Commit Graph

619 Commits

Author SHA1 Message Date
Adhemerval Zanella Netto
01c0a0405c nscd: Use 64 bit time_t on libc nscd routines (BZ# 29402)
Although the nscd module is built with 64 bit time_t, the routines
linked direct to libc.so need to use the internal symbols.
Reviewed-by: DJ Delorie <dj@redhat.com>

(cherry picked from commit fa4a192778)
2022-12-28 17:25:18 -03:00
Siddhesh Poyarekar
e3976287b2 nscd: Drop local address tuple variable [BZ #29607]
When a request needs to be resent (e.g. due to insufficient buffer
space), the references to subsequent tuples in the local variable are
stale and should not be used.  This used to work by accident before, but
since 1d495912a it no longer does.  Instead of trying to reset it, just
let gethostbyname4_r write into TUMPBUF6 for us, thus maintaining a
consistent state at all times.  This is now consistent with what is done
in gaih_inet for getaddrinfo.

Resolves: BZ #29607
Reported-by: Holger Hoffstätte <holger@applied-asynchrony.com>
Tested-by: Holger Hoffstätte <holger@applied-asynchrony.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 6e33e5c4b7)
2022-10-07 16:21:12 +02:00
Fabian Vogt
2b3d020055 nscd: Fix netlink cache invalidation if epoll is used [BZ #29415]
Processes cache network interface information such as whether IPv4 or IPv6
are enabled. This is only checked again if the "netlink timestamp" provided
by nscd changed, which is triggered by netlink socket activity.

However, in the epoll handler for the netlink socket, it was missed to
assign the new timestamp to the nscd database. The handler for plain poll
did that properly, copy that over.

This bug caused that e.g. processes which started before network
configuration got unusuable addresses from getaddrinfo, like IPv6 only even
though only IPv4 is available:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1041

It's a bit hard to reproduce, so I verified this by checking the timestamp
on calls to __check_pf manually. Without this patch it's stuck at 1, now
it's increasing on network changes as expected.

Signed-off-by: Fabian Vogt <fvogt@suse.de>
(cherry picked from commit 02ca25fef2)
2022-09-06 17:17:35 +02:00
Adhemerval Zanella
52a5fe70a2 Use 64 bit time_t stat internally
For the legacy ABI with supports 32-bit time_t it calls the 64-bit
time directly, since the LFS symbols calls the 64-bit time_t ones
internally.

Checked on i686-linux-gnu and x86_64-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2021-06-22 12:09:52 -03:00
DJ Delorie
9b456c5da9 nss: fix nss_database_lookup2's alternate handling [BZ #27416]
__nss_database_lookup2's extra arguments were left unused in the
nsswitch reloading patch set; this broke compat (default config
ignored) and shadow files (secondary name ignored) which relies on
these fallbacks.

This patch adds in the previous behavior by correcting the
initialization of the database list to reflect the fallbacks.  This
means that the nss_database_lookup2 interface no longer needs to be
passed the fallback info, so API and callers were adjusted.

Since all callers needed to be edited anyway, the calls were changed
from __nss_database_lookup2 to the faster __nss_database_get.  This
was an intended optimization which was deferred during the initial
lookup changes to avoid touching so many files.

The test case verifies that compat targets work (passwd) and that the
default configuration works (group).  Tested on x86-64.
2021-03-09 14:34:50 -05:00
DJ Delorie
dca565886b nscd: Fix double free in netgroupcache [BZ #27462]
In commit 745664bd79 a use-after-free
was fixed, but this led to an occasional double-free.  This patch
tracks the "live" allocation better.

Tested manually by a third party.

Related: RHBZ 1927877

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-03-02 12:32:18 -05:00
Paul Eggert
9fcdec7386 Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2021.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus csu/version.c which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a small change to the copyright notice
in NEWS which should let NEWS get updated automatically next year.

Please remember to include 2021 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2021-01-02 12:17:34 -08:00
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
DJ Delorie
f4f3b09111 nsswitch: use new internal API (callers)
Stitch new ABI and types throughout all NSS callers.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-12-04 17:16:32 -05:00
Adhemerval Zanella
8ed005daf0 Remove stat wrapper functions, move them to exported symbols
This patch removes the stat, stat64, lstat, lstat64, fstat, fstat64,
fstatat, and fstatat64 static wrapper and add the symbol on the libc
with the expected names.

Both the prototypes of the internal symbol linked by the static
wrappers and the inline redirectors are also removed from the installed
sys/stat.h header file.  The wrapper implementation license LGPL
exception is also removed since it is no longer statically linked to
binaries.

Internally the _STAT_VER* definitions are moved to a arch-specific
xstatver.h file.  The internal defines that redirects internals
{f}stat{at} to their {f}xstat{at} counterparts are removed for Linux
(!NO_RTLD_HIDDEN).  Hurd still requires them since {f}stat{at} pulls
extra objects that makes the loader build fail otherwise (I haven't
dig into why exactly).

Checked with a build for all affected ABIs. I also checked on x86_64,
i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-10-09 17:02:06 -03:00
Andreas Schwab
5e74e6f858 nscd: bump GC cycle during cache pruning (bug 26130)
While nscd prunes a cache it becomes inconsistent temporarily, which is
visible to clients if that cache is shared.  Bump the GC cycle counter so
that the clients notice the modification window.

Uniformly use atomic_fetch_add to modify the GC cycle counter.
2020-09-17 17:59:11 +02:00
Adhemerval Zanella
04986243d1 Remove internal usage of extensible stat functions
It replaces the internal usage of __{f,l}xstat{at}{64} with the
__{f,l}stat{at}{64}.  It should not change the generate code since
sys/stat.h explicit defines redirections to internal calls back to
xstat* symbols.

Checked with a build for all affected ABIs.  I also check on
x86_64-linux-gnu and i686-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-09-11 14:35:32 -03:00
Arjun Shankar
04726be814 Disable warnings due to deprecated libselinux symbols used by nss and nscd
The SELinux API deprecated several symbols in its 3.1 release, including
security_context_t, matchpathcon, avc_init, and sidput, which are used in
makedb and nscd.  While the usage of these should eventually be replaced by
newer interfaces, this commit disables GCC warnings due to the use of the
above symbols.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2020-07-23 12:20:38 +02:00
Petr Vorel
ae7a94e5e3 Remove --enable-obsolete-nsl configure flag
this means that *always* libnsl is only built as shared library for
backward compatibility and the NSS modules libnss_nis and libnss_nisplus
are not built at all, libnsl's headers aren't installed.

This compatibility is kept only for architectures and ABIs that have
been added in or before version 2.28.

Replacement implementations based on TIRPC, which additionally support
IPv6, are available from <https://github.com/thkukuk/>.

This change does not affect libnss_compat which does not depended
on libnsl since 2.27 and thus can be used without NIS.

libnsl code depends on Sun RPC, e.g. on --enable-obsolete-rpc (installed
libnsl headers use installed Sun RPC headers), which will be removed in
the following commit.
2020-07-08 17:25:57 +02:00
Lukasz Majewski
481d01fa2b y2038: nscd: Modify nscd_helper to use __clock_gettime64
The nscd/nscd_helper.c uses __clock_gettime to get current time and on this
basis calculate the relative timeout for poll.
By using __clock_gettime64 on systems with __WORDSIZE == 32 && __TIMESIZE != 64
the timeout is correctly calculated after time_t overflow.
2020-05-05 18:45:14 +02:00
DJ Delorie
cbd1569904 nscd/cachedumper.c : fix whitespace 2020-03-17 14:03:43 -04:00
DJ Delorie
28b4928b1b Fix nscd/cachedumper.c compile errors 2020-03-16 02:13:36 -04:00
DJ Delorie
dcf46d3fe5 nscd: add cache dumper 2020-03-13 16:43:19 -04:00
Florian Weimer
499a92df8b nss: Add function types and NSS_DECLARE_MODULE_FUNCTIONS macro to <nss.h>
This macro allows to add type safety to the implementation of NSS
service modules.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-02-13 09:14:40 +01:00
Joseph Myers
5f72f9800b Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2020.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus libc.texinfo which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a fix to
sysdeps/unix/sysv/linux/powerpc/bits/termios-c_lflag.h where a typo in
the copyright notice meant it failed to be updated automatically.

Please remember to include 2020 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2020-01-01 00:21:22 +00:00
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
Adhemerval Zanella
f9a7554009 Change most internal uses of time to __clock_gettime.
As for gettimeofday, time will be implemented based on clock_gettime
on all platforms and internal code should use clock_gettime
directly.  In addition to removing a layer of indirection, this will
allow us to remove the PLT-bypass gunk for gettimeofday.

The changed code always assumes __clock_gettime (CLOCK_REALTIME)
or __clock_gettime (CLOCK_REALTIME_COARSE) (for Linux case) cannot
fail, using the same rationale for gettimeofday change.  And internal
helper was added (time_now).

Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, and powerpc-linux-gnu.

Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-10-30 17:11:10 -03:00
Zack Weinberg
4a39c34c4f Change most internal uses of __gettimeofday to __clock_gettime.
Since gettimeofday will shortly be implemented in terms of
clock_gettime on all platforms, internal code should use clock_gettime
directly; in addition to removing a layer of indirection, this will
allow us to remove the PLT-bypass gunk for gettimeofday.  (We can't
quite do that yet, but it'll be coming later in this patch series.)
In many cases, the changed code does fewer conversions.

The changed code always assumes __clock_gettime (CLOCK_REALTIME)
cannot fail.  Most of the call sites were assuming gettimeofday could
not fail, but a few places were checking for errors.  POSIX says
clock_gettime can only fail if the clock constant is invalid or
unsupported, and CLOCK_REALTIME is the one and only clock constant
that's required to be supported.  For consistency I grepped the entire
source tree for any other places that checked for errors from
__clock_gettime (CLOCK_REALTIME), found one, and changed it too.

(For the record, POSIX also says gettimeofday can never fail.)

(It would be nice if we could declare that GNU systems will always
support CLOCK_MONOTONIC as well as CLOCK_REALTIME; there are several
places where we are using CLOCK_REALTIME where _MONOTONIC would be
more appropriate, and/or trying to use _MONOTONIC and then falling
back to _REALTIME.  But the Hurd doesn't support CLOCK_MONOTONIC yet,
and it looks like adding it would involve substantial changes to
gnumach's internals and API.  Oh well.)

A few Hurd-specific files were changed to use __host_get_time instead
of __clock_gettime, as this seemed tidier.  We also assume this cannot
fail.  Skimming the code in gnumach leads me to believe the only way
it could fail is if __mach_host_self also failed, and our
Hurd-specific code consistently assumes that can't happen, so I'm
going with that.

With the exception of support/support_test_main.c, test cases are not
modified, mainly because I didn't want to have to figure out which
test cases were testing gettimeofday specifically.

The definition of GETTIME in sysdeps/generic/memusage.h had a typo and
was not reading tv_sec at all.  I fixed this.  It appears nobody has been
generating malloc traces on a machine that doesn't have a superseding
definition.

There are a whole bunch of places where the code could be simplified
by factoring out timespec subtraction and/or comparison logic, but I
want to keep this patch as mechanical as possible.

Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-10-30 17:04:10 -03:00
Paul Eggert
5a82c74822 Prefer https to http for gnu.org and fsf.org URLs
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:

sed -ri '
  s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
  s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
  $(find $(git ls-files) -prune -type f \
      ! -name '*.po' \
      ! -name 'ChangeLog*' \
      ! -path COPYING ! -path COPYING.LIB \
      ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
      ! -path manual/texinfo.tex ! -path scripts/config.guess \
      ! -path scripts/config.sub ! -path scripts/install-sh \
      ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
      ! -path INSTALL ! -path  locale/programs/charmap-kw.h \
      ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
      ! '(' -name configure \
            -execdir test -f configure.ac -o -f configure.in ';' ')' \
      ! '(' -name preconfigure \
            -execdir test -f preconfigure.ac ';' ')' \
      -print)

and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:

  chmod a+x sysdeps/unix/sysv/linux/riscv/configure
  # Omit irrelevant whitespace and comment-only changes,
  # perhaps from a slightly-different Autoconf version.
  git checkout -f \
    sysdeps/csky/configure \
    sysdeps/hppa/configure \
    sysdeps/riscv/configure \
    sysdeps/unix/sysv/linux/csky/configure
  # Omit changes that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
  git checkout -f \
    sysdeps/powerpc/powerpc64/ppc-mcount.S \
    sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
  # Omit change that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
  git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 02:43:31 -07:00
Carlos O'Donell
d34d4c8022 nscd: Improve nscd.conf comments.
This change adds a warning to nscd.conf about running multiple caching
services together and that it may lead to unexpected behaviours. Also we
add a note that enabling the 'shared' option will cause cache hit rates
to be misreported (a side effect of the implementation).

v2
- Rewrite comment to avoid implementation details.
2019-08-19 09:57:58 -04:00
Florian Weimer
a9368c34d7 nss: Turn __nss_database_lookup into a compatibility symbol
The function uses the internal service_user type, so it is not
really usable from the outside of glibc.  Rename the function
to __nss_database_lookup2 for internal use, and change
__nss_database_lookup to always indicate failure to the caller.

__nss_next already was a compatibility symbol.  The new
implementation always fails and no longer calls __nss_next2.

unscd, the alternative nscd implementation, does not use
__nss_database_lookup, so it is not affected by this change.
2019-05-15 15:07:49 +02:00
Florian Weimer
3f8b44be0a resolv: Remove support for RES_USE_INET6 and the inet6 option
This functionality was deprecated in glibc 2.25.

This commit only includes the core changes to remove the
functionality.  It does not remove the RES_USE_INET6 handling in the
individual NSS service modules and the res_use_inet6 function.
These changes will happen in future commits.
2019-04-08 10:56:22 +02:00
Joseph Myers
34a5a1460e Break some lines before not after operators.
The GNU Coding Standards specify that line breaks in expressions
should go before an operator, not after one.  This patch fixes various
code to do this.  It only changes code that appears to be mostly
following GNU style anyway, not files and directories with
substantially different formatting.  It is not exhaustive even for
files using GNU style (for example, changes to sysdeps files are
deferred for subsequent cleanups).  Some files changed are shared with
gnulib, but most are specific to glibc.  Changes were made manually,
with places to change found by grep (so some cases, e.g. where the
operator was followed by a comment at end of line, are particularly
liable to have been missed by grep, but I did include cases where the
operator was followed by backslash-newline).

This patch generally does not attempt to address other coding style
issues in the expressions changed (for example, missing spaces before
'(', or lack of parentheses to ensure indentation of continuation
lines properly reflects operator precedence).

Tested for x86_64, and with build-many-glibcs.py.

	* benchtests/bench-memmem.c (simple_memmem): Break lines before
	rather than after operators.
	* benchtests/bench-skeleton.c (TIMESPEC_AFTER): Likewise.
	* crypt/md5.c (md5_finish_ctx): Likewise.
	* crypt/sha256.c (__sha256_finish_ctx): Likewise.
	* crypt/sha512.c (__sha512_finish_ctx): Likewise.
	* elf/cache.c (load_aux_cache): Likewise.
	* elf/dl-load.c (open_verify): Likewise.
	* elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise.
	* elf/readelflib.c (process_elf_file): Likewise.
	* elf/rtld.c (dl_main): Likewise.
	* elf/sprof.c (generate_call_graph): Likewise.
	* hurd/ctty-input.c (_hurd_ctty_input): Likewise.
	* hurd/ctty-output.c (_hurd_ctty_output): Likewise.
	* hurd/dtable.c (reauth_dtable): Likewise.
	* hurd/getdport.c (__getdport): Likewise.
	* hurd/hurd/signal.h (_hurd_interrupted_rpc_timeout): Likewise.
	* hurd/hurd/sigpreempt.h (HURD_PREEMPT_SIGNAL_P): Likewise.
	* hurd/hurdfault.c (_hurdsig_fault_catch_exception_raise):
	Likewise.
	* hurd/hurdioctl.c (fioctl): Likewise.
	* hurd/hurdselect.c (_hurd_select): Likewise.
	* hurd/hurdsig.c (_hurdsig_abort_rpcs): Likewise.
	(STOPSIGS): Likewise.
	* hurd/hurdstartup.c (_hurd_startup): Likewise.
	* hurd/intr-msg.c (_hurd_intr_rpc_mach_msg): Likewise.
	* hurd/lookup-retry.c (__hurd_file_name_lookup_retry): Likewise.
	* hurd/msgportdemux.c (msgport_server): Likewise.
	* hurd/setauth.c (_hurd_setauth): Likewise.
	* include/features.h (__GLIBC_USE_DEPRECATED_SCANF): Likewise.
	* libio/libioP.h [IO_DEBUG] (CHECK_FILE): Likewise.
	* locale/programs/ld-ctype.c (set_class_defaults): Likewise.
	* localedata/tests-mbwc/tst_swscanf.c (tst_swscanf): Likewise.
	* login/tst-utmp.c (do_check): Likewise.
	(simulate_login): Likewise.
	* mach/lowlevellock.h (lll_lock): Likewise.
	(lll_trylock): Likewise.
	* math/test-fenv.c (ALL_EXC): Likewise.
	* math/test-fenvinline.c (ALL_EXC): Likewise.
	* misc/sys/cdefs.h (__attribute_deprecated_msg__): Likewise.
	* nis/nis_call.c (__do_niscall3): Likewise.
	* nis/nis_callback.c (cb_prog_1): Likewise.
	* nis/nis_defaults.c (searchaccess): Likewise.
	* nis/nis_findserv.c (__nis_findfastest_with_timeout): Likewise.
	* nis/nis_ismember.c (internal_ismember): Likewise.
	* nis/nis_local_names.c (nis_local_principal): Likewise.
	* nis/nss_nis/nis-rpc.c (_nss_nis_getrpcbyname_r): Likewise.
	* nis/nss_nisplus/nisplus-netgrp.c (_nss_nisplus_getnetgrent_r):
	Likewise.
	* nis/ypclnt.c (yp_match): Likewise.
	(yp_first): Likewise.
	(yp_next): Likewise.
	(yp_master): Likewise.
	(yp_order): Likewise.
	* nscd/hstcache.c (cache_addhst): Likewise.
	* nscd/initgrcache.c (addinitgroupsX): Likewise.
	* nss/nss_compat/compat-pwd.c (copy_pwd_changes): Likewise.
	(internal_getpwuid_r): Likewise.
	* nss/nss_compat/compat-spwd.c (copy_spwd_changes): Likewise.
	* posix/glob.h (__GLOB_FLAGS): Likewise.
	* posix/regcomp.c (peek_token): Likewise.
	(peek_token_bracket): Likewise.
	(parse_expression): Likewise.
	* posix/regexec.c (sift_states_iter_mb): Likewise.
	(check_node_accept_bytes): Likewise.
	* posix/tst-spawn3.c (do_test): Likewise.
	* posix/wordexp-test.c (testit): Likewise.
	* posix/wordexp.c (parse_tilde): Likewise.
	(exec_comm): Likewise.
	* posix/wordexp.h (__WRDE_FLAGS): Likewise.
	* resource/vtimes.c (TIMEVAL_TO_VTIMES): Likewise.
	* setjmp/sigjmp.c (__sigjmp_save): Likewise.
	* stdio-common/printf_fp.c (__printf_fp_l): Likewise.
	* stdio-common/tst-fileno.c (do_test): Likewise.
	* stdio-common/vfprintf-internal.c (vfprintf): Likewise.
	* stdlib/strfmon_l.c (__vstrfmon_l_internal): Likewise.
	* stdlib/strtod_l.c (round_and_return): Likewise.
	(____STRTOF_INTERNAL): Likewise.
	* stdlib/tst-strfrom.h (TEST_STRFROM): Likewise.
	* string/strcspn.c (STRCSPN): Likewise.
	* string/test-memmem.c (simple_memmem): Likewise.
	* termios/tcsetattr.c (tcsetattr): Likewise.
	* time/alt_digit.c (_nl_parse_alt_digit): Likewise.
	* time/asctime.c (asctime_internal): Likewise.
	* time/strptime_l.c (__strptime_internal): Likewise.
	* time/sys/time.h (timercmp): Likewise.
	* time/tzfile.c (__tzfile_compute): Likewise.
2019-02-22 01:32:36 +00:00
Joseph Myers
7a0dcfc643 Remove duplicate initialization of field in nscd.
I'm looking at the warnings from building glibc with -Wextra, to see
if we could use -Wextra by default, possibly with a few of its
warnings disabled, and so benefit from warnings in -Wextra but not in
-Wall.  (The vast bulk of the extra warnings so produced are from
-Wunused-parameter -Wsign-compare -Wmissing-field-initializers
-Wtype-limits, so I expect those would be disabled at least at first.)

Various miscellaneous warnings show up with -Wextra that it clearly
seems to make sense to fix independent of whether we add -Wextra to
the normal options for building glibc.  This patch fixes one:
"initialized field overwritten [-Woverride-init]" in nscd.

Tested for x86_64.

	* nscd/connections.c (reqinfo): Initialize SHUTDOWN element only
	once.
2019-02-04 14:49:37 +00:00
Florian Weimer
108bc4049f CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings [BZ #20018]
The IPv4 address parser in the getaddrinfo function is changed so that
it does not ignore trailing whitespace and all characters after it.
For backwards compatibility, the getaddrinfo function still recognizes
legacy name syntax, such as 192.000.002.010 interpreted as 192.0.2.8
(octal).

This commit does not change the behavior of inet_addr and inet_aton.
gethostbyname already had additional sanity checks (but is switched
over to the new __inet_aton_exact function for completeness as well).

To avoid sending the problematic query names over DNS, commit
6ca53a2453 ("resolv: Do not send queries
for non-host-names in nss_dns [BZ #24112]") is needed.
2019-01-21 21:26:03 +01:00
Joseph Myers
c9123888d8 Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2019.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.

Please remember to include 2019 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).

	* NEWS: Update copyright dates.
	* catgets/gencat.c (print_version): Likewise.
	* csu/version.c (banner): Likewise.
	* debug/catchsegv.sh: Likewise.
	* debug/pcprofiledump.c (print_version): Likewise.
	* debug/xtrace.sh (do_version): Likewise.
	* elf/ldconfig.c (print_version): Likewise.
	* elf/ldd.bash.in: Likewise.
	* elf/pldd.c (print_version): Likewise.
	* elf/sotruss.sh: Likewise.
	* elf/sprof.c (print_version): Likewise.
	* iconv/iconv_prog.c (print_version): Likewise.
	* iconv/iconvconfig.c (print_version): Likewise.
	* locale/programs/locale.c (print_version): Likewise.
	* locale/programs/localedef.c (print_version): Likewise.
	* login/programs/pt_chown.c (print_version): Likewise.
	* malloc/memusage.sh (do_version): Likewise.
	* malloc/memusagestat.c (print_version): Likewise.
	* malloc/mtrace.pl: Likewise.
	* manual/libc.texinfo: Likewise.
	* nptl/version.c (banner): Likewise.
	* nscd/nscd.c (print_version): Likewise.
	* nss/getent.c (print_version): Likewise.
	* nss/makedb.c (print_version): Likewise.
	* posix/getconf.c (main): Likewise.
	* scripts/test-installation.pl: Likewise.
	* sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2019-01-01 00:15:13 +00:00
Joseph Myers
04277e02d7 Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2019-01-01 00:11:28 +00:00
Andreas Schwab
61595e3d36 nscd: avoid assertion failure during persistent db check
nscd should not abort when it finds inconsistencies in the persistent db.
2018-12-19 11:44:28 +01:00
Paul Pluzhnikov
a6e8926f8d [BZ #20271] Add newlines in __libc_fatal calls. 2018-08-31 18:04:32 -07:00
Florian Weimer
745664bd79 nscd: Fix use-after-free in addgetnetgrentX [BZ #23520]
addinnetgrX may use the heap-allocated buffer, so free the buffer
in this function.
2018-08-28 13:19:27 +02:00
Florian Weimer
2d7acfac3e nscd: Deallocate existing user names in file parser
This avoids a theoretical memory leak (theoretical because it depends on
multiple server-user/stat-user directives in the configuration file).
2018-08-14 10:51:07 +02:00
Zack Weinberg
841785bad1 manual: Revise crypt.texi.
This is a major rewrite of the description of 'crypt', 'getentropy',
and 'getrandom'.

A few highlights of the content changes:

 - Throughout the manual, public headers, and user-visible messages,
   I replaced the term "password" with "passphrase", the term
   "password database" with "user database", and the term
   "encrypt(ion)" with "(one-way) hashing" whenever it was applied to
   passphrases.  I didn't bother making this change in internal code
   or tests.  The use of the term "password" in ruserpass.c survives,
   because that refers to a keyword in netrc files, but it is adjusted
   to make this clearer.

   There is a note in crypt.texi explaining that they were
   traditionally called passwords but single words are not good enough
   anymore, and a note in users.texi explaining that actual passphrase
   hashes are found in a "shadow" database nowadays.

 - There is a new short introduction to the "Cryptographic Functions"
   section, explaining how we do not intend to be a general-purpose
   cryptography library, and cautioning that there _are_, or have
   been, legal restrictions on the use of cryptography in many
   countries, without getting into any kind of detail that we can't
   promise to keep up to date.

 - I added more detail about what a "one-way function" is, and why
   they are used to obscure passphrases for storage.  I removed the
   paragraph saying that systems not connected to a network need no
   user authentication, because that's a pretty rare situation
   nowadays.  (It still says "sometimes it is necessary" to
   authenticate the user, though.)

 - I added documentation for all of the hash functions that glibc
   actually supports, but not for the additional hash functions
   supported by libxcrypt.  If we're going to keep this manual section
   around after the transition is more advanced, it would probably
   make sense to add them then.

 - There is much more detailed discussion of how to generate a salt,
   and the failure behavior for crypt is documented.  (Returning an
   invalid hash on failure is what libxcrypt does; Solar Designer's
   notes say that this was done "for compatibility with old programs
   that assume crypt can never fail".)

 - As far as I can tell, the header 'crypt.h' is entirely a GNU
   invention, and never existed on any other Unix lineage.  The
   function 'crypt', however, was in Issue 1 of the SVID and is now
   in the XSI component of POSIX.  I tried to make all of the
   @standards annotations consistent with this, but I'm not sure I got
   them perfectly right.

 - The genpass.c example has been improved to use getentropy instead
   of the current time to generate the salt, and to use a SHA-256 hash
   instead of MD5. It uses more random bytes than is strictly
   necessary because I didn't want to complicate the code with proper
   base64 encoding.

 - The testpass.c example has three hardwired hashes now, to
   demonstrate that different one-way functions produce different
   hashes for the same input.  It also demonstrates how DES hashing
   only pays attention to the first eight characters of the input.

 - There is new text explaining in more detail how a CSPRNG differs
   from a regular random number generator, and how
   getentropy/getrandom are not exactly a CSPRNG.  I tried not to make
   specific falsifiable claims here.  I also tried to make the
   blocking/cancellation/error behavior of both getentropy and
   getrandom clearer.
2018-06-29 16:53:37 +02:00
Florian Weimer
6b7b2abac7 nscd: Switch to struct scratch_buffer in adhstaiX [BZ #18023]
The pre-allocation of the three scratch buffers increased the initial
stack size somewhat, but if retries are needed, the previous version
used more stack space if extend_alloca could not merge allocations.
Lack of alloca accounting also means could be problematic with
extremely large NSS responses, too.

	[BZ #18023]
	* nscd/aicache.c (addhstaiX): Use struct scratch_buffer instead
	of extend_alloca.
2018-06-25 18:41:54 +02:00
Florian Weimer
2f9f0d182e nscd: Use struct scratch_buffer, not extend_alloca in most caches [BZ #18023]
This replaces the ERANGE retry loops with loops which have heap
fallback.  Heap allocation might actually be required for extremely
large NSS results.
2018-06-25 18:41:52 +02:00
Florian Weimer
318bad78b0 nscd restart: Use malloc instead of extend_alloca [BZ #18023]
This introduces a separate function, read_cmdline, which reads the
contents of /proc/self/cmdline into a heap-allocated buffer.
2018-06-25 17:10:15 +02:00
Florian Weimer
7f9f1ecb71 Switch IDNA implementation to libidn2 [BZ #19728] [BZ #19729] [BZ #22247]
This provides an implementation of the IDNA2008 standard and fixes
CVE-2016-6261, CVE-2016-6263, CVE-2017-14062.
2018-05-23 15:27:24 +02:00
Adhemerval Zanella
8c78faa9ef Fix concurrent changes on nscd aware files (BZ #23178)
As indicated by BZ#23178, concurrent access on some files read by nscd
may result non expected data send through service requisition.  This is
due 'sendfile' Linux implementation where for sockets with zero-copy
support, callers must ensure the transferred portions of the the file
reffered by input file descriptor remain unmodified until the reader
on the other end of socket has consumed the transferred data.

I could not find any explicit documentation stating this behaviour on
Linux kernel documentation.  However man-pages sendfile entry [1] states
in NOTES the aforementioned remark.  It was initially pushed on man-pages
with an explicit testcase [2] that shows changing the file used in
'sendfile' call prior the socket input data consumption results in
previous data being lost.

From commit message it stated on tested Linux version (3.15) only TCP
socket showed this issues, however on recent kernels (4.4) I noticed the
same behaviour for local sockets as well.

Since sendfile on HURD is a read/write operation and the underlying
issue on Linux, the straightforward fix is just remove sendfile use
altogether.  I am really skeptical it is hitting some hotstop (there
are indication over internet that sendfile is helpfull only for large
files, more than 10kb) here to justify that extra code complexity or
to pursuit other possible fix (through memory or file locks for
instance, which I am not sure it is doable).

Checked on x86_64-linux-gnu.

	[BZ #23178]
	* nscd/nscd-client.h (sendfileall): Remove prototype.
	* nscd/connections.c [HAVE_SENDFILE] (sendfileall): Remove function.
	(handle_request): Use writeall instead of sendfileall.
	* nscd/aicache.c (addhstaiX): Likewise.
	* nscd/grpcache.c (cache_addgr): Likewise.
	* nscd/hstcache.c (cache_addhst): Likewise.
	* nscd/initgrcache.c (addinitgroupsX): Likewise.
	* nscd/netgroupcache.c (addgetnetgrentX, addinnetgrX): Likewise.
	* nscd/pwdcache.c (cache_addpw): Likewise.
	* nscd/servicescache.c (cache_addserv): Likewise.
	* sysdeps/unix/sysv/linux/Makefile [$(subdir) == nscd]
	(sysdep-CFLAGS): Remove -DHAVE_SENDFILE.
	* sysdeps/unix/sysv/linux/kernel-features.h (__ASSUME_SENDFILE):
	Remove define.

[1] http://man7.org/linux/man-pages/man2/sendfile.2.html
[2] 7b6a329977 (diff-efd6af3a70f0f07c578e85b51e83b3c3)
2018-05-16 13:44:53 -03:00
Samuel Thibault
33574c17ee hurd: Add hurd thread library
Contributed by

Agustina Arzille <avarzille@riseup.net>
Amos Jeffries <squid3@treenet.co.nz>
David Michael <fedora.dm0@gmail.com>
Marco Gerards <marco@gnu.org>
Marcus Brinkmann <marcus@gnu.org>
Neal H. Walfield <neal@gnu.org>
Pino Toscano <toscano.pino@tiscali.it>
Richard Braun <rbraun@sceen.net>
Roland McGrath <roland@gnu.org>
Samuel Thibault <samuel.thibault@ens-lyon.org>
Thomas DiModica <ricinwich@yahoo.com>
Thomas Schwinge <tschwinge@gnu.org>

	* htl: New directory.
	* sysdeps/htl: New directory.
	* sysdeps/hurd/htl: New directory.
	* sysdeps/i386/htl: New directory.
	* sysdeps/mach/htl: New directory.
	* sysdeps/mach/hurd/htl: New directory.
	* sysdeps/mach/hurd/i386/htl: New directory.
	* nscd/Depend, resolv/Depend, rt/Depend: Add htl dependency.
	* sysdeps/mach/hurd/i386/Implies: Add mach/hurd/i386/htl imply.
	* sysdeps/mach/hurd/i386/libpthread.abilist: New file.
2018-04-02 01:44:14 +02:00
Andreas Schwab
eaf6753f8a Fix multiple definitions of __nss_*_database (bug 22918) 2018-03-03 17:44:24 +01:00
DJ Delorie
1c81d55fc4 [BZ #22342] Fix netgroup cache keys.
Unlike other nscd caches, the netgroup cache contains two types of
records - those for "iterate through a netgroup" (i.e. setnetgrent())
and those for "is this user in this netgroup" (i.e. innetgr()),
i.e. full and partial records.  The timeout code assumes these records
have the same key for the group name, so that the collection of records
that is "this netgroup" can be expired as a unit.

However, the keys are not the same, as the in-netgroup key is generated
by nscd rather than being passed to it from elsewhere, and is generated
without the trailing NUL.  All other keys have the trailing NUL, and as
noted in the linked BZ, debug statements confirm that two keys for the
same netgroup are added to the cache with two different lengths.

The result of this is that as records in the cache expire, the purge
code only cleans out one of the two types of entries, resulting in
stale, possibly incorrect, and possibly inconsistent cache data.

The patch simply includes the existing NUL in the computation for the
key length ('key' points to the char after the NUL, and 'group' to the
first char of the group, so 'key-group' includes the first char to the
NUL, inclusive).

	[BZ #22342]
	* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
	key value.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2018-03-01 23:23:24 -05:00
Samuel Thibault
7bb087bd7b nscd: don't unconditionally use PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP is Linux-only.

* nscd/connections.c (RWLOCK_INITIALIZER): Define to
PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP or
PTHREAD_RWLOCK_INITIALIZER if that is not available.
(dbs): Use RWLOCK_INITIALIZER instead of
PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP.
2018-02-11 18:22:11 +01:00
Samuel Thibault
7c5b106dcb hurd: Fix getifaddrs / freeifaddrs exposition
400669754d ('hurd: Fix nscd build') had the side effect of making
libc's freeaddrinfo expose freeifaddrs through __check_pf.  We can just
move the renames to gai.c itself, along others.

* sysdeps/mach/hurd/check_pf.c (__getifaddrs, __freeifaddrs): Do not
define macros.
* nscd/gai.c (__getifaddrs): Define macro to getifaddrs.
(__freeifaddrs): Define macro to freeifaddrs.
2018-01-28 19:06:15 +01:00
Joseph Myers
09533208fe Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2018.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.

Please remember to include 2018 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).

	* NEWS: Update copyright dates.
	* catgets/gencat.c (print_version): Likewise.
	* csu/version.c (banner): Likewise.
	* debug/catchsegv.sh: Likewise.
	* debug/pcprofiledump.c (print_version): Likewise.
	* debug/xtrace.sh (do_version): Likewise.
	* elf/ldconfig.c (print_version): Likewise.
	* elf/ldd.bash.in: Likewise.
	* elf/pldd.c (print_version): Likewise.
	* elf/sotruss.sh: Likewise.
	* elf/sprof.c (print_version): Likewise.
	* iconv/iconv_prog.c (print_version): Likewise.
	* iconv/iconvconfig.c (print_version): Likewise.
	* locale/programs/locale.c (print_version): Likewise.
	* locale/programs/localedef.c (print_version): Likewise.
	* login/programs/pt_chown.c (print_version): Likewise.
	* malloc/memusage.sh (do_version): Likewise.
	* malloc/memusagestat.c (print_version): Likewise.
	* malloc/mtrace.pl: Likewise.
	* manual/libc.texinfo: Likewise.
	* nptl/version.c (banner): Likewise.
	* nscd/nscd.c (print_version): Likewise.
	* nss/getent.c (print_version): Likewise.
	* nss/makedb.c (print_version): Likewise.
	* posix/getconf.c (main): Likewise.
	* scripts/test-installation.pl: Likewise.
	* sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2018-01-01 00:41:16 +00:00
Joseph Myers
688903eb3e Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2018-01-01 00:32:25 +00:00
Joseph Myers
49b036bce9 Fix nscd readlink argument aliasing (bug 22446).
Current GCC mainline detects that nscd calls readlink with the same
buffer for both input and output, which is not valid (those arguments
are both restrict-qualified in POSIX).  This patch makes it use a
separate buffer for readlink's input (with a size that is sufficient
to avoid truncation, so there should be no problems with warnings
about possible truncation, though not strictly minimal, but much
smaller than the buffer for output) to avoid this problem.

Tested compilation for aarch64-linux-gnu with build-many-glibcs.py.

	[BZ #22446]
	* nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate
	buffers for readlink input and output.
2017-12-18 18:50:40 +00:00