diff options
-rw-r--r-- | x11-apps/xdm/Manifest | 1 | ||||
-rw-r--r-- | x11-apps/xdm/files/xdm-1.1.11-arc4random-include.patch | 18 | ||||
-rw-r--r-- | x11-apps/xdm/files/xdm-1.1.11-cve-2013-2179.patch | 41 | ||||
-rw-r--r-- | x11-apps/xdm/files/xdm-1.1.11-setproctitle-include.patch | 37 | ||||
-rw-r--r-- | x11-apps/xdm/files/xdm-consolekit.patch | 230 | ||||
-rw-r--r-- | x11-apps/xdm/metadata.xml | 1 | ||||
-rw-r--r-- | x11-apps/xdm/xdm-1.1.11-r3.ebuild | 77 |
7 files changed, 0 insertions, 405 deletions
diff --git a/x11-apps/xdm/Manifest b/x11-apps/xdm/Manifest index ae11f03d02d2..141eede7e334 100644 --- a/x11-apps/xdm/Manifest +++ b/x11-apps/xdm/Manifest @@ -1,2 +1 @@ -DIST xdm-1.1.11.tar.bz2 446612 BLAKE2B ce9bed568e036a882ecc56d75f7ce8646d14ae00c754d6e5542ea5b186c3ef1ce8499e2d70190b4fbc4b344e0c70fd36deab5aacc5f1f55501db709300aee520 SHA512 fe6f2b7817c0f7f07a1f5f497edcdfa15b93986fd87f314daa472dac8625327ef46ebbf40d27fe8d4a8a2f8d5af8a01c4438a29356740e0eb350f2bd0c7ec0d5 DIST xdm-1.1.12.tar.bz2 512074 BLAKE2B a82d124f4b7ce3185d703fca3aade92e86094602aec5343566ba8c91c54b70cdedbaea2fa6fee330d7ed48d9138b04a998aa2dae06db2683bfcce6c7693edc82 SHA512 1a4be0a070ced5db8fda6fc74794c9f9ed0cb37fa440fda6a3a7652aff62dfc3d7ba68b9facf054671ebf0f4db2a0eec29d0aa3716e3407ccd5529bac3553bdb diff --git a/x11-apps/xdm/files/xdm-1.1.11-arc4random-include.patch b/x11-apps/xdm/files/xdm-1.1.11-arc4random-include.patch deleted file mode 100644 index db948094b755..000000000000 --- a/x11-apps/xdm/files/xdm-1.1.11-arc4random-include.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -ur a/xdm/genauth.c b/xdm/genauth.c ---- a/xdm/genauth.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/genauth.c 2014-01-06 16:28:09.664060603 +0100 -@@ -40,6 +40,14 @@ - - #include <errno.h> - -+#ifdef HAVE_ARC4RANDOM -+# ifdef __linux__ -+# include <bsd/stdlib.h> -+# else -+# include <stdlib.h> -+# endif -+#endif -+ - #include <time.h> - #define Time_t time_t - diff --git a/x11-apps/xdm/files/xdm-1.1.11-cve-2013-2179.patch b/x11-apps/xdm/files/xdm-1.1.11-cve-2013-2179.patch deleted file mode 100644 index 34ae7ceb3cd6..000000000000 --- a/x11-apps/xdm/files/xdm-1.1.11-cve-2013-2179.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 8d1eb5c74413e4c9a21f689fc106949b121c0117 Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@hush.com> -Date: Wed, 22 May 2013 14:20:26 +0000 -Subject: Handle NULL returns from glibc 2.17+ crypt(). - -Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL -(w/ NULL return) if the salt violates specifications. Additionally, -on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords -passed to crypt() fail with EPERM (w/ NULL return). - -If using glibc's crypt(), check return value to avoid a possible -NULL pointer dereference. - -Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> -Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> ---- -diff --git a/greeter/verify.c b/greeter/verify.c -index db3cb7d..b009e2b 100644 ---- a/greeter/verify.c -+++ b/greeter/verify.c -@@ -329,6 +329,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - struct spwd *sp; - # endif - char *user_pass = NULL; -+ char *crypted_pass = NULL; - # endif - # ifdef __OpenBSD__ - char *s; -@@ -464,7 +465,9 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - # if defined(ultrix) || defined(__ultrix__) - if (authenticate_user(p, greet->password, NULL) < 0) - # else -- if (strcmp (crypt (greet->password, user_pass), user_pass)) -+ crypted_pass = crypt (greet->password, user_pass); -+ if ((crypted_pass == NULL) -+ || (strcmp (crypted_pass, user_pass))) - # endif - { - if(!greet->allow_null_passwd || strlen(p->pw_passwd) > 0) { --- -cgit v0.9.0.2-2-gbebe diff --git a/x11-apps/xdm/files/xdm-1.1.11-setproctitle-include.patch b/x11-apps/xdm/files/xdm-1.1.11-setproctitle-include.patch deleted file mode 100644 index 0a3f32bbea02..000000000000 --- a/x11-apps/xdm/files/xdm-1.1.11-setproctitle-include.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -ur a/xdm/choose.c b/xdm/choose.c ---- a/xdm/choose.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/choose.c 2014-01-06 16:33:09.628065364 +0100 -@@ -54,6 +54,14 @@ - # include <tiuser.h> - # endif - -+# ifdef HAVE_SETPROCTITLE -+# ifdef __linux__ -+# include <bsd/unistd.h> -+# else -+# include <unistd.h> -+# endif -+# endif -+ - # include <time.h> - # define Time_t time_t - -diff -ur a/xdm/session.c b/xdm/session.c ---- a/xdm/session.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/session.c 2014-01-06 16:40:57.508072789 +0100 -@@ -54,6 +54,15 @@ - # include <usersec.h> - #endif - -+# ifdef HAVE_SETPROCTITLE -+# include <sys/types.h> -+# ifdef __linux__ -+# include <bsd/unistd.h> -+# else -+# include <unistd.h> -+# endif -+# endif -+ - #ifndef USE_PAM /* PAM modules should handle these */ - # ifdef SECURE_RPC - # include <rpc/rpc.h> diff --git a/x11-apps/xdm/files/xdm-consolekit.patch b/x11-apps/xdm/files/xdm-consolekit.patch deleted file mode 100644 index fbacd36fc073..000000000000 --- a/x11-apps/xdm/files/xdm-consolekit.patch +++ /dev/null @@ -1,230 +0,0 @@ -http://bugs.gentoo.org/360987 -http://projects.archlinux.org/svntogit/packages.git/plain/trunk/xdm-consolekit.patch?h=packages/xorg-xdm -http://lists.x.org/archives/xorg-devel/2011-February/019615.html -http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 - ---- a/configure.ac -+++ b/configure.ac -@@ -362,6 +362,20 @@ - - AM_CONDITIONAL(DYNAMIC_GREETER, test x$DYNAMIC_GREETER = xyes) - -+# ConsoleKit support -+AC_ARG_WITH(consolekit, AC_HELP_STRING([--with-consolekit], [Use ConsoleKit]), -+ [USE_CONSOLEKIT=$withval], [USE_CONSOLEKIT=yes]) -+if test x"$USE_CONSOLEKIT" != xno; then -+ PKG_CHECK_MODULES(CK_CONNECTOR, ck-connector, -+ [USE_CONSOLEKIT=yes], [USE_CONSOLEKIT=no]) -+ if test x"$USE_CONSOLEKIT" = xyes; then -+ AC_DEFINE([USE_CONSOLEKIT], 1, [Define to 1 to use ConsoleKit]) -+ XDM_CFLAGS="$XDM_CFLAGS $CK_CONNECTOR_CFLAGS -DUSE_CONSOLEKIT" -+ XDM_LIBS="$XDM_LIBS $CK_CONNECTOR_LIBS" -+ fi -+fi -+dnl AM_CONDITIONAL(USE_CONSOLEKIT, test$USE_CONSOLEKIT = xyes) -+ - # - # XDM - # ---- a/xdm/session.c -+++ b/xdm/session.c -@@ -66,6 +66,11 @@ - #endif - #endif /* USE_PAM */ - -+#ifdef USE_CONSOLEKIT -+#include <ck-connector.h> -+#include <dbus/dbus.h> -+#endif -+ - #ifdef __SCO__ - #include <prot.h> - #endif -@@ -472,6 +477,97 @@ - } - } - -+#ifdef USE_CONSOLEKIT -+ -+static CkConnector *connector; -+ -+static int openCKSession(struct verify_info *verify, struct display *d) -+{ -+ int ret; -+ DBusError error; -+ char *remote_host_name = ""; -+ dbus_bool_t is_local; -+ char *display_name = ""; -+ char *display_device = ""; -+ char devtmp[16]; -+ -+ if (!use_consolekit) -+ return 1; -+ -+ is_local = d->displayType.location == Local; -+ if (d->peerlen > 0 && d->peer) -+ remote_host_name = d->peer; -+ if (d->name) -+ display_name = d->name; -+ /* how can we get the corresponding tty at best...? */ -+ if (d->windowPath) { -+ display_device = strchr(d->windowPath, ':'); -+ if (display_device && display_device[1]) -+ display_device++; -+ else -+ display_device = d->windowPath; -+ snprintf(devtmp, sizeof(devtmp), "/dev/tty%s", display_device); -+ display_device = devtmp; -+ } -+ -+ connector = ck_connector_new(); -+ if (!connector) { -+ LogOutOfMem("ck_connector"); -+ return 0; -+ } -+ -+ dbus_error_init(&error); -+ ret = ck_connector_open_session_with_parameters( -+ connector, &error, -+ "unix-user", &verify->uid, -+ "x11-display", &display_name, -+ "x11-display-device", &display_device, -+ "remote-host-name", &remote_host_name, -+ "is-local", &is_local, -+ NULL); -+ if (!ret) { -+ if (dbus_error_is_set(&error)) { -+ LogError("Dbus error: %s\n", error.message); -+ dbus_error_free(&error); -+ } else { -+ LogError("ConsoleKit error\n"); -+ } -+ LogError("console-kit-daemon not running?\n"); -+ ck_connector_unref(connector); -+ connector = NULL; -+ return 0; -+ } -+ -+ verify->userEnviron = setEnv(verify->userEnviron, -+ "XDG_SESSION_COOKIE", ck_connector_get_cookie(connector)); -+ return 1; -+} -+ -+static void closeCKSession(void) -+{ -+ DBusError error; -+ -+ if (!connector) -+ return; -+ -+ dbus_error_init(&error); -+ if (!ck_connector_close_session(connector, &error)) { -+ if (dbus_error_is_set(&error)) { -+ LogError("Dbus error: %s\n", error.message); -+ dbus_error_free(&error); -+ } else { -+ LogError("ConsoleKit close error\n"); -+ } -+ LogError("console-kit-daemon not running?\n"); -+ } -+ ck_connector_unref(connector); -+ connector = NULL; -+} -+#else -+#define openCKSession(v,d) 1 -+#define closeCKSession() -+#endif -+ - void - SessionExit (struct display *d, int status, int removeAuth) - { -@@ -486,6 +580,8 @@ - } - #endif - -+ closeCKSession(); -+ - /* make sure the server gets reset after the session is over */ - if (d->serverPid >= 2 && d->resetSignal) - kill (d->serverPid, d->resetSignal); -@@ -568,6 +664,10 @@ - #ifdef USE_PAM - if (pamh) pam_open_session(pamh, 0); - #endif -+ -+ if (!openCKSession(verify, d)) -+ return 0; -+ - switch (pid = fork ()) { - case 0: - CleanUpChild (); ---- a/include/dm.h -+++ b/include/dm.h -@@ -325,6 +325,9 @@ - extern char *prngdSocket; - extern int prngdPort; - # endif -+#ifdef USE_CONSOLEKIT -+extern int use_consolekit; -+#endif - - extern char *greeterLib; - extern char *willing; ---- a/xdm/resource.c -+++ b/xdm/resource.c -@@ -68,6 +68,9 @@ - char *prngdSocket; - int prngdPort; - #endif -+#ifdef USE_CONSOLEKIT -+int use_consolekit; -+#endif - - char *greeterLib; - char *willing; -@@ -258,6 +261,10 @@ - "false"} , - { "willing", "Willing", DM_STRING, &willing, - ""} , -+#ifdef USE_CONSOLEKIT -+{ "consoleKit", "ConsoleKit", DM_BOOL, (char **) &use_consolekit, -+ "true"} , -+#endif - }; - - # define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0]) -@@ -440,7 +447,11 @@ - {"-debug", "*debugLevel", XrmoptionSepArg, (caddr_t) NULL }, - {"-xrm", NULL, XrmoptionResArg, (caddr_t) NULL }, - {"-daemon", ".daemonMode", XrmoptionNoArg, "true" }, --{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" } -+{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" }, -+#ifdef USE_CONSOLEKIT -+{"-consolekit", ".consoleKit", XrmoptionNoArg, "true" }, -+{"-noconsolekit", ".consoleKit", XrmoptionNoArg, "false" } -+#endif - }; - - static int originalArgc; ---- a/man/xdm.man -+++ b/man/xdm.man -@@ -51,6 +51,8 @@ - ] [ - .B \-session - .I session_program -+] [ -+.B \-noconsolekit - ] - .SH DESCRIPTION - .I Xdm -@@ -218,6 +220,10 @@ - .IP "\fB\-xrm\fP \fIresource_specification\fP" - Allows an arbitrary resource to be specified, as in most - X Toolkit applications. -+.IP "\fB\-noconsolekit\fP" -+Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP -+resource. -+This suppresses the session management using ConsoleKit. - .SH RESOURCES - At many stages the actions of - .I xdm diff --git a/x11-apps/xdm/metadata.xml b/x11-apps/xdm/metadata.xml index 27b78ed8a148..cb9dcdc919bd 100644 --- a/x11-apps/xdm/metadata.xml +++ b/x11-apps/xdm/metadata.xml @@ -7,6 +7,5 @@ </maintainer> <use> <flag name="consolekit">Enable native <pkg>sys-auth/consolekit</pkg> support</flag> - <flag name="xdm-auth">Enable XDM-AUTHENTICATION-1 support</flag> </use> </pkgmetadata> diff --git a/x11-apps/xdm/xdm-1.1.11-r3.ebuild b/x11-apps/xdm/xdm-1.1.11-r3.ebuild deleted file mode 100644 index 7799fbfa3e79..000000000000 --- a/x11-apps/xdm/xdm-1.1.11-r3.ebuild +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 - -XORG_EAUTORECONF=yes - -inherit multilib xorg-2 pam systemd - -DEFAULTVT=vt7 - -DESCRIPTION="X.Org xdm application" - -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd" -IUSE="consolekit ipv6 pam xdm-auth" - -RDEPEND="x11-apps/xrdb - x11-libs/libXdmcp - x11-libs/libXaw - >=x11-apps/xinit-1.0.2-r3 - x11-libs/libXinerama - x11-libs/libXmu - x11-libs/libX11 - x11-libs/libXt - x11-apps/sessreg - x11-apps/xconsole - consolekit? ( sys-auth/consolekit ) - pam? ( virtual/pam ) - !<sys-apps/systemd-187" -DEPEND="${RDEPEND} - x11-base/xorg-proto - consolekit? ( !=sys-auth/pambase-20101024-r1 )" - -pkg_setup() { - PATCHES=( - "${FILESDIR}"/${PN}-consolekit.patch - "${FILESDIR}"/${P}-cve-2013-2179.patch - "${FILESDIR}"/${PN}-1.1.11-arc4random-include.patch - "${FILESDIR}"/${PN}-1.1.11-setproctitle-include.patch - ) - - XORG_CONFIGURE_OPTIONS=( - $(use_enable ipv6) - $(use_with pam) - "$(systemd_with_unitdir)" - --with-default-vt=${DEFAULTVT} - --with-xdmconfigdir=/etc/X11/xdm - $(use_with consolekit) - ) -} - -src_prepare() { - # fedora invented that in -187... - sed -i -e 's:^Alias=.*$:Alias=display-manager.service:' \ - xdm.service.in || die - - # disable XDM-AUTHENTICATION-1 wrt bug #445662. - # it causes issue with libreoffice and SDL games (bug #306223). - if use !xdm-auth; then - sed -i -e '/authorize/a\ -DisplayManager*authName: MIT-MAGIC-COOKIE-1' \ - config/xdm-config.cpp || die - fi - xorg-2_src_prepare -} - -src_install() { - xorg-2_src_install - - exeinto /usr/$(get_libdir)/X11/xdm - doexe "${FILESDIR}"/Xsession - - use pam && pamd_mimic system-local-login xdm auth account session - - # Keep /var/lib/xdm. This is where authfiles are stored. See #286350. - keepdir /var/lib/xdm -} |