Package: release.debian.org Severity: normal Tags: bookworm User: release.debian.org@packages.debian.org Usertags: pu Control: affects -1 + src:openbsd-inetd This is needed to fix #1050208, introduced in bookworm, which makes inetd crash on configuration reloads. The fix is in the change to patches/default_v4v6, everything else is improvements to the test suite and more tests (also to catch this specific problem). 0.20221205-2+deb12u1 is a no changes rebuild of the package currently in testing. For a better view of the changes please see https://salsa.debian.org/md/openbsd-inetd/-/commits/master . -- ciao, Marco
diff -Nru openbsd-inetd-0.20221205/debian/changelog openbsd-inetd-0.20221205/debian/changelog --- openbsd-inetd-0.20221205/debian/changelog 2023-01-02 14:33:50.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/changelog 2023-08-26 00:34:16.000000000 +0200 @@ -1,8 +1,21 @@ +openbsd-inetd (0.20221205-2+deb12u1) bookworm; urgency=medium + + * Rebuilt for bookworm. + + -- Marco d'Itri <md@linux.it> Sat, 26 Aug 2023 00:34:16 +0200 + +openbsd-inetd (0.20221205-2) unstable; urgency=medium + + * Updated the Debian patch default_v4v6 to fix fix a double free and + a memory leak on configuration reloads. (Closes: #1050208) + + -- Marco d'Itri <md@linux.it> Wed, 23 Aug 2023 12:49:41 +0200 + openbsd-inetd (0.20221205-1) unstable; urgency=medium * New CVS snapshot. * When just "tcp" or "udp" is specified in inetd.conf, now inetd defaults - to runnning two servers: one for IPv4 and one for IPv6 traffic. + to running two servers: one for IPv4 and one for IPv6 traffic. This is identical to specifying both e.g. "tcp4" and "tcp6". The old semantics of only accepting IPv4 connections can be restored by using "tcp4" or "udp4". diff -Nru openbsd-inetd-0.20221205/debian/copyright openbsd-inetd-0.20221205/debian/copyright --- openbsd-inetd-0.20221205/debian/copyright 2023-01-01 22:49:25.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/copyright 2023-08-23 03:00:22.000000000 +0200 @@ -29,10 +29,3 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. -setproctitle.c and discard_stupid_environment() come from netkit 0.17, -patched by the USAGI project. - -strlcpy.c comes from the openbsd source tree, slightly edited. - -bsd-closefrom.c comes from the openssh source tree, slightly edited. - diff -Nru openbsd-inetd-0.20221205/debian/NEWS openbsd-inetd-0.20221205/debian/NEWS --- openbsd-inetd-0.20221205/debian/NEWS 2023-01-02 03:09:21.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/NEWS 2023-08-23 12:46:59.000000000 +0200 @@ -1,7 +1,7 @@ openbsd-inetd (0.20221205-1) unstable; urgency=medium * When just "tcp" or "udp" is specified in inetd.conf, now inetd defaults - to runnning two servers: one for IPv4 and one for IPv6 traffic. + to running two servers: one for IPv4 and one for IPv6 traffic. This is identical to specifying both e.g. "tcp4" and "tcp6". The old semantics of only accepting IPv4 connections can be restored by using "tcp4" or "udp4". diff -Nru openbsd-inetd-0.20221205/debian/openbsd-inetd.preinst openbsd-inetd-0.20221205/debian/openbsd-inetd.preinst --- openbsd-inetd-0.20221205/debian/openbsd-inetd.preinst 2023-01-02 02:45:43.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/openbsd-inetd.preinst 2023-08-23 03:06:12.000000000 +0200 @@ -54,14 +54,6 @@ install) create_inetd ;; - - upgrade|abort-upgrade) - ;; - - *) - echo "$0 called with unknown argument '$1'" >&2 - exit 1 - ;; esac #DEBHELPER# diff -Nru openbsd-inetd-0.20221205/debian/patches/default_v4v6 openbsd-inetd-0.20221205/debian/patches/default_v4v6 --- openbsd-inetd-0.20221205/debian/patches/default_v4v6 2023-01-02 02:30:41.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/patches/default_v4v6 2023-08-23 02:45:43.000000000 +0200 @@ -44,37 +44,35 @@ int val; int argc; + static int proto_override; -+ static char *saved_cp; ++ static char saved_line[1024]; sep = calloc(1, sizeof(struct servtab)); if (sep == NULL) { -@@ -1165,6 +1167,14 @@ getconfigent(void) +@@ -1165,6 +1167,11 @@ getconfigent(void) more: freeconfig(sep); + if (proto_override) { + /* process again the same configuration entry */ -+ cp = saved_cp; -+ saved_cp = NULL; ++ cp = saved_line; + } else { -+ if (saved_cp) -+ free(saved_cp); + while ((cp = nextline(fconfig)) && *cp == '#') ; if (cp == NULL) { -@@ -1172,6 +1182,10 @@ more: +@@ -1172,6 +1179,11 @@ more: return (NULL); } -+ /* keep a copy of the configuration entry */ -+ saved_cp = newstr(cp); -+ } /* proto_override */ ++ /* keep a copy of the configuration entry */ ++ strcpy(saved_line, cp); ++ ++ } /* !proto_override */ + memset(sep, 0, sizeof *sep); arg = skip(&cp, 0); if (arg == NULL) { -@@ -1314,9 +1328,37 @@ do { \ +@@ -1314,9 +1326,37 @@ do { \ } else { int s; @@ -86,7 +84,7 @@ + + proto_override = 0; + /* append "6" to se_proto */ - sep->se_family = AF_INET6; ++ sep->se_family = AF_INET6; + l = strlen(sep->se_proto); + s = malloc(l + 1 + 1); + if (s == NULL) { @@ -101,7 +99,7 @@ + } else if (sep->se_proto[strlen(sep->se_proto) - 1] == '4') + sep->se_family = AF_INET; + else if (sep->se_proto[strlen(sep->se_proto) - 1] == '6') -+ sep->se_family = AF_INET6; + sep->se_family = AF_INET6; + else { + /* + * If no "4" or "6" was specified then process the diff -Nru openbsd-inetd-0.20221205/debian/tests/everything openbsd-inetd-0.20221205/debian/tests/everything --- openbsd-inetd-0.20221205/debian/tests/everything 2023-01-02 14:06:32.000000000 +0100 +++ openbsd-inetd-0.20221205/debian/tests/everything 2023-08-23 02:03:56.000000000 +0200 @@ -32,9 +32,10 @@ print $fh $conf; close($fh); +$SIG{CHLD} = 'IGNORE'; my $pid = fork; if (not $pid) { - exec(qw(/usr/sbin/inetd -d -i ./inetd.conf)); + exec(qw(/usr/sbin/inetd -d -i ./inetd.conf)) or BAIL_OUT('exec failed'); } @@ -82,6 +83,30 @@ like($_, qr/^client .+ ::1$/m); ############################################################################## +open($fh, '>>', 'inetd.conf'); +$conf = << "END"; +2007 stream tcp nowait $user /usr/sbin/try-from +END +print $fh $conf; +close($fh); + +my $i; +$i = kill('HUP', $pid); +ok($i, 'configuration reloaded'); + +# what a second to allow inetd to exit if it has crashed +usleep(1000000); + +$i = kill(0, $pid); +ok($i, "the inetd process $pid still exists"); +BAIL_OUT('the inetd process has disappeared') if not $i; + +$_ = t(PeerPort => 2007); +like($_, qr/^client .+ \Q127.0.0.1\E$/m); +$_ = t(PeerPort => 2007, PeerHost => '::1'); +like($_, qr/^client .+ ::1$/m); + +############################################################################## kill('KILL', $pid); ok(1, 'inetd killed'); @@ -114,7 +139,7 @@ Type => SOCK_STREAM, Timeout => 5, ) and return; - warn "IO::Socket::IP->new: $@"; + warn "IO::Socket::IP->new: $@" unless $@ =~ /^Connection refused/; usleep(100000); }
Attachment:
signature.asc
Description: PGP signature