package init

2020-02-14 03:00:47 -05:00 · 2020-02-14 03:00:47 -05:00 · 04cc3146ca
commit 04cc3146ca
parent e4e83861a7
8 changed files with 213 additions and 0 deletions
--- a/sblim-sfcb-1.3.16-maxMsgLen.patch
+++ b/sblim-sfcb-1.3.16-maxMsgLen.patch
@ -0,0 +1,14 @@
+diff -up sblim-sfcb-1.3.16/sfcb.cfg.pre.in.old sblim-sfcb-1.3.16/sfcb.cfg.pre.in
+--- sblim-sfcb-1.3.16/sfcb.cfg.pre.in.old	2012-06-13 23:21:09.000000000 +0200
+++ sblim-sfcb-1.3.16/sfcb.cfg.pre.in	2013-06-24 15:34:38.881992781 +0200
+@@ -113,8 +113,8 @@ provProcs:      32
+ 
+ ## Max message length, in bytes. This is a limit on the size of messages
+ ## written across sockets, for instance, between providers and SFCB.
+-## Default is 10000000
+-maxMsgLen:      10000000
+## Default is 100000000
+maxMsgLen:      100000000
+ 
+ ## Location of the registration directory, where providerRegister can be found
+ ## Default is @localstatedir@/lib/sfcb/registration
--- a/sblim-sfcb-1.4.8-default-ecdh-curve-name.patch
+++ b/sblim-sfcb-1.4.8-default-ecdh-curve-name.patch
@ -0,0 +1,26 @@
+diff -up sblim-sfcb-1.4.8/control.c.orig sblim-sfcb-1.4.8/control.c
+--- sblim-sfcb-1.4.8/control.c.orig	2014-03-27 00:46:28.000000000 +0100
+++ sblim-sfcb-1.4.8/control.c	2014-05-15 12:31:38.304169409 +0200
+@@ -170,7 +170,7 @@ static Control init[] = {
+   {"sslCertList", CTL_STRING, SFCB_CONFDIR "/clist.pem", {0}},
+   {"sslCiphers", CTL_STRING, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH", {0}},
+   {"sslDhParamsFilePath", CTL_STRING, NULL, {0}},
+-  {"sslEcDhCurveName", CTL_STRING, "secp224r1", {0}},
+  {"sslEcDhCurveName", CTL_STRING, "secp384r1", {0}},
+   {"enableSslCipherServerPref", CTL_BOOL, NULL, {.b=0}},
+ 
+   {"registrationDir", CTL_STRING, SFCB_STATEDIR "/registration", {0}},
+diff -up sblim-sfcb-1.4.8/sfcb.cfg.pre.in.orig sblim-sfcb-1.4.8/sfcb.cfg.pre.in
+--- sblim-sfcb-1.4.8/sfcb.cfg.pre.in.orig	2014-05-15 12:31:59.188244865 +0200
+++ sblim-sfcb-1.4.8/sfcb.cfg.pre.in	2014-05-15 12:32:45.554408412 +0200
+@@ -293,8 +293,8 @@ sslCiphers: ALL:!ADH:!LOW:!EXP:!MD5:@STR
+ ## environment. If this value is not set, the indicated default is in effect.
+ ## If the value is set but the curve name is not recognized by the underlying
+ ## openssl implementation, SFCB will abort.
+-## Default is secp224r1
+-#sslEcDhCurveName: secp224r1
+## Default is secp384r1
+#sslEcDhCurveName: secp384r1
+ 
+ ## When set to true, sets the SSL_OP_CIPHER_SERVER_PREFERENCE flag for the ssl
+ ## context, to enforce server's preference instead of the client preference for
--- a/sblim-sfcb-1.4.9-fix-ftbfs.patch
+++ b/sblim-sfcb-1.4.9-fix-ftbfs.patch
@ -0,0 +1,12 @@
+diff -up sblim-sfcb-1.4.9/control.c.orig sblim-sfcb-1.4.9/control.c
+--- sblim-sfcb-1.4.9/control.c.orig	2015-07-13 15:06:21.331660336 +0200
+++ sblim-sfcb-1.4.9/control.c	2015-07-13 15:08:38.031308917 +0200
+@@ -83,7 +83,7 @@ long            httpReqHandlerTimeout;
+  * Kindly null terminate, always, even if might overwrite
+  * the last char of the truncated string. 
+ */
+-inline char *strncpy_kind(char *to, char *from, size_t size) {
+char *strncpy_kind(char *to, char *from, size_t size) {
+   strncpy(to, from, size);
+   *(to + size - 1) = '\0';
+   return to;
--- a/sblim-sfcb-1.4.9-fix-null-content-type-crash.patch
+++ b/sblim-sfcb-1.4.9-fix-null-content-type-crash.patch
@ -0,0 +1,47 @@
+Author: Adam Majer <adam.majer@suse.de>
+Summary: Fix crash caused by NULL content_type
+
+Also, allow requests with Content-Type set to text/xml
+
+==31976== Invalid read of size 1
+==31976==    at 0x5883DEB: scanCimXmlRequest (cimXmlParserProcessed.c:1739)
+==31976==    by 0x588C88E: handleCimRequest (cimRequest.c:1850)
+==31976==    by 0x4E3D95A: doHttpRequest (httpAdapter.c:1399)
+==31976==    by 0x4E3EC96: handleHttpRequest (httpAdapter.c:1741)
+==31976==    by 0x4E3EC96: acceptRequest (httpAdapter.c:2022)
+==31976==    by 0x4E40B0C: httpDaemon (httpAdapter.c:2464)
+==31976==    by 0x404866: startHttpd (sfcBroker.c:540)
+==31976==    by 0x4038B3: main (sfcBroker.c:1062)
+==31976==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
+==31976== 
+==31976== 
+==31976== Process terminating with default action of signal 11 (SIGSEGV): dumping core
+==31976==  Access not within mapped region at address 0x0
+==31976==    at 0x5883DEB: scanCimXmlRequest (cimXmlParserProcessed.c:1739)
+==31976==    by 0x588C88E: handleCimRequest (cimRequest.c:1850)
+==31976==    by 0x4E3D95A: doHttpRequest (httpAdapter.c:1399)
+==31976==    by 0x4E3EC96: handleHttpRequest (httpAdapter.c:1741)
+==31976==    by 0x4E3EC96: acceptRequest (httpAdapter.c:2022)
+==31976==    by 0x4E40B0C: httpDaemon (httpAdapter.c:2464)
+==31976==    by 0x404866: startHttpd (sfcBroker.c:540)
+==31976==    by 0x4038B3: main (sfcBroker.c:1062)
+
+(gdb) p *ctx
+$3 = {cimDoc = 0x69058c0 "", principal = 0x0, host = 0x69054d9 "xxx.xx.xxx.xxx:5989", contentType = 0x0, teTrailers = 0, 
+  sessionId = 1, role = 0x0, cimDocLength = 0, commHndl = 0xffefffab0, chunkFncs = 0x5044798 <httpChunkFunctions>, 
+  className = 0x0, operation = 0, verb = 0x6905480 "POST", path = 0x6905485 "/"}
+
+Index: sblim-sfcb-1.4.8/httpAdapter.c
+===================================================================
+--- sblim-sfcb-1.4.8.orig/httpAdapter.c
+++ sblim-sfcb-1.4.8/httpAdapter.c
+@@ -1047,7 +1047,7 @@ doHttpRequest(CommHndl conn_fd)
+ 
+   inBuf.authorization = "";
+   inBuf.protocol = "HTTP/1.1";
+-  inBuf.content_type = NULL;
+  inBuf.content_type = "application/xml";
+   inBuf.content_length = UINT_MAX;
+   inBuf.host = NULL;
+   inBuf.useragent = "";
+
--- a/sblim-sfcb-1.4.9-fix-null-deref.patch
+++ b/sblim-sfcb-1.4.9-fix-null-deref.patch
@ -0,0 +1,13 @@
+diff -up sblim-sfcb-1.4.9/providerMgr.c.orig sblim-sfcb-1.4.9/providerMgr.c
+--- sblim-sfcb-1.4.9/providerMgr.c.orig	2014-11-25 02:43:12.000000000 +0100
+++ sblim-sfcb-1.4.9/providerMgr.c	2015-08-24 11:57:18.945280460 +0200
+@@ -355,6 +355,9 @@ lookupProviders(long type, char *classNa
+ 
+   _SFCB_ENTER(TRACE_PROVIDERMGR, "lookupProviders");
+ 
+  if (className == NULL)
+    _SFCB_RETURN(NULL);
+
+   id = malloc(strlen(nameSpace) + strlen(className) + 8);
+   strcpy(id, nameSpace);
+   strcat(id, "|");
--- a/sblim-sfcb-1.4.9.tar.bz2
+++ b/sblim-sfcb-1.4.9.tar.bz2
--- a/sblim-sfcb.spec
+++ b/sblim-sfcb.spec
@ -0,0 +1,92 @@
+Name: sblim-sfcb
+Summary: Small Footprint CIM Broker (SFCB)
+URL: http://sblim.sourceforge.net/wiki/index.php/Sfcb
+Version: 1.4.9
+Release: 14
+License: EPL
+
+Source0: http://downloads.sourceforge.net/sblim/%{name}-%{version}.tar.bz2
+Source1: sfcb.service
+
+Patch0: sblim-sfcb-1.3.16-maxMsgLen.patch
+Patch1: sblim-sfcb-1.4.8-default-ecdh-curve-name.patch
+Patch2: sblim-sfcb-1.4.9-fix-ftbfs.patch
+Patch3: sblim-sfcb-1.4.9-fix-null-deref.patch
+Patch4: sblim-sfcb-1.4.9-fix-null-content-type-crash.patch
+
+Provides: cim-server = 0
+Requires: cim-schema sblim-sfcCommon
+BuildRequires: libcurl-devel perl-generators zlib-devel openssl-devel
+BuildRequires: pam-devel cim-schema bison flex sblim-cmpi-devel
+BuildRequires: systemd sblim-sfcCommon-devel openslp-devel gcc
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%Description
+SFCB is a CIM server for resource-constrained and embedded environments.
+It is written in C and designed to be modular and lightweight.
+
+%prep
+%autosetup -T -b 0 -p1 -n %{name}-%{version}
+
+%build
+%configure --enable-debug --enable-uds --enable-ssl --enable-pam --enable-ipv6 \
+    --enable-slp --enable-large_volume_support --enable-optimized-enumeration --enable-relax-mofsyntax \
+    CFLAGS="$CFLAGS -D_GNU_SOURCE -fPIE -DPIE" LDFLAGS="$LDFLAGS -Wl,-z,now -pie"
+
+make
+
+%install
+%make_install
+
+install -d %{buildroot}%{_unitdir}
+install -p -m644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
+
+mkdir -p %{buildroot}%{_mandir}/man1/
+
+rm %{buildroot}%{_sysconfdir}/init.d/sfcb
+%delete_la
+
+echo "%defattr(-,root,root,-)" > _pkg_list
+
+find %{buildroot}%{_datadir}/sfcb -type f | grep -v %{buildroot}%{_datadir}/sfcb/CIM >> _pkg_list
+sed -i s?%{buildroot}??g _pkg_list > _pkg_list_2
+echo "%config(noreplace) %{_sysconfdir}/sfcb/*" >> _pkg_list
+echo "%config(noreplace) %{_sysconfdir}/pam.d/*" >> _pkg_list
+echo "%doc %{_docdir}/*" >> _pkg_list
+echo "%{_mandir}/man1/*" >> _pkg_list
+echo "%{_unitdir}/%{name}.service" >> _pkg_list
+echo "%{_localstatedir}/lib/sfcb" >> _pkg_list
+echo "%{_bindir}/*" >> _pkg_list
+echo "%{_sbindir}/*" >> _pkg_list
+echo "%{_libdir}/sfcb/*.so.*" >> _pkg_list
+echo "%{_libdir}/sfcb/*.so" >> _pkg_list
+
+cat _pkg_list
+
+%pre
+%{_bindir}/getent group sfcb >/dev/null || %{_sbindir}/groupadd -r sfcb
+%{_sbindir}/usermod -a -G sfcb root > /dev/null 2>&1 || :
+
+%post
+%{_datadir}/sfcb/genSslCert.sh %{_sysconfdir}/sfcb &>/dev/null || :
+/sbin/ldconfig
+%{_bindir}/sfcbrepos -f > /dev/null 2>1
+%systemd_post %{name}.service
+
+%preun
+%systemd_preun %{name}.service
+
+%postun
+/sbin/ldconfig
+%systemd_postun_with_restart %{name}.service
+if [ $1 -eq 0 ]; then
+        %{_sbindir}/groupdel sfcb > /dev/null 2>&1 || :;
+fi;
+
+%files -f _pkg_list
+
+%changelog
+* Fri Feb 14 2020 Senlin Xia <xiasenlin1@huawei.com> - 1.4.9-14
+- Package init
--- a/sfcb.service
+++ b/sfcb.service
@ -0,0 +1,9 @@
+[Unit]
+Description=Small Footprint CIM Broker Service
+After=syslog.target
+
+[Service]
+ExecStart=/usr/sbin/sfcbd
+
+[Install]
+WantedBy=multi-user.target