<feed xmlns='http://www.w3.org/2005/Atom'>
<title>src/usr.sbin/rpcbind, branch releng/10.3</title>
<subtitle>FreeBSD source tree</subtitle>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/'/>
<entry>
<title>Fix a regression with SA-15:24 patch that prevented NIS from</title>
<updated>2015-10-02T16:36:16+00:00</updated>
<author>
<name>Xin LI</name>
<email>delphij@FreeBSD.org</email>
</author>
<published>2015-10-02T16:36:16+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=c9438374736e6bc4d7025eb695b654340a035636'/>
<id>c9438374736e6bc4d7025eb695b654340a035636</id>
<content type='text'>
working.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
working.
</pre>
</div>
</content>
</entry>
<entry>
<title>The Sun RPC framework uses a netbuf structure to represent the</title>
<updated>2015-09-29T18:06:27+00:00</updated>
<author>
<name>Xin LI</name>
<email>delphij@FreeBSD.org</email>
</author>
<published>2015-09-29T18:06:27+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=91646b2025eaf71b17bc8e0e02fcf3f00d6a4f2e'/>
<id>91646b2025eaf71b17bc8e0e02fcf3f00d6a4f2e</id>
<content type='text'>
transport specific form of a universal transport address.  The
structure is expected to be opaque to consumers.  In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.

In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer.  When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.

Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.

Security:	FreeBSD-SA-15:24.rpcbind
Security:	CVE-2015-7236
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
transport specific form of a universal transport address.  The
structure is expected to be opaque to consumers.  In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.

In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer.  When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.

Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.

Security:	FreeBSD-SA-15:24.rpcbind
Security:	CVE-2015-7236
</pre>
</div>
</content>
</entry>
<entry>
<title>Fix socket calls on error post-r243965.</title>
<updated>2012-12-21T15:54:13+00:00</updated>
<author>
<name>Kevin Lo</name>
<email>kevlo@FreeBSD.org</email>
</author>
<published>2012-12-21T15:54:13+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=a5752d55e0073d71bf3c192bbfab6363960483b5'/>
<id>a5752d55e0073d71bf3c192bbfab6363960483b5</id>
<content type='text'>
Submitted by:	Garrett Cooper
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Submitted by:	Garrett Cooper
</pre>
</div>
</content>
</entry>
<entry>
<title>Fill sin6_scope_id in sockaddr_in6 before passing it from the kernel to</title>
<updated>2012-11-17T20:19:00+00:00</updated>
<author>
<name>Hiroki Sato</name>
<email>hrs@FreeBSD.org</email>
</author>
<published>2012-11-17T20:19:00+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=6bbfef9004933269885320ddda982238a99b3ecf'/>
<id>6bbfef9004933269885320ddda982238a99b3ecf</id>
<content type='text'>
userland via routing socket or sysctl.  This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:

 sin6.sin6_scope_id = ntohs(*(u_int16_t *)&amp;sin6.sin6_addr.s6_addr[2]);

This behavior can be controlled by net.inet6.ip6.deembed_scopeid.  This is
set to 1 by default (sin6_scope_id will be filled in the kernel).

Reviewed by:	bz
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
userland via routing socket or sysctl.  This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:

 sin6.sin6_scope_id = ntohs(*(u_int16_t *)&amp;sin6.sin6_addr.s6_addr[2]);

This behavior can be controlled by net.inet6.ip6.deembed_scopeid.  This is
set to 1 by default (sin6_scope_id will be filled in the kernel).

Reviewed by:	bz
</pre>
</div>
</content>
</entry>
<entry>
<title>Spelling fixes for usr.sbin/</title>
<updated>2011-12-30T10:58:14+00:00</updated>
<author>
<name>Ulrich Spörlein</name>
<email>uqs@FreeBSD.org</email>
</author>
<published>2011-12-30T10:58:14+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=3df5ecac8c5e0a9105ba0e783bd9e7077df944e7'/>
<id>3df5ecac8c5e0a9105ba0e783bd9e7077df944e7</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>Use prototype.  While I'm there, add a pair of parenthesis to mark an if</title>
<updated>2011-07-14T07:28:49+00:00</updated>
<author>
<name>Xin LI</name>
<email>delphij@FreeBSD.org</email>
</author>
<published>2011-07-14T07:28:49+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=07de1c52db553e50adfefcd2dbe8ce6a8894b622'/>
<id>07de1c52db553e50adfefcd2dbe8ce6a8894b622</id>
<content type='text'>
statment's border.

MFC after:	1 month
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
statment's border.

MFC after:	1 month
</pre>
</div>
</content>
</entry>
<entry>
<title>Fix typos - remove duplicate "the".</title>
<updated>2011-02-21T09:01:34+00:00</updated>
<author>
<name>Rebecca Cran</name>
<email>brucec@FreeBSD.org</email>
</author>
<published>2011-02-21T09:01:34+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=6bccea7c2bb77cbcbe9f019c664ddf4bf4ff8410'/>
<id>6bccea7c2bb77cbcbe9f019c664ddf4bf4ff8410</id>
<content type='text'>
PR:	bin/154928
Submitted by:	Eitan Adler &lt;lists at eitanadler.com&gt;
MFC after: 	3 days
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
PR:	bin/154928
Submitted by:	Eitan Adler &lt;lists at eitanadler.com&gt;
MFC after: 	3 days
</pre>
</div>
</content>
</entry>
<entry>
<title>Revert bogus change that snuck into r203972.</title>
<updated>2010-02-17T06:11:05+00:00</updated>
<author>
<name>Warner Losh</name>
<email>imp@FreeBSD.org</email>
</author>
<published>2010-02-17T06:11:05+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=f77a51d7a816e0ec11293265b705c79a03f6b740'/>
<id>f77a51d7a816e0ec11293265b705c79a03f6b740</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>The NetBSD Foundation has given permission to remove clause 3 and 4</title>
<updated>2010-02-16T21:47:05+00:00</updated>
<author>
<name>Warner Losh</name>
<email>imp@FreeBSD.org</email>
</author>
<published>2010-02-16T21:47:05+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=08ab090881d78be3eac0fda63c7cd4683cf8c7a6'/>
<id>08ab090881d78be3eac0fda63c7cd4683cf8c7a6</id>
<content type='text'>
from their liceense.

Obtained from:	NetBSD
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
from their liceense.

Obtained from:	NetBSD
</pre>
</div>
</content>
</entry>
<entry>
<title>When you have multiple addresses on the same network on different</title>
<updated>2010-02-09T18:10:56+00:00</updated>
<author>
<name>Warner Losh</name>
<email>imp@FreeBSD.org</email>
</author>
<published>2010-02-09T18:10:56+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=923dd9a7a7ce3691524b3cbfab541df4c326a8e8'/>
<id>923dd9a7a7ce3691524b3cbfab541df4c326a8e8</id>
<content type='text'>
interfaces (such as when you are part of a carp pool), and you run
rpcbind -h to restrict which interfaces have rpc services, rpcbind can
none-the-less return addresses that aren't in the -h list.  This patch
enforces the rule that when you specify -h on the command line, then
services returned from rpcbind must be to one of the addresses listed
in -h, or be a loopback address (since localhost is implicit when
running -h).

The root cause of this is the assumption in addrmerge that there can
be only one interface that matches a given network IP address.  This
turns out not to be the case.  To retain historical behavior, I didn't
try to fix the routine to prefer the address that the request came
into, since I didn't know the side effects that might cause in the
normal case.  My quick analysis suggests that it wouldn't be a
problem, but since this code is tricky I opted for the more
conservative patch of only restricting the reply when -h is in effect.

Hence, this change will have no effect when you are running rpcbind
without -h.

Reviewed by:	alfred@
Sponsored by:	iX Systems
MFC after:	2 weeks
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
interfaces (such as when you are part of a carp pool), and you run
rpcbind -h to restrict which interfaces have rpc services, rpcbind can
none-the-less return addresses that aren't in the -h list.  This patch
enforces the rule that when you specify -h on the command line, then
services returned from rpcbind must be to one of the addresses listed
in -h, or be a loopback address (since localhost is implicit when
running -h).

The root cause of this is the assumption in addrmerge that there can
be only one interface that matches a given network IP address.  This
turns out not to be the case.  To retain historical behavior, I didn't
try to fix the routine to prefer the address that the request came
into, since I didn't know the side effects that might cause in the
normal case.  My quick analysis suggests that it wouldn't be a
problem, but since this code is tricky I opted for the more
conservative patch of only restricting the reply when -h is in effect.

Hence, this change will have no effect when you are running rpcbind
without -h.

Reviewed by:	alfred@
Sponsored by:	iX Systems
MFC after:	2 weeks
</pre>
</div>
</content>
</entry>
</feed>
