From owner-svn-ports-all@freebsd.org Thu Nov 12 03:46:07 2015 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8886BA2DA58; Thu, 12 Nov 2015 03:46:07 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 628541BBA; Thu, 12 Nov 2015 03:46:07 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tAC3k6ck063910; Thu, 12 Nov 2015 03:46:06 GMT (envelope-from hrs@FreeBSD.org) Received: (from hrs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id tAC3k6Yh063906; Thu, 12 Nov 2015 03:46:06 GMT (envelope-from hrs@FreeBSD.org) Message-Id: <201511120346.tAC3k6Yh063906@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: hrs set sender to hrs@FreeBSD.org using -f From: Hiroki Sato Date: Thu, 12 Nov 2015 03:46:06 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r401318 - in head/net/dhcp6: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Nov 2015 03:46:07 -0000 Author: hrs Date: Thu Nov 12 03:46:05 2015 New Revision: 401318 URL: https://svnweb.freebsd.org/changeset/ports/401318 Log: - Set FD_CLOEXEC on sockets to prevent leakage. - Call a configuration script after addresses and prefixes are set on an interface. - Do not call rc.d scripts during uninstallation. Submitted by: garga PR: 204462 Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Added: head/net/dhcp6/files/patch-dhcp6c.c (contents, props changed) Modified: head/net/dhcp6/Makefile head/net/dhcp6/files/patch-Makefile.in head/net/dhcp6/pkg-plist Modified: head/net/dhcp6/Makefile ============================================================================== --- head/net/dhcp6/Makefile Thu Nov 12 03:31:07 2015 (r401317) +++ head/net/dhcp6/Makefile Thu Nov 12 03:46:05 2015 (r401318) @@ -3,7 +3,7 @@ PORTNAME= dhcp6 PORTVERSION= 20080615 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net ipv6 MASTER_SITES= SF/wide-dhcpv6/wide-dhcpv6/wide-dhcpv6-${PORTVERSION} DISTNAME= wide-dhcpv6-${PORTVERSION} Modified: head/net/dhcp6/files/patch-Makefile.in ============================================================================== --- head/net/dhcp6/files/patch-Makefile.in Thu Nov 12 03:31:07 2015 (r401317) +++ head/net/dhcp6/files/patch-Makefile.in Thu Nov 12 03:46:05 2015 (r401318) @@ -1,6 +1,6 @@ ---- Makefile.in.orig 2007-03-21 18:52:58.000000000 +0900 -+++ Makefile.in 2013-10-17 12:26:22.000000000 +0900 -@@ -102,14 +102,14 @@ +--- Makefile.in.orig 2007-03-21 09:52:58 UTC ++++ Makefile.in +@@ -102,14 +102,14 @@ $(srcdir)/ianaopts.h: gentab.pl bootp-dh expand bootp-dhcp-parameters | perl gentab.pl > ianaopts.h install:: Added: head/net/dhcp6/files/patch-dhcp6c.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/dhcp6/files/patch-dhcp6c.c Thu Nov 12 03:46:05 2015 (r401318) @@ -0,0 +1,72 @@ +--- dhcp6c.c.orig 2008-06-15 07:48:41 UTC ++++ dhcp6c.c +@@ -67,6 +67,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -257,7 +258,7 @@ client6_init() + { + struct addrinfo hints, *res; + static struct sockaddr_in6 sa6_allagent_storage; +- int error, on = 1; ++ int error, on = 0; + + /* get our DUID */ + if (get_duid(DUID_FILE, &client_duid)) { +@@ -287,6 +288,20 @@ client6_init() + dprintf(LOG_ERR, FNAME, "socket"); + exit(1); + } ++ ++ if ((on = fcntl(sock, F_GETFL, 0)) == -1) { ++ dprintf(LOG_ERR, FNAME, "fctnl getflags"); ++ exit(1); ++ } ++ ++ on |= FD_CLOEXEC; ++ ++ if ((on = fcntl(sock, F_SETFL, on)) == -1) { ++ dprintf(LOG_ERR, FNAME, "fctnl setflags"); ++ exit(1); ++ } ++ ++ on = 1; + if (setsockopt(sock, SOL_SOCKET, SO_REUSEPORT, + &on, sizeof(on)) < 0) { + dprintf(LOG_ERR, FNAME, +@@ -1828,15 +1843,6 @@ client6_recvreply(ifp, dh6, len, optinfo + } + + /* +- * Call the configuration script, if specified, to handle various +- * configuration parameters. +- */ +- if (ifp->scriptpath != NULL && strlen(ifp->scriptpath) != 0) { +- dprintf(LOG_DEBUG, FNAME, "executes %s", ifp->scriptpath); +- client6_script(ifp->scriptpath, state, optinfo); +- } +- +- /* + * Set refresh timer for configuration information specified in + * information-request. If the timer value is specified by the server + * in an information refresh time option, use it; use the protocol +@@ -1888,6 +1894,15 @@ client6_recvreply(ifp, dh6, len, optinfo + &optinfo->serverID, ev->authparam); + } + ++ /* ++ * Call the configuration script, if specified, to handle various ++ * configuration parameters. ++ */ ++ if (ifp->scriptpath != NULL && strlen(ifp->scriptpath) != 0) { ++ dprintf(LOG_DEBUG, FNAME, "executes %s", ifp->scriptpath); ++ client6_script(ifp->scriptpath, state, optinfo); ++ } ++ + dhcp6_remove_event(ev); + + if (state == DHCP6S_RELEASE) { Modified: head/net/dhcp6/pkg-plist ============================================================================== --- head/net/dhcp6/pkg-plist Thu Nov 12 03:31:07 2015 (r401317) +++ head/net/dhcp6/pkg-plist Thu Nov 12 03:46:05 2015 (r401318) @@ -1,9 +1,3 @@ -@unexec %D/etc/rc.d/dhcp6s.sh forcestop 2>/dev/null || true -@unexec %D/etc/rc.d/dhcp6relay.sh forcestop 2>/dev/null || true -@unexec %D/etc/rc.d/dhcp6c.sh forcestop 2>/dev/null || true -@unexec %D/etc/rc.d/dhcp6s forcestop 2>/dev/null || true -@unexec %D/etc/rc.d/dhcp6relay forcestop 2>/dev/null || true -@unexec %D/etc/rc.d/dhcp6c forcestop 2>/dev/null || true etc/dhcp6s.conf.sample etc/dhcp6c.conf.sample sbin/dhcp6c