enable driver-internal supplicant only in wet mode and set psk2 mode if configured
[openwrt.git] / openwrt / package / portmap / patches / debian-subset.patch
1 --- portmap-5.orig/Makefile
2 +++ portmap-5/Makefile
3 @@ -8,7 +8,7 @@
4 # if you disagree. See `man 3 syslog' for examples. Some syslog versions
5 # do not provide this flexibility.
6 #
7 -FACILITY=LOG_MAIL
8 +FACILITY=LOG_DAEMON
9
10 # To disable tcp-wrapper style access control, comment out the following
11 # macro definitions. Access control can also be turned off by providing
12 @@ -16,7 +16,8 @@
13 # daemon, is always treated as an authorized host.
14
15 HOSTS_ACCESS= -DHOSTS_ACCESS
16 -WRAP_LIB = $(WRAP_DIR)/libwrap.a
17 +#WRAP_LIB = $(WRAP_DIR)/libwrap.a
18 +WRAP_LIB = -lwrap
19
20 # Comment out if your RPC library does not allocate privileged ports for
21 # requests from processes with root privilege, or the new portmap will
22 @@ -71,7 +72,7 @@
23 # With verbose logging on, HP-UX 9.x and AIX 4.1 leave zombies behind when
24 # SIGCHLD is not ignored. Enable next macro for a fix.
25 #
26 -# ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x
27 +ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x
28
29 # Uncomment the following macro if your system does not have u_long.
30 #
31 @@ -81,11 +82,14 @@
32 # libwrap.a object library. WRAP_DIR should specify the directory with
33 # that library.
34
35 -WRAP_DIR= ../tcp_wrappers
36 +WRAP_DIR= $(TCPD_DIR)
37
38 # Auxiliary object files that may be missing from your C library.
39 #
40 -AUX = daemon.o strerror.o
41 +#AUX = daemon.o strerror.o
42 +
43 +# glibc has strerror() (it's POSIX) and daemon() (when compiling -D_BSD_SOURCE)
44 +AUX =
45
46 # NEXTSTEP is a little different. The following seems to work with NS 3.2
47 #
48 @@ -99,22 +103,31 @@
49
50 # Comment out if your compiler talks ANSI and understands const
51 #
52 -CONST = -Dconst=
53 +#CONST = -Dconst=
54
55 ### End of configurable stuff.
56 ##############################
57
58 +GLIBC=$(shell grep -s -c __GLIBC__ /usr/include/features.h)
59 +
60 +ifeq ($(GLIBC),0)
61 +LIBS += # -lbsd
62 +else
63 +LIBS += -lnsl
64 +endif
65 +
66 +
67 SHELL = /bin/sh
68
69 -COPT = $(CONST) -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \
70 +COPT = $(CONST) $(HOSTS_ACCESS) $(CHECK_PORT) \
71 $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) \
72 $(LOOPBACK) $(SETPGRP)
73 -CFLAGS = $(COPT) -O $(NSARCHS)
74 +CFLAGS = -Wall $(COPT) -O2 $(NSARCHS)
75 OBJECTS = portmap.o pmap_check.o from_local.o $(AUX)
76
77 all: portmap pmap_dump pmap_set
78
79 -portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a
80 +portmap: $(OBJECTS) # $(WRAP_DIR)/libwrap.a
81 $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_LIB) $(LIBS)
82
83 pmap_dump: pmap_dump.c
84 @@ -129,6 +142,17 @@
85 get_myaddress: get_myaddress.c
86 cc $(CFLAGS) -DTEST -o $@ get_myaddress.c $(LIBS)
87
88 +install: all
89 + install -o root -g root -m 0755 -s portmap ${BASEDIR}/sbin
90 + install -o root -g root -m 0755 -s pmap_dump ${BASEDIR}/sbin
91 + install -o root -g root -m 0755 -s pmap_set ${BASEDIR}/sbin
92 + install -o root -g root -m 0644 portmap.8 ${BASEDIR}/usr/share/man/man8
93 + install -o root -g root -m 0644 pmap_dump.8 ${BASEDIR}/usr/share/man/man8
94 + install -o root -g root -m 0644 pmap_set.8 ${BASEDIR}/usr/share/man/man8
95 + cat BLURB >${BASEDIR}/usr/share/doc/portmap/portmapper.txt
96 + gzip -9f ${BASEDIR}/usr/share/doc/portmap/portmapper.txt
97 +
98 +
99 lint:
100 lint $(COPT) $(OBJECTS:%.o=%.c)
101
102 --- portmap-5.orig/daemon.c
103 +++ portmap-5/daemon.c
104 @@ -36,11 +36,8 @@
105 #endif /* LIBC_SCCS and not lint */
106
107 #include <fcntl.h>
108 -
109 -/* From unistd.h */
110 -#define STDIN_FILENO 0
111 -#define STDOUT_FILENO 1
112 -#define STDERR_FILENO 2
113 +#include <unistd.h>
114 +#include <sys/types.h>
115
116 /* From paths.h */
117 #define _PATH_DEVNULL "/dev/null"
118 --- portmap-5.orig/pmap_check.c
119 +++ portmap-5/pmap_check.c
120 @@ -41,10 +41,14 @@
121 #include <syslog.h>
122 #include <netdb.h>
123 #include <sys/signal.h>
124 +#include <grp.h>
125 #ifdef SYSV40
126 #include <netinet/in.h>
127 #include <rpc/rpcent.h>
128 #endif
129 +#include <sys/types.h>
130 +#include <unistd.h>
131 +#include <tcpd.h>
132
133 extern char *inet_ntoa();
134
135 @@ -101,15 +105,25 @@
136 * Give up root privileges so that we can never allocate a privileged
137 * port when forwarding an rpc request.
138 */
139 + if (setgid(1) == -1) {
140 + syslog(LOG_ERR, "setgid(1) failed: %m");
141 + exit(1);
142 + }
143 + if (setgroups(0, 0) == -1) {
144 + syslog(LOG_ERR, "setgroups(0, 0) failed: %m");
145 + exit(1);
146 + }
147 if (setuid(1) == -1) {
148 syslog(LOG_ERR, "setuid(1) failed: %m");
149 exit(1);
150 }
151 +
152 (void) signal(SIGINT, toggle_verboselog);
153 }
154
155 /* check_default - additional checks for NULL, DUMP, GETPORT and unknown */
156
157 +int
158 check_default(addr, proc, prog)
159 struct sockaddr_in *addr;
160 u_long proc;
161 @@ -128,6 +142,7 @@
162
163 /* check_privileged_port - additional checks for privileged-port updates */
164
165 +int
166 check_privileged_port(addr, proc, prog, port)
167 struct sockaddr_in *addr;
168 u_long proc;
169 @@ -173,6 +188,7 @@
170
171 #else
172
173 +int
174 check_setunset(addr, proc, prog, port)
175 struct sockaddr_in *addr;
176 u_long proc;
177 @@ -197,6 +213,7 @@
178
179 /* check_callit - additional checks for forwarded requests */
180
181 +int
182 check_callit(addr, proc, prog, aproc)
183 struct sockaddr_in *addr;
184 u_long proc;
185 @@ -249,13 +266,13 @@
186 };
187 struct proc_map *procp;
188 static struct proc_map procmap[] = {
189 - PMAPPROC_CALLIT, "callit",
190 - PMAPPROC_DUMP, "dump",
191 - PMAPPROC_GETPORT, "getport",
192 - PMAPPROC_NULL, "null",
193 - PMAPPROC_SET, "set",
194 - PMAPPROC_UNSET, "unset",
195 - 0, 0,
196 + {PMAPPROC_CALLIT, "callit"},
197 + {PMAPPROC_DUMP, "dump"},
198 + {PMAPPROC_GETPORT, "getport"},
199 + {PMAPPROC_NULL, "null"},
200 + {PMAPPROC_SET, "set"},
201 + {PMAPPROC_UNSET, "unset"},
202 + {0, 0},
203 };
204
205 /*
206 @@ -269,7 +286,7 @@
207
208 if (prognum == 0) {
209 progname = "";
210 - } else if (rpc = getrpcbynumber((int) prognum)) {
211 + } else if ((rpc = getrpcbynumber((int) prognum))) {
212 progname = rpc->r_name;
213 } else {
214 sprintf(progname = progbuf, "%lu", prognum);
215 --- portmap-5.orig/from_local.c
216 +++ portmap-5/from_local.c
217 @@ -51,6 +51,9 @@
218 #include <net/if.h>
219 #include <sys/ioctl.h>
220 #include <syslog.h>
221 +#include <stdlib.h>
222 +#include <string.h>
223 +#include <unistd.h>
224
225 #ifndef TRUE
226 #define TRUE 1
227 @@ -96,6 +99,7 @@
228
229 /* find_local - find all IP addresses for this host */
230
231 +int
232 find_local()
233 {
234 struct ifconf ifc;
235 @@ -154,6 +158,7 @@
236
237 /* from_local - determine whether request comes from the local system */
238
239 +int
240 from_local(addr)
241 struct sockaddr_in *addr;
242 {
243 --- portmap-5.orig/pmap_dump.c
244 +++ portmap-5/pmap_dump.c
245 @@ -23,6 +23,20 @@
246
247 static char *protoname();
248
249 +#ifndef INADDR_LOOPBACK
250 +#define INADDR_LOOPBACK ntohl(inet_addr("127.0.0.1"))
251 +#endif
252 +
253 +static void get_myloopaddress(addrp)
254 +struct sockaddr_in *addrp;
255 +{
256 + memset((char *) addrp, 0, sizeof(*addrp));
257 + addrp->sin_family = AF_INET;
258 + addrp->sin_port = htons(PMAPPORT);
259 + addrp->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
260 +}
261 +
262 +int
263 main(argc, argv)
264 int argc;
265 char **argv;
266 @@ -31,7 +45,7 @@
267 register struct pmaplist *list;
268 register struct rpcent *rpc;
269
270 - get_myaddress(&addr);
271 + get_myloopaddress(&addr);
272
273 for (list = pmap_getmaps(&addr); list; list = list->pml_next) {
274 rpc = getrpcbynumber((int) list->pml_map.pm_prog);
275 --- portmap-5.orig/pmap_set.c
276 +++ portmap-5/pmap_set.c
277 @@ -17,6 +17,10 @@
278 #include <rpc/rpc.h>
279 #include <rpc/pmap_clnt.h>
280
281 +int parse_line(char *buf, u_long *prog, u_long *vers, int *prot,
282 + unsigned *port);
283 +
284 +int
285 main(argc, argv)
286 int argc;
287 char **argv;
288 @@ -40,6 +44,7 @@
289
290 /* parse_line - convert line to numbers */
291
292 +int
293 parse_line(buf, prog, vers, prot, port)
294 char *buf;
295 u_long *prog;
296 @@ -47,9 +52,9 @@
297 int *prot;
298 unsigned *port;
299 {
300 - char proto_name[BUFSIZ];
301 + char proto_name[256];
302
303 - if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) {
304 + if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) {
305 return (0);
306 }
307 if (strcmp(proto_name, "tcp") == 0) {
308 @@ -65,3 +70,4 @@
309 }
310 return (0);
311 }
312 +
313 --- portmap-5.orig/portmap.c
314 +++ portmap-5/portmap.c
315 @@ -80,6 +80,10 @@
316 * Mountain View, California 94043
317 */
318
319 +#if defined(__GLIBC__)
320 +#define _BSD_SOURCE 1 /* for daemon(3) */
321 +#include <rpc/xdr.h>
322 +#endif /* __GLIBC__ */
323 #include <rpc/rpc.h>
324 #include <rpc/pmap_prot.h>
325 #include <stdio.h>
326 @@ -91,11 +95,13 @@
327 #include <sys/signal.h>
328 #include <sys/time.h>
329 #include <sys/resource.h>
330 -#ifdef SYSV40
331 #include <netinet/in.h>
332 -#endif
333 +#include <sys/types.h>
334 +#include <unistd.h>
335 +#include <string.h>
336 +#include <errno.h>
337 +#include <arpa/inet.h>
338
339 -extern char *strerror();
340 #include <stdlib.h>
341
342 #ifndef LOG_PERROR
343 @@ -124,7 +130,6 @@
344 static void callit();
345 struct pmaplist *pmaplist;
346 int debugging = 0;
347 -extern int errno;
348
349 #include "pmap_check.h"
350
351 @@ -148,6 +153,7 @@
352 #endif
353 #endif
354
355 +int
356 main(argc, argv)
357 int argc;
358 char **argv;
359 @@ -157,22 +163,31 @@
360 struct sockaddr_in addr;
361 int len = sizeof(struct sockaddr_in);
362 register struct pmaplist *pml;
363 + char *chroot_path = NULL;
364 + struct in_addr bindaddr;
365 + int have_bindaddr = 0;
366
367 - while ((c = getopt(argc, argv, "dv")) != EOF) {
368 + while ((c = getopt(argc, argv, "dt:vi:")) != EOF) {
369 switch (c) {
370
371 case 'd':
372 debugging = 1;
373 break;
374 -
375 + case 't':
376 + chroot_path = optarg;
377 + break;
378 case 'v':
379 verboselog = 1;
380 break;
381 -
382 + case 'i':
383 + have_bindaddr = inet_aton(optarg, &bindaddr);
384 + break;
385 default:
386 - (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]);
387 + (void) fprintf(stderr, "usage: %s [-dv] [-t path] [-i address]\n", argv[0]);
388 (void) fprintf(stderr, "-d: debugging mode\n");
389 + (void) fprintf(stderr, "-t path: chroot into path\n");
390 (void) fprintf(stderr, "-v: verbose logging\n");
391 + (void) fprintf(stderr, "-i address: bind to address\n");
392 exit(1);
393 }
394 }
395 @@ -201,6 +216,9 @@
396 addr.sin_addr.s_addr = 0;
397 addr.sin_family = AF_INET;
398 addr.sin_port = htons(PMAPPORT);
399 + if (have_bindaddr)
400 + memcpy(&addr.sin_addr, &bindaddr, sizeof(bindaddr));
401 +
402 if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
403 syslog(LOG_ERR, "cannot bind udp: %m");
404 exit(1);
405 @@ -227,7 +245,7 @@
406 setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on);
407 #endif
408 if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
409 - syslog(LOG_ERR, "cannot bind udp: %m");
410 + syslog(LOG_ERR, "cannot bind tcp: %m");
411 exit(1);
412 }
413 if ((xprt = svctcp_create(sock, RPCSMALLMSGSIZE, RPCSMALLMSGSIZE))
414 @@ -280,6 +298,14 @@
415 (void)svc_register(xprt, PMAPPROG, PMAPVERS, reg_service, FALSE);
416
417 /* additional initializations */
418 + if (chroot_path)
419 + {
420 + if (-1 == chroot(chroot_path))
421 + {
422 + syslog(LOG_ERR, "couldn't do chroot");
423 + exit(1);
424 + }
425 + }
426 check_startup();
427 #ifdef IGNORE_SIGCHLD /* Lionel Cons <cons@dxcern.cern.ch> */
428 (void)signal(SIGCHLD, SIG_IGN);
429 @@ -350,7 +376,7 @@
430 */
431 /* remote host authorization check */
432 check_default(svc_getcaller(xprt), rqstp->rq_proc, (u_long) 0);
433 - if (!svc_sendreply(xprt, xdr_void, (caddr_t)0) && debugging) {
434 + if (!svc_sendreply(xprt, (xdrproc_t) xdr_void, (caddr_t)0) && debugging) {
435 abort();
436 }
437 break;
438 @@ -359,7 +385,7 @@
439 /*
440 * Set a program,version to port mapping
441 */
442 - if (!svc_getargs(xprt, xdr_pmap, &reg))
443 + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) &reg))
444 svcerr_decode(xprt);
445 else {
446 /* reject non-local requests, protect priv. ports */
447 @@ -401,7 +427,7 @@
448 ans = 1;
449 }
450 done:
451 - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) &&
452 + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) &&
453 debugging) {
454 (void) fprintf(stderr, "svc_sendreply\n");
455 abort();
456 @@ -413,7 +439,7 @@
457 /*
458 * Remove a program,version to port mapping.
459 */
460 - if (!svc_getargs(xprt, xdr_pmap, &reg))
461 + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) &reg))
462 svcerr_decode(xprt);
463 else {
464 ans = 0;
465 @@ -447,7 +473,7 @@
466 prevpml->pml_next = pml;
467 free(t);
468 }
469 - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) &&
470 + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) &&
471 debugging) {
472 (void) fprintf(stderr, "svc_sendreply\n");
473 abort();
474 @@ -459,7 +485,7 @@
475 /*
476 * Lookup the mapping for a program,version and return its port
477 */
478 - if (!svc_getargs(xprt, xdr_pmap, &reg))
479 + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) &reg))
480 svcerr_decode(xprt);
481 else {
482 /* remote host authorization check */
483 @@ -474,7 +500,7 @@
484 port = fnd->pml_map.pm_port;
485 else
486 port = 0;
487 - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&port)) &&
488 + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&port)) &&
489 debugging) {
490 (void) fprintf(stderr, "svc_sendreply\n");
491 abort();
492 @@ -486,7 +512,7 @@
493 /*
494 * Return the current set of mapped program,version
495 */
496 - if (!svc_getargs(xprt, xdr_void, NULL))
497 + if (!svc_getargs(xprt, (xdrproc_t) xdr_void, (caddr_t) NULL))
498 svcerr_decode(xprt);
499 else {
500 /* remote host authorization check */
501 @@ -497,7 +523,7 @@
502 } else {
503 p = pmaplist;
504 }
505 - if ((!svc_sendreply(xprt, xdr_pmaplist,
506 + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist,
507 (caddr_t)&p)) && debugging) {
508 (void) fprintf(stderr, "svc_sendreply\n");
509 abort();
510 @@ -645,7 +671,7 @@
511 timeout.tv_sec = 5;
512 timeout.tv_usec = 0;
513 a.rmt_args.args = buf;
514 - if (!svc_getargs(xprt, xdr_rmtcall_args, &a))
515 + if (!svc_getargs(xprt, (xdrproc_t) xdr_rmtcall_args, (caddr_t) &a))
516 return;
517 /* host and service access control */
518 if (!check_callit(svc_getcaller(xprt),
519 @@ -674,9 +700,9 @@
520 au->aup_uid, au->aup_gid, au->aup_len, au->aup_gids);
521 }
522 a.rmt_port = (u_long)port;
523 - if (clnt_call(client, a.rmt_proc, xdr_opaque_parms, &a,
524 - xdr_len_opaque_parms, &a, timeout) == RPC_SUCCESS) {
525 - svc_sendreply(xprt, xdr_rmtcall_result, (caddr_t)&a);
526 + if (clnt_call(client, a.rmt_proc, (xdrproc_t) xdr_opaque_parms, (char*) &a,
527 + (xdrproc_t) xdr_len_opaque_parms, (char*) &a, timeout) == RPC_SUCCESS) {
528 + svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (caddr_t)&a);
529 }
530 AUTH_DESTROY(client->cl_auth);
531 clnt_destroy(client);
This page took 0.06486 seconds and 5 git commands to generate.