+++ /dev/null
---- portmap-5.orig/Makefile
-+++ portmap-5/Makefile
-@@ -8,7 +8,7 @@
- # if you disagree. See `man 3 syslog' for examples. Some syslog versions
- # do not provide this flexibility.
- #
--FACILITY=LOG_MAIL
-+FACILITY=LOG_DAEMON
-
- # To disable tcp-wrapper style access control, comment out the following
- # macro definitions. Access control can also be turned off by providing
-@@ -16,7 +16,8 @@
- # daemon, is always treated as an authorized host.
-
- HOSTS_ACCESS= -DHOSTS_ACCESS
--WRAP_LIB = $(WRAP_DIR)/libwrap.a
-+#WRAP_LIB = $(WRAP_DIR)/libwrap.a
-+WRAP_LIB = -lwrap
-
- # Comment out if your RPC library does not allocate privileged ports for
- # requests from processes with root privilege, or the new portmap will
-@@ -71,7 +72,7 @@
- # With verbose logging on, HP-UX 9.x and AIX 4.1 leave zombies behind when
- # SIGCHLD is not ignored. Enable next macro for a fix.
- #
--# ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x
-+ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x
-
- # Uncomment the following macro if your system does not have u_long.
- #
-@@ -81,11 +82,14 @@
- # libwrap.a object library. WRAP_DIR should specify the directory with
- # that library.
-
--WRAP_DIR= ../tcp_wrappers
-+WRAP_DIR= $(TCPD_DIR)
-
- # Auxiliary object files that may be missing from your C library.
- #
--AUX = daemon.o strerror.o
-+#AUX = daemon.o strerror.o
-+
-+# glibc has strerror() (it's POSIX) and daemon() (when compiling -D_BSD_SOURCE)
-+AUX =
-
- # NEXTSTEP is a little different. The following seems to work with NS 3.2
- #
-@@ -99,22 +103,31 @@
-
- # Comment out if your compiler talks ANSI and understands const
- #
--CONST = -Dconst=
-+#CONST = -Dconst=
-
- ### End of configurable stuff.
- ##############################
-
-+GLIBC=$(shell grep -s -c __GLIBC__ /usr/include/features.h)
-+
-+ifeq ($(GLIBC),0)
-+LIBS += # -lbsd
-+else
-+LIBS += -lnsl
-+endif
-+
-+
- SHELL = /bin/sh
-
--COPT = $(CONST) -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \
-+COPT = $(CONST) $(HOSTS_ACCESS) $(CHECK_PORT) \
- $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) \
- $(LOOPBACK) $(SETPGRP)
--CFLAGS = $(COPT) -O $(NSARCHS)
-+CFLAGS = -Wall $(COPT) -O2 $(NSARCHS)
- OBJECTS = portmap.o pmap_check.o from_local.o $(AUX)
-
- all: portmap pmap_dump pmap_set
-
--portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a
-+portmap: $(OBJECTS) # $(WRAP_DIR)/libwrap.a
- $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_LIB) $(LIBS)
-
- pmap_dump: pmap_dump.c
-@@ -129,6 +142,17 @@
- get_myaddress: get_myaddress.c
- cc $(CFLAGS) -DTEST -o $@ get_myaddress.c $(LIBS)
-
-+install: all
-+ install -o root -g root -m 0755 -s portmap ${BASEDIR}/sbin
-+ install -o root -g root -m 0755 -s pmap_dump ${BASEDIR}/sbin
-+ install -o root -g root -m 0755 -s pmap_set ${BASEDIR}/sbin
-+ install -o root -g root -m 0644 portmap.8 ${BASEDIR}/usr/share/man/man8
-+ install -o root -g root -m 0644 pmap_dump.8 ${BASEDIR}/usr/share/man/man8
-+ install -o root -g root -m 0644 pmap_set.8 ${BASEDIR}/usr/share/man/man8
-+ cat BLURB >${BASEDIR}/usr/share/doc/portmap/portmapper.txt
-+ gzip -9f ${BASEDIR}/usr/share/doc/portmap/portmapper.txt
-+
-+
- lint:
- lint $(COPT) $(OBJECTS:%.o=%.c)
-
---- portmap-5.orig/daemon.c
-+++ portmap-5/daemon.c
-@@ -36,11 +36,8 @@
- #endif /* LIBC_SCCS and not lint */
-
- #include <fcntl.h>
--
--/* From unistd.h */
--#define STDIN_FILENO 0
--#define STDOUT_FILENO 1
--#define STDERR_FILENO 2
-+#include <unistd.h>
-+#include <sys/types.h>
-
- /* From paths.h */
- #define _PATH_DEVNULL "/dev/null"
---- portmap-5.orig/pmap_check.c
-+++ portmap-5/pmap_check.c
-@@ -41,10 +41,14 @@
- #include <syslog.h>
- #include <netdb.h>
- #include <sys/signal.h>
-+#include <grp.h>
- #ifdef SYSV40
- #include <netinet/in.h>
- #include <rpc/rpcent.h>
- #endif
-+#include <sys/types.h>
-+#include <unistd.h>
-+#include <tcpd.h>
-
- extern char *inet_ntoa();
-
-@@ -101,15 +105,25 @@
- * Give up root privileges so that we can never allocate a privileged
- * port when forwarding an rpc request.
- */
-+ if (setgid(1) == -1) {
-+ syslog(LOG_ERR, "setgid(1) failed: %m");
-+ exit(1);
-+ }
-+ if (setgroups(0, 0) == -1) {
-+ syslog(LOG_ERR, "setgroups(0, 0) failed: %m");
-+ exit(1);
-+ }
- if (setuid(1) == -1) {
- syslog(LOG_ERR, "setuid(1) failed: %m");
- exit(1);
- }
-+
- (void) signal(SIGINT, toggle_verboselog);
- }
-
- /* check_default - additional checks for NULL, DUMP, GETPORT and unknown */
-
-+int
- check_default(addr, proc, prog)
- struct sockaddr_in *addr;
- u_long proc;
-@@ -128,6 +142,7 @@
-
- /* check_privileged_port - additional checks for privileged-port updates */
-
-+int
- check_privileged_port(addr, proc, prog, port)
- struct sockaddr_in *addr;
- u_long proc;
-@@ -173,6 +188,7 @@
-
- #else
-
-+int
- check_setunset(addr, proc, prog, port)
- struct sockaddr_in *addr;
- u_long proc;
-@@ -197,6 +213,7 @@
-
- /* check_callit - additional checks for forwarded requests */
-
-+int
- check_callit(addr, proc, prog, aproc)
- struct sockaddr_in *addr;
- u_long proc;
-@@ -249,13 +266,13 @@
- };
- struct proc_map *procp;
- static struct proc_map procmap[] = {
-- PMAPPROC_CALLIT, "callit",
-- PMAPPROC_DUMP, "dump",
-- PMAPPROC_GETPORT, "getport",
-- PMAPPROC_NULL, "null",
-- PMAPPROC_SET, "set",
-- PMAPPROC_UNSET, "unset",
-- 0, 0,
-+ {PMAPPROC_CALLIT, "callit"},
-+ {PMAPPROC_DUMP, "dump"},
-+ {PMAPPROC_GETPORT, "getport"},
-+ {PMAPPROC_NULL, "null"},
-+ {PMAPPROC_SET, "set"},
-+ {PMAPPROC_UNSET, "unset"},
-+ {0, 0},
- };
-
- /*
-@@ -269,7 +286,7 @@
-
- if (prognum == 0) {
- progname = "";
-- } else if (rpc = getrpcbynumber((int) prognum)) {
-+ } else if ((rpc = getrpcbynumber((int) prognum))) {
- progname = rpc->r_name;
- } else {
- sprintf(progname = progbuf, "%lu", prognum);
---- portmap-5.orig/from_local.c
-+++ portmap-5/from_local.c
-@@ -51,6 +51,9 @@
- #include <net/if.h>
- #include <sys/ioctl.h>
- #include <syslog.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <unistd.h>
-
- #ifndef TRUE
- #define TRUE 1
-@@ -96,6 +99,7 @@
-
- /* find_local - find all IP addresses for this host */
-
-+int
- find_local()
- {
- struct ifconf ifc;
-@@ -154,6 +158,7 @@
-
- /* from_local - determine whether request comes from the local system */
-
-+int
- from_local(addr)
- struct sockaddr_in *addr;
- {
---- portmap-5.orig/pmap_dump.c
-+++ portmap-5/pmap_dump.c
-@@ -23,6 +23,20 @@
-
- static char *protoname();
-
-+#ifndef INADDR_LOOPBACK
-+#define INADDR_LOOPBACK ntohl(inet_addr("127.0.0.1"))
-+#endif
-+
-+static void get_myloopaddress(addrp)
-+struct sockaddr_in *addrp;
-+{
-+ memset((char *) addrp, 0, sizeof(*addrp));
-+ addrp->sin_family = AF_INET;
-+ addrp->sin_port = htons(PMAPPORT);
-+ addrp->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
-+}
-+
-+int
- main(argc, argv)
- int argc;
- char **argv;
-@@ -31,7 +45,7 @@
- register struct pmaplist *list;
- register struct rpcent *rpc;
-
-- get_myaddress(&addr);
-+ get_myloopaddress(&addr);
-
- for (list = pmap_getmaps(&addr); list; list = list->pml_next) {
- rpc = getrpcbynumber((int) list->pml_map.pm_prog);
---- portmap-5.orig/pmap_set.c
-+++ portmap-5/pmap_set.c
-@@ -17,6 +17,10 @@
- #include <rpc/rpc.h>
- #include <rpc/pmap_clnt.h>
-
-+int parse_line(char *buf, u_long *prog, u_long *vers, int *prot,
-+ unsigned *port);
-+
-+int
- main(argc, argv)
- int argc;
- char **argv;
-@@ -40,6 +44,7 @@
-
- /* parse_line - convert line to numbers */
-
-+int
- parse_line(buf, prog, vers, prot, port)
- char *buf;
- u_long *prog;
-@@ -47,9 +52,9 @@
- int *prot;
- unsigned *port;
- {
-- char proto_name[BUFSIZ];
-+ char proto_name[256];
-
-- if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) {
-+ if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) {
- return (0);
- }
- if (strcmp(proto_name, "tcp") == 0) {
-@@ -65,3 +70,4 @@
- }
- return (0);
- }
-+
---- portmap-5.orig/portmap.c
-+++ portmap-5/portmap.c
-@@ -80,6 +80,10 @@
- * Mountain View, California 94043
- */
-
-+#if defined(__GLIBC__)
-+#define _BSD_SOURCE 1 /* for daemon(3) */
-+#include <rpc/xdr.h>
-+#endif /* __GLIBC__ */
- #include <rpc/rpc.h>
- #include <rpc/pmap_prot.h>
- #include <stdio.h>
-@@ -91,11 +95,13 @@
- #include <sys/signal.h>
- #include <sys/time.h>
- #include <sys/resource.h>
--#ifdef SYSV40
- #include <netinet/in.h>
--#endif
-+#include <sys/types.h>
-+#include <unistd.h>
-+#include <string.h>
-+#include <errno.h>
-+#include <arpa/inet.h>
-
--extern char *strerror();
- #include <stdlib.h>
-
- #ifndef LOG_PERROR
-@@ -124,7 +130,6 @@
- static void callit();
- struct pmaplist *pmaplist;
- int debugging = 0;
--extern int errno;
-
- #include "pmap_check.h"
-
-@@ -148,6 +153,7 @@
- #endif
- #endif
-
-+int
- main(argc, argv)
- int argc;
- char **argv;
-@@ -157,22 +163,31 @@
- struct sockaddr_in addr;
- int len = sizeof(struct sockaddr_in);
- register struct pmaplist *pml;
-+ char *chroot_path = NULL;
-+ struct in_addr bindaddr;
-+ int have_bindaddr = 0;
-
-- while ((c = getopt(argc, argv, "dv")) != EOF) {
-+ while ((c = getopt(argc, argv, "dt:vi:")) != EOF) {
- switch (c) {
-
- case 'd':
- debugging = 1;
- break;
--
-+ case 't':
-+ chroot_path = optarg;
-+ break;
- case 'v':
- verboselog = 1;
- break;
--
-+ case 'i':
-+ have_bindaddr = inet_aton(optarg, &bindaddr);
-+ break;
- default:
-- (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]);
-+ (void) fprintf(stderr, "usage: %s [-dv] [-t path] [-i address]\n", argv[0]);
- (void) fprintf(stderr, "-d: debugging mode\n");
-+ (void) fprintf(stderr, "-t path: chroot into path\n");
- (void) fprintf(stderr, "-v: verbose logging\n");
-+ (void) fprintf(stderr, "-i address: bind to address\n");
- exit(1);
- }
- }
-@@ -201,6 +216,9 @@
- addr.sin_addr.s_addr = 0;
- addr.sin_family = AF_INET;
- addr.sin_port = htons(PMAPPORT);
-+ if (have_bindaddr)
-+ memcpy(&addr.sin_addr, &bindaddr, sizeof(bindaddr));
-+
- if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
- syslog(LOG_ERR, "cannot bind udp: %m");
- exit(1);
-@@ -227,7 +245,7 @@
- setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on);
- #endif
- if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
-- syslog(LOG_ERR, "cannot bind udp: %m");
-+ syslog(LOG_ERR, "cannot bind tcp: %m");
- exit(1);
- }
- if ((xprt = svctcp_create(sock, RPCSMALLMSGSIZE, RPCSMALLMSGSIZE))
-@@ -280,6 +298,14 @@
- (void)svc_register(xprt, PMAPPROG, PMAPVERS, reg_service, FALSE);
-
- /* additional initializations */
-+ if (chroot_path)
-+ {
-+ if (-1 == chroot(chroot_path))
-+ {
-+ syslog(LOG_ERR, "couldn't do chroot");
-+ exit(1);
-+ }
-+ }
- check_startup();
- #ifdef IGNORE_SIGCHLD /* Lionel Cons <cons@dxcern.cern.ch> */
- (void)signal(SIGCHLD, SIG_IGN);
-@@ -350,7 +376,7 @@
- */
- /* remote host authorization check */
- check_default(svc_getcaller(xprt), rqstp->rq_proc, (u_long) 0);
-- if (!svc_sendreply(xprt, xdr_void, (caddr_t)0) && debugging) {
-+ if (!svc_sendreply(xprt, (xdrproc_t) xdr_void, (caddr_t)0) && debugging) {
- abort();
- }
- break;
-@@ -359,7 +385,7 @@
- /*
- * Set a program,version to port mapping
- */
-- if (!svc_getargs(xprt, xdr_pmap, ®))
-+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®))
- svcerr_decode(xprt);
- else {
- /* reject non-local requests, protect priv. ports */
-@@ -401,7 +427,7 @@
- ans = 1;
- }
- done:
-- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) &&
-+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) &&
- debugging) {
- (void) fprintf(stderr, "svc_sendreply\n");
- abort();
-@@ -413,7 +439,7 @@
- /*
- * Remove a program,version to port mapping.
- */
-- if (!svc_getargs(xprt, xdr_pmap, ®))
-+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®))
- svcerr_decode(xprt);
- else {
- ans = 0;
-@@ -447,7 +473,7 @@
- prevpml->pml_next = pml;
- free(t);
- }
-- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) &&
-+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) &&
- debugging) {
- (void) fprintf(stderr, "svc_sendreply\n");
- abort();
-@@ -459,7 +485,7 @@
- /*
- * Lookup the mapping for a program,version and return its port
- */
-- if (!svc_getargs(xprt, xdr_pmap, ®))
-+ if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®))
- svcerr_decode(xprt);
- else {
- /* remote host authorization check */
-@@ -474,7 +500,7 @@
- port = fnd->pml_map.pm_port;
- else
- port = 0;
-- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&port)) &&
-+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&port)) &&
- debugging) {
- (void) fprintf(stderr, "svc_sendreply\n");
- abort();
-@@ -486,7 +512,7 @@
- /*
- * Return the current set of mapped program,version
- */
-- if (!svc_getargs(xprt, xdr_void, NULL))
-+ if (!svc_getargs(xprt, (xdrproc_t) xdr_void, (caddr_t) NULL))
- svcerr_decode(xprt);
- else {
- /* remote host authorization check */
-@@ -497,7 +523,7 @@
- } else {
- p = pmaplist;
- }
-- if ((!svc_sendreply(xprt, xdr_pmaplist,
-+ if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist,
- (caddr_t)&p)) && debugging) {
- (void) fprintf(stderr, "svc_sendreply\n");
- abort();
-@@ -645,7 +671,7 @@
- timeout.tv_sec = 5;
- timeout.tv_usec = 0;
- a.rmt_args.args = buf;
-- if (!svc_getargs(xprt, xdr_rmtcall_args, &a))
-+ if (!svc_getargs(xprt, (xdrproc_t) xdr_rmtcall_args, (caddr_t) &a))
- return;
- /* host and service access control */
- if (!check_callit(svc_getcaller(xprt),
-@@ -674,9 +700,9 @@
- au->aup_uid, au->aup_gid, au->aup_len, au->aup_gids);
- }
- a.rmt_port = (u_long)port;
-- if (clnt_call(client, a.rmt_proc, xdr_opaque_parms, &a,
-- xdr_len_opaque_parms, &a, timeout) == RPC_SUCCESS) {
-- svc_sendreply(xprt, xdr_rmtcall_result, (caddr_t)&a);
-+ if (clnt_call(client, a.rmt_proc, (xdrproc_t) xdr_opaque_parms, (char*) &a,
-+ (xdrproc_t) xdr_len_opaque_parms, (char*) &a, timeout) == RPC_SUCCESS) {
-+ svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (caddr_t)&a);
- }
- AUTH_DESTROY(client->cl_auth);
- clnt_destroy(client);