- Update to 1.3.2 [1]

- Fix security issue in path [1] [2] - Add license PR: ports/149809 [1] Submitted by: Henry Hu <henry.hu.sh _at_ gmail.com> [1], vermaden <vermaden _at_ interia.pl> [2] Approved by: tabthorpe (co-mentor) Security: vuxml (68c7187a-abd2-11df-9be6-0015587e2cc1) (niels)
author: Baptiste Daroussin <bapt@FreeBSD.org> 2010-08-20 09:31:32 +0000
committer: Baptiste Daroussin <bapt@FreeBSD.org> 2010-08-20 09:31:32 +0000
commit: beb4a1375447b1bb186cce118f3a120b777c5008 (patch)
tree: 26749b2de9b57ebec9cc79a752db458c7e23b534 /x11/slim/files
parent: c6ac7e74874b4704c9fa4ee45da75270eac59688 (diff)
download: ports-beb4a1375447b1bb186cce118f3a120b777c5008.tar.gz
ports-beb4a1375447b1bb186cce118f3a120b777c5008.zip
4 files changed, 2 insertions, 452 deletions
diff --git a/x11/slim/files/patch-000-fix-visible-mcookie b/x11/slim/files/patch-000-fix-visible-mcookie
deleted file mode 100644
index 77cd5c1ab112..000000000000
--- a/x11/slim/files/patch-000-fix-visible-mcookie
+++ /dev/null
@@ -1,192 +0,0 @@
-From 72625a9dacfbd448ba7a84725d66bb2bfc9801f0 Mon Sep 17 00:00:00 2001
-From: Eygene Ryabinkin <rea@codelabs.ru>
-Date: Wed, 20 May 2009 18:44:57 +0400
-Subject: [PATCH] Do not specify magic cookie for xauth in the xauth command line
-
-Instead, open xauth as a pipe and feed commands via its stdin.
-
-Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
----
- Makefile         |    3 ++-
- Makefile.freebsd |    3 ++-
- Makefile.netbsd  |    3 ++-
- Makefile.openbsd |    3 ++-
- app.cpp          |    5 +++--
- switchuser.cpp   |    7 ++++---
- util.cpp         |   32 ++++++++++++++++++++++++++++++++
- util.h           |   19 +++++++++++++++++++
- 8 files changed, 66 insertions(+), 9 deletions(-)
- create mode 100644 util.cpp
- create mode 100644 util.h
-
-diff --git Makefile b/Makefile
-index f7d3d2d..240669d 100644
---- Makefile
-+++ Makefile
-@@ -25,7 +25,8 @@ VERSION=1.3.1
- DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
- 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
- 
--OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
-+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
-+	panel.o util.o
- ifdef USE_PAM
- OBJECTS+=PAM.o
- endif
-diff --git Makefile.freebsd b/Makefile.freebsd
-index 3ff326e..c925a39 100644
---- Makefile.freebsd
-+++ Makefile.freebsd
-@@ -24,7 +24,8 @@ VERSION=1.3.1
- DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
- 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
- 
--OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
-+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
-+	panel.o util.o
- .ifdef USE_PAM
-   OBJECTS+=PAM.o 
- .endif
-diff --git Makefile.netbsd b/Makefile.netbsd
-index ad8bb8b..45f33e6 100644
---- Makefile.netbsd
-+++ Makefile.netbsd
-@@ -24,7 +24,8 @@ VERSION=1.3.1
- DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
- 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
- 
--OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
-+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
-+	panel.o util.o
- .ifdef USE_PAM
-   OBJECTS+=PAM.o 
- .endif
-diff --git Makefile.openbsd b/Makefile.openbsd
-index b1829f8..1205b84 100644
---- Makefile.openbsd
-+++ Makefile.openbsd
-@@ -20,7 +20,8 @@ VERSION=1.3.1
- DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
- 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
- 
--OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
-+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
-+	util.o panel.o
- 
- .SUFFIXES: .c.o .cpp.o
- 
-diff --git app.cpp b/app.cpp
-index 83ae947..04caaa1 100644
---- app.cpp
-+++ app.cpp
-@@ -24,6 +24,7 @@
- #include <algorithm>
- #include "app.h"
- #include "numlock.h"
-+#include "util.h"
- 
- 
- #ifdef HAVE_SHADOW
-@@ -1185,8 +1186,8 @@ void App::CreateServerAuth() {
-     authfile = cfg->getOption("authfile");
-     remove(authfile.c_str());
-     putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
--    cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
--    system(cmd.c_str());
-+    Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
-+      authfile);
- }
- 
- char* App::StrConcat(const char* str1, const char* str2) {
-diff --git switchuser.cpp b/switchuser.cpp
-index e72a8fc..ec298e1 100644
---- switchuser.cpp
-+++ switchuser.cpp
-@@ -10,6 +10,7 @@
- */
- 
- #include "switchuser.h"
-+#include "util.h"
- 
- using namespace std;
- 
-@@ -53,10 +54,10 @@ void SwitchUser::Execute(const char* cmd) {
- }
- 
- void SwitchUser::SetClientAuth(const char* mcookie) {
--    int r;
-+    bool r;
-     string home = string(Pw->pw_dir);
-     string authfile = home + "/.Xauthority";
-     remove(authfile.c_str());
--    string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
--    r = system(cmd.c_str());
-+    r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
-+      authfile);
- }
-diff --git util.cpp b/util.cpp
-new file mode 100644
-index 0000000..309ce4f
---- /dev/null
-+++ util.cpp
-@@ -0,0 +1,32 @@
-+/* SLiM - Simple Login Manager
-+   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
-+
-+   This program is free software; you can redistribute it and/or modify
-+   it under the terms of the GNU General Public License as published by
-+   the Free Software Foundation; either version 2 of the License, or
-+   (at your option) any later version.
-+*/
-+
-+#include <stdio.h>
-+#include "util.h"
-+
-+/*
-+ * Adds the given cookie to the specified Xauthority file.
-+ * Returns true on success, false on fault.
-+ */
-+bool Util::add_mcookie(const std::string &mcookie, const char *display,
-+    const std::string &xauth_cmd, const std::string &authfile)
-+{
-+	FILE *fp;
-+	std::string cmd = xauth_cmd + " -f " + authfile + " -q";
-+
-+	fp = popen(cmd.c_str(), "w");
-+	if (!fp)
-+		return false;
-+	fprintf(fp, "remove %s\n", display);
-+	fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
-+	fprintf(fp, "exit\n");
-+
-+	pclose(fp);
-+	return true;
-+}
-diff --git util.h b/util.h
-new file mode 100644
-index 0000000..8bd52be
---- /dev/null
-+++ util.h
-@@ -0,0 +1,19 @@
-+/* SLiM - Simple Login Manager
-+   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
-+
-+   This program is free software; you can redistribute it and/or modify
-+   it under the terms of the GNU General Public License as published by
-+   the Free Software Foundation; either version 2 of the License, or
-+   (at your option) any later version.
-+*/
-+#ifndef __UTIL_H__
-+#define __UTIL_H__
-+
-+#include <string>
-+
-+namespace Util {
-+	bool add_mcookie(const std::string &mcookie, const char *display,
-+	    const std::string &xauth_cmd, const std::string &authfile);
-+};
-+
-+#endif /* __UTIL_H__ */
--- 
-1.6.3.1
-
diff --git a/x11/slim/files/patch-001-random-routines b/x11/slim/files/patch-001-random-routines
deleted file mode 100644
index 4bdff314a529..000000000000
--- a/x11/slim/files/patch-001-random-routines
+++ /dev/null
@@ -1,193 +0,0 @@
-From 5beb217296e3074cadc5bcb3e40355f54ee705f0 Mon Sep 17 00:00:00 2001
-From: Eygene Ryabinkin <rea@shadow.codelabs.ru>
-Date: Thu, 21 May 2009 11:56:27 +0400
-Subject: [PATCH] Create interface for random number generator and use it everywhere
-
-Don't use rand()/srand() at all -- they are very weak.  Provide our
-wrappers for random()/srandom() and make utility function that will
-generate seed for srandom.
-
-Rework MIT magic cookie generation: consume 4 bytes of input in one
-pass -- random() should produce values that are usable for this purpose.
-
-Signed-off-by: Eygene Ryabinkin <rea@shadow.codelabs.ru>
----
- app.cpp  |   49 ++++++++++++++++++++++++++-----------------------
- app.h    |    2 ++
- util.cpp |   37 +++++++++++++++++++++++++++++++++++++
- util.h   |    5 +++++
- 4 files changed, 70 insertions(+), 23 deletions(-)
-
-diff --git app.cpp b/app.cpp
-index 04caaa1..0ac8c3a 100644
---- app.cpp
-+++ app.cpp
-@@ -129,15 +129,18 @@ void User1Signal(int sig) {
- 
- 
- #ifdef USE_PAM
--App::App(int argc, char** argv):
--    pam(conv, static_cast<void*>(&LoginPanel)){
-+App::App(int argc, char** argv)
-+  : pam(conv, static_cast<void*>(&LoginPanel)),
- #else
--App::App(int argc, char** argv){
-+App::App(int argc, char** argv)
-+  :
- #endif
-+    mcookiesize(32)		// Must be divisible by 4
-+{
-     int tmp;
-     ServerPID = -1;
-     testing = false;
--    mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
-+    mcookie = string(App::mcookiesize, 'a');
-     daemonmode = false;
-     force_nodaemon = false;
-     firstlogin = true;
-@@ -1128,13 +1131,13 @@ string App::findValidRandomTheme(const string& set)
-         name = name.substr(0, name.length() - 1);
-     }
- 
--    srandom(getpid()+time(NULL));
-+    Util::srandom(Util::makeseed());
- 
-     vector<string> themes;
-     string themefile;
-     Cfg::split(themes, name, ',');
-     do {
--        int sel = random() % themes.size();
-+        int sel = Util::random() % themes.size();
- 
-         name = Cfg::Trim(themes[sel]);
-         themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
-@@ -1161,27 +1164,27 @@ void App::replaceVariables(string& input,
- }
- 
- 
-+/*
-+ * We rely on the fact that all bits generated by Util::random()
-+ * are usable, so we are taking full words from its output.
-+ */
- void App::CreateServerAuth() {
-     /* create mit cookie */
--    int i, r;
--    int hexcount = 0;
--        string authfile;
--    string cmd;
-+    uint16_t word;
-+    uint8_t hi, lo;
-+    int i;
-+    string authfile;
-     const char *digits = "0123456789abcdef";
--        srand( time(NULL) );
--    for ( i = 0; i < 31; i++ ) {
--        r = rand()%16;
--                mcookie[i] = digits[r];
--                if (r>9)
--                        hexcount++;
-+    Util::srandom(Util::makeseed());
-+    for (i = 0; i < App::mcookiesize; i+=4) {
-+        word = Util::random() & 0xffff;
-+        lo = word & 0xff;
-+        hi = word >> 8;
-+        mcookie[i] = digits[lo & 0x0f];
-+        mcookie[i+1] = digits[lo >> 4];
-+        mcookie[i+2] = digits[hi & 0x0f];
-+        mcookie[i+3] = digits[hi >> 4];
-     }
--        /* MIT-COOKIE: even occurrences of digits and hex digits */
--        if ((hexcount%2) == 0) {
--                r = rand()%10;
--        } else {
--                r = rand()%5+10;
--        }
--        mcookie[31] = digits[r];
-     /* reinitialize auth file */
-     authfile = cfg->getOption("authfile");
-     remove(authfile.c_str());
-diff --git app.h b/app.h
-index 7b4bd10..9a44269 100644
---- app.h
-+++ app.h
-@@ -101,6 +101,8 @@ private:
-     
-     std::string themeName;
-     std::string mcookie;
-+
-+    const int mcookiesize;
- };
- 
- 
-diff --git util.cpp b/util.cpp
-index 309ce4f..5ed972f 100644
---- util.cpp
-+++ util.cpp
-@@ -7,7 +7,13 @@
-    (at your option) any later version.
- */
- 
-+#include <sys/types.h>
-+
- #include <stdio.h>
-+#include <stdlib.h>
-+#include <time.h>
-+#include <unistd.h>
-+
- #include "util.h"
- 
- /*
-@@ -30,3 +36,34 @@ bool Util::add_mcookie(const std::string &mcookie, const char *display,
- 	pclose(fp);
- 	return true;
- }
-+
-+/*
-+ * Interface for random number generator.  Just now it uses ordinary
-+ * random/srandom routines and serves as a wrapper for them.
-+ */
-+void Util::srandom(unsigned long seed)
-+{
-+	::srandom(seed);
-+}
-+
-+long Util::random(void)
-+{
-+	return ::random();
-+}
-+
-+/*
-+ * Makes seed for the srandom() using "random" values obtained from
-+ * getpid(), time(NULL) and others.
-+ */
-+long Util::makeseed(void)
-+{
-+	struct timespec ts;
-+	long pid = getpid();
-+	long tm = time(NULL);
-+
-+	if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
-+		ts.tv_sec = ts.tv_nsec = 0;
-+	}
-+
-+	return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
-+}
-diff --git util.h b/util.h
-index 8bd52be..b8d2993 100644
---- util.h
-+++ util.h
-@@ -14,6 +14,11 @@
- namespace Util {
- 	bool add_mcookie(const std::string &mcookie, const char *display,
- 	    const std::string &xauth_cmd, const std::string &authfile);
-+
-+	void srandom(unsigned long seed);
-+	long random(void);
-+
-+	long makeseed(void);
- };
- 
- #endif /* __UTIL_H__ */
--- 
-1.6.3.1
-
diff --git a/x11/slim/files/patch-002-fix-shutdown b/x11/slim/files/patch-002-fix-shutdown
deleted file mode 100644
index f2e27060844d..000000000000
--- a/x11/slim/files/patch-002-fix-shutdown
+++ /dev/null
@@ -1,65 +0,0 @@
-------------------------------------------------------------------------
-r169 | iwamatsu | 2009-11-14 09:13:57 +0100 (Sat, 14 Nov 2009) | 11 lines
-
-Add flag of server check
-
-Slim gets this SIGTERM, and its signal handler calls
-CloseServer() to teardown X. But X is not yet started (as StartServer()
-is still running in another thread, waiting in pause()), and hence this
-calls XcloseDisplay which frees some resources which are not yet allocated.
-
-This parch fix this problem.
-Thanks, Landry Breuil, goebbels, jasper and OpenBSD Developer.
-
-Signed-off-by: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
-------------------------------------------------------------------------
---- app.h	(revision 168)
-+++ app.h	(revision 169)
-@@ -36,6 +36,7 @@
-     int GetServerPID();
-     void StopServer();
- 
-+	bool serverStarted;
-     // Lock functions
-     void GetLock();
-     void RemoveLock();
---- app.cpp	(revision 168)
-+++ app.cpp	(revision 169)
-@@ -105,7 +105,10 @@
- 
- void CatchSignal(int sig) {
-     cerr << APPNAME << ": unexpected signal " << sig << endl;
--    LoginApp->StopServer();
-+
-+    if (LoginApp->serverStarted)
-+        LoginApp->StopServer();
-+
-     LoginApp->RemoveLock();
-     exit(ERR_EXIT);
- }
-@@ -140,6 +143,7 @@
-     int tmp;
-     ServerPID = -1;
-     testing = false;
-+    serverStarted = false;
-     mcookie = string(App::mcookiesize, 'a');
-     daemonmode = false;
-     force_nodaemon = false;
-@@ -860,6 +864,8 @@
-     char* args = new char[argOption.length()+2]; // NULL plus vt
-     strcpy(args, argOption.c_str());
- 
-+    serverStarted = false;
-+
-     int argc = 1;
-     int pos = 0;
-     bool hasVtSet = false;
-@@ -940,6 +946,8 @@
-     
-     delete args;
- 
-+    serverStarted = true;
-+
-     return ServerPID;
- }
- 
diff --git a/x11/slim/files/patch-slim.conf b/x11/slim/files/patch-slim.conf
index 1a572adc21f7..271089b4460b 100644
--- a/x11/slim/files/patch-slim.conf
+++ b/x11/slim/files/patch-slim.conf
@@ -3,10 +3,10 @@
 @@ -1,17 +1,19 @@
  # Path, X server and arguments (if needed)
  # Note: -xauth $authfile is automatically appended
--default_path        ./:/bin:/usr/bin:/usr/local/bin
+-default_path        /bin:/usr/bin:/usr/local/bin
 -default_xserver     /usr/bin/X
 -#xserver_arguments   -dpi 75
-+default_path        ./:/bin:/usr/bin:%%LOCALBASE%%/bin:%%LOCALBASE%%/bin
++default_path        /bin:/usr/bin:%%LOCALBASE%%/bin
 +default_xserver     %%LOCALBASE%%/bin/X
 +# The X server needs to be started on an unused virtual terminal,
 +# for FreeBSD in a default configuration, the first one of those is #09
author	Baptiste Daroussin <bapt@FreeBSD.org>	2010-08-20 09:31:32 +0000
committer	Baptiste Daroussin <bapt@FreeBSD.org>	2010-08-20 09:31:32 +0000
commit	beb4a1375447b1bb186cce118f3a120b777c5008 (patch)
tree	26749b2de9b57ebec9cc79a752db458c7e23b534 /x11/slim/files
parent	c6ac7e74874b4704c9fa4ee45da75270eac59688 (diff)
download	ports-beb4a1375447b1bb186cce118f3a120b777c5008.tar.gz ports-beb4a1375447b1bb186cce118f3a120b777c5008.zip