2 files changed, 9 insertions, 53 deletions

diff --git a/pkgs/servers/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/pkgs/servers/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
deleted file mode 100644
index 16b763ef0de..00000000000
--- a/pkgs/servers/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Mon, 2 Nov 2015 17:05:18 -0500
-Subject: [PATCH] handle_reply: Don't use the xp_auth pointer directly
-
-In the latest libtirpc version to access the xp_auth
-one must use the SVC_XP_AUTH macro. To be backwards
-compatible a couple ifdefs were added to use the
-macro when it exists.
-
-Upstream-Status: Backport
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
-Signed-off-by: Maxin B. John <maxin.john@intel.com>
----
- src/rpcb_svc_com.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 4ae93f1..22d6c84 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
- 	a.rmt_localvers = fi->versnum;
- 
- 	xprt_set_caller(xprt, fi);
-+#if defined(SVC_XP_AUTH)
-+	SVC_XP_AUTH(xprt) = svc_auth_none;
-+#else 
- 	xprt->xp_auth = &svc_auth_none;
-+#endif
- 	svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
-+#if !defined(SVC_XP_AUTH)
- 	SVCAUTH_DESTROY(xprt->xp_auth);
- 	xprt->xp_auth = NULL;
-+#endif
-+
- done:
- 	if (buffer)
- 		free(buffer);
--- 
-2.4.0
-
diff --git a/pkgs/servers/rpcbind/default.nix b/pkgs/servers/rpcbind/default.nix
index 744763c43f1..cc5d7795e05 100644
--- a/pkgs/servers/rpcbind/default.nix
+++ b/pkgs/servers/rpcbind/default.nix
@@ -1,28 +1,27 @@
-{ fetchurl, fetchpatch, stdenv, pkgconfig, libtirpc
+{ fetchurl, stdenv, pkgconfig, libtirpc
 , useSystemd ? true, systemd }:
 
-let version = "0.2.3";
-in stdenv.mkDerivation rec {
+stdenv.mkDerivation rec {
   name = "rpcbind-${version}";
+  version = "0.2.4";
 
   src = fetchurl {
     url = "mirror://sourceforge/rpcbind/${version}/${name}.tar.bz2";
-    sha256 = "0yyjzv4161rqxrgjcijkrawnk55rb96ha0pav48s03l2klx855wq";
+    sha256 = "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7";
   };
 
   patches = [
     ./sunrpc.patch
-    ./0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
-    (fetchpatch {
-      url = "https://sources.debian.net/data/main/r/rpcbind/0.2.3-0.5/debian/patches/CVE-2015-7236.patch";
-      sha256 = "1wsv5j8f5djzxr11n4027x107cam1avmx9w34g6l5d9s61j763wq";
-    })
   ];
 
   buildInputs = [ libtirpc ]
              ++ stdenv.lib.optional useSystemd systemd;
 
-  configureFlags = stdenv.lib.optional (!useSystemd) "--with-systemdsystemunitdir=no";
+  configureFlags = [
+    "--with-systemdsystemunitdir=${if useSystemd then "$(out)/etc/systemd/system" else "no"}"
+    "--enable-warmstarts"
+    "--with-rpcuser=rpc"
+  ];
 
   nativeBuildInputs = [ pkgconfig ];