From nobody Fri Jul 25 20:12:05 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bpfD570pDz62Hp0; Fri, 25 Jul 2025 20:12:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bpfD52jM2z3G5C; Fri, 25 Jul 2025 20:12:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1753474325; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+PuFDs6N4zih+XgSTLjMayHapKM+6rvRCAlA/yFXZ4I=; b=Lo67LHCcy2RzJsrbOFY8FbEJKLFBfYqxMH2lrfrcCS7K6xvAeJTnO2R+HWDPJp0ErQBF0e pPx1svi4Oib12cVSNgBIdjMfHUou6niZz5aPjBGRshCu/gVm/HLSzKYULZNTxHsx2vu0M4 qiaVhVGpqV3w1ndz9JMPquXadxnv2884lzqhF3HqHxfqGQBCRguryu7iuuuNmPdwVaIhH2 Yb/Fo+ejMB+Cuuydd6AW30LJV9eaHgPk/2grxqTkM/bKpV8KRP1MDUO9xdoMaG3FemJcwN 8K5DxCWhzqZl2eE2x4PKGJY2LuXtEF7k8Vb59APlprMnSL9paV0kJcFkKDK8nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1753474325; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+PuFDs6N4zih+XgSTLjMayHapKM+6rvRCAlA/yFXZ4I=; b=AWWwmIKsqYjVy+grtSapsNaCNzjHpfuL7ANGwE5HFCVNTRYSWH7QI7v7q1MFL4g8lpS/RD JisxuFkrVdVa3SeTboXkGaPgEFNz4n/XrA/KlKYsmBQNT+2NBc5rc16SfEqfXs26+DGLLa +qD/0dLiMMti1k8BbDNMIbcIZfQxEbq1YYpN3L6ue//fTNIQRSHs0cw4oWOGYhP5cZRQ+V qudfM93QaqtFG2XnEWLvkRHEbhTnf0LPLMJgvsXC/SizWC1qSV/dSVdhzKqzPlIAlcLVE2 StjARpF0Yc6oBql2UZaPpUPNhncLRvzBVKKhQZ1+U2qxCTjsuTmsoWOg7DJiVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1753474325; a=rsa-sha256; cv=none; b=J1Y3eGBXq4OtYKepH2wp0gF09JZ2He2r7cW5aGE+1C+gAiFVSHrWVpcWnki9bUqlNPTRlc vnODd2FZQI/RBO9dZ20WXLZrPHfiTlMH6Qf5q1+6sTuOMn3sdAQ9AFdW9dNDMj2IS2nBs3 opEPbuaW07KqSCejIvb91uteCBbgHd0KMc2JxHlftCso6IHRvJUegxbIZEwHJXfNOAtL0J 9Mn4WBg/LZddsHNNLTXBw+5E/9MQ3XpFOT+LutFcC6cG0rlsSVUPHF3MpbLclEvc26tm7H R+4/kauJwfFzKiLr7l9f6fqzvtOjw+8qT7hnBiLWo3vy4KRw4L7QFu6N+Iz3tQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bpfD525gszyKC; Fri, 25 Jul 2025 20:12:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 56PKC5JV010229; Fri, 25 Jul 2025 20:12:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 56PKC5dk010226; Fri, 25 Jul 2025 20:12:05 GMT (envelope-from git) Date: Fri, 25 Jul 2025 20:12:05 GMT Message-Id: <202507252012.56PKC5dk010226@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Gleb Smirnoff Subject: git: 777123969db5 - main - libbsnmp: make binding of client UNIX socket optional and configurable List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 777123969db5ee8eceee28d7df72b7fd7352cb85 Auto-Submitted: auto-generated The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=777123969db5ee8eceee28d7df72b7fd7352cb85 commit 777123969db5ee8eceee28d7df72b7fd7352cb85 Author: Gleb Smirnoff AuthorDate: 2025-07-25 20:10:17 +0000 Commit: Gleb Smirnoff CommitDate: 2025-07-25 20:10:17 +0000 libbsnmp: make binding of client UNIX socket optional and configurable Before this change snmp_open(3) would always bind(2) client socket to a random "/tmp/snmpXXXXXXXXXXXXXX" name. However, this binding is not required for SOCK_STREAM transport. Also, any attempt to specify a different name would fail, as open_client_local() would blindly rewrite the name to the default. Make this binding optional. If application had initialized snmp_client.local_path, then try to bind to the specified pathname, otherwise perform the random name binding only if we are in the SOCK_DGRAM mode. While here change snmp_client.local_path size to SUNPATHLEN, so that any legitimate local socket name can be used. This requires library version bump. Note that this code has been broken by 81e0e7b9e36d for three years, thus it is known not to be widely used. Reviewed by: harti Differential Revision: https://reviews.freebsd.org/D51070 --- ObsoleteFiles.inc | 3 + contrib/bsnmp/lib/bsnmpclient.3 | 19 ++++-- contrib/bsnmp/lib/snmpclient.c | 74 ++++++++++++++---------- contrib/bsnmp/lib/snmpclient.h | 5 +- lib/libbsnmp/libbsnmp/Makefile | 2 +- tools/build/mk/OptionalObsoleteFiles.inc | 2 +- usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c | 5 +- 7 files changed, 69 insertions(+), 41 deletions(-) diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index 808e7be828c5..385e891049e7 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -51,6 +51,9 @@ # xargs -n1 | sort | uniq -d; # done +# 20250725: libbsnmp bumped to version 7 +OLD_LIBS+=usr/lib/libbsnmp.so.6 + # 20250725: Files which were briefly installed by WITH_MITKRB5 in 15.0. OLD_FILES+=usr/include/kadm5/admin_internal.h OLD_FILES+=usr/include/kadm5/admin_xdr.h diff --git a/contrib/bsnmp/lib/bsnmpclient.3 b/contrib/bsnmp/lib/bsnmpclient.3 index 0a2286eb14c4..1a5aa2e5e3a6 100644 --- a/contrib/bsnmp/lib/bsnmpclient.3 +++ b/contrib/bsnmp/lib/bsnmpclient.3 @@ -31,7 +31,7 @@ .\" .\" $Begemot: bsnmp/lib/bsnmpclient.3,v 1.12 2005/10/04 08:46:50 brandt_h Exp $ .\" -.Dd March 31, 2020 +.Dd June 24, 2025 .Dt BSNMPCLIENT 3 .Os .Sh NAME @@ -155,7 +155,7 @@ struct snmp_client { snmp_timeout_start_f timeout_start; snmp_timeout_stop_f timeout_stop; - char local_path[sizeof(SNMP_LOCAL_PATH)]; + char local_path[SUNPATHLEN]; }; .Ed .Pp @@ -285,8 +285,19 @@ The function will be called with the return value of the corresponding .Fn timeout_start function. .It Va local_path -If in local socket mode, the name of the clients socket. -Not needed by the application. +In local socket mode, optional path name the client socket shall be bound to +before connecting to the server. +For +.Dv SOCK_STREAM +local socket the named path is optional, and library will skip +.Xr bind 2 +if path is not provided. +For +.Dv SOCK_DGRAM +local socket the named path is required, thus library will create a random +one in +.Pa /tmp +if path is not provided. .El .Pp In the current implementation there is a global variable diff --git a/contrib/bsnmp/lib/snmpclient.c b/contrib/bsnmp/lib/snmpclient.c index d5d4af998a0c..5fa7d4f5be2a 100644 --- a/contrib/bsnmp/lib/snmpclient.c +++ b/contrib/bsnmp/lib/snmpclient.c @@ -977,7 +977,10 @@ remove_local(void) static int open_client_local(const char *path) { - struct sockaddr_un sa; + struct sockaddr_un sa = { + .sun_family = AF_LOCAL, + .sun_len = sizeof(sa), + }; char *ptr; int stype; @@ -1003,43 +1006,56 @@ open_client_local(const char *path) return (-1); } - snprintf(snmp_client.local_path, sizeof(snmp_client.local_path), - "%s", SNMP_LOCAL_PATH); - - if (mktemp(snmp_client.local_path) == NULL) { - seterr(&snmp_client, "%s", strerror(errno)); - (void)close(snmp_client.fd); - snmp_client.fd = -1; - return (-1); + /* + * A datagram socket requires a name to receive replies back. Would + * be cool to have an extension to unix(4) sockets similar to ip(4) + * IP_RECVDSTADDR/IP_SENDSRCADDR, so that a one-to-many datagram + * UNIX socket can send replies to its anonymous peers. + */ + if (snmp_client.trans == SNMP_TRANS_LOC_DGRAM && + snmp_client.local_path[0] == '\0') { + (void)strlcpy(snmp_client.local_path, "/tmp/snmpXXXXXXXXXXXXXX", + sizeof(snmp_client.local_path)); + if (mktemp(snmp_client.local_path) == NULL) { + seterr(&snmp_client, "mktemp(3): %s", strerror(errno)); + goto fail; + } } - sa.sun_family = AF_LOCAL; - sa.sun_len = sizeof(sa); - strcpy(sa.sun_path, snmp_client.local_path); - - if (bind(snmp_client.fd, (struct sockaddr *)&sa, sizeof(sa)) == -1) { - seterr(&snmp_client, "%s", strerror(errno)); - (void)close(snmp_client.fd); - snmp_client.fd = -1; - (void)remove(snmp_client.local_path); - return (-1); + if (snmp_client.local_path[0] != '\0') { + if (strlcpy(sa.sun_path, snmp_client.local_path, + sizeof(sa.sun_path)) >= + sizeof(sa.sun_path)) { + seterr(&snmp_client, "%s", + "Local socket pathname too long"); + goto fail; + } + if (bind(snmp_client.fd, (struct sockaddr *)&sa, sizeof(sa)) == + -1) { + seterr(&snmp_client, "%s", strerror(errno)); + goto fail; + } + atexit(remove_local); } - atexit(remove_local); - sa.sun_family = AF_LOCAL; - sa.sun_len = offsetof(struct sockaddr_un, sun_path) + - strlen(snmp_client.chost); - strncpy(sa.sun_path, snmp_client.chost, sizeof(sa.sun_path) - 1); - sa.sun_path[sizeof(sa.sun_path) - 1] = '\0'; + if (strlcpy(sa.sun_path, snmp_client.chost, sizeof(sa.sun_path)) >= + sizeof(sa.sun_path)) { + seterr(&snmp_client, "%s", "Server socket pathname too long"); + goto fail; + } if (connect(snmp_client.fd, (struct sockaddr *)&sa, sa.sun_len) == -1) { seterr(&snmp_client, "%s", strerror(errno)); - (void)close(snmp_client.fd); - snmp_client.fd = -1; - (void)remove(snmp_client.local_path); - return (-1); + goto fail; } return (0); + +fail: + (void)close(snmp_client.fd); + snmp_client.fd = -1; + if (snmp_client.local_path[0] != '\0') + (void)remove(snmp_client.local_path); + return (-1); } /* diff --git a/contrib/bsnmp/lib/snmpclient.h b/contrib/bsnmp/lib/snmpclient.h index 662dc7c4a204..a8a79ff824bc 100644 --- a/contrib/bsnmp/lib/snmpclient.h +++ b/contrib/bsnmp/lib/snmpclient.h @@ -35,6 +35,7 @@ #include #include #include +#include #include #include @@ -42,8 +43,6 @@ #define SNMP_STRERROR_LEN 200 #define SNMP_DEFAULT_LOCAL "/var/run/snmpd.sock" -#define SNMP_LOCAL_PATH "/tmp/snmpXXXXXXXXXXXXXX" - /* * transport methods */ @@ -111,7 +110,7 @@ struct snmp_client { snmp_timeout_start_f timeout_start; snmp_timeout_stop_f timeout_stop; - char local_path[sizeof(SNMP_LOCAL_PATH)]; + char local_path[SUNPATHLEN]; }; /* the global context */ diff --git a/lib/libbsnmp/libbsnmp/Makefile b/lib/libbsnmp/libbsnmp/Makefile index 6bdb4003fdf4..2e2770b56c4a 100644 --- a/lib/libbsnmp/libbsnmp/Makefile +++ b/lib/libbsnmp/libbsnmp/Makefile @@ -7,7 +7,7 @@ CONTRIB= ${SRCTOP}/contrib/bsnmp/lib .PATH: ${CONTRIB} LIB= bsnmp -SHLIB_MAJOR= 6 +SHLIB_MAJOR= 7 LD_FATAL_WARNINGS= no CFLAGS+= -I${CONTRIB} -DHAVE_ERR_H -DHAVE_GETADDRINFO -DHAVE_STRLCPY diff --git a/tools/build/mk/OptionalObsoleteFiles.inc b/tools/build/mk/OptionalObsoleteFiles.inc index 4c127b392138..3183c5f0b45c 100644 --- a/tools/build/mk/OptionalObsoleteFiles.inc +++ b/tools/build/mk/OptionalObsoleteFiles.inc @@ -461,7 +461,7 @@ OLD_FILES+=usr/include/bsnmp/snmpclient.h OLD_FILES+=usr/include/bsnmp/snmpmod.h OLD_FILES+=usr/lib/libbsnmp.a OLD_FILES+=usr/lib/libbsnmp.so -OLD_LIBS+=usr/lib/libbsnmp.so.6 +OLD_LIBS+=usr/lib/libbsnmp.so.7 OLD_FILES+=usr/lib/libbsnmp_p.a OLD_FILES+=usr/lib/libbsnmptools.a OLD_FILES+=usr/lib/libbsnmptools.so diff --git a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c index b4613763fff5..d8fbb55290a8 100644 --- a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c +++ b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c @@ -881,12 +881,11 @@ parse_local_path(char *opt_arg) { assert(opt_arg != NULL); - if (sizeof(opt_arg) > sizeof(SNMP_LOCAL_PATH)) { + if (strlcpy(snmp_client.local_path, opt_arg, + sizeof(snmp_client.local_path)) >= sizeof(snmp_client.local_path)) { warnx("Filename too long - %s", opt_arg); return (-1); } - - strlcpy(snmp_client.local_path, opt_arg, sizeof(SNMP_LOCAL_PATH)); return (2); }