[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
rpms/net-snmp/FC-3 net-snmp-5.1-mktemp.diff, NONE, 1.1 net-snmp-5.1.2-free_session.patch, NONE, 1.1 net-snmp-5.2.1-clear_callback3.patch, NONE, 1.1 net-snmp-5.2.1-ethtool.patch, NONE, 1.1 net-snmp.spec, 1.25, 1.26
- From: fedora-cvs-commits redhat com
- To: fedora-cvs-commits redhat com
- Subject: rpms/net-snmp/FC-3 net-snmp-5.1-mktemp.diff, NONE, 1.1 net-snmp-5.1.2-free_session.patch, NONE, 1.1 net-snmp-5.2.1-clear_callback3.patch, NONE, 1.1 net-snmp-5.2.1-ethtool.patch, NONE, 1.1 net-snmp.spec, 1.25, 1.26
- Date: Wed, 13 Jul 2005 06:31:44 -0400
Author: rvokal
Update of /cvs/dist/rpms/net-snmp/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv855
Modified Files:
net-snmp.spec
Added Files:
net-snmp-5.1-mktemp.diff net-snmp-5.1.2-free_session.patch
net-snmp-5.2.1-clear_callback3.patch
net-snmp-5.2.1-ethtool.patch
Log Message:
- CAN-2005-2177 new upstream version fixing DoS (#162908)
- CAN-2005-1740 net-snmp insecure temporary file usage (#158770)
- session free fixed, agentx modules build fine (#157851)
- report gigabit Ethernet speeds using Ethtool (#152480)
net-snmp-5.1-mktemp.diff:
fixproc | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE net-snmp-5.1-mktemp.diff ---
--- local/fixproc
+++ local/fixproc
@@ -231,7 +231,7 @@
{
# it must be "shell", so execute the shell script defined in database
- local ($tmpfile) = "/tmp/fix_$$";
+ local ($tmpfile) = `mktemp /tmp/fix.XXXXXXXX`;
&create_sh_script ($fix{$proc}, $tmpfile);
@@ -262,7 +262,7 @@
# if not "exist", then it must be "shell", so execute the shell script
# defined in database
- local ($tmpfile) = "/tmp/check_$$";
+ local ($tmpfile) = `mktemp /tmp/check.XXXXXXXX`;
&create_sh_script ($check{$proc}, $tmpfile);
net-snmp-5.1.2-free_session.patch:
include/net-snmp/library/callback.h | 1 +
snmplib/callback.c | 8 ++++++++
snmplib/snmp_api.c | 2 ++
3 files changed, 11 insertions(+)
--- NEW FILE net-snmp-5.1.2-free_session.patch ---
diff -Naurp net-snmp-5.1.2/include/net-snmp/library/callback.h net-snmp-5.1.2.n/include/net-snmp/library/callback.h
--- net-snmp-5.1.2/include/net-snmp/library/callback.h 2003-07-14 03:19:23.000000000 +0900
+++ net-snmp-5.1.2.n/include/net-snmp/library/callback.h 2005-04-14 13:47:33.266223350 +0900
@@ -57,6 +57,7 @@ extern "C" {
SNMPCallback * new_callback,
void *arg, int matchargs);
void clear_callback (void);
+ void clear_callback_session (void *session);
struct snmp_gen_callback *snmp_callback_list(int major, int minor);
#ifdef __cplusplus
diff -Naurp net-snmp-5.1.2/snmplib/callback.c net-snmp-5.1.2.n/snmplib/callback.c
--- net-snmp-5.1.2/snmplib/callback.c 2005-04-14 13:48:19.368930822 +0900
+++ net-snmp-5.1.2.n/snmplib/callback.c 2005-04-14 13:47:21.231636714 +0900
@@ -341,6 +341,14 @@ clear_callback(void)
}
}
+void
+clear_callback_session(void*session)
+{
+
+ _remove_duplicates(session, 0, 0);
+
+}
+
struct snmp_gen_callback *
snmp_callback_list(int major, int minor)
{
diff -Naurp net-snmp-5.1.2/snmplib/snmp_api.c net-snmp-5.1.2.n/snmplib/snmp_api.c
--- net-snmp-5.1.2/snmplib/snmp_api.c 2004-06-21 19:02:15.000000000 +0900
+++ net-snmp-5.1.2.n/snmplib/snmp_api.c 2005-04-14 13:47:21.233589438 +0900
@@ -1690,6 +1690,8 @@ snmp_free_session(netsnmp_session * s)
SNMP_FREE(s->securityName);
SNMP_FREE(s->securityAuthProto);
SNMP_FREE(s->securityPrivProto);
+ /* session information already frees in snmp_shutdown. */
+ clear_callback_session(s);
free((char *) s);
}
}
net-snmp-5.2.1-clear_callback3.patch:
callback.c | 46 ++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 44 insertions(+), 2 deletions(-)
--- NEW FILE net-snmp-5.2.1-clear_callback3.patch ---
--- net-snmp-5.2.1/snmplib/callback.c.callback3 2005-05-18 11:17:59.000000000 +0200
+++ net-snmp-5.2.1/snmplib/callback.c 2005-05-18 11:25:36.000000000 +0200
@@ -45,6 +45,10 @@
#include <net-snmp/library/callback.h>
#include <net-snmp/library/snmp_api.h>
+
+static void _remove_duplicates(void *ptr, int x, int y);
+
+
static struct snmp_gen_callback
*thecallbacks[MAX_CALLBACK_IDS][MAX_CALLBACK_SUBIDS];
@@ -335,11 +339,34 @@
return count;
}
+static void
+_remove_duplicates(void *ptr, int x, int y)
+{
+ struct snmp_gen_callback *scp = NULL, *next = NULL;
+ int i,j;
+ for (i=x; i < MAX_CALLBACK_IDS; i++) {
+ for (j=y; j < MAX_CALLBACK_SUBIDS; j++) {
+ scp = thecallbacks[i][j];
+ while (scp != NULL) {
+ next=scp->next;
+ if ((NULL != scp->sc_callback) &&
+ (scp->sc_client_arg != NULL) &&
+ (scp->sc_client_arg == ptr)) {
+ DEBUGMSGTL(("callback", "duplicate client arg\n"));
+ scp->sc_client_arg = NULL;
+ }
+ scp = next;
+ }
+ }
+ }
+}
+
void
clear_callback(void)
{
unsigned int i = 0, j = 0;
struct snmp_gen_callback *scp = NULL, *next = NULL;
+ void *tmp_arg;
if(++_lock > 1) {
snmp_log(LOG_WARNING,
@@ -352,8 +379,23 @@
scp = thecallbacks[i][j];
while (scp != NULL) {
next = scp->next;
- if ((NULL != scp->sc_callback) && (scp->sc_client_arg != NULL))
- SNMP_FREE(scp->sc_client_arg);
+ /*
+ * if there is a client arg, check for duplicates
+ * and then free it.
+ */
+ if ((NULL != scp->sc_callback) &&
+ (scp->sc_client_arg != NULL)) {
+ /*
+ * save the client arg, then set it to null so that it
+ * won't look like a duplicate, then check for duplicates
+ * starting at the current i,j (earlier dups should have
+ * already been found) and free the pointer.
+ */
+ tmp_arg = scp->sc_client_arg;
+ scp->sc_client_arg = NULL;
+ _remove_duplicates(tmp_arg, i, j);
+ free(tmp_arg);
+ }
SNMP_FREE(scp);
scp = next;
}
net-snmp-5.2.1-ethtool.patch:
interface_linux.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 48 insertions(+), 2 deletions(-)
--- NEW FILE net-snmp-5.2.1-ethtool.patch ---
--- net-snmp-5.2.1/agent/mibgroup/if-mib/data_access/interface_linux.c.ethtool 2004-10-18 05:49:50.000000000 +0200
+++ net-snmp-5.2.1/agent/mibgroup/if-mib/data_access/interface_linux.c 2005-05-04 10:26:56.000000000 +0200
@@ -20,8 +20,25 @@
#include "if-mib/data_access/interface.h"
#include "interface_ioctl.h"
+#include <sys/types.h>
+#ifndef u8
+typedef __uint8_t u8;
+#endif
+#ifndef u16
+typedef __uint16_t u16;
+#endif
+#ifndef u32
+typedef __uint32_t u32;
+#endif
+
+#include <linux/ethtool.h>
+#include <linux/sockios.h>
+
unsigned int
netsnmp_arch_interface_get_if_speed(int fd, const char *name);
+/* old mii version */
+unsigned int
+netsnmp_arch_interface_get_if_speed_mii(int fd, const char *name);
void
netsnmp_arch_interface_init(void)
@@ -373,10 +390,39 @@
/**
- * Determines network interface speed.
+ * Determines network interface speed from ETHTOOL_GSET
+ */
+unsigned int
+netsnmp_arch_interface_get_if_speed(int fd, const char *name) {
+ struct ifreq ifr;
+ struct ethtool_cmd edata;
+
+ memset(&ifr, 0, sizeof(ifr));
+ edata.cmd = ETHTOOL_GSET;
+
+ strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)-1);
+ ifr.ifr_data = (char *) &edata;
+
+ if (ioctl(fd, SIOCETHTOOL, &ifr) == -1)
+ {
+ DEBUGMSGTL(("mibII/interfaces", "ETHTOOL_GSET on %s failed\n",
+ ifr.ifr_name));
+ return netsnmp_arch_interface_get_if_speed_mii(fd,name);
+ }
+
+ if (edata.speed != SPEED_10 && edata.speed != SPEED_100 &&
+ edata.speed != SPEED_1000)
+ /* try MII */
+ return netsnmp_arch_interface_get_if_speed_mii(fd,name);
+ else /* return in bps */
+ return edata.speed*1000*1000;
+}
+
+/**
+ * Determines network interface speed from MII
*/
unsigned int
-netsnmp_arch_interface_get_if_speed(int fd, const char *name)
+netsnmp_arch_interface_get_if_speed_mii(int fd, const char *name)
{
unsigned int retspeed = 10000000;
struct ifreq ifr;
Index: net-snmp.spec
===================================================================
RCS file: /cvs/dist/rpms/net-snmp/FC-3/net-snmp.spec,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- net-snmp.spec 25 Apr 2005 07:56:53 -0000 1.25
+++ net-snmp.spec 13 Jul 2005 10:31:28 -0000 1.26
@@ -2,8 +2,8 @@
Summary: A collection of SNMP protocol tools and libraries.
Name: net-snmp
-Version: 5.2.1
-Release: 10.FC3
+Version: 5.2.1.2
+Release: FC3.1
License: BSDish
Group: System Environment/Daemons
URL: http://net-snmp.sourceforge.net/
@@ -33,8 +33,11 @@
Patch15: net-snmp-5.2.1-trim.patch
Patch16: net-snmp-5.1.2-ASN-unsigned64.patch
Patch17: net-snmp-5.2.1-typeclash.diff
-Patch18: net-snmp-5.1.2-agentx_register_callbacks_entry.patch
Patch19: net-snmp-5.2.1-file_offset.patch
+Patch20: net-snmp-5.2.1-ethtool.patch
+Patch21: net-snmp-5.1.2-free_session.patch
+Patch22: net-snmp-5.2.1-clear_callback3.patch
+Patch23: net-snmp-5.1-mktemp.diff
Prereq: /sbin/chkconfig
Obsoletes: ucd-snmp
@@ -149,8 +152,11 @@
%patch15 -p1 -b .trim
%patch16 -p1 -b .ASN-unsigned64
%patch17 -b .typeclash
-%patch18 -p1 -b .reg_callbacks
%patch19 -p1 -b .file_offset
+%patch20 -p1 -b .ethtool
+%patch21 -p1 -b .free_session
+%patch22 -p1 -b .callback3
+%patch23 -b .mktemp
# Do this patch with a perl hack...
perl -pi -e "s|'\\\$install_libdir'|'%{_libdir}'|" ltmain.sh
@@ -161,7 +167,8 @@
%endif
%configure \
--enable-static --enable-shared \
- --with-cflags="$RPM_OPT_FLAGS -g" \
+ --with-cflags="$RPM_OPT_FLAGS -lcrypto" \
+ --with-ldflags="$LDFLAGS" \
--with-sys-location="Unknown" \
--with-logfile="/var/log/snmpd.log" \
--with-persistent-directory="/var/net-snmp" \
@@ -328,6 +335,12 @@
%{_libdir}/*.la
%changelog
+* Wed Jul 13 2005 Radek Vokal <rvokal redhat com>
+- CAN-2005-2177 new upstream version fixing DoS (#162908)
+- CAN-2005-1740 net-snmp insecure temporary file usage (#158770)
+- session free fixed, agentx modules build fine (#157851)
+- report gigabit Ethernet speeds using Ethtool (#152480)
+
* Mon Apr 25 2005 Radek Vokal <rvokal redhat com> - 5.2.1-10.FC3
- fixed missing requires for devel package (#155221)
- 64bit problems are hopefully gone for a while
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]