fix Docker builds: rootless-containers#259

Signed-off-by: fassl <[email protected]>
pfandl · Sep 11, 2021 · f118711 · f118711
1 parent a0095d1
commit f118711
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 22 deletions.
diff --git a/Dockerfile.buildtests b/Dockerfile.buildtests
@@ -2,7 +2,7 @@ ARG LIBSLIRP_COMMIT=v4.6.1
 
 # Alpine
 FROM alpine:3 AS buildtest-alpine3-static
-RUN apk add --no-cache git build-base autoconf automake libtool linux-headers glib-dev glib-static libcap-static libcap-dev libseccomp-dev libseccomp-static git meson
+RUN apk add --no-cache git build-base autoconf automake libtool linux-headers glib-dev glib-static libcap-static libcap-dev libseccomp-dev openssl-dev openssl-libs-static libseccomp-static git meson
 RUN git clone https://gitlab.freedesktop.org/slirp/libslirp.git /libslirp
 WORKDIR /libslirp
 ARG LIBSLIRP_COMMIT
@@ -14,7 +14,7 @@ RUN ./autogen.sh && ./configure LDFLAGS="-static" && make && cp -f slirp4netns /
 # Ubuntu
 FROM ubuntu:18.04 AS buildtest-ubuntu1804-common
 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt update && apt install -y automake autotools-dev make gcc libglib2.0-dev libcap-dev libseccomp-dev git ninja-build python3-pip
+RUN apt update && apt install -y automake autotools-dev make gcc libglib2.0-dev libcap-dev libseccomp-dev libssl-dev git ninja-build python3-pip
 RUN pip3 install meson
 RUN git clone https://gitlab.freedesktop.org/slirp/libslirp.git /libslirp
 WORKDIR /libslirp
@@ -32,7 +32,7 @@ RUN ./configure && make && cp -f slirp4netns /
 
 # openSUSE (dynamic only)
 FROM opensuse/leap:15 AS buildtest-opensuse15-common
-RUN zypper install -y --no-recommends autoconf automake gcc glib2-devel git make libcap-devel libseccomp-devel ninja python3-pip
+RUN zypper install -y --no-recommends autoconf automake gcc glib2-devel git make libcap-devel libseccomp-devel libopenssl-devel ninja python3-pip
 RUN pip3 install meson
 RUN git clone https://gitlab.freedesktop.org/slirp/libslirp.git /libslirp
 WORKDIR /libslirp

diff --git a/Dockerfile.tests b/Dockerfile.tests
@@ -2,7 +2,7 @@ ARG LIBSLIRP_COMMIT=v4.6.1
 
 FROM ubuntu:20.04 AS build
 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt update && apt install -y automake autotools-dev make gcc libglib2.0-dev libcap-dev libseccomp-dev git ninja-build python3-pip
+RUN apt update && apt install -y automake autotools-dev make gcc libglib2.0-dev libcap-dev libseccomp-dev git ninja-build python3-pip libssl-dev
 RUN pip3 install meson
 RUN git clone https://gitlab.freedesktop.org/slirp/libslirp.git /libslirp
 WORKDIR /libslirp

diff --git a/main.c b/main.c
@@ -13,6 +13,7 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <sys/timex.h>
+#include <time.h>
 #include <linux/if_tun.h>
 #include <arpa/inet.h>
 #include <net/if.h>
@@ -222,11 +223,12 @@ struct in6_ifreq {
 
 static const char *pseudo_random_global_id(const char *device)
 {
-    static char id[40];
-    char tmp[40];
+    static char id[INET6_ADDRSTRLEN];
+    char tmp[INET6_ADDRSTRLEN - 10];
     unsigned char eui64[16];
     unsigned char hash[SHA_DIGEST_LENGTH];
     struct ntptimeval ntv;
+    time_t tv;
     struct ifreq ifr;
     unsigned char mac[18];
     int sockfd;
@@ -246,16 +248,19 @@ static const char *pseudo_random_global_id(const char *device)
     strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name) - 1);
 
     if (ioctl(sockfd, SIOCGIFHWADDR, &ifr) < 0) {
-	int rand = open("/dev/urandom", O_RDONLY);
-	if (rand == -1) {
-	    rand = open("/dev/random", O_RDONLY);
-	}
-	if (rand == -1) {
+        int rand = open("/dev/urandom", O_RDONLY);
+        if (rand == -1) {
+            rand = open("/dev/random", O_RDONLY);
+        }
+        if (rand == -1) {
             perror("cannot get dev hwaddr and cannot open random");
             return NULL;
-	}
-	read(rand, &mac, sizeof(mac));
-	close(rand);
+        }
+        if (read(rand, &mac, sizeof(mac)) != sizeof(mac)) {
+            perror("cannot get dev hwaddr and cannot read random");
+            return NULL;
+        }
+        close(rand);
     }
     else {
         strncpy(mac, ifr.ifr_ifru.ifru_addr.sa_data, sizeof(mac));
@@ -269,10 +274,10 @@ static const char *pseudo_random_global_id(const char *device)
     /*
      * 1) Obtain the current time of day in 64-bit NTP format [NTP].
      */
-    if (ntp_gettime(&ntv) == -1) {
-        perror("cannot get ntp time");
-        return NULL;
-    }
+    time(&tv);
+    ntv.time.tv_sec = tv;
+    // TODO: check NTP format
+    ntv.time.tv_usec = 0;
 
     /*
      * 2) Obtain an EUI-64 identifier from the system running this
@@ -320,7 +325,7 @@ static const char *pseudo_random_global_id(const char *device)
      *    ID to create a Local IPv6 address prefix.
      */
 
-    sprintf(id, "fd00:%s::/64", tmp);
+    snprintf(id, sizeof(id), "fd00:%s::/64", tmp);
 
     return id;
 }
@@ -1032,11 +1037,11 @@ static int parse_cidr6(struct in6_addr *network, struct in6_addr *netmask,
 
     for (int i = 0; i < 4; i++, prefix -= 32) {
         if (prefix >= 32) {
-            netmask->__in6_u.__u6_addr32[i] = 0xffffffff;
+            netmask->s6_addr32[i] = 0xffffffff;
         } else if (prefix > 0) {
-            netmask->__in6_u.__u6_addr32[i] = htonl(~((1 << (32 - prefix)) - 1));
+            netmask->s6_addr32[i] = htonl(~((1 << (32 - prefix)) - 1));
         } else {
-            netmask->__in6_u.__u6_addr32[i] = 0;
+            netmask->s6_addr32[i] = 0;
         }
     }