Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package slirp4netns for openSUSE:Factory checked in at 2024-02-15 20:58:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/slirp4netns (Old) and /work/SRC/openSUSE:Factory/.slirp4netns.new.1815 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "slirp4netns" Thu Feb 15 20:58:48 2024 rev:16 rq:1146510 version:1.2.3 Changes: -------- --- /work/SRC/openSUSE:Factory/slirp4netns/slirp4netns.changes 2023-10-08 12:18:41.310955809 +0200 +++ /work/SRC/openSUSE:Factory/.slirp4netns.new.1815/slirp4netns.changes 2024-02-15 20:58:58.896965085 +0100 @@ -1,0 +2,7 @@ +Wed Feb 7 10:15:17 UTC 2024 - Dan Äermák <dcer...@suse.com> + +- New upstream release 1.2.3: + + * Fix some FD leaks (#334, thanks to @giuseppe) + +------------------------------------------------------------------- Old: ---- slirp4netns-1.2.2.tar.xz New: ---- slirp4netns-1.2.3.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ slirp4netns.spec ++++++ --- /var/tmp/diff_new_pack.V9QZUw/_old 2024-02-15 20:58:59.476986031 +0100 +++ /var/tmp/diff_new_pack.V9QZUw/_new 2024-02-15 20:58:59.476986031 +0100 @@ -17,7 +17,7 @@ Name: slirp4netns -Version: 1.2.2 +Version: 1.2.3 Release: 0 Summary: User-mode networking for unprivileged network namespaces License: BSD-2-Clause AND GPL-2.0-only AND MIT ++++++ _service ++++++ --- /var/tmp/diff_new_pack.V9QZUw/_old 2024-02-15 20:58:59.512987332 +0100 +++ /var/tmp/diff_new_pack.V9QZUw/_new 2024-02-15 20:58:59.516987476 +0100 @@ -1,18 +1,18 @@ <services> -<service name="tar_scm" mode="disabled"> +<service name="tar_scm" mode="manual"> <param name="url">https://github.com/rootless-containers/slirp4netns.git</param> <param name="scm">git</param> <param name="filename">slirp4netns</param> - <param name="revision">v1.2.2</param> + <param name="revision">v1.2.3</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> </service> -<service name="recompress" mode="disabled"> +<service name="recompress" mode="manual"> <param name="file">*.tar</param> <param name="compression">xz</param> </service> -<service name="set_version" mode="disabled" /> +<service name="set_version" mode="manual" /> </services> ++++++ slirp4netns-1.2.2.tar.xz -> slirp4netns-1.2.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/.github/workflows/release.yaml new/slirp4netns-1.2.3/.github/workflows/release.yaml --- old/slirp4netns-1.2.2/.github/workflows/release.yaml 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/.github/workflows/release.yaml 2024-02-06 16:26:54.000000000 +0100 @@ -25,27 +25,17 @@ path: var-lib-apt key: var-lib-apt-${{ hashFiles('Dockerfile.artifact') }} - name: inject var-cache-apt into docker - uses: overmindtech/buildkit-cache-dance/inject@306d31a77191f643c0c4a95083f36c6ddccb4a16 + uses: reproducible-containers/buildkit-cache-dance@v2.1.2 with: cache-source: var-cache-apt cache-target: /var/cache/apt - name: inject var-lib-apt into docker - uses: overmindtech/buildkit-cache-dance/inject@306d31a77191f643c0c4a95083f36c6ddccb4a16 + uses: reproducible-containers/buildkit-cache-dance@v2.1.2 with: cache-source: var-lib-apt cache-target: /var/lib/apt - name: "Build binaries from Dockerfile.artifact" run: docker buildx build -o /tmp/slirpbuilds --build-arg SOURCE_DATE_EPOCH --platform=amd64,arm64,arm,s390x,ppc64le,riscv64 -f Dockerfile.artifact . - - name: extract var-cache-apt into docker - uses: overmindtech/buildkit-cache-dance/extract@306d31a77191f643c0c4a95083f36c6ddccb4a16 - with: - cache-source: var-cache-apt - cache-target: /var/cache/apt - - name: extract var-lib-apt into docker - uses: overmindtech/buildkit-cache-dance/extract@306d31a77191f643c0c4a95083f36c6ddccb4a16 - with: - cache-source: var-lib-apt - cache-target: /var/lib/apt - name: "Create /tmp/artifact" run: | mkdir -p /tmp/artifact @@ -62,14 +52,11 @@ run: sha256sum /tmp/SHA256SUMS - name: "Prepare the release note" run: | - tag="${GITHUB_REF##*/}" shasha=$(sha256sum /tmp/SHA256SUMS | awk '{print $1}') libslirp_version=$(/tmp/artifact/slirp4netns-x86_64 -v | grep -oP '^libslirp: \K\S*') libseccomp_version=$(/tmp/artifact/slirp4netns-x86_64 -v | grep -oP '^libseccomp: \K\S*') ubuntu_version=$(grep -oP '^ARG UBUNTU_VERSION=\K\S*' Dockerfile.artifact) cat << EOF | tee /tmp/release-note.txt - ${tag} - #### Changes (To be documented) @@ -92,6 +79,7 @@ docker buildx build \ -o /tmp/slirpbuilds \ --build-arg SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} \ + --build-arg BUILDKIT_CONTEXT_KEEP_GIT_DIR=1 \ --platform=amd64,arm64,arm,s390x,ppc64le,riscv64 \ -f Dockerfile.artifact \ "https://github.com/${{ github.repository }}.git#${tag}" @@ -103,6 +91,4 @@ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | tag="${GITHUB_REF##*/}" - asset_flags=() - for f in /tmp/artifact/* /tmp/SHA256SUMS; do asset_flags+=("-a" "$f"); done - hub release create "${asset_flags[@]}" -F /tmp/release-note.txt --draft "${tag}" + gh release create -F /tmp/release-note.txt --draft --title "${tag}" "${tag}" /tmp/artifact/* /tmp/SHA256SUMS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/Dockerfile.artifact new/slirp4netns-1.2.3/Dockerfile.artifact --- old/slirp4netns-1.2.2/Dockerfile.artifact 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/Dockerfile.artifact 2024-02-06 16:26:54.000000000 +0100 @@ -6,7 +6,7 @@ # -f Dockerfile.artifact . ARG LIBSLIRP_COMMIT=v4.7.0 -ARG UBUNTU_VERSION=jammy-20230804 +ARG UBUNTU_VERSION=jammy-20240125 ARG XX_VERSION=1.2.1@sha256:8879a398dedf0aadaacfbd332b29ff2f84bc39ae6d4e9c0a1109db27ac5ba012 ARG REPRO_SOURCES_LIST_VERSION=v0.1.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/Makefile.am new/slirp4netns-1.2.3/Makefile.am --- old/slirp4netns-1.2.2/Makefile.am 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/Makefile.am 2024-02-06 16:26:54.000000000 +0100 @@ -36,7 +36,7 @@ vendor/parson/parson.h # define specific commit if git available or it was replaced during git-archive creation -COMMIT := $(shell V=0ee2d87523e906518d34a6b423271e4826f71faf ; \ +COMMIT := $(shell V=$Format:%H$ ; \ expr match "$$V" ormat: >/dev/null \ && (cd "$$abs_srcdir" && [ -d .git ] && git describe --always --abbrev=0 --dirty --exclude=\* || echo unknown) \ || echo "$$V" ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/api.c new/slirp4netns-1.2.3/api.c --- old/slirp4netns-1.2.2/api.c 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/api.c 2024-02-06 16:26:54.000000000 +0100 @@ -17,25 +17,28 @@ unlink(api_socket); /* avoid EADDRINUSE */ if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { perror("api_bindlisten: socket"); - return -1; + goto cleanup_and_fail; } memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; if (strlen(api_socket) >= sizeof(addr.sun_path)) { fprintf(stderr, "the specified API socket path is too long (>= %lu)\n", sizeof(addr.sun_path)); - return -1; + goto cleanup_and_fail; } strncpy(addr.sun_path, api_socket, sizeof(addr.sun_path) - 1); if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { perror("api_bindlisten: bind"); - return -1; + goto cleanup_and_fail; } if (listen(fd, 0) < 0) { perror("api_bindlisten: listen"); - return -1; + goto cleanup_and_fail; } return fd; +cleanup_and_fail: + close(fd); + return -1; } struct api_hostfwd { @@ -57,7 +60,7 @@ struct api_ctx *api_ctx_alloc(struct slirp4netns_config *cfg) { - struct api_ctx *ctx = (struct api_ctx *)g_malloc0(sizeof(*ctx)); + struct api_ctx *ctx = (struct api_ctx *)calloc(1, sizeof(*ctx)); if (ctx == NULL) { return NULL; } @@ -116,7 +119,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "bad arguments.proto\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } if (host_addr_s == NULL || host_addr_s[0] == '\0') { @@ -126,7 +129,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "bad arguments.host_addr\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } fwd->host_port = (int)json_object_dotget_number(jo, "arguments.host_port"); @@ -134,7 +137,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "bad arguments.host_port\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } @@ -144,7 +147,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "bad arguments.guest_addr\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } fwd->guest_port = @@ -153,7 +156,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "bad arguments.guest_port\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } if (slirp_add_hostfwd(slirp, fwd->is_udp, fwd->host_addr, fwd->host_port, @@ -161,7 +164,7 @@ const char *err = "{\"error\":{\"desc\":\"bad request: add_hostfwd: " "slirp_add_hostfwd failed\"}}"; wrc = write(fd, err, strlen(err)); - free(fwd); + g_free(fwd); goto finish; } fwd->id = ctx->hostfwds_nextid; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/configure.ac new/slirp4netns-1.2.3/configure.ac --- old/slirp4netns-1.2.2/configure.ac 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/configure.ac 2024-02-06 16:26:54.000000000 +0100 @@ -1,5 +1,5 @@ AC_PREREQ([2.69]) -AC_INIT([slirp4netns], [1.2.2], [https://github.com/rootless-containers/slirp4netns/issues]) +AC_INIT([slirp4netns], [1.2.3], [https://github.com/rootless-containers/slirp4netns/issues]) AC_CONFIG_SRCDIR([main.c]) AC_CONFIG_HEADERS([config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-1.2.2/main.c new/slirp4netns-1.2.3/main.c --- old/slirp4netns-1.2.2/main.c 2023-09-13 16:19:04.000000000 +0200 +++ new/slirp4netns-1.2.3/main.c 2024-02-06 16:26:54.000000000 +0100 @@ -42,41 +42,58 @@ bool only_userns) { int usernsfd = -1, netnsfd = -1; + char *netns_allocated = NULL; + char *userns_allocated = NULL; + if (!only_userns && !netns) { - if (asprintf(&netns, "/proc/%d/ns/net", target_pid) < 0) { + if (asprintf(&netns_allocated, "/proc/%d/ns/net", target_pid) < 0) { perror("cannot get netns path"); - return -1; + goto fail; } + netns = netns_allocated; } if (!userns && target_pid) { - if (asprintf(&userns, "/proc/%d/ns/user", target_pid) < 0) { + if (asprintf(&userns_allocated, "/proc/%d/ns/user", target_pid) < 0) { perror("cannot get userns path"); - return -1; + goto fail; } + userns = userns_allocated; } if (!only_userns && (netnsfd = open(netns, O_RDONLY)) < 0) { perror(netns); - return netnsfd; + goto fail; } if (userns && (usernsfd = open(userns, O_RDONLY)) < 0) { perror(userns); - return usernsfd; + goto fail; } if (usernsfd != -1) { int r = setns(usernsfd, CLONE_NEWUSER); if (only_userns && r < 0) { perror("setns(CLONE_NEWUSER)"); - return -1; + goto fail; } close(usernsfd); + usernsfd = -1; } - if (netnsfd != -1 && setns(netnsfd, CLONE_NEWNET) < 0) { - perror("setns(CLONE_NEWNET)"); - return -1; + if (netnsfd != -1) { + if (setns(netnsfd, CLONE_NEWNET) < 0) { + perror("setns(CLONE_NEWNET)"); + goto fail; + } + close(netnsfd); } - close(netnsfd); return 0; +fail: + free(netns_allocated); + free(userns_allocated); + + if (usernsfd != -1) + close(usernsfd); + if (netnsfd != -1) + close(netnsfd); + return -1; } static int open_tap(const char *tapname) @@ -148,7 +165,7 @@ .ifr_flags = IFF_UP | IFF_RUNNING }; if (ioctl(sockfd, SIOCSIFFLAGS, &ifr_lo) < 0) { perror("cannot set device up"); - return -1; + goto fail; } memset(&ifr, 0, sizeof(ifr)); @@ -157,20 +174,20 @@ if (ioctl(sockfd, SIOCSIFFLAGS, &ifr) < 0) { perror("cannot set device up"); - return -1; + goto fail; } ifr.ifr_mtu = (int)cfg->mtu; if (ioctl(sockfd, SIOCSIFMTU, &ifr) < 0) { perror("cannot set MTU"); - return -1; + goto fail; } if (cfg->vmacaddress_len > 0) { ifr.ifr_ifru.ifru_hwaddr = cfg->vmacaddress; if (ioctl(sockfd, SIOCSIFHWADDR, &ifr) < 0) { perror("cannot set MAC address"); - return -1; + goto fail; } } @@ -180,13 +197,13 @@ if (ioctl(sockfd, SIOCSIFADDR, &ifr) < 0) { perror("cannot set device address"); - return -1; + goto fail; } sai->sin_addr = cfg->vnetmask; if (ioctl(sockfd, SIOCSIFNETMASK, &ifr) < 0) { perror("cannot set device netmask"); - return -1; + goto fail; } memset(&route, 0, sizeof(route)); @@ -206,9 +223,12 @@ if (ioctl(sockfd, SIOCADDRT, &route) < 0) { perror("set route"); - return -1; + goto fail; } return 0; +fail: + close(sockfd); + return -1; } /* Child (--target-type=netns) */ @@ -224,6 +244,7 @@ return tapfd; } if (do_config_network && configure_network(tapname, cfg) < 0) { + close(tapfd); return -1; } if (sendfd(sock, tapfd) < 0) { @@ -232,6 +253,7 @@ return -1; } fprintf(stderr, "sent tapfd=%d for %s\n", tapfd, tapname); + close(tapfd); close(sock); return 0; }
