diff options
Diffstat (limited to 'source/x/x11/patch')
-rw-r--r-- | source/x/x11/patch/xdm.patch | 6 | ||||
-rw-r--r-- | source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch | 18 | ||||
-rw-r--r-- | source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch | 37 | ||||
-rw-r--r-- | source/x/x11/patch/xdm/xdm-consolekit.patch | 187 | ||||
-rw-r--r-- | source/x/x11/patch/xdm/xdm.glibc.crypt.diff | 42 |
5 files changed, 199 insertions, 91 deletions
diff --git a/source/x/x11/patch/xdm.patch b/source/x/x11/patch/xdm.patch index 29875b41..37be2228 100644 --- a/source/x/x11/patch/xdm.patch +++ b/source/x/x11/patch/xdm.patch @@ -1,2 +1,8 @@ +zcat $CWD/patch/xdm/xdm.glibc.crypt.diff.gz | patch -p1 --verbose || \ + { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xdm/xdm-1.1.11-arc4random-include.patch.gz | patch -p1 --verbose || \ + { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xdm/xdm-1.1.11-setproctitle-include.patch.gz | patch -p1 --verbose || \ + { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xdm/xdm-consolekit.patch.gz | patch -p1 --verbose || \ { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch b/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch new file mode 100644 index 00000000..db948094 --- /dev/null +++ b/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch @@ -0,0 +1,18 @@ +diff -ur a/xdm/genauth.c b/xdm/genauth.c +--- a/xdm/genauth.c 2011-09-25 09:35:47.000000000 +0200 ++++ b/xdm/genauth.c 2014-01-06 16:28:09.664060603 +0100 +@@ -40,6 +40,14 @@ + + #include <errno.h> + ++#ifdef HAVE_ARC4RANDOM ++# ifdef __linux__ ++# include <bsd/stdlib.h> ++# else ++# include <stdlib.h> ++# endif ++#endif ++ + #include <time.h> + #define Time_t time_t + diff --git a/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch b/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch new file mode 100644 index 00000000..0a3f32bb --- /dev/null +++ b/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch @@ -0,0 +1,37 @@ +diff -ur a/xdm/choose.c b/xdm/choose.c +--- a/xdm/choose.c 2011-09-25 09:35:47.000000000 +0200 ++++ b/xdm/choose.c 2014-01-06 16:33:09.628065364 +0100 +@@ -54,6 +54,14 @@ + # include <tiuser.h> + # endif + ++# ifdef HAVE_SETPROCTITLE ++# ifdef __linux__ ++# include <bsd/unistd.h> ++# else ++# include <unistd.h> ++# endif ++# endif ++ + # include <time.h> + # define Time_t time_t + +diff -ur a/xdm/session.c b/xdm/session.c +--- a/xdm/session.c 2011-09-25 09:35:47.000000000 +0200 ++++ b/xdm/session.c 2014-01-06 16:40:57.508072789 +0100 +@@ -54,6 +54,15 @@ + # include <usersec.h> + #endif + ++# ifdef HAVE_SETPROCTITLE ++# include <sys/types.h> ++# ifdef __linux__ ++# include <bsd/unistd.h> ++# else ++# include <unistd.h> ++# endif ++# endif ++ + #ifndef USE_PAM /* PAM modules should handle these */ + # ifdef SECURE_RPC + # include <rpc/rpc.h> diff --git a/source/x/x11/patch/xdm/xdm-consolekit.patch b/source/x/x11/patch/xdm/xdm-consolekit.patch index d69b31a7..fbacd36f 100644 --- a/source/x/x11/patch/xdm/xdm-consolekit.patch +++ b/source/x/x11/patch/xdm/xdm-consolekit.patch @@ -1,9 +1,14 @@ ---- ./configure.ac.orig 2019-03-02 16:06:13.000000000 -0600 -+++ ./configure.ac 2019-03-03 13:30:09.779278886 -0600 -@@ -395,6 +395,20 @@ - PKG_CHECK_MODULES(XLIB, x11) - PKG_CHECK_MODULES(AUTH, xau) - +http://bugs.gentoo.org/360987 +http://projects.archlinux.org/svntogit/packages.git/plain/trunk/xdm-consolekit.patch?h=packages/xorg-xdm +http://lists.x.org/archives/xorg-devel/2011-February/019615.html +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 + +--- a/configure.ac ++++ b/configure.ac +@@ -362,6 +362,20 @@ + + AM_CONDITIONAL(DYNAMIC_GREETER, test x$DYNAMIC_GREETER = xyes) + +# ConsoleKit support +AC_ARG_WITH(consolekit, AC_HELP_STRING([--with-consolekit], [Use ConsoleKit]), + [USE_CONSOLEKIT=$withval], [USE_CONSOLEKIT=yes]) @@ -19,96 +24,26 @@ +dnl AM_CONDITIONAL(USE_CONSOLEKIT, test$USE_CONSOLEKIT = xyes) + # - # Greeter + # XDM # ---- ./include/dm.h.orig 2019-03-02 16:06:13.000000000 -0600 -+++ ./include/dm.h 2019-03-03 13:30:09.788278885 -0600 -@@ -327,6 +327,9 @@ - extern char *prngdSocket; - extern int prngdPort; - # endif -+#ifdef USE_CONSOLEKIT -+extern int use_consolekit; -+#endif - - extern char *greeterLib; - extern char *willing; ---- ./man/xdm.man.orig 2019-03-02 16:06:13.000000000 -0600 -+++ ./man/xdm.man 2019-03-03 13:30:09.794278884 -0600 -@@ -48,6 +48,8 @@ - ] [ - .B \-session - .I session_program -+] [ -+.B \-noconsolekit - ] - .SH DESCRIPTION - .I Xdm -@@ -215,6 +217,10 @@ - .IP "\fB\-xrm\fP \fIresource_specification\fP" - Allows an arbitrary resource to be specified, as in most - X Toolkit applications. -+.IP "\fB\-noconsolekit\fP" -+Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP -+resource. -+This suppresses the session management using ConsoleKit. - .SH RESOURCES - At many stages the actions of - .I xdm ---- ./xdm/resource.c.orig 2019-03-02 16:06:13.000000000 -0600 -+++ ./xdm/resource.c 2019-03-03 13:30:09.792278885 -0600 -@@ -65,6 +65,9 @@ - char *prngdSocket; - int prngdPort; +--- a/xdm/session.c ++++ b/xdm/session.c +@@ -66,6 +66,11 @@ #endif -+#ifdef USE_CONSOLEKIT -+int use_consolekit; -+#endif - - char *greeterLib; - char *willing; -@@ -192,6 +195,10 @@ - "false"} , - { "willing", "Willing", DM_STRING, &willing, - ""} , -+#ifdef USE_CONSOLEKIT -+{ "consoleKit", "ConsoleKit", DM_BOOL, (char **) &use_consolekit, -+ "true"} , -+#endif - }; - - #define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0]) -@@ -377,7 +384,11 @@ - {"-debug", "*debugLevel", XrmoptionSepArg, (caddr_t) NULL }, - {"-xrm", NULL, XrmoptionResArg, (caddr_t) NULL }, - {"-daemon", ".daemonMode", XrmoptionNoArg, "true" }, --{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" } -+{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" }, -+#ifdef USE_CONSOLEKIT -+{"-consolekit", ".consoleKit", XrmoptionNoArg, "true" }, -+{"-noconsolekit", ".consoleKit", XrmoptionNoArg, "false" } -+#endif - }; - - static int originalArgc; ---- ./xdm/session.c.orig 2019-03-02 16:06:13.000000000 -0600 -+++ ./xdm/session.c 2019-03-03 13:31:17.126272595 -0600 -@@ -73,6 +73,11 @@ - # endif #endif /* USE_PAM */ - + +#ifdef USE_CONSOLEKIT +#include <ck-connector.h> +#include <dbus/dbus.h> +#endif + - #ifdef USE_SELINUX - #include <selinux/selinux.h> - #include <selinux/get_context_list.h> -@@ -523,6 +528,97 @@ + #ifdef __SCO__ + #include <prot.h> + #endif +@@ -472,6 +477,97 @@ } } - + +#ifdef USE_CONSOLEKIT + +static CkConnector *connector; @@ -203,16 +138,16 @@ void SessionExit (struct display *d, int status, int removeAuth) { -@@ -537,6 +633,8 @@ +@@ -486,6 +580,8 @@ } #endif - + + closeCKSession(); + /* make sure the server gets reset after the session is over */ if (d->serverPid >= 2 && d->resetSignal) - kill (d->serverPid, d->resetSignal); -@@ -614,6 +712,10 @@ + kill (d->serverPid, d->resetSignal); +@@ -568,6 +664,10 @@ #ifdef USE_PAM if (pamh) pam_open_session(pamh, 0); #endif @@ -222,4 +157,74 @@ + switch (pid = fork ()) { case 0: - CleanUpChild (); + CleanUpChild (); +--- a/include/dm.h ++++ b/include/dm.h +@@ -325,6 +325,9 @@ + extern char *prngdSocket; + extern int prngdPort; + # endif ++#ifdef USE_CONSOLEKIT ++extern int use_consolekit; ++#endif + + extern char *greeterLib; + extern char *willing; +--- a/xdm/resource.c ++++ b/xdm/resource.c +@@ -68,6 +68,9 @@ + char *prngdSocket; + int prngdPort; + #endif ++#ifdef USE_CONSOLEKIT ++int use_consolekit; ++#endif + + char *greeterLib; + char *willing; +@@ -258,6 +261,10 @@ + "false"} , + { "willing", "Willing", DM_STRING, &willing, + ""} , ++#ifdef USE_CONSOLEKIT ++{ "consoleKit", "ConsoleKit", DM_BOOL, (char **) &use_consolekit, ++ "true"} , ++#endif + }; + + # define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0]) +@@ -440,7 +447,11 @@ + {"-debug", "*debugLevel", XrmoptionSepArg, (caddr_t) NULL }, + {"-xrm", NULL, XrmoptionResArg, (caddr_t) NULL }, + {"-daemon", ".daemonMode", XrmoptionNoArg, "true" }, +-{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" } ++{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" }, ++#ifdef USE_CONSOLEKIT ++{"-consolekit", ".consoleKit", XrmoptionNoArg, "true" }, ++{"-noconsolekit", ".consoleKit", XrmoptionNoArg, "false" } ++#endif + }; + + static int originalArgc; +--- a/man/xdm.man ++++ b/man/xdm.man +@@ -51,6 +51,8 @@ + ] [ + .B \-session + .I session_program ++] [ ++.B \-noconsolekit + ] + .SH DESCRIPTION + .I Xdm +@@ -218,6 +220,10 @@ + .IP "\fB\-xrm\fP \fIresource_specification\fP" + Allows an arbitrary resource to be specified, as in most + X Toolkit applications. ++.IP "\fB\-noconsolekit\fP" ++Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP ++resource. ++This suppresses the session management using ConsoleKit. + .SH RESOURCES + At many stages the actions of + .I xdm diff --git a/source/x/x11/patch/xdm/xdm.glibc.crypt.diff b/source/x/x11/patch/xdm/xdm.glibc.crypt.diff new file mode 100644 index 00000000..076df37d --- /dev/null +++ b/source/x/x11/patch/xdm/xdm.glibc.crypt.diff @@ -0,0 +1,42 @@ +From 8d1eb5c74413e4c9a21f689fc106949b121c0117 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Wed, 22 May 2013 14:20:26 +0000 +Subject: Handle NULL returns from glibc 2.17+ crypt(). + +Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL +(w/ NULL return) if the salt violates specifications. Additionally, +on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords +passed to crypt() fail with EPERM (w/ NULL return). + +If using glibc's crypt(), check return value to avoid a possible +NULL pointer dereference. + +Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> +Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> +--- +diff --git a/greeter/verify.c b/greeter/verify.c +index db3cb7d..b009e2b 100644 +--- a/greeter/verify.c ++++ b/greeter/verify.c +@@ -329,6 +329,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) + struct spwd *sp; + # endif + char *user_pass = NULL; ++ char *crypted_pass = NULL; + # endif + # ifdef __OpenBSD__ + char *s; +@@ -464,7 +465,9 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) + # if defined(ultrix) || defined(__ultrix__) + if (authenticate_user(p, greet->password, NULL) < 0) + # else +- if (strcmp (crypt (greet->password, user_pass), user_pass)) ++ crypted_pass = crypt (greet->password, user_pass); ++ if ((crypted_pass == NULL) ++ || (strcmp (crypted_pass, user_pass))) + # endif + { + if(!greet->allow_null_passwd || strlen(p->pw_passwd) > 0) { +-- +cgit v0.9.0.2-2-gbebe + |