Hello community,
here is the log from the commit of package pidentd for openSUSE:Factory checked in at 2017-08-08 11:58:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pidentd (Old)
and /work/SRC/openSUSE:Factory/.pidentd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pidentd"
Tue Aug 8 11:58:28 2017 rev:19 rq:504898 version:3.0.19
Changes:
--------
--- /work/SRC/openSUSE:Factory/pidentd/pidentd.changes 2012-05-25 16:18:22.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.pidentd.new/pidentd.changes 2017-08-08 11:58:32.365940555 +0200
@@ -1,0 +2,30 @@
+Fri Jun 16 07:58:42 UTC 2017 - tchvatal@suse.com
+
+- Switch to github url
+- Remove pidentd-SuSE.tar.bz2 as it contains only sysv initscript
+- Remove xinetd service as we should be using socket activation if needed
+ (atm it really is not required so do not provide it by default)
+- Switch to released upstream tarball 3.0.19 used by all other distributions
+- Drop all the patches, upstream seem to merge or include them one
+ way or another:
+ * pidentd-3.1a25-allocfix.diff
+ * pidentd-3.1a25-autoconf.diff
+ * pidentd-3.1a25-autoheader.diff
+ * pidentd-3.1a25-buffer-overflow.diff
+ * pidentd-3.1a25-config.diff
+ * pidentd-3.1a25-fmt.diff
+ * pidentd-3.1a25-ipv6.diff
+ * pidentd-3.1a25-prototypes.diff
+ * pidentd-3.1a25-send.diff
+ * pidentd-3.1a25-warnings-fix.diff
+- Add patch to respect destdir in install:
+ * pidentd-destdir.patch
+- Add patch from debian:
+ * 01-legacy.patch
+- Add patch to fix gcc errors found by brp checks:
+ * pidentd-rpmlint-gcc-checks.patch
+- Add patch to not include date/time in binaries:
+ * pidentd-no-date.patch
+- Install proper systemd service
+
+-------------------------------------------------------------------
Old:
----
pidentd-3.1a25-allocfix.diff
pidentd-3.1a25-autoconf.diff
pidentd-3.1a25-autoheader.diff
pidentd-3.1a25-buffer-overflow.diff
pidentd-3.1a25-config.diff
pidentd-3.1a25-fmt.diff
pidentd-3.1a25-ipv6.diff
pidentd-3.1a25-prototypes.diff
pidentd-3.1a25-send.diff
pidentd-3.1a25-warnings-fix.diff
pidentd-3.1a25.tar.bz2
pidentd-SuSE.tar.bz2
pidentd.xinetd
New:
----
01-legacy.patch
pidentd-destdir.patch
pidentd-no-date.patch
pidentd-rpmlint-gcc-checks.patch
pidentd.service
v3.0.19.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pidentd.spec ++++++
--- /var/tmp/diff_new_pack.P3tA6q/_old 2017-08-08 11:58:36.245394160 +0200
+++ /var/tmp/diff_new_pack.P3tA6q/_new 2017-08-08 11:58:36.269390780 +0200
@@ -1,7 +1,7 @@
#
# spec file for package pidentd
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,28 +17,19 @@
Name: pidentd
-PreReq: %insserv_prereq %fillup_prereq
-Provides: nkitb:/usr/sbin/in.identd
-Version: 3.1a25
+Version: 3.0.19
Release: 0
Summary: An Implementation of the RFC1413 Identification Server
License: GPL-2.0+
Group: Productivity/Networking/System
-Url: http://sf.www.lysator.liu.se/~pen/pidentd/
-Source: %{name}-%{version}.tar.bz2
-Source1: %{name}-SuSE.tar.bz2
-Source2: %{name}.xinetd
-Patch0: %{name}-%{version}-config.diff
-Patch1: %{name}-%{version}-allocfix.diff
-Patch2: %{name}-%{version}-buffer-overflow.diff
-Patch3: %{name}-%{version}-fmt.diff
-Patch4: %{name}-%{version}-prototypes.diff
-Patch5: %{name}-%{version}-autoconf.diff
-Patch6: %{name}-%{version}-warnings-fix.diff
-Patch7: %{name}-%{version}-send.diff
-Patch8: %{name}-%{version}-ipv6.diff
-Patch9: %{name}-%{version}-autoheader.diff
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Url: https://github.com/ptrrkssn/pidentd
+Source: https://github.com/ptrrkssn/pidentd/archive/v%{version}.tar.gz
+Source1: pidentd.service
+Patch0: pidentd-destdir.patch
+Patch1: 01-legacy.patch
+Patch2: pidentd-rpmlint-gcc-checks.patch
+Patch3: pidentd-no-date.patch
+BuildRequires: autoconf
BuildRequires: libtool
Requires: inet-daemon
@@ -47,77 +38,53 @@
server. Identd looks up specific TCP/IP connections and returns the
user name and other information about the connection.
-
-
-Authors:
---------
- Peter Eriksson
-
-%define prefix /usr
-
%prep
-%setup -q -a 1
-%patch0
-%patch1
-%patch2
-%patch3
-%patch4
-%patch5
-%patch6
-%patch7
-%patch8
-%patch9 -p1
+%setup -q
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
%build
-# files are not copied by autoreconf since package doesn't use automake
-cp -v /usr/share/automake-*/config.* aux/
-cp -v /usr/share/automake-*/config.* plib/aux/
-aclocal --force
-autoreconf --force --install
-(cd plib
- libtoolize --force
- aclocal --force
- autoconf --force
-)
-CFLAGS="$RPM_OPT_FLAGS -Wall" \
- ./configure \
- --prefix=%{prefix} \
- --sysconfdir=%{_sysconfdir} \
- --mandir=%{_mandir} \
- --infodir=%{_infodir} \
- --with-threads=yes
-make
+autoconf
+%configure
+make %{?_smp_mflags}
%install
-install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man8
-install -d -m 755 $RPM_BUILD_ROOT/etc/xinetd.d
-cp -a SuSE/* $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT/ install
-install -m 0644 etc/identd.conf $RPM_BUILD_ROOT/etc/identd.conf
-mv $RPM_BUILD_ROOT%{_sbindir}/identd $RPM_BUILD_ROOT%{_sbindir}/in.identd
-echo ".so man8/identd.8" > $RPM_BUILD_ROOT%{_mandir}/man8/in.identd.8
-install -m 644 %{S:2} $RPM_BUILD_ROOT/etc/xinetd.d/pidentd
+%make_install
+install -D -m 0644 etc/identd.conf %{buildroot}%{_sysconfdir}/identd.conf
+ln -s identd %{buildroot}%{_sbindir}/in.identd
+echo ".so man8/identd.8" > %{buildroot}%{_mandir}/man8/in.identd.8
+
+ln -s service %{buildroot}%{_sbindir}/rcidentd
+install -D -m 0644 %{SOURCE1} %{buildroot}/%{_unitdir}/identd.service
+
+mkdir -p %{buildroot}%{_tmpfilesdir}
+cat > %{buildroot}%{_tmpfilesdir}/pidentd.conf <status)
{
+ case 2:
+ send_error(fd,
+ local_port, remote_port,
+ "HIDDEN-USER",
+ remote_addr);
+ break;
+
case 1:
send_result(fd, kp);
break;
@@ -188,8 +195,9 @@ request_thread(void *vp)
got = s_read(rp->fd, buf+len, sizeof(buf)-len-1);
if (got < 0)
{
- syslog(LOG_ERR, "request_thread: read(%d, ..., %d) failed: %m",
- rp->fd, sizeof(buf)-len-1);
+ if (debug)
+ fprintf(stderr, "request_thread: read(%d, ..., %d) failed: %s",
+ rp->fd, sizeof(buf)-len-1, strerror(errno));
goto Exit;
}
Index: pidentd-3.0.19.ds1/src/safeio.c
===================================================================
--- pidentd-3.0.19.ds1.orig/src/safeio.c
+++ pidentd-3.0.19.ds1/src/safeio.c
@@ -327,3 +327,18 @@ s_snprintf(char *buf,
return retcode;
}
+
+
+
+int
+s_poll(struct pollfd *ufds,
+ unsigned int nfds,
+ int timeout)
+{
+ int code;
+
+ while ((code = poll(ufds, nfds, timeout)) == -1 && errno == EINTR)
+ ;
+
+ return code;
+}
Index: pidentd-3.0.19.ds1/src/safeio.h
===================================================================
--- pidentd-3.0.19.ds1.orig/src/safeio.h
+++ pidentd-3.0.19.ds1/src/safeio.h
@@ -15,6 +15,8 @@
#ifndef PIDENTD_SAFEIO_H
#define PIDENTD_SAFEIO_H
+#include
+
extern void s_abort(void);
extern int s_open(const char *path, int oflag, ...);
@@ -37,4 +39,5 @@ extern int s_snprintf(char *buf,
size_t bufsize,
const char *format, ...);
+extern int s_poll(struct pollfd *, unsigned int, int);
#endif
Index: pidentd-3.0.19.ds1/src/main.c
===================================================================
--- pidentd-3.0.19.ds1.orig/src/main.c
+++ pidentd-3.0.19.ds1/src/main.c
@@ -377,7 +377,12 @@ main(int argc, char *argv[])
{
if (!debug && pidfile_path != NULL)
pidfile_create(pidfile_path);
-
+
+ if (listen_sock < 0)
+ {
+ request_timeout = 0;
+ }
+
if (server_init() < 0)
{
if (debug)
Index: pidentd-3.0.19.ds1/src/server.c
===================================================================
--- pidentd-3.0.19.ds1.orig/src/server.c
+++ pidentd-3.0.19.ds1/src/server.c
@@ -15,11 +15,14 @@
#include "config.h"
#include
+#include
#include
#include
#include
#include
#include
+#include
+#include
#include "pidentd.h"
@@ -115,10 +118,29 @@ server_init(void)
int
server_run(void)
{
+ struct pollfd ufds[1];
int fd;
-
+ int timeout = request_timeout <= 0 ? -1 : request_timeout * 1000;
+ int retval;
+
+ if (fcntl(listen_sock, F_SETFL, O_NONBLOCK) == -1)
+ {
+ syslog(LOG_ERR, "fcntl() failed: %m");
+ return -1;
+ }
+
+ ufds[0].fd = listen_sock;
+ ufds[0].events = POLLIN;
while (1)
{
+ if ((retval = s_poll(ufds, 1, timeout)) == -1)
+ {
+ syslog(LOG_ERR, "poll() failed: %m");
+ return -1;
+ }
+ else if (retval == 0)
+ break;
+
fd = s_accept(listen_sock, NULL, NULL);
if (fd < 0)
{
@@ -139,4 +161,8 @@ server_run(void)
request_run(fd, 0);
}
+
+ if (debug)
+ fprintf(stderr, "accept() timed out\n");
+ exit(0);
}
Index: pidentd-3.0.19.ds1/src/pidentd.h
===================================================================
--- pidentd-3.0.19.ds1.orig/src/pidentd.h
+++ pidentd-3.0.19.ds1/src/pidentd.h
@@ -42,7 +42,7 @@
#endif
#ifndef PATH_PIDFILE
-#define PATH_PIDFILE "/etc/identd.pid"
+#define PATH_PIDFILE "/var/run/identd/identd.pid"
#endif
#ifndef PATH_CFGFILE
Index: pidentd-3.0.19.ds1/src/k_linux.c
===================================================================
--- pidentd-3.0.19.ds1.orig/src/k_linux.c
+++ pidentd-3.0.19.ds1/src/k_linux.c
@@ -17,15 +17,28 @@
#include
#include
#include
+#include
#include
#include
#include
#include
+#include
#include
+#include
+#include
+#include
+
#include "pidentd.h"
+struct kainfo
+{
+ int nlfd;
+ __u32 seq;
+ FILE *proc_net_tcp;
+};
+
/*
** Make sure we are running on a supported OS version
*/
@@ -39,23 +52,85 @@ ka_init(void)
int
ka_open(void **misc)
{
- FILE *fp;
+ struct kainfo *kp;
+
+ kp = s_malloc(sizeof(*kp));
+ kp->seq = 0;
+ kp->nlfd = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_INET_DIAG);
+ if (kp->nlfd >= 0)
+ goto out;
- while ((fp = fopen("/proc/net/tcp", "r")) == NULL && errno == EINTR)
- ;
+ syslog(LOG_INFO, "netlink failed, fallback to /proc/net/tcp: %m");
+ kp->proc_net_tcp = fopen("/proc/net/tcp", "r");
- if (fp == NULL)
+ if (kp->proc_net_tcp == NULL)
{
syslog(LOG_ERR, "fopen(\"/proc/net/tcp\", \"r\"): %m");
return -1;
}
- *misc = (void *) fp;
+out:
+ *misc = (void *) kp;
return 0;
}
+static int
+netlink_lookup(struct kainfo *kip, struct kernel *kp)
+{
+ int status;
+ struct {
+ struct nlmsghdr nlh;
+ union {
+ struct inet_diag_req req;
+ struct inet_diag_msg rsp;
+ } u;
+ } buf;
+ struct sockaddr_nl addr;
+
+ memset(&buf, 0, sizeof(buf));
+ buf.nlh.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(buf.u.req)));
+ buf.nlh.nlmsg_type = TCPDIAG_GETSOCK;
+ buf.nlh.nlmsg_flags = NLM_F_REQUEST;
+ buf.nlh.nlmsg_seq = ++kip->seq;
+ buf.u.req.idiag_family = AF_INET;
+
+ buf.u.req.id.idiag_dport = kp->remote.sin_port;
+ buf.u.req.id.idiag_sport = kp->local.sin_port;
+ buf.u.req.id.idiag_dst[0] = kp->remote.sin_addr.s_addr;
+ buf.u.req.id.idiag_src[0] = kp->local.sin_addr.s_addr;
+ buf.u.req.id.idiag_cookie[0] = INET_DIAG_NOCOOKIE;
+ buf.u.req.id.idiag_cookie[1] = INET_DIAG_NOCOOKIE;
+
+ status = write(kip->nlfd, &buf, buf.nlh.nlmsg_len);
+ if (status < 0) {
+ syslog(LOG_ERR, "netlink_lookup: write failed: %m");
+ return 3;
+ }
+
+ do {
+ socklen_t alen = sizeof(addr);
+ status = recvfrom(kip->nlfd, &buf, sizeof(buf), 0,
+ (void *)&addr, &alen);
+ if (status < 0) {
+ if (errno == ENOBUFS)
+ return -1;
+ syslog(LOG_ERR, "netlink_lookup: recvfrom failed: %m");
+ return 3;
+ }
+ } while (addr.nl_pid || buf.nlh.nlmsg_seq != kip->seq);
+
+ if (buf.nlh.nlmsg_type != TCPDIAG_GETSOCK)
+ return 0;
+ if (buf.u.rsp.idiag_state != TCP_ESTABLISHED)
+ return 0;
+
+ kp->euid = buf.u.rsp.idiag_uid;
+ return 1;
+}
+
+
int
ka_lookup(void *vp, struct kernel *kp)
{
@@ -66,6 +141,9 @@ ka_lookup(void *vp, struct kernel *kp)
int r_lport, r_rport, mylport, myrport;
int euid;
int nra;
+ int status;
+ unsigned long ino;
+ struct kainfo *kip;
/*
* PSz 11 Dec 02
@@ -94,23 +172,28 @@ ka_lookup(void *vp, struct kernel *kp)
*
* Should we skip lines with just ino, or both uid and ino, zero?
*/
- unsigned long int ino;
-
+
+ kip = (struct kainfo *)vp;
+ kp->ruid = NO_UID;
+
+ if (kip->nlfd >= 0)
+ return netlink_lookup(kip, kp);
+
r_rport = ntohs(kp->remote.sin_port);
r_lport = ntohs(kp->local.sin_port);
r_raddr = kp->remote.sin_addr.s_addr;
r_laddr = kp->local.sin_addr.s_addr;
- fp = (FILE *) vp;
+ fp = kip->proc_net_tcp;
- kp->ruid = NO_UID;
rewind(fp);
/* eat header */
if (fgets(buf, sizeof(buf)-1,fp) == NULL)
return -1;
+ status = 0;
while (fgets(buf, sizeof(buf)-1, fp) != NULL)
{
nra = sscanf(buf, "%d: %lX:%x %lX:%x %x %lX:%lX %x:%lX %lx %d %ld %lu",
@@ -119,9 +202,10 @@ ka_lookup(void *vp, struct kernel *kp)
&euid, &dummy, &ino);
if (nra >= 12)
{
- if (myladdr == r_laddr && mylport == r_lport &&
- myraddr == r_raddr && myrport == r_rport)
+ if (myladdr == r_laddr && mylport == r_lport)
{
+ if (myraddr != r_raddr || myrport != r_rport || !ino)
+ continue;
if (nra >= 14 && euid == 0 && ino == 0) {
/*
* Both uid and ino are zero: not even a socket?
@@ -131,11 +215,11 @@ ka_lookup(void *vp, struct kernel *kp)
continue;
}
kp->euid = euid;
- return 1;
+ status = 1;
}
}
}
- return -1;
+ return status;
}
Index: pidentd-3.0.19.ds1/src/kernel.c
===================================================================
--- pidentd-3.0.19.ds1.orig/src/kernel.c
+++ pidentd-3.0.19.ds1/src/kernel.c
@@ -107,7 +107,7 @@ kernel_thread(void *vp)
if (debug)
fprintf(stderr, "ka_lookup(), attempt = %d, status = %d\n",
attempt, kp->status);
- if (kp->status > 0)
+ if (kp->status >= 0)
break;
if (attempt > 2 && (attempt & 1) == 1)
++++++ pidentd-destdir.patch ++++++
Index: pidentd-3.0.19/src/Makefile.in
===================================================================
--- pidentd-3.0.19.orig/src/Makefile.in
+++ pidentd-3.0.19/src/Makefile.in
@@ -60,9 +60,9 @@ c_osinfo.o: gen_osinfo.o support.o safei
# Installing
install: $(PROGRAMS)
- -mkdir -p $(sbindir)
+ -mkdir -p $(DESTDIR)$(sbindir)
for P in $(PROGRAMS) ; do \
- $(INSTALL) -m 755 $${P} $(sbindir); \
+ $(INSTALL) -m 755 $${P} $(DESTDIR)$(sbindir); \
done
# -mkdir -p $(etcdir)
# $(INSTALL) -m 644 identd.conf $(etcdir)
Index: pidentd-3.0.19/Makefile.in
===================================================================
--- pidentd-3.0.19.orig/Makefile.in
+++ pidentd-3.0.19/Makefile.in
@@ -26,8 +26,8 @@ all identd ibench itest @CRYPTO_PROGRAMS
install:
@cd src ; $(MAKE) $@ CC="$(CC)" CFLAGS="$(MY_CFLAGS)" LDFLAGS="$(LDFLAGS)" install
- -mkdir -p $(mandir)/man8
- $(INSTALL) -m 644 $(srcdir)/doc/identd.8 $(mandir)/man8
+ -mkdir -p $(DESTDIR)$(mandir)/man8
+ $(INSTALL) -m 644 $(srcdir)/doc/identd.8 $(DESTDIR)$(mandir)/man8
clean mostlyclean:
++++++ pidentd-no-date.patch ++++++
Index: pidentd-3.0.19/src/ikeygen.c
===================================================================
--- pidentd-3.0.19.orig/src/ikeygen.c
+++ pidentd-3.0.19/src/ikeygen.c
@@ -105,8 +105,8 @@ usage(FILE *fp)
void
program_header(FILE *fp)
{
- fprintf(fp, "[Ikeygen, version %s - %s %s]\n",
- server_version, __DATE__, __TIME__);
+ fprintf(fp, "[Ikeygen, version %s]\n",
+ server_version);
}
Index: pidentd-3.0.19/src/main.c
===================================================================
--- pidentd-3.0.19.orig/src/main.c
+++ pidentd-3.0.19/src/main.c
@@ -88,9 +88,8 @@ usage(FILE *fp)
static void
program_header(FILE *fp)
{
- fprintf(fp, "[Pidentd, version %s (compiled for %s) - %s %s]\n",
- server_version, osinfo_build,
- __DATE__, __TIME__);
+ fprintf(fp, "[Pidentd, version %s (compiled for %s)]\n",
+ server_version, osinfo_build);
}
void
Index: pidentd-3.0.19/src/send.c
===================================================================
--- pidentd-3.0.19.orig/src/send.c
+++ pidentd-3.0.19/src/send.c
@@ -170,9 +170,9 @@ send_version(int fd,
char buf[1024], buf2[32];
s_snprintf(buf, sizeof(buf),
- "0 , 0 : X-VERSION : pidentd %s for %s (%s %s)\r\n",
+ "0 , 0 : X-VERSION : pidentd %s for %s\r\n",
server_version,
- osinfo_build, __DATE__, __TIME__);
+ osinfo_build);
s_write(fd, buf, strlen(buf));
++++++ pidentd-rpmlint-gcc-checks.patch ++++++
Index: pidentd-3.0.19/src/k_linux.c
===================================================================
--- pidentd-3.0.19.orig/src/k_linux.c
+++ pidentd-3.0.19/src/k_linux.c
@@ -14,6 +14,7 @@
#include "config.h"
+#include
#include
#include
#include
Index: pidentd-3.0.19/src/main.c
===================================================================
--- pidentd-3.0.19.orig/src/main.c
+++ pidentd-3.0.19/src/main.c
@@ -21,6 +21,9 @@
#ifdef HAVE_UNISTD_H
#include
#endif
+#include
+#include
+#include
#include
#include "pidentd.h"
++++++ pidentd.service ++++++
[Unit]
Description=The identd server provides a means to determine user identity for TCP connection
After=network.target
[Service]
ExecStart=/usr/sbin/identd -i -e -I
[Install]
WantedBy=multi-user.target