commit dhcpv6 for openSUSE:Factory
Hello community,
here is the log from the commit of package dhcpv6 for openSUSE:Factory
checked in at Wed Aug 31 10:49:23 CEST 2011.
--- dhcpv6/dhcpv6.changes 2011-04-05 20:56:16.0 +0200
+++ /mounts/work_src_done/STABLE/dhcpv6/dhcpv6.changes 2011-08-29
21:49:52.0 +0200
@@ -1,0 +2,5 @@
+Mon Aug 29 19:48:18 UTC 2011 - m...@suse.com
+
+- Cleaned up (lock/subsys) in dhcp6s and dhcp6r scripts (bnc#714617)
+
+---
calling whatdependson for head-i586
Other differences:
--
++ dhcpv6.spec ++
--- /var/tmp/diff_new_pack.QjDP0C/_old 2011-08-31 10:48:08.0 +0200
+++ /var/tmp/diff_new_pack.QjDP0C/_new 2011-08-31 10:48:08.0 +0200
@@ -26,7 +26,7 @@
Group: Productivity/Networking/System
Summary:DHCP Client and Server for IPv6
Version:1.0.22
-Release:16
+Release:18
Source0:%{name}-%{version}.tar.bz2
Patch1: %{name}-%{version}-destdir.patch
Patch2: %{name}-%{version}-cmd.patch
@@ -90,6 +90,10 @@
make clean
make %{?_smp_mflags}
+%check
+bash -n etc/init.d/dhcp6s.sh
+bash -n etc/init.d/dhcp6r.sh
+
%install
mkdir -p $RPM_BUILD_ROOT/usr/sbin
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man{8,5}
@@ -114,6 +118,8 @@
%{stop_on_removal dhcp6s}
%postun
+%{restart_on_update dhcp6r}
+%{restart_on_update dhcp6s}
%{insserv_cleanup dhcp6r}
%{insserv_cleanup dhcp6s}
++ dhcpv6-1.0.22-destdir.patch ++
--- /var/tmp/diff_new_pack.QjDP0C/_old 2011-08-31 10:48:08.0 +0200
+++ /var/tmp/diff_new_pack.QjDP0C/_new 2011-08-31 10:48:08.0 +0200
@@ -1,7 +1,5 @@
-Index: dhcpv6-1.0.20/etc/init.d/dhcp6r.sh
-===
dhcpv6-1.0.20.orig/etc/init.d/dhcp6r.sh
-+++ dhcpv6-1.0.20/etc/init.d/dhcp6r.sh
+--- dhcpv6-1.0.22/etc/init.d/dhcp6r.sh
dhcpv6-1.0.22/etc/init.d/dhcp6r.sh 2011/08/29 19:38:58
@@ -2,11 +2,10 @@
#
### BEGIN INIT INFO
@@ -18,7 +16,7 @@
# Short-Description: Start and stop the DHCPv6 relay agent
# Description: dhcp6r acts as a DHCPv6 relay agent forwarding DHCPv6 messages
# from clients to servers and vice versa.
-@@ -18,9 +17,11 @@
+@@ -18,45 +17,36 @@
# description: dhcp6r acts as a DHCPv6 relay agent forwarding DHCPv6 messages
\
# from clients to servers and vice versa.
# processname: dhcp6r
@@ -32,15 +30,16 @@
RETVAL=0
-@@ -28,34 +29,25 @@ prog=dhcp6r
++conf=/etc/sysconfig/network/dhcp6r
+ prog=dhcp6r
dhcp6r=/usr/sbin/dhcp6r
- lockfile=/var/lock/subsys/dhcp6r
-
+-lockfile=/var/lock/subsys/dhcp6r
+-
-# Check that networking is up.
-# networking is not up, return 1 for generic error
-. /etc/sysconfig/network
-[ $NETWORKING = "no" ] && exit 1
--
+
start() {
# return 5 if program is not installed
-[ -x $dhcp6r ] || exit 5
@@ -52,27 +51,30 @@
+[ -f /etc/sysconfig/network/dhcp6r ] || return 6
+. /etc/sysconfig/network/dhcp6r
- echo -n $"Starting $prog: "
+-echo -n $"Starting $prog: "
-daemon $dhcp6r $DHCP6RARGS
++echo -n $"Starting $prog "
+startproc $dhcp6r $DHCP6RARGS
RETVAL=$?
-echo
- [ $RETVAL -eq 0 ] && touch $lockfile
+-[ $RETVAL -eq 0 ] && touch $lockfile
return $RETVAL
}
stop() {
- echo -n $"Shutting down $prog: "
+-echo -n $"Shutting down $prog: "
-killproc $prog -TERM
++echo -n $"Shutting down $prog "
+killproc $dhcp6r
RETVAL=$?
-echo
-[ $RETVAL -eq 0 ] && success || failure
-echo
- rm -f $lockfile
+-rm -f $lockfile
return $RETVAL
}
-@@ -64,33 +56,36 @@ stop() {
+
+@@ -64,33 +54,49 @@ stop() {
case "$1" in
start)
start
@@ -84,45 +86,63 @@
-RETVAL=$?
+rc_status -v
;;
- restart|force-reload)
- [ -f $lockfile ] && stop
+-restart|force-reload)
+-[ -f $lockfile ] && stop
++restart)
++stop
start
-RETVAL=$?
-+rc_status -v
- ;;
- try-restart|reload)
+-;;
+-try-restart|reload)
-RETVAL=3
-+ rc_failed 3
-+ rc_status -v
++rc_status
;;
- condrestart)
- if [ -f $lockfile ]; then
- stop && start
-+rc_status -v
-+else
-+rc_status -s
+-condrestart)
+-if [ -f $lockfile ]; then
+-stop && start
++try-restart|condrestart)
++if test "$1" = "condrestart"; then
++echo "${attn} Use try-restart ${done}(LSB)${attn} rather than
condrestart ${warn}(RH)${norm}"
fi
++$0 status
++if test $? = 0; then
++$0 restart
++else
++rc_reset
++fi
++rc_status
++;;
++reload)
++echo -n "Reload service $prog "
++rc_failed 3
++rc_s
commit dhcpv6 for openSUSE:Factory
Hello community,
here is the log from the commit of package dhcpv6 for openSUSE:Factory
checked in at Wed Apr 6 11:48:05 CEST 2011.
--- dhcpv6/dhcpv6.changes 2010-04-29 09:36:03.0 +0200
+++ /mounts/work_src_done/STABLE/dhcpv6/dhcpv6.changes 2011-04-05
20:56:16.0 +0200
@@ -1,0 +2,6 @@
+Wed Mar 30 10:16:31 UTC 2011 - m...@suse.de
+
+- Discard domain names with suspect characters or beeing too long
+ (bnc#675052,CVE-2011-0997).
+
+---
calling whatdependson for head-i586
New:
dhcpv6-1.0.22-option-check.diff
Other differences:
--
++ dhcpv6.spec ++
--- /var/tmp/diff_new_pack.dsyoqm/_old 2011-04-06 11:44:54.0 +0200
+++ /var/tmp/diff_new_pack.dsyoqm/_new 2011-04-06 11:44:54.0 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package dhcpv6 (Version 1.0.22)
+# spec file for package dhcpv6
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
Group: Productivity/Networking/System
Summary:DHCP Client and Server for IPv6
Version:1.0.22
-Release:6
+Release:16
Source0:%{name}-%{version}.tar.bz2
Patch1: %{name}-%{version}-destdir.patch
Patch2: %{name}-%{version}-cmd.patch
@@ -38,6 +38,7 @@
Patch8: dhcpv6-1.0.22-invalid-request-address-message.diff
Patch9: dhcpv6-1.0.22-remove-released-leases.bnc524687.diff
Patch10:dhcpv6-1.0.22-dhcp5r-pid-directory.diff
+Patch11:dhcpv6-1.0.22-option-check.diff
Provides: dhcp6 = 1.0.11
Obsoletes: dhcp6 < 1.0.11
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -69,6 +70,7 @@
%patch8 -p0
%patch9 -p0
%patch10 -p0
+%patch11 -p0
%build
touch NEWS
++ dhcpv6-1.0.22-option-check.diff ++
--- src/common.c
+++ src/common.c2011/03/11 08:30:35
@@ -49,6 +49,8 @@
#include
#include
#include
+#include
+#include
#ifdef TIME_WITH_SYS_TIME
# include
@@ -980,6 +982,40 @@ ssize_t gethwid(buf, len, ifname, hwtype
#endif
}
+static int check_domain_name(const char *ptr, size_t len, int dots)
+{
+ const char *p;
+
+ /* not empty or complete length not over 255 characters */
+ if (len == 0 || len >= 256)
+ return -1;
+
+ /* consists of [[:alnum:]-]+ labels separated by [.] */
+ /* a [_] is against RFC but seems to be "widely used"... */
+ for (p=ptr; *p && len-- > 0; p++) {
+ if ( *p == '-' || *p == '_') {
+ /* not allowed at begin or end of a label */
+ if ((p - ptr) == 0 || len == 0 || p[1] == '.')
+ return -1;
+ } else
+ if ( *p == '.') {
+ /* each label has to be 1-63 characters;
+ we allow [.] at the end ('foo.bar.') */
+ ptrdiff_t d = p - ptr;
+ if( d <= 0 || d >= 64)
+ return -1;
+ ptr = p + 1; /* jump to the next label*/
+ if(dots > 0 && len > 0)
+ dots--;
+ } else
+ if ( !isalnum((unsigned char)*p)) {
+ /* also numbers at the begin are fine */
+ return -1;
+ }
+ }
+ return dots ? -1 : 0;
+}
+
void dhcp6_init_options(struct dhcp6_optinfo *optinfo) {
memset(optinfo, 0, sizeof(*optinfo));
/* for safety */
@@ -1289,6 +1325,16 @@ int dhcp6_get_options(struct dhcp6opt *p
goto malformed;
else {
val += n;
+if (dhcp6_mode == DHCP6_MODE_CLIENT) {
+if(check_domain_name(dname->name,
+ strlen(dname->name), 0)) {
+dhcpv6_dprintf(LOG_ERR, "suspect characters "
+ "in domain name - discarded");
+free(dname);
+dname = NULL;
+continue;
+}
+}
dhcpv6_dprintf(LOG_DEBUG,
"expand domain name %s, size %d",
dname->name,
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensus
