July 2015 - openSUSE Commits - openSUSE Mailing Lists

commit cronie.3867 for openSUSE:13.2:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package cronie.3867 for openSUSE:13.2:Update checked in at 2015-07-02 09:35:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/cronie.3867 (Old) and /work/SRC/openSUSE:13.2:Update/.cronie.3867.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "cronie.3867" Changes: -------- New Changes file: --- /dev/null 2015-06-25 09:04:34.320025005 +0200 +++ /work/SRC/openSUSE:13.2:Update/.cronie.3867.new/cronie.changes 2015-07-02 09:35:50.000000000 +0200 @@ -0,0 +1,1146 @@ +------------------------------------------------------------------- +Tue Jun 23 08:33:33 UTC 2015 - tchvatal(a)suse.com + +- Sync cron.service with Factory, fixing bnc#926961. + +------------------------------------------------------------------- +Mon Sep 22 09:39:02 UTC 2014 - kstreitova(a)suse.com + + - fixes bnc#833240: the first occurance of "/etc/anacrontab" +replaced with "/etc/crontab" in the manpage file + - version updated to 1.4.12 + * various small bugfixes + +------------------------------------------------------------------- +Thu Sep 11 13:59:08 UTC 2014 - kstreitova(a)suse.com + +- clean up with spec-cleaner + +------------------------------------------------------------------- +Thu Sep 11 13:51:44 UTC 2014 - kstreitova(a)suse.com + +- fix dangling symlink on sbin/service + +------------------------------------------------------------------- +Fri Aug 1 14:32:37 UTC 2014 - vcizek(a)suse.com + +- add sysconfig.cron that used to be provided by aaa_base (bnc#860058) + +------------------------------------------------------------------- +Mon Jun 16 13:51:14 UTC 2014 - vdziewiecki(a)suse.com + +-Add an option to manually reload cron. + +------------------------------------------------------------------- +Thu Jan 30 13:57:03 UTC 2014 - vdziewiecki(a)suse.com + +-Restart the service if it crashes + +------------------------------------------------------------------- +Thu Jan 23 21:08:55 UTC 2014 - aj(a)ajaissle.de + +- Leave /usr/sbin/rccron in as link to /sbin/service + +------------------------------------------------------------------- +Sun Oct 20 14:50:52 UTC 2013 - p.drouand(a)gmail.com + +- Remove old sysvinit hacks; none target distributions use sysvinit + +------------------------------------------------------------------- +Wed Sep 25 16:02:13 UTC 2013 - vdziewiecki(a)suse.com + +- Update to 1.4.11 +- I removed these patches: cronie-1.4.8-bug_756197.diff +bug-786096_cronie-fdleak.diff, since those issuas appear to have +been addressed upstream. +------------------------------------------------------------------- +Tue Sep 10 21:30:58 UTC 2013 - crrodriguez(a)opensuse.org + +- define PIDIDIR to "/run" instead of the (outdated) definition + coming from glibc "paths.h" +- systemd: there is no mail-transfer-agent target anymore, services + must be ordered After= a list of possible MTA. + +------------------------------------------------------------------- +Sun Apr 14 02:14:21 UTC 2013 - crrodriguez(a)opensuse.org + +- Ordering units after syslog.target is no longer recommended. + +------------------------------------------------------------------- +Fri Mar 22 08:35:17 UTC 2013 - mmeister(a)suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Thu Feb 7 12:19:58 UTC 2013 - meissner(a)suse.com + +- fixed the file descriptor leak correctly (bnc#786096,bnc#802345) + +------------------------------------------------------------------- +Mon Feb 4 14:20:48 UTC 2013 - fcrozat(a)suse.com + +- Regenerate cronie-pam_config.diff, last line of the patch was not + properly added, causing bnc#801553. + +------------------------------------------------------------------- +Mon Nov 12 13:44:06 UTC 2012 - vdziewiecki(a)suse.com + +-Fix Bug 786096 - VUL-1: cron: does not close file descriptors before invocation of commands + +------------------------------------------------------------------- +Sun Oct 28 18:31:20 UTC 2012 - crrodriguez(a)opensuse.org + +- DO not require sysvinit(syslog), the journal is enough + +------------------------------------------------------------------- +Thu Oct 18 10:26:33 UTC 2012 - coolo(a)suse.com + +- buildrequire systemd by pkgconfig provide to get systemd-mini + in build environments (to break cycle) + +------------------------------------------------------------------- +Wed Aug 15 00:48:54 UTC 2012 - crrodriguez(a)opensuse.org + +- When the cron daemon does not fork, as it is the case + when using systemd, pid files are useless. avoid creating + them in the first place. + +------------------------------------------------------------------- +Mon Jun 25 10:38:29 UTC 2012 - coolo(a)suse.com + +- the recommends for postfix was from a time when smtp_daemon + was required, now that smtp_daemon is recommended, the recommend + for postfix is between useless and harmful - so reduce it to a suggests + +------------------------------------------------------------------- +Wed May 30 14:49:41 UTC 2012 - sweet_f_a(a)gmx.de + +- remove useless autmake dependency + +------------------------------------------------------------------- +Tue Apr 10 14:28:34 UTC 2012 - tabraham(a)novell.com + +- added cronie-1.4.8-bug_756197.diff to remove references to anacron + in crontab.5 + +------------------------------------------------------------------- +Wed Jan 18 15:15:14 UTC 2012 - tabraham(a)novell.com + +- removed cronie-1.4.7-syslog_output.patch deprecated by this update + +- Update to 1.4.8 + + Cron writes job output to syslog incorrectly. When cron is + invoked in a way to print job output to syslog, it does print + only the first character of the output + + Check orphanded crontabs for adoption + + Unify logging in case SyslogOutput with the rest of crond + + The charset of anacron's mail is always ANSI_X3.4-1968. There + are no setlocale in anacron's source + + Cronie disables inotify when the /etc/crontab file does not + exist at startup. Existance of crontab and directories wasn't + controlled before creating inotify watches. + +------------------------------------------------------------------- +Wed Nov 30 14:54:08 UTC 2011 - aj(a)suse.de + +- Add dependency on ypbind and nscd (bnc#732356) +- Do not install generic INSTALL file. +- Use set_permissions for newer distros. + +------------------------------------------------------------------- +Wed Nov 30 09:47:40 UTC 2011 - coolo(a)suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Tue Nov 29 17:07:07 UTC 2011 - crrodriguez(a)opensuse.org + +- Cron started before network is up [bnc#733275] + +------------------------------------------------------------------- +Fri Oct 7 12:11:17 UTC 2011 - fcrozat(a)suse.com + +- Ensure service_add_post is called in %post and not verify. + +------------------------------------------------------------------- +Thu Sep 29 09:17:49 UTC 2011 - fcrozat(a)suse.com + +- Use systemd macros to register cron.service. + +------------------------------------------------------------------- +Sun Sep 18 00:00:19 UTC 2011 - jengelh(a)medozas.de + +- Remove redundant tags/sections from specfile + +------------------------------------------------------------------- +Mon Jul 11 10:28:40 UTC 2011 - vcizek(a)novell.com + +- changed run-parts to run-crons in anacron (bnc#689494) + +------------------------------------------------------------------- +Mon Jun 6 08:51:11 UTC 2011 - vcizek(a)novell.com + +- mention possibility of disabling logging to syslog in the crontab + manual +- to keep compatibility with 11.3, execute the command despite + an unprivileged user tries to disable logging (bnc#698549) + +------------------------------------------------------------------- +Wed May 11 08:27:14 UTC 2011 - vcizek(a)novell.com + +- corrected job output via syslog (bnc#692871) + +------------------------------------------------------------------- +Wed Apr 27 16:56:21 UTC 2011 - vcizek(a)novell.com + +- update to 1.4.7 ++++ 949 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.2:Update/.cronie.3867.new/cronie.changes New: ---- cron.service cron.xml cron_to_cronie.README cronie-1.4.12.tar.gz cronie-1.4.7-disable_logging.patch cronie-anacron-1.4.7-run-crons.patch cronie-crond_pid.diff cronie-nheader_lines.diff cronie-nofork-nopid.patch cronie-pam_config.diff cronie-piddir.patch cronie-rpmlintrc cronie.changes cronie.spec deny.sample fix-manpage-replace-anacrontab-with-crontab.patch run-crons sample.root sysconfig.cron ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cronie.spec ++++++ # # spec file for package cronie # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # 3 : we don't need to do something with /etc/sysconfig/cron for now %define cron_configs \{%{_sysconfdir}/pam.d/crond,%{_sysconfdir}/crontab,%{_sysconfdir}/cron.deny,%{_sysconfdir}/omc/srvinfo.d/cron.xml\} Name: cronie Version: 1.4.12 Release: 0 Summary: Cron Daemon License: BSD-3-Clause and GPL-2.0 and MIT Group: System/Daemons Url: https://fedorahosted.org/cronie/ Source0: https://fedorahosted.org/releases/c/r/%{name}/%{name}-%{version}.tar.gz Source2: run-crons Source3: sample.root Source4: deny.sample Source5: cron.xml Source6: cronie-rpmlintrc Source7: cron_to_cronie.README Source8: cron.service Source9: sysconfig.cron # PATCH-FEATURE-OPENSUSE cronie-pam_config.diff added pam config file from old cron Patch3: %{name}-pam_config.diff # openSUSE set NHEADER_LINES to 3 - old openSUSE cron put three lines of comments # in top of crontab file, so we want to hide this junk comments if user edit # crontab file with crontab -e command, patch grabbed from old openSUSE cron Patch4: %{name}-nheader_lines.diff # we use cron.pid instead of crond.pid Patch5: %{name}-crond_pid.diff # PATCH-FIX-UPSTREAM mention logging disabling for a command in man Patch7: cronie-1.4.7-disable_logging.patch # PATCH-FIX-UPSTREAM use run-crons instead of run-parts for anacron (bnc#689494) Patch8: cronie-anacron-1.4.7-run-crons.patch Patch10: cronie-nofork-nopid.patch Patch12: cronie-piddir.patch # PATCH-FIX-SUSE the first occurance of "/etc/anacrontab" was replaced by "/etc/crontab" # in manpage file because the /etc/crontab is still used in SUSE. Patch13: fix-manpage-replace-anacrontab-with-crontab.patch BuildRequires: audit-devel BuildRequires: libselinux-devel BuildRequires: pam-devel BuildRequires: pkgconfig(systemd) Requires(pre): cron Requires(post): permissions Requires(post): %fillup_prereq Recommends: smtp_daemon Suggests: postfix # When finish update protection of sles11 we could uncomment line bellow and drop all # ugly hacks with subpackage cron needed for proper update proces # Obsoletes: cron <=4.x BuildRoot: %{_tmppath}/%{name}-%{version}-build %{?systemd_requires} %{expand: %%define cronie_version %{version}} Conflicts: cron <= 4.1 %description cron automatically starts programs at specific times. Add new entries with "crontab -e". (See "man 5 crontab" and "man 1 crontab" for documentation.) Under /etc, find the directories cron.hourly, cron.daily, cron.weekly, and cron.monthly. Scripts and programs that are located there are started automatically. %package -n cron Version: 4.2 Release: 0 Summary: Auxiliary package Group: System/Daemons Requires: %{name} = %{cronie_version}-%{release} %description -n cron Auxiliary package, needed for proper update from vixie-cron 4.1 to cronie 1.4.4 %package anacron Summary: Utility for running regular jobs Group: System/Base Requires: %{name} = %{cronie_version} %description anacron Anacron becames part of cronie. Anacron is used only for running regular jobs. The default settings execute regular jobs by anacron, however this could be overloaded in settings. %prep %setup -q %patch3 -p1 %patch4 %patch5 -p1 %patch7 -p1 %patch8 -p1 cp %{SOURCE7} ./cron_to_cronie.README %patch10 %patch12 -p1 %patch13 -p1 %build # fill macro CRON_VERSION it is used in top three lines of crontab file,should be reworked export CFLAGS="%{optflags} -DCRON_VERSION=\\\"%{version}\\\"" export LDFLAGS="-Wl,-z,relro,-z,now,-z,defs" %configure \ --with-audit \ --enable-anacron \ --with-pam \ --with-selinux \ --with-inotify \ --enable-pie \ SPOOL_DIR="%{_localstatedir}/spool/cron/tabs" make %{?_smp_mflags} %install make DESTDIR=%{buildroot} install %{?_smp_mflags} mkdir -p -v %{buildroot}%{_localstatedir}/spool/cron/{tabs,lastrun} mkdir -p -v %{buildroot}%{_sysconfdir}/cron.{d,hourly,daily,weekly,monthly} install -v -m 600 %{SOURCE3} %{buildroot}%{_sysconfdir}/crontab install -v -m 600 %{SOURCE4} %{buildroot}%{_sysconfdir}/cron.deny install -v -d %{buildroot}%{_libexecdir}/cron install -v %{SOURCE2} %{buildroot}%{_libexecdir}/cron ln -s -f %{_sbindir}/service %{buildroot}%{_sbindir}/rccron install -v -d %{buildroot}/%{_unitdir} install -v -m 644 %{SOURCE8} %{buildroot}/%{_unitdir} install -m 644 contrib/anacrontab %{buildroot}%{_sysconfdir}/anacrontab install -c -m755 contrib/0anacron %{buildroot}%{_sysconfdir}/cron.hourly/0anacron mkdir -p %{buildroot}%{_localstatedir}/spool/anacron mv %{buildroot}%{_sbindir}/crond %{buildroot}%{_sbindir}/cron mkdir -p %{buildroot}%{_localstatedir}/adm/fillup-templates cp %{SOURCE9} %{buildroot}%{_localstatedir}/adm/fillup-templates/ touch %{buildroot}%{_localstatedir}/spool/anacron/cron.daily touch %{buildroot}%{_localstatedir}/spool/anacron/cron.weekly touch %{buildroot}%{_localstatedir}/spool/anacron/cron.monthly # service xml install -v -d %{buildroot}%{_sysconfdir}/omc/srvinfo.d/ install -v -m644 %{SOURCE5} %{buildroot}%{_sysconfdir}/omc/srvinfo.d/ %pre -n cron # check if we are doing "ugly" update from old 4.1 vixie-cron check_cron_mail_feature=`%{_sbindir}/cron --help 2>&1 | %{_bindir}/grep mail` # vixie-cron 4.1 doesn't contain mail fature if [ -e %{_sbindir}/cron -a "${check_cron_mail_feature}" == "" ]; then # save configs for cronie post-install phase touch %{_localstatedir}/run/update_from_old_cron echo $1 for conf in %{cron_configs} do mv "$conf" "$conf.bk" ||: done fi %pre if [ -e %{_localstatedir}/run/update_from_old_cron ]; then # restore configs for conf in %{cron_configs} do mv "$conf.bk" "$conf" ||: done fi %service_add_pre cron.service %post # when we are doing rename then we pretend update with set 2 %set_permissions %{_sysconfdir}/crontab %{_bindir}/crontab %{fillup_only -n cron} %service_add_post cron.service %verifyscript %verify_permissions -e %{_sysconfdir}/crontab -e %{_bindir}/crontab %preun %service_del_preun cron.service %postun %service_del_postun cron.service %posttrans if [ -e %{_localstatedir}/run/update_from_old_cron ]; then rm %{_localstatedir}/run/update_from_old_cron ||: fi %post anacron [ -e %{_localstatedir}/spool/anacron/cron.daily ] || touch %{_localstatedir}/spool/anacron/cron.daily [ -e %{_localstatedir}/spool/anacron/cron.weekly ] || touch %{_localstatedir}/spool/anacron/cron.weekly [ -e %{_localstatedir}/spool/anacron/cron.monthly ] || touch %{_localstatedir}/spool/anacron/cron.monthly %files %defattr(-,root,root) %doc AUTHORS COPYING README ChangeLog %dir %attr(700,root,root) %{_localstatedir}/spool/cron %dir %attr(700,root,root) %{_localstatedir}/spool/cron/tabs %dir %{_localstatedir}/spool/cron/lastrun %config %{_sysconfdir}/pam.d/crond %verify(not mode) %config(noreplace) %{_sysconfdir}/crontab %config(noreplace) %{_sysconfdir}/cron.deny %{_mandir}/man1/crontab.1.gz %{_mandir}/man5/crontab.5.gz %{_mandir}/man8/cron.8.gz %{_mandir}/man8/crond.8.gz %verify(not mode) %attr (4750,root,trusted) %{_bindir}/crontab %attr (755,root,root) %{_sbindir}/cron %{_sbindir}/rccron %{_libexecdir}/cron %config %{_sysconfdir}/omc/srvinfo.d/cron.xml %dir %{_sysconfdir}/omc/srvinfo.d/ %dir %{_sysconfdir}/omc/ %{_unitdir}/cron.service %{_localstatedir}/adm/fillup-templates/sysconfig.cron %files anacron %defattr(-,root,root,-) %{_sbindir}/anacron %attr(0755,root,root) %{_sysconfdir}/cron.hourly/0anacron %config(noreplace) %{_sysconfdir}/anacrontab %dir %{_localstatedir}/spool/anacron %ghost %verify(not md5 size mtime) %{_localstatedir}/spool/anacron/cron.daily %ghost %verify(not md5 size mtime) %{_localstatedir}/spool/anacron/cron.weekly %ghost %verify(not md5 size mtime) %{_localstatedir}/spool/anacron/cron.monthly %{_mandir}/man5/anacrontab.* %{_mandir}/man8/anacron.* %files -n cron %defattr(-,root,root,-) %doc cron_to_cronie.README %changelog ++++++ cron.service ++++++ [Unit] Description=Command Scheduler After=nss-user-lookup.target network.target time-sync.target After=postfix.service sendmail.service exim.service After=sssd.service [Service] ExecStart=/usr/sbin/cron -n ExecReload=/usr/bin/kill -s SIGHUP $MAINPID Restart=on-abort [Install] WantedBy=multi-user.target ++++++ cron_to_cronie.README ++++++ package cron 4.2 is only auxiliary package needed for proper renaming package cron to cronie usefull links : http://en.opensuse.org/Cron_replace http://en.opensuse.org/Cron_rename ++++++ cronie-1.4.7-disable_logging.patch ++++++ Index: cronie-1.4.11/man/crontab.5 =================================================================== --- cronie-1.4.11.orig/man/crontab.5 +++ cronie-1.4.11/man/crontab.5 @@ -213,6 +213,9 @@ Names can also be used for the 'month' a first three letters of the particular day or month (case does not matter). Ranges or lists of names are not allowed. .PP +If the uid of the owner is 0 (root), he can put a "-" as first character of a crontab entry. +This will prevent cron from writing a syslog message about this command getting executed. +.PP The "sixth" field (the rest of the line) specifies the command to be run. The entire command portion of the line, up to a newline or a "%" character, will be executed by /bin/sh or by the shell specified in the Index: cronie-1.4.11/src/entry.c =================================================================== --- cronie-1.4.11.orig/src/entry.c +++ cronie-1.4.11/src/entry.c @@ -121,13 +121,18 @@ entry *load_entry(FILE * file, void (*er if (ch == '-') { /* if we are editing system crontab or user uid is 0 (root) * we are allowed to disable logging + * Otherwise log the attempt, but still execute the command. */ if (pw == NULL || pw->pw_uid == 0) e->flags |= DONT_LOG; else { - log_it("CRON", getpid(), "ERROR", "Only privileged user can disable logging", 0); - ecode = e_option; - goto eof; + log_it("CRON", getpid(), "ERROR", + "Only privileged user can disable logging. " + "In future versions, user lines starting with a dash " + "will be treated as invalid and won't get executed.", 0); + /* throw an error when editing a crontab */ + if (error_func) + (*error_func) (ecodes[(int) e_minute]); } ch = get_char(file); if (ch == EOF) @@ -401,9 +406,9 @@ entry *load_entry(FILE * file, void (*er Debug(DPARS, ("load_entry()...returning successfully\n")); - /* success, fini, return pointer to the entry we just created... - */ - return (e); + /* success, fini, return pointer to the entry we just created... + */ + return (e); eof: if (e->envp) ++++++ cronie-anacron-1.4.7-run-crons.patch ++++++ Index: cronie-1.4.7/contrib/anacrontab =================================================================== --- cronie-1.4.7.orig/contrib/anacrontab +++ cronie-1.4.7/contrib/anacrontab @@ -11,6 +11,6 @@ RANDOM_DELAY=45 START_HOURS_RANGE=3-22 #period in days delay in minutes job-identifier command -1 5 cron.daily nice run-parts /etc/cron.daily -7 25 cron.weekly nice run-parts /etc/cron.weekly -@monthly 45 cron.monthly nice run-parts /etc/cron.monthly +1 5 cron.daily nice /usr/lib/cron/run-crons /etc/cron.daily +7 25 cron.weekly nice /usr/lib/cron/run-crons /etc/cron.weekly +@monthly 45 cron.monthly nice /usr/lib/cron/run-crons /etc/cron.monthly Index: cronie-1.4.7/man/anacrontab.5 =================================================================== --- cronie-1.4.7.orig/man/anacrontab.5 +++ cronie-1.4.7/man/anacrontab.5 @@ -79,9 +79,9 @@ RANDOM_DELAY=30 # Anacron jobs will start between 6am and 8am. START_HOURS_RANGE=6-8 # delay will be 5 minutes + RANDOM_DELAY for cron.daily -1 5 cron.daily nice run-parts /etc/cron.daily -7 0 cron.weekly nice run-parts /etc/cron.weekly -@monthly 0 cron.monthly nice run-parts /etc/cron.monthly +1 5 cron.daily nice /usr/lib/cron/run-crons /etc/cron.daily +7 0 cron.weekly nice /usr/lib/cron/run-crons /etc/cron.weekly +@monthly 0 cron.monthly nice /usr/lib/cron/run-crons /etc/cron.monthly .fi .SH "SEE ALSO" .BR anacron (8), ++++++ cronie-crond_pid.diff ++++++ Index: cronie-1.4.4/src/pathnames.h =================================================================== --- cronie-1.4.4.orig/src/pathnames.h +++ cronie-1.4.4/src/pathnames.h @@ -41,7 +41,7 @@ #else # define PIDDIR SYSCONFDIR "/" #endif -#define PIDFILE "crond.pid" +#define PIDFILE "cron.pid" #define _PATH_CRON_PID PIDDIR PIDFILE #define REBOOT_LOCK PIDDIR "cron.reboot" ++++++ cronie-nheader_lines.diff ++++++ Index: src/crontab.c =================================================================== --- src/crontab.c.orig +++ src/crontab.c @@ -65,7 +65,7 @@ #include "pathnames.h" #include "structs.h" -#define NHEADER_LINES 0 +#define NHEADER_LINES 3 enum opt_t {opt_unknown, opt_list, opt_delete, opt_edit, opt_replace, opt_hostset, opt_hostget}; @@ -475,7 +475,7 @@ static void edit_cmd(void) { char n[MAX_FNAME], q[MAX_TEMPSTR]; const char *editor; FILE *f; - int ch = '\0', t; + int ch = '\0', t, x; struct stat statbuf; struct utimbuf utimebuf; WAIT_T waiter; @@ -527,13 +527,25 @@ static void edit_cmd(void) { } Set_LineNum(1) - /* - * NHEADER_LINES processing removed for clarity - * (NHEADER_LINES == 0 in all Red Hat crontabs) - */ - /* copy the rest of the crontab (if any) to the temp file. - */ - if (EOF != ch) + + /* ignore the top few comments since we probably put them there. + */ + x = 0; + while (EOF != (ch = get_char(f))) { + if ('#' != ch) { + putc(ch, NewCrontab); + break; + } + while (EOF != (ch = get_char(f))) + if (ch == '\n') + break; + if (++x >= NHEADER_LINES) + break; + } + + /* copy the rest of the crontab (if any) to the temp file. + */ + if (EOF != ch) while (EOF != (ch = get_char(f))) putc(ch, NewCrontab); @@ -741,6 +753,7 @@ static int replace_cmd(void) { int error = 0; entry *e; uid_t file_owner; + time_t now = time(NULL); char **envp; char *safename; @@ -770,10 +783,10 @@ static int replace_cmd(void) { * * VERY IMPORTANT: make sure NHEADER_LINES agrees with this code. */ - /*fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n"); - *fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now)); - *fprintf(tmp, "# (Cron version %s)\n", CRON_VERSION); - */ + fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n"); + fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now)); + fprintf(tmp, "# (Cronie version %s)\n", CRON_VERSION); + #ifdef WITH_SELINUX if (selinux_context) fprintf(tmp, "SELINUX_ROLE_TYPE=%s\n", selinux_context); ++++++ cronie-nofork-nopid.patch ++++++ Index: src/misc.c =================================================================== --- src/misc.c.orig +++ src/misc.c @@ -311,6 +311,8 @@ void acquire_daemonlock(int closeflag) { return; } + if(NoFork == 1) return; //move along, nothing to do here.. + if (fd == -1) { pidfile = _PATH_CRON_PID; /* Initial mode is 0600 to prevent flock() race/DoS. */ ++++++ cronie-pam_config.diff ++++++ Index: cronie-1.4.8/pam/crond =================================================================== --- cronie-1.4.8.orig/pam/crond +++ cronie-1.4.8/pam/crond @@ -3,8 +3,10 @@ # # # No PAM authentication called, auth modules not needed -account required pam_access.so -account include password-auth -session required pam_loginuid.so -session include password-auth -auth include password-auth +auth sufficient pam_rootok.so +account sufficient pam_listfile.so item=user sense=allow file=/etc/cron.allow onerr=succeed quiet +auth include common-auth +account include common-account +password include common-password +session required pam_loginuid.so +session include common-session ++++++ cronie-piddir.patch ++++++ --- cronie-1.4.8.orig/src/pathnames.h +++ cronie-1.4.8/src/pathnames.h @@ -37,7 +37,7 @@ * (Don't ask why the default is "/etc/".) */ #ifdef _PATH_VARRUN -# define PIDDIR _PATH_VARRUN +# define PIDDIR "/run/" #else # define PIDDIR SYSCONFDIR "/" #endif ++++++ cronie-rpmlintrc ++++++ # This line is mandatory to access the configuration functions from Config import * addFilter("cronie.* incoherent-init-script-name")++++++ deny.sample ++++++ guest ++++++ fix-manpage-replace-anacrontab-with-crontab.patch ++++++ >From 8769bba06b1632c6bd275f88c0fd10f591efdb9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Krist=C3=BDna=20Streitov=C3=A1?= <kstreitova(a)suse.cz> Date: Mon, 22 Sep 2014 10:41:14 +0200 Subject: [PATCH] fix manpage replace anacrontab with crontab /etc/anacrontab replaced by /etc/crontab in the first occurance of it. Fixes bnc#833240 --- man/cron.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/cron.8 b/man/cron.8 index 633dbc0..9716f8f 100644 --- a/man/cron.8 +++ b/man/cron.8 @@ -53,7 +53,7 @@ for crontab files which are named after accounts in The found crontabs are loaded into the memory. .I Cron also searches for -.I /etc/anacrontab +.I /etc/crontab and any files in the .I /etc/cron.d directory, which have a different format (see -- 1.8.4.5 ++++++ run-crons ++++++ #!/bin/bash # # /usr/lib/cron/run-crons # # Copyright (c) 1998-2001 SuSE GmbH Nuernberg, Germany. All rights reserved. # # this script looks into /etc/cron.{hourly,daily,weekly,monthly} for # scripts to be executed. The info about last run is stored in # /var/spool/cron/lastrun # # concept similar to debian and redhat # # Changes: # 1998 - Burchard Steinbild <bs(a)suse.de>, 1998 # initial version # before 2001 - va(a)org.chemie.uni-frankfurt.de # send an email with name of date-script instead of cron entry # "Subject: cronjob@www - daily - FAILURE" # (better one script for each date-sub-script) # requires changes to /etc/crontab # append > /dev/null 2>&1 to the line calling run-cons # 2001-09-11 # updated to Suse 7.2 merged # 2001-09-12 # changed FAILURE detection, until now all scripts with output # had "failed", now only scripts with error status != 0 # have failed. # 2001-09-13 - ro(a)suse.de # merged with 7.3: call logger with exit value for scripts # respect MAILTO as cron does # use mktemp -d for all tmpfiles # add variable to disable mail if all jobs returned 0 # # # Don't run jobs on laptops, that are AC-offline # if test -x /usr/bin/on_ac_power ; then on_ac_power -q if [ "$?" = "1" ]; then exit 0 fi fi if [ -f /etc/sysconfig/cron ]; then . /etc/sysconfig/cron fi BASENAME=`/usr/bin/basename $0` LOGGER="/bin/logger -t $BASENAME[$$]" export LC_TIME=POSIX TMPDIR=`mktemp -d /tmp/run-crons.XXXXXX` trap "rm -rf $TMPDIR" 0 1 2 3 13 15 # We will force to run cron.daily after 14 days, even # if you set MAX_NOT_RUN in /etc/sysconfig/cron # value is in minutes MAX_NOT_RUN_FORCE="20160" # Priority change for sub scripts. # range: highest -20 ... 19 lowest prioriy # default processes start in level 10 CRON_SCRIPT_NICE_VALUE=15 SPOOL=/var/spool/cron/lastrun # CRON Result EMail is sent to if test -z "$MAILTO" ; then SEND_TO="root" else SEND_TO="$MAILTO" fi mkdir -p $SPOOL #set verbose ## stage 1, search directories/scripts to run RUN="" for CRONDIR in /etc/cron.{hourly,daily,weekly,monthly} ; do test -d $CRONDIR || continue BASE=${CRONDIR##*/} TIME_EXT=${BASE##cron.} test -e $SPOOL/$BASE && { case $BASE in cron.hourly) TIME="-cmin +60 -or -cmin 60" ;; cron.daily) # if DAILY_TIME set, run only at a fixed time of day if [ "$DAILY_TIME" != "" ] ; then DAILY_TIME_NEW="`echo $DAILY_TIME | sed s,:,, | sed s,^0\*,, `" test -z "$DAILY_TIME_NEW" && DAILY_TIME_NEW=0 if [ "$DAILY_TIME_NEW" -gt "2359" ] ; then echo "wrong time format in /etc/sysconfig/cron DAILY_TIME, value is $DAILY_TIME" | logger fi NOW_H=`date +%H%M| sed s,^0\*,,` test -z "$NOW_H" && NOW_H=0 if [ $DAILY_TIME_NEW -gt $(($NOW_H-15)) ] && [ $DAILY_TIME_NEW -le $NOW_H ]; then TIME="" else # take care of MAX_NOT_RUN, default is 7 days if [ "$MAX_NOT_RUN" != "0" ] ; then TIME="-cmin +$((1440*$MAX_NOT_RUN)) -or -cmin $((1440*$MAX_NOT_RUN))" else TIME="-cmin +$MAX_NOT_RUN_FORCE -or -cmin $MAX_NOT_RUN_FORCE" fi fi # run as usual else TIME="-cmin +1440 -or -cmin 1440" fi ;; cron.weekly) TIME="-cmin +10080 -or -cmin 10080" ;; cron.monthly) DAYOFMONTH=`date '+%d'` DAYSLASTMONTH=`date -d "-$DAYOFMONTH days" '+%d'` if [ $DAYOFMONTH -gt $DAYSLASTMONTH ] ; then LASTMONTHSTR="-$DAYOFMONTH days" else LASTMONTHSTR="last month" fi NOW=`date +%s` LASTMONTH=`date -d "$LASTMONTHSTR" +%s` DIFF=`expr '(' $NOW - $LASTMONTH ')' / 86400` TIME="-ctime +$DIFF" ;; esac # remove all lock files for scripts that are due to run eval find $SPOOL/$BASE $TIME | \ xargs --no-run-if-empty rm } if test ! -e $SPOOL/$BASE ; then # accept this dir, if it isn't empty LIST=`find $CRONDIR ! -type d` if [ ! -z "$LIST" ] ; then RUN="${RUN} ${TIME_EXT}" fi fi done ## STATUS communication variable between # function run_scripts () # and loop-over-all-scripts # set in run_scripts to FAILURE if this script failed! # else it is empty # because it is never reset to empty after the initialization # it implements an OR like logic over all scripts ## STATUS="" # helper, run all scripts in one cron directory function run_scripts (){ local CRONDIR=$1 local TIME_EXT=$2 local TEMP_MSG=$TMPDIR/run-crons.${TIME_EXT}.$$ rm -r $TMPDIR/run-crons.${TIME_EXT}.* >/dev/null 2>&1 # keep going when something fails set +e for SCRIPT in $CRONDIR/* ; do test -d $SCRIPT && continue case "$SCRIPT" in .svn) continue ;; *.rpm*) continue ;; *.swap) continue ;; *.bak) continue ;; *.orig) continue ;; \#*) continue ;; *~) continue ;; esac /sbin/checkproc $SCRIPT && continue if test -x $SCRIPT ; then BASESCRIPT=`/usr/bin/basename $SCRIPT` nice -n ${CRON_SCRIPT_NICE_VALUE} $SCRIPT >$TEMP_MSG 2>&1 local ERRNO=$? if [ 0 -eq $ERRNO ] ; then if [ "$SYSLOG_ON_NO_ERROR" = "yes" ]; then echo "$BASESCRIPT: OK" | $LOGGER -p info fi else echo "$BASESCRIPT returned $ERRNO" | $LOGGER -p warn echo "SCRIPT: $BASESCRIPT exited with RETURNCODE = $ERRNO." STATUS="FAILURE" fi # write some wrapper text around the original output if [ -s "$TEMP_MSG" ] ; then echo "SCRIPT: output (stdout && stderr) follows" echo "" cat $TEMP_MSG echo -e "SCRIPT: $BASESCRIPT\n------- END OF OUTPUT" echo "" echo "" fi rm -f $TEMP_MSG > /dev/null 2>&1 else echo "WARNING: $SCRIPT is not executable, script is ignored !" fi done } # stage 2: # run all scripts and collect output into one mail # for each TIME_EXT with a meaningfull subject. # if [ ! -z "${RUN}" ] ; then for EXT in ${RUN} ; do CRONDIR="/etc/cron."${EXT} test -d $CRONDIR || continue BASE=`/usr/bin/basename $CRONDIR` TIME_EXT=${BASE##cron.} STATUS="" if test ! -e $SPOOL/$BASE ; then CONTROL_MAIL=$TMPDIR/run-crons_mail.$$ JOB_OUTPUT=$TMPDIR/run-crons_output.$$ echo "running ${TIME_EXT} cronjob scripts" >> ${CONTROL_MAIL} echo "" >> ${CONTROL_MAIL} touch $SPOOL/$BASE run_scripts ${CRONDIR} ${TIME_EXT} >> ${JOB_OUTPUT} 2>&1 TITLE="cronjob@$HOSTNAME - ${TIME_EXT}" if [ -n "${STATUS}" ] ; then TITLE="${TITLE} - ${STATUS}" else TITLE="${TITLE} - OK" fi if [ -n "${STATUS}" -o "$SEND_MAIL_ON_NO_ERROR" = "yes" ] ; then cat ${CONTROL_MAIL} ${JOB_OUTPUT} | mail ${SEND_TO} -s "${TITLE}" elif [ -s ${JOB_OUTPUT} -a "$SEND_OUTPUT_ON_NO_ERROR" = "yes" ] ; then cat ${CONTROL_MAIL} ${JOB_OUTPUT} | mail ${SEND_TO} -s "${TITLE}" fi rm -f ${CONTROL_MAIL} ${JOB_OUTPUT} fi done fi # # now make sure, we have no lastrun files dated to future # touch $SPOOL NOW=`date -u +%s` for i in `find $SPOOL -type f` do FILEDATE=`date -u -r $i +%s` # allow for up to one hour in the future because of summer/wintertime if [ $((FILEDATE - NOW)) -gt 3600 ] then rm $i fi done ++++++ sample.root ++++++ SHELL=/bin/sh PATH=/usr/bin:/usr/sbin:/sbin:/bin:/usr/lib/news/bin MAILTO=root # # check scripts in cron.hourly, cron.daily, cron.weekly, and cron.monthly # -*/15 * * * * root test -x /usr/lib/cron/run-crons && /usr/lib/cron/run-crons >/dev/null 2>&1 ++++++ sysconfig.cron ++++++ ## The Parameters MAX_DAYS_IN_TMP, MAX_DAYS_IN_LONG_TMP, TMP_DIRS_TO_CLEAR, ## LONG_TMP_DIRS_TO_CLEAR, CLEAR_TMP_DIRS_AT_BOOTUP and OWNER_TO_KEEP_IN_TMP have ## been converted to systemd-tmpfiles settings in /etc/tmpfiles.d/tmp.conf. ## Please check and modify to your needs. ## See 'man tmpfiles.d' for details. ## Type: string ## Default: "" # # At which time cron.daily should start. Default is 15 minutes after booting # the system. Example setting would be "14:00". # Due to the fact that cron script runs only every 15 minutes, # it will only run on xx:00, xx:15, xx:30, xx:45, not at the accurate time # you set. DAILY_TIME="" ## Type: integer ## Default: 5 # # Maximum days not running when using a fixed time set in DAILY_TIME. # 0 to skip this. This is for users who will power off their system. # # There is a fixed max. of 14 days set, if you want to override this # change MAX_NOT_RUN_FORCE in /usr/lib/cron/run-crons MAX_NOT_RUN="5" ## Type: yesno ## Default: no # # send status email even if all scripts in # cron.{hourly,daily,weekly,monthly} # returned without error? (yes/no) # SEND_MAIL_ON_NO_ERROR="no" ## Type: yesno ## Default: no # # send email containing output from all successful jobs in # cron.{hourly,daily,weekly,monthly}. Output from failed # jobs is always sent. If SEND_MAIL_ON_NO_ERROR is yes, this # setting is ignored. (yes/no) # SEND_OUTPUT_ON_NO_ERROR="no" ## Type: yesno ## Default: no # # generate syslog message for all scripts in # cron.{hourly,daily,weekly,monthly} # even if they haven't returned an error? (yes/no) # SYSLOG_ON_NO_ERROR="no" ## Path: System/Cron/Man ## Description: cron configuration for man utility ## Type: yesno ## Default: yes # # Should mandb and whatis be recreated by cron.daily ("yes" or "no") # REINIT_MANDB=yes ## Type: yesno ## Default: yes # # Should old preformatted man pages (in /var/cache/man) be deleted? (yes/no) # DELETE_OLD_CATMAN=yes ## Type: integer ## Default: 7 # # How long should old preformatted man pages be kept before deletion? (days) # CATMAN_ATIME=7

1 0

commit mtr for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package mtr for openSUSE:13.1:Update checked in at 2015-07-02 09:35:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/mtr (Old) and /work/SRC/openSUSE:13.1:Update/.mtr.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mtr" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _link ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ <link package='mtr.3861' cicount='copy' />

1 0

commit mtr.3861 for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package mtr.3861 for openSUSE:13.1:Update checked in at 2015-07-02 09:35:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/mtr.3861 (Old) and /work/SRC/openSUSE:13.1:Update/.mtr.3861.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mtr.3861" Changes: -------- New Changes file: --- /dev/null 2015-06-25 09:04:34.320025005 +0200 +++ /work/SRC/openSUSE:13.1:Update/.mtr.3861.new/mtr.changes 2015-07-02 09:35:37.000000000 +0200 @@ -0,0 +1,279 @@ +------------------------------------------------------------------- +Wed Jun 17 14:18:59 UTC 2015 - kstreitova(a)suse.com + +- add mtr-0.82-crash-with-xml-option.patch to fix crash if '--xml' + option is used [bnc#933854] + +------------------------------------------------------------------- +Fri May 25 13:39:36 UTC 2012 - puzel(a)suse.com + +- run_permissions macro is obsolete: use set_permissions + (bnc#764102) + +------------------------------------------------------------------- +Tue Jan 24 00:55:32 UTC 2012 - crrodriguez(a)opensuse.org + +- build mtr binary with PIE and full RELRO + +------------------------------------------------------------------- +Wed Dec 21 10:31:41 UTC 2011 - coolo(a)suse.com + +- remove call to suse_update_config (very old work around) + +------------------------------------------------------------------- +Thu Dec 15 10:36:54 UTC 2011 - puzel(a)suse.com + +- update to mtr-0.82 + * Enable decoding of ICMP extensions for MPLS for curses and + report interfaces. Use the -e flag or press 'e' to enable it. +- fix spec license to GPL-2 (bnc#735559) + +------------------------------------------------------------------- +Fri Dec 2 15:51:13 UTC 2011 - coolo(a)suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Mon Oct 10 11:25:00 UTC 2011 - puzel(a)suse.com + +- update to mtr-0.81 + - Fix for https://bugs.launchpad.net/mtr/+bug/776211 + +------------------------------------------------------------------- +Mon Nov 8 13:24:05 UTC 2010 - coolo(a)novell.com + +- remove support for pre-9.1 + +------------------------------------------------------------------- +Tue Jul 20 20:18:17 UTC 2010 - puzel(a)novell.com + +- update to mtr-0.80 + - display load sharing hosts in --raw output + - added about button in gui + +------------------------------------------------------------------- +Sat Jan 2 17:04:58 CET 2010 - vuntz(a)opensuse.org + +- Remove gtk1-compat-devel BuildRequires: it has been ported to + GTK+ 2.x a while ago. + +------------------------------------------------------------------- +Fri Nov 27 09:22:31 UTC 2009 - mseben(a)novell.com + +- Update patches to apply with fuzz=0 + +------------------------------------------------------------------- +Tue Jan 6 16:30:13 CET 2009 - mseben(a)suse.cz + +- update to v0.75 + * feelgood patch to move sprintf to snprintf + * cut-paste patches: you can now copy an intermediate host to the + clipboard +- v0.74 + * Martin Pels' patch to allow UDP probes + * changed some docs to advertise the new mailing list + * added documentation for the Mac OS X compilation problem + * added -Wno-pointer-sign to the compiler options + * Nico Lichtmaier's cleanup-gtk patch. (now mtr uses a more modern + dialect of gtk) +- rewritten mtr-*-sec_snprintf.patch for v0.75 + +------------------------------------------------------------------- +Tue May 27 17:46:24 CEST 2008 - lmichnovic(a)suse.cz + +- fixed more possible overflows because of using sprintf in dns.c + (*-sec_snprintf.patch) [bnc#392458] + +------------------------------------------------------------------- +Mon Apr 14 17:27:24 CEST 2008 - lmichnovic(a)suse.cz + +- update to version 0.73 + * Fix signed/unsigned bug in IPV6 part improved random packet + size behaviour. + * includes also fix for sprintf overflow [bnc#372610] + +------------------------------------------------------------------- +Mon Apr 2 14:50:01 CEST 2007 - rguenther(a)suse.de + +- add ncurses-devel BuildRequires + +------------------------------------------------------------------- +Fri Mar 30 12:14:25 CEST 2007 - lmichnovic(a)suse.cz + +- fixed return value for non-void function (nonvoid.patch) + +------------------------------------------------------------------- +Fri Jan 12 11:35:23 CET 2007 - lmichnovic(a)suse.cz + +- changed prefix /opt/gnome to /usr for aclocal + +------------------------------------------------------------------- +Mon Oct 2 17:10:09 CEST 2006 - lmichnovic(a)suse.cz + +- update to version 0.72 + * some code improvements + * option change: If PACKETSIZE is set to a negative number, every + iteration will use a different, random packet size up to that + number. + +------------------------------------------------------------------- +Thu Jul 27 14:27:30 CEST 2006 - lmichnovic(a)suse.cz + +- building with X.org 7.x: detects version of X.org instead of + suse_version +- uses icecream + +------------------------------------------------------------------- +Mon Jul 24 16:02:25 CEST 2006 - lmichnovic(a)suse.de + +- udjusted specfile to build also with new X.org 7.x + +------------------------------------------------------------------- +Wed Jun 14 20:17:00 CEST 2006 - lmichnovic(a)suse.cz + +- Upgrade to version 0.71 which obsoletes res_mkquery.diff + - some nice improvements. +- building with gtk1-compat-devel + +------------------------------------------------------------------- +Wed Jan 25 21:38:27 CET 2006 - mls(a)suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Sat Jan 14 01:38:19 CET 2006 - schwab(a)suse.de + +- Don't strip binaries. + +------------------------------------------------------------------- +Sun Oct 2 15:04:41 CEST 2005 - stbinner(a)suse.de + +- fixed GenericName in .desktop file + +------------------------------------------------------------------- +Thu Jan 20 10:06:52 CET 2005 - postadal(a)suse.cz + +- updated to version 0.69 +- removed obsoleted patch automake.patch + +------------------------------------------------------------------- +Wed Dec 15 22:10:54 CET 2004 - hvogel(a)suse.de + +- fix desktop file + +------------------------------------------------------------------- +Wed Nov 10 12:48:25 CET 2004 - ro(a)suse.de + +- permission handling fixes for /usr/sbin/mtr + +------------------------------------------------------------------- +Thu Aug 26 14:02:13 CEST 2004 - postadal(a)suse.cz + +- updated to version 0.65 + +------------------------------------------------------------------- +Thu Aug 19 15:33:41 CEST 2004 - postadal(a)suse.cz + +- updated to version 0.64 + +------------------------------------------------------------------- +Mon Aug 16 20:18:37 CEST 2004 - postadal(a)suse.cz + +- updated to version 0.63 +- removed obsoleted patch buffer_overflow +- used gtk2 + +------------------------------------------------------------------- +Thu Jan 22 17:48:12 CET 2004 - ro(a)suse.de + +- fixed Makefile.am + +------------------------------------------------------------------- +Sat Jan 10 17:12:11 CET 2004 - adrian(a)suse.de + +- build as user + +------------------------------------------------------------------- +Fri Aug 29 09:56:29 CEST 2003 - kukuk(a)suse.de ++++ 82 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.mtr.3861.new/mtr.changes New: ---- mtr-0.75-manmtr.patch mtr-0.75-manxmtr.patch mtr-0.75-nonvoid.patch mtr-0.75-sec_snprintf.patch mtr-0.82-crash-with-xml-option.patch mtr-0.82.tar.bz2 mtr.changes mtr.gif mtr.spec xmtr.desktop ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mtr.spec ++++++ # # spec file for package mtr # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: mtr BuildRequires: automake BuildRequires: gtk2-devel BuildRequires: ncurses-devel BuildRequires: update-desktop-files BuildRequires: xorg-x11-devel Summary: Ping and Traceroute Network Diagnostic Tool License: GPL-2.0 Group: Productivity/Networking/Diagnostic Version: 0.82 Release: 0 Url: http://www.BitWizard.nl/mtr Source: %{name}-%{version}.tar.bz2 Source1: xmtr.desktop Patch1: mtr-0.75-manmtr.patch Patch2: mtr-0.75-manxmtr.patch Patch3: mtr-0.75-nonvoid.patch Patch4: mtr-0.75-sec_snprintf.patch # PATCH-FIX-UPSTREAM bnc#933854 kstreitova(a)suse.com -- fix mtr crash with --xml option Patch5: mtr-0.82-crash-with-xml-option.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Icon: mtr.gif PreReq: permissions %description Mtr is a network diagnostic tool that combines Ping and Traceroute into one program. This package contains the mtr version with an ncurses interface, in other words, the text mode version is usable in a shell (telnet or SSH session, for example). Find the graphical version in the mtr-gtk package. %package gtk Summary: Ping and Traceroute Network Diagnostic Tool Group: Productivity/Networking/Diagnostic %description gtk Mtr is a network diagnostic tool which combines Ping and Traceroute into one program. This package contains mtr with a GTK interface. You'll find the text mode version in the mtr package. %define _xorg7libs %_lib %define _xorg7libs32 lib %define _xorg7bin bin %define _xorg7mandir %_mandir %define _xorg7pixmaps include %define _xorg7libshare share %define _xorg7xkb /usr/share/X11/xkb %define _xorg7termcap /usr/lib/X11/etc %define _xorg7include /usr/include/xorg %define _xorg7fonts /usr/share/fonts %define _xorg7prefix /usr %prep %setup -q cp mtr.8 xmtr.8 %patch1 %patch2 %patch3 %patch4 %patch5 -p1 %build # # GTK version CFLAGS="$RPM_OPT_FLAGS" ./configure \ --enable-gtk2 \ --prefix=%{_xorg7prefix} make && mv mtr xmtr make distclean # # console version export CFLAGS="$RPM_OPT_FLAGS -fpie -fPIE" export LDFLAGS="-pie -Wl,-z,relro,-z,now" ./configure \ --prefix=/usr \ --mandir=%{_mandir} \ --without-gtk make %{?jobs:-j%jobs} %install mkdir -p $RPM_BUILD_ROOT/usr/sbin mkdir -p $RPM_BUILD_ROOT/usr/%{_xorg7bin} mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man8 make DESTDIR=$RPM_BUILD_ROOT install install -m 4755 xmtr $RPM_BUILD_ROOT/usr/%{_xorg7bin} install -m 644 xmtr.8 $RPM_BUILD_ROOT/%{_mandir}/man8 install -d -m 755 $RPM_BUILD_ROOT/usr/%{_xorg7pixmaps}/X11/pixmaps/ install -m 644 img/mtr_icon.xpm $RPM_BUILD_ROOT/usr/%{_xorg7pixmaps}/X11/pixmaps/xmtr_icon.xpm install -d -m 755 $RPM_BUILD_ROOT/usr/share/pixmaps/ install -m 644 img/mtr_icon.xpm $RPM_BUILD_ROOT/usr/share/pixmaps/xmtr_icon.xpm %suse_update_desktop_file -i xmtr Network Monitor %clean rm -rf %{buildroot} %files %defattr(-,root,root) %doc AUTHORS COPYING FORMATS NEWS README SECURITY TODO %doc %{_mandir}/man8/mtr.8* %verify(not mode) %attr(755,root,dialout) /usr/sbin/mtr %files gtk %defattr(-,root,root) %doc AUTHORS COPYING FORMATS NEWS README SECURITY TODO %doc %{_mandir}/man8/xmtr.8* %attr(755,root,root) /usr/%{_xorg7bin}/xmtr /usr/%{_xorg7pixmaps}/X11/pixmaps /usr/share/applications/* /usr/share/pixmaps/* %post %if 0%{?suse_version} <= 1130 %run_permissions %else %set_permissions /usr/sbin/mtr %endif %verifyscript %verify_permissions -e /usr/sbin/mtr %changelog ++++++ mtr-0.75-manmtr.patch ++++++ Index: mtr.8 =================================================================== --- mtr.8.orig +++ mtr.8 @@ -54,6 +54,14 @@ mtr \- a network diagnostic tool .SH DESCRIPTION +This version was compiled +.BR without +.BR GTK . +Therefore corresponding options doesn't work. You can use +.B xmtr +for work with GTK interface. + +.PP .B mtr combines the functionality of the .B traceroute ++++++ mtr-0.75-manxmtr.patch ++++++ Index: xmtr.8 =================================================================== --- xmtr.8.orig +++ xmtr.8 @@ -2,11 +2,11 @@ .SH NAME -mtr \- a network diagnostic tool +xmtr \- a network diagnostic tool .SH SYNOPSIS -.B mtr +.B xmtr [\c .B \-hvrctglspeniu46\c ] @@ -57,7 +57,7 @@ mtr \- a network diagnostic tool .SH DESCRIPTION -.B mtr +.B xmtr combines the functionality of the .B traceroute and @@ -66,9 +66,9 @@ programs in a single network diagnostic .PP As -.B mtr +.B xmtr starts, it investigates the network connection between the host -.B mtr +.B xmtr runs on and .BR HOSTNAME . by sending packets with purposly low TTLs. It continues to send @@ -95,7 +95,7 @@ Print the summary of command line argume .TP .B \-\-version .br -Print the installed version of mtr. +Print the installed version of xmtr. .TP .B \-r @@ -103,11 +103,11 @@ Print the installed version of mtr. .B \-\-report .br This option puts -.B mtr +.B xmtr into .B report mode. When in this mode, -.B mtr +.B xmtr will run for the number of cycles specified by the .B \-c option, and then print statistics and exit. @@ -115,9 +115,9 @@ option, and then print statistics and ex \c This mode is useful for generating statistics about network quality. Note that each running instance of -.B mtr +.B xmtr generates a significant amount of network traffic. Using -.B mtr +.B xmtr to measure the quality of your network may result in decreased network performance. @@ -160,7 +160,7 @@ packetsize upto that number. .B \-\-curses .br Use this option to force -.B mtr +.B xmtr to use the curses based terminal interface (if available). @@ -180,7 +180,7 @@ that are encoded in the response packets .B \-\-no-dns .br Use this option to force -.B mtr +.B xmtr to display numeric IP numbers and not try to resolve the host names. @@ -200,10 +200,10 @@ Example: .B \-\-gtk .br Use this option to force -.B mtr +.B xmtr to use the GTK+ based X11 window interface (if available). GTK+ must have been available on the system when -.B mtr +.B xmtr was built for this to work. See the GTK+ web page at .B http://www.gimp.org/gtk/ for more information about GTK+. @@ -214,7 +214,7 @@ for more information about GTK+. .B \-\-split .br Use this option to set -.B mtr +.B xmtr to spit out a format that is suitable for a split-user interface. .TP @@ -223,7 +223,7 @@ to spit out a format that is suitable fo .B \-\-raw .br Use this option to tell -.B mtr +.B xmtr to use the raw output format. This format is better suited for archival of the measurement results. It could be parsed to be presented into any of the other display methods. @@ -266,7 +266,7 @@ Use IPv6 only. Some modern routers give a lower priority to ICMP ECHO packets than to other network traffic. Consequently, the reliability of these routers reported by -.B mtr +.B xmtr will be significantly lower than the actual reliability of these routers. ++++++ mtr-0.75-nonvoid.patch ++++++ Index: display.c =================================================================== --- display.c.orig +++ display.c @@ -37,7 +37,7 @@ extern int DisplayMode; #define mtr_curses_open() #define mtr_curses_close() #define mtr_curses_redraw() -#define mtr_curses_keyaction() +#define mtr_curses_keyaction() 0 #define mtr_curses_clear() #else #include "mtr-curses.h" ++++++ mtr-0.75-sec_snprintf.patch ++++++ Index: dns.c =================================================================== --- dns.c.orig +++ dns.c @@ -900,7 +900,7 @@ void resendrequest(struct resolve *rp,in } else if (type == T_PTR) { switch ( af ) { case AF_INET: - sprintf(tempstring,"%u.%u.%u.%u.in-addr.arpa", + snprintf(tempstring, sizeof(tempstring),"%u.%u.%u.%u.in-addr.arpa", ((byte *)&rp->ip)[3], ((byte *)&rp->ip)[2], ((byte *)&rp->ip)[1], ++++++ mtr-0.82-crash-with-xml-option.patch ++++++ >From 4d1ff4fc1862f01a94f18576c34fb9957f53c936 Mon Sep 17 00:00:00 2001 From: "R.E. Wolff" <R.E.Wolff(a)BitWizard.nl> Date: Sun, 15 Mar 2015 18:38:12 +0100 Subject: [PATCH] fix for printing space field in XML. --- report.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/report.c b/report.c index badb765..d6752eb 100644 --- a/report.c +++ b/report.c @@ -294,7 +294,7 @@ void xml_close(void) printf(" <HUB COUNT=%d HOST=%s>\n", at+1, name); for( i=0; i<MAXFLD; i++ ) { j = fld_index[fld_active[i]]; - if (j < 0) continue; + if (j <= 0) continue; // Field nr 0, " " shouldn't be printed in this method. strcpy(name, " <%s>"); strcat(name, data_fields[j].format); ++++++ xmtr.desktop ++++++ [Desktop Entry] Type=Application Exec=xmtr Icon=xmtr_icon Name=Xmtr GenericName=Network Diagnostic Tool

1 0

commit atftp for openSUSE:13.2:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package atftp for openSUSE:13.2:Update checked in at 2015-07-02 09:35:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/atftp (Old) and /work/SRC/openSUSE:13.2:Update/.atftp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "atftp" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ --- /var/tmp/diff_new_pack.osFbOR/_old 2015-07-02 09:35:25.000000000 +0200 +++ /var/tmp/diff_new_pack.osFbOR/_new 2015-07-02 09:35:25.000000000 +0200 @@ -1 +1 @@ -<link package='atftp.3853' cicount='copy' /> +<link package='atftp.3860' cicount='copy' />

1 0

commit atftp.3860 for openSUSE:13.2:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package atftp.3860 for openSUSE:13.2:Update checked in at 2015-07-02 09:35:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/atftp.3860 (Old) and /work/SRC/openSUSE:13.2:Update/.atftp.3860.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "atftp.3860" Changes: -------- New Changes file: --- /dev/null 2015-06-25 09:04:34.320025005 +0200 +++ /work/SRC/openSUSE:13.2:Update/.atftp.3860.new/atftp.changes 2015-07-02 09:35:20.000000000 +0200 @@ -0,0 +1,386 @@ +------------------------------------------------------------------- +Mon Jun 15 13:19:22 UTC 2015 - mpluskal(a)suse.com + +- Use ATFTPD_BIND_ADDRESSES in init script (boo#921219) +- Move autoreconf back to %buils as it causes issues with quilt + +------------------------------------------------------------------- +Mon Jun 8 07:39:43 UTC 2015 - schwab(a)suse.de + +- Force gnu89 inline semantics + +------------------------------------------------------------------- +Tue May 26 08:19:21 UTC 2015 - mpluskal(a)suse.com + +- Move autoreconf to %prep section as it better fits there + +------------------------------------------------------------------- +Sun May 24 21:24:18 UTC 2015 - mpluskal(a)suse.com + +- Fix atftpd.socket (boo#932161) + +------------------------------------------------------------------- +Wed Mar 18 15:23:17 UTC 2015 - mpluskal(a)suse.com + +- Do not install service and socket file as executable + * change to 0644 +- Cleanup spec file with spec-cleaner + +------------------------------------------------------------------- +Mon Feb 16 13:06:57 UTC 2015 - p.drouand(a)gmail.com + +- Add systemd support for openSUSE >= 12.1 + +------------------------------------------------------------------- +Tue Nov 12 20:41:45 UTC 2013 - chris(a)computersalat.de + +- rebase patches (p0) +- rename atftpd.init.d to atftpd.init +- fix spec + * remove ghost /var/run/atftp (created by init) + +------------------------------------------------------------------- +Thu Feb 7 13:05:52 UTC 2013 - vcizek(a)suse.com + +- create capabilites provided by both tftp and atftp + (bnc#801481 or bnc#725378) + +------------------------------------------------------------------- +Thu Jan 3 13:28:02 UTC 2013 - vcizek(a)suse.com + +- change ownership of /srv/tftpboot, because atftpd running as + tftp:tftp can't write to that directory +- create pid directory on service start +- manpage changes: + * substitute /tftpboot with /srv/tftpboot + * default user is now tftp:tftp + * added patches: + atftp-0.7-default_user_man.patch + atftp-0.7-default_dir_man.patch + +------------------------------------------------------------------- +Mon Oct 8 08:49:53 UTC 2012 - vcizek(a)suse.com + +- use Vladimir Nadvornik's heuristic for packet retransmission + by default (see bnc#774376) + The RFC1350 compliant behaviour stays optional. + (added atftp-0.7-ack_heuristic.patch) +- merged the two sorcerer's apprentice syndrome patches to one + (removed atftp-0.7-prevent-sas.patch) + +------------------------------------------------------------------- +Tue Sep 11 13:01:20 UTC 2012 - vcizek(a)suse.com + +- added rules for SuSEfirewall2 (bnc#729793) + +------------------------------------------------------------------- +Tue Sep 11 12:47:04 UTC 2012 - vcizek(a)suse.com + +- use the "su" logrotate directive (bnc#677335) + +------------------------------------------------------------------- +Wed Sep 5 14:10:03 UTC 2012 - vcizek(a)suse.com + +- prevent the sorcerer's apprentice syndrome situation only when + explicitly specified by the user (bnc#774376) + (added a new command line option --prevent-sas to turn it on) + +------------------------------------------------------------------- +Wed Jan 11 15:27:36 UTC 2012 - vcizek(a)suse.com + +- fix a race condition where two server threads pick up a single + client, which causes the transported file being overwritten + (bnc#599856) + +------------------------------------------------------------------- +Mon Jan 2 17:28:19 UTC 2012 - vcizek(a)suse.cz + +- added autoconf as BuildRequires + +------------------------------------------------------------------- +Thu Dec 1 11:20:12 UTC 2011 - coolo(a)suse.com + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Wed Nov 9 15:13:18 UTC 2011 - vcizek(a)suse.com + +- licence in spdx format + +------------------------------------------------------------------- +Thu Nov 3 16:56:46 UTC 2011 - vcizek(a)suse.com + +- fixed the "Sorcerer's Apprentice Syndrome" bug + (bnc#727843) + +------------------------------------------------------------------- +Sat Sep 17 13:28:52 UTC 2011 - jengelh(a)medozas.de + +- Remove redundant tags/sections from specfile +- Use %_smp_mflags for parallel build + +------------------------------------------------------------------- +Tue Sep 6 11:55:01 UTC 2011 - vcizek(a)suse.com + +- added missing PreReq: pwdutils (bnc#683140) + +------------------------------------------------------------------- +Fri Oct 29 23:18:57 UTC 2010 - chris(a)computersalat.de + +- cleanup spec + o RPM_BUILD_ROOT vs buildroot +- fix pre + o no check before addding group/user (darix) +- fix files + o provide /srv/tftpboot +- modify sysconfig + o provide defaults (darix) + +------------------------------------------------------------------- +Wed Oct 13 21:28:56 UTC 2010 - chris(a)computersalat.de + +- modified init/sysconfig file + o set defaults in init file +- added default group/user tftp:tftp (bnc#472282) +- added /srv/tftpboot as default ATFTPD_DIRECTORY (bnc#248008,507011) +- added logrotate script + o --logfile /var/log/atftpd/atftp.log +- added missing README.MCAST, README.PCRE +- some rpmlint stuff + o fixed missing-dependency-to-logrotate + o fixed init non-remote_fs-dependency + o fixed init no-reload-entry + o fixed non-conffile-in-etc + +------------------------------------------------------------------- +Wed Sep 22 06:39:40 UTC 2010 - cristian.rodriguez(a)opensuse.org + +- add missing pcre-devel to build Requires (bnc#537425) + +------------------------------------------------------------------- +Fri Sep 12 16:27:04 CEST 2008 - mrueckert(a)suse.de + +- add atftpd-0.7_circumvent_tftp_size_restrictions.patch: + allow block counts higher than 65536 (Fate#303031) +- replace network with remote_fs in the init script dependencies + +------------------------------------------------------------------- +Fri Aug 22 15:14:00 CEST 2008 - ro(a)suse.de + +- change fillup_and_insserv to fillup_only (not active by default) + +------------------------------------------------------------------- +Thu Apr 3 15:57:09 CEST 2008 - mrueckert(a)suse.de + +- added atftpd-0.7_unprotected_assignments_crash.patch: (bnc#291884) + under high load atftpd dies as data access wasnt always protected + with a mutex. + +------------------------------------------------------------------- +Thu Jun 21 15:37:53 CEST 2007 - adrian(a)suse.de + +- fix changelog entry order + +------------------------------------------------------------------- +Mon Jan 22 18:33:44 CET 2007 - mrueckert(a)suse.de + +- added atftp-0.7_bug-213384_OPT_NUMBER.patch: + "atftpd incorrectly sends OACK (option acknowledge) packets" + (#213384,#80441) + +------------------------------------------------------------------- +Mon Jul 31 16:16:43 CEST 2006 - mrueckert(a)suse.de + +- added /var/run/atftpd/ (0755,nobody,nogroup): + at ftp can finally create pid files + the default pid file for a single instance will be + /var/run/atftpd/pid ++++ 189 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.2:Update/.atftp.3860.new/atftp.changes New: ---- atftp-0.7-ack_heuristic.patch atftp-0.7-default_dir_man.patch atftp-0.7-default_user_man.patch atftp-0.7-server_receive_race.patch atftp-0.7-sorcerers_apprentice.patch atftp-0.7.dif atftp-0.7.tar.bz2 atftp-0.7_bug-213384_OPT_NUMBER.patch atftp-0.7_compiler_warnings.patch atftp-0.7_sol_ip.patch atftp-0.7_thread_crash.patch atftp-CLK_TCK.diff atftp.changes atftp.fw atftp.spec atftpd-0.7_circumvent_tftp_size_restrictions.patch atftpd-0.7_unprotected_assignments_crash.patch atftpd.init atftpd.logrotate atftpd.service atftpd.socket atftpd.sysconfig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ atftp.spec ++++++ # # spec file for package atftp # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # %define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define pkg_version 0.7 Name: atftp Version: 0.7.0 Release: 0 Summary: Advanced TFTP Server and Client License: GPL-2.0+ Group: System/Daemons Url: ftp://ftp.mamalinux.com/pub/atftp/ Source: %{name}-%{pkg_version}.tar.bz2 Source1: atftpd.init Source2: atftpd.sysconfig Source3: atftpd.logrotate Source4: atftp.fw Source5: atftpd.service Source6: atftpd.socket Patch1: atftp-0.7.dif Patch2: atftp-CLK_TCK.diff Patch3: atftp-0.7_compiler_warnings.patch Patch4: atftp-0.7_thread_crash.patch Patch5: atftp-0.7_sol_ip.patch Patch6: atftp-0.7_bug-213384_OPT_NUMBER.patch Patch7: atftpd-0.7_unprotected_assignments_crash.patch Patch8: atftpd-0.7_circumvent_tftp_size_restrictions.patch # PATCH-FIX-SUSE sorcerer's apprentice syndrom (bnc#727843) Patch9: atftp-0.7-sorcerers_apprentice.patch # PATCH-FIX-SUSE server receive thread race (bnc#599856) Patch10: atftp-0.7-server_receive_race.patch # PATCH-FIX-SUSE drop one duplicated ACK each round (bnc#774376) Patch12: atftp-0.7-ack_heuristic.patch Patch13: atftp-0.7-default_user_man.patch # PATCH-FIX-SUSE update default directory in man (bnc#507011) Patch14: atftp-0.7-default_dir_man.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: pcre-devel BuildRequires: readline-devel BuildRequires: tcpd-devel Requires(pre): %fillup_prereq Requires(pre): pwdutils Recommends: logrotate Conflicts: tftp Provides: tftp(client) Provides: tftp(server) BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?suse_version} >= 1210 BuildRequires: systemd-rpm-macros %{?systemd_requires} %else Requires(pre): %insserv_prereq %endif %description atftp stands for Advanced Trivial File Transfer Protocol. It is called "advanced", in contrast to others TFTP servers, for two reasons. First, it is intended to be fully compliant with all related RFCs. This includes RFC1350, RFC2090, RFC2347, RFC2348, and RFC2349. Second, atftp is intended for serving boot files to large clusters. It is multithreaded and will eventually support multicast, allowing faster boot of hundreds of machines simultaneously. %prep %setup -q -n %{name}-%{pkg_version} %patch1 %patch2 %patch3 %patch4 %patch5 %patch6 %patch7 %patch8 %patch9 %patch10 %patch12 %patch13 %patch14 %build autoreconf -fi CFLAGS="%optflags -fgnu89-inline" %configure make %{?_smp_mflags} %install make DESTDIR=%{buildroot} install %{?_smp_mflags} # SuSE rc %if 0%{?suse_version} >= 1210 install -D -m 0644 %{SOURCE5} %{buildroot}/%{_unitdir}/atftpd.service install -D -m 0644 %{SOURCE6} %{buildroot}/%{_unitdir}/atftpd.socket ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcatftpd %else install -D -m 0755 %{SOURCE1} %{buildroot}%{_initddir}/atftpd ln -s -f ../..%{_initddir}/atftpd %{buildroot}%{_sbindir}/rcatftpd %endif install -D -m 0644 %{SOURCE2} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.atftpd install -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} mkdir -p %{buildroot}/%{_fwdefdir} install -m 0644 %{SOURCE4} %{buildroot}/%{_fwdefdir}/atftp install -d -m 0750 %{buildroot}/srv/tftpboot install -d -m 0750 %{buildroot}%{_localstatedir}/log/atftpd %pre # This group/user is shared with tftp, so please # keep this in sync with tftp.spec # add group %{_sbindir}/groupadd -r tftp 2>/dev/null || : # add user %{_sbindir}/useradd -c "TFTP account" -d /srv/tftpboot -G tftp -g tftp \ -r -s /bin/false tftp 2>/dev/null || : # fix sysconfig to get new defaults on Update if [ -f %{_sysconfdir}/sysconfig/atftpd ]; then sed -i -e "s@^$ATFTPD_OPTIONS=\"--daemon \"$@#\1@" %{_sysconfdir}/sysconfig/atftpd sed -i -e "s@^$ATFTPD_DIRECTORY=\"/tftpboot\"$@#\1@" %{_sysconfdir}/sysconfig/atftpd fi %if 0%{?suse_version} >= 1210 %service_add_pre atftpd.service atftpd.socket %endif %preun %if 0%{?suse_version} >= 1210 %service_del_preun atftpd.service atftpd.socket %else %stop_on_removal atftpd %endif %post %if 0%{?suse_version} >= 1210 %service_add_post atftpd.service atftpd.socket %endif %{fillup_only -n atftpd} %postun %if 0%{?suse_version} >= 1210 %service_del_postun atftpd.service atftpd.socket %else %restart_on_update atftpd %insserv_cleanup %endif %files %defattr(-,root,root) %doc BUGS FAQ LICENSE README README.MCAST README.PCRE TODO %{_bindir}/atftp %{_sbindir}/atftpd %{_sbindir}/in.tftpd %{_sbindir}/rcatftpd %if 0%{?suse_version} >= 1210 %{_unitdir}/atftpd.service %{_unitdir}/atftpd.socket %else %{_initddir}/atftpd %endif %config %{_sysconfdir}/logrotate.d/%{name} %{_localstatedir}/adm/fillup-templates/sysconfig.atftpd %{_mandir}/man1/atftp.1.gz %{_mandir}/man8/atftpd.8.gz %{_mandir}/man8/in.tftpd.8.gz %config %{_fwdefdir}/atftp %dir %attr(0750,tftp,tftp) /srv/tftpboot %dir %attr(0750,tftp,tftp) %{_localstatedir}/log/atftpd/ %changelog ++++++ atftp-0.7-ack_heuristic.patch ++++++ Index: tftpd_file.c =================================================================== --- tftpd_file.c.orig +++ tftpd_file.c @@ -402,7 +402,6 @@ int tftpd_send_file(struct thread_data * int timeout_state = state; int result; long block_number = 0; - long last_requested_block = -1; long last_block = -1; int block_loops = 0; int data_size; @@ -430,6 +429,11 @@ int tftpd_send_file(struct thread_data * long prev_file_pos = 0; int temp = 0; + long prev_sent_block = -1; + int prev_sent_count = 0; + int prev_ack_count = 0; + int curr_sent_count = 0; + /* look for mode option */ if (strcasecmp(data->tftp_options[OPT_MODE].value, "netascii") == 0) { @@ -786,8 +790,8 @@ int tftpd_send_file(struct thread_data * ntohs(client_info->client.sin_port)); sa = &client_info->client; - /* rewind the last_requested_block counter */ - last_requested_block = -1; + /* rewind the prev_sent_block counter */ + prev_sent_block = -1; state = S_SEND_OACK; break; @@ -856,6 +860,7 @@ int tftpd_send_file(struct thread_data * "source port mismatch, check bypassed"); } } + /* The ACK is from the current client */ number_of_timeout = 0; block_number = (block_loops * 65536) + ntohs(tftphdr->th_block); @@ -864,28 +869,88 @@ int tftpd_send_file(struct thread_data * logger(LOG_DEBUG, "received ACK <block: %d>", block_number); } - /* if turned on, check whether the block request isn't already fulfilled */ - if (tftpd_prevent_sas) { - /* multicast, block numbers could contain gaps */ - if (multicast) { - if (last_requested_block >= block_number) + /* Now check the ACK number and possibly ignore the request */ + + /* multicast, block numbers could contain gaps */ + if (multicast) { + /* if turned on, check whether the block request isn't already fulfilled */ + if (tftpd_prevent_sas) { + if (prev_sent_block >= block_number) { if (data->trace) - logger(LOG_DEBUG, "received duplicated ACK <block: %d >= %d>", last_requested_block, block_number); + logger(LOG_DEBUG, "received duplicated ACK <block: %d >= %d>", prev_sent_block, block_number); break; } else - last_requested_block = block_number; - /* unicast, blocks should be requested one after another */ - } else { - if (last_requested_block + 1 != block_number && last_requested_block != -1) + prev_sent_block = block_number; + } + /* don't prevent thes SAS */ + /* use a heuristic suggested by Vladimir Nadvornik */ + else { + /* here comes the ACK again */ + if (prev_sent_block == block_number) + { + /* drop if number of ACKs == times of previous block sending */ + if (++prev_ack_count == prev_sent_count) { + logger(LOG_DEBUG, "ACK count (%d) == previous block transmission count -> dropping ACK", prev_ack_count); + break; + } + /* else resend the block */ + logger(LOG_DEBUG, "resending block %d", block_number + 1); + } + /* received ACK to sent block -> move on to next block */ + else if (prev_sent_block < block_number) { + prev_sent_block = block_number; + prev_sent_count = curr_sent_count; + curr_sent_count = 0; + prev_ack_count = 1; + } + /* block with low number -> ignore it completely */ + else { + logger(LOG_DEBUG, "ignoring ACK %d", block_number); + break; + } + } + /* unicast, blocks should be requested one after another */ + } else { + /* if turned on, check whether the block request isn't already fulfilled */ + if (tftpd_prevent_sas) { + if (prev_sent_block + 1 != block_number) { + logger(LOG_WARNING, "timeout: retrying..."); if (data->trace) - logger(LOG_DEBUG, "received out of order ACK <block: %d != %d>", last_requested_block + 1, block_number); + logger(LOG_DEBUG, "received out of order ACK <block: %d != %d>", prev_sent_block + 1, block_number); + break; + } + else { + prev_sent_block = block_number; + } + /* don't prevent thes SAS */ + /* use a heuristic suggested by Vladimir Nadvornik */ + } else { + /* here comes the ACK again */ + if (prev_sent_block == block_number) + { + /* drop if number of ACKs == times of previous block sending */ + if (++prev_ack_count == prev_sent_count) { + logger(LOG_DEBUG, "ACK count (%d) == previous block transmission count -> dropping ACK", prev_ack_count); + break; + } + /* else resend the block */ + logger(LOG_DEBUG, "resending block %d", block_number + 1); + } + /* received ACK to sent block -> move on to next block */ + else if (prev_sent_block < block_number) { + prev_sent_block = block_number; + prev_sent_count = curr_sent_count; + curr_sent_count = 0; + prev_ack_count = 1; + } + /* nor previous nor current block number -> ignore it completely */ + else { + logger(LOG_DEBUG, "ignoring ACK %d", block_number); break; } - else - last_requested_block = block_number; } } @@ -898,6 +963,8 @@ int tftpd_send_file(struct thread_data * state = S_END; break; } + + curr_sent_count++; state = S_SEND_DATA; break; case GET_ERROR: @@ -989,7 +1056,7 @@ int tftpd_send_file(struct thread_data * state = S_SEND_OACK; fseek(fp, 0, SEEK_SET); /* reset the last block received counter */ - last_requested_block = -1; + prev_sent_block = -1; } else { ++++++ atftp-0.7-default_dir_man.patch ++++++ Index: atftpd.8 =================================================================== --- atftpd.8.orig +++ atftpd.8 @@ -210,7 +210,7 @@ Show summary of options. .B path This is the root directory used by the TFTP server. All requested files from a TFTP client must reside in this directory. If not -specified, the directory defaults to /tftpboot. Since +specified, the directory defaults to /srv/tftpboot. Since atftpd run as the tftp user, the permission of the directory must be set properly to allow file reading and writing. ++++++ atftp-0.7-default_user_man.patch ++++++ Index: atftpd.8 =================================================================== --- atftpd.8.orig +++ atftpd.8 @@ -80,10 +80,10 @@ acknowledging the 'multicast' request by .TP .B \-\-logfile <logfile> -Log to a specific file instead of only syslog. 'nobody' (or any user +Log to a specific file instead of only syslog. 'tftp' (or any user used to run the server) must have permissions on the given file. Assuming the file is /var/log/atftpd.log, simply run: "touch -/var/log/atftpd.log" and then "chown nobody.nogroup +/var/log/atftpd.log" and then "chown tftp.tftp /var/log/atftpd.log". When the server is ran in daemon mode, /dev/stdout or /dev/stderr can be used. @@ -105,8 +105,8 @@ specialized usage. .TP .B \-\-user <user[.group]> -By default, the server change identity to the user nobody and group -nogroup. Specify an alternate user.group with this option. +By default, the server change identity to the user tftp and group +tftp. Specify an alternate user.group with this option. .TP .B \-\-group <group> @@ -211,7 +211,7 @@ Show summary of options. This is the root directory used by the TFTP server. All requested files from a TFTP client must reside in this directory. If not specified, the directory defaults to /tftpboot. Since -atftpd run as the nobody user, the permission of the directory +atftpd run as the tftp user, the permission of the directory must be set properly to allow file reading and writing. .SH STATS ++++++ atftp-0.7-server_receive_race.patch ++++++ Index: tftpd_file.c =================================================================== --- tftpd_file.c.orig +++ tftpd_file.c @@ -114,7 +114,7 @@ int tftpd_receive_file(struct thread_dat struct sockaddr_in *sa = &data->client_info->client; struct sockaddr_in from; struct tftphdr *tftphdr = (struct tftphdr *)data->data_buffer; - FILE *fp; + FILE *fp = NULL; char filename[MAXLEN]; char string[MAXLEN]; int timeout = data->timeout; @@ -144,18 +144,6 @@ int tftpd_receive_file(struct thread_dat return ERR; } - /* Open the file for writing. */ - if ((fp = fopen(filename, "w")) == NULL) - { - /* Can't create the file. */ - logger(LOG_INFO, "Can't open %s for writing", filename); - tftp_send_error(sockfd, sa, EACCESS, data->data_buffer, data->data_buffer_size); - if (data->trace) - logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EACCESS, - tftp_errmsg[EACCESS]); - return ERR; - } - /* tsize option */ if (((result = opt_get_tsize(data->tftp_options)) > -1) && !convert) { @@ -172,7 +160,6 @@ int tftpd_receive_file(struct thread_dat if (data->trace) logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EOPTNEG, tftp_errmsg[EOPTNEG]); - fclose(fp); return ERR; } timeout = result; @@ -189,7 +176,6 @@ int tftpd_receive_file(struct thread_dat if (data->trace) logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EOPTNEG, tftp_errmsg[EOPTNEG]); - fclose(fp); return ERR; } @@ -199,7 +185,6 @@ int tftpd_receive_file(struct thread_dat if (data->data_buffer == NULL) { logger(LOG_ERR, "memory allocation failure"); - fclose(fp); return ERR; } tftphdr = (struct tftphdr *)data->data_buffer; @@ -210,7 +195,6 @@ int tftpd_receive_file(struct thread_dat if (data->trace) logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", ENOSPACE, tftp_errmsg[ENOSPACE]); - fclose(fp); return ERR; } opt_set_blksize(result, data->tftp_options); @@ -343,6 +327,20 @@ int tftpd_receive_file(struct thread_dat } break; case S_DATA_RECEIVED: + if (fp == NULL) { + /* Open the file for writing. */ + if ((fp = fopen(filename, "w")) == NULL) + { + /* Can't create the file. */ + logger(LOG_INFO, "Can't open %s for writing", filename); + tftp_send_error(sockfd, sa, EACCESS, data->data_buffer, data->data_buffer_size); + if (data->trace) + logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EACCESS, + tftp_errmsg[EACCESS]); + return ERR; + } + } + /* We need to seek to the right place in the file */ block_number = ntohs(tftphdr->th_block); if (data->trace) @@ -370,13 +368,13 @@ int tftpd_receive_file(struct thread_dat state = S_SEND_ACK; break; case S_END: - fclose(fp); + if (fp != NULL) fclose(fp); return OK; case S_ABORT: - fclose(fp); + if (fp != NULL) fclose(fp); return ERR; default: - fclose(fp); + if (fp != NULL) fclose(fp); logger(LOG_ERR, "%s: %d: tftpd_file.c: huh?", __FILE__, __LINE__); return ERR; ++++++ atftp-0.7-sorcerers_apprentice.patch ++++++ Index: tftp_file.c =================================================================== --- tftp_file.c.orig +++ tftp_file.c @@ -49,6 +49,7 @@ #define NB_BLOCK 2048 extern int tftp_cancel; +extern int tftp_prevent_sas; /* * Find a hole in the file bitmap. @@ -605,6 +606,7 @@ int tftp_send_file(struct client_data *d int timeout_state = state; /* what state should we go on when timeout */ int result; long block_number = 0; + long last_requested_block = -1; long last_block = -1; int data_size; /* size of data received */ int sockfd = data->sockfd; /* just to simplify calls */ @@ -765,6 +767,20 @@ int tftp_send_file(struct client_data *d connected = 1; } block_number = ntohs(tftphdr->th_block); + + /* if turned on, check whether the block request isn't already fulfilled */ + if (tftp_prevent_sas) { + if (last_requested_block >= block_number) + { + if (data->trace) + fprintf(stderr, "received duplicated ACK <block: %ld >= %ld>\n", + last_requested_block, block_number); + break; + } + else + last_requested_block = block_number; + } + if (data->trace) fprintf(stderr, "received ACK <block: %ld>\n", block_number); Index: tftpd_file.c =================================================================== --- tftpd_file.c.orig +++ tftpd_file.c @@ -55,6 +55,7 @@ extern char directory[MAXLEN]; /* read only except for the main thread */ extern int tftpd_cancel; +extern int tftpd_prevent_sas; #ifdef HAVE_PCRE extern tftpd_pcre_self_t *pcre_top; @@ -403,6 +404,7 @@ int tftpd_send_file(struct thread_data * int timeout_state = state; int result; long block_number = 0; + long last_requested_block = -1; long last_block = -1; int block_loops = 0; int data_size; @@ -785,6 +787,10 @@ int tftpd_send_file(struct thread_data * inet_ntoa(client_info->client.sin_addr), ntohs(client_info->client.sin_port)); sa = &client_info->client; + + /* rewind the last_requested_block counter */ + last_requested_block = -1; + state = S_SEND_OACK; break; } @@ -859,6 +865,32 @@ int tftpd_send_file(struct thread_data * { logger(LOG_DEBUG, "received ACK <block: %d>", block_number); } + + /* if turned on, check whether the block request isn't already fulfilled */ + if (tftpd_prevent_sas) { + /* multicast, block numbers could contain gaps */ + if (multicast) { + if (last_requested_block >= block_number) + { + if (data->trace) + logger(LOG_DEBUG, "received duplicated ACK <block: %d >= %d>", last_requested_block, block_number); + break; + } + else + last_requested_block = block_number; + /* unicast, blocks should be requested one after another */ + } else { + if (last_requested_block + 1 != block_number && last_requested_block != -1) + { + if (data->trace) + logger(LOG_DEBUG, "received out of order ACK <block: %d != %d>", last_requested_block + 1, block_number); + break; + } + else + last_requested_block = block_number; + } + } + if (ntohs(tftphdr->th_block) == 65535) { block_loops++; @@ -958,6 +990,8 @@ int tftpd_send_file(struct thread_data * /* nedd to send an oack to that client */ state = S_SEND_OACK; fseek(fp, 0, SEEK_SET); + /* reset the last block received counter */ + last_requested_block = -1; } else { Index: tftpd.c =================================================================== --- tftpd.c.orig +++ tftpd.c @@ -62,6 +62,7 @@ int retry_timeout = S_TIMEOUT; int tftpd_daemon = 0; /* By default we are started by inetd */ int tftpd_daemon_no_fork = 0; /* For who want a false daemon mode */ +int tftpd_prevent_sas = 0; /* For who don't want the sorcerer's apprentice syndrome */ short tftpd_port = 0; /* Port atftpd listen to */ char tftpd_addr[MAXLEN] = ""; /* IP address atftpd binds to */ @@ -833,6 +834,7 @@ int tftpd_cmd_line_options(int argc, cha { "mtftp", 1, NULL, OPT_MTFTP }, { "mtftp-port", 1, NULL, OPT_MTFTP_PORT }, #endif + { "prevent-sas", 0, NULL, 'X' }, { "no-source-port-checking", 0, NULL, OPT_PORT_CHECK }, { "mcast-switch-client", 0, NULL, OPT_MCAST_SWITCH }, { "version", 0, NULL, 'V' }, @@ -896,6 +898,9 @@ int tftpd_cmd_line_options(int argc, cha case 'N': tftpd_daemon_no_fork = 1; break; + case 'X': + tftpd_prevent_sas = 1; + break; case 'U': tmp = strtok(optarg, "."); if (tmp != NULL) @@ -1120,6 +1125,7 @@ void tftpd_usage(void) " --pidfile <file> : write PID to this file\n" " --daemon : run atftpd standalone (no inetd)\n" " --no-fork : run as a daemon, don't fork\n" + " --prevent-sas : prevent Sorcerer's Apprentice Syndrome\n" " --user <user[.group]> : default is nobody\n" " --group <group> : default is nogroup\n" " --port <port> : port on which atftp listen\n" Index: tftp.c =================================================================== --- tftp.c.orig +++ tftp.c @@ -57,6 +57,7 @@ /* defined as extern in tftp_file.c and mtftp_file.c, set by the signal handler */ int tftp_cancel = 0; +int tftp_prevent_sas = 0; /* local flags */ int interactive = 1; /* if false, we run in batch mode */ @@ -982,6 +983,7 @@ int tftp_cmd_line_options(int argc, char #endif { "mtftp", 1, NULL, '1'}, { "no-source-port-checking", 0, NULL, '0'}, + { "prevent-sas", 0, NULL, 'X'}, { "verbose", 0, NULL, 'v'}, { "trace", 0, NULL, 'd'}, #if DEBUG @@ -1086,6 +1088,9 @@ int tftp_cmd_line_options(int argc, char case '0': data.checkport = 0; break; + case 'X': + tftp_prevent_sas = 1; + break; case 'v': snprintf(string, sizeof(string), "verbose on"); make_arg(string, &ac, &av); @@ -1182,6 +1187,7 @@ void tftp_usage(void) " --mtftp <\"name value\"> : set mtftp variable to value\n" #endif " --no-source-port-checking: violate RFC, see man page\n" + " --prevent-sas : prevent Sorcerer's Apprentice Syndrome\n" " --verbose : set verbose mode on\n" " --trace : set trace mode on\n" #if DEBUG Index: atftpd.8 =================================================================== --- atftpd.8.orig +++ atftpd.8 @@ -180,6 +180,14 @@ implication. Be aware that this option v option has effect only for non-multicast transfer. .TP +.B \-\-prevent\-sas +Address the Sorcerer's Apprentice Syndrome situation as requested by RFC 1350. +This RFC requires repeated responses to a single packet to be +rejected. Thus a block will only get retransmitted on a timeout. +For backward compatibility, the default stays to ignore this RFC. +So blocks get transmitted on every request. + +.TP .B \-\-mcast\-switch\-client This option allow the server to proceed with the next multicast client as soon as the current client timeout. When the current master client Index: atftp.1 =================================================================== --- atftp.1.orig +++ atftp.1 @@ -77,6 +77,14 @@ to configure client side port to use. See atftpd's man page. .TP +.B \-\-prevent\-sas +Address the Sorcerer's Apprentice Syndrome situation as requested by RFC 1350. +This RFC requires repeated responses to a single packet to be +rejected. Thus a block will only get retransmitted on a timeout. +For backward compatibility, the default stays to ignore this RFC. +So blocks get transmitted on every request. + +.TP .B \-\-verbose Instruct atftp to be verbose. It will print more information about what's going on. ++++++ atftp-0.7.dif ++++++ Index: argz.h =================================================================== --- argz.h.orig +++ argz.h @@ -180,7 +180,7 @@ extern char *argz_next (__const char *__ #ifdef __USE_EXTERN_INLINES extern inline char * __argz_next (__const char *__argz, size_t __argz_len, - __const char *__entry) __THROW + __const char *__entry) { if (__entry) { @@ -194,7 +194,7 @@ __argz_next (__const char *__argz, size_ } extern inline char * argz_next (__const char *__argz, size_t __argz_len, - __const char *__entry) __THROW + __const char *__entry) { return __argz_next (__argz, __argz_len, __entry); } Index: tftp.c =================================================================== --- tftp.c.orig +++ tftp.c @@ -354,7 +354,7 @@ char *command_generator(const char *text void make_arg(char *string, int *argc, char ***argv) { static char *tmp = NULL; - int argz_len; + size_t argz_len; /* split the string to an argz vector */ if (argz_create_sep(string, ' ', &tmp, &argz_len) != 0) @@ -731,7 +731,7 @@ int get_file(int argc, char **argv) fsync(data.sockfd); close(data.sockfd); - return OK; + return tftp_result; } #ifdef HAVE_MTFTP Index: tftp_file.c =================================================================== --- tftp_file.c.orig +++ tftp_file.c @@ -59,9 +59,9 @@ int tftp_find_bitmap_hole(int prev_hole, unsigned int next_word; /* initial stuff */ - next_hole = prev_hole + 1; - next_word_no = next_hole / 32; - next_bit_no = next_hole % 32; + next_hole = 0; + next_word_no = next_hole / 32; /* effectively 0 */ + next_bit_no = next_hole % 32; /* effectively 0 */ next_word = bitmap[next_word_no]; /* Check if there is a remainder of the current word to traverse */ @@ -136,7 +136,7 @@ int tftp_receive_file(struct client_data struct hostent *host; int master_client = 0; unsigned int file_bitmap[NB_BLOCK]; - int prev_bitmap_hole = -1; /* the previous hole found in the bitmap */ + int prev_bitmap_hole = 0; /* the previous hole found in the bitmap */ char string[MAXLEN]; int prev_block_number = 0; /* needed to support netascii convertion */ ++++++ atftp-0.7_bug-213384_OPT_NUMBER.patch ++++++ --- options.h | 2 +- tftp_def.c | 2 +- tftp_def.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Index: options.h =================================================================== --- options.h.orig +++ options.h @@ -27,7 +27,7 @@ struct tftp_opt { int enabled; /* enabled for use by server or client */ }; -extern struct tftp_opt tftp_default_options[OPT_NUMBER]; +extern struct tftp_opt tftp_default_options[OPT_NUMBER + 1]; int opt_parse_request(char *data, int data_size, struct tftp_opt *options); int opt_parse_options(char *data, int data_size, struct tftp_opt *options); Index: tftp_def.c =================================================================== --- tftp_def.c.orig +++ tftp_def.c @@ -30,7 +30,7 @@ */ // FIXME: is there a way to use TIMEOUT and SEGSIZE here? -struct tftp_opt tftp_default_options[OPT_NUMBER] = { +struct tftp_opt tftp_default_options[OPT_NUMBER + 1] = { { "filename", "", 0, 1}, /* file to transfer */ { "mode", "octet", 0, 1}, /* mode for transfer */ { "tsize", "0", 0, 1 }, /* RFC1350 options. See RFC2347, */ Index: tftp_def.h =================================================================== --- tftp_def.h.orig +++ tftp_def.h @@ -40,7 +40,7 @@ #define OPT_TIMEOUT 3 #define OPT_BLKSIZE 4 #define OPT_MULTICAST 5 -#define OPT_NUMBER 7 +#define OPT_NUMBER 6 #define OPT_SIZE 12 #define VAL_SIZE MAXLEN ++++++ atftp-0.7_compiler_warnings.patch ++++++ Index: logger.c =================================================================== --- logger.c.orig +++ logger.c @@ -27,6 +27,7 @@ #include <time.h> #include <unistd.h> #include <netdb.h> +#include <pthread.h> #include "logger.h" #define MAXLEN 128 @@ -102,17 +103,17 @@ void logger(int severity, const char *fm if (severity <= log_priority) { vsnprintf(message, sizeof(message), fmt, args); - + if (log_fp) { - fprintf(log_fp, "%s %s %s[%d.%d]: %s\n", time_buf, hostname, + fprintf(log_fp, "%s %s %s[%d.%ld]: %s\n", time_buf, hostname, log_ident, getpid(), pthread_self(), message); fflush(log_fp); } else if (log_syslog_is_open) syslog(severity, "%s", message); else - fprintf(stderr, "%s %s %s[%d.%d]: %s\n", time_buf, hostname, + fprintf(stderr, "%s %s %s[%d.%ld]: %s\n", time_buf, hostname, log_ident, getpid(), pthread_self(), message); } va_end(args); Index: configure.ac =================================================================== --- configure.ac.orig +++ configure.ac @@ -66,7 +66,7 @@ AC_PROG_CC dnl Check for AIX AC_AIX -CFLAGS="-g -Wall -D_REENTRANT" +CFLAGS="${CFLAGS} -g -Wall -D_REENTRANT" if test x$debug = xtrue; then CFLAGS="$CFLAGS -O0 -DDEBUG" Index: tftpd_list.c =================================================================== --- tftpd_list.c.orig +++ tftpd_list.c @@ -143,13 +143,13 @@ int tftpd_list_find_multicast_server_and char options[MAXLEN]; char string[MAXLEN]; char *index; - int len; + size_t len; *thread = NULL; opt_request_to_string(tftp_options, options, MAXLEN); index = strstr(options, "multicast"); - len = (int)index - (int)options; + len = (size_t)(index - options); /* lock the whole list before walking it */ pthread_mutex_lock(&thread_list_mutex); @@ -166,7 +166,7 @@ int tftpd_list_find_multicast_server_and /* must have exact same option string */ if (strncmp(string, options, len) == 0) { - *thread = current; + *thread = current; /* insert the new client at the end. If the client is already in the list, don't add it again. */ tmp = current->client_info; @@ -188,17 +188,17 @@ int tftpd_list_find_multicast_server_and } tmp->next = client; /* unlock mutex and exit */ - pthread_mutex_unlock(&current->client_mutex); + pthread_mutex_unlock(&current->client_mutex); pthread_mutex_unlock(&thread_list_mutex); return 1; } } - pthread_mutex_unlock(&current->client_mutex); + pthread_mutex_unlock(&current->client_mutex); } current = current->next; } pthread_mutex_unlock(&thread_list_mutex); - + return 0; } Index: tftp_mtftp.c =================================================================== --- tftp_mtftp.c.orig +++ tftp_mtftp.c @@ -63,7 +63,7 @@ extern int tftp_cancel; * If mode = 0, count missed packet from block 0. Else, start after first * received block. */ -int tftp_mtftp_missed_packet(int file_bitmap[], int last_block, int mode) +int tftp_mtftp_missed_packet(unsigned int file_bitmap[], int last_block, int mode) { int missed_block = 0; int block_number = 0; ++++++ atftp-0.7_sol_ip.patch ++++++ Index: tftp_io.c =================================================================== --- tftp_io.c.orig +++ tftp_io.c @@ -284,12 +284,14 @@ int tftp_get_packet(int sock1, int sock2 cmsg != NULL && cmsg->cmsg_len >= sizeof(*cmsg); cmsg = CMSG_NXTHDR(&msg, cmsg)) { +#ifdef SOL_IP if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO) { pktinfo = (struct in_pktinfo *)CMSG_DATA(cmsg); sa_to->sin_addr = pktinfo->ipi_addr; } +#endif break; } } ++++++ atftp-0.7_thread_crash.patch ++++++ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=271816 Index: tftpd.c =================================================================== --- tftpd.c.orig +++ tftpd.c @@ -157,6 +157,7 @@ int main(int argc, char **argv) struct servent *serv; struct passwd *user; struct group *group; + pthread_t tid; #ifdef HAVE_MTFTP pthread_t mtftp_thread; @@ -466,7 +467,7 @@ int main(int argc, char **argv) new->client_info->next = NULL; /* Start a new server thread. */ - if (pthread_create(&new->tid, NULL, tftpd_receive_request, + if (pthread_create(&tid, NULL, tftpd_receive_request, (void *)new) != 0) { logger(LOG_ERR, "Failed to start new thread"); @@ -567,7 +568,8 @@ void *tftpd_receive_request(void *arg) /* Detach ourself. That way the main thread does not have to * wait for us with pthread_join. */ - pthread_detach(pthread_self()); + data->tid = pthread_self(); + pthread_detach(data->tid); /* Read the first packet from stdin. */ data_size = data->data_buffer_size; @@ -733,7 +735,7 @@ void *tftpd_receive_request(void *arg) /* free the thread structure */ free(data); - + logger(LOG_INFO, "Server thread exiting"); pthread_exit(NULL); } ++++++ atftp-CLK_TCK.diff ++++++ Index: stats.c =================================================================== --- stats.c.orig +++ stats.c @@ -142,6 +142,10 @@ void stats_thread_usage_locked(void) pthread_mutex_unlock(&s_stats.mutex); } +#ifndef CLK_TCK +#define CLK_TCK CLOCKS_PER_SEC +#endif + /* * Called at the end of the main thread, when no other threads are * running, to print the final statistics. ++++++ atftp.fw ++++++ ## Name: aTFTP Server ## Description: Opens ports for tftp service. # space separated list of allowed UDP ports UDP="tftp" ++++++ atftpd-0.7_circumvent_tftp_size_restrictions.patch ++++++ Fate #303031: Circumvent TFTP size restrictions in atftpd The size of a single image file that can be transferred with TFTP is limited to 2^(2*8) *BLOCKSIZE (as per RFC 1350 there are only two bytes for the block counter). This is problematic for one of our customers who needs to transfer 100+ MB Windows images using a TFTP client (NT bootloader) which has a hardwared BLOCKSIZE setting of 1432). block rollover http://www.compuphase.com/tftp.htm Index: tftp_def.h =================================================================== --- tftp_def.h.orig +++ tftp_def.h @@ -32,6 +32,7 @@ #define TIMEOUT 5 /* Client timeout */ #define S_TIMEOUT 5 /* Server timout. */ #define NB_OF_RETRY 5 +#define MAXBLOCKS 500000 /* maximum number of blocks in a download */ /* definition to use tftp_options structure */ #define OPT_FILENAME 0 Index: tftp_file.c =================================================================== --- tftp_file.c.orig +++ tftp_file.c @@ -604,8 +604,8 @@ int tftp_send_file(struct client_data *d int state = S_SEND_REQ; /* current state in the state machine */ int timeout_state = state; /* what state should we go on when timeout */ int result; - int block_number = 0; - int last_block = -1; + long block_number = 0; + long last_block = -1; int data_size; /* size of data received */ int sockfd = data->sockfd; /* just to simplify calls */ struct sockaddr_in sa; /* a copy of data.sa_peer */ @@ -618,8 +618,8 @@ int tftp_send_file(struct client_data *d int convert = 0; /* if true, do netascii convertion */ char string[MAXLEN]; - int prev_block_number = 0; /* needed to support netascii convertion */ - int prev_file_pos = 0; + long prev_block_number = 0; /* needed to support netascii convertion */ + long prev_file_pos = 0; int temp = 0; data->file_size = 0; @@ -726,7 +726,7 @@ int tftp_send_file(struct client_data *d data_size, data->data_buffer); data->file_size += data_size; if (data->trace) - fprintf(stderr, "sent DATA <block: %d, size: %d>\n", + fprintf(stderr, "sent DATA <block: %ld, size: %d>\n", block_number + 1, data_size - 4); state = S_WAIT_PACKET; break; @@ -766,7 +766,7 @@ int tftp_send_file(struct client_data *d } block_number = ntohs(tftphdr->th_block); if (data->trace) - fprintf(stderr, "received ACK <block: %d>\n", + fprintf(stderr, "received ACK <block: %ld>\n", block_number); if ((last_block != -1) && (block_number > last_block)) { Index: tftp_io.c =================================================================== --- tftp_io.c.orig +++ tftp_io.c @@ -334,8 +334,8 @@ int tftp_get_packet(int sock1, int sock2 /* * Read from file and do netascii conversion if needed */ -int tftp_file_read(FILE *fp, char *data_buffer, int data_buffer_size, int block_number, - int convert, int *prev_block_number, int *prev_file_pos, int *temp) +int tftp_file_read(FILE *fp, char *data_buffer, int data_buffer_size, long block_number, + int convert, long *prev_block_number, long *prev_file_pos, int *temp) { int i; int c; Index: tftp_io.h =================================================================== --- tftp_io.h.orig +++ tftp_io.h @@ -52,8 +52,8 @@ int tftp_send_data(int socket, struct so int tftp_get_packet(int sock1, int sock2, int *sock, struct sockaddr_in *sa, struct sockaddr_in *from, struct sockaddr_in *to, int timeout, int *size, char *data); -int tftp_file_read(FILE *fp, char *buffer, int buffer_size, int block_number, int convert, - int *prev_block_number, int *prev_file_pos, int *temp); +int tftp_file_read(FILE *fp, char *buffer, int buffer_size, long block_number, int convert, + long *prev_block_number, long *prev_file_pos, int *temp); int tftp_file_write(FILE *fp, char *data_buffer, int data_buffer_size, int block_number, int data_size, int convert, int *prev_block_number, int *temp); #endif Index: tftpd_file.c =================================================================== --- tftpd_file.c.orig +++ tftpd_file.c @@ -402,8 +402,9 @@ int tftpd_send_file(struct thread_data * int state = S_BEGIN; int timeout_state = state; int result; - int block_number = 0; - int last_block = -1; + long block_number = 0; + long last_block = -1; + int block_loops = 0; int data_size; struct sockaddr_in *sa = &data->client_info->client; struct sockaddr_in from; @@ -425,8 +426,8 @@ int tftpd_send_file(struct thread_data * struct client_info *client_old = NULL; struct tftp_opt options[OPT_NUMBER]; - int prev_block_number = 0; /* needed to support netascii convertion */ - int prev_file_pos = 0; + long prev_block_number = 0; /* needed to support netascii convertion */ + long prev_file_pos = 0; int temp = 0; /* look for mode option */ @@ -559,11 +560,12 @@ int tftpd_send_file(struct thread_data * logger(LOG_INFO, "blksize option -> %d", result); } - /* Verify that the file can be sent in 2^16 block of BLKSIZE octets */ - if ((file_stat.st_size / (data->data_buffer_size - 4)) > 65535) + /* Verify that the file can be sent in MAXBLOCKS blocks of BLKSIZE octets */ + if ((file_stat.st_size / (data->data_buffer_size - 4)) > MAXBLOCKS) { tftp_send_error(sockfd, sa, EUNDEF, data->data_buffer, data->data_buffer_size); - logger(LOG_NOTICE, "Requested file to big, increase BLKSIZE"); + logger(LOG_NOTICE, "Requested file too big, increase BLKSIZE"); + logger(LOG_NOTICE, "Only %d blocks of %d bytes can be served.", MAXBLOCKS, data->data_buffer_size); if (data->trace) logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EUNDEF, tftp_errmsg[EUNDEF]); @@ -852,10 +854,15 @@ int tftpd_send_file(struct thread_data * } /* The ACK is from the current client */ number_of_timeout = 0; - block_number = ntohs(tftphdr->th_block); + block_number = (block_loops * 65536) + ntohs(tftphdr->th_block); if (data->trace) - logger(LOG_DEBUG, "received ACK <block: %d>", - block_number); + { + logger(LOG_DEBUG, "received ACK <block: %d>", block_number); + } + if (ntohs(tftphdr->th_block) == 65535) + { + block_loops++; + }; if ((last_block != -1) && (block_number > last_block)) { state = S_END; ++++++ atftpd-0.7_unprotected_assignments_crash.patch ++++++ Index: tftpd_list.c =================================================================== --- tftpd_list.c.orig +++ tftpd_list.c @@ -49,11 +49,11 @@ pthread_mutex_t thread_list_mutex = PTHR */ int tftpd_list_add(struct thread_data *new) { - struct thread_data *current = thread_data; + struct thread_data *current; int ret; pthread_mutex_lock(&thread_list_mutex); - + current = thread_data; number_of_thread++; ret = number_of_thread; @@ -81,11 +81,13 @@ int tftpd_list_add(struct thread_data *n */ int tftpd_list_remove(struct thread_data *old) { - struct thread_data *current = thread_data; + struct thread_data *current; int ret; pthread_mutex_lock(&thread_list_mutex); + current = thread_data; + number_of_thread--; ret = number_of_thread; @@ -137,23 +139,26 @@ int tftpd_list_find_multicast_server_and struct thread_data *data, struct client_info *client) { - struct thread_data *current = thread_data; /* head of the list */ - struct tftp_opt *tftp_options = data->tftp_options; + struct thread_data *current; /* head of the list */ + struct tftp_opt *tftp_options; struct client_info *tmp; char options[MAXLEN]; char string[MAXLEN]; char *index; size_t len; + /* lock the whole list before walking it */ + pthread_mutex_lock(&thread_list_mutex); + *thread = NULL; + current = thread_data; + tftp_options = data->tftp_options; + opt_request_to_string(tftp_options, options, MAXLEN); index = strstr(options, "multicast"); len = (size_t)(index - options); - /* lock the whole list before walking it */ - pthread_mutex_lock(&thread_list_mutex); - while (current) { if (current != data) @@ -215,9 +220,10 @@ inline void tftpd_clientlist_ready(struc void tftpd_clientlist_remove(struct thread_data *thread, struct client_info *client) { - struct client_info *tmp = thread->client_info; + struct client_info *tmp; pthread_mutex_lock(&thread->client_mutex); + tmp = thread->client_info; while ((tmp->next != client) && (tmp->next != NULL)) tmp = tmp->next; if (tmp->next == NULL) @@ -232,9 +238,11 @@ void tftpd_clientlist_remove(struct thre void tftpd_clientlist_free(struct thread_data *thread) { struct client_info *tmp; - struct client_info *head = thread->client_info; + struct client_info *head; pthread_mutex_lock(&thread->client_mutex); + head = thread->client_info; + while (head) { tmp = head; @@ -251,9 +259,10 @@ int tftpd_clientlist_done(struct thread_ struct client_info *client, struct sockaddr_in *sock) { - struct client_info *head = thread->client_info; + struct client_info *head; pthread_mutex_lock(&thread->client_mutex); + head = thread->client_info; if (client) { @@ -335,10 +344,10 @@ int tftpd_clientlist_next(struct thread_ void tftpd_list_kill_threads(void) { - struct thread_data *current = thread_data; /* head of list */ + struct thread_data *current; /* head of list */ pthread_mutex_lock(&thread_list_mutex); - + current = thread_data; while (current != NULL) { Index: tftpd_mcast.c =================================================================== --- tftpd_mcast.c.orig +++ tftpd_mcast.c @@ -51,9 +51,11 @@ struct tid *tid_list = NULL; */ int tftpd_mcast_get_tid(char **addr, short *port) { - struct tid *current = tid_list; + struct tid *current; pthread_mutex_lock(&mcast_tid_list); + current = tid_list; + /* walk the list for a free tid */ while (current != NULL) { @@ -74,9 +76,11 @@ int tftpd_mcast_get_tid(char **addr, sho int tftpd_mcast_free_tid(char *addr, short port) { - struct tid *current = tid_list; + struct tid *current; pthread_mutex_lock(&mcast_tid_list); + current = tid_list; + while (current != NULL) { if ((current->used == 1) && (current->port == port) && ++++++ atftpd.init ++++++ #! /bin/sh # Copyright (c) 2002,2003 SuSE Linux AG, Nuernberg, Germany. # All rights reserved. # # Author: Anas Nashif # # /etc/init.d/atftpd # and its symbolic link # /usr/sbin/rcatftpd # ### BEGIN INIT INFO # Provides: atftpd # Required-Start: $syslog $remote_fs # Required-Stop: $syslog $remote_fs # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: launch atftpd server # Description: launch Advanced TFTP Server ### END INIT INFO # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed <num> set local and overall rc status to <num><num> # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status # rc_active checks whether a service is activated by symlinks . /etc/rc.status # First reset status of this service rc_reset # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. ATFTP_BIN="/usr/sbin/atftpd" if [ ! -x $ATFTP_BIN ]; then echo -n "Advanced Trivial FTP server, $ATFTP_BIN is not installed." # Tell the user this has skipped rc_status -s exit 5 fi ATFTP_LOG_FILE="/var/log/atftpd/atftp.log" ATFTP_LOG_DIR="$(dirname ${ATFTP_LOG_FILE})" ATFTP_PID_DIR="/var/run/atftpd" # check for sysconfig file [ -f /etc/sysconfig/atftpd ] && . /etc/sysconfig/atftpd # Set default in case of missing sysconfig file ATFTP_USR=${ATFTPD_USER:="tftp"} ATFTP_GRP=${ATFTPD_GROUP:="tftp"} ATFTP_OPTS=${ATFTPD_OPTIONS:=""} ATFTP_USE_INETD=${ATFTPD_USE_INETD:="no"} ATFTP_DIR=${ATFTPD_DIRECTORY:="/srv/tftpboot"} ATFTP_BIND=${ATFTPD_BIND_ADDRESSES:=""} # start as daemon with some default opts ATFTP_DEF_OPTS="--daemon --user $ATFTP_USR --group $ATFTP_GRP --logfile $ATFTP_LOG_FILE" # create logfile and PID directory if they don't exist create_logfile_and_piddir(){ # /var/run is mounted as tmpfs on openSUSE >= 11.4 [ ! -d "$ATFTP_PID_DIR" ] && /usr/bin/install -o ${ATFTP_USR} -g ${ATFTP_GRP} -d "$ATFTP_PID_DIR"; # must exist otherwise atftp will log to syslog [ ! -f "$ATFTP_PID_DIR" ] && /usr/bin/install -m 0644 -o ${ATFTP_USR} -g ${ATFTP_GRP} /dev/null "$ATFTP_LOG_FILE" } if [ "$ATFTP_USE_INETD" = "yes" ]; then echo "ATFTP is set to start via inetd" exit 0; fi case "$1" in start) create_logfile_and_piddir if [ -n "$ATFTP_BIND" ]; then for IP in $ATFTP_BIND; do echo -n "Starting Advanced Trivial FTP server on $IP: " ## Start daemon with startproc(8). If this fails ## the echo return value is set appropriate. startproc -p "${ATFTP_PID_DIR}/$IP.pid" -f $ATFTP_BIN --pidfile "${ATFTP_PID_DIR}/$IP.pid" $ATFTP_DEF_OPTS $ATFTP_OPTS $ATFTP_DIR --bind-address $IP # Remember status and be verbose rc_status -v done else echo -n "Starting Advanced Trivial FTP server: " ## Start daemon with startproc(8). If this fails ## the echo return value is set appropriate. startproc $ATFTP_BIN --pidfile "${ATFTP_PID_DIR}/pid" $ATFTP_DEF_OPTS $ATFTP_OPTS $ATFTP_DIR # Remember status and be verbose rc_status -v fi ;; stop) echo -n "Stopping Advanced Trivial FTP server: " killproc -TERM $ATFTP_BIN # Remember status and be verbose rc_status -v ;; try-restart) ## Do a restart only if the service was active before. ## Note: try-restart is not (yet) part of LSB (as of 1.2) $0 status >/dev/null && $0 restart # Remember status and be quiet rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start # Remember status and be quiet rc_status ;; force-reload) #echo -n "Reloading Advanced Trivial FTP server: " ## if it supports it: #/sbin/killproc -HUP $ATFTP_BIN #touch /var/run/FOO.pid # Remember status and be verbose #rc_status -v ## Otherwise: $0 try-restart #rc_status ;; reload) echo -n "Reloading Advanced Trivial FTP server: " ## Like force-reload, but if daemon does not support ## signaling, do nothing (!) # If it supports signaling: #/sbin/killproc -HUP $ATFTP_BIN #touch /var/run/FOO.pid # Remember status and be verbose #rc_status -v ## Otherwise if it does not support reload: rc_failed 5 # Remember status and be verbose rc_status -v ;; status) echo -n "Checking for Advanced Trivial FTP server: " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. # Return value is slightly different for the status command: # 0 - service running # 1 - service dead, but /var/run/ pid file exists # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running # NOTE: checkproc returns LSB compliant status values. checkproc $ATFTP_BIN # Remember status and be verbose rc_status -v ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" exit 1 ;; esac rc_exit ++++++ atftpd.logrotate ++++++ /var/log/atftpd/atftp.log { su tftp tftp compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok create 640 tftp tftp postrotate /etc/init.d/atftpd restart endscript } ++++++ atftpd.service ++++++ [Unit] Description=Advanced TFTP Server [Service] EnvironmentFile=/etc/sysconfig/atftpd ExecStart=/usr/sbin/atftpd --user $ATFTPD_USER --group $ATFTPD_GROUP $ATFTPD_OPTIONS $ATFTPD_DIRECTORY StandardInput=socket ++++++ atftpd.socket ++++++ [Unit] Description=Advanced tftp Server Activation Socket [Socket] ListenDatagram=0.0.0.0:69 [Install] WantedBy=sockets.target ++++++ atftpd.sysconfig ++++++ ## Path: Network/FTP/Atftpd ## Description: ATFTP Configuration ## Type: string ## Default: "tftp" # # daemon user (tftp) # ATFTPD_USER="tftp" ## Type: string ## Default: "tftp" # # daemon user (tftp) # ATFTPD_GROUP="tftp" ## Type: string ## Default: "" ## ## INFO: ## "--daemon, --user, --group, --logfile" can not be removed/replaced here as ## atftp is started with them as default opts: "--daemon --user atftp --group atftp " ## and ## logging to file is set as default: "--logfile /var/log/atftpd/atftp.log " # # atftpd options # ATFTPD_OPTIONS="" ## Type: yesno ## Default: no # # Use inetd instead of daemon # ATFTPD_USE_INETD="no" ## Type: string ## Default: "/srv/tftpboot" ## was "/tftpboot" but ## "/tftpboot" is not allowed anymore in FHS 2.2. # # TFTP directory must be a world readable/writable directory. # By default /srv/tftpboot is assumed. # ATFTPD_DIRECTORY="/srv/tftpboot" ## Type: string ## Default: "" # # Whitespace seperated list of IP addresses which ATFTPD binds to. # One instance of the service is started on each IP address. # By default atftpd will listen on all available IP addresses/interfaces. # ATFTPD_BIND_ADDRESSES=""

1 0

commit atftp for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package atftp for openSUSE:13.1:Update checked in at 2015-07-02 09:35:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/atftp (Old) and /work/SRC/openSUSE:13.1:Update/.atftp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "atftp" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ --- /var/tmp/diff_new_pack.sFIJTD/_old 2015-07-02 09:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.sFIJTD/_new 2015-07-02 09:35:17.000000000 +0200 @@ -1 +1 @@ -<link package='atftp.3853' cicount='copy' /> +<link package='atftp.3860' cicount='copy' />

1 0

commit patchinfo.3870 for openSUSE:13.2:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package patchinfo.3870 for openSUSE:13.2:Update checked in at 2015-07-02 09:08:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.3870 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.3870.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.3870" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3870"> <packager>darix</packager> <issue tracker="bnc" id="912212">VUL-0: CVE-2012-6684: rubygem-RedCloth: XSS vulnerability</issue> <issue tracker="cve" id="CVE-2012-6684"></issue> <category>security</category> <rating>moderate</rating> <summary>Security update for rubygem-RedCloth</summary> <description>rubygem-RedCloth was updated to fix one security issue. The following vulnerability was fixed: CVE-2012-6684: A cross-site scripting (XSS) vulnerability allowed remote attackers to inject arbitrary web script or HTML via a javascript: URI (boo#912212) </description> </patchinfo>

1 0

commit rubygem-RedCloth.3870 for openSUSE:13.1:Update
by root＠hilbert.suse.de 02 Jul '15

02 Jul '15

Hello community, here is the log from the commit of package rubygem-RedCloth.3870 for openSUSE:13.1:Update checked in at 2015-07-02 09:08:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/rubygem-RedCloth.3870 (Old) and /work/SRC/openSUSE:13.1:Update/.rubygem-RedCloth.3870.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-RedCloth.3870" Changes: -------- New Changes file: --- /dev/null 2015-06-25 09:04:34.320025005 +0200 +++ /work/SRC/openSUSE:13.1:Update/.rubygem-RedCloth.3870.new/rubygem-RedCloth.changes 2015-07-02 09:08:51.000000000 +0200 @@ -0,0 +1,98 @@ +------------------------------------------------------------------- +Mon Jun 15 17:03:25 UTC 2015 - mrueckert(a)suse.de + +- pulled patches from debian package for boo #912212 CVE-2012-6684 + adds the following patch: + 0001-Filter-out-javascript-links-when-using-filter_html-o.patch + +------------------------------------------------------------------- +Tue Jul 17 09:55:23 UTC 2012 - coolo(a)suse.com + +- update to 4.2.9 + * Fix RbConfig / Config warning in Ruby 1.9.3. [Steve Purcell, Robert Gleeson, and unclaimedbaggage] + * Use RSTRING_NOT_MODIFIED header for Rubinius [Dirkjan Bussink] + +------------------------------------------------------------------- +Mon Feb 13 10:55:09 UTC 2012 - coolo(a)suse.com + +- patch license to follow spdx.org standard + +------------------------------------------------------------------- +Sun Sep 18 00:27:41 UTC 2011 - mrueckert(a)suse.de + +- update to version 4.2.8 + * Do not treat warnings as errors so it compiles cleanly. + [Tomasz Wałkuski] + +------------------------------------------------------------------- +Wed Jul 27 14:02:55 UTC 2011 - fcastelli(a)novell.com + +- Fix build on SLE + +------------------------------------------------------------------- +Thu Jul 21 12:05:08 UTC 2011 - fcastelli(a)novell.com + +- update to version 4.2.7 + * Fixed typo in gemspec to make case-sensitive require + work. [Gabe da Silveira] + * Tested installing the gem and requiring it with both cases on + Ubuntu 8.04, 10.10 and OS X Version 10.6.6. + * Have spaces around the en-dash in LaTeX [Benjamin Quorning] + * Turned double-quote close to smart quotes in LaTeX [Jonathan D. Blake] + * Add case-sensitive require back into the gemspec. + * Fix rdoc options in gemspec. + * Fix bundler and rubygems-test incompatibilities. Working around bug: + https://github.com/carlhuda/bundler/issues/issue/1021 + * Add .gemtest to opt-in to rubygems-test program (gem install + rubygems-test to participate) + * Allow attributes to be set on hr and br tags [Jesse Stormier] + * Fix dangling <li> [Stephen Bannasch] + * Switch to bundler and rake-compiler for gem management/compilation + * Fix invalid YAML for Ruby 1.9.2 [Aaron Patterson]- + +------------------------------------------------------------------- +Mon Jun 14 15:59:59 UTC 2010 - mrueckert(a)suse.de + +- update to version 4.2.3 + * Allow quotes in styles so you can do things like listing + font-families. [Jason Garber] + * Fix uninitialized constant + Gem::Specification::PLATFORM_CROSS_TARGETS in Rails + [Jason Garber] + * Allow uppercase letters in class and ID attributes even though + it's invalid [Jason Garber] + * Fix compatibility with newer Echoe, by using full-name for + Platform [Flameeyes] + * Fixes for PPC/PPC64 [Flameeyes] + * Added a modified copy of 'Textile Reference' to a doc folder + [codesponge] + * Add footnote return links [Jonathan Rudenberg] + * Add bug report link to the README + +------------------------------------------------------------------- +Fri Jun 11 10:00:01 UTC 2010 - mrueckert(a)suse.de + +- use rubygems_requires macro + +------------------------------------------------------------------- +Mon Aug 31 11:44:21 CEST 2009 - dmacvicar(a)novell.com + +- update to 4.2.2 + +------------------------------------------------------------------- +Thu Nov 6 15:29:39 CET 2008 - mrueckert(a)suse.de + +- Fix build: we dont have ruby18 + +------------------------------------------------------------------- +Wed Jun 21 01:19:19 CEST 2006 - mrueckert(a)suse.de + +- use rubygems_with_buildroot_patch instead of the versioned + buildrequires + +------------------------------------------------------------------- +Mon Jun 19 19:42:28 CEST 2006 - mrueckert(a)suse.de + +- Initial package version 3.0.4 + + New: ---- 0001-Filter-out-javascript-links-when-using-filter_html-o.patch RedCloth-4.2.9.gem rubygem-RedCloth-rpmlintrc rubygem-RedCloth.changes rubygem-RedCloth.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-RedCloth.spec ++++++ # # spec file for package rubygem-RedCloth # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: rubygem-RedCloth Version: 4.2.9 Release: 0 %define mod_name RedCloth %define mod_full_name %{mod_name}-%{version} # # BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fastjar BuildRequires: fdupes BuildRequires: rubygems_with_buildroot_patch %rubygems_requires # Url: http://redcloth.org Source: %{mod_full_name}.gem # # MANUAL Patch0: 0001-Filter-out-javascript-links-when-using-filter_html-o.patch # /MANUAL Summary: Textile parser for Ruby License: BSD-3-Clause Group: Development/Languages/Ruby %description Textile parser for Ruby. %package doc Summary: RDoc documentation for %{mod_name} Group: Development/Languages/Ruby Requires: %{name} = %{version} %description doc Documentation generated at gem installation time. Usually in RDoc and RI formats. %package testsuite Summary: Test suite for %{mod_name} Group: Development/Languages/Ruby Requires: %{name} = %{version} %description testsuite Test::Unit or RSpec files, useful for developers. %prep %gem_unpack %patch0 -p1 %gem_build %build %install %gem_install -f %gem_cleanup %fdupes %{buildroot}/%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}/ %clean %{__rm} -rf %{buildroot} %files %defattr(-,root,root,-) %{_bindir}/redcloth %{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_full_name}.gem %{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ %exclude %{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/spec %{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_full_name}.gemspec %files doc %defattr(-,root,root,-) %doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_full_name}/ %files testsuite %defattr(-,root,root,-) %{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/spec %changelog ++++++ 0001-Filter-out-javascript-links-when-using-filter_html-o.patch ++++++ >From b3d82f0c3a354a2f589e1fd43f5f1d7e427b530e Mon Sep 17 00:00:00 2001 From: Antonio Terceiro <terceiro(a)debian.org> Date: Sat, 7 Feb 2015 23:27:39 -0200 Subject: [PATCH] Filter out 'javascript:' links when using filter_html or sanitize_html This is a fix for CVE-2012-6684 --- lib/redcloth/formatters/html.rb | 6 +++++- spec/security/CVE-2012-6684_spec.rb | 14 ++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 spec/security/CVE-2012-6684_spec.rb diff --git a/lib/redcloth/formatters/html.rb b/lib/redcloth/formatters/html.rb index bfadfb7..b8793b2 100644 --- a/lib/redcloth/formatters/html.rb +++ b/lib/redcloth/formatters/html.rb @@ -111,7 +111,11 @@ module RedCloth::Formatters::HTML end def link(opts) - "<a href=\"#{escape_attribute opts[:href]}\"#{pba(opts)}>#{opts[:name]}</a>" + if (filter_html || sanitize_html) && opts[:href] =~ /^\s*javascript:/ + opts[:name] + else + "<a href=\"#{escape_attribute opts[:href]}\"#{pba(opts)}>#{opts[:name]}</a>" + end end def image(opts) diff --git a/spec/security/CVE-2012-6684_spec.rb b/spec/security/CVE-2012-6684_spec.rb new file mode 100644 index 0000000..05219fd --- /dev/null +++ b/spec/security/CVE-2012-6684_spec.rb @@ -0,0 +1,14 @@ +# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6684 + +require 'redcloth' + +describe 'CVE-2012-6684' do + + it 'should not let javascript links pass through' do + # PoC from http://co3k.org/blog/redcloth-unfixed-xss-en + output = RedCloth.new('["clickme":javascript:alert(%27XSS%27)]', [:filter_html, :filter_styles, :filter_classes, :filter_ids]).to_html + expect(output).to_not match(/href=.javascript:alert/) + end + + +end -- 2.1.4 ++++++ rubygem-RedCloth-rpmlintrc ++++++ addFilter("devel-file-in-non-devel-package")

1 0