commit: df46d37f10f7144857c0d723bced3c79cb0684a6
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 17 05:28:27 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Feb 17 05:28:27 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df46d37f
net-misc/dhcpcd: backport crash fix ("every 5 days")
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild | 170 ++++++++++++++++++++++++
net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch | 46 +++++++
2 files changed, 216 insertions(+)
diff --git a/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild
b/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild
new file mode 100644
index 000000000000..8ccbe2c41a96
--- /dev/null
+++ b/net-misc/dhcpcd/dhcpcd-10.0.6-r2.ebuild
@@ -0,0 +1,170 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit systemd toolchain-funcs
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/NetworkConfiguration/dhcpcd.git";
+else
+ MY_P="${P/_alpha/-alpha}"
+ MY_P="${MY_P/_beta/-beta}"
+ MY_P="${MY_P/_rc/-rc}"
+
SRC_URI="https://github.com/NetworkConfiguration/dhcpcd/releases/download/v${PV}/${MY_P}.tar.xz";
+ S="${WORKDIR}/${MY_P}"
+
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc
~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+fi
+
+DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client"
+HOMEPAGE="https://github.com/NetworkConfiguration/dhcpcd/
https://roy.marples.name/projects/dhcpcd/";
+
+LICENSE="BSD-2 BSD ISC MIT"
+SLOT="0"
+IUSE="debug +embedded ipv6 privsep +udev"
+
+DEPEND="udev? ( virtual/udev )"
+RDEPEND="
+ ${DEPEND}
+ privsep? (
+ acct-group/dhcpcd
+ acct-user/dhcpcd
+ )
+"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+ # These don't exist on Linux/glibc (bug #900264)
+ memset_explicit
+ memset_s
+ setproctitle
+ strtoi
+ consttime_memequal
+ SHA256_Init
+ hmac
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-10.0.6-rebinding.patch
+ "${FILESDIR}"/${PN}-10.0.6-crash.patch
+)
+
+src_configure() {
+ local myeconfargs=(
+ --dbdir="${EPREFIX}/var/lib/dhcpcd"
+ --libexecdir="${EPREFIX}/lib/dhcpcd"
+ --localstatedir="${EPREFIX}/var"
+ --prefix="${EPREFIX}"
+ --with-hook=ntp.conf
+ $(use_enable debug)
+ $(use_enable embedded)
+ $(use_enable ipv6)
+ $(use_enable privsep)
+ $(usex elibc_glibc '--with-hook=yp.conf' '')
+ --rundir=$(usex kernel_linux "${EPREFIX}/run/dhcpcd"
"${EPREFIX}/var/run/dhcpcd")
+ $(usex privsep '--privsepuser=dhcpcd' '')
+ $(usex udev '' '--without-dev --without-udev')
+ CC="$(tc-getCC)"
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+ keepdir /var/lib/dhcpcd
+ newinitd "${FILESDIR}"/dhcpcd.initd-r1 dhcpcd
+ systemd_newunit "${FILESDIR}"/dhcpcd.service-r1 dhcpcd.service
+}
+
+pkg_postinst() {
+ local dbdir="${EROOT}"/var/lib/dhcpcd old_files=()
+
+ local old_old_duid="${EROOT}"/var/lib/dhcpcd/dhcpcd.duid
+ local old_duid="${EROOT}"/etc/dhcpcd.duid
+ local new_duid="${dbdir}"/duid
+ if [[ -e "${old_old_duid}" ]] ; then
+ # Upgrade the duid file to the new format if needed
+ if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then
+ sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}"
+ fi
+
+ # Move the duid to /etc, a more sensible location
+ if [[ ! -e "${old_duid}" ]] ; then
+ cp -p "${old_old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_old_duid}" )
+ fi
+
+ # dhcpcd-7 moves the files out of /etc
+ if [[ -e "${old_duid}" ]] ; then
+ if [[ ! -e "${new_duid}" ]] ; then
+ cp -p "${old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_duid}" )
+ fi
+ local old_secret="${EROOT}"/etc/dhcpcd.secret
+ local new_secret="${dbdir}"/secret
+ if [[ -e "${old_secret}" ]] ; then
+ if [[ ! -e "${new_secret}" ]] ; then
+ cp -p "${old_secret}" "${new_secret}"
+ fi
+ old_files+=( "${old_secret}" )
+ fi
+
+ # dhcpcd-7 renames some files in /var/lib/dhcpcd
+ local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic
+ local new_rdm="${dbdir}"/rdm_monotonic
+ if [[ -e "${old_rdm}" ]] ; then
+ if [[ ! -e "${new_rdm}" ]] ; then
+ cp -p "${old_rdm}" "${new_rdm}"
+ fi
+ old_files+=( "${old_rdm}" )
+ fi
+ local lease=
+ for lease in "${dbdir}"/dhcpcd-*.lease*; do
+ [[ -f "${lease}" ]] || continue
+ old_files+=( "${lease}" )
+ local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//")
+ [[ -e "${dbdir}/${new_lease}" ]] && continue
+ cp "${lease}" "${dbdir}/${new_lease}"
+ done
+
+ # Warn about removing stale files
+ if [[ -n "${old_files[@]}" ]] ; then
+ elog
+ elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from"
+ elog "${EROOT}/etc to ${dbdir}"
+ elog "and copied leases in ${dbdir} to new files with the
dhcpcd-"
+ elog "prefix dropped."
+ elog
+ elog "You should remove these files if you don't plan on
reverting"
+ elog "to an older version:"
+ local old_file=
+ for old_file in ${old_files[@]}; do
+ elog " ${old_file}"
+ done
+ fi
+
+ if [ -z "${REPLACING_VERSIONS}" ]; then
+ elog
+ elog "dhcpcd has zeroconf support active by default."
+ elog "This means it will always obtain an IP address even if no"
+ elog "DHCP server can be contacted, which will break any
existing"
+ elog "failover support you may have configured in your net
configuration."
+ elog "This behaviour can be controlled with the noipv4ll
configuration"
+ elog "file option or the -L command line switch."
+ elog "See the dhcpcd and dhcpcd.conf man pages for more
details."
+
+ elog
+ elog "Dhcpcd has duid enabled by default, and this may cause
issues"
+ elog "with some dhcp servers. For more information, see"
+ elog "https://bugs.gentoo.org/show_bug.cgi?id=477356";
+ fi
+
+ if ! has_version net-dns/bind-tools; then
+ elog
+ elog "If you activate the lookup-hostname hook to look up your
hostname"
+ elog "using the dns, you need to install net-dns/bind-tools."
+ fi
+}
diff --git a/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch
b/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch
new file mode 100644
index 000000000000..5b61e3ca37ef
--- /dev/null
+++ b/net-misc/dhcpcd/files/dhcpcd-10.0.6-crash.patch
@@ -0,0 +1,46 @@
+https://github.com/NetworkConfiguration/dhcpcd/issues/179
+https://github.com/NetworkConfiguration/dhcpcd/issues/283
+https://bugzilla.redhat.com/2262996
+https://github.com/NetworkConfiguration/dhcpcd/commit/727c78f503d456875e2a3cee7609288b537d9d25
+
+From 727c78f503d456875e2a3cee7609288b537d9d25 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <[email protected]>
+Date: Fri, 16 Feb 2024 17:15:35 +0100
+Subject: [PATCH] Move dhcp(v4) packet size check earlier (#295)
+
+dhcp_handlebootp handled zero sized packets correctly, but
+dhcp_redirect_dhcp did not have such protection. Move size check before
+both of them. Size when called from dhcp_packet is checked by
+is_packet_udp_bootp call. Only dhcp_recvmsg needs earlier checking to be
+added.
+
+Fixes #283
+--- a/src/dhcp.c
++++ b/src/dhcp.c
+@@ -3532,12 +3532,6 @@ dhcp_handlebootp(struct interface *ifp, struct bootp
*bootp, size_t len,
+ {
+ size_t v;
+
+- if (len < offsetof(struct bootp, vend)) {
+- logerrx("%s: truncated packet (%zu) from %s",
+- ifp->name, len, inet_ntoa(*from));
+- return;
+- }
+-
+ /* Unlikely, but appeases sanitizers. */
+ if (len > FRAMELEN_MAX) {
+ logerrx("%s: packet exceeded frame length (%zu) from %s",
+@@ -3670,6 +3664,13 @@ dhcp_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg)
+ logerr(__func__);
+ return;
+ }
++
++ if (iov->iov_len < offsetof(struct bootp, vend)) {
++ logerrx("%s: truncated packet (%zu) from %s",
++ ifp->name, iov->iov_len, inet_ntoa(from->sin_addr));
++ return;
++ }
++
+ state = D_CSTATE(ifp);
+ if (state == NULL) {
+ /* Try re-directing it to another interface. */
