commit 659d0b70566caa9709af0626204de418dcd8cb7b Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 11:10:48 2019 -0400 Package init diff --git a/CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch b/CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch new file mode 100644 index 0000000..966ea50 --- /dev/null +++ b/CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch @@ -0,0 +1,43 @@ +# HG changeset patch +# User John Calcote +# Date 1491502259 21600 +# Thu Apr 06 12:10:59 2017 -0600 +# Node ID 52e64208bc616a5def0f4d337c1adc18c23ef3ec +# Parent f9f53696e6bea9976d3c0e5c6825b9d7a026be7c +CVE-2012-4428: fix handling of string-list in slp_common.c + +diff -r f9f53696e6be -r 52e64208bc61 common/slp_compare.c +--- a/common/slp_compare.c Thu Apr 06 12:04:31 2017 -0600 ++++ b/common/slp_compare.c Thu Apr 06 12:10:59 2017 -0600 +@@ -588,13 +588,10 @@ + /* seek to the end of the next list item */ + while(1) + { +- if(itemend == listend || *itemend == ',') +- { +- if(*(itemend - 1) != '\\') +- { +- break; +- } +- } ++ if(itemend == listend) ++ break; ++ if(*itemend == ',' && *(itemend - 1) != '\\') ++ break; + + itemend++; + } +@@ -684,9 +681,10 @@ + /* seek to the end of the next list item */ + while (1) + { +- if (itemend == listend || *itemend == ',') +- if (*(itemend - 1) != '\\') +- break; ++ if(itemend == listend) ++ break; ++ if(*itemend == ',' && *(itemend - 1) != '\\') ++ break; + itemend++; + } + diff --git a/Change-default-slpreg-connection-from-UDP-to-TCP.patch b/Change-default-slpreg-connection-from-UDP-to-TCP.patch new file mode 100644 index 0000000..eea8815 --- /dev/null +++ b/Change-default-slpreg-connection-from-UDP-to-TCP.patch @@ -0,0 +1,47 @@ +# HG changeset patch +# User John Calcote +# Date 1491590497 21600 +# Fri Apr 07 12:41:37 2017 -0600 +# Node ID 5f989105ddc62829adbb3ac1c36a51bd927ba1d9 +# Parent 2faa881f0616fce98cf239e80989cd650347190d +BUG#139: Change default slpreg connection from UDP to TCP. + +diff -r 2faa881f0616 -r 5f989105ddc6 libslp/libslp_network.c +--- a/libslp/libslp_network.c Fri Apr 07 12:25:06 2017 -0600 ++++ b/libslp/libslp_network.c Fri Apr 07 12:41:37 2017 -0600 +@@ -371,21 +371,29 @@ + { + sockfd_t sock = SLP_INVALID_SOCKET; + +- /*Note that these don't actually test the connection to slpd. +- They don't have to, since all code that calls this function eventually +- does a NetworkRqstRply, which has retry logic for the datagram case*/ ++ /* Note that these don't actually test the connection to slpd. ++ * They don't have to, since all code that calls this function eventually ++ * does a NetworkRqstRply, which has retry logic for the datagram case. ++ */ ++ struct timeval timeout; ++ timeout.tv_sec = SLPPropertyAsInteger(SLPGetProperty("net.slp.randomWaitBound")); ++ timeout.tv_usec = (timeout.tv_sec % 1000) * 1000; ++ timeout.tv_sec = timeout.tv_sec / 1000; + + if (SLPNetIsIPV6()) +- if (!SLPNetSetAddr(peeraddr, AF_INET6, (uint16_t)SLPPropertyAsInteger("net.slp.port"), ++ if (!SLPNetSetAddr(peeraddr, AF_INET6, ++ (uint16_t)SLPPropertyAsInteger("net.slp.port"), + &slp_in6addr_loopback)) +- sock = SLPNetworkCreateDatagram(AF_INET6); ++ sock = SLPNetworkConnectStream(peeraddr, &timeout); + + if (sock == SLP_INVALID_SOCKET && SLPNetIsIPV4()) + { + int tempAddr = INADDR_LOOPBACK; + if (SLPNetSetAddr(peeraddr, AF_INET, + (uint16_t)SLPPropertyAsInteger("net.slp.port"), &tempAddr) == 0) +- sock = SLPNetworkCreateDatagram(AF_INET); ++ { ++ sock = SLPNetworkConnectStream(peeraddr, &timeout); ++ } + } + return sock; + } diff --git a/Daemon-sends-wrong-service-reply-when-security-is-enabled.patch b/Daemon-sends-wrong-service-reply-when-security-is-enabled.patch new file mode 100644 index 0000000..698fb96 --- /dev/null +++ b/Daemon-sends-wrong-service-reply-when-security-is-enabled.patch @@ -0,0 +1,32 @@ +# HG changeset patch +# User John Calcote +# Date 1491512136 21600 +# Thu Apr 06 14:55:36 2017 -0600 +# Node ID df49bc4f2972edbe5aa62598af00f57277f5bded +# Parent 07c9f60808790d038865b83b216d100848b2600a +BUG#155: Daemon sends wrong service reply when security is enabled. + +diff -r 07c9f6080879 -r df49bc4f2972 slpd/slpd_process.c +--- a/slpd/slpd_process.c Thu Apr 06 12:27:49 2017 -0600 ++++ b/slpd/slpd_process.c Thu Apr 06 14:55:36 2017 -0600 +@@ -615,13 +615,17 @@ + else + #endif + { +- /* Use an opaque copy if available (and authentication is +- * not being used). +- */ ++ /* Use an opaque copy if available. */ + + /* TRICKY: Fix up the lifetime. */ + TO_UINT16(urlentry->opaque + 1, urlentry->lifetime); + memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen); ++ ++ /* TRICKY: Fix up the result authblock count. */ ++ if (urlentry->authcount) ++ result->curpos[1 + 2 + 2 + urlentry->urllen] = (uint8_t)urlentry->authcount; ++ /* 1 reserved + 2 lifetime + 2 url length */ ++ + result->curpos += urlentry->opaquelen; + } + } diff --git a/Fix-DAAddresses-hostname-resolution-issue.patch b/Fix-DAAddresses-hostname-resolution-issue.patch new file mode 100644 index 0000000..93a65e6 --- /dev/null +++ b/Fix-DAAddresses-hostname-resolution-issue.patch @@ -0,0 +1,29 @@ +# HG changeset patch +# User John Calcote +# Date 1491512773 21600 +# Thu Apr 06 15:06:13 2017 -0600 +# Node ID a33eb64be8d3ad17e6052fa23e118f166f11fd16 +# Parent df49bc4f2972edbe5aa62598af00f57277f5bded +Bug#154: Fix DAAddresses hostname resolution issue. + +diff -r df49bc4f2972 -r a33eb64be8d3 slpd/slpd_knownda.c +--- a/slpd/slpd_knownda.c Thu Apr 06 14:55:36 2017 -0600 ++++ b/slpd/slpd_knownda.c Thu Apr 06 15:06:13 2017 -0600 +@@ -574,7 +574,7 @@ + { + if (SLPNetIsIPV6() && ai_ref->ai_addr->sa_family == AF_INET6) + { +- memcpy(&daaddr, &ai_ref->ai_addr, ++ memcpy(&daaddr, ai_ref->ai_addr, + sizeof(struct sockaddr_in6)); + daaddr_isset = 1; + break; +@@ -584,7 +584,7 @@ + && !daaddr_isset + && ai_ref->ai_addr->sa_family == AF_INET) + { +- memcpy(&daaddr, &ai_ref->ai_addr, ++ memcpy(&daaddr, ai_ref->ai_addr, + sizeof(struct sockaddr_in)); + daaddr_isset = 1; + /* we'll continue searching for an IPv6 address, but we'll use the first IPv4 address if none are found */ diff --git a/Fix-broadcast-functionality.patch b/Fix-broadcast-functionality.patch new file mode 100644 index 0000000..3534087 --- /dev/null +++ b/Fix-broadcast-functionality.patch @@ -0,0 +1,41 @@ +# HG changeset patch +# User John Calcote +# Date 1491599282 21600 +# Fri Apr 07 15:08:02 2017 -0600 +# Node ID b04612a6f65ae48d4f4b1b351caa429eab326b91 +# Parent 95e918d8e0d90ffa7902073c1e70c976e00cc0b0 +BUG#127: Fix broadcast functionality. + +diff -r 95e918d8e0d9 -r b04612a6f65a common/slp_xcast.c +--- a/common/slp_xcast.c Fri Apr 07 13:34:14 2017 -0600 ++++ b/common/slp_xcast.c Fri Apr 07 15:08:02 2017 -0600 +@@ -70,6 +70,7 @@ + const SLPBuffer msg, SLPXcastSockets * socks) + { + int xferbytes; ++ int broadAddr = INADDR_BROADCAST; + so_bool_t on = 1; + + for (socks->sock_count = 0; +@@ -95,7 +96,8 @@ + sizeof(ifaceinfo->bcast_addr[socks->sock_count])); + + SLPNetSetAddr(&socks->peeraddr[socks->sock_count], AF_INET, +- (uint16_t)SLPPropertyAsInteger("net.slp.port"), 0); ++ (uint16_t)SLPPropertyAsInteger("net.slp.port"), ++ (unsigned char *)&broadAddr); + xferbytes = sendto(socks->sock[socks->sock_count], + (char *)msg->start, (int)(msg->end - msg->start), 0, + (struct sockaddr *)&socks->peeraddr[socks->sock_count], +diff -r 95e918d8e0d9 -r b04612a6f65a libslp/libslp_network.c +--- a/libslp/libslp_network.c Fri Apr 07 13:34:14 2017 -0600 ++++ b/libslp/libslp_network.c Fri Apr 07 15:08:02 2017 -0600 +@@ -1077,7 +1077,7 @@ + } + } + +- usebroadcast = SLPPropertyAsBoolean("net.slp.useBroadcast"); ++ usebroadcast = SLPPropertyAsBoolean("net.slp.isBroadcastOnly"); + + /* multicast/broadcast wait timeouts */ + maxwait = SLPPropertyAsInteger("net.slp.multicastMaximumWait"); diff --git a/Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch b/Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch new file mode 100644 index 0000000..7f7c9e7 --- /dev/null +++ b/Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch @@ -0,0 +1,81 @@ +# HG changeset patch +# User John Calcote +# Date 1491593654 21600 +# Fri Apr 07 13:34:14 2017 -0600 +# Node ID 95e918d8e0d90ffa7902073c1e70c976e00cc0b0 +# Parent 5f989105ddc62829adbb3ac1c36a51bd927ba1d9 +BUG#123: Fix interface parsing code to look for null ifc addrs. + +diff -r 5f989105ddc6 -r 95e918d8e0d9 common/slp_iface.c +--- a/common/slp_iface.c Fri Apr 07 12:41:37 2017 -0600 ++++ b/common/slp_iface.c Fri Apr 07 13:34:14 2017 -0600 +@@ -417,8 +417,14 @@ + { + for (; ifa; ifa = ifa->ifa_next) + { ++ /* filter out NULL address interfaces */ ++ if (!ifa->ifa_addr) ++ continue; ++ ++ /* filter out non-v6 interfaces */ + if (ifa->ifa_addr->sa_family != AF_INET6) + continue; ++ + paddr = (struct sockaddr_in6 *)ifa->ifa_addr; + if (!memcmp(&paddr->sin6_addr, &addr->sin6_addr, sizeof(struct in6_addr))) + { +@@ -433,8 +439,14 @@ + + for (; ifa; ifa = ifa->ifa_next) + { ++ /* filter out NULL address interfaces */ ++ if (!ifa->ifa_addr) ++ continue; ++ ++ /* filter out non-v6 interfaces */ + if (ifa->ifa_addr->sa_family != AF_INET6) + continue; ++ + paddr = (struct sockaddr_in6 *)ifa->ifa_addr; + if ((!strcmp(iface, ifa->ifa_name)) && (!memcmp(&paddr->sin6_addr, &addr->sin6_addr, sizeof(struct in6_addr)))) + { +@@ -600,9 +612,15 @@ + + for (ifa = ifaddrs; ifa && ifaceinfo->iface_count < slp_max_ifaces; ifa = ifa->ifa_next) + { ++ /* filter out NULL address interfaces */ ++ if (!ifa->ifa_addr) ++ continue; ++ ++ /* filter out non-v6 interfaces */ + if (ifa->ifa_addr->sa_family != AF_INET6) + continue; + ++ /* filter out loopback interfaces */ + if (!strcmp("lo", ifa->ifa_name)) + continue; + +@@ -1135,7 +1153,7 @@ + return sts; + } + +-/** Extract Interface Name from scope id. ++/** Extract Interface Name from scope id. This function is called by v6 code only. + * + * @param[in] scope_id - The scope id of interface + * @param[in,out] iface - The interface name got from scope id +@@ -1156,8 +1174,14 @@ + ifaddr = ifa; + for (; ifa; ifa = ifa->ifa_next) + { ++ /* filter out NULL address interfaces */ ++ if (!ifa->ifa_addr) ++ continue; ++ ++ /* filter out non-v6 interfaces */ + if (ifa->ifa_addr->sa_family != AF_INET6) + continue; ++ + if (((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_scope_id == scope_id) + { + if (strlen(ifa->ifa_name) >= MAX_IFACE_LEN) diff --git a/Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch b/Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch new file mode 100644 index 0000000..0ccac5d --- /dev/null +++ b/Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch @@ -0,0 +1,20 @@ +# HG changeset patch +# User John Calcote +# Date 1491503269 21600 +# Thu Apr 06 12:27:49 2017 -0600 +# Node ID 07c9f60808790d038865b83b216d100848b2600a +# Parent 52e64208bc616a5def0f4d337c1adc18c23ef3ec +Fix slp_iface.c comma expression so it works as designed. + +diff -r 52e64208bc61 -r 07c9f6080879 common/slp_iface.c +--- a/common/slp_iface.c Thu Apr 06 12:10:59 2017 -0600 ++++ b/common/slp_iface.c Thu Apr 06 12:27:49 2017 -0600 +@@ -1087,7 +1087,7 @@ + } + } + else +- sts = (errno = EINVAL), -1; /* not v4, not v6 */ ++ sts = ((errno = EINVAL), -1); /* not v4, not v6 */ + } + else if (if_nametoindex(token)) + { diff --git a/Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch b/Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch new file mode 100644 index 0000000..54f13d9 --- /dev/null +++ b/Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch @@ -0,0 +1,20 @@ +# HG changeset patch +# User John Calcote +# Date 1491604127 21600 +# Fri Apr 07 16:28:47 2017 -0600 +# Node ID a53aa0004700c5e65dc72052298503faf3ae3fa0 +# Parent 7287c265e09be2abcfefefd4e496e04f2e5afcde +BUG#100: Fix xrealloc to properly free original pointer on resize. + +diff -r 7287c265e09b -r a53aa0004700 common/slp_xmalloc.c +--- a/common/slp_xmalloc.c Fri Apr 07 15:50:23 2017 -0600 ++++ b/common/slp_xmalloc.c Fri Apr 07 16:28:47 2017 -0600 +@@ -206,7 +206,7 @@ + if (newptr == 0) + return 0; + memcpy(newptr, ptr, x->size); +- _xfree(file, line, x); ++ _xfree(file, line, ptr); + } + return newptr; + } diff --git a/Properly-initialize-xcastsocks-for-error-exit.patch b/Properly-initialize-xcastsocks-for-error-exit.patch new file mode 100644 index 0000000..de3bae2 --- /dev/null +++ b/Properly-initialize-xcastsocks-for-error-exit.patch @@ -0,0 +1,27 @@ +# HG changeset patch +# User John Calcote +# Date 1491599819 21600 +# Fri Apr 07 15:16:59 2017 -0600 +# Node ID 2a2554a6550270bc586811b2ce1f73d104cae6f1 +# Parent b04612a6f65ae48d4f4b1b351caa429eab326b91 +BUG#108: Properly initialize xcastsocks for error exit. + +diff -r b04612a6f65a -r 2a2554a65502 libslp/libslp_network.c +--- a/libslp/libslp_network.c Fri Apr 07 15:08:02 2017 -0600 ++++ b/libslp/libslp_network.c Fri Apr 07 15:16:59 2017 -0600 +@@ -983,6 +983,7 @@ + v6outifaceinfo.bcast_addr = NULL; + xcastsocks.sock = NULL; + xcastsocks.peeraddr = NULL; ++ xcastsocks.sock_count = 0; + + xid = SLPXidGenerate(); + mtu = getmtu(); +@@ -1034,7 +1035,6 @@ + result = SLP_MEMORY_ALLOC_FAILED; + goto FINISHED; + } +- xcastsocks.sock_count = 0; + xcastsocks.sock = malloc(slp_max_ifaces * sizeof(sockfd_t)); + if (xcastsocks.sock == NULL) + { diff --git a/openslp-2.0.0-cve-2016-7567.patch b/openslp-2.0.0-cve-2016-7567.patch new file mode 100644 index 0000000..2b0e35c --- /dev/null +++ b/openslp-2.0.0-cve-2016-7567.patch @@ -0,0 +1,90 @@ +diff -up openslp-2.0.0/common/slp_compare.c.orig openslp-2.0.0/common/slp_compare.c +--- openslp-2.0.0/common/slp_compare.c.orig 2012-12-12 20:12:43.000000000 +0100 ++++ openslp-2.0.0/common/slp_compare.c 2017-03-14 10:51:36.480675991 +0100 +@@ -194,7 +194,8 @@ static int SLPUnescapeInPlace(size_t len + * @return The new (shorter) length of @p str. + * + * @note This routine assumes that leading and trailing white space have +- * already been removed from @p str. ++ * already been removed from @p str. It also assumes that @p str may ++ * not be null-terminated. + */ + static int SLPFoldWhiteSpace(size_t len, char * str) + { +@@ -203,11 +204,11 @@ static int SLPFoldWhiteSpace(size_t len, + { + if (isspace(*p)) + { +- char * ws2p = ++p; /* Point ws2p to the second ws char. */ +- while (isspace(*p)) /* Scan till we hit a non-ws char. */ ++ char * ws2p = ++p; /* Point ws2p to the second ws char. */ ++ while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */ + p++; +- len -= p - ws2p; /* Reduce the length by extra ws. */ +- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */ ++ len -= p - ws2p; /* Reduce the length by extra ws. */ ++ memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */ + } + p++; + } +@@ -821,6 +822,50 @@ int SLPCheckAttributeListSyntax(const ch + + #ifdef SLP_COMPARE_TEST + ++/* Test boundary conditions of SLPFoldWhiteSpace. */ ++static int test_SLPFoldWhiteSpace(void) ++{ ++ static char test_str0[] = " "; ++ static char test_str1[] = "Blah"; ++ static char test_str3[] = "Blah blah"; ++ static char test_str4[] = "Blah blah"; ++ static char test_str5[] = "Blah blah blah"; ++ static char test_str8[] = " Blah blah"; ++ static char test_str9[] = " Blah blah"; ++ static char test_strC[] = "Blah blah "; ++ static char test_strD[] = "Blah blah xxxx"; ++ ++ static char * test_strs[] = ++ { ++ test_str0, test_str0, test_str0, test_str1, test_strC, ++ test_str3, test_str4, test_str5, test_strC, test_strC, ++ test_str8, test_str9, test_strC, test_strD, ++ }; ++ ++ static int test_lens[] = ++ { ++ 0, 1, 2, 4, 9, 10, 11, 15, 10, 11, 10, 11, 11, 11, ++ }; ++ ++ static int test_fins[] = ++ { ++ 0, 1, 1, 4, 9, 9, 9, 14, 10, 10, 10, 10, 10, 10, ++ }; ++ ++#define MAX_BUFSZ 32 ++ ++ int i; ++ for (i = 0; i < sizeof(test_strs) / sizeof(*test_strs); ++i) ++ { ++ char test_buf[MAX_BUFSZ]; ++ memmove(test_buf, test_strs[i], test_lens[i]); ++ int len = SLPFoldWhiteSpace(test_lens[i], test_buf); ++ if (len != test_fins[i]) ++ return -1; ++ } ++ return 0; ++} ++ + /* ---------------- Test main for the slp_compare.c module ---------------- + * + * Compile with: +@@ -840,6 +885,9 @@ int main(void) + + int count; + ++ if (test_SLPFoldWhiteSpace() != 0) ++ return -1; ++ + /* *** SLPContainsStringList *** + */ + count = SLPContainsStringList(sizeof lst1 - 1, lst1, sizeof str1 - 1, str1); diff --git a/openslp-2.0.0-cve-2017-17833.patch b/openslp-2.0.0-cve-2017-17833.patch new file mode 100644 index 0000000..eefce40 --- /dev/null +++ b/openslp-2.0.0-cve-2017-17833.patch @@ -0,0 +1,19 @@ +diff -up openslp-2.0.0/slpd/slpd_process.c.orig openslp-2.0.0/slpd/slpd_process.c +--- openslp-2.0.0/slpd/slpd_process.c.orig 2018-05-09 13:08:06.185104375 +0200 ++++ openslp-2.0.0/slpd/slpd_process.c 2018-05-09 13:07:21.017095089 +0200 +@@ -462,6 +462,15 @@ static int ProcessSrvRqst(SLPMessage * m + message->body.srvrqst.srvtype, 23, SLP_DA_SERVICE_TYPE) == 0) + { + errorcode = ProcessDASrvRqst(message, sendbuf, errorcode); ++ ++ if (result != *sendbuf) ++ { ++ // The pointer stored at *sendbuf can be modified by a realloc ++ // operation in ProcessDASrvRqst(). Fix up the local copy of ++ // that pointer if necessary. ++ result = *sendbuf; ++ } ++ + if (errorcode == 0) + { + /* Since we have an errorcode of 0, we were successful, diff --git a/openslp-2.0.0-multicast-set.patch b/openslp-2.0.0-multicast-set.patch new file mode 100644 index 0000000..4bd1a07 --- /dev/null +++ b/openslp-2.0.0-multicast-set.patch @@ -0,0 +1,145 @@ +diff -up openslp-2.0.0/etc/slpd.all_init.orig openslp-2.0.0/etc/slpd.all_init +--- openslp-2.0.0/etc/slpd.all_init.orig 2012-11-28 18:07:04.000000000 +0100 ++++ openslp-2.0.0/etc/slpd.all_init 2017-10-04 12:50:36.672953246 +0200 +@@ -1,28 +1,5 @@ + #!/bin/bash +-# +-# /etc/rc.d/init.d/slpd +-# +-# slpd Start/Stop the OpenSLP SA daemon (slpd). +-# +-# chkconfig: 345 13 87 +-# description: OpenSLP daemon for the Service Location Protocol +-# processname: slpd +- +-# Author: Miquel van Smoorenburg, +-# Modified for RHS Linux by Damien Neil +-# Modified for COL by Raymund Will, +-# Modified for OpenSLP by Matt Peterson +-# Modified to be distribution agnostic by Bart Whiteley +- +-#//////////////////////////////////////////////////# +-# Does nothing if a route exists that supports # +-# multicast traffic. If no routes supporting # +-# multicast traffic exists, the function tries to # +-# add one. A 0 is returned on success and a 1 # +-# on failure. One parameter must be passed in. # +-# This variable determins verbosity. If parameter # +-# is non-zero debugging will appear # +-#//////////////////////////////////////////////////# ++ + multicast_route_set() + { + PING_OPTIONS_1='-c1 -w1' +@@ -36,8 +13,8 @@ multicast_route_set() + MSG_FAILED_TO_ADD=' FAILED - Route NOT Added.' + MSG_SUCCES_ON_ADD=' SUCCESS - Route Added.' + +- CMD_GET_INTERFACE="netstat -i | awk 'BEGIN{}(NR>2)&&(!/^lo*/){print \$1}'" +- CMD_ADD_ROUTE="route add -net 224.0.0.0 netmask 240.0.0.0" ++ CMD_GET_INTERFACE="ip -o link show | awk 'BEGIN{FS=\": \"}!/^:digit:+: lo:.*/{print \$2}'" ++ CMD_ADD_ROUTE="ip route add 224.0.0.0/4 dev" + + err_unreachable_found=`ping $PING_OPTIONS_1 $MULTICAST_ADDRESS 2>&1 1>/dev/null` + +@@ -91,94 +68,11 @@ multicast_route_set() + return $retval + } + +-NAME=slpd +-DAEMON=/usr/sbin/$NAME +-SUSE=0 +- +-# Change to root +-OLDDIR=`pwd` +-cd / +- +-# Source function library. +-if [ -f /etc/rc.d/init.d/functions ]; then +- . /etc/rc.d/init.d/functions +-else +- SUSE=1 +-fi +- +-test -x $DAEMON || exit 0 +- +-if [ ! "$SVIlock" = "" ]; then +- unset LOCK +-else +- LOCK=/var/lock/subsys/slpd ++multicast_route_set 1 ++multicast_enabled=$? ++if [ "$multicast_enabled" != "0" ] ; then ++ echo "Failure: No Route Available for Multicast Traffic" ++ exit 1 + fi + +-RETVAL=0 +- +-# +-# See how we were called. +-# +-case "$1" in +- start) +- # Check if atd is already running +- # RH style +- if [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ -f $LOCK ]; then +- exit 0 +- fi +- # Caldera Style +- if [ ! "$SVIlock" = "" ] && [ -f $SVIlock ]; then +- exit 0 +- fi +- echo -n 'Starting slpd: ' +- +- multicast_route_set 1 +- multicast_enabled=$? +- if [ "$multicast_enabled" != "0" ] ; then +- echo "Failure: No Route Available for Multicast Traffic" +- exit 1 +- fi +- if [ $SUSE -eq 0 ]; then +- if [ -x /sbin/ssd ]; then +- ssd -S -n $NAME -x $DAEMON -- $OPTIONS +- [ ! "$SVIlock" = "" ] && touch $SVIlock +- else +- daemon $DAEMON +- RETVAL=$? +- fi +- else +- startproc $DAEMON $OPTIONS +- fi +- [ $SUSE -eq 0 ] && [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && touch $LOCK +- echo +- ;; +- stop) +- echo -n 'Stopping slpd: ' +- +- if [ -x /sbin/ssd ]; then +- ssd -K -p /var/run/$NAME.pid -n $NAME +- [ ! "$SVIlock" = "" ] && rm -f $SVIlock +- else +- killproc $DAEMON +- RETVAL=$? +- fi +- [ ! "$LOCK" = "" ] && [ $RETVAL -eq 0 ] && rm -f $LOCK +- echo +- ;; +- reload|restart) +- cd $OLDDIR +- $0 stop +- $0 start +- cd / +- RETVAL=$? +- ;; +- status) +- status /usr/sbin/slpd +- RETVAL=$? +- ;; +- *) +- echo "Usage: /etc/rc.d/init.d/slpd {start|stop|restart|reload|status}" +- exit 1 +-esac +- +-exit $RETVAL ++exit 0 diff --git a/openslp-2.0.0-notify-systemd-of-start-up.patch b/openslp-2.0.0-notify-systemd-of-start-up.patch new file mode 100644 index 0000000..97aca5a --- /dev/null +++ b/openslp-2.0.0-notify-systemd-of-start-up.patch @@ -0,0 +1,39 @@ +exporting patch: +# HG changeset patch +# User Stephen Gallagher +# Date 1394805577 14400 +# Fri Mar 14 09:59:37 2014 -0400 +# Node ID ff9067316db43f8e1204c0a7a743574c9f94feb5 +# Parent 598821da69f2f26b1e76447bfecf139a4210ad48 +Notify systemd of start-up completion + +diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/Makefile.am +--- openslp/slpd/Makefile.am Sat Jun 08 15:14:45 2013 -0600 ++++ openslp/slpd/Makefile.am Fri Mar 14 09:59:37 2014 -0400 +@@ -93,5 +93,5 @@ + slpd_index.h + + #if you're building on Irix, replace .la with .a below +-slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la ++slpd_LDADD = ../common/libcommonslpd.la ../libslpattr/libslpattr.la -lsystemd + +diff -r 598821da69f2 -r ff9067316db4 openslp/slpd/slpd_main.c +--- openslp/slpd/slpd_main.c Sat Jun 08 15:14:45 2013 -0600 ++++ openslp/slpd/slpd_main.c Fri Mar 14 09:59:37 2014 -0400 +@@ -58,6 +58,8 @@ + #include "slp_xid.h" + #include "slp_net.h" + ++#include ++ + int G_SIGALRM; + int G_SIGTERM; + int G_SIGHUP; +@@ -666,6 +668,7 @@ + + /* Main loop */ + SLPDLog("Startup complete entering main run loop ...\n\n"); ++ sd_notify(0, "READY=1"); + G_SIGALRM = 0; + G_SIGTERM = 0; + G_SIGHUP = 0; diff --git a/openslp-2.0.0-null-pointer-deref.patch b/openslp-2.0.0-null-pointer-deref.patch new file mode 100644 index 0000000..3c07d6e --- /dev/null +++ b/openslp-2.0.0-null-pointer-deref.patch @@ -0,0 +1,12 @@ +diff -up openslp-2.0.0/common/slp_xmalloc.c.orig openslp-2.0.0/common/slp_xmalloc.c +--- openslp-2.0.0/common/slp_xmalloc.c.orig 2012-12-07 01:52:08.000000000 +0100 ++++ openslp-2.0.0/common/slp_xmalloc.c 2016-05-23 12:58:57.953532979 +0200 +@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int + if (x->size != size) + { + newptr = _xmalloc(file, line, size); ++ if (newptr == 0) ++ return 0; + memcpy(newptr, ptr, x->size); + _xfree(file, line, x); + } diff --git a/openslp-2.0.0-openssl-1.1-fix.patch b/openslp-2.0.0-openssl-1.1-fix.patch new file mode 100644 index 0000000..47766fc --- /dev/null +++ b/openslp-2.0.0-openssl-1.1-fix.patch @@ -0,0 +1,28 @@ +diff -up openslp-2.0.0/common/slp_crypto.c.orig openslp-2.0.0/common/slp_crypto.c +--- openslp-2.0.0/common/slp_crypto.c.orig 2012-12-07 21:13:28.000000000 +0100 ++++ openslp-2.0.0/common/slp_crypto.c 2017-10-04 09:38:48.469999889 +0200 +@@ -88,11 +88,24 @@ SLPCryptoDSAKey * SLPCryptoDSAKeyDup(SLP + result = DSA_new(); + if (result) + { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *p, *q, *g; ++ const BIGNUM *priv_key, *pub_key; ++ ++ DSA_get0_pqg(dsa, &p, &q, &g); ++ DSA_get0_key(dsa, &pub_key, &priv_key); ++ ++ /* would be nice to check return values, but ++ * original code for OpenSSL < 1.1 didn't do that either... */ ++ DSA_set0_pqg(result, BN_dup(p), BN_dup(q), BN_dup(g)); ++ DSA_set0_key(result, BN_dup(pub_key), BN_dup(priv_key)); ++#else + result->p = BN_dup(dsa->p); + result->q = BN_dup(dsa->q); + result->g = BN_dup(dsa->g); + result->priv_key = BN_dup(dsa->priv_key); + result->pub_key = BN_dup(dsa->pub_key); ++#endif + } + return result; + } diff --git a/openslp-2.0.0.tar.gz b/openslp-2.0.0.tar.gz new file mode 100644 index 0000000..00aa594 Binary files /dev/null and b/openslp-2.0.0.tar.gz differ diff --git a/openslp.spec b/openslp.spec new file mode 100644 index 0000000..4a1de2f --- /dev/null +++ b/openslp.spec @@ -0,0 +1,128 @@ +Name: openslp +Version: 2.0.0 +Release: 21 +Summary: Open-source inplementation of the IETF Service Location Protocol +License: BSD +URL: https://sourceforge.net/projects/openslp/ +Source0: https://downloads.sf.net/openslp/openslp-%{version}.tar.gz +Source2: slpd.8.gz +Source3: slptool.1.gz +Source4: slpd.service + +Patch1: openslp-2.0.0-multicast-set.patch +Patch2: openslp-2.0.0-notify-systemd-of-start-up.patch +Patch3: openslp-2.0.0-null-pointer-deref.patch +Patch4: openslp-2.0.0-openssl-1.1-fix.patch +Patch5: openslp-2.0.0-cve-2016-7567.patch +Patch6: openslp-2.0.0-cve-2017-17833.patch +Patch6000: CVE-2012-4428-fix-handling-of-string-list-in-slp_common-c.patch +Patch6001: Fix-slp_iface-c-comma-expression-so-it-works-as-designed.patch +Patch6002: Daemon-sends-wrong-service-reply-when-security-is-enabled.patch +Patch6003: Fix-DAAddresses-hostname-resolution-issue.patch +Patch6004: Change-default-slpreg-connection-from-UDP-to-TCP.patch +Patch6005: Fix-interface-parsing-code-to-look-for-null-ifc-addrs.patch +Patch6006: Fix-broadcast-functionality.patch +Patch6007: Properly-initialize-xcastsocks-for-error-exit.patch +Patch6008: Fix-xrealloc-to-properly-free-original-pointer-on-resize.patch + +BuildRequires: automake libtool bison flex openssl-devel systemd-units systemd-devel git + +%description +Service Location Protocol (SLP) is an Internet Engineering Task Force (IETF) standards track protocol\ +that provides a framework to allow networking applications to discover the existence, location,\ +and configuration of networked services in enterprise networks. + +%package devel +Summary: Provide headers and libraries for openslp +Requires: %{name} = %{version}-%{release} + +%description devel +Provide header files and libraries of openslp + +%package server +Summary: OpenSLP server daemon +Requires: %{name} = %{version}-%{release} +Requires: iproute + +%description server +Provides a framework for applications to discover information about corporate network. + +%package_help + +%prep +%autosetup -n %{name}-%{version} -p1 -S git + +autoreconf -fi +find . -name "CVS" | xargs rm -rf + +%build +export CFLAGS="-fPIC -fno-strict-aliasing -fPIE -DPIE $RPM_OPT_FLAGS" +export LDFLAGS="-pie -Wl,-z,now" + +%configure \ + --prefix=%{_prefix} --libdir=%{_libdir} --sysconfdir=%{_sysconfdir} \ + --localstatedir=/var --disable-dependency-tracking --disable-rpath\ + --enable-slpv2-security --enable-async-api + +%make_build + +%install +%make_install +mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d +mkdir -p ${RPM_BUILD_ROOT}/usr/lib/%{name}-server +install -m 0755 etc/slpd.all_init ${RPM_BUILD_ROOT}/usr/lib/%{name}-server/slp-multicast-set.sh +mkdir -p ${RPM_BUILD_ROOT}/%{_unitdir} +install -p -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}/%{_unitdir}/slpd.service +mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man1/ +mkdir -p ${RPM_BUILD_ROOT}/%{_mandir}/man8/ +cp %SOURCE2 ${RPM_BUILD_ROOT}%{_mandir}/man8/ +cp %SOURCE3 ${RPM_BUILD_ROOT}%{_mandir}/man1/ + +rm -rf $RPM_BUILD_ROOT/usr/doc +%delete_la + +%ldconfig_scriptlets + +%post server +%systemd_post slpd.service + +%preun server +%systemd_preun slpd.service + +%postun server +%systemd_postun_with_restart slpd.service + +%files +%defattr(-,root,root) +%doc AUTHORS COPYING +%config(noreplace) %{_sysconfdir}/slp.conf +%{_unitdir}/slpd.service +%{_bindir}/slptool +%{_libdir}/libslp.so.1* +/usr/lib/%{name}-server/*.sh + +%files server +%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/slp.reg +%config(noreplace) %{_sysconfdir}/slp.spi +%{_sbindir}/slpd +/usr/lib/%{name}-server/slp-multicast-set.sh +%{_unitdir}/slpd.service + +%files devel +%defattr(-,root,root) +%{_includedir}/*.h +%{_libdir}/*.so +%{_libdir}/*.a + +%files help +%defattr(-,root,root) +%doc FAQ NEWS README THANKS +%doc doc/doc/html/* +%doc doc/doc/rfc/*.txt +%{_mandir}/man1/slptool.* +%{_mandir}/man8/slpd.* + +%changelog +* Wed Sep 11 2019 openEuler Buildteam - 2.0.0-21 +- Package init diff --git a/slpd.8.gz b/slpd.8.gz new file mode 100644 index 0000000..f87cc30 Binary files /dev/null and b/slpd.8.gz differ diff --git a/slpd.service b/slpd.service new file mode 100644 index 0000000..382f6e9 --- /dev/null +++ b/slpd.service @@ -0,0 +1,11 @@ +[Unit] +Description=OpenSLP daemon for the Service Location Protocol +After=network.target + +[Service] +Type=notify +ExecStart=/usr/sbin/slpd -d +ExecStartPre=/usr/lib/openslp-server/slp-multicast-set.sh + +[Install] +WantedBy=multi-user.target diff --git a/slptool.1.gz b/slptool.1.gz new file mode 100644 index 0000000..15c823d Binary files /dev/null and b/slptool.1.gz differ