Hello community, here is the log from the commit of package nss_wrapper for openSUSE:Factory checked in at 2018-11-06 15:27:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nss_wrapper (Old) and /work/SRC/openSUSE:Factory/.nss_wrapper.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nss_wrapper" Tue Nov 6 15:27:44 2018 rev:6 rq:645750 version:1.1.5 Changes: -------- --- /work/SRC/openSUSE:Factory/nss_wrapper/nss_wrapper.changes 2016-04-01 13:01:50.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nss_wrapper.new/nss_wrapper.changes 2018-11-06 15:28:21.404251333 +0100 @@ -1,0 +2,14 @@ +Wed Oct 31 13:25:29 UTC 2018 - Andreas Schneider <[email protected]> + +- Update to version 1.1.5 + * Fixed running on older distributions + +------------------------------------------------------------------- +Wed Oct 31 07:30:25 UTC 2018 - Andreas Schneider <[email protected]> + +- Update to version 1.1.4 + * Fixed module getpw* functions + * Fixed nss_wrapper.pl to use correct perl binary + * Fixed compatibility with musl-libc + +------------------------------------------------------------------- Old: ---- nss_wrapper-1.1.3.tar.gz New: ---- nss_wrapper-1.1.5.tar.gz nss_wrapper-1.1.5.tar.gz.asc nss_wrapper.keyring ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nss_wrapper.spec ++++++ --- /var/tmp/diff_new_pack.eEH2K7/_old 2018-11-06 15:28:23.192248619 +0100 +++ /var/tmp/diff_new_pack.eEH2K7/_new 2018-11-06 15:28:23.192248619 +0100 @@ -1,7 +1,7 @@ # # spec file for package nss_wrapper # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -24,7 +24,7 @@ ############################# NOTE ################################## Name: nss_wrapper -Version: 1.1.3 +Version: 1.1.5 Release: 0 Summary: A wrapper for the user, group and hosts NSS API @@ -33,7 +33,9 @@ Url: http://cwrap.org/ Source0: https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz -Source1: %{name}-rpmlintrc +Source1: https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz.asc +Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring +Source3: %{name}-rpmlintrc BuildRequires: cmake BuildRequires: libcmocka-devel @@ -77,6 +79,9 @@ %install %cmake_install +find %{buildroot}%{_bindir} -name "*.pl" \ + | xargs sed -i '1 s|/usr/bin/env\ perl|/usr/bin/perl|' + %check pushd build make %{?_smp_mflags} test || cat $(find Testing -name "*.log") @@ -88,7 +93,8 @@ %files %defattr(-,root,root) -%doc AUTHORS README ChangeLog COPYING +%doc AUTHORS README ChangeLog +%license LICENSE %{_bindir}/nss_wrapper.pl %{_libdir}/libnss_wrapper.so* %dir %{_libdir}/cmake/nss_wrapper ++++++ nss_wrapper-1.1.3.tar.gz -> nss_wrapper-1.1.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/CMakeLists.txt new/nss_wrapper-1.1.5/CMakeLists.txt --- old/nss_wrapper-1.1.3/CMakeLists.txt 2016-03-18 11:58:10.000000000 +0100 +++ new/nss_wrapper-1.1.5/CMakeLists.txt 2018-10-31 14:21:50.000000000 +0100 @@ -8,7 +8,7 @@ set(APPLICATION_VERSION_MAJOR "1") set(APPLICATION_VERSION_MINOR "1") -set(APPLICATION_VERSION_PATCH "3") +set(APPLICATION_VERSION_PATCH "5") set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}") @@ -19,7 +19,7 @@ # Increment AGE. Set REVISION to 0 # If the source code was changed, but there were no interface changes: # Increment REVISION. -set(LIBRARY_VERSION "0.2.3") +set(LIBRARY_VERSION "0.2.5") set(LIBRARY_SOVERSION "0") # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/COPYING new/nss_wrapper-1.1.5/COPYING --- old/nss_wrapper-1.1.3/COPYING 2013-12-04 16:37:43.000000000 +0100 +++ new/nss_wrapper-1.1.5/COPYING 1970-01-01 01:00:00.000000000 +0100 @@ -1,32 +0,0 @@ -Copyright (C) Stefan Metzmacher 2007 <[email protected]> -Copyright (C) Guenther Deschner 2009 <[email protected]> -Copyright (C) Andreas Schneider 2013 <[email protected]> - -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the author nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/CPackConfig.cmake new/nss_wrapper-1.1.5/CPackConfig.cmake --- old/nss_wrapper-1.1.3/CPackConfig.cmake 2014-02-04 16:59:46.000000000 +0100 +++ new/nss_wrapper-1.1.5/CPackConfig.cmake 2018-08-09 13:06:05.000000000 +0200 @@ -7,7 +7,7 @@ set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_SOURCE_DIR}/README") set(CPACK_PACKAGE_VENDOR "The SSH Library Development Team") set(CPACK_PACKAGE_INSTALL_DIRECTORY ${CPACK_PACKAGE_NAME}) -set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING") +set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/LICENSE") ### versions @@ -19,7 +19,7 @@ ### source generator set(CPACK_SOURCE_GENERATOR "TGZ") -set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;/obj/;tags;cscope.*") +set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build*;/obj*;tags;cscope.*") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}") if (WIN32) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/CTestConfig.cmake new/nss_wrapper-1.1.5/CTestConfig.cmake --- old/nss_wrapper-1.1.3/CTestConfig.cmake 2015-11-20 09:45:08.000000000 +0100 +++ new/nss_wrapper-1.1.5/CTestConfig.cmake 2018-08-09 13:06:05.000000000 +0200 @@ -1,9 +1,9 @@ set(UPDATE_TYPE "true") -set(CTEST_PROJECT_NAME "nsswrapper") +set(CTEST_PROJECT_NAME "nss_wrapper") set(CTEST_NIGHTLY_START_TIME "01:00:00 UTC") set(CTEST_DROP_METHOD "https") -set(CTEST_DROP_SITE "mock.cryptomilk.org") -set(CTEST_DROP_LOCATION "/submit.php?project=nsswrapper") +set(CTEST_DROP_SITE "test.cmocka.org") +set(CTEST_DROP_LOCATION "/submit.php?project=${CTEST_PROJECT_NAME}") set(CTEST_DROP_SITE_CDASH TRUE) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/ChangeLog new/nss_wrapper-1.1.5/ChangeLog --- old/nss_wrapper-1.1.3/ChangeLog 2016-03-18 11:57:56.000000000 +0100 +++ new/nss_wrapper-1.1.5/ChangeLog 2018-10-31 14:21:50.000000000 +0100 @@ -1,6 +1,14 @@ ChangeLog ========== +version 1.1.5 (released 2018-10-31) + * Fixed running on older distributions + +version 1.1.4 (released 2018-10-31) + * Fixed module getpw* functions + * Fixed nss_wrapper.pl to use correct perl binary + * Fixed compatibility with musl-libc + version 1.1.3 (released 2015-03-18) * Added support for BSD 'struct passwd' members * Replaced strcpy() with snprintf() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/ConfigureChecks.cmake new/nss_wrapper-1.1.5/ConfigureChecks.cmake --- old/nss_wrapper-1.1.3/ConfigureChecks.cmake 2016-03-17 20:26:09.000000000 +0100 +++ new/nss_wrapper-1.1.5/ConfigureChecks.cmake 2018-08-09 13:06:05.000000000 +0200 @@ -6,6 +6,7 @@ include(CheckStructHasMember) include(CheckPrototypeDefinition) include(TestBigEndian) +include(CheckCSourceRuns) set(PACKAGE ${APPLICATION_NAME}) set(VERSION ${APPLICATION_VERSION}) @@ -235,6 +236,18 @@ }" HAVE_ATTRIBUTE_PRINTF_FORMAT) check_c_source_compiles(" +void test_constructor_attribute(void) __attribute__ ((constructor)); + +void test_constructor_attribute(void) +{ + return; +} + +int main(void) { + return 0; +}" HAVE_CONSTRUCTOR_ATTRIBUTE) + +check_c_source_compiles(" void test_destructor_attribute(void) __attribute__ ((destructor)); void test_destructor_attribute(void) @@ -258,3 +271,71 @@ endif (NOT WIN32) set(NWRAP_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} CACHE INTERNAL "nss_wrapper required system libraries") + +# check whether getaddrinfo() returns "node" in "ai_canonname" for IP-addresses +check_c_source_runs("#include <stddef.h> +#include <string.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +int main(void) { + struct addrinfo hints; + struct addrinfo *res = NULL; + + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = AF_INET; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_NUMERICHOST | AI_NUMERICSERV; + + if (getaddrinfo(\"0.0.0.0\", \"389\", &hints, &res) != 0) { + return 2; + } + + if (res == NULL) { + return 3; + } + + return strncmp(res->ai_canonname, \"0.0.0.0\", sizeof(\"0.0.0.0\")) != 0; +}" HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES) +if (HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES) + add_definitions(-DHAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES) +endif (HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES) + +# check whether getaddrinfo() returns EAI_SERVICE when the requested service is not available for the requested socket type. +check_c_source_runs("#include <stddef.h> +#include <string.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +int main(void) { + struct addrinfo hints; + struct addrinfo *res = NULL; + int rc; + + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ + hints.ai_socktype = SOCK_DGRAM; /* Datagram socket */ + hints.ai_flags = AI_PASSIVE | AI_NUMERICSERV; /* For wildcard IP address */ + hints.ai_protocol = 0; /* Any protocol */ + hints.ai_canonname = NULL; + + rc = getaddrinfo(NULL, \"echo\", &hints, &res); + return rc != EAI_SERVICE; +}" HAVE_GETADDRINFO_USES_EAI_SERVICE) +if (HAVE_GETADDRINFO_USES_EAI_SERVICE) + add_definitions(-DHAVE_GETADDRINFO_USES_EAI_SERVICE) +endif (HAVE_GETADDRINFO_USES_EAI_SERVICE) + +# check for non-NULL gethostent() +check_c_source_runs("#include <stddef.h> +#include <netdb.h> +int main(void) { + struct hostent *hostent = NULL; + sethostent(0); + hostent = gethostent(); + endhostent(); + return hostent == NULL; +}" HAVE_NONNULL_GETHOSTENT) +if (HAVE_NONNULL_GETHOSTENT) + add_definitions(-DHAVE_NONNULL_GETHOSTENT) +endif (HAVE_NONNULL_GETHOSTENT) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/LICENSE new/nss_wrapper-1.1.5/LICENSE --- old/nss_wrapper-1.1.3/LICENSE 1970-01-01 01:00:00.000000000 +0100 +++ new/nss_wrapper-1.1.5/LICENSE 2018-08-09 13:06:05.000000000 +0200 @@ -0,0 +1,35 @@ +BSD 3-Clause License + +Copyright (c) 2007, Stefan Metzmacher <[email protected]> +Copyright (c) 2009, Guenther Deschner <[email protected]> +Copyright (c) 2014-2015, Michael Adam <[email protected]> +Copyright (c) 2015, Robin Hack <[email protected]> +Copyright (c) 2013-2018, Andreas Schneider <[email protected]> +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of the author nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/config.h.cmake new/nss_wrapper-1.1.5/config.h.cmake --- old/nss_wrapper-1.1.3/config.h.cmake 2016-03-17 20:26:09.000000000 +0100 +++ new/nss_wrapper-1.1.5/config.h.cmake 2017-05-31 15:34:02.000000000 +0200 @@ -93,6 +93,7 @@ #cmakedefine HAVE_IPV6 1 #cmakedefine HAVE_ATTRIBUTE_PRINTF_FORMAT 1 +#cmakedefine HAVE_CONSTRUCTOR_ATTRIBUTE 1 #cmakedefine HAVE_DESTRUCTOR_ATTRIBUTE 1 /*************************** ENDIAN *****************************/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/nss_wrapper.pl new/nss_wrapper-1.1.5/nss_wrapper.pl --- old/nss_wrapper-1.1.3/nss_wrapper.pl 2013-12-04 16:37:43.000000000 +0100 +++ new/nss_wrapper-1.1.5/nss_wrapper.pl 2017-05-29 15:27:00.000000000 +0200 @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # use strict; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/src/CMakeLists.txt new/nss_wrapper-1.1.5/src/CMakeLists.txt --- old/nss_wrapper-1.1.3/src/CMakeLists.txt 2015-11-11 11:51:25.000000000 +0100 +++ new/nss_wrapper-1.1.5/src/CMakeLists.txt 2018-08-09 13:05:39.000000000 +0200 @@ -25,9 +25,4 @@ ARCHIVE DESTINATION ${LIB_INSTALL_DIR} ) -# This needs to be at the end -if (POLICY CMP0026) - cmake_policy(SET CMP0026 OLD) -endif() -get_target_property(NWRAP_LOCATION nss_wrapper LOCATION) -set(NSS_WRAPPER_LOCATION ${NWRAP_LOCATION} PARENT_SCOPE) +set(NSS_WRAPPER_LOCATION "${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_SHARED_LIBRARY_PREFIX}nss_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX}" PARENT_SCOPE) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/src/nss_wrapper.c new/nss_wrapper-1.1.5/src/nss_wrapper.c --- old/nss_wrapper-1.1.3/src/nss_wrapper.c 2016-03-17 20:26:09.000000000 +0100 +++ new/nss_wrapper-1.1.5/src/nss_wrapper.c 2018-10-31 14:21:50.000000000 +0100 @@ -1,8 +1,11 @@ /* - * Copyright (C) Stefan Metzmacher 2007 <[email protected]> - * Copyright (C) Guenther Deschner 2009 <[email protected]> - * Copyright (C) Andreas Schneider 2013 <[email protected]> + * BSD 3-Clause License * + * Copyright (c) 2007, Stefan Metzmacher <[email protected]> + * Copyright (c) 2009, Guenther Deschner <[email protected]> + * Copyright (c) 2014-2015, Michael Adam <[email protected]> + * Copyright (c) 2015, Robin Hack <[email protected]> + * Copyright (c) 2013-2018, Andreas Schneider <[email protected]> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -142,6 +145,12 @@ #define PRINTF_ATTRIBUTE(a,b) #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */ +#ifdef HAVE_CONSTRUCTOR_ATTRIBUTE +#define CONSTRUCTOR_ATTRIBUTE __attribute__ ((constructor)) +#else +#define CONSTRUCTOR_ATTRIBUTE +#endif /* HAVE_CONSTRUCTOR_ATTRIBUTE */ + #ifdef HAVE_DESTRUCTOR_ATTRIBUTE #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor)) #else @@ -209,8 +218,11 @@ NWRAP_UNLOCK(nwrap_initialized); \ } while (0); +static void nwrap_init(void); + static void nwrap_thread_prepare(void) { + nwrap_init(); NWRAP_LOCK_ALL; } @@ -292,11 +304,13 @@ int (*_libc_getpwuid_r)(uid_t uid, struct passwd *pwd, char *buf, size_t buflen, struct passwd **result); void (*_libc_setpwent)(void); struct passwd *(*_libc_getpwent)(void); -#ifdef HAVE_SOLARIS_GETPWENT_R +#ifdef HAVE_GETPWENT_R +# ifdef HAVE_SOLARIS_GETPWENT_R struct passwd *(*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen); -#else +# else /* HAVE_SOLARIS_GETPWENT_R */ int (*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen, struct passwd **pwbufp); -#endif +# endif /* HAVE_SOLARIS_GETPWENT_R */ +#endif /* HAVE_GETPWENT_R */ void (*_libc_endpwent)(void); int (*_libc_initgroups)(const char *user, gid_t gid); struct group *(*_libc_getgrnam)(const char *name); @@ -305,11 +319,13 @@ int (*_libc_getgrgid_r)(gid_t gid, struct group *grp, char *buf, size_t buflen, struct group **result); void (*_libc_setgrent)(void); struct group *(*_libc_getgrent)(void); -#ifdef HAVE_SOLARIS_GETGRENT_R +#ifdef HAVE_GETGRENT_R +# ifdef HAVE_SOLARIS_GETGRENT_R struct group *(*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen); -#else +# else /* HAVE_SOLARIS_GETGRENT_R */ int (*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen, struct group **result); -#endif +# endif /* HAVE_SOLARIS_GETGRENT_R */ +#endif /* HAVE_GETGRENT_R */ void (*_libc_endgrent)(void); int (*_libc_getgrouplist)(const char *user, gid_t group, gid_t *groups, int *ngroups); @@ -793,9 +809,9 @@ * NWRAP PROTOTYPES *********************************************************/ -static void nwrap_init(void); static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line); static void nwrap_gr_unload(struct nwrap_cache *nwrap); +void nwrap_constructor(void) CONSTRUCTOR_ATTRIBUTE; void nwrap_destructor(void) DESTRUCTOR_ATTRIBUTE; /********************************************************* @@ -832,7 +848,15 @@ int i; #ifdef RTLD_DEEPBIND - flags |= RTLD_DEEPBIND; + const char *env = getenv("LD_PRELOAD"); + + /* Don't do a deepbind if we run with libasan */ + if (env != NULL && strlen(env) < 1024) { + const char *p = strstr(env, "libasan.so"); + if (p == NULL) { + flags |= RTLD_DEEPBIND; + } + } #endif switch (lib) { @@ -1066,7 +1090,8 @@ return nwrap_main_global->libc->fns->_libc_getpwent(); } -#ifdef HAVE_SOLARIS_GETPWENT_R +#ifdef HAVE_GETPWENT_R +# ifdef HAVE_SOLARIS_GETPWENT_R static struct passwd *libc_getpwent_r(struct passwd *pwdst, char *buf, int buflen) @@ -1077,7 +1102,7 @@ buf, buflen); } -#else /* HAVE_SOLARIS_GETPWENT_R */ +# else /* HAVE_SOLARIS_GETPWENT_R */ static int libc_getpwent_r(struct passwd *pwdst, char *buf, size_t buflen, @@ -1090,7 +1115,8 @@ buflen, pwdstp); } -#endif /* HAVE_SOLARIS_GETPWENT_R */ +# endif /* HAVE_SOLARIS_GETPWENT_R */ +#endif /* HAVE_GETPWENT_R */ static void libc_endpwent(void) { @@ -1183,7 +1209,7 @@ } #ifdef HAVE_GETGRENT_R -#ifdef HAVE_SOLARIS_GETGRENT_R +# ifdef HAVE_SOLARIS_GETGRENT_R static struct group *libc_getgrent_r(struct group *group, char *buf, size_t buflen) @@ -1194,7 +1220,7 @@ buf, buflen); } -#else /* !HAVE_SOLARIS_GETGRENT_R */ +# else /* HAVE_SOLARIS_GETGRENT_R */ static int libc_getgrent_r(struct group *group, char *buf, size_t buflen, @@ -1207,7 +1233,7 @@ buflen, result); } -#endif /* HAVE_SOLARIS_GETGRENT_R */ +# endif /* HAVE_SOLARIS_GETGRENT_R */ #endif /* HAVE_GETGRENT_R */ static void libc_endgrent(void) @@ -1488,19 +1514,17 @@ static void nwrap_libc_init(struct nwrap_main *r) { - r->libc = malloc(sizeof(struct nwrap_libc)); + r->libc = calloc(1, sizeof(struct nwrap_libc)); if (r->libc == NULL) { printf("Failed to allocate memory for libc"); exit(-1); } - ZERO_STRUCTP(r->libc); - r->libc->fns = malloc(sizeof(struct nwrap_libc_fns)); + r->libc->fns = calloc(1, sizeof(struct nwrap_libc_fns)); if (r->libc->fns == NULL) { printf("Failed to allocate memory for libc functions"); exit(-1); } - ZERO_STRUCTP(r->libc->fns); } static void nwrap_backend_init(struct nwrap_main *r) @@ -1541,6 +1565,7 @@ const char *env; char *endptr; size_t max_hostents_tmp; + int ok; NWRAP_LOCK(nwrap_initialized); if (nwrap_initialized) { @@ -1561,14 +1586,11 @@ nwrap_initialized = true; - /* Initialize pthread_atfork handlers */ - pthread_atfork(&nwrap_thread_prepare, &nwrap_thread_parent, - &nwrap_thread_child); - env = getenv("NSS_WRAPPER_MAX_HOSTENTS"); if (env != NULL) { - max_hostents_tmp = (size_t)strtol(env, &endptr, 10); - if (((env != '\0') && (endptr == '\0')) || + max_hostents_tmp = (size_t)strtoul(env, &endptr, 10); + if ((*env == '\0') || + (*endptr != '\0') || (max_hostents_tmp == 0)) { NWRAP_LOG(NWRAP_LOG_DEBUG, "Error parsing NSS_WRAPPER_MAX_HOSTENTS " @@ -1583,10 +1605,11 @@ NWRAP_LOG(NWRAP_LOG_DEBUG, "Initializing hash table of size %lu items.", (unsigned long)max_hostents); - if (hcreate(max_hostents) == 0) { + ok = hcreate(max_hostents); + if (!ok) { NWRAP_LOG(NWRAP_LOG_ERROR, "Failed to initialize hash table"); - goto done; + exit(-1); } nwrap_main_global = &__nwrap_main_global; @@ -1637,7 +1660,6 @@ nwrap_he_global.cache->parse_line = nwrap_he_parse_line; nwrap_he_global.cache->unload = nwrap_he_unload; -done: /* We hold all locks here so we can use NWRAP_UNLOCK_ALL. */ NWRAP_UNLOCK_ALL; } @@ -2623,7 +2645,9 @@ p = hsearch(e, ENTER); if (p == NULL) { - NWRAP_LOG(NWRAP_LOG_ERROR, "Hash table is full!"); + NWRAP_LOG(NWRAP_LOG_ERROR, + "Hash table is full (%s)!", + strerror(errno)); return false; } @@ -3831,9 +3855,7 @@ { int ret; - (void) b; /* unused */ - (void) pwdst; /* unused */ - (void) pwdstp; /* unused */ + *pwdstp = NULL; if (!b->fns->_nss_getpwnam_r) { return NSS_STATUS_NOTFOUND; @@ -3842,6 +3864,7 @@ ret = b->fns->_nss_getpwnam_r(name, pwdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *pwdstp = pwdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -3888,7 +3911,7 @@ { int ret; - (void) pwdstp; /* unused */ + *pwdstp = NULL; if (!b->fns->_nss_getpwuid_r) { return ENOENT; @@ -3897,6 +3920,7 @@ ret = b->fns->_nss_getpwuid_r(uid, pwdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *pwdstp = pwdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -3951,7 +3975,7 @@ { int ret; - (void) pwdstp; /* unused */ + *pwdstp = NULL; if (!b->fns->_nss_getpwent_r) { return ENOENT; @@ -3960,6 +3984,7 @@ ret = b->fns->_nss_getpwent_r(pwdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *pwdstp = pwdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -4044,7 +4069,7 @@ { int ret; - (void) grdstp; /* unused */ + *grdstp = NULL; if (!b->fns->_nss_getgrnam_r) { return ENOENT; @@ -4053,6 +4078,7 @@ ret = b->fns->_nss_getgrnam_r(name, grdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *grdstp = grdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -4115,7 +4141,7 @@ { int ret; - (void) grdstp; /* unused */ + *grdstp = NULL; if (!b->fns->_nss_getgrgid_r) { return ENOENT; @@ -4124,6 +4150,7 @@ ret = b->fns->_nss_getgrgid_r(gid, grdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *grdstp = grdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -4194,7 +4221,7 @@ { int ret; - (void) grdstp; /* unused */ + *grdstp = NULL; if (!b->fns->_nss_getgrent_r) { return ENOENT; @@ -4203,6 +4230,7 @@ ret = b->fns->_nss_getgrent_r(grdst, buf, buflen, &errno); switch (ret) { case NSS_STATUS_SUCCESS: + *grdstp = grdst; return 0; case NSS_STATUS_NOTFOUND: if (errno != 0) { @@ -4420,6 +4448,7 @@ * GETPWENT_R ***************************************************************************/ +#ifdef HAVE_GETPWENT_R static int nwrap_getpwent_r(struct passwd *pwdst, char *buf, size_t buflen, struct passwd **pwdstp) { @@ -4437,7 +4466,7 @@ return ENOENT; } -#ifdef HAVE_SOLARIS_GETPWENT_R +# ifdef HAVE_SOLARIS_GETPWENT_R struct passwd *getpwent_r(struct passwd *pwdst, char *buf, int buflen) { struct passwd *pwdstp = NULL; @@ -4453,7 +4482,7 @@ return pwdstp; } -#else /* HAVE_SOLARIS_GETPWENT_R */ +# else /* HAVE_SOLARIS_GETPWENT_R */ int getpwent_r(struct passwd *pwdst, char *buf, size_t buflen, struct passwd **pwdstp) { @@ -4463,7 +4492,8 @@ return nwrap_getpwent_r(pwdst, buf, buflen, pwdstp); } -#endif /* HAVE_SOLARIS_GETPWENT_R */ +# endif /* HAVE_SOLARIS_GETPWENT_R */ +#endif /* HAVE_GETPWENT_R */ /**************************************************************************** * ENDPWENT @@ -4726,6 +4756,7 @@ * GETGRENT_R ***************************************************************************/ +#ifdef HAVE_GETGRENT_R static int nwrap_getgrent_r(struct group *grdst, char *buf, size_t buflen, struct group **grdstp) { @@ -4743,7 +4774,7 @@ return ENOENT; } -#ifdef HAVE_SOLARIS_GETGRENT_R +# ifdef HAVE_SOLARIS_GETGRENT_R struct group *getgrent_r(struct group *src, char *buf, int buflen) { struct group *grdstp = NULL; @@ -4760,7 +4791,7 @@ return grdstp; } -#else /* HAVE_SOLARIS_GETGRENT_R */ +# else /* HAVE_SOLARIS_GETGRENT_R */ int getgrent_r(struct group *src, char *buf, size_t buflen, struct group **grdstp) { @@ -4770,7 +4801,8 @@ return nwrap_getgrent_r(src, buf, buflen, grdstp); } -#endif /* HAVE_SOLARIS_GETGRENT_R */ +# endif /* HAVE_SOLARIS_GETGRENT_R */ +#endif /* HAVE_GETGRENT_R */ /**************************************************************************** * ENDGRENT @@ -5530,6 +5562,24 @@ } /**************************** + * CONSTRUCTOR + ***************************/ +void nwrap_constructor(void) +{ + /* + * If we hold a lock and the application forks, then the child + * is not able to unlock the mutex and we are in a deadlock. + * + * Setting these handlers should prevent such deadlocks. + */ + pthread_atfork(&nwrap_thread_prepare, + &nwrap_thread_parent, + &nwrap_thread_child); + + /* Do not call nwrap_init() here. */ +} + +/**************************** * DESTRUCTOR ***************************/ @@ -5546,28 +5596,32 @@ struct nwrap_main *m = nwrap_main_global; /* libc */ - SAFE_FREE(m->libc->fns); - if (m->libc->handle != NULL) { - dlclose(m->libc->handle); - } - if (m->libc->nsl_handle != NULL) { - dlclose(m->libc->nsl_handle); - } - if (m->libc->sock_handle != NULL) { - dlclose(m->libc->sock_handle); + if (m->libc != NULL) { + SAFE_FREE(m->libc->fns); + if (m->libc->handle != NULL) { + dlclose(m->libc->handle); + } + if (m->libc->nsl_handle != NULL) { + dlclose(m->libc->nsl_handle); + } + if (m->libc->sock_handle != NULL) { + dlclose(m->libc->sock_handle); + } + SAFE_FREE(m->libc); } - SAFE_FREE(m->libc); /* backends */ - for (i = 0; i < m->num_backends; i++) { - struct nwrap_backend *b = &(m->backends[i]); + if (m->backends != NULL) { + for (i = 0; i < m->num_backends; i++) { + struct nwrap_backend *b = &(m->backends[i]); - if (b->so_handle != NULL) { - dlclose(b->so_handle); + if (b->so_handle != NULL) { + dlclose(b->so_handle); + } + SAFE_FREE(b->fns); } - SAFE_FREE(b->fns); + SAFE_FREE(m->backends); } - SAFE_FREE(m->backends); } if (nwrap_pw_global.cache != NULL) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/tests/test_getaddrinfo.c new/nss_wrapper-1.1.5/tests/test_getaddrinfo.c --- old/nss_wrapper-1.1.3/tests/test_getaddrinfo.c 2016-01-21 13:46:44.000000000 +0100 +++ new/nss_wrapper-1.1.5/tests/test_getaddrinfo.c 2018-08-09 13:06:05.000000000 +0200 @@ -207,7 +207,11 @@ assert_int_equal(res->ai_family, AF_INET); assert_int_equal(res->ai_socktype, SOCK_STREAM); +#ifdef HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES + assert_string_equal(res->ai_canonname, "0.0.0.0"); +#else /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ assert_null(res->ai_canonname); +#endif /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ sinp = (struct sockaddr_in *)res->ai_addr; @@ -233,7 +237,11 @@ assert_int_equal(res->ai_family, AF_INET6); assert_int_equal(res->ai_socktype, SOCK_STREAM); +#ifdef HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES + assert_string_equal(res->ai_canonname, "::"); +#else /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ assert_null(res->ai_canonname); +#endif /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ sin6p = (struct sockaddr_in6 *)res->ai_addr; @@ -268,7 +276,11 @@ assert_int_equal(res->ai_family, AF_INET); assert_int_equal(res->ai_socktype, SOCK_STREAM); +#ifdef HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES + assert_string_equal(res->ai_canonname, "127.0.0.1"); +#else /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ assert_null(res->ai_canonname); +#endif /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ sinp = (struct sockaddr_in *)res->ai_addr; ip = inet_ntoa(sinp->sin_addr); @@ -581,7 +593,11 @@ */ rc = getaddrinfo(NULL, "echo", &hints, &res); +#ifdef HAVE_GETADDRINFO_USES_EAI_SERVICE + assert_int_equal(rc, EAI_SERVICE); +#else /* HAVE_GETADDRINFO_USES_EAI_SERVICE */ assert_int_equal(rc, EAI_NONAME); +#endif /* HAVE_GETADDRINFO_USES_EAI_SERVICE */ rc = getaddrinfo(NULL, "80", &hints, &res); assert_int_equal(rc, 0); @@ -590,7 +606,11 @@ /* Crippled input */ rc = getaddrinfo(NULL, "80a1", &hints, &res); +#ifdef HAVE_GETADDRINFO_USES_EAI_SERVICE + assert_int_equal(rc, EAI_SERVICE); +#else /* HAVE_GETADDRINFO_USES_EAI_SERVICE */ assert_int_equal(rc, EAI_NONAME); +#endif /* HAVE_GETADDRINFO_USES_EAI_SERVICE */ /* * Calls with non-NULL name are handled by nwrap diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/tests/test_nwrap_disabled.c new/nss_wrapper-1.1.5/tests/test_nwrap_disabled.c --- old/nss_wrapper-1.1.3/tests/test_nwrap_disabled.c 2015-11-11 11:51:25.000000000 +0100 +++ new/nss_wrapper-1.1.5/tests/test_nwrap_disabled.c 2018-08-09 13:06:05.000000000 +0200 @@ -38,6 +38,7 @@ /* Test libnsl */ static void test_nwrap_hostent(void **state) { +#ifdef HAVE_NONNULL_GETHOSTENT struct hostent *he; (void) state; /* unused */ @@ -48,6 +49,13 @@ assert_non_null(he); endhostent(); +#else + (void) state; /* unused */ + + sethostent(0); + gethostent(); + endhostent(); +#endif } static void test_nwrap_gethostname(void **state) @@ -84,7 +92,11 @@ assert_int_equal(res->ai_family, AF_INET); assert_int_equal(res->ai_socktype, SOCK_STREAM); +#ifdef HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES + assert_string_equal(res->ai_canonname, "127.0.0.1"); +#else /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ assert_null(res->ai_canonname); +#endif /* HAVE_GETADDRINFO_SETS_CANONNAME_FOR_IPADDRESSES */ sinp = (struct sockaddr_in *)res->ai_addr; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss_wrapper-1.1.3/tests/testsuite.c new/nss_wrapper-1.1.5/tests/testsuite.c --- old/nss_wrapper-1.1.3/tests/testsuite.c 2016-03-17 20:26:09.000000000 +0100 +++ new/nss_wrapper-1.1.5/tests/testsuite.c 2018-10-30 20:49:29.000000000 +0100 @@ -166,6 +166,7 @@ } assert_true(ret); } + assert_ptr_equal(&pwd, pwdp); print_passwd(&pwd); @@ -214,6 +215,7 @@ } assert_true(ret); } + assert_ptr_equal(&pwd, pwdp); print_passwd(&pwd); @@ -334,6 +336,7 @@ } assert_true(ret); } + assert_ptr_equal(&grp, grpp); print_group(&grp); @@ -384,6 +387,7 @@ } assert_true(ret); } + assert_ptr_equal(&grp, grpp); print_group(&grp); @@ -433,9 +437,11 @@ static bool test_nwrap_enum_r_passwd(struct passwd **pwd_array_p, size_t *num_pwd_p) { - struct passwd pwd, *pwdp; struct passwd *pwd_array = NULL; size_t num_pwd = 0; +/* Skip these tests if the platform does not provide getpwent_r() */ +#ifdef HAVE_GETPWENT_R + struct passwd pwd, *pwdp; char buffer[4096]; int ret; @@ -450,7 +456,7 @@ if (pwdp == NULL) { break; } -#else +#else /* HAVE_SOLARIS_GETPWENT_R */ ret = getpwent_r(&pwd, buffer, sizeof(buffer), &pwdp); if (ret != 0) { if (ret != ENOENT) { @@ -458,7 +464,7 @@ } break; } -#endif +#endif /* HAVE_SOLARIS_GETPWENT_R */ print_passwd(&pwd); if (pwd_array_p && num_pwd_p) { pwd_array = realloc(pwd_array, sizeof(struct passwd) * (num_pwd + 1)); @@ -470,6 +476,7 @@ DEBUG("Testing endpwent\n"); endpwent(); +#endif /* HAVE_GETPWENT_R */ if (pwd_array_p) { *pwd_array_p = pwd_array; @@ -598,9 +605,11 @@ static bool test_nwrap_enum_r_group(struct group **grp_array_p, size_t *num_grp_p) { - struct group grp, *grpp; struct group *grp_array = NULL; size_t num_grp = 0; +/* Skip these tests if the platform does not provide getgrent_r() */ +#ifdef HAVE_GETGRENT_R + struct group grp, *grpp; char buffer[4096]; int ret; @@ -615,7 +624,7 @@ if (grpp == NULL) { break; } -#else +#else /* HAVE_SOLARIS_GETGRENT_R */ ret = getgrent_r(&grp, buffer, sizeof(buffer), &grpp); if (ret != 0) { if (ret != ENOENT) { @@ -623,7 +632,7 @@ } break; } -#endif +#endif /* HAVE_SOLARIS_GETGRENT_R */ print_group(&grp); if (grp_array_p && num_grp_p) { grp_array = realloc(grp_array, sizeof(struct group) * (num_grp + 1)); @@ -635,6 +644,7 @@ DEBUG("Testing endgrent\n"); endgrent(); +#endif /* HAVE_GETGRENT_R */ if (grp_array_p) { *grp_array_p = grp_array;
