diff --git a/dhcp-4.0.0-port-validation.patch b/dhcp-4.0.0-port-validation.patch index a3e3b9a..6a432cc 100644 --- a/dhcp-4.0.0-port-validation.patch +++ b/dhcp-4.0.0-port-validation.patch @@ -1,6 +1,6 @@ diff -up dhcp-4.0.0/client/dhclient.c.port dhcp-4.0.0/client/dhclient.c ---- dhcp-4.0.0/client/dhclient.c.port 2008-09-30 14:28:01.000000000 -1000 -+++ dhcp-4.0.0/client/dhclient.c 2008-09-30 15:32:04.000000000 -1000 +--- dhcp-4.0.0/client/dhclient.c.port 2008-09-30 15:56:35.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.c 2008-09-30 15:56:52.000000000 -1000 @@ -218,7 +218,7 @@ int main(int argc, char **argv, char **e } else if (!strcmp (argv [i], "-p")) { if (++i == argc) @@ -11,13 +11,12 @@ diff -up dhcp-4.0.0/client/dhclient.c.port dhcp-4.0.0/client/dhclient.c ntohs (local_port)); } else if (!strcmp (argv [i], "-d")) { diff -up dhcp-4.0.0/common/inet.c.port dhcp-4.0.0/common/inet.c ---- dhcp-4.0.0/common/inet.c.port 2008-09-30 15:30:11.000000000 -1000 -+++ dhcp-4.0.0/common/inet.c 2008-09-30 15:36:13.000000000 -1000 -@@ -603,3 +603,21 @@ piaddrcidr(const struct iaddr *addr, uns - +--- dhcp-4.0.0/common/inet.c.port 2007-07-12 20:43:41.000000000 -1000 ++++ dhcp-4.0.0/common/inet.c 2008-09-30 15:57:20.000000000 -1000 +@@ -604,3 +604,20 @@ piaddrcidr(const struct iaddr *addr, uns return ret; } -+ + +/* Check the port number specified */ +u_int16_t +validate_port(char *port) { @@ -36,8 +35,8 @@ diff -up dhcp-4.0.0/common/inet.c.port dhcp-4.0.0/common/inet.c + return htons(local_port); +} diff -up dhcp-4.0.0/includes/dhcpd.h.port dhcp-4.0.0/includes/dhcpd.h ---- dhcp-4.0.0/includes/dhcpd.h.port 2008-09-30 14:28:01.000000000 -1000 -+++ dhcp-4.0.0/includes/dhcpd.h 2008-09-30 15:30:36.000000000 -1000 +--- dhcp-4.0.0/includes/dhcpd.h.port 2008-09-30 15:56:35.000000000 -1000 ++++ dhcp-4.0.0/includes/dhcpd.h 2008-09-30 15:56:52.000000000 -1000 @@ -2432,6 +2432,7 @@ isc_result_t free_iaddrcidrnetlist(struc const char *piaddr PROTO ((struct iaddr)); char *piaddrmask(struct iaddr *, struct iaddr *); @@ -48,7 +47,7 @@ diff -up dhcp-4.0.0/includes/dhcpd.h.port dhcp-4.0.0/includes/dhcpd.h extern int nowait; diff -up dhcp-4.0.0/relay/dhcrelay.c.port dhcp-4.0.0/relay/dhcrelay.c --- dhcp-4.0.0/relay/dhcrelay.c.port 2007-11-30 11:51:43.000000000 -1000 -+++ dhcp-4.0.0/relay/dhcrelay.c 2008-09-30 15:34:24.000000000 -1000 ++++ dhcp-4.0.0/relay/dhcrelay.c 2008-09-30 15:56:52.000000000 -1000 @@ -141,7 +141,7 @@ main(int argc, char **argv) { if (!strcmp (argv [i], "-p")) { if (++i == argc) @@ -59,8 +58,8 @@ diff -up dhcp-4.0.0/relay/dhcrelay.c.port dhcp-4.0.0/relay/dhcrelay.c ntohs (local_port)); } else if (!strcmp (argv [i], "-d")) { diff -up dhcp-4.0.0/server/dhcpd.c.port dhcp-4.0.0/server/dhcpd.c ---- dhcp-4.0.0/server/dhcpd.c.port 2008-09-30 14:28:00.000000000 -1000 -+++ dhcp-4.0.0/server/dhcpd.c 2008-09-30 15:34:01.000000000 -1000 +--- dhcp-4.0.0/server/dhcpd.c.port 2008-09-30 15:56:34.000000000 -1000 ++++ dhcp-4.0.0/server/dhcpd.c 2008-09-30 15:56:52.000000000 -1000 @@ -257,15 +257,7 @@ main(int argc, char **argv) { if (!strcmp (argv [i], "-p")) { if (++i == argc) diff --git a/dhcp.spec b/dhcp.spec index 8af749d..79be2f6 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -4,7 +4,7 @@ Summary: DHCP (Dynamic Host Configuration Protocol) server and relay agent Name: dhcp Version: 4.0.0 -Release: 25%{?dist} +Release: 26%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -47,6 +47,7 @@ Patch17: %{name}-4.0.0-FD_CLOEXEC.patch Patch18: %{name}-4.0.0-libdhcp4client.patch Patch19: %{name}-4.0.0-inherit-leases.patch Patch20: %{name}-4.0.0-garbage-chars.patch +Patch21: %{name}-4.0.0-port-validation.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf @@ -203,6 +204,10 @@ client library. # Fix 'garbage in format string' error (#450052) %patch20 -p1 +# Validate port numbers specified for dhclient, dhcpd, and dhcrelay +# to make sure they are within 1-65535, inclusive. (#438149) +%patch21 -p1 + # Copy in documentation and example scripts for LDAP patch to dhcpd %{__install} -p -m 0644 %{SOURCE5} . %{__install} -p -m 0644 %{SOURCE6} doc/ @@ -440,6 +445,10 @@ fi %{_libdir}/libdhcp4client.so %changelog +* Tue Sep 30 2008 David Cantrell - 12:4.0.0-26 +- Validate port numbers for dhclient, dhcpd, and dhcrelay to ensure + that are within the correct range (#438149) + * Mon Sep 29 2008 David Cantrell - 12:4.0.0-25 - Fix dhcpd so it can find configuration data via LDAP (#452985)