aboutsummaryrefslogtreecommitdiff
path: root/nscd
AgeCommit message (Collapse)AuthorFilesLines
2021-09-03Remove "Contributed by" linesSiddhesh Poyarekar38-38/+0
We stopped adding "Contributed by" or similar lines in sources in 2012 in favour of git logs and keeping the Contributors section of the glibc manual up to date. Removing these lines makes the license header a bit more consistent across files and also removes the possibility of error in attribution when license blocks or files are copied across since the contributed-by lines don't actually reflect reality in those cases. Move all "Contributed by" and similar lines (Written by, Test by, etc.) into a new file CONTRIBUTED-BY to retain record of these contributions. These contributors are also mentioned in manual/contrib.texi, so we just maintain this additional record as a courtesy to the earlier developers. The following scripts were used to filter a list of files to edit in place and to clean up the CONTRIBUTED-BY file respectively. These were not added to the glibc sources because they're not expected to be of any use in future given that this is a one time task: https://gist.github.com/siddhesh/b5ecac94eabfd72ed2916d6d8157e7dc https://gist.github.com/siddhesh/15ea1f5e435ace9774f485030695ee02 Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-06-22Use 64 bit time_t stat internallyAdhemerval Zanella1-2/+2
For the legacy ABI with supports 32-bit time_t it calls the 64-bit time directly, since the LFS symbols calls the 64-bit time_t ones internally. Checked on i686-linux-gnu and x86_64-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
2021-03-09nss: fix nss_database_lookup2's alternate handling [BZ #27416]DJ Delorie3-6/+3
__nss_database_lookup2's extra arguments were left unused in the nsswitch reloading patch set; this broke compat (default config ignored) and shadow files (secondary name ignored) which relies on these fallbacks. This patch adds in the previous behavior by correcting the initialization of the database list to reflect the fallbacks. This means that the nss_database_lookup2 interface no longer needs to be passed the fallback info, so API and callers were adjusted. Since all callers needed to be edited anyway, the calls were changed from __nss_database_lookup2 to the faster __nss_database_get. This was an intended optimization which was deferred during the initial lookup changes to avoid touching so many files. The test case verifies that compat targets work (passwd) and that the default configuration works (group). Tested on x86-64.
2021-03-02nscd: Fix double free in netgroupcache [BZ #27462]DJ Delorie1-2/+2
In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free was fixed, but this led to an occasional double-free. This patch tracks the "live" allocation better. Tested manually by a third party. Related: RHBZ 1927877 Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-01-02Update copyright dates not handled by scripts/update-copyrights.Paul Eggert1-1/+1
I've updated copyright dates in glibc for 2021. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. As well as the usual annual updates, mainly dates in --version output (minus csu/version.c which previously had to be handled manually but is now successfully updated by update-copyrights), there is a small change to the copyright notice in NEWS which should let NEWS get updated automatically next year. Please remember to include 2021 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them).
2021-01-02Update copyright dates with scripts/update-copyrightsPaul Eggert40-40/+40
I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 6694 files FOO. I then removed trailing white space from benchtests/bench-pthread-locks.c and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this diagnostic from Savannah: remote: *** pre-commit check failed ... remote: *** error: lines with trailing whitespace found remote: error: hook declined to update refs/heads/master
2020-12-04nsswitch: use new internal API (callers)DJ Delorie5-19/+14
Stitch new ABI and types throughout all NSS callers. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-10-09Remove stat wrapper functions, move them to exported symbolsAdhemerval Zanella1-0/+5
This patch removes the stat, stat64, lstat, lstat64, fstat, fstat64, fstatat, and fstatat64 static wrapper and add the symbol on the libc with the expected names. Both the prototypes of the internal symbol linked by the static wrappers and the inline redirectors are also removed from the installed sys/stat.h header file. The wrapper implementation license LGPL exception is also removed since it is no longer statically linked to binaries. Internally the _STAT_VER* definitions are moved to a arch-specific xstatver.h file. The internal defines that redirects internals {f}stat{at} to their {f}xstat{at} counterparts are removed for Linux (!NO_RTLD_HIDDEN). Hurd still requires them since {f}stat{at} pulls extra objects that makes the loader build fail otherwise (I haven't dig into why exactly). Checked with a build for all affected ABIs. I also checked on x86_64, i686, powerpc, powerpc64le, sparcv9, sparc64, s390, and s390x. Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-09-17nscd: bump GC cycle during cache pruning (bug 26130)Andreas Schwab2-2/+11
While nscd prunes a cache it becomes inconsistent temporarily, which is visible to clients if that cache is shared. Bump the GC cycle counter so that the clients notice the modification window. Uniformly use atomic_fetch_add to modify the GC cycle counter.
2020-09-11Remove internal usage of extensible stat functionsAdhemerval Zanella1-1/+1
It replaces the internal usage of __{f,l}xstat{at}{64} with the __{f,l}stat{at}{64}. It should not change the generate code since sys/stat.h explicit defines redirections to internal calls back to xstat* symbols. Checked with a build for all affected ABIs. I also check on x86_64-linux-gnu and i686-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
2020-07-23Disable warnings due to deprecated libselinux symbols used by nss and nscdArjun Shankar1-0/+15
The SELinux API deprecated several symbols in its 3.1 release, including security_context_t, matchpathcon, avc_init, and sidput, which are used in makedb and nscd. While the usage of these should eventually be replaced by newer interfaces, this commit disables GCC warnings due to the use of the above symbols. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2020-07-08Remove --enable-obsolete-nsl configure flagPetr Vorel1-7/+1
this means that *always* libnsl is only built as shared library for backward compatibility and the NSS modules libnss_nis and libnss_nisplus are not built at all, libnsl's headers aren't installed. This compatibility is kept only for architectures and ABIs that have been added in or before version 2.28. Replacement implementations based on TIRPC, which additionally support IPv6, are available from <https://github.com/thkukuk/>. This change does not affect libnss_compat which does not depended on libnsl since 2.27 and thus can be used without NIS. libnsl code depends on Sun RPC, e.g. on --enable-obsolete-rpc (installed libnsl headers use installed Sun RPC headers), which will be removed in the following commit.
2020-05-05y2038: nscd: Modify nscd_helper to use __clock_gettime64Lukasz Majewski1-8/+9
The nscd/nscd_helper.c uses __clock_gettime to get current time and on this basis calculate the relative timeout for poll. By using __clock_gettime64 on systems with __WORDSIZE == 32 && __TIMESIZE != 64 the timeout is correctly calculated after time_t overflow.
2020-03-17nscd/cachedumper.c : fix whitespaceDJ Delorie1-4/+4
2020-03-16Fix nscd/cachedumper.c compile errorsDJ Delorie1-6/+8
2020-03-13nscd: add cache dumperDJ Delorie4-1/+389
2020-02-13nss: Add function types and NSS_DECLARE_MODULE_FUNCTIONS macro to <nss.h>Florian Weimer1-18/+5
This macro allows to add type safety to the implementation of NSS service modules. Reviewed-by: DJ Delorie <dj@redhat.com>
2020-01-01Update copyright dates not handled by scripts/update-copyrights.Joseph Myers1-1/+1
I've updated copyright dates in glibc for 2020. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. As well as the usual annual updates, mainly dates in --version output (minus libc.texinfo which previously had to be handled manually but is now successfully updated by update-copyrights), there is a fix to sysdeps/unix/sysv/linux/powerpc/bits/termios-c_lflag.h where a typo in the copyright notice meant it failed to be updated automatically. Please remember to include 2020 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them).
2020-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers39-39/+39
2019-10-30Change most internal uses of time to __clock_gettime.Adhemerval Zanella2-3/+3
As for gettimeofday, time will be implemented based on clock_gettime on all platforms and internal code should use clock_gettime directly. In addition to removing a layer of indirection, this will allow us to remove the PLT-bypass gunk for gettimeofday. The changed code always assumes __clock_gettime (CLOCK_REALTIME) or __clock_gettime (CLOCK_REALTIME_COARSE) (for Linux case) cannot fail, using the same rationale for gettimeofday change. And internal helper was added (time_now). Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, powerpc64-linux-gnu, and powerpc-linux-gnu. Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-10-30Change most internal uses of __gettimeofday to __clock_gettime.Zack Weinberg1-12/+12
Since gettimeofday will shortly be implemented in terms of clock_gettime on all platforms, internal code should use clock_gettime directly; in addition to removing a layer of indirection, this will allow us to remove the PLT-bypass gunk for gettimeofday. (We can't quite do that yet, but it'll be coming later in this patch series.) In many cases, the changed code does fewer conversions. The changed code always assumes __clock_gettime (CLOCK_REALTIME) cannot fail. Most of the call sites were assuming gettimeofday could not fail, but a few places were checking for errors. POSIX says clock_gettime can only fail if the clock constant is invalid or unsupported, and CLOCK_REALTIME is the one and only clock constant that's required to be supported. For consistency I grepped the entire source tree for any other places that checked for errors from __clock_gettime (CLOCK_REALTIME), found one, and changed it too. (For the record, POSIX also says gettimeofday can never fail.) (It would be nice if we could declare that GNU systems will always support CLOCK_MONOTONIC as well as CLOCK_REALTIME; there are several places where we are using CLOCK_REALTIME where _MONOTONIC would be more appropriate, and/or trying to use _MONOTONIC and then falling back to _REALTIME. But the Hurd doesn't support CLOCK_MONOTONIC yet, and it looks like adding it would involve substantial changes to gnumach's internals and API. Oh well.) A few Hurd-specific files were changed to use __host_get_time instead of __clock_gettime, as this seemed tidier. We also assume this cannot fail. Skimming the code in gnumach leads me to believe the only way it could fail is if __mach_host_self also failed, and our Hurd-specific code consistently assumes that can't happen, so I'm going with that. With the exception of support/support_test_main.c, test cases are not modified, mainly because I didn't want to have to figure out which test cases were testing gettimeofday specifically. The definition of GETTIME in sysdeps/generic/memusage.h had a typo and was not reading tv_sec at all. I fixed this. It appears nobody has been generating malloc traces on a machine that doesn't have a superseding definition. There are a whole bunch of places where the code could be simplified by factoring out timespec subtraction and/or comparison logic, but I want to keep this patch as mechanical as possible. Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-09-07Prefer https to http for gnu.org and fsf.org URLsPaul Eggert39-39/+39
Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-08-19nscd: Improve nscd.conf comments.Carlos O'Donell1-0/+6
This change adds a warning to nscd.conf about running multiple caching services together and that it may lead to unexpected behaviours. Also we add a note that enabling the 'shared' option will cause cache hit rates to be misreported (a side effect of the implementation). v2 - Rewrite comment to avoid implementation details.
2019-05-15nss: Turn __nss_database_lookup into a compatibility symbolFlorian Weimer3-6/+6
The function uses the internal service_user type, so it is not really usable from the outside of glibc. Rename the function to __nss_database_lookup2 for internal use, and change __nss_database_lookup to always indicate failure to the caller. __nss_next already was a compatibility symbol. The new implementation always fails and no longer calls __nss_next2. unscd, the alternative nscd implementation, does not use __nss_database_lookup, so it is not affected by this change.
2019-04-08resolv: Remove support for RES_USE_INET6 and the inet6 optionFlorian Weimer2-12/+2
This functionality was deprecated in glibc 2.25. This commit only includes the core changes to remove the functionality. It does not remove the RES_USE_INET6 handling in the individual NSS service modules and the res_use_inet6 function. These changes will happen in future commits.
2019-02-22Break some lines before not after operators.Joseph Myers2-5/+5
The GNU Coding Standards specify that line breaks in expressions should go before an operator, not after one. This patch fixes various code to do this. It only changes code that appears to be mostly following GNU style anyway, not files and directories with substantially different formatting. It is not exhaustive even for files using GNU style (for example, changes to sysdeps files are deferred for subsequent cleanups). Some files changed are shared with gnulib, but most are specific to glibc. Changes were made manually, with places to change found by grep (so some cases, e.g. where the operator was followed by a comment at end of line, are particularly liable to have been missed by grep, but I did include cases where the operator was followed by backslash-newline). This patch generally does not attempt to address other coding style issues in the expressions changed (for example, missing spaces before '(', or lack of parentheses to ensure indentation of continuation lines properly reflects operator precedence). Tested for x86_64, and with build-many-glibcs.py. * benchtests/bench-memmem.c (simple_memmem): Break lines before rather than after operators. * benchtests/bench-skeleton.c (TIMESPEC_AFTER): Likewise. * crypt/md5.c (md5_finish_ctx): Likewise. * crypt/sha256.c (__sha256_finish_ctx): Likewise. * crypt/sha512.c (__sha512_finish_ctx): Likewise. * elf/cache.c (load_aux_cache): Likewise. * elf/dl-load.c (open_verify): Likewise. * elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise. * elf/readelflib.c (process_elf_file): Likewise. * elf/rtld.c (dl_main): Likewise. * elf/sprof.c (generate_call_graph): Likewise. * hurd/ctty-input.c (_hurd_ctty_input): Likewise. * hurd/ctty-output.c (_hurd_ctty_output): Likewise. * hurd/dtable.c (reauth_dtable): Likewise. * hurd/getdport.c (__getdport): Likewise. * hurd/hurd/signal.h (_hurd_interrupted_rpc_timeout): Likewise. * hurd/hurd/sigpreempt.h (HURD_PREEMPT_SIGNAL_P): Likewise. * hurd/hurdfault.c (_hurdsig_fault_catch_exception_raise): Likewise. * hurd/hurdioctl.c (fioctl): Likewise. * hurd/hurdselect.c (_hurd_select): Likewise. * hurd/hurdsig.c (_hurdsig_abort_rpcs): Likewise. (STOPSIGS): Likewise. * hurd/hurdstartup.c (_hurd_startup): Likewise. * hurd/intr-msg.c (_hurd_intr_rpc_mach_msg): Likewise. * hurd/lookup-retry.c (__hurd_file_name_lookup_retry): Likewise. * hurd/msgportdemux.c (msgport_server): Likewise. * hurd/setauth.c (_hurd_setauth): Likewise. * include/features.h (__GLIBC_USE_DEPRECATED_SCANF): Likewise. * libio/libioP.h [IO_DEBUG] (CHECK_FILE): Likewise. * locale/programs/ld-ctype.c (set_class_defaults): Likewise. * localedata/tests-mbwc/tst_swscanf.c (tst_swscanf): Likewise. * login/tst-utmp.c (do_check): Likewise. (simulate_login): Likewise. * mach/lowlevellock.h (lll_lock): Likewise. (lll_trylock): Likewise. * math/test-fenv.c (ALL_EXC): Likewise. * math/test-fenvinline.c (ALL_EXC): Likewise. * misc/sys/cdefs.h (__attribute_deprecated_msg__): Likewise. * nis/nis_call.c (__do_niscall3): Likewise. * nis/nis_callback.c (cb_prog_1): Likewise. * nis/nis_defaults.c (searchaccess): Likewise. * nis/nis_findserv.c (__nis_findfastest_with_timeout): Likewise. * nis/nis_ismember.c (internal_ismember): Likewise. * nis/nis_local_names.c (nis_local_principal): Likewise. * nis/nss_nis/nis-rpc.c (_nss_nis_getrpcbyname_r): Likewise. * nis/nss_nisplus/nisplus-netgrp.c (_nss_nisplus_getnetgrent_r): Likewise. * nis/ypclnt.c (yp_match): Likewise. (yp_first): Likewise. (yp_next): Likewise. (yp_master): Likewise. (yp_order): Likewise. * nscd/hstcache.c (cache_addhst): Likewise. * nscd/initgrcache.c (addinitgroupsX): Likewise. * nss/nss_compat/compat-pwd.c (copy_pwd_changes): Likewise. (internal_getpwuid_r): Likewise. * nss/nss_compat/compat-spwd.c (copy_spwd_changes): Likewise. * posix/glob.h (__GLOB_FLAGS): Likewise. * posix/regcomp.c (peek_token): Likewise. (peek_token_bracket): Likewise. (parse_expression): Likewise. * posix/regexec.c (sift_states_iter_mb): Likewise. (check_node_accept_bytes): Likewise. * posix/tst-spawn3.c (do_test): Likewise. * posix/wordexp-test.c (testit): Likewise. * posix/wordexp.c (parse_tilde): Likewise. (exec_comm): Likewise. * posix/wordexp.h (__WRDE_FLAGS): Likewise. * resource/vtimes.c (TIMEVAL_TO_VTIMES): Likewise. * setjmp/sigjmp.c (__sigjmp_save): Likewise. * stdio-common/printf_fp.c (__printf_fp_l): Likewise. * stdio-common/tst-fileno.c (do_test): Likewise. * stdio-common/vfprintf-internal.c (vfprintf): Likewise. * stdlib/strfmon_l.c (__vstrfmon_l_internal): Likewise. * stdlib/strtod_l.c (round_and_return): Likewise. (____STRTOF_INTERNAL): Likewise. * stdlib/tst-strfrom.h (TEST_STRFROM): Likewise. * string/strcspn.c (STRCSPN): Likewise. * string/test-memmem.c (simple_memmem): Likewise. * termios/tcsetattr.c (tcsetattr): Likewise. * time/alt_digit.c (_nl_parse_alt_digit): Likewise. * time/asctime.c (asctime_internal): Likewise. * time/strptime_l.c (__strptime_internal): Likewise. * time/sys/time.h (timercmp): Likewise. * time/tzfile.c (__tzfile_compute): Likewise.
2019-02-04Remove duplicate initialization of field in nscd.Joseph Myers1-1/+0
I'm looking at the warnings from building glibc with -Wextra, to see if we could use -Wextra by default, possibly with a few of its warnings disabled, and so benefit from warnings in -Wextra but not in -Wall. (The vast bulk of the extra warnings so produced are from -Wunused-parameter -Wsign-compare -Wmissing-field-initializers -Wtype-limits, so I expect those would be disabled at least at first.) Various miscellaneous warnings show up with -Wextra that it clearly seems to make sense to fix independent of whether we add -Wextra to the normal options for building glibc. This patch fixes one: "initialized field overwritten [-Woverride-init]" in nscd. Tested for x86_64. * nscd/connections.c (reqinfo): Initialize SHUTDOWN element only once.
2019-01-21CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings [BZ #20018]Florian Weimer2-3/+0
The IPv4 address parser in the getaddrinfo function is changed so that it does not ignore trailing whitespace and all characters after it. For backwards compatibility, the getaddrinfo function still recognizes legacy name syntax, such as 192.000.002.010 interpreted as 192.0.2.8 (octal). This commit does not change the behavior of inet_addr and inet_aton. gethostbyname already had additional sanity checks (but is switched over to the new __inet_aton_exact function for completeness as well). To avoid sending the problematic query names over DNS, commit 6ca53a2453598804a2559a548a08424fca96434a ("resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]") is needed.
2019-01-01Update copyright dates not handled by scripts/update-copyrights.Joseph Myers1-1/+1
I've updated copyright dates in glibc for 2019. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. Please remember to include 2019 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them). * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2019-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers39-39/+39
* All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
2018-12-19nscd: avoid assertion failure during persistent db checkAndreas Schwab1-1/+2
nscd should not abort when it finds inconsistencies in the persistent db.
2018-08-31[BZ #20271] Add newlines in __libc_fatal calls.Paul Pluzhnikov1-1/+1
2018-08-28nscd: Fix use-after-free in addgetnetgrentX [BZ #23520]Florian Weimer1-13/+29
addinnetgrX may use the heap-allocated buffer, so free the buffer in this function.
2018-08-14nscd: Deallocate existing user names in file parserFlorian Weimer1-1/+5
This avoids a theoretical memory leak (theoretical because it depends on multiple server-user/stat-user directives in the configuration file).
2018-06-29manual: Revise crypt.texi.Zack Weinberg1-2/+2
This is a major rewrite of the description of 'crypt', 'getentropy', and 'getrandom'. A few highlights of the content changes: - Throughout the manual, public headers, and user-visible messages, I replaced the term "password" with "passphrase", the term "password database" with "user database", and the term "encrypt(ion)" with "(one-way) hashing" whenever it was applied to passphrases. I didn't bother making this change in internal code or tests. The use of the term "password" in ruserpass.c survives, because that refers to a keyword in netrc files, but it is adjusted to make this clearer. There is a note in crypt.texi explaining that they were traditionally called passwords but single words are not good enough anymore, and a note in users.texi explaining that actual passphrase hashes are found in a "shadow" database nowadays. - There is a new short introduction to the "Cryptographic Functions" section, explaining how we do not intend to be a general-purpose cryptography library, and cautioning that there _are_, or have been, legal restrictions on the use of cryptography in many countries, without getting into any kind of detail that we can't promise to keep up to date. - I added more detail about what a "one-way function" is, and why they are used to obscure passphrases for storage. I removed the paragraph saying that systems not connected to a network need no user authentication, because that's a pretty rare situation nowadays. (It still says "sometimes it is necessary" to authenticate the user, though.) - I added documentation for all of the hash functions that glibc actually supports, but not for the additional hash functions supported by libxcrypt. If we're going to keep this manual section around after the transition is more advanced, it would probably make sense to add them then. - There is much more detailed discussion of how to generate a salt, and the failure behavior for crypt is documented. (Returning an invalid hash on failure is what libxcrypt does; Solar Designer's notes say that this was done "for compatibility with old programs that assume crypt can never fail".) - As far as I can tell, the header 'crypt.h' is entirely a GNU invention, and never existed on any other Unix lineage. The function 'crypt', however, was in Issue 1 of the SVID and is now in the XSI component of POSIX. I tried to make all of the @standards annotations consistent with this, but I'm not sure I got them perfectly right. - The genpass.c example has been improved to use getentropy instead of the current time to generate the salt, and to use a SHA-256 hash instead of MD5. It uses more random bytes than is strictly necessary because I didn't want to complicate the code with proper base64 encoding. - The testpass.c example has three hardwired hashes now, to demonstrate that different one-way functions produce different hashes for the same input. It also demonstrates how DES hashing only pays attention to the first eight characters of the input. - There is new text explaining in more detail how a CSPRNG differs from a regular random number generator, and how getentropy/getrandom are not exactly a CSPRNG. I tried not to make specific falsifiable claims here. I also tried to make the blocking/cancellation/error behavior of both getentropy and getrandom clearer.
2018-06-25nscd: Switch to struct scratch_buffer in adhstaiX [BZ #18023]Florian Weimer1-34/+45
The pre-allocation of the three scratch buffers increased the initial stack size somewhat, but if retries are needed, the previous version used more stack space if extend_alloca could not merge allocations. Lack of alloca accounting also means could be problematic with extremely large NSS responses, too. [BZ #18023] * nscd/aicache.c (addhstaiX): Use struct scratch_buffer instead of extend_alloca.
2018-06-25nscd: Use struct scratch_buffer, not extend_alloca in most caches [BZ #18023]Florian Weimer4-152/+75
This replaces the ERANGE retry loops with loops which have heap fallback. Heap allocation might actually be required for extremely large NSS results.
2018-06-25nscd restart: Use malloc instead of extend_alloca [BZ #18023]Florian Weimer1-38/+61
This introduces a separate function, read_cmdline, which reads the contents of /proc/self/cmdline into a heap-allocated buffer.
2018-05-23Switch IDNA implementation to libidn2 [BZ #19728] [BZ #19729] [BZ #22247]Florian Weimer1-3/+0
This provides an implementation of the IDNA2008 standard and fixes CVE-2016-6261, CVE-2016-6263, CVE-2017-14062.
2018-05-16Fix concurrent changes on nscd aware files (BZ #23178)Adhemerval Zanella9-306/+21
As indicated by BZ#23178, concurrent access on some files read by nscd may result non expected data send through service requisition. This is due 'sendfile' Linux implementation where for sockets with zero-copy support, callers must ensure the transferred portions of the the file reffered by input file descriptor remain unmodified until the reader on the other end of socket has consumed the transferred data. I could not find any explicit documentation stating this behaviour on Linux kernel documentation. However man-pages sendfile entry [1] states in NOTES the aforementioned remark. It was initially pushed on man-pages with an explicit testcase [2] that shows changing the file used in 'sendfile' call prior the socket input data consumption results in previous data being lost. From commit message it stated on tested Linux version (3.15) only TCP socket showed this issues, however on recent kernels (4.4) I noticed the same behaviour for local sockets as well. Since sendfile on HURD is a read/write operation and the underlying issue on Linux, the straightforward fix is just remove sendfile use altogether. I am really skeptical it is hitting some hotstop (there are indication over internet that sendfile is helpfull only for large files, more than 10kb) here to justify that extra code complexity or to pursuit other possible fix (through memory or file locks for instance, which I am not sure it is doable). Checked on x86_64-linux-gnu. [BZ #23178] * nscd/nscd-client.h (sendfileall): Remove prototype. * nscd/connections.c [HAVE_SENDFILE] (sendfileall): Remove function. (handle_request): Use writeall instead of sendfileall. * nscd/aicache.c (addhstaiX): Likewise. * nscd/grpcache.c (cache_addgr): Likewise. * nscd/hstcache.c (cache_addhst): Likewise. * nscd/initgrcache.c (addinitgroupsX): Likewise. * nscd/netgroupcache.c (addgetnetgrentX, addinnetgrX): Likewise. * nscd/pwdcache.c (cache_addpw): Likewise. * nscd/servicescache.c (cache_addserv): Likewise. * sysdeps/unix/sysv/linux/Makefile [$(subdir) == nscd] (sysdep-CFLAGS): Remove -DHAVE_SENDFILE. * sysdeps/unix/sysv/linux/kernel-features.h (__ASSUME_SENDFILE): Remove define. [1] http://man7.org/linux/man-pages/man2/sendfile.2.html [2] https://github.com/mkerrisk/man-pages/commit/7b6a3299776b5c1c4f169a591434a855d50c68b4#diff-efd6af3a70f0f07c578e85b51e83b3c3
2018-04-02hurd: Add hurd thread librarySamuel Thibault1-0/+1
Contributed by Agustina Arzille <avarzille@riseup.net> Amos Jeffries <squid3@treenet.co.nz> David Michael <fedora.dm0@gmail.com> Marco Gerards <marco@gnu.org> Marcus Brinkmann <marcus@gnu.org> Neal H. Walfield <neal@gnu.org> Pino Toscano <toscano.pino@tiscali.it> Richard Braun <rbraun@sceen.net> Roland McGrath <roland@gnu.org> Samuel Thibault <samuel.thibault@ens-lyon.org> Thomas DiModica <ricinwich@yahoo.com> Thomas Schwinge <tschwinge@gnu.org> * htl: New directory. * sysdeps/htl: New directory. * sysdeps/hurd/htl: New directory. * sysdeps/i386/htl: New directory. * sysdeps/mach/htl: New directory. * sysdeps/mach/hurd/htl: New directory. * sysdeps/mach/hurd/i386/htl: New directory. * nscd/Depend, resolv/Depend, rt/Depend: Add htl dependency. * sysdeps/mach/hurd/i386/Implies: Add mach/hurd/i386/htl imply. * sysdeps/mach/hurd/i386/libpthread.abilist: New file.
2018-03-03Fix multiple definitions of __nss_*_database (bug 22918)Andreas Schwab1-0/+3
2018-03-01[BZ #22342] Fix netgroup cache keys.DJ Delorie1-1/+1
Unlike other nscd caches, the netgroup cache contains two types of records - those for "iterate through a netgroup" (i.e. setnetgrent()) and those for "is this user in this netgroup" (i.e. innetgr()), i.e. full and partial records. The timeout code assumes these records have the same key for the group name, so that the collection of records that is "this netgroup" can be expired as a unit. However, the keys are not the same, as the in-netgroup key is generated by nscd rather than being passed to it from elsewhere, and is generated without the trailing NUL. All other keys have the trailing NUL, and as noted in the linked BZ, debug statements confirm that two keys for the same netgroup are added to the cache with two different lengths. The result of this is that as records in the cache expire, the purge code only cleans out one of the two types of entries, resulting in stale, possibly incorrect, and possibly inconsistent cache data. The patch simply includes the existing NUL in the computation for the key length ('key' points to the char after the NUL, and 'group' to the first char of the group, so 'key-group' includes the first char to the NUL, inclusive). [BZ #22342] * nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in key value. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2018-02-11nscd: don't unconditionally use ↵Samuel Thibault1-5/+11
PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP is Linux-only. * nscd/connections.c (RWLOCK_INITIALIZER): Define to PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP or PTHREAD_RWLOCK_INITIALIZER if that is not available. (dbs): Use RWLOCK_INITIALIZER instead of PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP.
2018-01-28hurd: Fix getifaddrs / freeifaddrs expositionSamuel Thibault1-0/+2
400669754de4 ('hurd: Fix nscd build') had the side effect of making libc's freeaddrinfo expose freeifaddrs through __check_pf. We can just move the renames to gai.c itself, along others. * sysdeps/mach/hurd/check_pf.c (__getifaddrs, __freeifaddrs): Do not define macros. * nscd/gai.c (__getifaddrs): Define macro to getifaddrs. (__freeifaddrs): Define macro to freeifaddrs.
2018-01-01Update copyright dates not handled by scripts/update-copyrights.Joseph Myers1-1/+1
I've updated copyright dates in glibc for 2018. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. Please remember to include 2018 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them). * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2018-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers39-39/+39
* All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
2017-12-18Fix nscd readlink argument aliasing (bug 22446).Joseph Myers1-2/+3
Current GCC mainline detects that nscd calls readlink with the same buffer for both input and output, which is not valid (those arguments are both restrict-qualified in POSIX). This patch makes it use a separate buffer for readlink's input (with a size that is sufficient to avoid truncation, so there should be no problems with warnings about possible truncation, though not strictly minimal, but much smaller than the buffer for output) to avoid this problem. Tested compilation for aarch64-linux-gnu with build-many-glibcs.py. [BZ #22446] * nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate buffers for readlink input and output.
2017-12-15Increase buffer size due to warning from ToT GCCSteve Ellcey1-1/+1
* nscd/dbg_log.c (dbg_log): Increase msg buffer size.
2017-12-12Use memcpy instead of strncpy in nscd/nscd.h to fix build problem with ToT GCCSteve Ellcey1-1/+1
* nscd/nscd.h (init_traced_file): Change strncpy to memcpy.