memcpy(&daaddr, ai_ref->ai_addr,
sizeof(struct sockaddr_in));
daaddr_isset = 1;
/* we'll continue searching for an IPv6 address, but we'll use the first IPv4 address if none are found */

41
Fix-broadcast-functionality.patch Normal file
View File

@ -0,0 +1,41 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491599282 21600
# Fri Apr 07 15:08:02 2017 -0600
# Node ID b04612a6f65ae48d4f4b1b351caa429eab326b91
# Parent 95e918d8e0d90ffa7902073c1e70c976e00cc0b0
BUG#127: Fix broadcast functionality.
diff -r 95e918d8e0d9 -r b04612a6f65a common/slp_xcast.c
--- a/common/slp_xcast.c Fri Apr 07 13:34:14 2017 -0600
+++ b/common/slp_xcast.c Fri Apr 07 15:08:02 2017 -0600
@@ -70,6 +70,7 @@
const SLPBuffer msg, SLPXcastSockets * socks)
{
int xferbytes;
+ int broadAddr = INADDR_BROADCAST;
so_bool_t on = 1;
for (socks->sock_count = 0;
@@ -95,7 +96,8 @@
sizeof(ifaceinfo->bcast_addr[socks->sock_count]));
SLPNetSetAddr(&socks->peeraddr[socks->sock_count], AF_INET,
- (uint16_t)SLPPropertyAsInteger("net.slp.port"), 0);
+ (uint16_t)SLPPropertyAsInteger("net.slp.port"),
+ (unsigned char *)&broadAddr);
xferbytes = sendto(socks->sock[socks->sock_count],
(char *)msg->start, (int)(msg->end - msg->start), 0,
(struct sockaddr *)&socks->peeraddr[socks->sock_count],
diff -r 95e918d8e0d9 -r b04612a6f65a libslp/libslp_network.c
--- a/libslp/libslp_network.c Fri Apr 07 13:34:14 2017 -0600
+++ b/libslp/libslp_network.c Fri Apr 07 15:08:02 2017 -0600
@@ -1077,7 +1077,7 @@
}
}
- usebroadcast = SLPPropertyAsBoolean("net.slp.useBroadcast");
+ usebroadcast = SLPPropertyAsBoolean("net.slp.isBroadcastOnly");
/* multicast/broadcast wait timeouts */
maxwait = SLPPropertyAsInteger("net.slp.multicastMaximumWait");

81
Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch Normal file
View File

@ -0,0 +1,81 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491593654 21600
# Fri Apr 07 13:34:14 2017 -0600
# Node ID 95e918d8e0d90ffa7902073c1e70c976e00cc0b0
# Parent 5f989105ddc62829adbb3ac1c36a51bd927ba1d9
BUG#123: Fix interface parsing code to look for null ifc addrs.
diff -r 5f989105ddc6 -r 95e918d8e0d9 common/slp_iface.c
--- a/common/slp_iface.c Fri Apr 07 12:41:37 2017 -0600
+++ b/common/slp_iface.c Fri Apr 07 13:34:14 2017 -0600
@@ -417,8 +417,14 @@
{
for (; ifa; ifa = ifa->ifa_next)
{
+ /* filter out NULL address interfaces */
+ if (!ifa->ifa_addr)
+ continue;
+
+ /* filter out non-v6 interfaces */
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
+
paddr = (struct sockaddr_in6 *)ifa->ifa_addr;
if (!memcmp(&paddr->sin6_addr, &addr->sin6_addr, sizeof(struct in6_addr)))
{
@@ -433,8 +439,14 @@
for (; ifa; ifa = ifa->ifa_next)
{
+ /* filter out NULL address interfaces */
+ if (!ifa->ifa_addr)
+ continue;
+
+ /* filter out non-v6 interfaces */
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
+
paddr = (struct sockaddr_in6 *)ifa->ifa_addr;
if ((!strcmp(iface, ifa->ifa_name)) && (!memcmp(&paddr->sin6_addr, &addr->sin6_addr, sizeof(struct in6_addr))))
{
@@ -600,9 +612,15 @@
for (ifa = ifaddrs; ifa && ifaceinfo->iface_count < slp_max_ifaces; ifa = ifa->ifa_next)
{
+ /* filter out NULL address interfaces */
+ if (!ifa->ifa_addr)
+ continue;
+
+ /* filter out non-v6 interfaces */
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
+ /* filter out loopback interfaces */
if (!strcmp("lo", ifa->ifa_name))
continue;
@@ -1135,7 +1153,7 @@
return sts;
}
-/** Extract Interface Name from scope id.
+/** Extract Interface Name from scope id. This function is called by v6 code only.
*
* @param[in] scope_id - The scope id of interface
* @param[in,out] iface - The interface name got from scope id
@@ -1156,8 +1174,14 @@
ifaddr = ifa;
for (; ifa; ifa = ifa->ifa_next)
{
+ /* filter out NULL address interfaces */
+ if (!ifa->ifa_addr)
+ continue;
+
+ /* filter out non-v6 interfaces */
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
+
if (((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_scope_id == scope_id)
{
if (strlen(ifa->ifa_name) >= MAX_IFACE_LEN)

20
Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch Normal file
View File

@ -0,0 +1,20 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491503269 21600
# Thu Apr 06 12:27:49 2017 -0600
# Node ID 07c9f60808790d038865b83b216d100848b2600a
# Parent 52e64208bc616a5def0f4d337c1adc18c23ef3ec
Fix slp_iface.c comma expression so it works as designed.
diff -r 52e64208bc61 -r 07c9f6080879 common/slp_iface.c
--- a/common/slp_iface.c Thu Apr 06 12:10:59 2017 -0600
+++ b/common/slp_iface.c Thu Apr 06 12:27:49 2017 -0600
@@ -1087,7 +1087,7 @@
}
}
else
- sts = (errno = EINVAL), -1; /* not v4, not v6 */
+ sts = ((errno = EINVAL), -1); /* not v4, not v6 */
}
else if (if_nametoindex(token))
{

20
Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch Normal file
View File

@ -0,0 +1,20 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491604127 21600
# Fri Apr 07 16:28:47 2017 -0600
# Node ID a53aa0004700c5e65dc72052298503faf3ae3fa0
# Parent 7287c265e09be2abcfefefd4e496e04f2e5afcde
BUG#100: Fix xrealloc to properly free original pointer on resize.
diff -r 7287c265e09b -r a53aa0004700 common/slp_xmalloc.c
--- a/common/slp_xmalloc.c Fri Apr 07 15:50:23 2017 -0600
+++ b/common/slp_xmalloc.c Fri Apr 07 16:28:47 2017 -0600
@@ -206,7 +206,7 @@
if (newptr == 0)
return 0;
memcpy(newptr, ptr, x->size);
- _xfree(file, line, x);
+ _xfree(file, line, ptr);
}
return newptr;
}

27
Properly-initialize-xcastsocks-for-error-exit.patch Normal file
View File

@ -0,0 +1,27 @@
# HG changeset patch
# User John Calcote <john.calcote@gmail.com>
# Date 1491599819 21600
# Fri Apr 07 15:16:59 2017 -0600
# Node ID 2a2554a6550270bc586811b2ce1f73d104cae6f1
# Parent b04612a6f65ae48d4f4b1b351caa429eab326b91
BUG#108: Properly initialize xcastsocks for error exit.
diff -r b04612a6f65a -r 2a2554a65502 libslp/libslp_network.c
--- a/libslp/libslp_network.c Fri Apr 07 15:08:02 2017 -0600
+++ b/libslp/libslp_network.c Fri Apr 07 15:16:59 2017 -0600
@@ -983,6 +983,7 @@
v6outifaceinfo.bcast_addr = NULL;
xcastsocks.sock = NULL;
xcastsocks.peeraddr = NULL;
+ xcastsocks.sock_count = 0;
xid = SLPXidGenerate();
mtu = getmtu();
@@ -1034,7 +1035,6 @@
result = SLP_MEMORY_ALLOC_FAILED;
goto FINISHED;
}
- xcastsocks.sock_count = 0;
xcastsocks.sock = malloc(slp_max_ifaces * sizeof(sockfd_t));
if (xcastsocks.sock == NULL)
{

90
openslp-2.0.0-cve-2016-7567.patch Normal file
View File

@ -0,0 +1,90 @@
diff -up openslp-2.0.0/common/slp_compare.c.orig openslp-2.0.0/common/slp_compare.c
--- openslp-2.0.0/common/slp_compare.c.orig 2012-12-12 20:12:43.000000000 +0100
+++ openslp-2.0.0/common/slp_compare.c 2017-03-14 10:51:36.480675991 +0100
@@ -194,7 +194,8 @@ static int SLPUnescapeInPlace(size_t len
* @return The new (shorter) length of @p str.
*
* @note This routine assumes that leading and trailing white space have
- * already been removed from @p str.
+ * already been removed from @p str. It also assumes that @p str may
+ * not be null-terminated.
*/
static int SLPFoldWhiteSpace(size_t len, char * str)
{
@@ -203,11 +204,11 @@ static int SLPFoldWhiteSpace(size_t len,
{
if (isspace(*p))
{
- char * ws2p = ++p; /* Point ws2p to the second ws char. */
- while (isspace(*p)) /* Scan till we hit a non-ws char. */
+ char * ws2p = ++p; /* Point ws2p to the second ws char. */
+ while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */
p++;
- len -= p - ws2p; /* Reduce the length by extra ws. */
- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
+ len -= p - ws2p; /* Reduce the length by extra ws. */
+ memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
}
p++;
}
@@ -821,6 +822,50 @@ int SLPCheckAttributeListSyntax(const ch
#ifdef SLP_COMPARE_TEST
+/* Test boundary conditions of SLPFoldWhiteSpace. */
+static int test_SLPFoldWhiteSpace(void)
+{
+ static char test_str0[] = " ";
+ static char test_str1[] = "Blah";
+ static char test_str3[] = "Blah blah";
+ static char test_str4[] = "Blah blah";
+ static char test_str5[] = "Blah blah blah";
+ static char test_str8[] = " Blah blah";
+ static char test_str9[] = " Blah blah";
+ static char test_strC[] = "Blah blah ";
+ static char test_strD[] = "Blah blah xxxx";
+
+ static char * test_strs[] =
+ {
+ test_str0, test_str0, test_str0, test_str1, test_strC,
+ test_str3, test_str4, test_str5, test_strC, test_strC,
+ test_str8, test_str9, test_strC, test_strD,
+ };
+
+ static int test_lens[] =
+ {
+ 0, 1, 2, 4, 9, 10, 11, 15, 10, 11, 10, 11, 11, 11,
+ };
+
+ static int test_fins[] =
+ {
+ 0, 1, 1, 4, 9, 9, 9, 14, 10, 10, 10, 10, 10, 10,
+ };
+
+#define MAX_BUFSZ 32
+
+ int i;
+ for (i = 0; i < sizeof(test_strs) / sizeof(*test_strs); ++i)
+ {
+ char test_buf[MAX_BUFSZ];
+ memmove(test_buf, test_strs[i], test_lens[i]);
+ int len = SLPFoldWhiteSpace(test_lens[i], test_buf);
+ if (len != test_fins[i])
+ return -1;
+ }
+ return 0;
+}
+
/* ---------------- Test main for the slp_compare.c module ----------------
*
* Compile with:
@@ -840,6 +885,9 @@ int main(void)
int count;
+ if (test_SLPFoldWhiteSpace() != 0)
+ return -1;
+
/* *** SLPContainsStringList ***
*/
count = SLPContainsStringList(sizeof lst1 - 1, lst1, sizeof str1 - 1, str1);

19
openslp-2.0.0-cve-2017-17833.patch Normal file
View File

@ -0,0 +1,19 @@
diff -up openslp-2.0.0/slpd/slpd_process.c.orig openslp-2.0.0/slpd/slpd_process.c
--- openslp-2.0.0/slpd/slpd_process.c.orig 2018-05-09 13:08:06.185104375 +0200
+++ openslp-2.0.0/slpd/slpd_process.c 2018-05-09 13:07:21.017095089 +0200
@@ -462,6 +462,15 @@ static int ProcessSrvRqst(SLPMessage * m
message->body.srvrqst.srvtype, 23, SLP_DA_SERVICE_TYPE) == 0)
{
errorcode = ProcessDASrvRqst(message, sendbuf, errorcode);
+
+ if (result != *sendbuf)
+ {
+ // The pointer stored at *sendbuf can be modified by a realloc
+ // operation in ProcessDASrvRqst(). Fix up the local copy of
+ // that pointer if necessary.
+ result = *sendbuf;
+ }
+
if (errorcode == 0)
{
/* Since we have an errorcode of 0, we were successful,

145
openslp-2.0.0-multicast-set.patch Normal file
View File

@ -0,0 +1,145 @@
diff -up openslp-2.0.0/etc/slpd.all_init.orig openslp-2.0.0/etc/slpd.all_init
--- openslp-2.0.0/etc/slpd.all_init.orig 2012-11-28 18:07:04.000000000 +0100
+++ openslp-2.0.0/etc/slpd.all_init 2017-10-04 12:50:36.672953246 +0200
@@ -1,28 +1,5 @@
#!/bin/bash
-#
-# /etc/rc.d/init.d/slpd
-#
-# slpd Start/Stop the OpenSLP SA daemon (slpd).
-#
-# chkconfig: 345 13 87
-# description: OpenSLP daemon for the Service Location Protocol
-# processname: slpd
-
-# Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org>
-# Modified for RHS Linux by Damien Neil
-# Modified for COL by Raymund Will, <ray@lst.de>
-# Modified for OpenSLP by Matt Peterson <mpeterson@calderasystems.com>
-# Modified to be distribution agnostic by Bart Whiteley <bart@caldera.com>
-
-#//////////////////////////////////////////////////#
-# Does nothing if a route exists that supports #
-# multicast traffic. If no routes supporting #
-# multicast traffic exists, the function tries to #
-# add one. A 0 is returned on success and a 1 #
-# on failure. One parameter must be passed in. #
-# This variable determins verbosity. If parameter #
-# is non-zero debugging will appear #
-#//////////////////////////////////////////////////#
+
multicast_route_set()
{
PING_OPTIONS_1='-c1 -w1'
@@ -36,8 +13,8 @@ multicast_route_set()
MSG_FAILED_TO_ADD=' FAILED - Route NOT Added.'
MSG_SUCCES_ON_ADD=' SUCCESS - Route Added.'
- CMD_GET_INTERFACE="netstat -i | awk 'BEGIN{}(NR>2)&&(!/^lo*/){print \$1}'"
- CMD_ADD_ROUTE="route add -net 224.0.0.0 netmask 240.0.0.0"
+ CMD_GET_INTERFACE="ip -o link show | awk 'BEGIN{FS=\": \"}!/^:digit:+: lo:.*/{print \$2}'"
+ CMD_ADD_ROUTE="ip route add 224.0.0.0/4 dev"
err_unreachable_found=`ping $PING_OPTIONS_1 $MULTICAST_ADDRESS 2>&1 1>/dev/null`
@@ -91,94 +68,11 @@ multicast_route_set()
return $retval
}
-NAME=slpd
-DAEMON=/usr/sbin/$NAME
-SUSE=0
-
-# Change to root
-OLDDIR=`pwd`
-cd /
-
-# Source function library.
-if [ -f /etc/rc.d/init.d/functions ]; then
- . /etc/rc.d/init.d/functions
-else
- SUSE=1
-fi
-
-test -x $DAEMON || exit 0
-
-if [ ! "$SVIlock" = "" ]; then
- unset LOCK
-else
- LOCK=/var/lock/subsys/slpd
+multicast_route_set 1
+multicast_enabled=$?
+if [ "$multicast_enabled" != "0" ] ; then
+ echo "Failure: No Route Available for Multicast Traffic"
+ exit 1
fi
-RETVAL=0
-
-#
-# See how we were called.
-#
-case "$1" in
- start)
- # Check if atd is already running
- # RH style
- if [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ -f $LOCK ]; then
- exit 0
- fi
- # Caldera Style
- if [ ! "$SVIlock" = "" ] && [ -f $SVIlock ]; then
- exit 0
- fi
- echo -n 'Starting slpd: '
-
- multicast_route_set 1
- multicast_enabled=$?
- if [ "$multicast_enabled" != "0" ] ; then
- echo "Failure: No Route Available for Multicast Traffic"
- exit 1
- fi
- if [ $SUSE -eq 0 ]; then
- if [ -x /sbin/ssd ]; then
- ssd -S -n $NAME -x $DAEMON -- $OPTIONS
- [ ! "$SVIlock" = "" ] && touch $SVIlock
- else
- daemon $DAEMON
- RETVAL=$?
- fi
- else
- startproc $DAEMON $OPTIONS
- fi
- [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && touch $LOCK
- echo
- ;;
- stop)
- echo -n 'Stopping slpd: '
-
- if [ -x /sbin/ssd ]; then
- ssd -K -p /var/run/$NAME.pid -n $NAME
- [ ! "$SVIlock" = "" ] && rm -f $SVIlock
- else
- killproc $DAEMON
- RETVAL=$?
- fi
- [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && rm -f $LOCK
- echo
- ;;
- reload|restart)
- cd $OLDDIR
- $0 stop
- $0 start
- cd /
- RETVAL=$?
- ;;
- status)
- status /usr/sbin/slpd
- RETVAL=$?
- ;;
- *)
- echo "Usage: /etc/rc.d/init.d/slpd {start|stop|restart|reload|status}"
- exit 1
-esac
-
-exit $RETVAL
+exit 0

39
openslp-2.0.0-notify-systemd-of-start-up.patch Normal file
View File

@ -0,0 +1,39 @@
exporting patch:
# HG changeset patch
# User Stephen Gallagher <sgallagh@redhat.com>
# Date 1394805577 14400
# Fri Mar 14 09:59:37 2014 -0400
# Node ID ff9067316db43f8e1204c0a7a743574c9f94feb5
# Parent 598821da69f2f26b1e76447bfecf139a4210ad48
Notify systemd of start-up completion
diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/Makefile.am
--- openslp/slpd/Makefile.am Sat Jun 08 15:14:45 2013 -0600
+++ openslp/slpd/Makefile.am Fri Mar 14 09:59:37 2014 -0400
@@ -93,5 +93,5 @@
slpd_index.h
#if you're building on Irix, replace .la with .a below
-slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la
+slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la -lsystemd
diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/slpd_main.c
--- openslp/slpd/slpd_main.c Sat Jun 08 15:14:45 2013 -0600
+++ openslp/slpd/slpd_main.c Fri Mar 14 09:59:37 2014 -0400
@@ -58,6 +58,8 @@
#include "slp_xid.h"
#include "slp_net.h"
+#include <systemd/sd-daemon.h>
+
int G_SIGALRM;
int G_SIGTERM;
int G_SIGHUP;
@@ -666,6 +668,7 @@
/* Main loop */
SLPDLog("Startup complete entering main run loop ...\n\n");
+ sd_notify(0, "READY=1");
G_SIGALRM = 0;
G_SIGTERM = 0;
G_SIGHUP = 0;

12
openslp-2.0.0-null-pointer-deref.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up openslp-2.0.0/common/slp_xmalloc.c.orig openslp-2.0.0/common/slp_xmalloc.c
--- openslp-2.0.0/common/slp_xmalloc.c.orig 2012-12-07 01:52:08.000000000 +0100
+++ openslp-2.0.0/common/slp_xmalloc.c 2016-05-23 12:58:57.953532979 +0200
@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int
if (x->size != size)
{
newptr = _xmalloc(file, line, size);
+ if (newptr == 0)
+ return 0;
memcpy(newptr, ptr, x->size);
_xfree(file, line, x);
}

28
openslp-2.0.0-openssl-1.1-fix.patch Normal file
View File

@ -0,0 +1,28 @@
diff -up openslp-2.0.0/common/slp_crypto.c.orig openslp-2.0.0/common/slp_crypto.c
--- openslp-2.0.0/common/slp_crypto.c.orig 2012-12-07 21:13:28.000000000 +0100
+++ openslp-2.0.0/common/slp_crypto.c 2017-10-04 09:38:48.469999889 +0200
@@ -88,11 +88,24 @@ SLPCryptoDSAKey * SLPCryptoDSAKeyDup(SLP
result = DSA_new();
if (result)
{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ const BIGNUM *p, *q, *g;
+ const BIGNUM *priv_key, *pub_key;
+
+ DSA_get0_pqg(dsa, &p, &q, &g);
+ DSA_get0_key(dsa, &pub_key, &priv_key);
+
+ /* would be nice to check return values, but
+ * original code for OpenSSL < 1.1 didn't do that either... */
+ DSA_set0_pqg(result, BN_dup(p), BN_dup(q), BN_dup(g));
+ DSA_set0_key(result, BN_dup(pub_key), BN_dup(priv_key));
+#else
result->p = BN_dup(dsa->p);
result->q = BN_dup(dsa->q);
result->g = BN_dup(dsa->g);
result->priv_key = BN_dup(dsa->priv_key);
result->pub_key = BN_dup(dsa->pub_key);
+#endif
}
return result;
}

BIN
openslp-2.0.0.tar.gz Normal file
View File

Binary file not shown.

128
openslp.spec Normal file
View File

@ -0,0 +1,128 @@
Name: openslp
Version: 2.0.0
Release: 21
Summary: Open-source inplementation of the IETF Service Location Protocol
License: BSD
URL: https://sourceforge.net/projects/openslp/
Source0: https://downloads.sf.net/openslp/openslp-%{version}.tar.gz
Source2: slpd.8.gz
Source3: slptool.1.gz
Source4: slpd.service
Patch1: openslp-2.0.0-multicast-set.patch
Patch2: openslp-2.0.0-notify-systemd-of-start-up.patch
Patch3: openslp-2.0.0-null-pointer-deref.patch
Patch4: openslp-2.0.0-openssl-1.1-fix.patch
Patch5: openslp-2.0.0-cve-2016-7567.patch
Patch6: openslp-2.0.0-cve-2017-17833.patch
Patch6000: CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch
Patch6001: Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch
Patch6002: Daemon-sends-wrong-service-reply-when-security-is-enabled.patch
Patch6003: Fix-DAAddresses-hostname-resolution-issue.patch
Patch6004: Change-default-slpreg-connection-from-UDP-to-TCP.patch
Patch6005: Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch
Patch6006: Fix-broadcast-functionality.patch
Patch6007: Properly-initialize-xcastsocks-for-error-exit.patch
Patch6008: Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch
BuildRequires: automake libtool bison flex openssl-devel systemd-units systemd-devel git
%description
Service Location Protocol (SLP) is an Internet Engineering Task Force (IETF) standards track protocol\
that provides a framework to allow networking applications to discover the existence, location,\
and configuration of networked services in enterprise networks.
%package devel
Summary: Provide headers and libraries for openslp
Requires: %{name} = %{version}-%{release}
%description devel
Provide header files and libraries of openslp
%package server
Summary: OpenSLP server daemon
Requires: %{name} = %{version}-%{release}
Requires: iproute
%description server
Provides a framework for applications to discover information about corporate network.
%package_help
%prep
%autosetup -n %{name}-%{version} -p1 -S git
autoreconf -fi
find . -name "CVS" | xargs rm -rf
%build
export CFLAGS="-fPIC -fno-strict-aliasing -fPIE -DPIE $RPM_OPT_FLAGS"
export LDFLAGS="-pie -Wl,-z,now"
%configure \
--prefix=%{_prefix} --libdir=%{_libdir} --sysconfdir=%{_sysconfdir} \
--localstatedir=/var --disable-dependency-tracking --disable-rpath\
--enable-slpv2-security --enable-async-api
%make_build
%install
%make_install
mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d
mkdir -p ${RPM_BUILD_ROOT}/usr/lib/%{name}-server
install -m 0755 etc/slpd.all_init ${RPM_BUILD_ROOT}/usr/lib/%{name}-server/slp-multicast-set.sh
mkdir -p ${RPM_BUILD_ROOT}/%{_unitdir}
install -p -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}/%{_unitdir}/slpd.service
mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man1/
mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man8/
cp %SOURCE2 ${RPM_BUILD_ROOT}%{_mandir}/man8/
cp %SOURCE3 ${RPM_BUILD_ROOT}%{_mandir}/man1/
rm -rf $RPM_BUILD_ROOT/usr/doc
%delete_la
%ldconfig_scriptlets
%post server
%systemd_post slpd.service
%preun server
%systemd_preun slpd.service
%postun server
%systemd_postun_with_restart slpd.service
%files
%defattr(-,root,root)
%doc AUTHORS COPYING
%config(noreplace) %{_sysconfdir}/slp.conf
%{_unitdir}/slpd.service
%{_bindir}/slptool
%{_libdir}/libslp.so.1*
/usr/lib/%{name}-server/*.sh
%files server
%defattr(-,root,root)
%config(noreplace) %{_sysconfdir}/slp.reg
%config(noreplace) %{_sysconfdir}/slp.spi
%{_sbindir}/slpd
/usr/lib/%{name}-server/slp-multicast-set.sh
%{_unitdir}/slpd.service
%files devel
%defattr(-,root,root)
%{_includedir}/*.h
%{_libdir}/*.so
%{_libdir}/*.a
%files help
%defattr(-,root,root)
%doc FAQ NEWS README THANKS
%doc doc/doc/html/*
%doc doc/doc/rfc/*.txt
%{_mandir}/man1/slptool.*
%{_mandir}/man8/slpd.*
%changelog
* Wed Sep 11 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.0.0-21
- Package init

BIN
slpd.8.gz Normal file
View File

Binary file not shown.

11
slpd.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=OpenSLP daemon for the Service Location Protocol
After=network.target
[Service]
Type=notify
ExecStart=/usr/sbin/slpd -d
ExecStartPre=/usr/lib/openslp-server/slp-multicast-set.sh
[Install]
WantedBy=multi-user.target

BIN
slptool.1.gz Normal file
View File

Binary file not shown.