Bug#702785: unblock: ifenslave-2.6/1.1.0-21

Mon, 11 Mar 2013 04:33:19 -0700 

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock

Please unblock package ifenslave-2.6

This fixes an important bug (#699445) which causes bonding to fail to work
correctly after booting in those bonding modes where a primary interface has to
be selected.

I also enabled hardening flags, which found some unsafe usages of format
strings, which have been fixed.

unblock ifenslave-2.6/1.1.0-21

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru ifenslave-2.6-1.1.0/debian/changelog ifenslave-2.6-1.1.0/debian/changelog
--- ifenslave-2.6-1.1.0/debian/changelog	2011-11-14 11:36:30.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/changelog	2013-02-19 14:43:55.000000000 +0100
@@ -1,3 +1,17 @@
+ifenslave-2.6 (1.1.0-21) unstable; urgency=low
+
+  [ Jonas Genannt ]
+  * d/pre-up: bond-primary does not apply (Closes: #699445)
+    Moved setting primary into own function and call it after enslave_slaves
+
+  [ Guus Sliepen ]
+  * Explicitly mention that 3.x kernels are also supported. Closes: #697454
+  * Bump Standards-Version. 
+  * Enable hardening.
+  * Fix unsafe use of printf() and fprintf() found by the hardening flags.
+
+ -- Guus Sliepen <g...@debian.org>  Tue, 19 Feb 2013 14:43:29 +0100
+
 ifenslave-2.6 (1.1.0-20) unstable; urgency=low
 
   * Use dashes consistently for bonding options in README.Debian.
diff -Nru ifenslave-2.6-1.1.0/debian/control ifenslave-2.6-1.1.0/debian/control
--- ifenslave-2.6-1.1.0/debian/control	2011-05-25 18:42:29.000000000 +0200
+++ ifenslave-2.6-1.1.0/debian/control	2013-02-19 14:40:32.000000000 +0100
@@ -2,8 +2,8 @@
 Section: net
 Priority: optional
 Maintainer: Guus Sliepen <g...@debian.org>
-Build-Depends: debhelper (>> 7.0.0)
-Standards-Version: 3.9.2
+Build-Depends: debhelper (>> 7.0.0), dpkg-dev (>= 1.16.1~)
+Standards-Version: 3.9.4
 
 Package: ifenslave-2.6
 Architecture: linux-any
@@ -19,4 +19,4 @@
  "channel bonding" or "trunking" techniques used in switches.
  .
  The kernel must have support for bonding devices for ifenslave to be useful.
- This package supports 2.6.x kernels and the most recent 2.4.x kernels.
+ This package supports 2.6.x and 3.x kernels and the most recent 2.4.x kernels.
diff -Nru ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf
--- ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf	1970-01-01 01:00:00.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf	2013-02-19 14:39:05.000000000 +0100
@@ -0,0 +1,72 @@
+--- a/ifenslave.c
++++ b/ifenslave.c
+@@ -260,7 +260,7 @@
+ 		case 'V': opt_V++; exclusive++; break;
+ 
+ 		case '?':
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
+@@ -268,13 +268,13 @@
+ 
+ 	/* options check */
+ 	if (exclusive > 1) {
+-		fprintf(stderr, usage_msg);
++		fputs(usage_msg, stderr);
+ 		res = 2;
+ 		goto out;
+ 	}
+ 
+ 	if (opt_v || opt_V) {
+-		printf(version);
++		fputs(version, stdout);
+ 		if (opt_V) {
+ 			res = 0;
+ 			goto out;
+@@ -282,14 +282,14 @@
+ 	}
+ 
+ 	if (opt_u) {
+-		printf(usage_msg);
++		fputs(usage_msg, stdout);
+ 		res = 0;
+ 		goto out;
+ 	}
+ 
+ 	if (opt_h) {
+-		printf(usage_msg);
+-		printf(help_msg);
++		fputs(usage_msg, stdout);
++		fputs(help_msg, stdout);
+ 		res = 0;
+ 		goto out;
+ 	}
+@@ -309,7 +309,7 @@
+ 			goto out;
+ 		} else {
+ 			/* Just show usage */
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
+@@ -320,7 +320,7 @@
+ 	master_ifname = *spp++;
+ 
+ 	if (master_ifname == NULL) {
+-		fprintf(stderr, usage_msg);
++		fputs(usage_msg, stderr);
+ 		res = 2;
+ 		goto out;
+ 	}
+@@ -339,7 +339,7 @@
+ 
+ 	if (slave_ifname == NULL) {
+ 		if (opt_d || opt_c) {
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
diff -Nru ifenslave-2.6-1.1.0/debian/patches/series ifenslave-2.6-1.1.0/debian/patches/series
--- ifenslave-2.6-1.1.0/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/series	2013-02-19 14:34:20.000000000 +0100
@@ -0,0 +1 @@
+fix-unsafe-use-of-printf
diff -Nru ifenslave-2.6-1.1.0/debian/pre-up ifenslave-2.6-1.1.0/debian/pre-up
--- ifenslave-2.6-1.1.0/debian/pre-up	2011-11-14 11:30:07.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/pre-up	2013-02-19 13:04:24.000000000 +0100
@@ -145,21 +145,6 @@
 	# Changing lacp_rate requires $BOND_MASTER to be down.
 	sysfs_change_down lacp_rate "$IF_BOND_LACP_RATE"
 
-	# primary must be set after mode (because only supported in some modes) and after enslavement.
-	# The first slave in bond-primary found in current slaves becomes the primary.
-	# If no slave in bond-primary is found, then primary does not change.
-	for slave in $IF_BOND_PRIMARY ; do
-		if grep -sq "\\<$slave\\>" "/sys/class/net/$BOND_MASTER/bonding/slaves" ; then
-			sysfs primary "$slave"
-			break
-		fi
-	done
-
-	# primary_reselect should be set after mode (because only supported in some modes), after enslavement
-	# and after primary. This is currently (2.6.35-rc1) not enforced by the bonding driver, but it is
-	# probably safer to do it in that order.
-	sysfs primary_reselect "$IF_BOND_PRIMARY_RESELECT"
-
 	# queue_id must be set after enslavement.
 	for iface_queue_id in $IF_BOND_QUEUE_ID
 	do
@@ -179,6 +164,23 @@
 	[ "$IFACE" != "$BOND_MASTER" ] && ip link set dev "$BOND_MASTER" up
 }
 
+setup_primary() {
+	# primary must be set after mode (because only supported in some modes) and after enslavement.
+	# The first slave in bond-primary found in current slaves becomes the primary.
+	# If no slave in bond-primary is found, then primary does not change.
+	for slave in $IF_BOND_PRIMARY ; do
+		if grep -sq "\\<$slave\\>" "/sys/class/net/$BOND_MASTER/bonding/slaves" ; then
+			sysfs primary "$slave"
+			break
+		fi
+	done
+
+	# primary_reselect should be set after mode (because only supported in some modes), after enslavement
+	# and after primary. This is currently (2.6.35-rc1) not enforced by the bonding driver, but it is
+	# probably safer to do it in that order.
+	sysfs primary_reselect "$IF_BOND_PRIMARY_RESELECT"
+}
+
 # Option slaves deprecated, replaced by bond-slaves, but still supported for backward compatibility.
 IF_BOND_SLAVES=${IF_BOND_SLAVES:-$IF_SLAVES}
 
@@ -199,4 +201,5 @@
 early_setup_master
 setup_master
 enslave_slaves
+setup_primary
 exit 0
diff -Nru ifenslave-2.6-1.1.0/debian/rules ifenslave-2.6-1.1.0/debian/rules
--- ifenslave-2.6-1.1.0/debian/rules	2011-11-14 11:36:13.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/rules	2013-02-19 14:31:46.000000000 +0100
@@ -5,6 +5,9 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/buildflags.mk
+
 configure: configure-stamp
 configure-stamp:
 	dh_testdir
@@ -17,7 +20,7 @@
 build-stamp:
 	dh_testdir
 
-	gcc -O2 -g -Wall -o ifenslave ifenslave.c
+	$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o ifenslave ifenslave.c
 
 	touch build-stamp

Reply via email to