openembedded-core.git/meta/recipes-extended/rpcbind, branch thud Mirror of openembedded-core rpcbind: add option to make user able to use fixed port number 2018-06-15T10:09:40+00:00 Li Wang li.wang@windriver.com 2018-06-06T02:54:45+00:00 f6f3f7388cefb2833b4240c2c9ddbf8bd201bc61 Add option "-p" to specify fixed port number Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Add option "-p" to specify fixed port number

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: refresh patches 2018-03-11T13:25:22+00:00 Ross Burton ross.burton@intel.com 2018-03-09T18:56:01+00:00 df9b991d1f453aae4dca5558f10fd23e866778dc The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.

Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450).  This is obviously bad.

We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: Stop freeing a static pointer 2018-01-14T09:11:27+00:00 Jackie Huang jackie.huang@windriver.com 2018-01-10T01:53:06+00:00 1d78875de924d794130c86b27ed516a1df40a59d commit 7ea36ee introduced a svc_freeargs() call that ended up freeing static pointer. It turns out the allocations for the rmt_args is not necessary . The xdr routines (xdr_bytes) will handle the memory management and the largest possible message size is UDPMSGSIZE (due to UDP only) which is smaller than RPC_BUF_MAX Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
commit 7ea36ee introduced a svc_freeargs() call
that ended up freeing static pointer.

It turns out the allocations for the rmt_args
is not necessary . The xdr routines (xdr_bytes) will
handle the memory management and the largest
possible message size is UDPMSGSIZE (due to UDP only)
which is smaller than RPC_BUF_MAX

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: fix assertion failure 2018-01-14T09:11:26+00:00 Jackie Huang jackie.huang@windriver.com 2018-01-10T01:53:05+00:00 b09202848d713af4eef179a443745b413542eaf0 Backport a patch to fix the assertion failure: rpcbind: ../../libtirpc-1.0.2/src/pmap_prot.c:50: xdr_pmap: Assertion `regs != NULL' failed. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Backport a patch to fix the assertion failure:
rpcbind: ../../libtirpc-1.0.2/src/pmap_prot.c:50: xdr_pmap: Assertion `regs != NULL' failed.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: Fix CVE-2017-8779 2017-05-25T22:57:01+00:00 Fan Xin fan.xin@jp.fujitsu.com 2017-05-24T08:10:52+00:00 7936c9451eb4c376a78a0ac7461d1b2430c7f1f3 This vulnerability is also called "rpcbomb". Backport upstream patch to fix this vulnerability. CVE: CVE-2017-8779 Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
This vulnerability is also called "rpcbomb".
Backport upstream patch to fix this vulnerability.

CVE: CVE-2017-8779

Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: Remove uneeded patches 2017-05-10T11:21:32+00:00 Khem Raj raj.khem@gmail.com 2017-04-19T01:58:38+00:00 56b3b440fa139c8f132b2b71dc6b8eb0ee974e7a We were carrying patches which are no longer needed when building rpcbind for musl Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
We were carrying patches which are no longer
needed when building rpcbind for musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
recipes: Make use of the new bb.utils.filter() function 2017-03-01T11:17:22+00:00 Peter Kjellerstedt peter.kjellerstedt@axis.com 2017-02-27T13:02:50+00:00 0a1427bf9aeeda6bee2cc0af8da4ea5fd90aef6f Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpcbind: 0.2.3 -> 0.2.4 2017-02-16T04:06:29+00:00 Hongxu Jia hongxu.jia@windriver.com 2017-02-07T05:37:22+00:00 6d65a58f5c062b503ab41b38fb2e74df71a9a8c6 Drop obsolete patch - 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch Drop backport patches: - 0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch - cve-2015-7236.patch Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> 
Drop obsolete patch
- 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch

Drop backport patches:
- 0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
- cve-2015-7236.patch

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Add "CVE:" tag to current patches in OE-core 2016-01-11T23:23:18+00:00 Mariano Lopez mariano.lopez@linux.intel.com 2016-01-08T12:03:58+00:00 065ebeb3e15311d0d45385e15bf557b1c95b1669 The currnet patches in OE-core doesn't have the "CVE:" tag, now part of the policy of the patches. This is patch add this tag to several patches. There might be patches that I miss; the tag can be added in the future. Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.

This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.

Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
rpcbind: Fix build with libtirpc 1.0.1 2015-12-27T11:27:00+00:00 Maxin B. John maxin.john@intel.com 2015-12-21T15:59:56+00:00 53176113f7c149279af5b30dd5b48d2fe5fdea07 libtirpc 1.0.1 uses the SVC_XP_AUTH macro to access xp_auth. Update rpcbind to follow the same way. Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
libtirpc 1.0.1 uses the SVC_XP_AUTH macro to access xp_auth.
Update rpcbind to follow the same way.

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>