[libnet-server-perl] 01/05: Add two patches from GitHub pull request to fix issue with POSIX::tmpnam removal.
gregor herrmann
gregoa at debian.org
Thu Jun 22 16:34:13 UTC 2017
This is an automated email from the git hooks/post-receive script.
gregoa pushed a commit to branch master
in repository libnet-server-perl.
commit efae9a91ec85a089e50c187a7b21eb983ec266d8
Author: gregor herrmann <gregoa at debian.org>
Date: Thu Jun 22 18:27:57 2017 +0200
Add two patches from GitHub pull request to fix issue with POSIX::tmpnam removal.
Thanks: Dagfinn Ilmari Mannsåker (https://github.com/rhandom/perl-net-server/pull/10)
Closes: #826437
---
...Temp::tempdir_in_UNIX_socket_test_example.patch | 83 ++++++++++++++++++++++
...le_instead_of_POSIX::tmpnam_for_lock_file.patch | 60 ++++++++++++++++
debian/patches/series | 2 +
3 files changed, 145 insertions(+)
diff --git a/debian/patches/Use_File::Temp::tempdir_in_UNIX_socket_test_example.patch b/debian/patches/Use_File::Temp::tempdir_in_UNIX_socket_test_example.patch
new file mode 100644
index 0000000..ea9fcdd
--- /dev/null
+++ b/debian/patches/Use_File::Temp::tempdir_in_UNIX_socket_test_example.patch
@@ -0,0 +1,83 @@
+From f21a67a2169cdee15bb46c7e08f4581bcf090d36 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dagfinn=20Ilmari=20Manns=C3=A5ker?= <ilmari at ilmari.org>
+Date: Mon, 22 May 2017 18:04:28 +0100
+Subject: [PATCH] Use File::Temp::tempdir in UNIX socket test/example
+
+POSIX::tmpnam is insecure, and has been removed in Perl 5.26.
+Instead, use File::Temp::tempdir() to create a secure tmporary
+directory that the server can create its UNIX sockets in.
+---
+ examples/connection_test.pl | 14 ++++++++------
+ t/UNIX_test.t | 6 ++++--
+ 2 files changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/examples/connection_test.pl b/examples/connection_test.pl
+index 1ec49a1..ee4a534 100644
+--- a/examples/connection_test.pl
++++ b/examples/connection_test.pl
+@@ -20,11 +20,11 @@ =head1 CLIENT SYNOPSIS
+
+ # or
+
+- perl connection_test.pl UNIX
++ perl connection_test.pl UNIX <UNIX socket directory>
+
+ # or
+
+- perl connection_test.pl UNIX_DGRAM
++ perl connection_test.pl UNIX_DGRAM <UNIX socket directory>
+
+ =cut
+
+@@ -34,7 +34,8 @@ package MyPack;
+ use warnings;
+ use base qw(Net::Server);
+ use IO::Socket ();
+-use POSIX qw(tmpnam);
++use File::Temp qw(tempdir);
++use File::Spec::Functions qw(catdir);
+ use Socket qw(SOCK_DGRAM SOCK_STREAM);
+
+ sub post_bind_hook {
+@@ -44,13 +45,14 @@ sub post_bind_hook {
+ }
+ }
+
+-my $socket_file = tmpnam();
+-$socket_file =~ s|/[^/]+$|/mysocket.file|;
+-my $socket_file2 = $socket_file ."2";
++my $socket_dir = $ARGV[1] || tempdir(CLEANUP => 1);
++my $socket_file = catdir($socket_dir, 'mysocket.file');
++my $socket_file2 = catdir($socket_dir, 'mysocket.file2');
+ my $udp_port = 20204;
+ my $tcp_port = 20204;
+
+ print "\$Net::Server::VERSION = $Net::Server::VERSION\n";
++print "UNIX socket directory = $socket_dir\n";
+
+ if( @ARGV ){
+ if( uc($ARGV[0]) eq 'UDP' ){
+diff --git a/t/UNIX_test.t b/t/UNIX_test.t
+index b41f2fa..66a5f17 100644
+--- a/t/UNIX_test.t
++++ b/t/UNIX_test.t
+@@ -2,7 +2,8 @@
+
+ package Net::Server::Test;
+ use strict;
+-use POSIX qw(tmpnam);
++use File::Temp qw(tempdir);
++use File::Spec::Functions qw(catfile);
+ use English qw($UID $GID);
+ use FindBin qw($Bin);
+ use lib $Bin;
+@@ -22,7 +23,8 @@ sub accept {
+ return shift->SUPER::accept(@_);
+ }
+
+-my $socket_file = tmpnam; # must do before fork
++my $socket_dir = tempdir(CLEANUP => 1);
++my $socket_file = catfile($socket_dir, 'socket'); # must do before fork
+ my $ok = eval {
+ local $SIG{'ALRM'} = sub { die "Timeout\n" };
+ alarm $env->{'timeout'};
diff --git a/debian/patches/Use_File::Temp::tempfile_instead_of_POSIX::tmpnam_for_lock_file.patch b/debian/patches/Use_File::Temp::tempfile_instead_of_POSIX::tmpnam_for_lock_file.patch
new file mode 100644
index 0000000..f83d649
--- /dev/null
+++ b/debian/patches/Use_File::Temp::tempfile_instead_of_POSIX::tmpnam_for_lock_file.patch
@@ -0,0 +1,60 @@
+From 0fcb590fb8692e70c8bb2e4769662eb936f33421 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dagfinn=20Ilmari=20Manns=C3=A5ker?= <ilmari at ilmari.org>
+Date: Mon, 22 May 2017 18:05:58 +0100
+Subject: [PATCH] Use File::Temp::tempfile instead of POSIX::tmpnam for lock
+ file
+
+POSIX::tmpnam is insecure, and has been removed in Perl 5.26.
+Instead, use File::Temp::tempfile to create the lock file.
+---
+ Makefile.PL | 1 +
+ lib/Net/Server/PreFork.pm | 2 +-
+ lib/Net/Server/PreForkSimple.pm | 8 ++++++--
+ 3 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/lib/Net/Server/PreFork.pm b/lib/Net/Server/PreFork.pm
+index d986f1a..40b2dfa 100644
+--- a/lib/Net/Server/PreFork.pm
++++ b/lib/Net/Server/PreFork.pm
+@@ -512,7 +512,7 @@ You really should also see L<Net::Server::PreForkSimple>.
+ serialize (flock|semaphore
+ |pipe|none) undef
+ # serialize defaults to flock on multi_port or on Solaris
+- lock_file "filename" File::Temp::tempfile or POSIX::tmpnam
++ lock_file "filename" File::Temp->new
+
+ check_for_dead \d+ 30
+ check_for_waiting \d+ 10
+diff --git a/lib/Net/Server/PreForkSimple.pm b/lib/Net/Server/PreForkSimple.pm
+index fcccb74..03805c7 100644
+--- a/lib/Net/Server/PreForkSimple.pm
++++ b/lib/Net/Server/PreForkSimple.pm
+@@ -23,6 +23,7 @@ package Net::Server::PreForkSimple;
+
+ use strict;
+ use base qw(Net::Server);
++use File::Temp qw(tempfile);
+ use Net::Server::SIG qw(register_sig check_sigs);
+ use POSIX qw(WNOHANG EINTR);
+ use Fcntl ();
+@@ -81,7 +82,10 @@ sub post_bind {
+ if (defined $prop->{'lock_file'}) {
+ $prop->{'lock_file_unlink'} = undef;
+ } else {
+- $prop->{'lock_file'} = eval { require File::Temp } ? File::Temp::tmpnam() : POSIX::tmpnam();
++ (my $fh, $prop->{'lock_file'}) = tempfile();
++ # We don't need to keep the file handle open in the parent;
++ # each child opens it separately to avoid sharing the lock
++ close $fh or die "Cannot close lock file $prop->{'lock_file'}: $!";
+ $prop->{'lock_file_unlink'} = 1;
+ }
+
+@@ -407,7 +411,7 @@ parameters.
+ serialize (flock|semaphore
+ |pipe|none) undef
+ # serialize defaults to flock on multi_port or on Solaris
+- lock_file "filename" File::Temp::tempfile or POSIX::tmpnam
++ lock_file "filename" File::Temp->new
+
+ check_for_dead \d+ 30
+
diff --git a/debian/patches/series b/debian/patches/series
index b87539d..01ad569 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,5 @@ spelling-error.patch
correct-SIG-confusion.patch
fix-manpage-has-errors-from-pod2man.patch
debug-output.patch
+Use_File::Temp::tempdir_in_UNIX_socket_test_example.patch
+Use_File::Temp::tempfile_instead_of_POSIX::tmpnam_for_lock_file.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libnet-server-perl.git
More information about the Pkg-perl-cvs-commits
mailing list