[packages/iputils] - updated to s20151218 - updated bindnow patch - removed obsolete pingsock patch
qboosh
qboosh at pld-linux.org
Sun Dec 27 21:17:57 CET 2015
commit 50138f702f74f6cbf24925d2fe8c17bbe48d3a3e
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sun Dec 27 21:19:37 2015 +0100
- updated to s20151218
- updated bindnow patch
- removed obsolete pingsock patch
iputils-bindnow.patch | 6 +-
iputils-pingsock.patch | 223 -------------------------------------------------
iputils.spec | 12 +--
3 files changed, 7 insertions(+), 234 deletions(-)
---
diff --git a/iputils.spec b/iputils.spec
index 1192d53..34e65cd 100644
--- a/iputils.spec
+++ b/iputils.spec
@@ -7,26 +7,23 @@ Summary(pl.UTF-8): Użytki przeznaczone dla pracy z siecią IPv4/IPv6
Summary(ru.UTF-8): Набор базовых сетевых утилит (ping, tracepath etc.)
Summary(uk.UTF-8): Набір базових мережевих утиліт (ping, tracepath etc.)
Name: iputils
-Version: s20121221
-Release: 2
+Version: s20151218
+Release: 1
Epoch: 2
License: BSD
Group: Networking/Admin
Source0: http://www.skbuff.net/iputils/%{name}-%{version}.tar.bz2
-# Source0-md5: 6072aef64205720dd1893b375e184171
+# Source0-md5: 8aaa7395f27dff9f57ae016d4bc753ce
Patch0: %{name}-pmake.patch
Patch1: %{name}-pf.patch
Patch2: %{name}-bindnow.patch
-# http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/iputils/iputils-s20101006-owl-pingsock.diff?rev=1.1;content-type=text%2Fplain
-Patch3: %{name}-pingsock.patch
URL: http://www.linuxfoundation.org/collaborate/workgroups/networking/iputils
%if %{with doc}
BuildRequires: docbook-dtd31-sgml
BuildRequires: docbook-utils >= 0.6.10
-BuildRequires: gnome-doc-tools
%endif
-BuildRequires: gnutls-openssl-devel
BuildRequires: libcap-devel
+BuildRequires: libgcrypt-devel
BuildRequires: linux-libc-headers
BuildRequires: openssl-devel
BuildRequires: sysfsutils-devel
@@ -95,7 +92,6 @@ pakiety ARP z użyciem podanego adresu źródłowego.
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
%build
%{__make} all \
diff --git a/iputils-bindnow.patch b/iputils-bindnow.patch
index aa3f669..755e10d 100644
--- a/iputils-bindnow.patch
+++ b/iputils-bindnow.patch
@@ -4,8 +4,8 @@ information leakage.
http://bugs.gentoo.org/77526
---- iputils-s20121221/Makefile.orig 2012-12-21 15:01:07.000000000 +0100
-+++ iputils-s20121221/Makefile 2013-01-08 17:31:42.110829497 +0100
+--- iputils-s20151218/Makefile.orig 2015-12-17 16:45:51.000000000 +0100
++++ iputils-s20151218/Makefile 2015-12-27 20:30:00.256039502 +0100
@@ -130,12 +130,13 @@
%.o: %.c
$(COMPILE.c) $< $(DEF_$(patsubst %.o,%,$@)) -o $@
@@ -26,7 +26,7 @@ http://bugs.gentoo.org/77526
DEF_ping = $(DEF_CAP) $(DEF_IDN) $(DEF_WITHOUT_IFADDRS)
LIB_ping = $(LIB_CAP) $(LIB_IDN)
+LDOPTS_ping = -Wl,-z,now -Wl,-z,relro
- DEF_ping6 = $(DEF_CAP) $(DEF_IDN) $(DEF_WITHOUT_IFADDRS) $(DEF_ENABLE_PING6_RTHDR)
+ DEF_ping6 = $(DEF_CAP) $(DEF_IDN) $(DEF_WITHOUT_IFADDRS) $(DEF_ENABLE_PING6_RTHDR) $(DEF_CRYPTO)
LIB_ping6 = $(LIB_CAP) $(LIB_IDN) $(LIB_RESOLV) $(LIB_CRYPTO)
+LDOPTS_ping6 = -Wl,-z,now -Wl,-z,relro
diff --git a/iputils-pingsock.patch b/iputils-pingsock.patch
deleted file mode 100644
index 8212c0b..0000000
--- a/iputils-pingsock.patch
+++ /dev/null
@@ -1,223 +0,0 @@
---- iputils-s20121011/ping.c.orig 2012-11-01 17:17:27.509539573 +0100
-+++ iputils-s20121011/ping.c 2012-11-01 17:23:39.319523969 +0100
-@@ -88,6 +88,7 @@ struct sockaddr_in whereto; /* who to pi
- int optlen = 0;
- int settos = 0; /* Set TOS, Precendence or other QOS options */
- int icmp_sock; /* socket file descriptor */
-+int using_ping_socket = 0;
- u_char outpack[0x10000];
- int maxpacket = sizeof(outpack);
-
-@@ -123,7 +124,11 @@ main(int argc, char **argv)
- char *target, hnamebuf[MAX_HOSTNAMELEN];
- char rspace[3 + 4 * NROUTES + 1]; /* record route space */
-
-- icmp_sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
-+ icmp_sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
-+ if (icmp_sock != -1)
-+ using_ping_socket = 1;
-+ else
-+ icmp_sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
- socket_errno = errno;
-
- uid = getuid();
-@@ -399,13 +404,35 @@ main(int argc, char **argv)
- }
- }
-
-- if ((options&F_STRICTSOURCE) &&
-- bind(icmp_sock, (struct sockaddr*)&source, sizeof(source)) == -1) {
-- perror("bind");
-- exit(2);
-+ if (!using_ping_socket) {
-+ if ((options&F_STRICTSOURCE) &&
-+ bind(icmp_sock, (struct sockaddr*)&source, sizeof(source)) == -1) {
-+ perror("bind");
-+ exit(2);
-+ }
-+ } else {
-+ struct sockaddr_in sa;
-+ socklen_t sl;
-+
-+ sa.sin_family = AF_INET;
-+ sa.sin_port = 0;
-+ sa.sin_addr.s_addr = (options&F_STRICTSOURCE) ?
-+ source.sin_addr.s_addr : 0;
-+ sl = sizeof(sa);
-+
-+ if (bind(icmp_sock, (struct sockaddr *) &sa, sl) == -1) {
-+ perror("bind");
-+ exit(2);
-+ }
-+
-+ if (getsockname(icmp_sock, (struct sockaddr *) &sa, &sl) == -1) {
-+ perror("getsockname");
-+ exit(2);
-+ }
-+ ident = sa.sin_port;
- }
-
-- if (1) {
-+ if (!using_ping_socket) {
- struct icmp_filter filt;
- filt.data = ~((1<<ICMP_SOURCE_QUENCH)|
- (1<<ICMP_DEST_UNREACH)|
-@@ -420,6 +447,12 @@ main(int argc, char **argv)
- hold = 1;
- if (setsockopt(icmp_sock, SOL_IP, IP_RECVERR, (char *)&hold, sizeof(hold)))
- fprintf(stderr, "WARNING: your kernel is veeery old. No problems.\n");
-+ if (using_ping_socket) {
-+ if (setsockopt(icmp_sock, SOL_IP, IP_RECVTTL, (char *)&hold, sizeof(hold)))
-+ perror("WARNING: setsockopt(IP_RECVTTL)");
-+ if (setsockopt(icmp_sock, SOL_IP, IP_RETOPTS, (char *)&hold, sizeof(hold)))
-+ perror("WARNING: setsockopt(IP_RETOPTS)");
-+ }
-
- /* record route option */
- if (options & F_RROUTE) {
-@@ -588,6 +621,7 @@ int receive_error_msg()
- nerrors++;
- } else if (e->ee_origin == SO_EE_ORIGIN_ICMP) {
- struct sockaddr_in *sin = (struct sockaddr_in*)(e+1);
-+ int error_pkt;
-
- if (res < sizeof(icmph) ||
- target.sin_addr.s_addr != whereto.sin_addr.s_addr ||
-@@ -598,9 +632,18 @@ int receive_error_msg()
- goto out;
- }
-
-- acknowledge(ntohs(icmph.un.echo.sequence));
-+ error_pkt = (e->ee_type != ICMP_REDIRECT &&
-+ e->ee_type != ICMP_SOURCE_QUENCH);
-+ if (error_pkt) {
-+ acknowledge(ntohs(icmph.un.echo.sequence));
-+ net_errors++;
-+ nerrors++;
-+ }
-+ else {
-+ saved_errno = 0;
-+ }
-
-- if (!working_recverr) {
-+ if (!using_ping_socket && !working_recverr) {
- struct icmp_filter filt;
- working_recverr = 1;
- /* OK, it works. Add stronger filter. */
-@@ -611,15 +654,14 @@ int receive_error_msg()
- perror("\rWARNING: setsockopt(ICMP_FILTER)");
- }
-
-- net_errors++;
-- nerrors++;
- if (options & F_QUIET)
- goto out;
- if (options & F_FLOOD) {
-- write_stdout("\bE", 2);
-+ if (error_pkt)
-+ write_stdout("\bE", 2);
- } else {
- print_timestamp();
-- printf("From %s icmp_seq=%u ", pr_addr(sin->sin_addr.s_addr), ntohs(icmph.un.echo.sequence));
-+ printf("From %s: icmp_seq=%u ", pr_addr(sin->sin_addr.s_addr), ntohs(icmph.un.echo.sequence));
- pr_icmph(e->ee_type, e->ee_code, e->ee_info, NULL);
- fflush(stdout);
- }
-@@ -717,15 +759,41 @@ parse_reply(struct msghdr *msg, int cc,
- struct iphdr *ip;
- int hlen;
- int csfailed;
-+ struct cmsghdr *cmsg;
-+ int ttl;
-+ __u8 *opts;
-+ int optlen;
-
- /* Check the IP header */
- ip = (struct iphdr *)buf;
-- hlen = ip->ihl*4;
-- if (cc < hlen + 8 || ip->ihl < 5) {
-- if (options & F_VERBOSE)
-- fprintf(stderr, "ping: packet too short (%d bytes) from %s\n", cc,
-- pr_addr(from->sin_addr.s_addr));
-- return 1;
-+ if (!using_ping_socket) {
-+ hlen = ip->ihl*4;
-+ if (cc < hlen + 8 || ip->ihl < 5) {
-+ if (options & F_VERBOSE)
-+ fprintf(stderr, "ping: packet too short (%d bytes) from %s\n", cc,
-+ pr_addr(from->sin_addr.s_addr));
-+ return 1;
-+ }
-+ ttl = ip->ttl;
-+ opts = buf + sizeof(struct iphdr);
-+ optlen = hlen - sizeof(struct iphdr);
-+ } else {
-+ hlen = 0;
-+ ttl = 0;
-+ opts = buf;
-+ optlen = 0;
-+ for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
-+ if (cmsg->cmsg_level != SOL_IP)
-+ continue;
-+ if (cmsg->cmsg_type == IP_TTL) {
-+ if (cmsg->cmsg_len < sizeof(int))
-+ continue;
-+ ttl = *(int *) CMSG_DATA(cmsg);
-+ } else if (cmsg->cmsg_type == IP_RETOPTS) {
-+ opts = (__u8 *) CMSG_DATA(cmsg);
-+ optlen = cmsg->cmsg_len;
-+ }
-+ }
- }
-
- /* Now the ICMP part */
-@@ -738,7 +806,7 @@ parse_reply(struct msghdr *msg, int cc,
- return 1; /* 'Twas not our ECHO */
- if (gather_statistics((__u8*)icp, sizeof(*icp), cc,
- ntohs(icp->un.echo.sequence),
-- ip->ttl, 0, tv, pr_addr(from->sin_addr.s_addr),
-+ ttl, 0, tv, pr_addr(from->sin_addr.s_addr),
- pr_echo_reply))
- return 0;
- } else {
-@@ -829,7 +897,7 @@ parse_reply(struct msghdr *msg, int cc,
- }
-
- if (!(options & F_FLOOD)) {
-- pr_options(buf + sizeof(struct iphdr), hlen);
-+ pr_options(opts, optlen + sizeof(struct iphdr));
-
- if (options & F_AUDIBLE)
- putchar('\a');
-@@ -965,8 +1033,7 @@ void pr_icmph(__u8 type, __u8 code, __u3
- printf("Redirect, Bad Code: %d", code);
- break;
- }
-- if (icp)
-- printf("(New nexthop: %s)\n", pr_addr(icp->un.gateway));
-+ printf("(New nexthop: %s)\n", pr_addr(icp ? icp->un.gateway : info));
- if (icp && (options & F_VERBOSE))
- pr_iph((struct iphdr*)(icp + 1));
- break;
-@@ -1266,7 +1333,7 @@ void install_filter(void)
- insns
- };
-
-- if (once)
-+ if (once || using_ping_socket)
- return;
- once = 1;
-
-diff -uNp -r iputils-s20101006.orig/ping_common.c iputils-s20101006/ping_common.c
---- iputils-s20101006.orig/ping_common.c 2010-10-06 11:59:20 +0000
-+++ iputils-s20101006/ping_common.c 2011-03-24 12:22:20 +0000
-@@ -515,7 +515,8 @@ void setup(int icmp_sock)
- *p++ = i;
- }
-
-- ident = htons(getpid() & 0xFFFF);
-+ if (!ident)
-+ ident = htons(getpid() & 0xFFFF);
-
- set_signal(SIGINT, sigexit);
- set_signal(SIGALRM, sigexit);
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/iputils.git/commitdiff/50138f702f74f6cbf24925d2fe8c17bbe48d3a3e
More information about the pld-cvs-commit
mailing list