net-libs/libtirpc: drop 1.3.2, 1.3.2-r1

Bug: https://bugs.gentoo.org/859634
Signed-off-by: Mike Gilbert <floppym@gentoo.org>

3 files changed, 0 insertions, 261 deletions

diff --git a/net-libs/libtirpc/files/libtirpc-1.3.2-dos.patch b/net-libs/libtirpc/files/libtirpc-1.3.2-dos.patch
deleted file mode 100644
index 88b6f5719f41..000000000000
--- a/net-libs/libtirpc/files/libtirpc-1.3.2-dos.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From 86529758570cef4c73fb9b9c4104fdc510f701ed Mon Sep 17 00:00:00 2001
-From: Dai Ngo <dai.ngo@oracle.com>
-Date: Sat, 21 Aug 2021 13:16:23 -0400
-Subject: [PATCH] Fix DoS vulnerability in libtirpc
-
-Currently svc_run does not handle poll timeout and rendezvous_request
-does not handle EMFILE error returned from accept(2 as it used to.
-These two missing functionality were removed by commit b2c9430f46c4.
-
-The effect of not handling poll timeout allows idle TCP conections
-to remain ESTABLISHED indefinitely. When the number of connections
-reaches the limit of the open file descriptors (ulimit -n) then
-accept(2) fails with EMFILE. Since there is no handling of EMFILE
-error this causes svc_run() to get in a tight loop calling accept(2).
-This resulting in the RPC service of svc_run is being down, it's
-no longer able to service any requests.
-
-RPC service rpcbind, statd and mountd are effected by this
-problem.
-
-Fix by enhancing rendezvous_request to keep the number of
-SVCXPRT conections to 4/5 of the size of the file descriptor
-table. When this thresold is reached, it destroys the idle
-TCP connections or destroys the least active connection if
-no idle connnction was found.
-
-Fixes: 44bf15b8 rpcbind: don't use obsolete svc_fdset interface of libtirpc
-Signed-off-by: dai.ngo@oracle.com
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- INSTALL      | 371 +----------------------------------------------------------
- src/svc.c    |  17 ++-
- src/svc_vc.c |  62 +++++++++-
- 3 files changed, 78 insertions(+), 372 deletions(-)
- mode change 100644 => 120000 INSTALL
-
-diff --git a/src/svc.c b/src/svc.c
-index 6db164b..3a8709f 100644
---- a/src/svc.c
-+++ b/src/svc.c
-@@ -57,7 +57,7 @@
- 
- #define max(a, b) (a > b ? a : b)
- 
--static SVCXPRT **__svc_xports;
-+SVCXPRT **__svc_xports;
- int __svc_maxrec;
- 
- /*
-@@ -194,6 +194,21 @@ __xprt_do_unregister (xprt, dolock)
-     rwlock_unlock (&svc_fd_lock);
- }
- 
-+int
-+svc_open_fds()
-+{
-+	int ix;
-+	int nfds = 0;
-+
-+	rwlock_rdlock (&svc_fd_lock);
-+	for (ix = 0; ix < svc_max_pollfd; ++ix) {
-+		if (svc_pollfd[ix].fd != -1)
-+			nfds++;
-+	}
-+	rwlock_unlock (&svc_fd_lock);
-+	return (nfds);
-+}
-+
- /*
-  * Add a service program to the callout list.
-  * The dispatch routine will be called when a rpc request for this
-diff --git a/src/svc_vc.c b/src/svc_vc.c
-index f1d9f00..3dc8a75 100644
---- a/src/svc_vc.c
-+++ b/src/svc_vc.c
-@@ -64,6 +64,8 @@
- 
- 
- extern rwlock_t svc_fd_lock;
-+extern SVCXPRT **__svc_xports;
-+extern int svc_open_fds();
- 
- static SVCXPRT *makefd_xprt(int, u_int, u_int);
- static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *);
-@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *);
- static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in);
- static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq,
- 				   	     void *in);
-+static int __svc_destroy_idle(int timeout);
- 
- struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */
- 	u_int sendsize;
-@@ -313,13 +316,14 @@ done:
- 	return (xprt);
- }
- 
-+
- /*ARGSUSED*/
- static bool_t
- rendezvous_request(xprt, msg)
- 	SVCXPRT *xprt;
- 	struct rpc_msg *msg;
- {
--	int sock, flags;
-+	int sock, flags, nfds, cnt;
- 	struct cf_rendezvous *r;
- 	struct cf_conn *cd;
- 	struct sockaddr_storage addr;
-@@ -379,6 +383,16 @@ again:
- 
- 	gettimeofday(&cd->last_recv_time, NULL);
- 
-+	nfds = svc_open_fds();
-+	if (nfds >= (_rpc_dtablesize() / 5) * 4) {
-+		/* destroy idle connections */
-+		cnt = __svc_destroy_idle(15);
-+		if (cnt == 0) {
-+			/* destroy least active */
-+			__svc_destroy_idle(0);
-+		}
-+	}
-+
- 	return (FALSE); /* there is never an rpc msg to be processed */
- }
- 
-@@ -820,3 +834,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock)
- {
- 	return FALSE;
- }
-+
-+static int
-+__svc_destroy_idle(int timeout)
-+{
-+	int i, ncleaned = 0;
-+	SVCXPRT *xprt, *least_active;
-+	struct timeval tv, tdiff, tmax;
-+	struct cf_conn *cd;
-+
-+	gettimeofday(&tv, NULL);
-+	tmax.tv_sec = tmax.tv_usec = 0;
-+	least_active = NULL;
-+	rwlock_wrlock(&svc_fd_lock);
-+
-+	for (i = 0; i <= svc_max_pollfd; i++) {
-+		if (svc_pollfd[i].fd == -1)
-+			continue;
-+		xprt = __svc_xports[i];
-+		if (xprt == NULL || xprt->xp_ops == NULL ||
-+			xprt->xp_ops->xp_recv != svc_vc_recv)
-+			continue;
-+		cd = (struct cf_conn *)xprt->xp_p1;
-+		if (!cd->nonblock)
-+			continue;
-+		if (timeout == 0) {
-+			timersub(&tv, &cd->last_recv_time, &tdiff);
-+			if (timercmp(&tdiff, &tmax, >)) {
-+				tmax = tdiff;
-+				least_active = xprt;
-+			}
-+			continue;
-+		}
-+		if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) {
-+			__xprt_unregister_unlocked(xprt);
-+			__svc_vc_dodestroy(xprt);
-+			ncleaned++;
-+		}
-+	}
-+	if (timeout == 0 && least_active != NULL) {
-+		__xprt_unregister_unlocked(least_active);
-+		__svc_vc_dodestroy(least_active);
-+		ncleaned++;
-+	}
-+	rwlock_unlock(&svc_fd_lock);
-+	return (ncleaned);
-+}
--- 
-1.8.3.1
-
diff --git a/net-libs/libtirpc/files/libtirpc-1.3.2-memory-leak.patch b/net-libs/libtirpc/files/libtirpc-1.3.2-memory-leak.patch
deleted file mode 100644
index 8ce864a2950c..000000000000
--- a/net-libs/libtirpc/files/libtirpc-1.3.2-memory-leak.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 63f3b9e883231ca08cf9c3cd8f5d582584412d94 Mon Sep 17 00:00:00 2001
-From: Ali Abdallah <ali.abdallah@suse.com>
-Date: Thu, 14 Jul 2022 13:47:32 -0400
-Subject: [PATCH] Fix potential memory leak of parms.r_addr
-
-During some valgrind test, the following is observed
-
-==11391== 64 bytes in 4 blocks are definitely lost in loss record 11 of 16
-==11391==    at 0x4C2A2AF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
-==11391==    by 0x50ECED9: strdup (in /lib64/libc-2.22.so)
-==11391==    by 0x4E4AFBF: getclnthandle (in /lib64/libtirpc.so.3.0.0)
-==11391==    by 0x4E4BD8A: __rpcb_findaddr_timed (in /lib64/libtirpc.so.3.0.0)
-==11391==    by 0x4E443AF: clnt_tp_create_timed (in /lib64/libtirpc.so.3.0.0)
-==11391==    by 0x4E44580: clnt_create_timed (in /lib64/libtirpc.so.3.0.0)
-==11391==    by 0x400755: main (in /local/02/xdtadti/tirpc-test/client)
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- INSTALL         | 369 +-------------------------------------------------------
- src/rpcb_clnt.c |   8 ++
- 2 files changed, 9 insertions(+), 368 deletions(-)
- mode change 100644 => 120000 INSTALL
-
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index 0c34cb7..1a23cb1 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -798,6 +798,10 @@ __try_protocol_version_2(program, version, nconf, host, tp)
- 	pmapaddress->len = pmapaddress->maxlen = remote.len;
- 
- 	CLNT_DESTROY(client);
-+
-+	if (parms.r_addr != NULL && parms.r_addr != nullstring)
-+		free(parms.r_addr);
-+
- 	return pmapaddress;
- 
- error:
-@@ -806,6 +810,10 @@ error:
- 		client = NULL;
- 
- 	}
-+
-+	if (parms.r_addr != NULL && parms.r_addr != nullstring)
-+		free(parms.r_addr);
-+
- 	return (NULL);
- 
- }
--- 
-1.8.3.1
-
diff --git a/net-libs/libtirpc/files/libtirpc-1.3.2-use-after-free.patch b/net-libs/libtirpc/files/libtirpc-1.3.2-use-after-free.patch
deleted file mode 100644
index 8e85a564f29a..000000000000
--- a/net-libs/libtirpc/files/libtirpc-1.3.2-use-after-free.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From d0dc59e27263c6b53435d770010dcc6f397d58ee Mon Sep 17 00:00:00 2001
-From: Frank Sorenson <sorenson@redhat.com>
-Date: Mon, 17 Jan 2022 13:33:13 -0500
-Subject: [PATCH] libtirpc: Fix use-after-free accessing the error number
-
-Free the cbuf after obtaining the error number.
-
-Signed-off-by: Frank Sorenson <sorenson@redhat.com>
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/clnt_dg.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/clnt_dg.c b/src/clnt_dg.c
-index e1255de..b3d82e7 100644
---- a/src/clnt_dg.c
-+++ b/src/clnt_dg.c
-@@ -456,9 +456,9 @@ get_reply:
- 		 cmsg = CMSG_NXTHDR (&msg, cmsg))
- 	      if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR)
- 		{
--		  mem_free(cbuf, (outlen + 256));
- 		  e = (struct sock_extended_err *) CMSG_DATA(cmsg);
- 		  cu->cu_error.re_errno = e->ee_errno;
-+		  mem_free(cbuf, (outlen + 256));
- 		  release_fd_lock(cu->cu_fd_lock, mask);
- 		  return (cu->cu_error.re_status = RPC_CANTRECV);
- 		}
--- 
-1.8.3.1
-