la 15. kesäk. 2024 klo 18.04 Martin-Éric Racine ([email protected]) kirjoitti: > > la 15. kesäk. 2024 klo 17.48 Adam D. Barratt > ([email protected]) kirjoitti: > > > > Control: tags -1 + confirmed > > > > On Sat, 2024-06-15 at 14:38 +0300, Martin-Éric Racine wrote: > > > RC bug #1050805 was fixed in Testing with src:dhcpcd 10.0.2, but > > > upstream only got around back-porting the fix to Stable src:dhcpcd5 > > > 9.x.x today. > > > > Please go ahead. > > Thanks. Awaiting confirmation from the bug reporter that it fixes the > issue for him and I'll upload.
Fixing this for Stable apparently requires cherry-picking a third patch. Updated debdiff attached. Martin-Éric
diff -Nru dhcpcd5-9.4.1/debian/changelog dhcpcd5-9.4.1/debian/changelog --- dhcpcd5-9.4.1/debian/changelog 2023-10-20 11:12:13.000000000 +0300 +++ dhcpcd5-9.4.1/debian/changelog 2024-06-15 12:37:49.000000000 +0300 @@ -1,3 +1,11 @@ +dhcpcd5 (9.4.1-24~deb12u4) bookworm; urgency=medium + + * Add --no-stop-on-upgrade --no-restart-after-upgrade (Closes: #1057959). + * Cherry-pick upstream backported fixes for RC bug (Closes: #1050805). + * Update dhcpcd.preinst version check to match current one. + + -- Martin-Éric Racine <[email protected]> Sat, 15 Jun 2024 12:37:49 +0300 + dhcpcd5 (9.4.1-24~deb12u3) bookworm; urgency=medium * Move Breaks/Replaces dhcpcd5 (<< 9.4.1-2) to Conflicts (Closes: #1053657). diff -Nru dhcpcd5-9.4.1/debian/dhcpcd.preinst dhcpcd5-9.4.1/debian/dhcpcd.preinst --- dhcpcd5-9.4.1/debian/dhcpcd.preinst 2023-10-20 11:12:08.000000000 +0300 +++ dhcpcd5-9.4.1/debian/dhcpcd.preinst 2023-12-13 22:50:19.000000000 +0200 @@ -2,7 +2,7 @@ # As per Debian bug #1037190. # Copyright 2023 Andreas Beckmann <[email protected]> set -e -if dpkg --compare-versions "$2" lt-nl "1:9.4.1-24~deb12u3~" ; then +if dpkg --compare-versions "$2" lt-nl "1:9.4.1-24~deb12u4~" ; then # Cleanup leftovers from dhcpcd 1:3.* in Wheezy. # Can be removed after Trixie is released. update-alternatives --remove dhcpcd /sbin/dhcpcd3 diff -Nru dhcpcd5-9.4.1/debian/patches/53e2f6de4ba87d0534c89cae674e6c1a48724ef0.patch dhcpcd5-9.4.1/debian/patches/53e2f6de4ba87d0534c89cae674e6c1a48724ef0.patch --- dhcpcd5-9.4.1/debian/patches/53e2f6de4ba87d0534c89cae674e6c1a48724ef0.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd5-9.4.1/debian/patches/53e2f6de4ba87d0534c89cae674e6c1a48724ef0.patch 2024-06-15 12:34:41.000000000 +0300 @@ -0,0 +1,121 @@ +From 53e2f6de4ba87d0534c89cae674e6c1a48724ef0 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Sat, 15 Jun 2024 10:04:06 +0100 +Subject: [PATCH] privsep: Allow zero length messages through + +They should be handled gracefully without privsep anyway. +Fix for #179. +--- + src/privsep-inet.c | 12 ++++++------ + src/privsep.c | 15 +++------------ + src/privsep.h | 2 +- + 3 files changed, 10 insertions(+), 19 deletions(-) + +diff --git a/src/privsep-inet.c b/src/privsep-inet.c +index 3a192ee0..7f7494f6 100644 +--- a/src/privsep-inet.c ++++ b/src/privsep-inet.c +@@ -53,7 +53,7 @@ ps_inet_recvbootp(void *arg) + { + struct dhcpcd_ctx *ctx = arg; + +- if (ps_recvmsg(ctx, ctx->udp_rfd, PS_BOOTP, ctx->ps_inet_fd) == -1) ++ if (ps_recvmsg(ctx->udp_rfd, PS_BOOTP, ctx->ps_inet_fd) == -1) + logerr(__func__); + } + #endif +@@ -67,12 +67,12 @@ ps_inet_recvra(void *arg) + struct rs_state *state = RS_STATE(ifp); + struct dhcpcd_ctx *ctx = ifp->ctx; + +- if (ps_recvmsg(ctx, state->nd_fd, PS_ND, ctx->ps_inet_fd) == -1) ++ if (ps_recvmsg(state->nd_fd, PS_ND, ctx->ps_inet_fd) == -1) + logerr(__func__); + #else + struct dhcpcd_ctx *ctx = arg; + +- if (ps_recvmsg(ctx, ctx->nd_fd, PS_ND, ctx->ps_inet_fd) == -1) ++ if (ps_recvmsg(ctx->nd_fd, PS_ND, ctx->ps_inet_fd) == -1) + logerr(__func__); + #endif + } +@@ -84,7 +84,7 @@ ps_inet_recvdhcp6(void *arg) + { + struct dhcpcd_ctx *ctx = arg; + +- if (ps_recvmsg(ctx, ctx->dhcp6_rfd, PS_DHCP6, ctx->ps_inet_fd) == -1) ++ if (ps_recvmsg(ctx->dhcp6_rfd, PS_DHCP6, ctx->ps_inet_fd) == -1) + logerr(__func__); + } + #endif +@@ -374,7 +374,7 @@ ps_inet_recvinbootp(void *arg) + { + struct ps_process *psp = arg; + +- if (ps_recvmsg(psp->psp_ctx, psp->psp_work_fd, ++ if (ps_recvmsg(psp->psp_work_fd, + PS_BOOTP, psp->psp_ctx->ps_data_fd) == -1) + logerr(__func__); + } +@@ -463,7 +463,7 @@ ps_inet_recvin6dhcp6(void *arg) + { + struct ps_process *psp = arg; + +- if (ps_recvmsg(psp->psp_ctx, psp->psp_work_fd, ++ if (ps_recvmsg(psp->psp_work_fd, + PS_DHCP6, psp->psp_ctx->ps_data_fd) == -1) + logerr(__func__); + } +diff --git a/src/privsep.c b/src/privsep.c +index ab29bb7b..0f78907a 100644 +--- a/src/privsep.c ++++ b/src/privsep.c +@@ -897,7 +897,7 @@ ps_sendcmdmsg(int fd, uint16_t cmd, const struct msghdr *msg) + } + + ssize_t +-ps_recvmsg(struct dhcpcd_ctx *ctx, int rfd, uint16_t cmd, int wfd) ++ps_recvmsg(int rfd, uint16_t cmd, int wfd) + { + struct sockaddr_storage ss = { .ss_family = AF_UNSPEC }; + uint8_t controlbuf[sizeof(struct sockaddr_storage)] = { 0 }; +@@ -913,24 +913,15 @@ ps_recvmsg(struct dhcpcd_ctx *ctx, int rfd, uint16_t cmd, int wfd) + + ssize_t len = recvmsg(rfd, &msg, 0); + +- if (len == -1) ++ if (len == -1) { + logerr("%s: recvmsg", __func__); +- if (len == -1 || len == 0) { +- if (ctx->options & DHCPCD_FORKED && +- !(ctx->options & DHCPCD_PRIVSEPROOT)) +- eloop_exit(ctx->eloop, +- len == 0 ? EXIT_SUCCESS : EXIT_FAILURE); + return len; + } + + iov[0].iov_len = (size_t)len; + len = ps_sendcmdmsg(wfd, cmd, &msg); +- if (len == -1) { ++ if (len == -1) + logerr("ps_sendcmdmsg"); +- if (ctx->options & DHCPCD_FORKED && +- !(ctx->options & DHCPCD_PRIVSEPROOT)) +- eloop_exit(ctx->eloop, EXIT_FAILURE); +- } + return len; + } + +diff --git a/src/privsep.h b/src/privsep.h +index 132f679a..00184d07 100644 +--- a/src/privsep.h ++++ b/src/privsep.h +@@ -192,7 +192,7 @@ ssize_t ps_sendmsg(struct dhcpcd_ctx *, int, uint16_t, unsigned long, + const struct msghdr *); + ssize_t ps_sendcmd(struct dhcpcd_ctx *, int, uint16_t, unsigned long, + const void *data, size_t len); +-ssize_t ps_recvmsg(struct dhcpcd_ctx *, int, uint16_t, int); ++ssize_t ps_recvmsg(int, uint16_t, int); + ssize_t ps_recvpsmsg(struct dhcpcd_ctx *, int, + ssize_t (*callback)(void *, struct ps_msghdr *, struct msghdr *), void *); + diff -Nru dhcpcd5-9.4.1/debian/patches/6e127eac6903524d401b31893167e4529b8ab111.patch dhcpcd5-9.4.1/debian/patches/6e127eac6903524d401b31893167e4529b8ab111.patch --- dhcpcd5-9.4.1/debian/patches/6e127eac6903524d401b31893167e4529b8ab111.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd5-9.4.1/debian/patches/6e127eac6903524d401b31893167e4529b8ab111.patch 2024-06-15 12:35:03.000000000 +0300 @@ -0,0 +1,57 @@ +From 6e127eac6903524d401b31893167e4529b8ab111 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Mon, 8 May 2023 15:52:11 +0100 +Subject: [PATCH] DHCP: Don't enforce the message came port 67 + +RFC2131 and updates make no mention of what the source port +should or must be. + +Update for #179. +--- + src/bpf.c | 11 +++++++---- + src/dhcp.c | 4 ++-- + 2 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/src/bpf.c b/src/bpf.c +index 339f3a014..44b08e6e8 100644 +--- a/src/bpf.c ++++ b/src/bpf.c +@@ -612,16 +612,19 @@ static const struct bpf_insn bpf_bootp_base[] = { + #define BPF_BOOTP_BASE_LEN __arraycount(bpf_bootp_base) + + static const struct bpf_insn bpf_bootp_read[] = { +- /* Make sure it's from and to the right port. */ +- BPF_STMT(BPF_LD + BPF_W + BPF_IND, 0), +- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, (BOOTPS << 16) + BOOTPC, 1, 0), ++ /* Make sure it's to the right port. ++ * RFC2131 makes no mention of enforcing a source port. */ ++ BPF_STMT(BPF_LD + BPF_H + BPF_IND, offsetof(struct udphdr, uh_dport)), ++ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, BOOTPC, 1, 0), + BPF_STMT(BPF_RET + BPF_K, 0), + }; + #define BPF_BOOTP_READ_LEN __arraycount(bpf_bootp_read) + + #ifdef BIOCSETWF + static const struct bpf_insn bpf_bootp_write[] = { +- /* Make sure it's from and to the right port. */ ++ /* Make sure it's from and to the right port. ++ * RFC2131 makes no mention of encforcing a source port, ++ * but dhcpcd does enforce it for sending. */ + BPF_STMT(BPF_LD + BPF_W + BPF_IND, 0), + BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, (BOOTPC << 16) + BOOTPS, 1, 0), + BPF_STMT(BPF_RET + BPF_K, 0), +diff --git a/src/dhcp.c b/src/dhcp.c +index f76807605..9a790b50d 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -3459,8 +3459,8 @@ is_packet_udp_bootp(void *packet, size_t plen) + if (ip_hlen + ntohs(udp.uh_ulen) > plen) + return false; + +- /* Check it's to and from the right ports. */ +- if (udp.uh_dport != htons(BOOTPC) || udp.uh_sport != htons(BOOTPS)) ++ /* Check it's to the right port. */ ++ if (udp.uh_dport != htons(BOOTPC)) + return false; + + return true; diff -Nru dhcpcd5-9.4.1/debian/patches/727c78f503d456875e2a3cee7609288b537d9d25.patch dhcpcd5-9.4.1/debian/patches/727c78f503d456875e2a3cee7609288b537d9d25.patch --- dhcpcd5-9.4.1/debian/patches/727c78f503d456875e2a3cee7609288b537d9d25.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd5-9.4.1/debian/patches/727c78f503d456875e2a3cee7609288b537d9d25.patch 2024-06-15 12:37:49.000000000 +0300 @@ -0,0 +1,47 @@ +From 727c78f503d456875e2a3cee7609288b537d9d25 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <[email protected]> +Date: Fri, 16 Feb 2024 17:15:35 +0100 +Subject: [PATCH] Move dhcp(v4) packet size check earlier (#295) + +dhcp_handlebootp handled zero sized packets correctly, but +dhcp_redirect_dhcp did not have such protection. Move size check before +both of them. Size when called from dhcp_packet is checked by +is_packet_udp_bootp call. Only dhcp_recvmsg needs earlier checking to be +added. + +Fixes #283 +--- + src/dhcp.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/src/dhcp.c b/src/dhcp.c +index a58e1db2..581a9faa 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -3532,12 +3532,6 @@ dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len, + { + size_t v; + +- if (len < offsetof(struct bootp, vend)) { +- logerrx("%s: truncated packet (%zu) from %s", +- ifp->name, len, inet_ntoa(*from)); +- return; +- } +- + /* Unlikely, but appeases sanitizers. */ + if (len > FRAMELEN_MAX) { + logerrx("%s: packet exceeded frame length (%zu) from %s", +@@ -3670,6 +3664,13 @@ dhcp_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg) + logerr(__func__); + return; + } ++ ++ if (iov->iov_len < offsetof(struct bootp, vend)) { ++ logerrx("%s: truncated packet (%zu) from %s", ++ ifp->name, iov->iov_len, inet_ntoa(from->sin_addr)); ++ return; ++ } ++ + state = D_CSTATE(ifp); + if (state == NULL) { + /* Try re-directing it to another interface. */ diff -Nru dhcpcd5-9.4.1/debian/patches/series dhcpcd5-9.4.1/debian/patches/series --- dhcpcd5-9.4.1/debian/patches/series 2023-05-24 16:29:33.000000000 +0300 +++ dhcpcd5-9.4.1/debian/patches/series 2024-06-15 12:37:49.000000000 +0300 @@ -8,3 +8,6 @@ 0008_fix_incorrect_assert.patch 0009_allow_newfstatat_syscall.patch 0010_miss_seccomp_on_ppc64el.patch +53e2f6de4ba87d0534c89cae674e6c1a48724ef0.patch +6e127eac6903524d401b31893167e4529b8ab111.patch +727c78f503d456875e2a3cee7609288b537d9d25.patch diff -Nru dhcpcd5-9.4.1/debian/rules dhcpcd5-9.4.1/debian/rules --- dhcpcd5-9.4.1/debian/rules 2023-07-09 22:14:37.000000000 +0300 +++ dhcpcd5-9.4.1/debian/rules 2023-12-13 22:49:49.000000000 +0200 @@ -20,8 +20,8 @@ # Avoid starting the unconfigured service as it may break connectivity. override_dh_installinit: - dh_installinit --name=dhcpcd --no-start + dh_installinit --name=dhcpcd --no-start --no-stop-on-upgrade --no-restart-after-upgrade override_dh_installsystemd: - dh_installsystemd --name=dhcpcd --no-start - dh_installsystemd --name=dhcpcd@ --no-start + dh_installsystemd --name=dhcpcd --no-start --no-stop-on-upgrade --no-restart-after-upgrade + dh_installsystemd --name=dhcpcd@ --no-start --no-stop-on-upgrade --no-restart-after-upgrade
