diff options
author | Robby Workman <rworkman@slackbuilds.org> | 2022-03-19 23:15:55 -0500 |
---|---|---|
committer | Willy Sudiarto Raharjo <willysr@slackbuilds.org> | 2022-03-20 20:45:18 +0700 |
commit | 23501ee3910e1276f93cce3c01225b38fb340e7d (patch) | |
tree | 61adf1fc065f4bfaa2ce08071fe913697f8c150b /network | |
parent | 76485db1a58de67250c5106a691fba89920a0f23 (diff) |
network/avahi: Included several patches from Debian
Thanks to Petr Mayr for the heads-up on missing functionality
without these patches.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'network')
17 files changed, 648 insertions, 54 deletions
diff --git a/network/avahi/avahi.SlackBuild b/network/avahi/avahi.SlackBuild index b0d58a9d9bb2b..321ce5761214e 100644 --- a/network/avahi/avahi.SlackBuild +++ b/network/avahi/avahi.SlackBuild @@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd) PRGNAM=avahi VERSION=${VERSION:-0.8} -BUILD=${BUILD:-5} +BUILD=${BUILD:-6} TAG=${TAG:-_SBo} PKGTYPE=${PKGTYPE:-tgz} @@ -104,18 +104,35 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; -patch -p1 --verbose < $CWD/fixup_avahi-dnsconfd.action.patch -patch -p1 --verbose < $CWD/ipv6_race_condition_fix.patch # thanks, LFS +# This patch is mine --rworkman +patch -p1 --verbose < $CWD/patches/fixup_avahi-dnsconfd.action.patch + +# Thanks to LFS for this patch +patch -p1 --verbose < $CWD/patches/ipv6_race_condition_fix.patch + +# Thanks to Debian for these patches +patch -p1 --verbose < $CWD/patches/man-fix-reference-to-avahi-autoipd.action-8-in-avahi-auto.patch +patch -p1 --verbose < $CWD/patches/man-add-missing-bshell.1-symlink.patch +patch -p1 --verbose < $CWD/patches/Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK3.patch +patch -p1 --verbose < $CWD/patches/avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch +patch -p1 --verbose < $CWD/patches/fix-bytestring-decoding-for-proper-display.patch +patch -p1 --verbose < $CWD/patches/avahi-discover-Don-t-decode-unicode-strings-only-bytestri.patch +patch -p1 --verbose < $CWD/patches/Fetch-build-db-from-upstream-git.patch +patch -p1 --verbose < $CWD/patches/build-db-Use-the-same-database-format-that-the-C-code-exp.patch +patch -p1 --verbose < $CWD/patches/avahi-daemon-chroot-fix-bogus-assignments-in-assertions.patch +patch -p1 --verbose < $CWD/patches/avahi-client-fix-resource-leak.patch +patch -p1 --verbose < $CWD/patches/avoid-infinite-loop-in-avahi-daemon-by-handling-hup-event-in-client-work.patch +patch -p1 --verbose < $CWD/patches/CVE-2021-3502.patch # Okay, I had to cheat a bit on the manual pages; there's a commit # in git that will fix this, so I just built a git checkout, grabbed # the built manual pages, and we'll drop them into place so the build # will work for this released version... -cat $CWD/build-db > service-type-database/build-db -chmod 0755 service-type-database/build-db cat $CWD/bssh.1 > man/bssh.1 cat $CWD/avahi-discover.1 > man/avahi-discover.1 +autoreconf -vif + export PYTHON=python3 CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ diff --git a/network/avahi/build-db b/network/avahi/build-db deleted file mode 100644 index 78ee892f606ea..0000000000000 --- a/network/avahi/build-db +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env python -# -*-python-*- -# This file is part of avahi. -# -# avahi is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as -# published by the Free Software Foundation; either version 2 of the -# License, or (at your option) any later version. -# -# avahi is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public -# License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with avahi; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 -# USA. - -try: - import anydbm as dbm -except ImportError: - import dbm - -import sys - -if len(sys.argv) > 1: - infn = sys.argv[1] -else: - infn = "service-types" - -if len(sys.argv) > 2: - outfn = sys.argv[2] -else: - outfn = infn + ".db" - -db = dbm.open(outfn, "n") - -for ln in open(infn, "r"): - ln = ln.strip(" \r\n\t") - - if ln == "" or ln.startswith("#"): - continue - - t, n = ln.split(":", 1) - - db[t.strip()] = n.strip() - -db.close() diff --git a/network/avahi/patches/CVE-2021-3502.patch b/network/avahi/patches/CVE-2021-3502.patch new file mode 100644 index 0000000000000..7b0449a2e4ebc --- /dev/null +++ b/network/avahi/patches/CVE-2021-3502.patch @@ -0,0 +1,148 @@ +From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001 +From: Tommi Rantala <tommi.t.rantala@nokia.com> +Date: Mon, 8 Feb 2021 11:04:43 +0200 +Subject: [PATCH] Fix NULL pointer crashes from #175 + +avahi-daemon is crashing when running "ping .local". +The crash is due to failing assertion from NULL pointer. +Add missing NULL pointer checks to fix it. + +Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd +--- + avahi-core/browse-dns-server.c | 5 ++++- + avahi-core/browse-domain.c | 5 ++++- + avahi-core/browse-service-type.c | 3 +++ + avahi-core/browse-service.c | 3 +++ + avahi-core/browse.c | 3 +++ + avahi-core/resolve-address.c | 5 ++++- + avahi-core/resolve-host-name.c | 5 ++++- + avahi-core/resolve-service.c | 5 ++++- + 8 files changed, 29 insertions(+), 5 deletions(-) + +diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c +index 049752e9..c2d914fa 100644 +--- a/avahi-core/browse-dns-server.c ++++ b/avahi-core/browse-dns-server.c +@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new( + AvahiSDNSServerBrowser* b; + + b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_dns_server_browser_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c +index f145d56a..06fa70c0 100644 +--- a/avahi-core/browse-domain.c ++++ b/avahi-core/browse-domain.c +@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new( + AvahiSDomainBrowser *b; + + b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_domain_browser_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c +index fdd22dcd..b1fc7af8 100644 +--- a/avahi-core/browse-service-type.c ++++ b/avahi-core/browse-service-type.c +@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new( + AvahiSServiceTypeBrowser *b; + + b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_type_browser_start(b); + + return b; +diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c +index 5531360c..63e0275a 100644 +--- a/avahi-core/browse-service.c ++++ b/avahi-core/browse-service.c +@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new( + AvahiSServiceBrowser *b; + + b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_browser_start(b); + + return b; +diff --git a/avahi-core/browse.c b/avahi-core/browse.c +index 2941e579..e8a915e9 100644 +--- a/avahi-core/browse.c ++++ b/avahi-core/browse.c +@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new( + AvahiSRecordBrowser *b; + + b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_record_browser_start_query(b); + + return b; +diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c +index ac0b29b1..e61dd242 100644 +--- a/avahi-core/resolve-address.c ++++ b/avahi-core/resolve-address.c +@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new( + AvahiSAddressResolver *b; + + b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_address_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c +index 808b0e72..4e8e5973 100644 +--- a/avahi-core/resolve-host-name.c ++++ b/avahi-core/resolve-host-name.c +@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new( + AvahiSHostNameResolver *b; + + b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_host_name_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c +index 66bf3cae..43771763 100644 +--- a/avahi-core/resolve-service.c ++++ b/avahi-core/resolve-service.c +@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new( + AvahiSServiceResolver *b; + + b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} diff --git a/network/avahi/patches/Fetch-build-db-from-upstream-git.patch b/network/avahi/patches/Fetch-build-db-from-upstream-git.patch new file mode 100644 index 0000000000000..eacb6dab5aaf4 --- /dev/null +++ b/network/avahi/patches/Fetch-build-db-from-upstream-git.patch @@ -0,0 +1,71 @@ +From: Andreas Henriksson <andreas@fatal.se> +Date: Sat, 26 Oct 2019 15:49:35 +0200 +Subject: Fetch build-db from upstream git + +Fetch the build-db file from: +https://raw.githubusercontent.com/lathiat/avahi/master/service-type-database/build-db + +This file is missing dist tarball, likely caused by changes in: +https://github.com/lathiat/avahi/pull/134 + +Carry it as a patch for now. +--- + service-type-database/build-db | 49 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 49 insertions(+) + create mode 100755 service-type-database/build-db + +diff --git a/service-type-database/build-db b/service-type-database/build-db +new file mode 100755 +index 0000000..78ee892 +--- /dev/null ++++ b/service-type-database/build-db +@@ -0,0 +1,49 @@ ++#!/usr/bin/env python ++# -*-python-*- ++# This file is part of avahi. ++# ++# avahi is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as ++# published by the Free Software Foundation; either version 2 of the ++# License, or (at your option) any later version. ++# ++# avahi is distributed in the hope that it will be useful, but WITHOUT ++# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public ++# License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public ++# License along with avahi; if not, write to the Free Software ++# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 ++# USA. ++ ++try: ++ import anydbm as dbm ++except ImportError: ++ import dbm ++ ++import sys ++ ++if len(sys.argv) > 1: ++ infn = sys.argv[1] ++else: ++ infn = "service-types" ++ ++if len(sys.argv) > 2: ++ outfn = sys.argv[2] ++else: ++ outfn = infn + ".db" ++ ++db = dbm.open(outfn, "n") ++ ++for ln in open(infn, "r"): ++ ln = ln.strip(" \r\n\t") ++ ++ if ln == "" or ln.startswith("#"): ++ continue ++ ++ t, n = ln.split(":", 1) ++ ++ db[t.strip()] = n.strip() ++ ++db.close() diff --git a/network/avahi/patches/Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK3.patch b/network/avahi/patches/Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK3.patch new file mode 100644 index 0000000000000..076442706af59 --- /dev/null +++ b/network/avahi/patches/Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK3.patch @@ -0,0 +1,50 @@ +From: Andreas Henriksson <andreas@fatal.se> +Date: Thu, 24 Aug 2017 17:52:19 +0200 +Subject: Ship avahi-discover(1), bssh(1) and bvnc(1) also for GTK3 + +These manpages went missing when you disabled gtk2 builds.... + +Forwarded: https://github.com/lathiat/avahi/pull/142 +Applied-upstream: 0.9, commit:751be804e891aec5701a059144e2f5cbfc981b36 +--- + man/Makefile.am | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/man/Makefile.am b/man/Makefile.am +index 77a27bd..289b942 100644 +--- a/man/Makefile.am ++++ b/man/Makefile.am +@@ -56,7 +56,7 @@ man_MANS += \ + avahi-publish.1 \ + avahi-set-host-name.1 + +-if HAVE_GTK ++if HAVE_GTK2OR3 + man_MANS += \ + bssh.1 + endif +@@ -64,12 +64,13 @@ endif + if HAVE_PYTHON + man_MANS += \ + avahi-bookmarks.1 +-if HAVE_GTK ++endif ++ ++if HAVE_PYGOBJECT + man_MANS += \ + avahi-discover.1 + endif + endif +-endif + + if ENABLE_AUTOIPD + if HAVE_LIBDAEMON +@@ -134,7 +135,7 @@ EXTRA_DIST = \ + if HAVE_DBUS + + BSSH_LN = +-if HAVE_GTK ++if HAVE_GTK2OR3 + if HAVE_GLIB + BSSH_LN += $(LN_S) bssh.1 bvnc.1 && + BSSH_LN += $(LN_S) bssh.1 bshell.1 && diff --git a/network/avahi/patches/avahi-client-fix-resource-leak.patch b/network/avahi/patches/avahi-client-fix-resource-leak.patch new file mode 100644 index 0000000000000..141828a25959d --- /dev/null +++ b/network/avahi/patches/avahi-client-fix-resource-leak.patch @@ -0,0 +1,22 @@ +From 374245ec1418e7e1e57120fcaf0a12ec695f5f6d Mon Sep 17 00:00:00 2001 +From: Michal Sekletar <msekleta@redhat.com> +Date: Wed, 24 Oct 2018 15:22:19 +0000 +Subject: [PATCH] avahi-client: fix resource leak + +--- + avahi-client/browser.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/avahi-client/browser.c b/avahi-client/browser.c +index c978d942..fa4a9a80 100644 +--- a/avahi-client/browser.c ++++ b/avahi-client/browser.c +@@ -72,6 +72,8 @@ static void parse_domain_file(AvahiDomainBrowser *b) { + if (avahi_normalize_name(buf, domain, sizeof(domain))) + b->static_browse_domains = avahi_string_list_add(b->static_browse_domains, domain); + } ++ ++ fclose(f); + } + + static void domain_browser_ref(AvahiDomainBrowser *db) { diff --git a/network/avahi/patches/avahi-daemon-chroot-fix-bogus-assignments-in-assertions.patch b/network/avahi/patches/avahi-daemon-chroot-fix-bogus-assignments-in-assertions.patch new file mode 100644 index 0000000000000..9984722893f2f --- /dev/null +++ b/network/avahi/patches/avahi-daemon-chroot-fix-bogus-assignments-in-assertions.patch @@ -0,0 +1,24 @@ +From 4b48927e8e2c721d103018b4ce39a164b6c2898f Mon Sep 17 00:00:00 2001 +From: Michal Sekletar <msekleta@redhat.com> +Date: Wed, 24 Oct 2018 15:38:48 +0000 +Subject: [PATCH] chroot: fix bogus assignments in assertions + +--- + avahi-daemon/chroot.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/avahi-daemon/chroot.c b/avahi-daemon/chroot.c +index ccd56be0..871b3b34 100644 +--- a/avahi-daemon/chroot.c ++++ b/avahi-daemon/chroot.c +@@ -188,8 +188,8 @@ static int recv_fd(int fd) { + return -1; + } + +- assert(h->cmsg_len = CMSG_LEN(sizeof(int))); +- assert(h->cmsg_level = SOL_SOCKET); ++ assert(h->cmsg_len == CMSG_LEN(sizeof(int))); ++ assert(h->cmsg_level == SOL_SOCKET); + assert(h->cmsg_type == SCM_RIGHTS); + + return *((int*)CMSG_DATA(h)); diff --git a/network/avahi/patches/avahi-discover-Don-t-decode-unicode-strings-only-bytestri.patch b/network/avahi/patches/avahi-discover-Don-t-decode-unicode-strings-only-bytestri.patch new file mode 100644 index 0000000000000..56a92addfcdda --- /dev/null +++ b/network/avahi/patches/avahi-discover-Don-t-decode-unicode-strings-only-bytestri.patch @@ -0,0 +1,41 @@ +From: Simon McVittie <smcv@debian.org> +Date: Fri, 24 Apr 2020 11:25:41 +0100 +Subject: avahi-discover: Don't decode unicode strings, only bytestrings + +Unicode strings (unicode in Python 2, str or unicode in Python 3) don't +have a decode method; only bytestrings (str or bytes in Python 2, +bytes in Python 3) have that. Decode exactly the strings that need +decoding. + +Resolves: https://github.com/lathiat/avahi/issues/275 +Signed-off-by: Simon McVittie <smcv@debian.org> +Forwarded: https://github.com/lathiat/avahi/pull/282 +--- + avahi-python/avahi-discover/avahi-discover.py | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/avahi-python/avahi-discover/avahi-discover.py b/avahi-python/avahi-discover/avahi-discover.py +index 4a2b575..fddf4a5 100755 +--- a/avahi-python/avahi-discover/avahi-discover.py ++++ b/avahi-python/avahi-discover/avahi-discover.py +@@ -238,15 +238,17 @@ class Main_window: + txts+="<b>" + _("TXT") + " <i>%s</i></b> = %s\n" % (k,v) + else: + txts = "<b>" + _("TXT Data:") + "</b> <i>" + _("empty") + "</i>" +- +- txts = txts.decode("utf-8") ++ ++ if isinstance(txts, bytes): # Python 2 ++ txts = txts.decode("utf-8") + + infos = "<b>" + _("Service Type:") + "</b> %s\n" + infos += "<b>" + _("Service Name:") + "</b> %s\n" + infos += "<b>" + _("Domain Name:") + "</b> %s\n" + infos += "<b>" + _("Interface:") + "</b> %s %s\n" + infos += "<b>" + _("Address:") + "</b> %s/%s:%i\n%s" +- infos = infos.decode("utf-8") ++ if isinstance(infos, bytes): # Python 2 ++ infos = infos.decode("utf-8") + infos = infos % (stype, name, domain, self.siocgifname(interface), self.protoname(protocol), host, address, port, txts.strip()) + self.info_label.set_markup(infos) + diff --git a/network/avahi/patches/avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch b/network/avahi/patches/avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch new file mode 100644 index 0000000000000..d9ba99f4d8ba3 --- /dev/null +++ b/network/avahi/patches/avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch @@ -0,0 +1,29 @@ +From: traffic-millions <60914101+traffic-millions@users.noreply.github.com> +Date: Tue, 3 Mar 2020 11:15:48 +0800 +Subject: avahi_dns_packet_consume_uint32: fix potential undefined behavior + +avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly". + +Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit. + +Closes: #267 +Closes: #268 +Reference: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19304 +Origin: upstream, 0.9, commit:b897ca43ac100d326d118e5877da710eb7f836f9 +--- + avahi-core/dns.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/avahi-core/dns.c b/avahi-core/dns.c +index 7c38f42..d793b76 100644 +--- a/avahi-core/dns.c ++++ b/avahi-core/dns.c +@@ -455,7 +455,7 @@ int avahi_dns_packet_consume_uint32(AvahiDnsPacket *p, uint32_t *ret_v) { + return -1; + + d = (uint8_t*) (AVAHI_DNS_PACKET_DATA(p) + p->rindex); +- *ret_v = (d[0] << 24) | (d[1] << 16) | (d[2] << 8) | d[3]; ++ *ret_v = ((uint32_t)d[0] << 24) | ((uint32_t)d[1] << 16) | ((uint32_t)d[2] << 8) | (uint32_t)d[3]; + p->rindex += sizeof(uint32_t); + + return 0; diff --git a/network/avahi/patches/avoid-infinite-loop-in-avahi-daemon-by-handling-hup-event-in-client-work.patch b/network/avahi/patches/avoid-infinite-loop-in-avahi-daemon-by-handling-hup-event-in-client-work.patch new file mode 100644 index 0000000000000..3e0725a602452 --- /dev/null +++ b/network/avahi/patches/avoid-infinite-loop-in-avahi-daemon-by-handling-hup-event-in-client-work.patch @@ -0,0 +1,37 @@ +From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001 +From: Riccardo Schirone <sirmy15@gmail.com> +Date: Fri, 26 Mar 2021 11:50:24 +0100 +Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in + client_work + +If a client fills the input buffer, client_work() disables the +AVAHI_WATCH_IN event, thus preventing the function from executing the +`read` syscall the next times it is called. However, if the client then +terminates the connection, the socket file descriptor receives a HUP +event, which is not handled, thus the kernel keeps marking the HUP event +as occurring. While iterating over the file descriptors that triggered +an event, the client file descriptor will keep having the HUP event and +the client_work() function is always called with AVAHI_WATCH_HUP but +without nothing being done, thus entering an infinite loop. + +See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 +--- + avahi-daemon/simple-protocol.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c +index 3e0ebb11..6c0274d6 100644 +--- a/avahi-daemon/simple-protocol.c ++++ b/avahi-daemon/simple-protocol.c +@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv + } + } + ++ if (events & AVAHI_WATCH_HUP) { ++ client_free(c); ++ return; ++ } ++ + c->server->poll_api->watch_update( + watch, + (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) | diff --git a/network/avahi/patches/build-db-Use-the-same-database-format-that-the-C-code-exp.patch b/network/avahi/patches/build-db-Use-the-same-database-format-that-the-C-code-exp.patch new file mode 100644 index 0000000000000..3017043d47d0c --- /dev/null +++ b/network/avahi/patches/build-db-Use-the-same-database-format-that-the-C-code-exp.patch @@ -0,0 +1,106 @@ +From: Simon McVittie <smcv@debian.org> +Date: Thu, 7 May 2020 12:13:56 +0100 +Subject: build-db: Use the same database format that the C code expects + +Otherwise, Python 2 anydbm will preferentially choose Berkeley DB format +(dbhash/bsddb), which is neither GNU gdbm nor traditional Unix (n)dbm. + +Signed-off-by: Simon McVittie <smcv@debian.org> +Fixes: https://github.com/lathiat/avahi/issues/260 +--- + configure.ac | 11 ++++++++--- + service-type-database/Makefile.am | 4 ++-- + service-type-database/build-db | 27 +++++++++++++++++++++------ + 3 files changed, 31 insertions(+), 11 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 58db8c7..5aea4e7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -871,9 +871,14 @@ if test "x$HAVE_PYTHON" = "xyes" ; then + fi + + AM_CHECK_PYMOD(socket,,,[AC_MSG_ERROR(Could not find Python module socket)]) +- if test "x$HAVE_GDBM" = "xyes" || test "x$HAVE_DBM" = "xyes"; then +- AM_CHECK_PYMOD(anydbm,,,[ +- AM_CHECK_PYMOD(dbm,,,[AC_MSG_ERROR(Could not find Python module dbm)]) ++ if test "x$HAVE_GDBM" = "xyes"; then ++ AM_CHECK_PYMOD([dbm.gnu], [], [], [ ++ AM_CHECK_PYMOD([gdbm], [], [], [AC_MSG_ERROR(Could not find Python module dbm.gnu or gdbm)]) ++ ]) ++ fi ++ if test "x$HAVE_DBM" = "xyes"; then ++ AM_CHECK_PYMOD([dbm.ndbm], [], [], [ ++ AM_CHECK_PYMOD([dbm], [], [], [AC_MSG_ERROR(Could not find Python module dbm.ndbm or dbm)]) + ]) + fi + fi +diff --git a/service-type-database/Makefile.am b/service-type-database/Makefile.am +index f9fa082..0ead0f6 100644 +--- a/service-type-database/Makefile.am ++++ b/service-type-database/Makefile.am +@@ -28,7 +28,7 @@ noinst_SCRIPTS=build-db + pkglibdata_DATA+=service-types.db + + service-types.db: service-types +- $(AM_V_GEN)$(PYTHON) build-db $< $@.coming && \ ++ $(AM_V_GEN)$(PYTHON) build-db --gnu $< $@.coming && \ + mv $@.coming $@ + + CLEANFILES = service-types.db +@@ -44,7 +44,7 @@ service-types.db.pag: service-types.db + service-types.db.dir: service-types.db + $(AM_V_GEN)mv service-types.db.coming.dir service-types.db.dir + service-types.db: service-types build-db +- $(AM_V_GEN)$(PYTHON) build-db $< $@.coming && \ ++ $(AM_V_GEN)$(PYTHON) build-db --ndbm $< $@.coming && \ + if test -f "$@.coming"; then mv $@.coming $@; fi + + CLEANFILES = service-types.db* +diff --git a/service-type-database/build-db b/service-type-database/build-db +index 78ee892..6415d27 100755 +--- a/service-type-database/build-db ++++ b/service-type-database/build-db +@@ -17,13 +17,28 @@ + # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + # USA. + +-try: +- import anydbm as dbm +-except ImportError: +- import dbm +- + import sys + ++if sys.argv[1] == '--gnu': ++ if sys.version_info >= (3,): ++ import dbm.gnu as chosen_dbm ++ else: ++ import gdbm as chosen_dbm ++ ++ sys.argv[1:] = sys.argv[2:] ++elif sys.argv[1] == '--ndbm': ++ if sys.version_info >= (3,): ++ import dbm.ndbm as chosen_dbm ++ else: ++ import dbm as chosen_dbm ++ ++ sys.argv[1:] = sys.argv[2:] ++else: ++ if sys.version_info >= (3,): ++ import dbm as chosen_dbm ++ else: ++ import anydbm as chosen_dbm ++ + if len(sys.argv) > 1: + infn = sys.argv[1] + else: +@@ -34,7 +49,7 @@ if len(sys.argv) > 2: + else: + outfn = infn + ".db" + +-db = dbm.open(outfn, "n") ++db = chosen_dbm.open(outfn, "n") + + for ln in open(infn, "r"): + ln = ln.strip(" \r\n\t") diff --git a/network/avahi/patches/fix-bytestring-decoding-for-proper-display.patch b/network/avahi/patches/fix-bytestring-decoding-for-proper-display.patch new file mode 100644 index 0000000000000..bfb826db93644 --- /dev/null +++ b/network/avahi/patches/fix-bytestring-decoding-for-proper-display.patch @@ -0,0 +1,28 @@ +From: =?utf-8?q?=C3=89ric_Araujo?= <merwok@netwok.org> +Date: Sat, 29 Feb 2020 19:14:04 -0500 +Subject: fix bytestring decoding for proper display + +--- + avahi-python/avahi-discover/avahi-discover.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/avahi-python/avahi-discover/avahi-discover.py b/avahi-python/avahi-discover/avahi-discover.py +index 0db705d..4a2b575 100755 +--- a/avahi-python/avahi-discover/avahi-discover.py ++++ b/avahi-python/avahi-discover/avahi-discover.py +@@ -238,12 +238,15 @@ class Main_window: + txts+="<b>" + _("TXT") + " <i>%s</i></b> = %s\n" % (k,v) + else: + txts = "<b>" + _("TXT Data:") + "</b> <i>" + _("empty") + "</i>" ++ ++ txts = txts.decode("utf-8") + + infos = "<b>" + _("Service Type:") + "</b> %s\n" + infos += "<b>" + _("Service Name:") + "</b> %s\n" + infos += "<b>" + _("Domain Name:") + "</b> %s\n" + infos += "<b>" + _("Interface:") + "</b> %s %s\n" + infos += "<b>" + _("Address:") + "</b> %s/%s:%i\n%s" ++ infos = infos.decode("utf-8") + infos = infos % (stype, name, domain, self.siocgifname(interface), self.protoname(protocol), host, address, port, txts.strip()) + self.info_label.set_markup(infos) + diff --git a/network/avahi/fixup_avahi-dnsconfd.action.patch b/network/avahi/patches/fixup_avahi-dnsconfd.action.patch index 88f9b5f807701..88f9b5f807701 100644 --- a/network/avahi/fixup_avahi-dnsconfd.action.patch +++ b/network/avahi/patches/fixup_avahi-dnsconfd.action.patch diff --git a/network/avahi/ipv6_race_condition_fix.patch b/network/avahi/patches/ipv6_race_condition_fix.patch index 3418b1a11c4bf..3418b1a11c4bf 100644 --- a/network/avahi/ipv6_race_condition_fix.patch +++ b/network/avahi/patches/ipv6_race_condition_fix.patch diff --git a/network/avahi/patches/man-add-missing-bshell.1-symlink.patch b/network/avahi/patches/man-add-missing-bshell.1-symlink.patch new file mode 100644 index 0000000000000..1bcbbb13e241c --- /dev/null +++ b/network/avahi/patches/man-add-missing-bshell.1-symlink.patch @@ -0,0 +1,33 @@ +From: Michael Biebl <biebl@debian.org> +Date: Sun, 17 Sep 2017 12:52:39 +0200 +Subject: man: add missing bshell.1 symlink + +The bshell binary is missing a symlink to its manual page. It should be +symlinked to the man page for bssh, just like how the bvnc man page is. + +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655190 +Forwarded: https://github.com/lathiat/avahi/pull/148 +Applied-upstream: 0.9, commit:f983df44870b602179b493f9c3d113753b378e27 +--- + man/Makefile.am | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/man/Makefile.am b/man/Makefile.am +index d38267c..77a27bd 100644 +--- a/man/Makefile.am ++++ b/man/Makefile.am +@@ -137,12 +137,13 @@ BSSH_LN = + if HAVE_GTK + if HAVE_GLIB + BSSH_LN += $(LN_S) bssh.1 bvnc.1 && ++BSSH_LN += $(LN_S) bssh.1 bshell.1 && + endif + endif + install-exec-local: + mkdir -p $(DESTDIR)/$(mandir)/man1 && \ + cd $(DESTDIR)/$(mandir)/man1 && \ +- rm -f avahi-resolve-host-name.1 avahi-resolve-address.1 avahi-browse-domains.1 avahi-publish-address.1 avahi-publish-service.1 bvnc.1 && \ ++ rm -f avahi-resolve-host-name.1 avahi-resolve-address.1 avahi-browse-domains.1 avahi-publish-address.1 avahi-publish-service.1 bvnc.1 bshell.1 && \ + $(BSSH_LN) \ + $(LN_S) avahi-resolve.1 avahi-resolve-host-name.1 && \ + $(LN_S) avahi-resolve.1 avahi-resolve-address.1 && \ diff --git a/network/avahi/patches/man-fix-reference-to-avahi-autoipd.action-8-in-avahi-auto.patch b/network/avahi/patches/man-fix-reference-to-avahi-autoipd.action-8-in-avahi-auto.patch new file mode 100644 index 0000000000000..94d8d9517a7ff --- /dev/null +++ b/network/avahi/patches/man-fix-reference-to-avahi-autoipd.action-8-in-avahi-auto.patch @@ -0,0 +1,24 @@ +From: Michael Biebl <biebl@debian.org> +Date: Sun, 17 Sep 2017 10:57:47 +0200 +Subject: man: fix reference to avahi-autoipd.action(8) in avahi-autoipd(8) + +Forwarded: https://github.com/lathiat/avahi/pull/147 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840833 +Applied-upstream: 0.9, commit:1905a6b878064c6cc9bb96a1fc17ef77c75787c6 +--- + man/avahi-autoipd.8.xml.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/avahi-autoipd.8.xml.in b/man/avahi-autoipd.8.xml.in +index 7137c30..23764a5 100644 +--- a/man/avahi-autoipd.8.xml.in ++++ b/man/avahi-autoipd.8.xml.in +@@ -150,7 +150,7 @@ + + <section name="See also"> + <p> +- <manref name="autoipd.action" section="8"/>, <manref name="dhclient" section="8"/> ++ <manref name="avahi-autoipd.action" section="8"/>, <manref name="dhclient" section="8"/> + </p> + + <p>http://avahi.org/wiki/AvahiAutoipd documents how avahi-autoipd is best packaged and integrated into distributions.</p> diff --git a/network/avahi/patches/series b/network/avahi/patches/series new file mode 100644 index 0000000000000..1246744108ddb --- /dev/null +++ b/network/avahi/patches/series @@ -0,0 +1,13 @@ +avahi-dnsconfd.service-Drop-Also-avahi-daemon.socket.patch +man-fix-reference-to-avahi-autoipd.action-8-in-avahi-auto.patch +man-add-missing-bshell.1-symlink.patch +Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK3.patch +avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch +fix-bytestring-decoding-for-proper-display.patch +avahi-discover-Don-t-decode-unicode-strings-only-bytestri.patch +Fetch-build-db-from-upstream-git.patch +build-db-Use-the-same-database-format-that-the-C-code-exp.patch +avahi-daemon-chroot-fix-bogus-assignments-in-assertions.patch +avahi-client-fix-resource-leak.patch +avoid-infinite-loop-in-avahi-daemon-by-handling-hup-event-in-client-work.patch +CVE-2021-3502.patch |