X Strike Force XFree86 SVN commit: rev 633 - in branches/4.3.0/sid/debian: . patches
Author: branden
Date: 2003-10-07 21:34:31 -0500 (Tue, 07 Oct 2003)
New Revision: 633
Modified:
branches/4.3.0/sid/debian/changelog
branches/4.3.0/sid/debian/patches/000_post430.diff
branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff
branches/4.3.0/sid/debian/patches/067_fix_X11_and_xdm_build_problems.diff
Log:
Grab latest fixes to upstream CVS xf-4_3-branch.
- debian/patches/000_post430.diff:
+ (xc/programs/xdm/genauth.c):
Build fixes (Branden Robinson, Matthieu Herrb).
+ (xc/programs/xdm/session.c):
Use pam_strerror() to print an error message after pam_setcred()
fails, C style unification (Branden Robinson).
+ (xc/programs/xdm/prngc.c):
improve portability:
- use the already defined X_NO_SYS_UN symbol for sys/un.h inclusion
- don't use struct sockaddr_storage
- debian/patches/002_xdm_fixes.diff:
+ resynchronize and drop patches applied upstream
+ more stylistic cleanups to session.c
- debian/patches/067_fix_X11_and_xdm_build_problems.diff: drop patches
applied upstream
Modified: branches/4.3.0/sid/debian/changelog
===================================================================
--- branches/4.3.0/sid/debian/changelog 2003-10-08 02:27:36 UTC (rev 632)
+++ branches/4.3.0/sid/debian/changelog 2003-10-08 02:34:31 UTC (rev 633)
@@ -12,8 +12,25 @@
- debian/xlibs-dbg.install: add libXv.so.1.0
- debian/xlibs-dbg.links: add libXv link
- -- Branden Robinson <branden@debian.org> Fri, 3 Oct 2003 01:19:52 -0500
+ * Grab latest fixes to upstream CVS xf-4_3-branch.
+ - debian/patches/000_post430.diff:
+ + (xc/programs/xdm/genauth.c):
+ Build fixes (Branden Robinson, Matthieu Herrb).
+ + (xc/programs/xdm/session.c):
+ Use pam_strerror() to print an error message after pam_setcred()
+ fails, C style unification (Branden Robinson).
+ + (xc/programs/xdm/prngc.c):
+ improve portability:
+ - use the already defined X_NO_SYS_UN symbol for sys/un.h inclusion
+ - don't use struct sockaddr_storage
+ - debian/patches/002_xdm_fixes.diff:
+ + resynchronize and drop patches applied upstream
+ + more stylistic cleanups to session.c
+ - debian/patches/067_fix_X11_and_xdm_build_problems.diff: drop patches
+ applied upstream
+ -- Branden Robinson <branden@debian.org> Tue, 7 Oct 2003 21:28:53 -0500
+
xfree86 (4.3.0-0pre1v3) experimental; urgency=high
* Update pam_setcred() security fix to xdm to use pam_error and
Modified: branches/4.3.0/sid/debian/patches/000_post430.diff
===================================================================
--- branches/4.3.0/sid/debian/patches/000_post430.diff 2003-10-08 02:27:36 UTC (rev 632)
+++ branches/4.3.0/sid/debian/patches/000_post430.diff 2003-10-08 02:34:31 UTC (rev 633)
@@ -244,6 +244,18 @@
(xc/lib/FS/{FSFtNames.c,FSGetCats.c,FSListCats.c,FSListExt.c}):
Fix overflows in the test for integer overflows. Reported by Paul Anderson.
+(xc/programs/xdm/genauth.c):
+ Build fixes (Branden Robinson, Matthieu Herrb).
+
+(xc/programs/xdm/session.c):
+ Use pam_strerror() to print an error message after pam_setcred() fails,
+ C style unification (Branden Robinson).
+
+(xc/programs/xdm/prngc.c):
+ improve portability:
+ - use the already defined X_NO_SYS_UN symbol for sys/un.h inclusion
+ - don't use struct sockaddr_storage
+
Index: xc/config/cf/NetBSD.cf
===================================================================
RCS file: /cvs/xc/config/cf/NetBSD.cf,v
@@ -5816,16 +5828,16 @@
===================================================================
RCS file: /cvs/xc/programs/xdm/genauth.c,v
retrieving revision 3.15
-retrieving revision 3.15.2.1
-diff -u -r3.15 -r3.15.2.1
+retrieving revision 3.15.2.2
+diff -u -r3.15 -r3.15.2.2
--- xc/programs/xdm/genauth.c 6 Oct 2002 18:12:29 -0000 3.15
-+++ xc/programs/xdm/genauth.c 17 Sep 2003 05:58:16 -0000 3.15.2.1
++++ xc/programs/xdm/genauth.c 29 Sep 2003 20:27:30 -0000 3.15.2.2
@@ -26,7 +26,7 @@
from The Open Group.
*/
-/* $XFree86: xc/programs/xdm/genauth.c,v 3.15 2002/10/06 18:12:29 herrb Exp $ */
-+/* $XFree86: xc/programs/xdm/genauth.c,v 3.15.2.1 2003/09/17 05:58:16 herrb Exp $ */
++/* $XFree86: xc/programs/xdm/genauth.c,v 3.15.2.2 2003/09/29 20:27:30 herrb Exp $ */
/*
* xdm - display manager daemon
@@ -5833,7 +5845,7 @@
#include <time.h>
#define Time_t time_t
-+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM) && !defined(HASXDMAUTH)
++#ifdef HASXDMAUTH
static unsigned char key[8];
+#endif
+
@@ -5843,8 +5855,20 @@
#ifdef HASXDMAUTH
-@@ -66,66 +72,295 @@
+@@ -53,7 +59,10 @@
+ typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
+
+-extern void _XdmcpWrapperToOddParity();
++extern int _XdmcpAuthSetup(unsigned char *, auth_wrapper_schedule);
++extern int _XdmcpAuthDoIt(unsigned char *, unsigned char *,
++ auth_wrapper_schedule, int);
++extern void _XdmcpWrapperToOddParity(unsigned char *, unsigned char *);
+
+ static void
+ longtochars (long l, unsigned char *c)
+@@ -66,66 +75,295 @@
+
#endif
-# define FILE_LIMIT 1024 /* no more than this many buffers */
@@ -6159,7 +6183,8 @@
sum[1] = arc4random();
*(u_char *)sum = 0;
- _XdmcpWrapperToOddParity(sum, key);
+- _XdmcpWrapperToOddParity(sum, key);
++ _XdmcpWrapperToOddParity((unsigned char *)sum, key);
+#else
+ unsigned char tmpkey[8];
@@ -6175,7 +6200,7 @@
tmpkey[0] = 0;
_XdmcpWrapperToOddParity(tmpkey, key);
close(fd);
-@@ -133,15 +368,26 @@
+@@ -133,15 +371,27 @@
} else {
close(fd);
}
@@ -6192,8 +6217,9 @@
- sum[1] = time ((Time_t *) 0);
+#endif
+ /* Try some pseudo-random number genrator daemon next */
-+ if (prngdSocket != NULL || prngdPort != NULL) {
-+ if (get_prngd_bytes(tmpkey, len, prngdPort, prngdSocket) == 0) {
++ if (prngdSocket != NULL || prngdPort != 0) {
++ if (get_prngd_bytes(tmpkey, sizeof(tmpkey), prngdPort,
++ prngdSocket) == 0) {
+ tmpkey[0] = 0;
+ _XdmcpWrapperToOddParity(tmpkey, key);
+ return;
@@ -6209,7 +6235,7 @@
longtochars (sum[0], tmpkey+0);
longtochars (sum[1], tmpkey+4);
tmpkey[0] = 0;
-@@ -151,115 +397,84 @@
+@@ -151,115 +401,84 @@
#endif
@@ -6239,7 +6265,7 @@
GenerateAuthData (char *auth, int len)
{
+#ifdef HASXDMAUTH
-+ int bit;
++ int i, bit;
+ auth_wrapper_schedule schedule;
+ unsigned char data[8];
+ static int xdmcpAuthInited;
@@ -6495,9 +6521,9 @@
RCS file: xc/programs/xdm/prngc.c
diff -N xc/programs/xdm/prngc.c
--- /dev/null 1 Jan 1970 00:00:00 -0000
-+++ xc/programs/xdm/prngc.c 17 Sep 2003 05:58:16 -0000 1.1.2.1
-@@ -0,0 +1,188 @@
-+/* $XFree86: xc/programs/xdm/prngc.c,v 1.1.2.1 2003/09/17 05:58:16 herrb Exp $ */
++++ xc/programs/xdm/prngc.c 29 Sep 2003 21:16:15 -0000 1.1.2.2
+@@ -0,0 +1,193 @@
++/* $XFree86: xc/programs/xdm/prngc.c,v 1.1.2.2 2003/09/29 21:16:15 herrb Exp $ */
+/* Code grabbed from OpenSSH - portable version */
+/*
+ * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
@@ -6524,15 +6550,17 @@
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
-+#if defined(CSRG_BASED) || defined(linux)
-+# define HAVE_SYS_UN_H
-+#endif
+
+#include <sys/types.h>
+#include <sys/socket.h>
-+#ifdef HAVE_SYS_UN_H
-+#include <sys/un.h>
++#include <X11/Xos.h>
++#ifndef X_NO_SYS_UN
++#ifndef Lynx
++#include <sys/un.h>
++#else
++#include <un.h>
+#endif
++#endif
+#include <netinet/in.h>
+#include <errno.h>
+#include <signal.h>
@@ -6563,9 +6591,10 @@
+{
+ int fd, addr_len, rval, errors;
+ char msg[2];
-+ struct sockaddr_storage addr;
-+ struct sockaddr_in *addr_in = (struct sockaddr_in *)&addr;
-+ struct sockaddr_un *addr_un = (struct sockaddr_un *)&addr;
++ struct sockaddr *addr;
++ struct sockaddr_in addr_in;
++ struct sockaddr_un addr_un;
++ int af;
+ void (*old_sigpipe)(int);
+
+ /* Sanity checks */
@@ -6575,7 +6604,7 @@
+ return -1;
+ }
+ if (socket_path != NULL &&
-+ strlen(socket_path) >= sizeof(addr_un->sun_path)) {
++ strlen(socket_path) >= sizeof(addr_un.sun_path)) {
+ LogError("get_random_prngd: Random pool path is too long\n");
+ return -1;
+ }
@@ -6585,19 +6614,21 @@
+ return -1;
+ }
+
-+ memset(&addr, '\0', sizeof(addr));
++ memset(&addr_in, '\0', sizeof(addr));
+
+ if (tcp_port != 0) {
-+ addr_in->sin_family = AF_INET;
-+ addr_in->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
-+ addr_in->sin_port = htons(tcp_port);
-+ addr_len = sizeof(*addr_in);
++ af = addr_in.sin_family = AF_INET;
++ addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
++ addr_in.sin_port = htons(tcp_port);
++ addr_len = sizeof(addr_in);
++ addr = (struct sockaddr *)&addr_in;
+ } else {
-+ addr_un->sun_family = AF_UNIX;
-+ strncpy(addr_un->sun_path, socket_path,
-+ sizeof(addr_un->sun_path));
++ af = addr_un.sun_family = AF_UNIX;
++ strncpy(addr_un.sun_path, socket_path,
++ sizeof(addr_un.sun_path));
+ addr_len = offsetof(struct sockaddr_un, sun_path) +
+ strlen(socket_path) + 1;
++ addr = (struct sockaddr *)&addr_un;
+ }
+
+ old_sigpipe = signal(SIGPIPE, SIG_IGN);
@@ -6605,20 +6636,20 @@
+ errors = 0;
+ rval = -1;
+reopen:
-+ fd = socket(addr.ss_family, SOCK_STREAM, 0);
++ fd = socket(af, SOCK_STREAM, 0);
+ if (fd == -1) {
+ LogInfo("Couldn't create socket: %s\n", strerror(errno));
+ goto done;
+ }
+
-+ if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {
-+ if (tcp_port != 0) {
++ if (connect(fd, (struct sockaddr*)addr, addr_len) == -1) {
++ if (af == AF_INET) {
+ LogInfo("Couldn't connect to PRNGD port %d: %s\n",
+ tcp_port, strerror(errno));
+ } else {
+ LogInfo("Couldn't connect to PRNGD socket"
+ " \"%s\": %s\n",
-+ addr_un->sun_path, strerror(errno));
++ addr_un.sun_path, strerror(errno));
+ }
+ goto done;
+ }
@@ -6878,64 +6909,394 @@
===================================================================
RCS file: /cvs/xc/programs/xdm/session.c,v
retrieving revision 3.33
-retrieving revision 3.33.4.1
-diff -u -r3.33 -r3.33.4.1
+retrieving revision 3.33.4.2
+diff -u -r3.33 -r3.33.4.2
--- xc/programs/xdm/session.c 14 Dec 2001 20:01:23 -0000 3.33
-+++ xc/programs/xdm/session.c 17 Sep 2003 05:58:16 -0000 3.33.4.1
++++ xc/programs/xdm/session.c 29 Sep 2003 21:01:09 -0000 3.33.4.2
@@ -26,7 +26,7 @@
from The Open Group.
*/
-/* $XFree86: xc/programs/xdm/session.c,v 3.33 2001/12/14 20:01:23 dawes Exp $ */
-+/* $XFree86: xc/programs/xdm/session.c,v 3.33.4.1 2003/09/17 05:58:16 herrb Exp $ */
++/* $XFree86: xc/programs/xdm/session.c,v 3.33.4.2 2003/09/29 21:01:09 herrb Exp $ */
/*
* xdm - display manager daemon
-@@ -54,6 +54,7 @@
+@@ -54,23 +54,24 @@
#ifdef SECURE_RPC
# include <rpc/rpc.h>
# include <rpc/key_prot.h>
-+extern int key_setnet(struct key_netstarg *arg);
++extern int key_setnet(struct key_netstarg *arg);
#endif
#ifdef K5AUTH
# include <krb5/krb5.h>
-@@ -68,7 +69,7 @@
+ #endif
+ #ifndef GREET_USER_STATIC
+-#include <dlfcn.h>
+-#ifndef RTLD_NOW
+-#define RTLD_NOW 1
+-#endif
++# include <dlfcn.h>
++# ifndef RTLD_NOW
++# define RTLD_NOW 1
++# endif
+ #endif
+
static int runAndWait (char **args, char **environ);
-#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__)
-+#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun)
- #include <sys/types.h>
- #include <grp.h>
+-#include <sys/types.h>
+-#include <grp.h>
++#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun) || defined(__GLIBC__)
++# include <sys/types.h>
++# include <grp.h>
#else
-@@ -79,9 +80,13 @@
+ /* should be in <grp.h> */
+ extern void setgrent(void);
+@@ -79,27 +80,34 @@
#endif
#ifdef USESHADOW
-+#if defined(SVR4)
-+#include <shadow.h>
-+#else
++# if defined(SVR4)
++# include <shadow.h>
++# else
extern struct spwd *getspnam(GETSPNAM_ARGS);
extern void endspent(void);
++# endif
#endif
+-#if defined(CSRG_BASED)
+-#include <pwd.h>
+-#include <unistd.h>
++#if defined(CSRG_BASED) || defined(__GLIBC__)
++# include <pwd.h>
++# include <unistd.h>
+ #else
+ extern struct passwd *getpwnam(GETPWNAM_ARGS);
+-#ifdef linux
++# ifdef linux
+ extern void endpwent(void);
+-#endif
++# endif
+ extern char *crypt(CRYPT_ARGS);
+ #endif
++
+ #ifdef USE_PAM
+-pam_handle_t **thepamhp()
++pam_handle_t **
++thepamhp(void)
+ {
+ static pam_handle_t *pamh = NULL;
+ return &pamh;
+ }
+
+-pam_handle_t *thepamh()
++pam_handle_t *
++thepamh(void)
+ {
+ pam_handle_t **pamhp;
+
+@@ -136,12 +144,12 @@
+ endgrent,
+ #ifdef USESHADOW
+ getspnam,
+-#ifndef QNX4
++# ifndef QNX4
+ endspent,
+-#endif /* QNX4 doesn't use endspent */
++# endif /* QNX4 doesn't use endspent */
+ #endif
+ getpwnam,
+-#ifdef linux
++#if defined(linux) || defined(__GLIBC__)
+ endpwent,
+ #endif
+ crypt,
+@@ -189,7 +197,7 @@
+ }
+
+ #if defined(_POSIX_SOURCE) || defined(SYSV) || defined(SVR4)
+-#define killpg(pgrp, sig) kill(-(pgrp), sig)
++# define killpg(pgrp, sig) kill(-(pgrp), sig)
+ #endif
+
+ static void
+@@ -226,8 +234,7 @@
+ void
+ SessionPingFailed (struct display *d)
+ {
+- if (clientPid > 1)
+- {
++ if (clientPid > 1) {
+ AbortClient (clientPid);
+ source (verify.systemEnviron, d->reset);
+ }
+@@ -246,7 +253,7 @@
+ static int
+ IOErrorHandler (Display *dpy)
+ {
+- LogError("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
++ LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
+ exit(RESERVER_DISPLAY);
+ /*NOTREACHED*/
+ return 0;
+@@ -255,7 +262,7 @@
+ static int
+ ErrorHandler(Display *dpy, XErrorEvent *event)
+ {
+- LogError("X error\n");
++ LogError ("X error\n");
+ if (XmuPrintDefaultErrorMessage (dpy, event, stderr) == 0) return 0;
+ exit(UNMANAGE_DISPLAY);
+ /*NOTREACHED*/
+@@ -266,7 +273,7 @@
+ {
+ static int pid = 0;
+ Display *dpy;
+- greet_user_rtn greet_stat;
++ greet_user_rtn greet_stat;
+ static GreetUserProc greet_user_proc = NULL;
+ #ifndef GREET_USER_STATIC
+ void *greet_lib_handle;
+@@ -288,13 +295,12 @@
+ #ifdef GREET_USER_STATIC
+ greet_user_proc = GreetUser;
+ #else
+- Debug("ManageSession: loading greeter library %s\n", greeterLib);
++ Debug ("ManageSession: loading greeter library %s\n", greeterLib);
+ greet_lib_handle = dlopen(greeterLib, RTLD_NOW);
+ if (greet_lib_handle != NULL)
+ greet_user_proc = (GreetUserProc)dlsym(greet_lib_handle, "GreetUser");
+- if (greet_user_proc == NULL)
+- {
+- LogError("%s while loading %s\n", dlerror(), greeterLib);
++ if (greet_user_proc == NULL) {
++ LogError ("%s while loading %s\n", dlerror(), greeterLib);
+ exit(UNMANAGE_DISPLAY);
+ }
+ #endif
+@@ -306,8 +312,7 @@
+ greet.version = 1;
+ greet_stat = (*greet_user_proc)(d, &dpy, &verify, &greet, &dlfuncs);
+
+- if (greet_stat == Greet_Success)
+- {
++ if (greet_stat == Greet_Success) {
+ clientPid = 0;
+ if (!Setjmp (abortSession)) {
+ (void) Signal (SIGTERM, catchTerm);
+@@ -322,29 +327,23 @@
+ /* Save memory; close library */
+ dlclose(greet_lib_handle);
+ #endif
+-
++
+ /*
+ * Wait for session to end,
+ */
+ for (;;) {
+- if (d->pingInterval)
+- {
+- if (!Setjmp (pingTime))
+- {
++ if (d->pingInterval) {
++ if (!Setjmp (pingTime)) {
+ (void) Signal (SIGALRM, catchAlrm);
+ (void) alarm (d->pingInterval * 60);
+ pid = wait ((waitType *) 0);
+ (void) alarm (0);
+- }
+- else
+- {
++ } else {
+ (void) alarm (0);
+ if (!PingServer (d, (Display *) NULL))
+ SessionPingFailed (d);
+ }
+- }
+- else
+- {
++ } else {
+ pid = wait ((waitType *) 0);
+ }
+ if (pid == clientPid)
+@@ -391,8 +390,7 @@
+ {
+ char **env = 0;
+
+- if (d->setup && d->setup[0])
+- {
++ if (d->setup && d->setup[0]) {
+ env = systemEnv (d, (char *) 0, (char *) 0);
+ (void) source (env, d->setup);
+ freeEnv (env);
+@@ -436,8 +434,7 @@
+ Debug ("Before XGrabServer %s\n", d->name);
+ XGrabServer (dpy);
+ if (XGrabKeyboard (dpy, DefaultRootWindow (dpy), True, GrabModeAsync,
+- GrabModeAsync, CurrentTime) != GrabSuccess)
+- {
++ GrabModeAsync, CurrentTime) != GrabSuccess) {
+ (void) alarm (0);
+ (void) Signal (SIGALRM, SIG_DFL);
+ LogError ("WARNING: keyboard on display %s could not be secured\n",
+@@ -448,8 +445,7 @@
+ (void) alarm (0);
+ (void) Signal (SIGALRM, SIG_DFL);
+ pseudoReset (dpy);
+- if (!d->grabServer)
+- {
++ if (!d->grabServer) {
+ XUngrabServer (dpy);
+ XSync (dpy, 0);
+ }
+@@ -460,8 +456,7 @@
+ UnsecureDisplay (struct display *d, Display *dpy)
+ {
+ Debug ("Unsecure display %s\n", d->name);
+- if (d->grabServer)
+- {
++ if (d->grabServer) {
+ XUngrabServer (dpy);
+ XSync (dpy, 0);
+ }
+@@ -487,8 +482,7 @@
+ kill (d->serverPid, d->resetSignal);
+ else
+ ResetServer (d);
+- if (removeAuth)
+- {
++ if (removeAuth) {
+ setgid (verify.gid);
+ setuid (verify.uid);
+ RemoveUserAuthorization (d, &verify);
+@@ -500,7 +494,7 @@
+
+ code = Krb5DisplayCCache(d->name, &ccache);
+ if (code)
+- LogError("%s while getting Krb5 ccache to destroy\n",
++ LogError ("%s while getting Krb5 ccache to destroy\n",
+ error_message(code));
+ else {
+ code = krb5_cc_destroy(ccache);
+@@ -508,7 +502,7 @@
+ if (code == KRB5_FCC_NOFILE) {
+ Debug ("No Kerberos ccache file found to destroy\n");
+ } else
+- LogError("%s while destroying Krb5 credentials cache\n",
++ LogError ("%s while destroying Krb5 credentials cache\n",
+ error_message(code));
+ } else
+ Debug ("Kerberos ccache destroyed\n");
+@@ -535,8 +529,9 @@
+ #ifdef HAS_SETUSERCONTEXT
+ struct passwd* pwd;
+ #endif
+-#ifdef USE_PAM
+- pam_handle_t *pamh = thepamh();
++#ifdef USE_PAM
++ pam_handle_t *pamh = thepamh ();
++ int pam_error;
+ #endif
+
+ if (verify->argv) {
+@@ -552,7 +547,7 @@
+ }
+ #ifdef USE_PAM
+ if (pamh) pam_open_session(pamh, 0);
+-#endif
+#endif
- #if defined(CSRG_BASED)
- #include <pwd.h>
- #include <unistd.h>
-@@ -599,7 +604,11 @@
+ switch (pid = fork ()) {
+ case 0:
+ CleanUpChild ();
+@@ -577,34 +572,35 @@
+
+ #ifndef AIXV3
+ #ifndef HAS_SETUSERCONTEXT
+- if (setgid(verify->gid) < 0)
+- {
+- LogError("setgid %d (user \"%s\") failed, errno=%d\n",
++ if (setgid(verify->gid) < 0) {
++ LogError ("setgid %d (user \"%s\") failed, errno=%d\n",
+ verify->gid, name, errno);
+ return (0);
+ }
+ #if defined(BSD) && (BSD >= 199103)
+- if (setlogin(name) < 0)
+- {
+- LogError("setlogin for \"%s\" failed, errno=%d", name, errno);
++ if (setlogin(name) < 0) {
++ LogError ("setlogin for \"%s\" failed, errno=%d", name, errno);
+ return(0);
+ }
+ #endif
+ #ifndef QNX4
+- if (initgroups(name, verify->gid) < 0)
+- {
+- LogError("initgroups for \"%s\" failed, errno=%d\n", name, errno);
++ if (initgroups(name, verify->gid) < 0) {
++ LogError ("initgroups for \"%s\" failed, errno=%d\n", name, errno);
+ return (0);
+ }
#endif /* QNX4 doesn't support multi-groups, no initgroups() */
#ifdef USE_PAM
- if (thepamh()) {
+- if (thepamh()) {
- pam_setcred(thepamh(), PAM_ESTABLISH_CRED);
-+ if (pam_setcred(thepamh(), PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
-+ LogError("pam_setcred for %\"s failed, errno=%d\n",
-+ name, errno);
++ if (pamh) {
++ pam_error = pam_setcred (pamh, PAM_ESTABLISH_CRED);
++ if (pam_error != PAM_SUCCESS) {
++ LogError ("pam_setcred for \"%s\" failed: %s\n",
++ name, pam_strerror(pamh, pam_error));
+ return(0);
+ }
}
#endif
- if (setuid(verify->uid) < 0)
-@@ -652,6 +661,7 @@
+- if (setuid(verify->uid) < 0)
+- {
+- LogError("setuid %d (user \"%s\") failed, errno=%d\n",
++ if (setuid(verify->uid) < 0) {
++ LogError ("setuid %d (user \"%s\") failed, errno=%d\n",
+ verify->uid, name, errno);
+ return (0);
+ }
+@@ -614,19 +610,15 @@
+ * environment variables, resource limits, and umask.
+ */
+ pwd = getpwnam(name);
+- if (pwd)
+- {
+- if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0)
+- {
+- LogError("setusercontext for \"%s\" failed, errno=%d\n", name,
++ if (pwd) {
++ if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
++ LogError ("setusercontext for \"%s\" failed, errno=%d\n", name,
+ errno);
+ return (0);
+ }
+ endpwent();
+- }
+- else
+- {
+- LogError("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
++ } else {
++ LogError ("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
+ return (0);
+ }
+ #endif /* HAS_SETUSERCONTEXT */
+@@ -635,9 +627,8 @@
+ * Set the user's credentials: uid, gid, groups,
+ * audit classes, user limits, and umask.
+ */
+- if (setpcred(name, NULL) == -1)
+- {
+- LogError("setpcred for \"%s\" failed, errno=%d\n", name, errno);
++ if (setpcred(name, NULL) == -1) {
++ LogError ("setpcred for \"%s\" failed, errno=%d\n", name, errno);
+ return (0);
+ }
+ #endif /* AIXV3 */
+@@ -652,6 +643,7 @@
char netname[MAXNETNAMELEN+1], secretkey[HEXKEYBYTES+1];
int nameret, keyret;
int len;
@@ -6943,7 +7304,7 @@
int key_set_ok = 0;
nameret = getnetname (netname);
-@@ -662,6 +672,13 @@
+@@ -662,34 +654,34 @@
keyret = getsecretkey(netname,secretkey,passwd);
Debug ("getsecretkey returns %d, key length %d\n",
keyret, strlen (secretkey));
@@ -6951,12 +7312,106 @@
+ netst.st_netname = strdup(netname);
+ memset(netst.st_pub_key, 0, HEXKEYBYTES);
+ if (key_setnet(&netst) < 0) {
-+ Debug("Could not set secret key.\n");
++ Debug ("Could not set secret key.\n");
+ }
-+ free(netst.st_netname);
++ free(netst.st_netname);
/* is there a key, and do we have the right password? */
- if (keyret == 1)
- {
+- if (keyret == 1)
+- {
+- if (*secretkey)
+- {
++ if (keyret == 1) {
++ if (*secretkey) {
+ keyret = key_setsecret(secretkey);
+ Debug ("key_setsecret returns %d\n", keyret);
+ if (keyret == -1)
+ LogError ("failed to set NIS secret key\n");
+ else
+ key_set_ok = 1;
+- }
+- else
+- {
++ } else {
+ /* found a key, but couldn't interpret it */
+ LogError ("password incorrect for NIS principal \"%s\"\n",
+ nameret ? netname : name);
+ }
+ }
+- if (!key_set_ok)
+- {
++ if (!key_set_ok) {
+ /* remove SUN-DES-1 from authorizations list */
+ int i, j;
+- for (i = 0; i < d->authNum; i++)
+- {
++ for (i = 0; i < d->authNum; i++) {
+ if (d->authorizations[i]->name_length == 9 &&
+- memcmp(d->authorizations[i]->name, "SUN-DES-1", 9) == 0)
+- {
++ memcmp(d->authorizations[i]->name, "SUN-DES-1", 9) == 0) {
+ for (j = i+1; j < d->authNum; j++)
+ d->authorizations[j-1] = d->authorizations[j];
+ d->authNum--;
+@@ -714,11 +706,9 @@
+ setEnv(verify->userEnviron,
+ "KRB5CCNAME", Krb5CCacheName(d->name));
+ } else {
+- for (i = 0; i < d->authNum; i++)
+- {
++ for (i = 0; i < d->authNum; i++) {
+ if (d->authorizations[i]->name_length == 14 &&
+- memcmp(d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0)
+- {
++ memcmp(d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0) {
+ /* remove Kerberos from authorizations list */
+ for (j = i+1; j < d->authNum; j++)
+ d->authorizations[j-1] = d->authorizations[j];
+@@ -773,8 +763,7 @@
+ if (file && file[0]) {
+ Debug ("source %s\n", file);
+ args = parseArgs ((char **) 0, file);
+- if (!args)
+- {
++ if (!args) {
+ args = args_safe;
+ args[0] = file;
+ args[1] = NULL;
+@@ -841,8 +830,7 @@
+ f = fopen (argv[0], "r");
+ if (!f)
+ return;
+- if (fgets (program, sizeof (program) - 1, f) == NULL)
+- {
++ if (fgets (program, sizeof (program) - 1, f) == NULL) {
+ fclose (f);
+ return;
+ }
+@@ -894,8 +882,7 @@
+ char **env, **exp, *value;
+
+ env = 0;
+- for (exp = exportList; exp && *exp; ++exp)
+- {
++ for (exp = exportList; exp && *exp; ++exp) {
+ value = getenv (*exp);
+ if (value)
+ env = setEnv (env, *exp, value);
+@@ -907,13 +894,12 @@
+ systemEnv (struct display *d, char *user, char *home)
+ {
+ char **env;
+-
++
+ env = defaultEnv ();
+ env = setEnv (env, "DISPLAY", d->name);
+ if (home)
+ env = setEnv (env, "HOME", home);
+- if (user)
+- {
++ if (user) {
+ env = setEnv (env, "USER", user);
+ env = setEnv (env, "LOGNAME", user);
+ }
Index: xc/programs/xdm/socket.c
===================================================================
RCS file: /cvs/xc/programs/xdm/socket.c,v
Modified: branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff
===================================================================
--- branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff 2003-10-08 02:27:36 UTC (rev 632)
+++ branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff 2003-10-08 02:34:31 UTC (rev 633)
@@ -4,7 +4,8 @@
These patches do a number of things:
-Not submitted upstream yet.
+Submitted upstream to Matthieu Herrb on 2003-09-24.
+ + except for latest changes to genauth.c and session.c
* xc/config/cf/gnu.cf:
The Hurd has a pollable /dev/random device.
@@ -1824,8 +1825,8 @@
}
d->displayType = displayType;
diff -urN xc/programs/xdm~/genauth.c xc/programs/xdm/genauth.c
---- xc/programs/xdm~/genauth.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/genauth.c 2003-09-21 15:41:15.000000000 -0500
+--- xc/programs/xdm~/genauth.c 2003-10-07 18:06:53.000000000 -0500
++++ xc/programs/xdm/genauth.c 2003-10-07 18:07:41.000000000 -0500
@@ -33,14 +33,16 @@
* Author: Keith Packard, MIT X Consortium
*/
@@ -1848,20 +1849,7 @@
#include <time.h>
#define Time_t time_t
-@@ -55,12 +57,6 @@
-
- #ifdef HASXDMAUTH
-
--typedef unsigned char auth_cblock[8]; /* block size */
--
--typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
--
--extern void _XdmcpWrapperToOddParity();
--
- static void
- longtochars (long l, unsigned char *c)
- {
-@@ -336,7 +332,7 @@
+@@ -339,7 +341,7 @@
if ((offset = sumFile (randomFile, BSIZ, SEEK_SET, 0)) == BSIZ)
return;
}
@@ -1870,7 +1858,7 @@
}
#endif /* !ARC4_RANDOM && !DEV_RANDOM */
-@@ -369,7 +365,7 @@
+@@ -372,7 +374,7 @@
close(fd);
}
} else {
@@ -1879,7 +1867,7 @@
randomDevice, errno);
}
#endif
-@@ -455,10 +451,10 @@
+@@ -459,10 +461,10 @@
return 1;
}
close(fd);
@@ -2553,136 +2541,141 @@
XSetIOErrorHandler (oldError);
return 1;
}
---- xc/programs/xdm/session.c~ 2003-09-25 00:19:35.000000000 -0500
-+++ xc/programs/xdm/session.c 2003-09-25 00:29:10.000000000 -0500
-@@ -61,17 +61,17 @@
+diff -urN xc/programs/xdm~/session.c xc/programs/xdm/session.c
+--- xc/programs/xdm~/session.c 2003-10-07 18:06:53.000000000 -0500
++++ xc/programs/xdm/session.c 2003-10-07 18:24:12.000000000 -0500
+@@ -54,7 +54,7 @@
+ #ifdef SECURE_RPC
+ # include <rpc/rpc.h>
+ # include <rpc/key_prot.h>
+-extern int key_setnet(struct key_netstarg *arg);
++extern int key_setnet (struct key_netstarg *arg);
#endif
-
- #ifndef GREET_USER_STATIC
--#include <dlfcn.h>
--#ifndef RTLD_NOW
--#define RTLD_NOW 1
--#endif
-+# include <dlfcn.h>
-+# ifndef RTLD_NOW
-+# define RTLD_NOW 1
-+# endif
- #endif
-
- static int runAndWait (char **args, char **environ);
-
--#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun)
--#include <sys/types.h>
--#include <grp.h>
-+#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun) || defined(__GLIBC__)
-+# include <sys/types.h>
-+# include <grp.h>
+ #ifdef K5AUTH
+ # include <krb5/krb5.h>
+@@ -74,44 +74,44 @@
+ # include <grp.h>
#else
/* should be in <grp.h> */
- extern void setgrent(void);
-@@ -87,28 +87,34 @@
- extern void endspent(void);
+-extern void setgrent(void);
+-extern struct group *getgrent(void);
+-extern void endgrent(void);
++extern void setgrent (void);
++extern struct group *getgrent (void);
++extern void endgrent (void);
#endif
+
+ #ifdef USESHADOW
+ # if defined(SVR4)
+ # include <shadow.h>
+ # else
+-extern struct spwd *getspnam(GETSPNAM_ARGS);
+-extern void endspent(void);
++extern struct spwd *getspnam (GETSPNAM_ARGS);
++extern void endspent (void);
+ # endif
#endif
--#if defined(CSRG_BASED)
--#include <pwd.h>
--#include <unistd.h>
-+
-+#if defined(CSRG_BASED) || defined(__GLIBC__)
-+# include <pwd.h>
-+# include <unistd.h>
+ #if defined(CSRG_BASED) || defined(__GLIBC__)
+ # include <pwd.h>
+ # include <unistd.h>
#else
- extern struct passwd *getpwnam(GETPWNAM_ARGS);
--#ifdef linux
-+# ifdef linux
- extern void endpwent(void);
--#endif
-+# endif
-+# ifndef __GLIBC__
- extern char *crypt(CRYPT_ARGS);
-+# endif
+-extern struct passwd *getpwnam(GETPWNAM_ARGS);
++extern struct passwd *getpwnam (GETPWNAM_ARGS);
+ # ifdef linux
+-extern void endpwent(void);
++extern void endpwent (void);
+ # endif
+-extern char *crypt(CRYPT_ARGS);
++extern char *crypt (CRYPT_ARGS);
#endif
-+
+
#ifdef USE_PAM
--pam_handle_t **thepamhp()
-+pam_handle_t **
-+thepamhp ()
+ pam_handle_t **
+-thepamhp(void)
++thepamhp (void)
{
static pam_handle_t *pamh = NULL;
return &pamh;
}
--pam_handle_t *thepamh()
-+pam_handle_t *
-+thepamh ()
+ pam_handle_t *
+-thepamh(void)
++thepamh (void)
{
pam_handle_t **pamhp;
- pamhp = thepamhp();
-+ pamhp = thepamhp ();
++ pamhp = thepamhp ();
if (pamhp)
return *pamhp;
else
-@@ -141,12 +147,12 @@
- endgrent,
- #ifdef USESHADOW
- getspnam,
--#ifndef QNX4
-+# ifndef QNX4
- endspent,
--#endif /* QNX4 doesn't use endspent */
-+# endif /* QNX4 doesn't use endspent */
+@@ -158,7 +158,7 @@
#endif
- getpwnam,
--#ifdef linux
-+#if defined(linux) || defined(__GLIBC__)
- endpwent,
- #endif
- crypt,
-@@ -194,7 +200,7 @@
- }
+ };
- #if defined(_POSIX_SOURCE) || defined(SYSV) || defined(SVR4)
--#define killpg(pgrp, sig) kill(-(pgrp), sig)
-+# define killpg(pgrp, sig) kill(-(pgrp), sig)
- #endif
-
- static void
-@@ -251,7 +257,7 @@
+-static Bool StartClient(
++static Bool StartClient (
+ struct verify_info *verify,
+ struct display *d,
+ int *pidp,
+@@ -253,18 +253,18 @@
static int
IOErrorHandler (Display *dpy)
{
-- LogError("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
-+ LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
- exit(RESERVER_DISPLAY);
+- LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
+- exit(RESERVER_DISPLAY);
++ LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg (errno));
++ exit (RESERVER_DISPLAY);
/*NOTREACHED*/
return 0;
-@@ -260,7 +266,7 @@
+ }
+
static int
- ErrorHandler(Display *dpy, XErrorEvent *event)
+-ErrorHandler(Display *dpy, XErrorEvent *event)
++ErrorHandler (Display *dpy, XErrorEvent *event)
{
-- LogError("X error\n");
-+ LogError ("X error\n");
+ LogError ("X error\n");
if (XmuPrintDefaultErrorMessage (dpy, event, stderr) == 0) return 0;
- exit(UNMANAGE_DISPLAY);
+- exit(UNMANAGE_DISPLAY);
++ exit (UNMANAGE_DISPLAY);
/*NOTREACHED*/
-@@ -293,13 +299,13 @@
- #ifdef GREET_USER_STATIC
+ }
+
+@@ -280,12 +280,12 @@
+ #endif
+
+ Debug ("ManageSession %s\n", d->name);
+- (void)XSetIOErrorHandler(IOErrorHandler);
+- (void)XSetErrorHandler(ErrorHandler);
++ (void) XSetIOErrorHandler (IOErrorHandler);
++ (void) XSetErrorHandler (ErrorHandler);
+ #ifndef HAS_SETPROCTITLE
+- SetTitle(d->name, (char *) 0);
++ SetTitle (d->name, (char *) 0);
+ #else
+- setproctitle("%s", d->name);
++ setproctitle ("%s", d->name);
+ #endif
+ /*
+ * Load system default Resources
+@@ -296,12 +296,12 @@
greet_user_proc = GreetUser;
#else
-- Debug("ManageSession: loading greeter library %s\n", greeterLib);
-+ Debug ("ManageSession: loading greeter library %s\n", greeterLib);
- greet_lib_handle = dlopen(greeterLib, RTLD_NOW);
+ Debug ("ManageSession: loading greeter library %s\n", greeterLib);
+- greet_lib_handle = dlopen(greeterLib, RTLD_NOW);
++ greet_lib_handle = dlopen (greeterLib, RTLD_NOW);
if (greet_lib_handle != NULL)
- greet_user_proc = (GreetUserProc)dlsym(greet_lib_handle, "GreetUser");
- if (greet_user_proc == NULL)
- {
-- LogError("%s while loading %s\n", dlerror(), greeterLib);
+- greet_user_proc = (GreetUserProc)dlsym(greet_lib_handle, "GreetUser");
++ greet_user_proc = (GreetUserProc) dlsym (greet_lib_handle, "GreetUser");
+ if (greet_user_proc == NULL) {
+- LogError ("%s while loading %s\n", dlerror(), greeterLib);
+- exit(UNMANAGE_DISPLAY);
+ LogError ("%s while loading %s\n", dlerror (), greeterLib);
- exit(UNMANAGE_DISPLAY);
++ exit (UNMANAGE_DISPLAY);
}
#endif
-@@ -321,7 +327,7 @@
+
+@@ -321,11 +321,11 @@
* setting up environment and running the session
*/
if (StartClient (&verify, d, &clientPid, greet.name, greet.password)) {
@@ -2691,7 +2684,12 @@
#ifndef GREET_USER_STATIC
/* Save memory; close library */
-@@ -369,7 +375,7 @@
+- dlclose(greet_lib_handle);
++ dlclose (greet_lib_handle);
+ #endif
+
+ /*
+@@ -363,7 +363,7 @@
/*
* run system-wide reset file
*/
@@ -2700,7 +2698,7 @@
source (verify.systemEnviron, d->reset);
SessionExit (d, OBEYSESS_DISPLAY, TRUE);
}
-@@ -384,7 +390,7 @@
+@@ -378,7 +378,7 @@
env = systemEnv (d, (char *) 0, (char *) 0);
args = parseArgs ((char **) 0, d->xrdb);
args = parseArgs (args, d->resources);
@@ -2709,7 +2707,24 @@
(void) runAndWait (args, env);
freeArgs (args);
freeEnv (env);
-@@ -438,7 +444,7 @@
+@@ -402,12 +402,12 @@
+ DeleteXloginResources (struct display *d, Display *dpy)
+ {
+ int i;
+- Atom prop = XInternAtom(dpy, "SCREEN_RESOURCES", True);
++ Atom prop = XInternAtom (dpy, "SCREEN_RESOURCES", True);
+
+- XDeleteProperty(dpy, RootWindow (dpy, 0), XA_RESOURCE_MANAGER);
++ XDeleteProperty (dpy, RootWindow (dpy, 0), XA_RESOURCE_MANAGER);
+ if (prop) {
+- for (i = ScreenCount(dpy); --i >= 0; )
+- XDeleteProperty(dpy, RootWindow (dpy, i), prop);
++ for (i = ScreenCount (dpy); --i >= 0; )
++ XDeleteProperty (dpy, RootWindow (dpy, i), prop);
+ }
+ }
+
+@@ -431,7 +431,7 @@
SessionExit (d, RESERVER_DISPLAY, FALSE);
}
(void) alarm ((unsigned) d->grabTimeout);
@@ -2717,30 +2732,50 @@
+ Debug ("before XGrabServer %s\n", d->name);
XGrabServer (dpy);
if (XGrabKeyboard (dpy, DefaultRootWindow (dpy), True, GrabModeAsync,
- GrabModeAsync, CurrentTime) != GrabSuccess)
-@@ -505,16 +511,16 @@
+ GrabModeAsync, CurrentTime) != GrabSuccess) {
+@@ -466,13 +466,13 @@
+ SessionExit (struct display *d, int status, int removeAuth)
+ {
+ #ifdef USE_PAM
+- pam_handle_t *pamh = thepamh();
++ pam_handle_t *pamh = thepamh ();
+ #endif
+ #ifdef USE_PAM
+ if (pamh) {
+ /* shutdown PAM session */
+- pam_close_session(pamh, 0);
+- pam_end(pamh, PAM_SUCCESS);
++ pam_close_session (pamh, 0);
++ pam_end (pamh, PAM_SUCCESS);
+ pamh = NULL;
+ }
+ #endif
+@@ -492,26 +492,26 @@
+ krb5_error_code code;
+ krb5_ccache ccache;
- code = Krb5DisplayCCache(d->name, &ccache);
+- code = Krb5DisplayCCache(d->name, &ccache);
++ code = Krb5DisplayCCache (d->name, &ccache);
if (code)
-- LogError("%s while getting Krb5 ccache to destroy\n",
+ LogError ("%s while getting Krb5 ccache to destroy\n",
- error_message(code));
-+ LogError ("%s while getting Krb5 ccache to destroy\n",
-+ error_message(code));
++ error_message (code));
else {
- code = krb5_cc_destroy(ccache);
+- code = krb5_cc_destroy(ccache);
++ code = krb5_cc_destroy (ccache);
if (code) {
if (code == KRB5_FCC_NOFILE) {
- Debug ("No Kerberos ccache file found to destroy\n");
+ Debug ("no Kerberos ccache file found to destroy\n");
} else
-- LogError("%s while destroying Krb5 credentials cache\n",
+ LogError ("%s while destroying Krb5 credentials cache\n",
- error_message(code));
-+ LogError ("%s while destroying Krb5 credentials"
-+ " cache\n", error_message(code));
++ error_message (code));
} else
Debug ("Kerberos ccache destroyed\n");
- krb5_cc_close(ccache);
-@@ -522,7 +528,7 @@
+- krb5_cc_close(ccache);
++ krb5_cc_close (ccache);
+ }
}
#endif /* K5AUTH */
}
@@ -2749,24 +2784,42 @@
exit (status);
}
-@@ -540,8 +546,9 @@
- #ifdef HAS_SETUSERCONTEXT
- struct passwd* pwd;
+@@ -546,14 +546,14 @@
+ Debug ("\n");
+ }
+ #ifdef USE_PAM
+- if (pamh) pam_open_session(pamh, 0);
++ if (pamh) pam_open_session (pamh, 0);
#endif
--#ifdef USE_PAM
-+#ifdef USE_PAM
- pam_handle_t *pamh = thepamh();
-+ int pam_error;
+ switch (pid = fork ()) {
+ case 0:
+ CleanUpChild ();
+ #ifdef XDMCP
+ /* The chooser socket is not closed by CleanUpChild() */
+- DestroyWellKnownSockets();
++ DestroyWellKnownSockets ();
#endif
- if (verify->argv) {
-@@ -582,39 +589,38 @@
+ /* Do system-dependent login setup here */
+@@ -562,9 +562,9 @@
+ /* pass in environment variables set by libpam and modules it called */
+ if (pamh) {
+ long i;
+- char **pam_env = pam_getenvlist(pamh);
+- for(i = 0; pam_env && pam_env[i]; i++) {
+- verify->userEnviron = putEnv(pam_env[i], verify->userEnviron);
++ char **pam_env = pam_getenvlist (pamh);
++ for (i = 0; pam_env && pam_env[i]; i++) {
++ verify->userEnviron = putEnv (pam_env[i], verify->userEnviron);
+ }
+ }
+ #endif
+@@ -572,36 +572,38 @@
#ifndef AIXV3
#ifndef HAS_SETUSERCONTEXT
-- if (setgid(verify->gid) < 0)
-- {
-- LogError("setgid %d (user \"%s\") failed, errno=%d\n",
+- if (setgid(verify->gid) < 0) {
+- LogError ("setgid %d (user \"%s\") failed, errno=%d\n",
- verify->gid, name, errno);
+ if (setgid (verify->gid) < 0) {
+ LogError ("setgid %d (user \"%s\") failed: %s\n",
@@ -2774,9 +2827,8 @@
return (0);
}
#if defined(BSD) && (BSD >= 199103)
-- if (setlogin(name) < 0)
-- {
-- LogError("setlogin for \"%s\" failed, errno=%d", name, errno);
+- if (setlogin(name) < 0) {
+- LogError ("setlogin for \"%s\" failed, errno=%d", name, errno);
- return(0);
+ if (setlogin (name) < 0) {
+ LogError ("setlogin for \"%s\" failed: %s\n", name,
@@ -2785,9 +2837,8 @@
}
#endif
#ifndef QNX4
-- if (initgroups(name, verify->gid) < 0)
-- {
-- LogError("initgroups for \"%s\" failed, errno=%d\n", name, errno);
+- if (initgroups(name, verify->gid) < 0) {
+- LogError ("initgroups for \"%s\" failed, errno=%d\n", name, errno);
+ if (initgroups (name, verify->gid) < 0) {
+ LogError ("initgroups for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
@@ -2795,23 +2846,22 @@
}
#endif /* QNX4 doesn't support multi-groups, no initgroups() */
#ifdef USE_PAM
-- if (thepamh()) {
-- if (pam_setcred(thepamh(), PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
-- LogError("pam_setcred for %\"s failed, errno=%d\n",
-- name, errno);
-- return(0);
+- if (pamh) {
+- pam_error = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+ if (thepamh ()) {
+ pam_error = pam_setcred (thepamh (), PAM_ESTABLISH_CRED);
-+ if (pam_error != PAM_SUCCESS) {
+ if (pam_error != PAM_SUCCESS) {
+- LogError ("pam_setcred for \"%s\" failed: %s\n",
+- name, pam_strerror(pamh, pam_error));
+- return(0);
+ LogError ("pam_setcred for \"%s\" failed: %s\n", name,
-+ pam_strerror (thepamh (), pam_error));
++ pam_strerror (pamh, pam_error));
+ return (0);
}
}
#endif
-- if (setuid(verify->uid) < 0)
-- {
-- LogError("setuid %d (user \"%s\") failed, errno=%d\n",
+- if (setuid(verify->uid) < 0) {
+- LogError ("setuid %d (user \"%s\") failed, errno=%d\n",
- verify->uid, name, errno);
+ if (setuid (verify->uid) < 0) {
+ LogError ("setuid %d (user \"%s\") failed: %s\n",
@@ -2819,50 +2869,43 @@
return (0);
}
#else /* HAS_SETUSERCONTEXT */
-@@ -622,20 +628,17 @@
+@@ -609,16 +611,17 @@
* Set the user's credentials: uid, gid, groups,
* environment variables, resource limits, and umask.
*/
- pwd = getpwnam(name);
-- if (pwd)
-- {
-- if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0)
-- {
-- LogError("setusercontext for \"%s\" failed, errno=%d\n", name,
++ pwd = getpwnam (name);
+ if (pwd) {
+- if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
+- LogError ("setusercontext for \"%s\" failed, errno=%d\n", name,
- errno);
-+ pwd = getpwnam (name);
-+ if (pwd) {
+ if (setusercontext (NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
+ LogError ("setusercontext for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
- endpwent();
-- }
-- else
-- {
-- LogError("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
+ endpwent ();
-+ } else {
+ } else {
+- LogError ("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
+ LogError ("getpwnam for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
#endif /* HAS_SETUSERCONTEXT */
-@@ -644,9 +647,9 @@
+@@ -627,8 +630,9 @@
* Set the user's credentials: uid, gid, groups,
* audit classes, user limits, and umask.
*/
-- if (setpcred(name, NULL) == -1)
-- {
-- LogError("setpcred for \"%s\" failed, errno=%d\n", name, errno);
+- if (setpcred(name, NULL) == -1) {
+- LogError ("setpcred for \"%s\" failed, errno=%d\n", name, errno);
+ if (setpcred (name, NULL) == -1) {
+ LogError ("setpcred for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
#endif /* AIXV3 */
-@@ -665,7 +668,7 @@
+@@ -647,24 +651,24 @@
int key_set_ok = 0;
nameret = getnetname (netname);
@@ -2871,16 +2914,89 @@
len = strlen (passwd);
if (len > 8)
bzero (passwd + 8, len - 8);
-@@ -676,7 +679,7 @@
- netst.st_netname = strdup(netname);
- memset(netst.st_pub_key, 0, HEXKEYBYTES);
- if (key_setnet(&netst) < 0) {
-- Debug("Could not set secret key.\n");
-+ Debug ("could not set secret key\n");
+- keyret = getsecretkey(netname,secretkey,passwd);
++ keyret = getsecretkey (netname,secretkey,passwd);
+ Debug ("getsecretkey returns %d, key length %d\n",
+ keyret, strlen (secretkey));
+- memcpy(&(netst.st_priv_key), secretkey, HEXKEYBYTES);
+- netst.st_netname = strdup(netname);
+- memset(netst.st_pub_key, 0, HEXKEYBYTES);
+- if (key_setnet(&netst) < 0) {
+- Debug ("Could not set secret key.\n");
++ memcpy (&(netst.st_priv_key), secretkey, HEXKEYBYTES);
++ netst.st_netname = strdup (netname);
++ memset (netst.st_pub_key, 0, HEXKEYBYTES);
++ if (key_setnet (&netst) < 0) {
++ Debug ("could not set secret key.\n");
}
- free(netst.st_netname);
+- free(netst.st_netname);
++ free (netst.st_netname);
/* is there a key, and do we have the right password? */
-@@ -759,22 +762,22 @@
+ if (keyret == 1) {
+ if (*secretkey) {
+- keyret = key_setsecret(secretkey);
++ keyret = key_setsecret (secretkey);
+ Debug ("key_setsecret returns %d\n", keyret);
+ if (keyret == -1)
+ LogError ("failed to set NIS secret key\n");
+@@ -681,7 +685,7 @@
+ int i, j;
+ for (i = 0; i < d->authNum; i++) {
+ if (d->authorizations[i]->name_length == 9 &&
+- memcmp(d->authorizations[i]->name, "SUN-DES-1", 9) == 0) {
++ memcmp (d->authorizations[i]->name, "SUN-DES-1", 9) == 0) {
+ for (j = i+1; j < d->authNum; j++)
+ d->authorizations[j-1] = d->authorizations[j];
+ d->authNum--;
+@@ -689,7 +693,7 @@
+ }
+ }
+ }
+- bzero(secretkey, strlen(secretkey));
++ bzero (secretkey, strlen (secretkey));
+ }
+ #endif
+ #ifdef K5AUTH
+@@ -697,18 +701,18 @@
+ {
+ int i, j;
+ int result;
+- extern char *Krb5CCacheName();
++ extern char *Krb5CCacheName ();
+
+- result = Krb5Init(name, passwd, d);
++ result = Krb5Init (name, passwd, d);
+ if (result == 0) {
+ /* point session clients at the Kerberos credentials cache */
+ verify->userEnviron =
+- setEnv(verify->userEnviron,
+- "KRB5CCNAME", Krb5CCacheName(d->name));
++ setEnv (verify->userEnviron,
++ "KRB5CCNAME", Krb5CCacheName (d->name));
+ } else {
+ for (i = 0; i < d->authNum; i++) {
+ if (d->authorizations[i]->name_length == 14 &&
+- memcmp(d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0) {
++ memcmp (d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0) {
+ /* remove Kerberos from authorizations list */
+ for (j = i+1; j < d->authNum; j++)
+ d->authorizations[j-1] = d->authorizations[j];
+@@ -719,7 +723,7 @@
+ }
+ }
+ #endif /* K5AUTH */
+- bzero(passwd, strlen(passwd));
++ bzero (passwd, strlen (passwd));
+ SetUserAuthorization (d, verify);
+ home = getEnv (verify->userEnviron, "HOME");
+ if (home)
+@@ -727,27 +731,27 @@
+ LogError ("user \"%s\": cannot chdir to home \"%s\" (err %d), using \"/\"\n",
+ getEnv (verify->userEnviron, "USER"), home, errno);
+ chdir ("/");
+- verify->userEnviron = setEnv(verify->userEnviron, "HOME", "/");
++ verify->userEnviron = setEnv (verify->userEnviron, "HOME", "/");
+ }
if (verify->argv) {
Debug ("executing session %s\n", verify->argv[0]);
execute (verify->argv, verify->userEnviron);
@@ -2909,7 +3025,7 @@
Debug ("StartSession, fork succeeded %d\n", pid);
*pidp = pid;
return 1;
-@@ -885,7 +888,7 @@
+@@ -856,7 +860,7 @@
p = "/bin/sh";
optarg = 0;
}
@@ -2918,7 +3034,7 @@
p, optarg ? optarg : "(null)");
for (av = argv, argc = 0; *av; av++, argc++)
/* SUPPRESS 530 */
-@@ -941,9 +944,10 @@
+@@ -910,9 +914,10 @@
return env;
}
Modified: branches/4.3.0/sid/debian/patches/067_fix_X11_and_xdm_build_problems.diff
===================================================================
--- branches/4.3.0/sid/debian/patches/067_fix_X11_and_xdm_build_problems.diff 2003-10-08 02:27:36 UTC (rev 632)
+++ branches/4.3.0/sid/debian/patches/067_fix_X11_and_xdm_build_problems.diff 2003-10-08 02:34:31 UTC (rev 633)
@@ -9,10 +9,6 @@
xc/programs/xdm/Imakefile has exactly the same problem with exactly the
same file, plus the same problem with the greeter's header files.
-xc/programs/xdm/genauth.c had some problems with attempting to use
-variables that weren't defined, plus an attempt to compare the integer
-prngdPort with NULL.
-
--- xc/lib/X11/Imakefile~ 2003-09-18 01:12:10.000000000 -0500
+++ xc/lib/X11/Imakefile 2003-09-18 01:13:32.000000000 -0500
@@ -49,7 +49,7 @@
@@ -59,35 +55,3 @@
#if BuildBoth
ObjectFromSpecialSource(greetsh,greet,-DUSESHADOW)
ObjectFromSpecialSource(verifysh,verify,-DUSESHADOW)
---- xc/programs/xdm~/genauth.c 2003-09-22 14:00:07.000000000 -0500
-+++ xc/programs/xdm/genauth.c 2003-09-22 16:57:56.000000000 -0500
-@@ -47,9 +47,7 @@
- #include <time.h>
- #define Time_t time_t
-
--#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM) && !defined(HASXDMAUTH)
- static unsigned char key[8];
--#endif
-
- #ifdef DEV_RANDOM
- extern char *randomDevice;
-@@ -370,8 +368,8 @@
- }
- #endif
- /* Try some pseudo-random number genrator daemon next */
-- if (prngdSocket != NULL || prngdPort != NULL) {
-- if (get_prngd_bytes(tmpkey, len, prngdPort, prngdSocket) == 0) {
-+ if (prngdSocket != NULL || prngdPort != 0) {
-+ if (get_prngd_bytes(tmpkey, 8, prngdPort, prngdSocket) == 0) {
- tmpkey[0] = 0;
- _XdmcpWrapperToOddParity(tmpkey, key);
- return;
-@@ -398,7 +396,7 @@
- GenerateAuthData (char *auth, int len)
- {
- #ifdef HASXDMAUTH
-- int bit;
-+ int i, bit;
- auth_wrapper_schedule schedule;
- unsigned char data[8];
- static int xdmcpAuthInited;
Reply to: