If a signal was delivered while the main thread was not in poll(2) and after
check was performed, we could reenter poll and never detect termination. Fix
this with the pipefd trick. (This race was introduced very recently, in
r327482.)
PR: 224503
Reported by: kib
Reviewed by: kib, markj
Sponsored by: Dell EMC Isilon
Add missed unistd.h include. Not sure where it was lost; I believe it
compiled before I submitted the change.
PR: 224503
Reported by: Cy Schubert <Cy.Schubert AT komquats.com>
Sponsored by: Dell EMC Isilon
syslog(3), routines used in write_warmstart(), and exit(3) are all
signal-unsafe. Instead, set a signal-safe flag and check the flag in the
rpcbind main loop to shutdown safely.
PR: 224503
Reviewed by: kib, markj
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D13728
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older
versions of FreeBSD but fixed in r296394. Give them some use
hoping they help make the code somewhat more readable.
transport specific form of a universal transport address. The
structure is expected to be opaque to consumers. In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.
In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer. When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.
Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.
Security: FreeBSD-SA-15:24.rpcbind
Security: CVE-2015-7236
- Use '\0' for a char instead of NULL.
- Explicitly compare against the global `nullstring' to determine if
a non-NULL uaddr is not malloc'd.
- Remove some unnecessary casting of the argument to free().
- In rpcbproc_callit_com(), move the freeing of m_uaddr to the
cleanup code at the end of the function.
- To avoid confusion and possible alignment problems, change
netbufdup() to allocate the netbuf struct and the sockaddr buffer
separately, and change netbuffree() accordingly. This makes it
produce netbufs that are consistent with all other netbufs in
rpcbind.
function has a return type of u_int32_t, into which it was somehow
supposed to encode:
* A valid 32-bit XID (which could be any value including 0).
* 0, meaning a duplicate request.
* -1, meaning a malloc failed (!);
We now ensure that all XIDs are non-zero, and pass the XID out via
a pointer argument.
In forward_find() and free_slot_by_xid(), remove an unnecessary
and confusing test for a negative result from an unsigned modulo
operation, but add an unnecessary cast to highlight why.
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)
Make __rpc_get_local_uid() useable and give it prototype that's
visible.
Fix some issues with printing out usernames from rpcbind and keyserv.
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
