cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY update to accountsservice-0.6.22.

Browse Source
This commit is contained in:
ajacoutot 2012-07-05 07:18:59 +00:00
parent ed9f7f03ac
commit ef0b6f6c85
7 changed files with 122 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sysutils/accountsservice/Makefile
View File

@ -1,10 +1,9 @@
# $OpenBSD: Makefile,v 1.26 2012/05/11 18:19:10 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.27 2012/07/05 07:18:59 ajacoutot Exp $
COMMENT= D-Bus interface for user account query and manipulation
DISTNAME= accountsservice-0.6.20
DISTNAME= accountsservice-0.6.22
EXTRACT_SUFX= .tar.xz
REVISION= 0
SHARED_LIBS += accountsservice 0.0 # 0.0
@ -43,6 +42,7 @@ CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib"
CONFIGURE_ARGS= ${CONFIGURE_SHARED} \
--enable-introspection \
--disable-systemd \
--disable-docbook-docs
FAKE_FLAGS= sysconfdir=${PREFIX}/share/examples/accountsservice

10
sysutils/accountsservice/distinfo
View File

@ -1,5 +1,5 @@
MD5 (accountsservice-0.6.20.tar.xz) = 5I1uyK7JQdY3U8GQTb91qA==
RMD160 (accountsservice-0.6.20.tar.xz) = ynnILMSfNvxUfzDq0hhwcXf2Cao=
SHA1 (accountsservice-0.6.20.tar.xz) = agULnW/w2TROSEDdrM6NFa63T5I=
SHA256 (accountsservice-0.6.20.tar.xz) = 6K9oYP0ZCe1kk5V8tRMD6BM73+c+lS5VgK2XwYdK87Q=
SIZE (accountsservice-0.6.20.tar.xz) = 329736
MD5 (accountsservice-0.6.22.tar.xz) = c+wOaJqDopcDE89yBPiGIg==
RMD160 (accountsservice-0.6.22.tar.xz) = qWXpSTsAWtiHojbaQbqZJzZ+bJk=
SHA1 (accountsservice-0.6.22.tar.xz) = Mjj3NKJP81iXR9JjwVCdr61dnyw=
SHA256 (accountsservice-0.6.22.tar.xz) = hR4Fqlk82OPtXGNaf+4//A9BjT2y8oxevWt1AylOO90=
SIZE (accountsservice-0.6.22.tar.xz) = 331028

21
sysutils/accountsservice/patches/patch-src_Makefile_in
View File

@ -1,7 +1,18 @@
$OpenBSD: patch-src_Makefile_in,v 1.3 2012/03/28 09:05:54 ajacoutot Exp $
--- src/Makefile.in.orig Tue Mar 27 17:51:41 2012
+++ src/Makefile.in Wed Mar 28 10:48:44 2012
@@ -339,7 +339,8 @@ accounts_daemon_LDADD = \
$OpenBSD: patch-src_Makefile_in,v 1.4 2012/07/05 07:18:59 ajacoutot Exp $
--- src/Makefile.in.orig Thu Jun 28 17:33:09 2012
+++ src/Makefile.in Wed Jul 4 10:39:31 2012
@@ -333,8 +333,8 @@ SUBDIRS = . libaccountsservice
INCLUDES = \
-DLOCALSTATEDIR=\""$(localstatedir)"\" \
-DDATADIR=\""$(datadir)"\" \
- -DICONDIR=\"$(localstatedir)/lib/AccountsService/icons\" \
- -DUSERDIR=\"$(localstatedir)/lib/AccountsService/users\" \
+ -DICONDIR=\"$(localstatedir)/db/AccountsService/icons\" \
+ -DUSERDIR=\"$(localstatedir)/db/AccountsService/users\" \
$(DBUS_GLIB_CFLAGS) \
$(GIO_CFLAGS) \
$(GLIB_CFLAGS) \
@@ -363,7 +363,8 @@ accounts_daemon_LDADD = \
$(DBUS_GLIB_LIBS) \
$(GIO_LIBS) \
$(GLIB_LIBS) \
@ -11,7 +22,7 @@ $OpenBSD: patch-src_Makefile_in,v 1.3 2012/03/28 09:05:54 ajacoutot Exp $
CLEANFILES = $(BUILT_SOURCES)
all: $(BUILT_SOURCES)
@@ -800,8 +801,6 @@ accounts-user-generated.c accounts-user-generated.h: $
@@ -824,8 +825,6 @@ accounts-user-generated.c accounts-user-generated.h: $
gdbus-codegen --generate-c-code accounts-user-generated --c-namespace Accounts --interface-prefix=org.freedesktop.Accounts. $(top_srcdir)/data/org.freedesktop.Accounts.User.xml
install-data-hook:

76
sysutils/accountsservice/patches/patch-src_daemon_c
View File

@ -1,7 +1,14 @@
$OpenBSD: patch-src_daemon_c,v 1.16 2012/05/11 18:19:10 ajacoutot Exp $
--- src/daemon.c.orig Fri May 4 15:52:03 2012
+++ src/daemon.c Fri May 11 20:16:23 2012
@@ -36,6 +36,10 @@
$OpenBSD: patch-src_daemon_c,v 1.17 2012/07/05 07:18:59 ajacoutot Exp $
Revert the following commit:
This reverts commit dfa1a6239b01c823ce0fec781c6c9541c988f56e.
The commit is wrong, since we're only interested in local users.
http://bugs.freedesktop.org/show_bug.cgi?id=41747
(XXX we need a way to only get local users)
--- src/daemon.c.orig Thu Jun 28 17:24:55 2012
+++ src/daemon.c Thu Jul 5 08:58:57 2012
@@ -35,6 +35,10 @@
#include <utmpx.h>
#endif
@ -12,28 +19,65 @@ $OpenBSD: patch-src_daemon_c,v 1.16 2012/05/11 18:19:10 ajacoutot Exp $
#include <glib.h>
#include <glib/gi18n.h>
#include <glib-object.h>
@@ -52,7 +56,7 @@
#define PATH_FALSE "/bin/false"
#define PATH_GDM_CUSTOM "/etc/gdm/custom.conf"
@@ -300,22 +304,32 @@ reload_passwd (Daemon *daemon)
GSList *old_users;
GSList *new_users;
GSList *list;
+#ifdef HAVE_FGETPWENT
FILE *fp;
+#endif
User *user = NULL;
-#define USERDIR LOCALSTATEDIR "/lib/AccountsService/users"
+#define USERDIR LOCALSTATEDIR "/db/AccountsService/users"
old_users = NULL;
new_users = NULL;
static const char *default_excludes[] = {
"bin",
@@ -909,7 +913,11 @@ daemon_create_user_authorized_cb (Daemon
+#ifdef HAVE_FGETPWENT
errno = 0;
fp = fopen (PATH_PASSWD, "r");
if (fp == NULL) {
g_warning ("Unable to open %s: %s", PATH_PASSWD, g_strerror (errno));
goto out;
}
+#else
+ setpwent();
+#endif
g_hash_table_foreach (daemon->priv->users, listify_hash_values_hfunc, &old_users);
g_slist_foreach (old_users, (GFunc) g_object_ref, NULL);
+#ifdef HAVE_FGETPWENT
while ((pwent = fgetpwent (fp)) != NULL) {
+#else
+ while ((pwent = getpwent ()) != NULL) {
+#endif
/* Skip system users... */
if (daemon_local_user_is_excluded (daemon, pwent->pw_name, pwent->pw_shell)) {
g_debug ("skipping user: %s", pwent->pw_name);
@@ -365,10 +379,12 @@ reload_passwd (Daemon *daemon)
}
}
+#ifdef HAVE_FGETPWENT
out:
/* Cleanup */
fclose (fp);
+#endif
g_slist_foreach (new_users, (GFunc) g_object_thaw_notify, NULL);
g_slist_foreach (new_users, (GFunc) g_object_unref, NULL);
@@ -922,7 +938,11 @@ daemon_create_user_authorized_cb (Daemon
CreateUserData *cd = data;
User *user;
GError *error;
+#ifndef __OpenBSD__
const gchar *argv[9];
+#else
+ gchar *argv[13];
+ const gchar *argv[13];
+#endif
if (getpwnam (cd->user_name) != NULL) {
throw_error (context, ERROR_USER_EXISTS, "A user with name '%s' already exists", cd->user_name);
@@ -926,14 +934,31 @@ daemon_create_user_authorized_cb (Daemon
@@ -939,14 +959,31 @@ daemon_create_user_authorized_cb (Daemon
if (cd->account_type == ACCOUNT_TYPE_ADMINISTRATOR) {
argv[4] = "-G";
argv[5] = "wheel";
@ -65,7 +109,7 @@ $OpenBSD: patch-src_daemon_c,v 1.16 2012/05/11 18:19:10 ajacoutot Exp $
}
else {
throw_error (context, ERROR_FAILED, "Don't know how to add user of type %d", cd->account_type);
@@ -1005,15 +1030,49 @@ daemon_delete_user_authorized_cb (Daemon
@@ -1018,15 +1055,49 @@ daemon_delete_user_authorized_cb (Daemon
return;
}
@ -77,7 +121,7 @@ $OpenBSD: patch-src_daemon_c,v 1.16 2012/05/11 18:19:10 ajacoutot Exp $
+#ifdef __OpenBSD__
+ struct group *grp;
+ GError *grperror;
+ gchar *grpargv[2];
+ const gchar *grpargv[2];
+
+ grp = getgrnam (pwent->pw_name);
+

10
sysutils/accountsservice/patches/patch-src_libaccountsservice_Makefile_in
View File

@ -1,14 +1,14 @@
$OpenBSD: patch-src_libaccountsservice_Makefile_in,v 1.4 2012/03/28 09:05:54 ajacoutot Exp $
$OpenBSD: patch-src_libaccountsservice_Makefile_in,v 1.5 2012/07/05 07:18:59 ajacoutot Exp $
OpenBSD does NOT require -lcrypt, DES encryption is part of the standard libc.
--- src/libaccountsservice/Makefile.in.orig Tue Mar 27 17:51:41 2012
+++ src/libaccountsservice/Makefile.in Wed Mar 28 10:48:44 2012
@@ -360,7 +360,6 @@ libaccountsservice_la_LDFLAGS = \
--- src/libaccountsservice/Makefile.in.orig Thu Jun 28 17:33:09 2012
+++ src/libaccountsservice/Makefile.in Wed Jul 4 10:38:15 2012
@@ -382,7 +382,6 @@ libaccountsservice_la_LDFLAGS = \
libaccountsservice_la_LIBADD = \
$(LIBACCOUNTSSERVICE_LIBS) \
- -lcrypt \
$(END_OF_LIST)
libaccountsservice_la_SOURCES = \
libaccountsservice_la_sources = \

41
sysutils/accountsservice/patches/patch-src_user_c
View File

@ -1,16 +1,7 @@
$OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
--- src/user.c.orig Mon Mar 26 22:39:21 2012
+++ src/user.c Wed Mar 28 10:58:04 2012
@@ -46,7 +46,7 @@
#include "accounts-user-generated.h"
#include "util.h"
-#define ICONDIR LOCALSTATEDIR "/lib/AccountsService/icons"
+#define ICONDIR LOCALSTATEDIR "/db/AccountsService/icons"
enum {
PROP_0,
@@ -112,7 +112,12 @@ account_type_from_pwent (struct passwd *pwent)
$OpenBSD: patch-src_user_c,v 1.13 2012/07/05 07:18:59 ajacoutot Exp $
--- src/user.c.orig Thu Jun 28 17:28:15 2012
+++ src/user.c Thu Jul 5 08:58:01 2012
@@ -110,7 +110,12 @@ account_type_from_pwent (struct passwd *pwent)
{
struct group *grp;
gid_t wheel;
@ -23,7 +14,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
gint ngroups;
gint i;
@@ -128,16 +133,28 @@ account_type_from_pwent (struct passwd *pwent)
@@ -126,16 +131,28 @@ account_type_from_pwent (struct passwd *pwent)
}
wheel = grp->gr_gid;
@ -52,7 +43,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
return ACCOUNT_TYPE_STANDARD;
}
@@ -247,12 +264,21 @@ user_local_update_from_pwent (User *user,
@@ -245,12 +262,21 @@ user_local_update_from_pwent (User *user,
passwd = spent->sp_pwdp;
#endif
@ -74,7 +65,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
if (user->locked != locked) {
user->locked = locked;
@@ -376,7 +402,7 @@ save_extra_data (User *user)
@@ -374,7 +400,7 @@ save_extra_data (User *user)
error = NULL;
data = g_key_file_to_data (keyfile, NULL, &error);
if (error == NULL) {
@ -83,7 +74,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
user->user_name,
NULL);
g_file_set_contents (filename, data, -1, &error);
@@ -397,9 +423,10 @@ move_extra_data (const gchar *old_name,
@@ -395,9 +421,10 @@ move_extra_data (const gchar *old_name,
gchar *old_filename;
gchar *new_filename;
@ -96,14 +87,14 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
new_name, NULL);
g_rename (old_filename, new_filename);
@@ -1183,17 +1210,34 @@ user_change_locked_authorized_cb (Daemon
@@ -1199,17 +1226,34 @@ user_change_locked_authorized_cb (Daemon
{
gboolean locked = GPOINTER_TO_INT (data);
GError *error;
+#ifndef __OpenBSD__
const gchar *argv[5];
+#else
+ gchar *argv[6];
+ const gchar *argv[6];
+ gchar *lockshell, *nolockshell;
+ lockshell = g_strjoin (NULL, user->shell, "-", NULL);
+ nolockshell = g_strdup (user->shell);
@ -131,7 +122,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
error = NULL;
if (!spawn_with_login_uid (context, argv, &error)) {
@@ -1202,6 +1246,11 @@ user_change_locked_authorized_cb (Daemon
@@ -1218,6 +1262,11 @@ user_change_locked_authorized_cb (Daemon
return;
}
@ -143,7 +134,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
user->locked = locked;
accounts_user_emit_changed (ACCOUNTS_USER (user));
@@ -1239,13 +1288,23 @@ user_change_account_type_authorized_cb (Daemon
@@ -1255,13 +1304,23 @@ user_change_account_type_authorized_cb (Daemon
{
AccountType account_type = GPOINTER_TO_INT (data);
GError *error;
@ -161,13 +152,13 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
+#ifndef __OpenBSD__
const gchar *argv[6];
+#else
+ gchar *argv[8];
+ gchar *class;
+ const gchar *argv[8];
+ gchar *class;
+#endif
if (user->account_type != account_type) {
sys_log (context,
@@ -1259,33 +1318,66 @@ user_change_account_type_authorized_cb (Daemon
@@ -1275,33 +1334,66 @@ user_change_account_type_authorized_cb (Daemon
}
wheel = grp->gr_gid;
@ -234,7 +225,7 @@ $OpenBSD: patch-src_user_c,v 1.12 2012/03/28 09:05:54 ajacoutot Exp $
g_string_free (str, FALSE);
@@ -1394,10 +1486,18 @@ user_change_password_mode_authorized_cb (Daemon
@@ -1410,10 +1502,18 @@ user_change_password_mode_authorized_cb (Daemon
}
else if (user->locked) {
argv[0] = "/usr/sbin/usermod";

86
sysutils/accountsservice/patches/patch-src_util_c
View File

@ -1,10 +1,10 @@
$OpenBSD: patch-src_util_c,v 1.7 2012/03/28 09:05:54 ajacoutot Exp $
$OpenBSD: patch-src_util_c,v 1.8 2012/07/05 07:18:59 ajacoutot Exp $
We don't use /proc on OpenBSD.
--- src/util.c.orig Mon Mar 26 22:39:21 2012
+++ src/util.c Wed Mar 28 10:52:44 2012
@@ -32,6 +32,14 @@
--- src/util.c.orig Thu Jun 28 17:28:15 2012
+++ src/util.c Thu Jul 5 09:01:58 2012
@@ -32,11 +32,20 @@
#include <polkit/polkit.h>
@ -18,54 +18,27 @@ We don't use /proc on OpenBSD.
+
#include "util.h"
@@ -40,11 +48,13 @@ _polkit_subject_get_cmdline (PolkitSubject *subject, g
static gchar *
get_cmdline_of_pid (GPid pid)
{
PolkitSubject *process;
gchar *ret;
+ GError *error;
+#ifndef __OpenBSD__
gchar *ret;
gchar *filename;
gchar *contents;
gsize contents_len;
- GError *error;
guint n;
+#endif
g_return_val_if_fail (subject != NULL, NULL);
@@ -52,8 +62,10 @@ _polkit_subject_get_cmdline (PolkitSubject *subject, g
ret = NULL;
process = NULL;
+#ifndef __OpenBSD__
filename = NULL;
contents = NULL;
+#endif
if (POLKIT_IS_UNIX_PROCESS (subject))
{
@@ -82,6 +94,7 @@ _polkit_subject_get_cmdline (PolkitSubject *subject, g
*pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (process));
*uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (process));
+#ifndef __OpenBSD__
filename = g_strdup_printf ("/proc/%d/cmdline", *pid);
if (!g_file_get_contents (filename,
@@ -110,6 +123,28 @@ _polkit_subject_get_cmdline (PolkitSubject *subject, g
@@ -70,7 +79,30 @@ get_cmdline_of_pid (GPid pid)
out:
g_free (filename);
g_free (contents);
if (process != NULL)
g_object_unref (process);
+#else
+#else /* OpenBSD */
+ gchar *ret;
+ int nproc;
+ struct kinfo_proc *kp;
+ char **pargv;
+
+ if ((kd = kvm_openfiles(NULL, NULL, NULL, KVM_NO_FILES, NULL)) == NULL)
+ return ret;
+ goto out;
+
+ if ((kp = kvm_getprocs(kd, KERN_PROC_PID, *pid, sizeof(*kp), &nproc)) == NULL)
+ if ((kp = kvm_getprocs(kd, KERN_PROC_PID, pid, sizeof(*kp), &nproc)) == NULL)
+ goto out;
+
+ if ((kp->p_flag & P_SYSTEM) != 0)
@ -79,36 +52,11 @@ We don't use /proc on OpenBSD.
+out:
+ kvm_close(kd);
+#endif
+
return ret;
}
@@ -164,14 +199,17 @@ get_caller_loginuid (GDBusMethodInvocation *context, g
gchar *cmdline;
gint pid;
gint uid;
+#ifndef __OpenBSD__
gchar *path;
gchar *buf;
+#endif
subject = polkit_system_bus_name_new (g_dbus_method_invocation_get_sender (context));
cmdline = _polkit_subject_get_cmdline (subject, &pid, &uid);
g_free (cmdline);
g_object_unref (subject);
+#ifndef __OpenBSD__
path = g_strdup_printf ("/proc/%d/loginuid", pid);
if (g_file_get_contents (path, &buf, NULL, NULL)) {
strncpy (loginuid, buf, size);
@@ -182,17 +220,22 @@ get_caller_loginuid (GDBusMethodInvocation *context, g
}
g_free (path);
+#else
+ g_snprintf (loginuid, size, "%d", uid);
+#endif
}
@@ -204,12 +236,14 @@ get_caller_loginuid (GDBusMethodInvocation *context, g
static void
setup_loginuid (gpointer data)
{