Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/mail/opendmarc Fix resource leakage observed when usin...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/4f209211eced
branches:  trunk
changeset: 436150:4f209211eced
user:      oster <oster%pkgsrc.org@localhost>
date:      Mon Jul 27 20:41:09 2020 +0000

description:
Fix resource leakage observed when using opendmarc on NetBSD.

Use res_ndestroy() instead of res_nclose() to properly cleanup resources
on NetBSD (and others that use __res_ndestroy() or res_ndestroy() instead
of res_nclose()).  Original patch by Roy Marples.

diffstat:

 mail/opendmarc/distinfo                                         |    9 +-
 mail/opendmarc/patches/patch-build-config.h.in                  |   16 +
 mail/opendmarc/patches/patch-configure                          |  131 +++++++++-
 mail/opendmarc/patches/patch-configure.ac                       |   21 +-
 mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c      |   18 +
 mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c |   76 +++++
 6 files changed, 257 insertions(+), 14 deletions(-)

diffs (truncated from 323 to 300 lines):

diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/distinfo
--- a/mail/opendmarc/distinfo   Mon Jul 27 20:24:07 2020 +0000
+++ b/mail/opendmarc/distinfo   Mon Jul 27 20:41:09 2020 +0000
@@ -1,8 +1,11 @@
-$NetBSD: distinfo,v 1.6 2015/11/03 23:27:11 agc Exp $
+$NetBSD: distinfo,v 1.7 2020/07/27 20:41:09 oster Exp $
 
 SHA1 (opendmarc-1.3.1.tar.gz) = bdd12713888c16e77334281238f88990df225929
 RMD160 (opendmarc-1.3.1.tar.gz) = 623b51544f428ade14f0a5d6204f8bf41af8375a
 SHA512 (opendmarc-1.3.1.tar.gz) = 0be11540bc26bd3b3e6cc9817bc379a5d290b63ef16c5d3559bf96b241ad6628bea7a9daeb468afac855bc16be16676f722b3c1d468ea82c8d8364e8a8137226
 Size (opendmarc-1.3.1.tar.gz) = 640151 bytes
-SHA1 (patch-configure) = 15abea1f890249c46eb0b969133fc809507feb6a
-SHA1 (patch-configure.ac) = b7ee9ae49e04fceaf2872dac7e2f60a15d3c9aa0
+SHA1 (patch-build-config.h.in) = 14723ab0a578978117be7dcc1d60fe5af955b610
+SHA1 (patch-configure) = 1af3b346ac6db51d1701af8ba4e123e0e6a6b973
+SHA1 (patch-configure.ac) = bfd2c16d22e25b564d33220b5e7ceadedc5ee016
+SHA1 (patch-libopendmarc_opendmarc__dns.c) = 7c75d464bcdba6baf963cb002e7ba94a60593ecc
+SHA1 (patch-libopendmarc_opendmarc__spf__dns.c) = 82f22fd2e224ddef1cd3c6788518e629fdea125f
diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/patches/patch-build-config.h.in
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/opendmarc/patches/patch-build-config.h.in    Mon Jul 27 20:41:09 2020 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-build-config.h.in,v 1.1 2020/07/27 20:41:10 oster Exp $
+
+We need to use res_ndestroy() to cleanup after res_init().
+
+--- build-config.h.in.orig     2015-02-23 20:32:27.000000000 +0000
++++ build-config.h.in
+@@ -104,6 +104,9 @@
+ /* Define to 1 if you have the `res_ninit()' function. */
+ #undef HAVE_RES_NINIT
+ 
++/* Define to 1 if you have the 'res_ndestroy()' function. */
++#undef HAVE_RES_NDESTROY
++
+ /* Define to 1 if you have the <signal.h> header file. */
+ #undef HAVE_SIGNAL_H
+ 
diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/patches/patch-configure
--- a/mail/opendmarc/patches/patch-configure    Mon Jul 27 20:24:07 2020 +0000
+++ b/mail/opendmarc/patches/patch-configure    Mon Jul 27 20:41:09 2020 +0000
@@ -1,12 +1,73 @@
-$NetBSD: patch-configure,v 1.1 2014/12/05 16:00:23 christos Exp $
-Search also for __res_ninit on NetBSD because of namespace protection
+$NetBSD: patch-configure,v 1.2 2020/07/27 20:41:10 oster Exp $
+
+Check for res_ndestroy(), __res_init(), and __res_ndestroy().
 
---- configure.orig     2014-12-05 10:53:31.000000000 -0500
-+++ configure  2014-12-05 10:54:50.000000000 -0500
-@@ -12969,6 +12969,64 @@
+--- configure.orig     2015-02-23 20:32:13.000000000 +0000
++++ configure
+@@ -12971,6 +12971,184 @@ $as_echo "#define HAVE_RES_NINIT 1" >>co
  
  fi
  
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing res_ndestroy" >&5
++$as_echo_n "checking for library containing res_ndestroy... " >&6; }
++if ${ac_cv_search_res_ndestroy+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ac_func_search_save_LIBS=$LIBS
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++/* Override any GCC internal prototype to avoid an error.
++   Use char because int might match the return type of a GCC
++   builtin and then its argument prototype would still apply.  */
++#ifdef __cplusplus
++extern "C"
++#endif
++char res_ndestroy ();
++int
++main ()
++{
++return res_ndestroy ();
++  ;
++  return 0;
++}
++_ACEOF
++for ac_lib in '' resolv; do
++  if test -z "$ac_lib"; then
++    ac_res="none required"
++  else
++    ac_res=-l$ac_lib
++    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
++  fi 
++  if ac_fn_c_try_link "$LINENO"; then :
++  ac_cv_search_res_ndestroy=$ac_res
++fi
++rm -f core conftest.err conftest.$ac_objext \
++    conftest$ac_exeext
++  if ${ac_cv_search_res_ndestroy+:} false; then :
++  break
++fi
++done
++if ${ac_cv_search_res_ndestroy+:} false; then :
++
++else
++  ac_cv_search_res_ndestroy=no
++fi
++rm conftest.$ac_ext
++LIBS=$ac_func_search_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_ndestroy" >&5
++$as_echo "$ac_cv_search_res_ndestroy" >&6; }
++ac_res=$ac_cv_search_res_ndestroy
++if test "$ac_res" != no; then :
++  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
++
++$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h    
++
++fi
++
++
++
 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing __res_ninit" >&5
 +$as_echo_n "checking for library containing __res_ninit... " >&6; }
 +if ${ac_cv_search___res_ninit+:} false; then :
@@ -65,6 +126,66 @@
 +
 +fi
 +
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing __res_ndestroy" >&5
++$as_echo_n "checking for library containing __res_ndestroy... " >&6; }
++if ${ac_cv_search___res_ndestroy+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ac_func_search_save_LIBS=$LIBS 
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++/* Override any GCC internal prototype to avoid an error.
++   Use char because int might match the return type of a GCC
++   builtin and then its argument prototype would still apply.  */
++#ifdef __cplusplus
++extern "C"
++#endif
++char __res_ndestroy (); 
++int
++main ()
++{
++return __res_ndestroy ();
++  ; 
++  return 0;
++} 
++_ACEOF
++for ac_lib in '' resolv; do
++  if test -z "$ac_lib"; then
++    ac_res="none required"
++  else
++    ac_res=-l$ac_lib 
++    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"  
++  fi  
++  if ac_fn_c_try_link "$LINENO"; then :
++  ac_cv_search___res_ndestroy=$ac_res
++fi
++rm -f core conftest.err conftest.$ac_objext \
++    conftest$ac_exeext
++  if ${ac_cv_search___res_ndestroy+:} false; then :
++  break
++fi
++done
++if ${ac_cv_search___res_ndestroy+:} false; then :
++
++else
++  ac_cv_search___res_ndestroy=no
++fi
++rm conftest.$ac_ext
++LIBS=$ac_func_search_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search___res_ndestroy" >&5
++$as_echo "$ac_cv_search___res_ndestroy" >&6; }
++ac_res=$ac_cv_search___res_ndestroy
++if test "$ac_res" != no; then :
++  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
++
++$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h
++
++fi
++
++
++
  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for idn_free in -lidn" >&5
  $as_echo_n "checking for idn_free in -lidn... " >&6; }
  if ${ac_cv_lib_idn_idn_free+:} false; then :
diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/patches/patch-configure.ac
--- a/mail/opendmarc/patches/patch-configure.ac Mon Jul 27 20:24:07 2020 +0000
+++ b/mail/opendmarc/patches/patch-configure.ac Mon Jul 27 20:41:09 2020 +0000
@@ -1,15 +1,24 @@
-$NetBSD: patch-configure.ac,v 1.1 2014/12/05 16:00:23 christos Exp $
-Search also for __res_ninit on NetBSD because of namespace protection
+$NetBSD: patch-configure.ac,v 1.2 2020/07/27 20:41:10 oster Exp $
 
---- configure.ac.orig  2014-12-05 10:53:36.000000000 -0500
-+++ configure.ac       2014-12-05 10:53:51.000000000 -0500
-@@ -126,6 +126,9 @@
+Add appropriate flags if res_ndestroy(), __res_ninit(),  or 
+__res_ndestroy() are found.
+
+--- configure.ac.orig  2015-02-23 20:31:50.000000000 +0000
++++ configure.ac
+@@ -126,6 +126,16 @@ AC_CHECK_LIB(resolv, inet_aton, , , [-ln
  AC_SEARCH_LIBS(res_ninit, resolv,
        AC_DEFINE(HAVE_RES_NINIT, 1,
        [Define to 1 if you have the `res_ninit()' function.]))
++AC_SEARCH_LIBS(res_ndestroy, resolv,
++       AC_DEFINE(HAVE_RES_NDESTROY, 1,
++       [Define to 1 if you have the `res_ndestroy()' function.]))
 +AC_SEARCH_LIBS(__res_ninit, resolv,
 +      AC_DEFINE(HAVE_RES_NINIT, 1,
-+      [Define to 1 if you have the `res_ninit()' function.]))
++      [Define to 1 if you have the `__res_ninit()' function.]))
++AC_SEARCH_LIBS(__res_ndestroy, resolv,
++       AC_DEFINE(HAVE_RES_NDESTROY, 1,
++       [Define to 1 if you have the `__res_ndestroy()' function.]))
++
  AC_CHECK_LIB(idn, idn_free)
  AC_CHECK_LIB(rt, nanosleep)
  AC_SEARCH_LIBS(inet_addr, nsl)
diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c        Mon Jul 27 20:41:09 2020 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-libopendmarc_opendmarc__dns.c,v 1.1 2020/07/27 20:41:10 oster Exp $
+
+Patch from Roy Marples: if we have res_ndestroy(), use that in place of just res_nclose().
+
+--- libopendmarc/opendmarc_dns.c.orig  2015-02-23 20:31:51.000000000 +0000
++++ libopendmarc/opendmarc_dns.c
+@@ -211,7 +211,11 @@ dmarc_dns_get_record(char *domain, int *
+       (void) opendmarc_policy_library_dns_hook(&resp.nscount,
+                                                  &resp.nsaddr_list);
+       answer_len = res_nquery(&resp, bp, C_IN, T_TXT, answer_buf, sizeof answer_buf);
++#ifdef HAVE_RES_NDESTROY
++      res_ndestroy(&resp);
++#else
+       res_nclose(&resp);
++#endif
+ #else /* HAVE_RES_NINIT */
+ #if defined RES_USE_DNSSEC
+       _res.options |= RES_USE_DNSSEC;
diff -r 86a6d1cad6c2 -r 4f209211eced mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c   Mon Jul 27 20:41:09 2020 +0000
@@ -0,0 +1,76 @@
+$NetBSD: patch-libopendmarc_opendmarc__spf__dns.c,v 1.1 2020/07/27 20:41:10 oster Exp $
+
+Patch from Roy Marples: if we have res_ndestroy(), use that in place of just res_nclose().
+
+--- libopendmarc/opendmarc_spf_dns.c.orig      2015-02-23 20:31:51.000000000 +0000
++++ libopendmarc/opendmarc_spf_dns.c
+@@ -108,7 +108,11 @@ opendmarc_spf_dns_lookup_a_actual(char *
+ 
+ #ifdef HAVE_RES_NINIT
+       k = res_nquery(&resp, bp, C_IN, sought, a_buf, sizeof a_buf);
++#ifdef HAVE_RES_NDESTROY
++      res_ndestroy(&resp);
++#else
+       res_nclose(&resp);
++#endif
+ #else /* HAVE_RES_NINIT */
+       k = res_query(bp, C_IN, sought, a_buf, sizeof a_buf);
+ #endif /* HAVE_RES_NINIT */
+@@ -253,7 +257,11 @@ opendmarc_spf_dns_lookup_mx(char *domain
+         memset(&resp, '\0', sizeof resp);
+       res_ninit(&resp);
+       k = res_nquery(&resp, domain, C_IN, T_MX, (u_char *) &q, sizeof(q));
++#ifdef HAVE_RES_NDESTROY
++      res_ndestroy(&resp);
++#else
+       res_nclose(&resp);
++#endif
+ #else /* HAVE_RES_NINIT */
+       k = res_query(domain, C_IN, T_MX, (u_char *) &q, sizeof(q));
+ #endif /* HAVE_RES_NINIT */
+@@ -366,7 +374,11 @@ opendmarc_spf_dns_lookup_ptr(char *ip, c
+         memset(&resp, '\0', sizeof resp);
+       res_ninit(&resp);
+       k = res_nquery(&resp, (char *)buf, C_IN, T_PTR, (u_char *) &q, sizeof(q));
++#ifdef HAVE_RES_NDESTROY
++      res_ndestroy(&resp);
++#else
+       res_nclose(&resp);
++#endif
+ #else /* HAVE_RES_NINIT */
+       k = res_query((char *)buf, C_IN, T_PTR, (u_char *) &q, sizeof(q));
+ #endif /* HAVE_RES_NINIT */
+@@ -461,7 +473,11 @@ opendmarc_spf_dns_does_domain_exist(char
+         (void) res_nquery(&resp, domain, C_IN, T_AAAA, aaaa_q, sizeof aaaa_q);  
+ #endif /* T_AAAA */
+         (void) res_nquery(&resp, domain, C_IN, T_MX, mx_q, sizeof mx_q);  
++#ifdef HAVE_RES_NDESTROY
++      res_ndestroy(&resp);
++#else
+       res_nclose(&resp);
++#endif
+ #else /* HAVE_RES_NINIT */
+         (void) res_query(domain, C_IN, T_A, a_q, sizeof a_q);  



Home | Main Index | Thread Index | Old Index