From 4c54a5df65f30cf93465420e2d123e40a9b4ccdf Mon Sep 17 00:00:00 2001
From: Eric Anholt <anholt@FreeBSD.org>
Date: Sun, 9 Nov 2003 04:44:30 +0000
Subject: Update luit (helper app that does locale translation for xterm) in
 XFree86-4-clients from XFree86 CVS.  This allows luit to be used setuid,
 which closes a security hole (tty left world-writable) that luit complains
 about on startup if not setuid.  Setting WITH_SETUID_LUIT installs luit
 setuid.

PR:		ports/51632
Submitted by:	Guido Berhoerster <ich@guido-berhoerster.org>
Help from:	ITO Tsuyoshi <tsuyoshi@is.s.u-tokyo.ac.jp>
---
 x11/XFree86-4-libraries/files/patch-luit | 223 +++++++++++++++++++++++++------
 1 file changed, 181 insertions(+), 42 deletions(-)

(limited to 'x11/XFree86-4-libraries')

diff --git a/x11/XFree86-4-libraries/files/patch-luit b/x11/XFree86-4-libraries/files/patch-luit
index 8d73f80e8b9e..2962f4e7a711 100644
--- a/x11/XFree86-4-libraries/files/patch-luit
+++ b/x11/XFree86-4-libraries/files/patch-luit
@@ -1,61 +1,200 @@
---- programs/luit/Imakefile.orig	Wed Oct 16 18:06:09 2002
-+++ programs/luit/Imakefile	Tue Mar 11 14:57:02 2003
-@@ -8,7 +8,7 @@
+Index: programs/luit/Imakefile
+===================================================================
+RCS file: /home/ncvs/xfree/xc/programs/luit/Imakefile,v
+retrieving revision 1.2
+retrieving revision 1.4
+diff -u -u -r1.2 -r1.4
+--- programs/luit/Imakefile	17 Oct 2002 01:06:09 -0000	1.2
++++ programs/luit/Imakefile	28 May 2003 16:02:35 -0000	1.4
+@@ -1,19 +1,19 @@
+-XCOMM $XFree86: xc/programs/luit/Imakefile,v 1.2 2002/10/17 01:06:09 dawes Exp $
++XCOMM $XFree86: xc/programs/luit/Imakefile,v 1.3tsi Exp $
+ 
+ #ifndef LocaleAliasFile
+-#define LocaleAliasFile \
+-          $(XLOCALEDIR)/locale.alias
++#define LocaleAliasFile $(XLOCALEDIR)/locale.alias
+ #endif
+ 
++LOCALEALIASFILE = LocaleAliasFile
  LOCAL_LIBRARIES = $(XFONTENCLIB)
  DEPLIBS = $(DEPXFONTENCLIB)
  
 -SYS_LIBRARIES = MathLibrary GzipLibrary
-+SYS_LIBRARIES = MathLibrary GzipLibrary -lutil
++SYS_LIBRARIES = GzipLibrary
  
  SRCS = luit.c iso2022.c charset.c parser.c sys.c other.c
  
---- programs/luit/sys.c.orig	Mon Jan  7 12:38:30 2002
-+++ programs/luit/sys.c	Tue Mar 11 14:57:02 2003
-@@ -33,6 +33,7 @@
- #include <termios.h>
- #include <signal.h>
- #include <errno.h>
-+#include <libutil.h>
- 
- #ifdef SVR4
- #define HAVE_POLL
-@@ -313,6 +314,7 @@
+ OBJS = luit.o iso2022.o charset.o parser.o sys.o other.o
+ 
+-DEFINES = -DLOCALE_ALIAS_FILE=\"LocaleAliasFile\"
++DEFINES = -DLOCALE_ALIAS_FILE=\"$(LOCALEALIASFILE)\"
+ 
+ ComplexProgramTarget(luit)
+Index: programs/luit/luit.c
+===================================================================
+RCS file: /home/ncvs/xfree/xc/programs/luit/luit.c,v
+retrieving revision 1.10
+retrieving revision 1.11
+diff -u -u -r1.10 -r1.11
+--- programs/luit/luit.c	24 Feb 2003 01:10:25 -0000	1.10
++++ programs/luit/luit.c	8 Sep 2003 14:25:30 -0000	1.11
+@@ -545,6 +545,10 @@
+ #endif
+     installHandler(SIGCHLD, sigchldHandler);
+ 
++    rc = copyTermios(0, pty);
++    if(rc < 0)
++        FatalError("Couldn't copy terminal settings\n");
++
+     rc = setRawTermios();
+     if(rc < 0)
+         FatalError("Couldn't set terminal to raw\n");
+Index: programs/luit/luit.man
+===================================================================
+RCS file: /home/ncvs/xfree/xc/programs/luit/luit.man,v
+retrieving revision 1.7
+retrieving revision 1.8
+diff -u -u -r1.7 -r1.8
+--- programs/luit/luit.man	24 Feb 2003 01:10:25 -0000	1.7
++++ programs/luit/luit.man	3 Apr 2003 16:44:36 -0000	1.8
+@@ -202,8 +202,8 @@
+ takes no responsibility for any resulting security issues.
+ 
+ .B Luit
+-will refuse to run if it is installed setuid and the underlying system
+-does not have POSIX saved ids.
++will refuse to run if it is installed setuid and cannot safely drop
++privileges.
+ .SH BUGS
+ None of this complexity should be necessary.  Stateless UTF-8
+ throughout the system is the way to go.
+Index: programs/luit/sys.c
+===================================================================
+RCS file: /home/ncvs/xfree/xc/programs/luit/sys.c,v
+retrieving revision 1.7
+retrieving revision 1.10
+diff -u -u -r1.7 -r1.10
+--- programs/luit/sys.c	7 Jan 2002 20:38:30 -0000	1.7
++++ programs/luit/sys.c	8 Sep 2003 14:25:30 -0000	1.10
+@@ -68,6 +68,10 @@
+ #include <stropts.h>
+ #endif
+ 
++#if (defined(__unix__) || defined(unix)) && !defined(USG)
++#include <sys/param.h>
++#endif
++
+ #include "sys.h"
+ 
+ static int saved_tio_valid = 0;
+@@ -211,6 +215,23 @@
+ }
+ 
+ int
++copyTermios(int sfd, int dfd)
++{
++    struct termios tio;
++    int rc;
++
++    rc = tcgetattr(sfd, &tio);
++    if(rc < 0)
++        return -1;
++
++    rc = tcsetattr(dfd, TCSAFLUSH, &tio);
++    if(rc < 0)
++        return -1;
++
++    return 0;
++}
++
++int
+ saveTermios(void)
+ {
+     int rc;
+@@ -311,7 +332,8 @@
+ {
+     char name[12], *line = NULL;
      int pty = -1;
-     char *name1 = "pqrstuvwxyzPQRST", *name2 = "0123456789abcdef";
+-    char *name1 = "pqrstuvwxyzPQRST", *name2 = "0123456789abcdef";
++    char *name1 = "pqrstuvwxyzPQRST", 
++        *name2 = "0123456789abcdefghijklmnopqrstuv";
      char *p1, *p2;
-+    int tty;
  
  #ifdef HAVE_GRANTPT
-     char *temp_line;
-@@ -355,27 +357,11 @@
-   bsd:
- #endif /* HAVE_GRANTPT */
- 
--    strcpy(name, "/dev/pty??");
--    for(p1 = name1; *p1; p1++) {
--        name[8] = *p1;
--        for(p2 = name2; *p2; p2++) {
--            name[9] = *p2;
--            pty = open(name, O_RDWR);
--            if(pty >= 0)
--                goto found;
+@@ -363,17 +385,16 @@
+             pty = open(name, O_RDWR);
+             if(pty >= 0)
+                 goto found;
 -            if(errno == ENOENT)
 -                goto bail;
 -            else
 -                continue;
--        }
--    }
--
--    goto bail;
--
--  found:
++            /* Systems derived from 4.4BSD differ in their pty names,
++               so ENOENT doesn't necessarily imply we're done. */
++            continue;
+         }
+     }
+ 
+     goto bail;
+ 
+   found:
 -    line = malloc(strlen(name));
-+    if (openpty(&pty, &tty, name, NULL, NULL) == -1)
-+        goto bail;
-+    close(tty);
 +    line = malloc(strlen(name) + 1);
      strcpy(line, name);
--    line[5] = 't';
+     line[5] = 't';
      fix_pty_perms(line);
-     *pty_return = pty;
-     *line_return = line;
+@@ -429,7 +450,10 @@
+     return -1;
+ }
+ 
+-#ifdef _POSIX_SAVED_IDS
++/* Post-4.4 BSD systems have POSIX semantics (_POSIX_SAVED_IDS
++   or not, depending on the version).  4.3BSD and Minix do not have
++   saved IDs at all, so there's no issue. */
++#if (defined(BSD) && !defined(_POSIX_SAVED_IDS)) || defined(_MINIX)
+ int
+ droppriv()
+ {
+@@ -438,6 +462,25 @@
+     if(rc < 0)
+         return rc;
+     return setgid(getgid());
++}
++#elif defined(_POSIX_SAVED_IDS)
++int
++droppriv()
++{
++    int uid = getuid();
++    int euid = geteuid();
++    int gid = getgid();
++    int egid = getegid();
++    int rc;
++
++    if((uid != euid || gid != egid) && euid != 0) {
++        errno = ENOSYS;
++        return -1;
++    }
++    rc = setuid(uid);
++    if(rc < 0)
++        return rc;
++    return setgid(gid);
+ }
+ #else
+ int
+Index: programs/luit/sys.h
+===================================================================
+RCS file: /home/ncvs/xfree/xc/programs/luit/sys.h,v
+retrieving revision 1.1
+retrieving revision 1.2
+diff -u -u -r1.1 -r1.2
+--- programs/luit/sys.h	2 Nov 2001 03:06:43 -0000	1.1
++++ programs/luit/sys.h	8 Sep 2003 14:25:30 -0000	1.2
+@@ -24,6 +24,7 @@
+ int waitForInput(int fd1, int fd2);
+ int setWindowSize(int sfd, int dfd);
+ int installHandler(int signum, void (*handler)(int));
++int copyTermios(int sfd, int dfd);
+ int saveTermios(void);
+ int restoreTermios(void);
+ int setRawTermios(void);
-- 
cgit v1.2.3