aboutsummaryrefslogtreecommitdiff
path: root/nss
AgeCommit message (Collapse)AuthorFilesLines
2017-10-11nss_files: Avoid large buffers with many host addresses [BZ #22078]Florian Weimer3-96/+462
The previous implementation had at least a quadratic space requirement in the number of host addresses and aliases.
2017-10-11nss_files: Use struct scratch_buffer for gethostbyname [BZ #18023]Florian Weimer1-156/+138
2017-10-10nss_files: Refactor gethostbyname3 multi case into separate functionFlorian Weimer1-193/+202
This is in preparation of further cleanup work.
2017-10-04Move nss_compat from nis to nss subdir and install it unconditionallyAndreas Schwab8-1/+3339
This has been tested that local lookup still works with and without an installed libnss_nis, and that NIS lookup works when libnss_nis is available.
2017-10-01Mark internal getXXXbyYYY functions with attribute_hidden [BZ #18822]H.J. Lu1-1/+2
Mark internal getXXXbyYYY functions with attribute_hidden to allow direct access within libc.so and libc.a without using GOT nor PLT. [BZ #18822] * include/aliases.h (__getaliasbyname_r): Add attribute_hidden. * include/netdb.h (__gethostbyaddr_r): Likewise. (__gethostbyname_r): Likewise. (__gethostbyname2_r): Likewise. (__getnetbyaddr_r): Likewise. (__getnetbyname_r): Likewise. (__getservbyname_r): Likewise. (__getservbyport_r): Likewise. (__getprotobyname_r): Likewise. (__getprotobynumber_r): Likewise. (__getnetgrent_r): Likewise. * include/rpc/netdb.h (__getrpcbyname_r): Likewise. (__getrpcbynumber_r): Likewise. * nss/getXXbyYY.c (INTERNAL (REENTRANT_NAME)): Likewise.
2017-09-12Remove compat from DEFAULT_CONFIG lookup stringsSteve Ellcey4-7/+33
* grp/initgroups.c: Include config.h. (DEFAULT_CONFIG): New macro. (internal_getgrouplist): Use DEFAULT_CONFIG. * nscd/initgrcache.c (addinitgroupsX): Likewise. * nss/nsswitch.c (__nss_disable_nscd): Likewise. (DEFAULT_DEFCONFIG): New macro. (__nss_database_lookup): Use DEFAULT_DEFCONFIG. * nss/grp-lookup.c: Include config.h (DEFAULT_CONFIG): Set definition based on LINK_OBSOLETE_NSL. * nss/pwd-lookup.c (DEFAULT_CONFIG): Likewise. * nss/spwd-lookup.c (DEFAULT_CONFIG): Likewise. * manual/nss.texi: Update default values section.
2017-09-01getaddrinfo: Fix error handling in gethosts [BZ #21915] [BZ #21922]Florian Weimer2-0/+116
The old code uses errno as the primary indicator for success or failure. This is wrong because errno is only set for specific combinations of the status return value and the h_errno variable.
2017-08-31NSS: Remove internal_function function attributeFlorian Weimer4-12/+4
2017-08-21Don't compile non-lib modules as lib modules [BZ #21864]H.J. Lu1-0/+1
Some programs have more than one source files. These non-lib modules should not be compiled with -DMODULE_NAME=libc. This patch puts these non-lib modules in $(others-extras) and adds $(others-extras) to all-nonlib. [BZ #21864] * Makerules (all-nonlib): Add $(others-extras). * catgets/Makefile (others-extras): New. * elf/Makefile (others-extras): Likewise. * nss/Makefile (others-extras): Likewise.
2017-08-21Mark internal nss symbols with attribute_hidden [BZ #18822]H.J. Lu4-11/+20
Mark internal nss symbols with attribute_hidden to allow direct access within libc.so and libc.a without using GOT nor PLT. Tested on x86-64 with and without --disable-nscd. [BZ #18822] * grp/initgroups.c (__nss_group_database): Removed. (__nss_initgroups_database): Likewise. * nscd/gai.c (__nss_hosts_database): Likewise. * nss/XXX-lookup.c (DATABASE_NAME_SYMBOL): Likewise. * posix/tst-rfc3484-2.c (__nss_hosts_database): Likewise. * posix/tst-rfc3484-3.c (__nss_hosts_database): Likewise. * posix/tst-rfc3484.c (__nss_hosts_database): Likewise. * sysdeps/posix/getaddrinfo.c (__nss_hosts_database): Likewise. * nss/getXXent.c (INTERNAL (REENTRANT_GETNAME)): Add attribute_hidden. * nss/nsswitch.c (__nss_database_custom): Define only if USE_NSCD is defined. (__nss_configure_lookup): Use __nss_database_custom only if USE_NSCD is defined. * nss/nsswitch.h (__nss_database_custom): Declare only if USE_NSCD is defined. Add attribute_hidden. (__nss_setent): Add attribute_hidden. (__nss_endent): Likewise. (__nss_getent_r): Likewise. (__nss_getent): Likewise. (DEFINE_DATABASE): Declare __nss_##arg##_database.
2017-08-18Consolidate non cancellable close callAdhemerval Zanella1-1/+1
This patch consolidates all the non cancellable close calls to use the __close_nocancel{_nostatus} identifier. For non cancellable targets it will be just a macro to call the default respective symbol while on Linux will be a internal one. Also, since it is used on libcrypto it is also exported in GLIBC_PRIVATE namespace. Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu. * sysdeps/generic/not-cancel.h (close_not_cancel): Remove macro. (close_not_cancel_no_status): Likewise. (__close_nocancel): New macro. (__close_nocancel_no_status): Likewise. * sysdeps/unix/sysv/linux/not-cancel.h (__close_nocancel): Remove macro. (close_not_cancel): Likewise. (close_not_cancel_no_status): Likewise. (__close_nocancel): New prototype. (__close_nocancel_no_status): New function. * sysdeps/unix/sysv/linux/close.c (__close_nocancel): New function. * catgets/open_catalog.c (__open_catalog): Replace close_not_cancel{_no_status) with __close_nocancel{_nostatus}. * gmon/gmon.c (write_gmon): Likewise. * iconv/gconv_cache.c (__gconv_load_cache): Likewise. * intl/loadmsgcat.c (close): Likewise. * io/ftw.c (open_dir_stream): Likewise. (ftw_startup): Likewise. * libio/fileops.c (_IO_file_open): Likewise. (_IO_file_close_mmap): Likewise. (_IO_file_close): Likewise. * libio/iopopen.c (_IO_dup2): Likewise. * locale/loadarchive.c (_nl_load_locale_from_archive): Likewise. * locale/loadlocale.c (_nl_load_locale): Likewise. * login/utmp_file.c (pututline_file): Likewise. (endutent_file): Likewise. * misc/daemon.c (daemon): Likewise. * nscd/nscd_getai.c (__nscd_getai): Likewise. * nscd/nscd_getgr_r.c (nscd_getgr_r): Likewise. * nscd/nscd_gethst_r.c (nscd_gethst_r): Likewise. * nscd/nscd_getpw_r.c (nscd_getpw_r): Likewise. * nscd/nscd_getserv_r.c (nscd_getserv_r): Likewise. * nscd/nscd_helper.c (open_socket): Likewise. (__nscd_open_socket): Likewise. * nscd/nscd_initgroups.c (__nscd_getgrouplist): Likewise. * nscd/nscd_netgroup.c (__nscd_setnetgrent): Likewise. (__nscd_innetgr): Likewise. * nss/nss_db/db-open.c (internal_setent): Likewise. * resolv/res-close.c (__res_iclose): Likewise. * sunrpc/pm_getmaps.c (pmap_getmaps): Likewise. * sysdeps/posix/closedir.c (__closedir): Likewise. * sysdeps/posix/getaddrinfo.c (getaddrinfo): Likewise. * sysdeps/posix/getcwd.c (__getcwd): Likewise. * sysdeps/posix/opendir.c (tryopen_o_directory): Likewise. (opendir_tail): Likewise. * sysdeps/posix/spawni.c (__spawni_child): Likewise. * sysdeps/unix/sysv/linux/check_native.c (__check_native): Likewise. * sysdeps/unix/sysv/linux/check_pf.c (__check_pf): Likewise. * sysdeps/unix/sysv/linux/fips-private.h (fips_enabled_p): Likewise. * sysdeps/unix/sysv/linux/gethostid.c (sethostid): Likewise. (gethostid): Likewise. * sysdeps/unix/sysv/linux/getloadavg.c (getloadavg): Likewise. * sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid): Likewise. * sysdeps/unix/sysv/linux/getsysstats.c (__get_nprocs): Likewise. * sysdeps/unix/sysv/linux/grantpt.c (close_all_fds): Likewise. * sysdeps/unix/sysv/linux/i386/smp.h (is_smp_system): Likewise. * sysdeps/unix/sysv/linux/ia64/has_cpuclock.c (has_cpuclock): Likewise. * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Likewise. * sysdeps/unix/sysv/linux/libc_fatal.c (backtrace_and_maps): Likewise. * sysdeps/unix/sysv/linux/malloc-sysdep.h (check_may_shrink_heap): Likewise. * sysdeps/unix/sysv/linux/mq_notify.c (init_mq_netlink): Likewise. * sysdeps/unix/sysv/linux/pthread_getname.c (pthread_getname_np): Likewise. * sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np): Likewise. * sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Likewise. * sysdeps/unix/sysv/linux/sysconf.c (__sysconf): Likewise.
2017-08-17Update nss tests to new skeletonDJ Delorie11-49/+42
* bug17079.c: Update to new test harness. * test-digits-dots.c: Likewise. * test-netdb.c: Likewise. * tst-field.c: Likewise. * tst-nss-getpwent.c: Likewise. * tst-nss-static.c: Likewise. * tst-nss-test1.c: Likewise. * tst-nss-test2.c: Likewise. * tst-nss-test3.c: Likewise. * tst-nss-test4.c: Likewise. * tst-nss-test5.c: Likewise.
2017-08-17Consolidate non cancellable open callAdhemerval Zanella1-1/+1
This patch consolidates all the non cancellable open calls to use the __open_nocancel identifier. For non cancellable targets it will be just a macro to call the default respective symbol while on Linux will be a internal one. To be consistent with the following non cancellable openat call, a new __open64_nocancel is also added (although not currently used). Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu. * sysdeps/generic/not-cancel.h (open_not_cancel): Remove macro. (open_not_cancel_2): Likewise. (open_nocancel): New macro. (open64_nocancel): Likewise. * sysdeps/unix/sysv/linux/not-cancel.h (open_not_cancel): Remove macro. (open_not_cancel_2): Likewise. (__open_nocancel): New prototype. (__open64_nocancel): Likewise. * sysdeps/unix/sysv/linux/Versions (libc) [GLIBC_PRIVATE]: Add __open_nocancel. * sysdeps/unix/sysv/linux/open.c (__open_nocancel): New function. * sysdeps/unix/sysv/linux/open64.c (__open64_nocancel): Likewise. * catgets/open_catalog.c (__open_catalog): Replace open_not_cancel{_2} with __open_nocancel. * csu/check_fds.c (check_one_fd): Likewise. * gmon/gmon.c (write_gmon): Likewise. * iconv/gconv_cache.c (__gconv_load_cached): Likewise. * intl/loadmsgcat.c (open): Likewise. * libio/fileops.c (_IO_file_open): Likewise. * locale/loadarchive.c (_nl_load_locale_from_archive): Likewise. * locale/loadlocale.c (_nl_load_locale): Likewise. * login/utmp_file.c (setutent_file): Likewise. * misc/daemon.c (daemon): Likewise. * nss/nss_db/db-open.c (internal_setent): Likewise. * sysdeps/mach/hurd/opendir.c (__opendirat): Likewise. * sysdeps/posix/libc_fatal.c (__libc_message): Likewise. * sysdeps/posix/opendir.c (tryopen_o_directory): Likewise. (__opendir): Likewise. * sysdeps/posix/spawni.c (__spawni_child): Likewise. * sysdeps/unix/sysv/linux/fips-private.h (fips_enable_p): Likewise. * sysdeps/unix/sysv/linux/gethostid.c (sethostid): Likewise. (gethostid): Likewise. * sysdeps/unix/sysv/linux/getloadavg.c (getloadavg): Likewise. * sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid): Likewise. * sysdeps/unix/sysv/linux/getsysstats.c (__get_nprocs): Likewise. * sysdeps/unix/sysv/linux/grantpt.c (__close_all_fds): Likewise. * sysdeps/unix/sysv/linux/i386/smp.h (is_smp_system): Likewise. * sysdeps/unix/sysv/linux/ia64/has_cpuclock.c (has_cpuclock): Likewise. * sysdeps/unix/sysv/linux/libc_fatal.c (backtrace_and_maps): Likewise. * sysdeps/unix/sysv/linux/malloc-sysdep.h (check_may_shrink_heap): Likewise. * sysdeps/unix/sysv/linux/powerpc/get_clockfreq.c (__get_clockfreq): Likewise. * sysdeps/unix/sysv/linux/pthread_getname.c (pthread_getname_np): Likewise. * sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np): Likewise. * sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Likewise. * sysdeps/unix/sysv/linux/sysconf.c (__sysconf): Likewise.
2017-08-14NSS: Replace exported NSS lookup functions with stubs [BZ #21962]Florian Weimer6-17/+54
Commit 384ca551743318bd9c9e24a496d6397f2e3f2a49 from 2007 added this to nss/XXX-lookup.c: +#ifndef NO_COMPAT +int +internal_function attribute_compat_text_section +DB_COMPAT_FCT (service_user **ni, const char *fct_name, void **fctp) +{ + return DB_LOOKUP_FCT (ni, fct_name, NULL, fctp); +} +#endif That is, it adds a pseudo-compat function with an internal_function attribute. The function it was supposed to replace did not have the attribute: extern int DB_LOOKUP_FCT (service_user **ni, const char *fct_name, - void **fctp) internal_function; + const char *fct2_name, void **fctp) + internal_function; This changed the calling convention on i386 for the following functions in the public ABI: __nss_passwd_lookup __nss_group_lookup __nss_hosts_lookup This commit replaces the functions with always-failing stubs, with true compat symbols. Due to a happy accident, the calling convention of the stub is identical for the internal_function and non-internal_function case on i386. In addition, this commit auto-generates the __nss_*_lookup2 function declarations as part of <nsswitch.h>.
2017-08-13NSS: Do not use internal_function for functions with hidden aliasesFlorian Weimer4-10/+5
Such functions are called across DSO boundaries and should not use a non-standard ABI.
2017-08-09nss: Call __resolv_context_put before early return in get*_r [BZ #21932]Florian Weimer1-1/+9
This corrects an oversight introduced in commit 352f4ff9a268b81ef5d4b2413f582565806e4790 (resolv: Introduce struct resolv_context).
2017-08-07Consistently use uintN_t not u_intN_t everywhere.Joseph Myers1-1/+1
This patch changes the remaining uses of the old nonstandard u_intN_t types in glibc to use the C99 uintN_t instead, except for the definitions of those typedefs and the tests of them in the c++-types test. This follows the previous such fix for libm, and being consistent in using uintN_t makes sense as a global cleanup. Tested for x86_64, and with build-many-glibcs.py. * catgets/catgets.c (catgets): Use uintN_t instead of u_intN_t. * catgets/catgetsinfo.h (struct catalog_obj): Likewise. (struct catalog_info): Likewise. * inet/htontest.c (lo): Likewise. (foo): Likewise. * inet/inet_lnaof.c (inet_lnaof): Likewise. * inet/inet_net.c (inet_network): Likewise. * inet/inet_netof.c (inet_netof): Likewise. * inet/rcmd.c (__ivaliduser): Likewise. (iruserok): Likewise. * locale/loadlocale.c (_nl_intern_locale_data): Likewise. * locale/programs/locale-spec.c (locale_special): Likewise. * nis/nis_findserv.c (struct findserv_req): Likewise. (__nis_findfastest_with_timeout): Likewise. * nss/test-netdb.c (test_network): Likewise. * resolv/inet_neta.c (inet_neta): Likewise. * resolv/ns_date.c (ns_datetosecs): Likewise. (SECS_PER_DAY): Likewise. * resolv/nss_dns/dns-network.c (_nss_dns_getnetbyaddr_r): Likewise. * resolv/res_comp.c (__putlong): Likewise. (__putshort): Likewise. (_getlong): Likewise. (_getshort): Likewise. * resolv/res_debug.c (p_time): Likewise. (precsize_ntoa): Likewise. (precsize_aton): Likewise. (latlon2ul): Likewise. (loc_aton): Likewise. (loc_ntoa): Likewise. * resolv/res_hconf.c (struct netaddr): Likewise. (_res_hconf_reorder_addrs): Likewise. * sunrpc/clnt_tcp.c (clnttcp_call): Likewise. (clnttcp_control): Likewise. * sunrpc/clnt_udp.c (clntudp_call): Likewise. (clntudp_control): Likewise. * sunrpc/clnt_unix.c (clntunix_call): Likewise. (clntunix_control): Likewise. * sunrpc/pmap_rmt.c (clnt_broadcast): Likewise. * sunrpc/rpc/auth.h (union des_block): Likewise. * sunrpc/tst-udp-nonblocking.c (do_test): Likewise. * sunrpc/xdr_rec.c (struct rec_strm): Likewise. (xdrrec_create): Likewise. (xdrrec_endofrecord): Likewise. (flush_out): Likewise. * sunrpc/xdr_stdio.c (xdrstdio_getlong): Likewise. (xdrstdio_putlong): Likewise. * sysdeps/unix/sysv/linux/errqueue.h (struct sock_extended_err): Likewise.
2017-07-21Correct nss/tst-nss-test5 configurationDJ Delorie1-1/+1
The configuration was cloned from test4, but test5 does not have data for a second module.
2017-07-21Fix nss/nss_test1.c compile with latest GCC.Steve Ellcey1-1/+2
* nss/nss_test1.c (default_npwd_data): Fix definition.
2017-07-17Extend NSS test suiteDJ Delorie10-92/+1185
* nss/nss_test.h: New. * nss/nss_test1.h: Rewrite to use test-provided data. Add group tests. Parameterize to allow multiple instances. * nss/nss_test2.h: New. Second instance. * nss/nss_test.ver: New. * nss/nss_test1.c: Update to use new framework. * nss/nss_test2.c: New. * nss/nss_test3.c: New. * nss/nss_test4.c: New. * nss/nss_test5.c: New. * nss/Makefile: Build new tests. * shlib-versions: Add libnss_test2.
2017-07-03resolv: Introduce struct resolv_context [BZ #21668]Florian Weimer5-30/+105
struct resolv_context objects provide a temporary resolver context which does not change during a name lookup operation. Only when the outmost context is created, the stub resolver configuration is verified to be current (at present, only against previous res_init calls). Subsequent attempts to obtain the context will reuse the result of the initial verification operation. struct resolv_context can also be extended in the future to store data which needs to be deallocated during thread cancellation.
2017-06-27resolv: Call _res_hconf_init from __res_vinitFlorian Weimer1-6/+0
Many callers of __res_maybe_init also call _res_hconf_init. Additional calls to the latter do not hurt because the function does its work only once. (/etc/hosts.conf is not reloaded or even checked for changes.) This means that we can simplify the code by calling _res_hconf_init directly from __res_vinit.
2017-05-11Suppress internal declarations for most of the testsuite.Zack Weinberg1-2/+2
This patch adds a new build module called 'testsuite'. IS_IN (testsuite) implies _ISOMAC, as do IS_IN_build and __cplusplus (which means several ad-hoc tests for __cplusplus can go away). libc-symbols.h now suppresses almost all of *itself* when _ISOMAC is defined; in particular, _ISOMAC mode does not get config.h automatically anymore. There are still quite a few tests that need to see internal gunk of one variety or another. For them, we now have 'tests-internal' and 'test-internal-extras'; files in this category will still be compiled with MODULE_NAME=nonlib, and everything proceeds as it always has. The bulk of this patch is moving tests from 'tests' to 'tests-internal'. There is also 'tests-static-internal', which has the same effect on files in 'tests-static', and 'modules-names-tests', which has the *inverse* effect on files in 'modules-names' (it's inverted because most of the things in modules-names are *not* tests). For both of these, the file must appear in *both* the new variable and the old one. There is also now a special case for when libc-symbols.h is included without MODULE_NAME being defined at all. (This happens during the creation of libc-modules.h, and also when preprocessing Versions files.) When this happens, IS_IN is set to be always false and _ISOMAC is *not* defined, which was the status quo, but now it's explicit. The remaining changes to C source files in this patch seemed likely to cause problems in the absence of the main change. They should be relatively self-explanatory. In a few cases I duplicated a definition from an internal header rather than move the test to tests-internal; this was a judgement call each time and I'm happy to change those however reviewers feel is more appropriate. * Makerules: New subdir configuration variables 'tests-internal' and 'test-internal-extras'. Test files in these categories will still be compiled with MODULE_NAME=nonlib. Test files in the existing categories (tests, xtests, test-srcs, test-extras) are now compiled with MODULE_NAME=testsuite. New subdir configuration variable 'modules-names-tests'. Files which are in both 'modules-names' and 'modules-names-tests' will be compiled with MODULE_NAME=testsuite instead of MODULE_NAME=extramodules. (gen-as-const-headers): Move to tests-internal. (do-tests-clean, common-mostlyclean): Support tests-internal. * Makeconfig (built-modules): Add testsuite. * Makefile: Change libof-check-installed-headers-c and libof-check-installed-headers-cxx to 'testsuite'. * Rules: Likewise. Support tests-internal. * benchtests/strcoll-inputs/filelist#en_US.UTF-8: Remove extra-modules.mk. * config.h.in: Don't check for __OPTIMIZE__ or __FAST_MATH__ here. * include/libc-symbols.h: Move definitions of _GNU_SOURCE, PASTE_NAME, PASTE_NAME1, IN_MODULE, IS_IN, and IS_IN_LIB to the very top of the file and rationalize their order. If MODULE_NAME is not defined at all, define IS_IN to always be false, and don't define _ISOMAC. If any of IS_IN (testsuite), IS_IN_build, or __cplusplus are true, define _ISOMAC and suppress everything else in this file, starting with the inclusion of config.h. Do check for inappropriate definitions of __OPTIMIZE__ and __FAST_MATH__ here, but only if _ISOMAC is not defined. Correct some out-of-date commentary. * include/math.h: If _ISOMAC is defined, undefine NO_LONG_DOUBLE and _Mlong_double_ before including math.h. * include/string.h: If _ISOMAC is defined, don't expose _STRING_ARCH_unaligned. Move a comment to a more appropriate location. * include/errno.h, include/stdio.h, include/stdlib.h, include/string.h * include/time.h, include/unistd.h, include/wchar.h: No need to check __cplusplus nor use __BEGIN_DECLS/__END_DECLS. * misc/sys/cdefs.h (__NTHNL): New macro. * sysdeps/m68k/m680x0/fpu/bits/mathinline.h (__m81_defun): Use __NTHNL to avoid errors with GCC 6. * elf/tst-env-setuid-tunables.c: Include config.h with _LIBC defined, for HAVE_TUNABLES. * inet/tst-checks-posix.c: No need to define _ISOMAC. * intl/tst-gettext2.c: Provide own definition of N_. * math/test-signgam-finite-c99.c: No need to define _ISOMAC. * math/test-signgam-main.c: No need to define _ISOMAC. * stdlib/tst-strtod.c: Convert to test-driver. Split locale_test to... * stdlib/tst-strtod1i.c: ...this new file. * stdlib/tst-strtod5.c: Convert to test-driver and add copyright notice. Split tests of __strtod_internal to... * stdlib/tst-strtod5i.c: ...this new file. * string/test-string.h: Include stdint.h. Duplicate definition of inhibit_loop_to_libcall here (from libc-symbols.h). * string/test-strstr.c: Provide dummy definition of libc_hidden_builtin_def when including strstr.c. * sysdeps/ia64/fpu/libm-symbols.h: Suppress entire file in _ISOMAC mode; no need to test __STRICT_ANSI__ nor __cplusplus as well. * sysdeps/x86_64/fpu/math-tests-arch.h: Include cpu-features.h. Don't include init-arch.h. * sysdeps/x86_64/multiarch/test-multiarch.h: Include cpu-features.h. Don't include init-arch.h. * elf/Makefile: Move tst-ptrguard1-static, tst-stackguard1-static, tst-tls1-static, tst-tls2-static, tst-tls3-static, loadtest, unload, unload2, circleload1, neededtest, neededtest2, neededtest3, neededtest4, tst-tls1, tst-tls2, tst-tls3, tst-tls6, tst-tls7, tst-tls8, tst-dlmopen2, tst-ptrguard1, tst-stackguard1, tst-_dl_addr_inside_object, and all of the ifunc tests to tests-internal. Don't add $(modules-names) to test-extras. * inet/Makefile: Move tst-inet6_scopeid_pton to tests-internal. Add tst-deadline to tests-static-internal. * malloc/Makefile: Move tst-mallocstate and tst-scratch_buffer to tests-internal. * misc/Makefile: Move tst-atomic and tst-atomic-long to tests-internal. * nptl/Makefile: Move tst-typesizes, tst-rwlock19, tst-sem11, tst-sem12, tst-sem13, tst-barrier5, tst-signal7, tst-tls3, tst-tls3-malloc, tst-tls5, tst-stackguard1, tst-sem11-static, tst-sem12-static, and tst-stackguard1-static to tests-internal. Link tests-internal with libpthread also. Don't add $(modules-names) to test-extras. * nss/Makefile: Move tst-field to tests-internal. * posix/Makefile: Move bug-regex5, bug-regex20, bug-regex33, tst-rfc3484, tst-rfc3484-2, and tst-rfc3484-3 to tests-internal. * stdlib/Makefile: Move tst-strtod1i, tst-strtod3, tst-strtod4, tst-strtod5i, tst-tls-atexit, and tst-tls-atexit-nodelete to tests-internal. * sunrpc/Makefile: Move tst-svc_register to tests-internal. * sysdeps/powerpc/Makefile: Move test-get_hwcap and test-get_hwcap-static to tests-internal. * sysdeps/unix/sysv/linux/Makefile: Move tst-setgetname to tests-internal. * sysdeps/x86_64/fpu/Makefile: Add all libmvec test modules to modules-names-tests.
2017-04-18Assume that O_CLOEXEC is always defined and worksFlorian Weimer5-99/+2
2017-03-15Fix build with --enable-static-nss [BZ #21088]Alexey Neyman1-1/+1
Signed-off-by: Alexey Neyman <stilor@att.net>
2017-03-01Miscellaneous low-risk changes preparing for _ISOMAC testsuite.Zack Weinberg1-0/+1
These are a grab bag of changes where the testsuite was using internal symbols of some variety, but this was straightforward to fix, and the fixed code should work with or without the change to compile the testsuite under _ISOMAC. Four of these are just more #include adjustments, but I want to highlight sysdeps/powerpc/fpu/tst-setcontext-fpscr.c, which appears to have been written before the advent of sys/auxv.h. I think a big chunk of this file could be replaced by a simple call to getauxval, but I'll let someone who actually has a powerpc machine to test on do that. dlfcn/tst-dladdr.c was including ldsodefs.h just so it could use DL_LOOKUP_ADDRESS to print an additional diagnostic; as requested by Carlos, I have removed this. math/test-misc.c was using #ifndef NO_LONG_DOUBLE, which is an internal configuration macro, to decide whether to do certain tests involving 'long double'. I changed the test to #if LDBL_MANT_DIG > DBL_MANT_DIG instead, which uses only public float.h macros and is equivalent on all supported platforms. (Note that NO_LONG_DOUBLE doesn't mean 'the compiler doesn't support long double', it means 'long double is the same as double'.) tst-writev.c has a configuration macro 'ARTIFICIAL_LIMIT' that the Makefiles are expected to define, and sysdeps/unix/sysv/linux/Makefile was using the internal __getpagesize in the definition; changed to sysconf(_SC_PAGESIZE) which is the POSIX equivalent. ia64-linux doesn't supply 'clone', only '__clone2', which is not defined in the public headers(!) All the other clone tests have local extern declarations of __clone2, but tst-clone.c doesn't; it was getting away with this because include/sched.h does declare __clone2. * nss/tst-cancel-getpwuid_r.c: Include nss.h. * string/strcasestr.c: No need to include config.h. * sysdeps/powerpc/fpu/tst-setcontext-fpscr.c: Include sys/auxv.h. Don't include sysdep.h. * sysdeps/powerpc/tst-set_ppr.c: Don't include dl-procinfo.h. * dlfcn/tst-dladdr.c: Don't include ldsodefs.h. Don't use DL_LOOKUP_ADDRESS. * math/test-misc.c: Instead of testing NO_LONG_DOUBLE, test whether LDBL_MANT_DIG is greater than DBL_MANT_DIG. * sysdeps/unix/sysv/linux/Makefile (CFLAGS-tst-writev.c): Use sysconf (_SC_PAGESIZE) instead of __getpagesize in definition of ARTIFICIAL_LIMIT. * sysdeps/unix/sysv/linux/tst-clone.c [__ia64__]: Add extern declaration of __clone2.
2017-01-05Increase some test timeouts.Joseph Myers2-0/+2
This patch increases timeouts on some tests I've observed timing out. elf/tst-tls13 and iconvdata/tst-loading both dynamically load many objects and so are slow when testing over NFS. They had timeouts set from before the default changed from 2 to 20 seconds; this patch removes those old settings, so effectively increasing the timeout to 20 seconds (from 3 and 10 seconds respectively). malloc/tst-malloc-thread-fail.c and malloc/tst-mallocfork2.c are slow on slow systems and so I set a fairly arbitrary 100 second timeout, which seems to suffice on the system where I saw them timing out. nss/tst-cancel-getpwuid_r.c and nss/tst-nss-getpwent.c are slow on systems with a large passwd file; I set timeouts that empirically worked for me. (It seems tst-cancel-getpwuid_r.c is hitting the 100000 getpwuid_r call limit in my testing, with each call taking a bit over 0.007 seconds, so 700 seconds for the test.) * elf/tst-tls13.c (TIMEOUT): Remove. * iconvdata/tst-loading.c (TIMEOUT): Likewise. * malloc/tst-malloc-thread-fail.c (TIMEOUT): Increase to 100. * malloc/tst-mallocfork2.c (TIMEOUT): Define to 100. * nss/tst-cancel-getpwuid_r.c (TIMEOUT): Define to 900. * nss/tst-nss-getpwent.c (TIMEOUT): Define to 300.
2017-01-01Update copyright dates not handled by scripts/update-copyrights.Joseph Myers2-2/+2
I've updated copyright dates in glibc for 2017. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. Please remember to include 2017 in the dates for any new files added in future (which means updating any existing uncommitted patches you have that add new files to use the new copyright dates in them). * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2017-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers63-63/+63
2016-12-31resolv: Deprecate the "inet6" option and RES_USE_INET6 [BZ #19582]Florian Weimer2-9/+9
2016-12-23Add deferred cancellation regression test for getpwuid_r.Carlos O'Donell2-0/+190
The fix in commit 312be3f9f5eab1643d7dcc7728c76d413d4f2640 resolved several cancellation issues in several APIs. This regression test is designed to double check that at least getpwuid_r remainds correctly implemented and does not provide additional unintended cancellation points that may leave locks in an inconsistent state.
2016-08-18Fix incorrect double-checked locking related to _res_hconf.initialized.Torvald Riegel1-2/+1
_res_hconf.initialized was not suitable for use in a multi-threaded environment due to the lack of atomics and memory barriers. Use of it was also unnecessary because _res_hconf_init did the right thing by using __libc_once. This patch fixes the glibc-internal uses by just calling _res_hconf_init unconditionally, and switches to a release MO atomic store for _res_hconf.initialized to fix the glibc side of the synchronization problem (which will maintain backward compatibility, but cannot fix the lack of acquire MO on any glibc-external loads). [BZ #20477] * resolv/res_hconf.c (do_init): Use atomic access. * resolv/res_hconf.h: Add comments. * nscd/aicache.c (addhstaiX): Call _res_hconf_init unconditionally. * nss/getXXbyYY_r.c (REENTRANT_NAME): Likewise. * sysdeps/posix/getaddrinfo.c (gaih_inet): Likewise.
2016-06-11nss_db: Fix initialization of iteration position [BZ #20237]Florian Weimer1-1/+7
When get*ent is called without a preceding set*ent, we need to set the initial iteration position in get*ent. Reproducer: Add “services: db files” to /etc/nsswitch.conf, then run “perl -e getservent”. It will segfault before this change, and exit silently after it.
2016-04-29NSS: Implement group merging support.Stephen Gallagher4-6/+137
https://sourceware.org/glibc/wiki/Proposals/GroupMerging == Justification == It is common today for users to rely on centrally-managed user stores for handling their user accounts. However, much software existing today does not have an innate understanding of such accounts. Instead, they commonly rely on membership in known groups for managing access-control (for example the "wheel" group on Fedora and RHEL systems or the "adm" group on Debian-derived systems). In the present incarnation of nsswitch, the only way to have such groups managed by a remote user store such as FreeIPA or Active Directory would be to manually remove the groups from /etc/group on the clients so that nsswitch would then move past nss_files and into the SSSD, nss-ldap or other remote user database. == Solution == With this patch, a new action is introduced for nsswitch: NSS_ACTION_MERGE. To take advantage of it, one will add [SUCCESS=merge] between two database entries in the nsswitch.conf file. When a group is located in the first of the two group entries, processing will continue on to the next one. If the group is also found in the next entry (and the group name and GID are an exact match), the member list of the second entry will be added to the group object to be returned. == Implementation == After each DL_LOOKUP_FN() returns, the next action is checked. If the function returned NSS_STATUS_SUCCESS and the next action is NSS_ACTION_MERGE, a copy of the result buffer is saved for the next pass through the loop. If on this next pass through the loop the database returns another instance of a group matching both the group name and GID, the member list is added to the previous list and it is returned as a single object. If the following database does not contain the same group, then the original is copied back into the destination buffer. This patch implements merge functionality only for the group database. For other databases, there is a default implementation that will return the EINVAL errno if a merge is requested. The merge functionality can be implemented for other databases at a later time if such is needed. Each database must provide a unique implementation of the deep-copy and merge functions. If [SUCCESS=merge] is present in nsswitch.conf for a glibc version that does not support it, glibc will process results up until that operation, at which time it will return results if it has found them or else will simply return an error. In practical terms, this ends up behaving like the remainder of the nsswitch.conf line does not exist. == Iterators == This feature does not modify the iterator functionality from its current behavior. If getgrnam() or getgrgid() is called, glibc will iterate through all entries in the `group` line in nsswitch.conf and display the list of members without attempting to merge them. This is consistent with the behavior of nss_files where if two separate lines are specified for the same group in /etc/groups, getgrnam()/getgrgid() will display both. Clients are already expected to handle this gracefully. == No Premature Optimizations == The following is a list of places that might be eligible for optimization, but were not overengineered for this initial contribution: * Any situation where a merge may occur will result in one malloc() of the same size as the input buffer. * Any situation where a merge does occur will result in a second malloc() to hold the list of pointers to member name strings. * The list of members is simply concatenated together and is not tested for uniqueness (which is identical to the behavior for nss_files, which will simply return identical values if they both exist on the line in the file. This could potentially be optimized to reduce space usage in the buffer, but it is both complex and computationally expensive to do so. == Testing == I performed testing by running the getent utility against my newly-built glibc and configuring /etc/nsswitch.conf with the following entry: group: group: files [SUCCESS=merge] sss In /etc/group I included the line: wheel:x:10:sgallagh I then configured my local SSSD using the id_provider=local to respond with: wheel:*:10:localuser,localuser2 I then ran `getent group wheel` against the newly-built glibc in multiple situations and received the expected output as described above: * When SSSD was running. * When SSSD was configured in nsswitch.conf but the daemon was not running. * When SSSD was configured in nsswitch.conf but nss_sss.so.2 was not installed on the system. * When the order of 'sss' and 'files' was reversed. * All of the above with the [SUCCESS=merge] removed (to ensure no regressions). * All of the above with `getent group 10`. * All of the above with `getent group` with and without `enumerate=true` set in SSSD. * All of the above with and without nscd enabled on the system.
2016-04-13Register extra test objectsAndreas Schwab1-0/+1
This makes sure that the extra test objects are compiled with the correct MODULE_NAME and dependencies are tracked.
2016-03-29nss_db: Propagate ERANGE error if parse_line fails [BZ #19837]Florian Weimer1-2/+2
Reproducer (needs to run as root): perl -e \ 'print "large:x:999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \ >> /etc/group cd /var/db make getent -s db group After the fix, the last command should list the "large" group. The magic number 135 has been chosen so that the line is shorter than 1024 bytes, but the pointers required to encode the member array will cross the threshold, triggering the bug.
2016-01-04Update copyright dates not handled by scripts/update-copyrights.Joseph Myers2-2/+2
I've updated copyright dates in glibc for 2016. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files. * NEWS: Update copyright dates. * catgets/gencat.c (print_version): Likewise. * csu/version.c (banner): Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c (print_version): Likewise. * debug/xtrace.sh (do_version): Likewise. * elf/ldconfig.c (print_version): Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c (print_version): Likewise. * elf/sotruss.sh: Likewise. * elf/sprof.c (print_version): Likewise. * iconv/iconv_prog.c (print_version): Likewise. * iconv/iconvconfig.c (print_version): Likewise. * locale/programs/locale.c (print_version): Likewise. * locale/programs/localedef.c (print_version): Likewise. * login/programs/pt_chown.c (print_version): Likewise. * malloc/memusage.sh (do_version): Likewise. * malloc/memusagestat.c (print_version): Likewise. * malloc/mtrace.pl: Likewise. * manual/libc.texinfo: Likewise. * nptl/version.c (banner): Likewise. * nscd/nscd.c (print_version): Likewise. * nss/getent.c (print_version): Likewise. * nss/makedb.c (print_version): Likewise. * posix/getconf.c (main): Likewise. * scripts/test-installation.pl: Likewise. * sysdeps/unix/sysv/linux/lddlibc4.c (main): Likewise.
2016-01-04Update copyright dates with scripts/update-copyrights.Joseph Myers62-62/+62
2015-10-20Convert 113 more function definitions to prototype style (files with ↵Joseph Myers1-5/+1
assertions). This mostly automatically-generated patch converts 113 function definitions in glibc from old-style K&R to prototype-style. Following my other recent such patches, this one deals with the case of function definitions in files that either contain assertions or where grep suggested they might contain assertions - and thus where it isn't possible to use a simple object code comparison as a sanity check on the correctness of the patch, because line numbers are changed. A few such automatically-generated changes needed to be supplemented by manual changes for the result to compile. openat64 had a prototype declaration with "..." but an old-style definition in sysdeps/unix/sysv/linux/dl-openat64.c, and "..." needed adding to the generated prototype in the definition (I've filed <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68024> for diagnosing such cases in GCC; the old state was undefined behavior not requiring a diagnostic, but one seems a good idea). In addition, as Florian has noted regparm attribute mismatches between declaration and definition are only diagnosed for prototype definitions, and five functions needed internal_function added to their definitions (in the case of __pthread_mutex_cond_lock, via the macro definition of __pthread_mutex_lock) to compile on i386. After this patch is in, remaining old-style definitions are probably most readily fixed manually before we can turn on -Wold-style-definition for all builds. Tested for x86_64 and x86 (testsuite). * crypt/md5-crypt.c (__md5_crypt_r): Convert to prototype-style function definition. * crypt/sha256-crypt.c (__sha256_crypt_r): Likewise. * crypt/sha512-crypt.c (__sha512_crypt_r): Likewise. * debug/backtracesyms.c (__backtrace_symbols): Likewise. * elf/dl-minimal.c (_itoa): Likewise. * hurd/hurdmalloc.c (malloc): Likewise. (free): Likewise. (realloc): Likewise. * inet/inet6_option.c (inet6_option_space): Likewise. (inet6_option_init): Likewise. (inet6_option_append): Likewise. (inet6_option_alloc): Likewise. (inet6_option_next): Likewise. (inet6_option_find): Likewise. * io/ftw.c (FTW_NAME): Likewise. (NFTW_NAME): Likewise. (NFTW_NEW_NAME): Likewise. (NFTW_OLD_NAME): Likewise. * libio/iofwide.c (_IO_fwide): Likewise. * libio/strops.c (_IO_str_init_static_internal): Likewise. (_IO_str_init_static): Likewise. (_IO_str_init_readonly): Likewise. (_IO_str_overflow): Likewise. (_IO_str_underflow): Likewise. (_IO_str_count): Likewise. (_IO_str_seekoff): Likewise. (_IO_str_pbackfail): Likewise. (_IO_str_finish): Likewise. * libio/wstrops.c (_IO_wstr_init_static): Likewise. (_IO_wstr_overflow): Likewise. (_IO_wstr_underflow): Likewise. (_IO_wstr_count): Likewise. (_IO_wstr_seekoff): Likewise. (_IO_wstr_pbackfail): Likewise. (_IO_wstr_finish): Likewise. * locale/programs/localedef.c (normalize_codeset): Likewise. * locale/programs/locarchive.c (add_locale_to_archive): Likewise. (add_locales_to_archive): Likewise. (delete_locales_from_archive): Likewise. * malloc/malloc.c (__libc_mallinfo): Likewise. * math/gen-auto-libm-tests.c (init_fp_formats): Likewise. * misc/tsearch.c (__tfind): Likewise. * nptl/pthread_attr_destroy.c (__pthread_attr_destroy): Likewise. * nptl/pthread_attr_getdetachstate.c (__pthread_attr_getdetachstate): Likewise. * nptl/pthread_attr_getguardsize.c (pthread_attr_getguardsize): Likewise. * nptl/pthread_attr_getinheritsched.c (__pthread_attr_getinheritsched): Likewise. * nptl/pthread_attr_getschedparam.c (__pthread_attr_getschedparam): Likewise. * nptl/pthread_attr_getschedpolicy.c (__pthread_attr_getschedpolicy): Likewise. * nptl/pthread_attr_getscope.c (__pthread_attr_getscope): Likewise. * nptl/pthread_attr_getstack.c (__pthread_attr_getstack): Likewise. * nptl/pthread_attr_getstackaddr.c (__pthread_attr_getstackaddr): Likewise. * nptl/pthread_attr_getstacksize.c (__pthread_attr_getstacksize): Likewise. * nptl/pthread_attr_init.c (__pthread_attr_init_2_1): Likewise. (__pthread_attr_init_2_0): Likewise. * nptl/pthread_attr_setdetachstate.c (__pthread_attr_setdetachstate): Likewise. * nptl/pthread_attr_setguardsize.c (pthread_attr_setguardsize): Likewise. * nptl/pthread_attr_setinheritsched.c (__pthread_attr_setinheritsched): Likewise. * nptl/pthread_attr_setschedparam.c (__pthread_attr_setschedparam): Likewise. * nptl/pthread_attr_setschedpolicy.c (__pthread_attr_setschedpolicy): Likewise. * nptl/pthread_attr_setscope.c (__pthread_attr_setscope): Likewise. * nptl/pthread_attr_setstack.c (__pthread_attr_setstack): Likewise. * nptl/pthread_attr_setstackaddr.c (__pthread_attr_setstackaddr): Likewise. * nptl/pthread_attr_setstacksize.c (__pthread_attr_setstacksize): Likewise. * nptl/pthread_condattr_setclock.c (pthread_condattr_setclock): Likewise. * nptl/pthread_create.c (__find_in_stack_list): Likewise. * nptl/pthread_getattr_np.c (pthread_getattr_np): Likewise. * nptl/pthread_mutex_cond_lock.c (__pthread_mutex_lock): Define to use internal_function. * nptl/pthread_mutex_init.c (__pthread_mutex_init): Convert to prototype-style function definition. * nptl/pthread_mutex_lock.c (__pthread_mutex_lock): Likewise. (__pthread_mutex_cond_lock_adjust): Likewise. Use internal_function. * nptl/pthread_mutex_timedlock.c (pthread_mutex_timedlock): Convert to prototype-style function definition. * nptl/pthread_mutex_trylock.c (__pthread_mutex_trylock): Likewise. * nptl/pthread_mutex_unlock.c (__pthread_mutex_unlock_usercnt): Likewise. (__pthread_mutex_unlock): Likewise. * nptl_db/td_ta_clear_event.c (td_ta_clear_event): Likewise. * nptl_db/td_ta_set_event.c (td_ta_set_event): Likewise. * nptl_db/td_thr_clear_event.c (td_thr_clear_event): Likewise. * nptl_db/td_thr_event_enable.c (td_thr_event_enable): Likewise. * nptl_db/td_thr_set_event.c (td_thr_set_event): Likewise. * nss/makedb.c (process_input): Likewise. * posix/fnmatch.c (__strchrnul): Likewise. (__wcschrnul): Likewise. (fnmatch): Likewise. * posix/fnmatch_loop.c (FCT): Likewise. * posix/glob.c (globfree): Likewise. (__glob_pattern_type): Likewise. (__glob_pattern_p): Likewise. * posix/regcomp.c (re_compile_pattern): Likewise. (re_set_syntax): Likewise. (re_compile_fastmap): Likewise. (regcomp): Likewise. (regerror): Likewise. (regfree): Likewise. * posix/regexec.c (regexec): Likewise. (re_match): Likewise. (re_search): Likewise. (re_match_2): Likewise. (re_search_2): Likewise. (re_search_stub): Likewise. Use internal_function (re_copy_regs): Likewise. (re_set_registers): Convert to prototype-style function definition. (prune_impossible_nodes): Likewise. Use internal_function. * resolv/inet_net_pton.c (inet_net_pton): Convert to prototype-style function definition. (inet_net_pton_ipv4): Likewise. * stdlib/strtod_l.c (____STRTOF_INTERNAL): Likewise. * sysdeps/pthread/aio_cancel.c (aio_cancel): Likewise. * sysdeps/pthread/aio_suspend.c (aio_suspend): Likewise. * sysdeps/pthread/timer_delete.c (timer_delete): Likewise. * sysdeps/unix/sysv/linux/dl-openat64.c (openat64): Likewise. Make variadic. * time/strptime_l.c (localtime_r): Convert to prototype-style function definition. * wcsmbs/mbsnrtowcs.c (__mbsnrtowcs): Likewise. * wcsmbs/mbsrtowcs_l.c (__mbsrtowcs_l): Likewise. * wcsmbs/wcsnrtombs.c (__wcsnrtombs): Likewise. * wcsmbs/wcsrtombs.c (__wcsrtombs): Likewise.
2015-10-02Fix i386 build after put*ent hardening changes.Joseph Myers3-0/+3
The recent put*ent hardening changes broke the build for i386. i386 defines internal_function to __attribute__ ((regparm (3), stdcall)), which affects type compatibility, so requiring internal_function to be used consistently on declarations and definitions. This patch adds internal_function to the definitions of the new functions using it on their declarations. Tested for i386 that this fixes the build. * nss/rewrite_field.c (__nss_rewrite_field): Use internal_function. * nss/valid_field.c (__nss_valid_field): Likewise. * nss/valid_list_field.c (__nss_valid_list_field): Likewise.
2015-10-02Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]Florian Weimer6-71/+231
This prevents injection of ':' and '\n' into output functions which use the NSS files database syntax. Critical fields (user/group names and file system paths) are checked strictly. For backwards compatibility, the GECOS field is rewritten instead. The getent program is adjusted to use the put*ent functions in libc, instead of local copies. This changes the behavior of getent if user names start with '-' or '+'.
2015-09-25Fix inconsistent passwd compensation in nss/bug17079.cFlorian Weimer1-1/+9
It used to be common practice to have a statically linked shell for an alternative root account, as in: root:x:0:0:root:/root:/bin/bash toor:x:0:0:root recovery account:/root:/sbin/sash This causes problems with passwd NSS tests because a UID-based lookup will only retrieve one of those entries. The original version of nss/bug17079.c detected this, but failed to use this information later on.
2015-09-22Test in commit e07aabba73ea62e7dfa0512507c92efb851fbdbe is for bug 17079Florian Weimer2-2/+3
2015-09-22Add test case for bug 18287Florian Weimer2-1/+237
2015-09-08Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).Joseph Myers9-9/+9
It was noted in <https://sourceware.org/ml/libc-alpha/2012-09/msg00305.html> that the bits/*.h naming scheme should only be used for installed headers. This patch renames bits/libc-lock.h to plain libc-lock.h and bits/libc-lockP.h to plain libc-lockP.h to follow that convention. Note that I don't know where libc-lockP.h comes from for Hurd (the Hurd libc-lock.h includes libc-lockP.h, but the only libc-lockP.h in the glibc source tree is for NPTL) - some unmerged patch? - but I updated the #include in the Hurd libc-lock.h anyway. Tested for x86_64 (testsuite, and that installed stripped shared libraries are unchanged by the patch). [BZ #14912] * bits/libc-lock.h: Move to ... * sysdeps/generic/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/mach/hurd/bits/libc-lock.h: Move to ... * sysdeps/mach/hurd/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. [_LIBC]: Include <libc-lockP.h> instead of <bits/libc-lockP.h>. * sysdeps/mach/bits/libc-lock.h: Move to ... * sysdeps/mach/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/nptl/bits/libc-lock.h: Move to ... * sysdeps/nptl/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/nptl/bits/libc-lockP.h: Move to ... * sysdeps/nptl/libc-lockP.h: ...here. (_BITS_LIBC_LOCKP_H): Rename macro to _LIBC_LOCKP_H. * crypt/crypt_util.c: Include <libc-lock.h> instead of <bits/libc-lock.h>. * dirent/scandir-tail.c: Likewise. * dlfcn/dlerror.c: Likewise. * elf/dl-close.c: Likewise. * elf/dl-iteratephdr.c: Likewise. * elf/dl-lookup.c: Likewise. * elf/dl-open.c: Likewise. * elf/dl-support.c: Likewise. * elf/dl-writev.h: Likewise. * elf/rtld.c: Likewise. * grp/fgetgrent.c: Likewise. * gshadow/fgetsgent.c: Likewise. * gshadow/sgetsgent.c: Likewise. * iconv/gconv_conf.c: Likewise. * iconv/gconv_db.c: Likewise. * iconv/gconv_dl.c: Likewise. * iconv/gconv_int.h: Likewise. * iconv/gconv_trans.c: Likewise. * include/link.h: Likewise. * inet/getnameinfo.c: Likewise. * inet/getnetgrent.c: Likewise. * inet/getnetgrent_r.c: Likewise. * intl/bindtextdom.c: Likewise. * intl/dcigettext.c: Likewise. * intl/finddomain.c: Likewise. * intl/gettextP.h: Likewise. * intl/loadmsgcat.c: Likewise. * intl/localealias.c: Likewise. * intl/textdomain.c: Likewise. * libidn/idn-stub.c: Likewise. * libio/libioP.h: Likewise. * locale/duplocale.c: Likewise. * locale/freelocale.c: Likewise. * locale/newlocale.c: Likewise. * locale/setlocale.c: Likewise. * login/getutent_r.c: Likewise. * login/getutid_r.c: Likewise. * login/getutline_r.c: Likewise. * login/utmp-private.h: Likewise. * login/utmpname.c: Likewise. * malloc/mtrace.c: Likewise. * misc/efgcvt.c: Likewise. * misc/error.c: Likewise. * misc/fstab.c: Likewise. * misc/getpass.c: Likewise. * misc/mntent.c: Likewise. * misc/syslog.c: Likewise. * nis/nis_call.c: Likewise. * nis/nis_callback.c: Likewise. * nis/nss-default.c: Likewise. * nis/nss_compat/compat-grp.c: Likewise. * nis/nss_compat/compat-initgroups.c: Likewise. * nis/nss_compat/compat-pwd.c: Likewise. * nis/nss_compat/compat-spwd.c: Likewise. * nis/nss_nis/nis-alias.c: Likewise. * nis/nss_nis/nis-ethers.c: Likewise. * nis/nss_nis/nis-grp.c: Likewise. * nis/nss_nis/nis-hosts.c: Likewise. * nis/nss_nis/nis-network.c: Likewise. * nis/nss_nis/nis-proto.c: Likewise. * nis/nss_nis/nis-pwd.c: Likewise. * nis/nss_nis/nis-rpc.c: Likewise. * nis/nss_nis/nis-service.c: Likewise. * nis/nss_nis/nis-spwd.c: Likewise. * nis/nss_nisplus/nisplus-alias.c: Likewise. * nis/nss_nisplus/nisplus-ethers.c: Likewise. * nis/nss_nisplus/nisplus-grp.c: Likewise. * nis/nss_nisplus/nisplus-hosts.c: Likewise. * nis/nss_nisplus/nisplus-initgroups.c: Likewise. * nis/nss_nisplus/nisplus-network.c: Likewise. * nis/nss_nisplus/nisplus-proto.c: Likewise. * nis/nss_nisplus/nisplus-pwd.c: Likewise. * nis/nss_nisplus/nisplus-rpc.c: Likewise. * nis/nss_nisplus/nisplus-service.c: Likewise. * nis/nss_nisplus/nisplus-spwd.c: Likewise. * nis/ypclnt.c: Likewise. * nptl/libc_pthread_init.c: Likewise. * nss/getXXbyYY.c: Likewise. * nss/getXXent.c: Likewise. * nss/getXXent_r.c: Likewise. * nss/nss_db/db-XXX.c: Likewise. * nss/nss_db/db-netgrp.c: Likewise. * nss/nss_db/nss_db.h: Likewise. * nss/nss_files/files-XXX.c: Likewise. * nss/nss_files/files-alias.c: Likewise. * nss/nsswitch.c: Likewise. * posix/regex_internal.h: Likewise. * posix/wordexp.c: Likewise. * pwd/fgetpwent.c: Likewise. * resolv/res_hconf.c: Likewise. * resolv/res_libc.c: Likewise. * shadow/fgetspent.c: Likewise. * shadow/lckpwdf.c: Likewise. * shadow/sgetspent.c: Likewise. * socket/opensock.c: Likewise. * stdio-common/reg-modifier.c: Likewise. * stdio-common/reg-printf.c: Likewise. * stdio-common/reg-type.c: Likewise. * stdio-common/vfprintf.c: Likewise. * stdio-common/vfscanf.c: Likewise. * stdlib/abort.c: Likewise. * stdlib/cxa_atexit.c: Likewise. * stdlib/fmtmsg.c: Likewise. * stdlib/random.c: Likewise. * stdlib/setenv.c: Likewise. * string/strsignal.c: Likewise. * sunrpc/auth_none.c: Likewise. * sunrpc/bindrsvprt.c: Likewise. * sunrpc/create_xid.c: Likewise. * sunrpc/key_call.c: Likewise. * sunrpc/rpc_thread.c: Likewise. * sysdeps/arm/backtrace.c: Likewise. * sysdeps/generic/ldsodefs.h: Likewise. * sysdeps/generic/stdio-lock.h: Likewise. * sysdeps/generic/unwind-dw2-fde.c: Likewise. * sysdeps/i386/backtrace.c: Likewise. * sysdeps/ieee754/ldbl-opt/nldbl-compat.c: Likewise. * sysdeps/m68k/backtrace.c: Likewise. * sysdeps/mach/hurd/cthreads.c: Likewise. * sysdeps/mach/hurd/dirstream.h: Likewise. * sysdeps/mach/hurd/malloc-machine.h: Likewise. * sysdeps/nptl/malloc-machine.h: Likewise. * sysdeps/nptl/stdio-lock.h: Likewise. * sysdeps/posix/dirstream.h: Likewise. * sysdeps/posix/getaddrinfo.c: Likewise. * sysdeps/posix/system.c: Likewise. * sysdeps/pthread/aio_suspend.c: Likewise. * sysdeps/s390/s390-32/backtrace.c: Likewise. * sysdeps/s390/s390-64/backtrace.c: Likewise. * sysdeps/unix/sysv/linux/check_pf.c: Likewise. * sysdeps/unix/sysv/linux/if_index.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutent_r.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutid_r.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutline_r.c: Likewise. * sysdeps/unix/sysv/linux/shm-directory.c: Likewise. * sysdeps/unix/sysv/linux/system.c: Likewise. * sysdeps/x86_64/backtrace.c: Likewise. * time/alt_digit.c: Likewise. * time/era.c: Likewise. * time/tzset.c: Likewise. * wcsmbs/wcsmbsload.c: Likewise. * nptl/tst-initializers1.c (do_test): Refer to <libc-lock.h> instead of <bits/libc-lock.h> in comment.
2015-08-09fix non-portable `echo -n` usageMike Frysinger1-9/+9
These scripts use #!/bin/sh explicitly, so make sure they avoid echo -n as different shells treat it differently. Use the portable printf func instead.
2015-05-11Separate internal state between getXXent and getXXbyYY NSS calls (bug 18007)Andreas Schwab3-167/+67
2015-04-29CVE-2014-8121: Do not close NSS files database during iteration [BZ #18007]Florian Weimer3-2/+120
Robin Hack discovered Samba would enter an infinite loop processing certain quota-related requests. We eventually tracked this down to a glibc issue. Running a (simplified) test case under strace shows that /etc/passwd is continuously opened and closed: … open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717 lseek(3, 2717, SEEK_SET) = 2717 close(3) = 0 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 lseek(3, 0, SEEK_SET) = 0 read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717 lseek(3, 2717, SEEK_SET) = 2717 close(3) = 0 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 … The lookup function implementation in nss/nss_files/files-XXX.c:DB_LOOKUP has code to prevent that. It is supposed skip closing the input file if it was already open. /* Reset file pointer to beginning or open file. */ \ status = internal_setent (keep_stream); \ \ if (status == NSS_STATUS_SUCCESS) \ { \ /* Tell getent function that we have repositioned the file pointer. */ \ last_use = getby; \ \ while ((status = internal_getent (result, buffer, buflen, errnop \ H_ERRNO_ARG EXTRA_ARGS_VALUE)) \ == NSS_STATUS_SUCCESS) \ { break_if_match } \ \ if (! keep_stream) \ internal_endent (); \ } \ keep_stream is initialized from the stayopen flag in internal_setent. internal_setent is called from the set*ent implementation as: status = internal_setent (stayopen); However, for non-host database, this flag is always 0, per the STAYOPEN magic in nss/getXXent_r.c. Thus, the fix is this: - status = internal_setent (stayopen); + status = internal_setent (1); This is not a behavioral change even for the hosts database (where the application can specify the stayopen flag) because with a call to sethostent(0), the file handle is still not closed in the implementation of gethostent.
2015-03-13Enhance nscd's inotify support (Bug 14906).Carlos O'Donell2-44/+30
In bug 14906 the user complains that the inotify support in nscd is not sufficient when it comes to detecting changes in the configurationfiles that should be watched for the various databases. The current nscd implementation uses inotify to watch for changes in the configuration files, but adds watches only for IN_DELETE_SELF and IN_MODIFY. These watches are insufficient to cover even the most basic uses by a system administrator. For example using emacs or vim to edit a configuration file should trigger a reload but it might not if the editors use move to atomically update the file. This atomic update changes the inode and thus removes the notification on the file (as inotify is based on inodes). Thus the inotify support in nscd for configuration files is insufficient to account for the average use cases of system administrators and users. The inotify support is significantly enhanced and described here: https://www.sourceware.org/ml/libc-alpha/2015-02/msg00504.html Tested on x86_64 with and without inotify support.
2015-03-04Split rpcent tests out of tst-netdb.Roland McGrath1-41/+0