diff options
Diffstat (limited to 'meta/recipes-extended/xinetd/xinetd')
6 files changed, 1 insertions, 324 deletions
diff --git a/meta/recipes-extended/xinetd/xinetd/Disable-services-from-inetd.conf-if-a-service-with-t.patch b/meta/recipes-extended/xinetd/xinetd/Disable-services-from-inetd.conf-if-a-service-with-t.patch deleted file mode 100644 index cd6e6c1078..0000000000 --- a/meta/recipes-extended/xinetd/xinetd/Disable-services-from-inetd.conf-if-a-service-with-t.patch +++ /dev/null @@ -1,86 +0,0 @@ -Upstream-Status: Pending [from other distro Debian] - -From d588b6530e1382a624898b3f4307f636c72c80a9 Mon Sep 17 00:00:00 2001 -From: Pierre Habouzit <madcoder@debian.org> -Date: Wed, 28 Nov 2007 10:13:08 +0100 -Subject: [PATCH] Disable services from inetd.conf if a service with the same id exists. - - This way, if a service is enabled in /etc/xinetd* _and_ in -/etc/inetd.conf, the one (even if disabled) from /etc/xinetd* takes -precedence. - -Signed-off-by: Pierre Habouzit <madcoder@debian.org> ---- - xinetd/inet.c | 22 +++++++++++++++++++--- - 1 files changed, 19 insertions(+), 3 deletions(-) - -diff --git a/xinetd/inet.c b/xinetd/inet.c -index 1cb2ba2..8caab45 100644 ---- a/xinetd/inet.c -+++ b/xinetd/inet.c -@@ -23,6 +23,8 @@ - #include "parsesup.h" - #include "nvlists.h" - -+static psi_h iter ; -+ - static int get_next_inet_entry( int fd, pset_h sconfs, - struct service_config *defaults); - -@@ -32,12 +34,15 @@ void parse_inet_conf_file( int fd, struct configuration *confp ) - struct service_config *default_config = CNF_DEFAULTS( confp ); - - line_count = 0; -+ iter = psi_create (sconfs); - - for( ;; ) - { - if (get_next_inet_entry(fd, sconfs, default_config) == -2) - break; - } -+ -+ psi_destroy(iter); - } - - static int get_next_inet_entry( int fd, pset_h sconfs, -@@ -46,7 +51,7 @@ static int get_next_inet_entry( int fd, pset_h sconfs, - char *p; - str_h strp; - char *line = next_line(fd); -- struct service_config *scp; -+ struct service_config *scp, *tmp; - unsigned u, i; - const char *func = "get_next_inet_entry"; - char *name = NULL, *rpcvers = NULL, *rpcproto = NULL; -@@ -405,7 +410,16 @@ static int get_next_inet_entry( int fd, pset_h sconfs, - SC_SPECIFY( scp, A_SOCKET_TYPE ); - SC_SPECIFY( scp, A_WAIT ); - -- if( ! pset_add(sconfs, scp) ) -+ for ( tmp = SCP( psi_start( iter ) ) ; tmp ; tmp = SCP( psi_next(iter)) ){ -+ if (EQ(SC_ID(scp), SC_ID(tmp))) { -+ parsemsg(LOG_DEBUG, func, "removing duplicate service %s", SC_NAME(scp)); -+ sc_free(scp); -+ scp = NULL; -+ break; -+ } -+ } -+ -+ if( scp && ! pset_add(sconfs, scp) ) - { - out_of_memory( func ); - pset_destroy(args); -@@ -414,7 +428,9 @@ static int get_next_inet_entry( int fd, pset_h sconfs, - } - - pset_destroy(args); -- parsemsg( LOG_DEBUG, func, "added service %s", SC_NAME(scp)); -+ if (scp) { -+ parsemsg( LOG_DEBUG, func, "added service %s", SC_NAME(scp)); -+ } - return 0; - } - --- -1.5.3.6.2040.g15e6 - diff --git a/meta/recipes-extended/xinetd/xinetd/Various-fixes-from-the-previous-maintainer.patch b/meta/recipes-extended/xinetd/xinetd/Various-fixes-from-the-previous-maintainer.patch deleted file mode 100644 index 8e59cdcaae..0000000000 --- a/meta/recipes-extended/xinetd/xinetd/Various-fixes-from-the-previous-maintainer.patch +++ /dev/null @@ -1,79 +0,0 @@ -Upstream-Status: Pending [from other distro Debian] - -From a3410b0bc81ab03a889d9ffc14e351badf8372f1 Mon Sep 17 00:00:00 2001 -From: Pierre Habouzit <madcoder@debian.org> -Date: Mon, 26 Nov 2007 16:02:04 +0100 -Subject: [PATCH] Various fixes from the previous maintainer. - ---- - xinetd/child.c | 20 +++++++++++++++++--- - xinetd/service.c | 8 ++++---- - 2 files changed, 21 insertions(+), 7 deletions(-) - -diff --git a/xinetd/child.c b/xinetd/child.c -index 89ee54c..48e9615 100644 ---- a/xinetd/child.c -+++ b/xinetd/child.c -@@ -284,6 +284,7 @@ void child_process( struct server *serp ) - connection_s *cp = SERVER_CONNECTION( serp ) ; - struct service_config *scp = SVC_CONF( sp ) ; - const char *func = "child_process" ; -+ int fd, null_fd; - - signal_default_state(); - -@@ -296,9 +297,22 @@ void child_process( struct server *serp ) - signals_pending[0] = -1; - signals_pending[1] = -1; - -- Sclose(0); -- Sclose(1); -- Sclose(2); -+ if ( ( null_fd = open( "/dev/null", O_RDONLY ) ) == -1 ) -+ { -+ msg( LOG_ERR, func, "open('/dev/null') failed: %m") ; -+ _exit( 1 ) ; -+ } -+ -+ for ( fd = 0 ; fd <= MAX_PASS_FD ; fd++ ) -+ { -+ if ( fd != null_fd && dup2( null_fd, fd ) == -1 ) -+ { -+ msg( LOG_ERR, func, "dup2(%d, %d) failed: %m") ; -+ _exit( 1 ) ; -+ } -+ } -+ if ( null_fd > MAX_PASS_FD ) -+ (void) Sclose( null_fd ) ; - - - #ifdef DEBUG_SERVER -diff --git a/xinetd/service.c b/xinetd/service.c -index 3d68d78..0132d6c 100644 ---- a/xinetd/service.c -+++ b/xinetd/service.c -@@ -745,8 +745,8 @@ static status_e failed_service(struct service *sp, - return FAILED; - - if ( last == NULL ) { -- last = SAIN( calloc( 1, sizeof(union xsockaddr) ) ); -- SVC_LAST_DGRAM_ADDR(sp) = (union xsockaddr *)last; -+ SVC_LAST_DGRAM_ADDR(sp) = SAIN( calloc( 1, sizeof(union xsockaddr) ) ); -+ last = SAIN( SVC_LAST_DGRAM_ADDR(sp) ); - } - - (void) time( ¤t_time ) ; -@@ -772,8 +772,8 @@ static status_e failed_service(struct service *sp, - return FAILED; - - if( last == NULL ) { -- last = SAIN6(calloc( 1, sizeof(union xsockaddr) ) ); -- SVC_LAST_DGRAM_ADDR( sp ) = (union xsockaddr *)last; -+ SVC_LAST_DGRAM_ADDR(sp) = SAIN6(calloc( 1, sizeof(union xsockaddr) ) ); -+ last = SAIN6(SVC_LAST_DGRAM_ADDR(sp)); - } - - (void) time( ¤t_time ) ; --- -1.5.3.6.2040.g15e6 - diff --git a/meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch b/meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch deleted file mode 100644 index 0542dbe835..0000000000 --- a/meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch +++ /dev/null @@ -1,32 +0,0 @@ -xinetd: CVE-2013-4342 - -xinetd does not enforce the user and group configuration directives -for TCPMUX services, which causes these services to be run as root -and makes it easier for remote attackers to gain privileges by -leveraging another vulnerability in a service. -http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342 - -the patch come from: -https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff - -Signed-off-by: Li Wang <li.wang@windriver.com> ---- - xinetd/builtins.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xinetd/builtins.c b/xinetd/builtins.c -index 3b85579..34a5bac 100644 ---- a/xinetd/builtins.c -+++ b/xinetd/builtins.c -@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) - if( SC_IS_INTERNAL( scp ) ) { - SC_INTERNAL(scp, nserp); - } else { -- exec_server(nserp); -+ child_process(nserp); - } - } - --- -1.7.9.5 - diff --git a/meta/recipes-extended/xinetd/xinetd/xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch b/meta/recipes-extended/xinetd/xinetd/xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch deleted file mode 100644 index 2365ca123b..0000000000 --- a/meta/recipes-extended/xinetd/xinetd/xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch +++ /dev/null @@ -1,112 +0,0 @@ -Upstream-Status: Pending [from other distro Debian] - -From f44b218ccc779ab3f4aed072390ccf129d94b58d Mon Sep 17 00:00:00 2001 -From: David Madore <david@pleiades.stars> -Date: Mon, 24 Mar 2008 12:45:36 +0100 -Subject: [PATCH] xinetd should be able to listen on IPv6 even in -inetd_compat mode - -xinetd does not bind to IPv6 addresses (and does not seem to have an -option to do so) when used in -inetd_compat mode. As current inetd's -are IPv6-aware, this is a problem: this means xinetd cannot be used as -a drop-in inetd replacement. - -The attached patch is a suggestion: it adds a -inetd_ipv6 global -option that, if used, causes inetd-compatibility lines to have an -implicit "IPv6" option. Perhaps this is not the best solution, but -there should definitely be a way to get inetd.conf to be read in -IPv6-aware mode. ---- - xinetd/confparse.c | 1 + - xinetd/inet.c | 17 +++++++++++++++++ - xinetd/options.c | 3 +++ - xinetd/xinetd.man | 6 ++++++ - 4 files changed, 27 insertions(+), 0 deletions(-) - -diff --git a/xinetd/confparse.c b/xinetd/confparse.c -index db9f431..d7b0bcc 100644 ---- a/xinetd/confparse.c -+++ b/xinetd/confparse.c -@@ -40,6 +40,7 @@ - #include "inet.h" - #include "main.h" - -+extern int inetd_ipv6; - extern int inetd_compat; - - /* -diff --git a/xinetd/inet.c b/xinetd/inet.c -index 8caab45..2e617ae 100644 ---- a/xinetd/inet.c -+++ b/xinetd/inet.c -@@ -25,6 +25,8 @@ - - static psi_h iter ; - -+extern int inetd_ipv6; -+ - static int get_next_inet_entry( int fd, pset_h sconfs, - struct service_config *defaults); - -@@ -360,6 +362,21 @@ static int get_next_inet_entry( int fd, pset_h sconfs, - } - SC_SERVER_ARGV(scp)[u] = p; - } -+ -+ /* Set the IPv6 flag if we were passed the -inetd_ipv6 option */ -+ if ( inetd_ipv6 ) -+ { -+ nvp = nv_find_value( service_flags, "IPv6" ); -+ if ( nvp == NULL ) -+ { -+ parsemsg( LOG_WARNING, func, "inetd.conf - Bad foo %s", name ) ; -+ pset_destroy(args); -+ sc_free(scp); -+ return -1; -+ } -+ M_SET(SC_XFLAGS(scp), nvp->value); -+ } -+ - /* Set the reuse flag, as this is the default for inetd */ - nvp = nv_find_value( service_flags, "REUSE" ); - if ( nvp == NULL ) -diff --git a/xinetd/options.c b/xinetd/options.c -index b058b6a..dc2f3a0 100644 ---- a/xinetd/options.c -+++ b/xinetd/options.c -@@ -30,6 +30,7 @@ int logprocs_option ; - unsigned logprocs_option_arg ; - int stayalive_option=0; - char *program_name ; -+int inetd_ipv6 = 0 ; - int inetd_compat = 0 ; - int dont_fork = 0; - -@@ -128,6 +129,8 @@ int opt_recognize( int argc, char *argv[] ) - fprintf(stderr, "\n"); - exit(0); - } -+ else if ( strcmp ( &argv[ arg ][ 1 ], "inetd_ipv6" ) == 0 ) -+ inetd_ipv6 = 1; - else if ( strcmp ( &argv[ arg ][ 1 ], "inetd_compat" ) == 0 ) - inetd_compat = 1; - } -diff --git a/xinetd/xinetd.man b/xinetd/xinetd.man -index c76c3c6..c9dd803 100644 ---- a/xinetd/xinetd.man -+++ b/xinetd/xinetd.man -@@ -106,6 +106,12 @@ This option causes xinetd to read /etc/inetd.conf in addition to the - standard xinetd config files. /etc/inetd.conf is read after the - standard xinetd config files. - .TP -+.BI \-inetd_ipv6 -+This option causes xinetd to bind to IPv6 (AF_INET6) addresses for -+inetd compatibility lines (see previous option). This only affects -+how /etc/inetd.conf is interpreted and thus only has any effect if -+the \-inetd_compat option is also used. -+.TP - .BI \-cc " interval" - This option instructs - .B xinetd --- -1.5.5.rc0.127.gb4337 - diff --git a/meta/recipes-extended/xinetd/xinetd/xinetd.conf b/meta/recipes-extended/xinetd/xinetd/xinetd.conf deleted file mode 100644 index 9e6ea2577e..0000000000 --- a/meta/recipes-extended/xinetd/xinetd/xinetd.conf +++ /dev/null @@ -1,11 +0,0 @@ -# Simple configuration file for xinetd -# -# Some defaults, and include /etc/xinetd.d/ - -defaults -{ - - -} - -includedir /etc/xinetd.d diff --git a/meta/recipes-extended/xinetd/xinetd/xinetd.service b/meta/recipes-extended/xinetd/xinetd/xinetd.service index d5fdc5bc29..6da92f2bf5 100644 --- a/meta/recipes-extended/xinetd/xinetd/xinetd.service +++ b/meta/recipes-extended/xinetd/xinetd/xinetd.service @@ -3,11 +3,8 @@ Description=Xinetd A Powerful Replacement For Inetd After=syslog.target network.target [Service] -Type=forking -PIDFile=/var/run/xinetd.pid EnvironmentFile=-/etc/sysconfig/xinetd -ExecStart=@SBINDIR@/xinetd -stayalive -pidfile /var/run/xinetd.pid "$EXTRAOPTIONS" -ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID +ExecStart=@SBINDIR@/xinetd -dontfork "$EXTRAOPTIONS" [Install] WantedBy=multi-user.target |