diff --git a/0020-Send-16bit-protocol-numbers-from-the-sss_client.patch b/0020-Send-16bit-protocol-numbers-from-the-sss_client.patch new file mode 100644 index 0000000..06109f6 --- /dev/null +++ b/0020-Send-16bit-protocol-numbers-from-the-sss_client.patch @@ -0,0 +1,69 @@ +From 188f9e1e646b0bed530913ca76bbcdf0f342cc66 Mon Sep 17 00:00:00 2001 +From: Jakub Hrozek +Date: Fri, 25 May 2012 13:52:32 +0200 +Subject: [PATCH 20/21] Send 16bit protocol numbers from the sss_client + +https://fedorahosted.org/sssd/ticket/1348 +--- + src/responder/nss/nsssrv_services.c | 2 +- + src/sss_client/nss_services.c | 13 +++++++------ + 2 files changed, 8 insertions(+), 7 deletions(-) + +diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c +index 2e539f13576d18c97d8c3bff2ced2fd5ed01290f..db8a2ca132b4f47c4d6cd78ce99280486e22f2a0 100644 +--- a/src/responder/nss/nsssrv_services.c ++++ b/src/responder/nss/nsssrv_services.c +@@ -1050,7 +1050,7 @@ errno_t parse_getservbyport(TALLOC_CTX *mem_ctx, + SAFEALIGN_COPY_UINT16(&c, body, NULL); + port = ntohs(c); + +- port_and_padding_len = 2 * sizeof(uint16_t) + sizeof(uint32_t); ++ port_and_padding_len = 2 * sizeof(uint16_t); + i = port_and_padding_len; + j = 0; + +diff --git a/src/sss_client/nss_services.c b/src/sss_client/nss_services.c +index 3f042b4a2a62dbf56b5295e84af8d0371708453a..8f25781a1ec188931157368a2e38067be23c0c00 100644 +--- a/src/sss_client/nss_services.c ++++ b/src/sss_client/nss_services.c +@@ -270,6 +270,7 @@ _nss_sss_getservbyport_r(int port, const char *protocol, + size_t proto_len = 0; + uint8_t *repbuf; + uint8_t *data; ++ size_t p = 0; + size_t replen, len; + enum nss_status nret; + int ret; +@@ -285,23 +286,23 @@ _nss_sss_getservbyport_r(int port, const char *protocol, + } + } + +- rd.len = sizeof(uint32_t)*2 + proto_len + 1; +- data = malloc(sizeof(char)*rd.len); ++ rd.len = sizeof(uint16_t)*2 + proto_len + 1; ++ data = malloc(sizeof(uint8_t)*rd.len); + if (data == NULL) { + nret = NSS_STATUS_TRYAGAIN; + goto out; + } + +- SAFEALIGN_SET_UINT32(data, port, NULL); ++ SAFEALIGN_SET_UINT16(data, port, &p); + + /* Padding */ +- memset(data + sizeof(uint32_t), 0, 4); ++ SAFEALIGN_SET_UINT16(data + p, 0, &p); + + if (protocol) { +- memcpy(data + sizeof(uint32_t)*2, protocol, proto_len + 1); ++ memcpy(data + p, protocol, proto_len + 1); + } else { + /* No protocol specified, pass empty string */ +- data[sizeof(uint32_t)*2] = '\0'; ++ data[p] = '\0'; + } + rd.data = data; + +-- +1.7.10.2 + diff --git a/0021-NSS-Restore-original-protocol-for-getservbyport.patch b/0021-NSS-Restore-original-protocol-for-getservbyport.patch new file mode 100644 index 0000000..4eb274b --- /dev/null +++ b/0021-NSS-Restore-original-protocol-for-getservbyport.patch @@ -0,0 +1,50 @@ +From 8126906ab783494204dc853c814b0882d2a76523 Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Fri, 25 May 2012 10:09:20 -0400 +Subject: [PATCH 21/21] NSS: Restore original protocol for getservbyport + +When fixing an endianness bug, we changed the protocol unnecessarily. +--- + src/responder/nss/nsssrv_services.c | 2 +- + src/sss_client/nss_services.c | 5 +++-- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c +index db8a2ca132b4f47c4d6cd78ce99280486e22f2a0..2e539f13576d18c97d8c3bff2ced2fd5ed01290f 100644 +--- a/src/responder/nss/nsssrv_services.c ++++ b/src/responder/nss/nsssrv_services.c +@@ -1050,7 +1050,7 @@ errno_t parse_getservbyport(TALLOC_CTX *mem_ctx, + SAFEALIGN_COPY_UINT16(&c, body, NULL); + port = ntohs(c); + +- port_and_padding_len = 2 * sizeof(uint16_t); ++ port_and_padding_len = 2 * sizeof(uint16_t) + sizeof(uint32_t); + i = port_and_padding_len; + j = 0; + +diff --git a/src/sss_client/nss_services.c b/src/sss_client/nss_services.c +index 8f25781a1ec188931157368a2e38067be23c0c00..159583d747fdd5b6dfbbda2c7a44b19a83ed1a1d 100644 +--- a/src/sss_client/nss_services.c ++++ b/src/sss_client/nss_services.c +@@ -54,8 +54,8 @@ static void sss_nss_getservent_data_clean(void) { + * + * GETSERVBYPORT Request: + * 0-3: 16-bit port number in network byte order +- * 4-7: Reserved/padding +- * 8-X: Zero-terminated string (protocol) ++ * 4-15: Reserved/padding ++ * 16-X: Zero-terminated string (protocol) + * Protocol may be zero-length to imply "any" + * + * Replies: +@@ -297,6 +297,7 @@ _nss_sss_getservbyport_r(int port, const char *protocol, + + /* Padding */ + SAFEALIGN_SET_UINT16(data + p, 0, &p); ++ SAFEALIGN_SET_UINT32(data + p, 0, &p); + + if (protocol) { + memcpy(data + p, protocol, proto_len + 1); +-- +1.7.10.2 + diff --git a/sssd.spec b/sssd.spec index 275bd80..9a641cf 100644 --- a/sssd.spec +++ b/sssd.spec @@ -16,7 +16,7 @@ Name: sssd Version: 1.9.0 -Release: 2%{?dist}.beta1 +Release: 3%{?dist}.beta1 Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ @@ -47,6 +47,8 @@ Patch0016: 0016-Update-translation-sources.patch Patch0017: 0017-LDAP-nested-groups-Do-not-process-callback-with-_pos.patch Patch0018: 0018-Fixed-issue-in-SELinux-user-maps.patch Patch0019: 0019-NSS-Fix-segfault-when-mmap-cache-cannot-be-initializ.patch +Patch0020: 0020-Send-16bit-protocol-numbers-from-the-sss_client.patch +Patch0021: 0021-NSS-Restore-original-protocol-for-getservbyport.patch ### Dependencies ### @@ -509,6 +511,10 @@ fi %postun -n libipa_hbac -p /sbin/ldconfig %changelog +* Tue May 29 2012 Stephen Gallagher - 1.9.0-3.beta1 +- Rebuild SSSD against ding-libs 0.3.0beta1 +- Fix endianness bug in service map protocol + * Thu May 24 2012 Stephen Gallagher - 1.9.0-2.beta1 - Fix several regressions since 1.5.x - Ensure that the RPM creates the /var/lib/sss/mc directory