rpms/gdm/FC-6 gdm-2.16.4-desensitize-entry.patch, NONE, 1.1 gdm-2.16.4-move-default-message.patch, NONE, 1.1 gdm-2.16.4-reset-pam.patch, NONE, 1.1 .cvsignore, 1.34, 1.35 gdm.spec, 1.210, 1.211 sources, 1.36, 1.37
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Dec 15 16:21:02 UTC 2006
Author: mclasen
Update of /cvs/dist/rpms/gdm/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv12310
Modified Files:
.cvsignore gdm.spec sources
Added Files:
gdm-2.16.4-desensitize-entry.patch
gdm-2.16.4-move-default-message.patch
gdm-2.16.4-reset-pam.patch
Log Message:
Update patches
gdm-2.16.4-desensitize-entry.patch:
gdmlogin.c | 2 +-
greeter/greeter_item_pam.c | 19 ++++++++++++++-----
2 files changed, 15 insertions(+), 6 deletions(-)
--- NEW FILE gdm-2.16.4-desensitize-entry.patch ---
--- gdm-2.16.4/gui/greeter/greeter_item_pam.c.desensitize-entry 2006-12-15 11:14:02.000000000 -0500
+++ gdm-2.16.4/gui/greeter/greeter_item_pam.c 2006-12-15 11:14:02.000000000 -0500
@@ -290,11 +290,20 @@
{
entry = GNOME_CANVAS_WIDGET (entry_info->item)->widget;
- gtk_entry_set_visibility (GTK_ENTRY (entry), entry_visible);
- gtk_widget_set_sensitive (GTK_WIDGET (entry), TRUE);
- gtk_entry_set_max_length (GTK_ENTRY (entry), entry_len);
- gtk_entry_set_text (GTK_ENTRY (entry), "");
- gtk_widget_grab_focus (entry);
+ if (message != NULL && strcmp (message, "") != 0)
+ {
+ gtk_entry_set_visibility (GTK_ENTRY (entry), entry_visible);
+ gtk_widget_set_sensitive (GTK_WIDGET (entry), TRUE);
+ gtk_entry_set_max_length (GTK_ENTRY (entry), entry_len);
+ gtk_entry_set_text (GTK_ENTRY (entry), "");
+ gtk_widget_grab_focus (entry);
+ }
+ else
+ {
+ gtk_entry_set_visibility (GTK_ENTRY (entry), entry_visible);
+ gtk_entry_set_text (GTK_ENTRY (entry), "...");
+ gtk_widget_set_sensitive (GTK_WIDGET (entry), FALSE);
+ }
}
messages_to_give = FALSE;
--- gdm-2.16.4/gui/gdmlogin.c.desensitize-entry 2006-12-15 11:14:02.000000000 -0500
+++ gdm-2.16.4/gui/gdmlogin.c 2006-12-15 11:17:42.000000000 -0500
@@ -1760,7 +1760,7 @@
curuser = NULL;
}
- gtk_widget_set_sensitive (entry, TRUE);
+ gtk_widget_set_sensitive (entry, FALSE);
gtk_widget_set_sensitive (ok_button, FALSE);
gtk_widget_set_sensitive (start_again_button, FALSE);
gdm-2.16.4-move-default-message.patch:
daemon/verify-crypt.c | 1 -
daemon/verify-pam.c | 6 ------
daemon/verify-shadow.c | 1 -
gui/gdmlogin.c | 17 +++++++++++++----
gui/greeter/greeter_item_pam.c | 25 +++++++++++++++++++++++++
5 files changed, 38 insertions(+), 12 deletions(-)
--- NEW FILE gdm-2.16.4-move-default-message.patch ---
--- gdm-2.16.4/gui/greeter/greeter_item_pam.c.move-default-message 2006-10-31 16:37:23.000000000 -0500
+++ gdm-2.16.4/gui/greeter/greeter_item_pam.c 2006-12-15 10:59:19.000000000 -0500
@@ -46,6 +46,7 @@
gboolean require_quarter = FALSE;
extern gboolean greeter_probably_login_prompt;
+static gboolean using_fallback_message = FALSE;
extern GtkButton *gtk_ok_button;
extern GtkButton *gtk_start_again_button;
@@ -250,13 +251,35 @@
int entry_len,
gboolean entry_visible)
{
+ GreeterItemInfo *message_info;
GreeterItemInfo *conversation_info;
GreeterItemInfo *entry_info;
GtkWidget *entry;
+ message_info = greeter_lookup_id ("pam-message");
conversation_info = greeter_lookup_id ("pam-prompt");
entry_info = greeter_lookup_id ("user-pw-entry");
+ if (strcmp (message, _("Username:")) == 0 && message_info)
+ {
+ gchar *text;
+ text = NULL;
+ g_object_get (G_OBJECT (message_info->item),
+ "text", &text,
+ NULL);
+ if (ve_string_empty (text))
+ {
+ set_text (message_info, _("Please enter your username"));
+ using_fallback_message = TRUE;
+ }
+ g_free (text);
+ }
+ else if (using_fallback_message)
+ {
+ set_text (message_info, "");
+ using_fallback_message = FALSE;
+ }
+
if (conversation_info)
{
set_text (conversation_info, message);
@@ -296,6 +319,7 @@
* we try to collect them until the next prompt or reset or
* whatnot */
if ( ! replace_msg &&
+ ! using_fallback_message &&
/* empty message is for clearing */
! ve_string_empty (message))
{
@@ -315,6 +339,7 @@
set_text (message_info, message);
}
replace_msg = FALSE;
+ using_fallback_message = FALSE;
}
--- gdm-2.16.4/gui/gdmlogin.c.move-default-message 2006-10-30 14:14:54.000000000 -0500
+++ gdm-2.16.4/gui/gdmlogin.c 2006-12-15 10:58:15.000000000 -0500
@@ -160,6 +160,7 @@
extern const gchar *current_session;
extern gboolean session_dir_whacked_out;
extern gint gdm_timed_delay;
+static gboolean using_fallback_message = FALSE;
static void login_window_resize (gboolean force);
@@ -1537,12 +1538,21 @@
gdm_config_get_string (GDM_KEY_SOUND_ON_LOGIN_FILE),
gdm_config_get_bool (GDM_KEY_SOUND_ON_LOGIN));
gtk_label_set_text_with_mnemonic (GTK_LABEL (label), _("_Username:"));
+ if (ve_string_empty (gtk_label_get_text (GTK_LABEL (msg)))) {
+ gtk_label_set_text (GTK_LABEL (msg),
+ _("Please enter your username"));
+ using_fallback_message = TRUE;
+ }
greeter_probably_login_prompt = TRUE;
gtk_widget_set_sensitive (start_again_button, FALSE);
} else {
gtk_widget_set_sensitive (start_again_button, TRUE);
if (tmp != NULL)
- gtk_label_set_text (GTK_LABEL (label), tmp);
+ gtk_label_set_text (GTK_LABEL (label), tmp);
+ if (using_fallback_message) {
+ gtk_label_set_text (GTK_LABEL (msg), "");
+ using_fallback_message = FALSE;
+ }
}
g_free (tmp);
@@ -1629,6 +1639,7 @@
g_free (tmp);
}
replace_msg = FALSE;
+ using_fallback_message = FALSE;
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
@@ -1756,9 +1767,7 @@
if (browser_ok && gdm_config_get_bool (GDM_KEY_BROWSER))
gtk_widget_set_sensitive (GTK_WIDGET (browser), TRUE);
- tmp = ve_locale_to_utf8 (args);
- gtk_label_set_text (GTK_LABEL (msg), tmp);
- g_free (tmp);
+ gtk_label_set_text (GTK_LABEL (msg), "");
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
--- gdm-2.16.4/daemon/verify-pam.c.move-default-message 2006-12-15 10:49:30.000000000 -0500
+++ gdm-2.16.4/daemon/verify-pam.c 2006-12-15 10:49:30.000000000 -0500
@@ -525,12 +525,6 @@
then I can afford. */
s = g_strdup (selected_user);
} else {
- /* this is an evil hack, but really there is no way we'll
- know this is a username prompt. However we SHOULD NOT
- rely on this working. The pam modules can set their
- prompt to whatever they wish to */
- gdm_slave_greeter_ctl_no_ret
- (GDM_MSG, _("Please enter your username"));
s = gdm_slave_greeter_ctl (GDM_PROMPT, m);
/* this will clear the message */
gdm_slave_greeter_ctl_no_ret (GDM_MSG, "");
--- gdm-2.16.4/daemon/verify-shadow.c.move-default-message 2006-10-02 21:07:29.000000000 -0400
+++ gdm-2.16.4/daemon/verify-shadow.c 2006-12-15 10:49:30.000000000 -0500
@@ -114,7 +114,6 @@
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {
--- gdm-2.16.4/daemon/verify-crypt.c.move-default-message 2006-10-02 21:07:29.000000000 -0400
+++ gdm-2.16.4/daemon/verify-crypt.c 2006-12-15 10:49:30.000000000 -0500
@@ -115,7 +115,6 @@
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {
gdm-2.16.4-reset-pam.patch:
daemon/gdm.c | 8 ++++++++
daemon/gdm.h | 4 ++++
daemon/slave.c | 34 +++++++++++++++++++++++++++-------
gui/greeter/greeter.c | 14 +++-----------
4 files changed, 42 insertions(+), 18 deletions(-)
--- NEW FILE gdm-2.16.4-reset-pam.patch ---
--- gdm-2.16.4/gui/greeter/greeter.c.reset-pam 2006-10-30 15:56:34.000000000 -0500
+++ gdm-2.16.4/gui/greeter/greeter.c 2006-12-15 11:11:07.000000000 -0500
@@ -168,7 +168,6 @@
GtkWidget *dlg;
char *tmp;
char *session;
- GreeterItemInfo *conversation_info;
static GnomeCanvasItem *disabled_cover = NULL;
gchar *language;
gchar *selected_user = NULL;
@@ -328,16 +327,9 @@
if (gtk_start_again_button != NULL)
gtk_widget_set_sensitive (gtk_start_again_button, FALSE);
- conversation_info = greeter_lookup_id ("pam-conversation");
-
- if (conversation_info)
- {
- tmp = ve_locale_to_utf8 (args);
- g_object_set (G_OBJECT (conversation_info->item),
- "text", tmp,
- NULL);
- g_free (tmp);
- }
+ greeter_item_ulist_unset_selected_user ();
+ greeter_item_pam_prompt ("", PW_ENTRY_SIZE, TRUE);
+ greeter_item_pam_message ("");
printf ("%c\n", STX);
fflush (stdout);
--- gdm-2.16.4/daemon/slave.c.reset-pam 2006-12-15 11:03:01.000000000 -0500
+++ gdm-2.16.4/daemon/slave.c 2006-12-15 11:03:01.000000000 -0500
@@ -128,6 +128,12 @@
static int greeter_fd_out = -1;
static int greeter_fd_in = -1;
+/* a dup of the other side of greeter_fd_in so that
+ * the slave can talk to itself from its sig handler
+ * using the greeter ipc mechanism
+ */
+static int slave_fd_out = -1;
+
#ifdef HAVE_TSOL
static gboolean have_suntsol_extension = FALSE;
#endif
@@ -620,7 +626,7 @@
}
static void
-whack_greeter_fds (void)
+whack_greeter_and_slave_fds (void)
{
if (greeter_fd_out > 0)
VE_IGNORE_EINTR (close (greeter_fd_out));
@@ -628,6 +634,9 @@
if (greeter_fd_in > 0)
VE_IGNORE_EINTR (close (greeter_fd_in));
greeter_fd_in = -1;
+ if (slave_fd_out > 0)
+ VE_IGNORE_EINTR (close (slave_fd_out));
+ slave_fd_out = -1;
}
static void
@@ -1078,7 +1087,7 @@
d->greetpid = 0;
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
@@ -1844,7 +1853,7 @@
d->greetpid = 0;
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
}
@@ -2076,6 +2085,12 @@
break;
}
+ if (do_cancel) {
+ gdm_debug ("canceling...");
+ gdm_slave_greeter_ctl_no_ret (GDM_RESETOK, "");
+ continue;
+ }
+
if (login == NULL) {
char *failuresound = gdm_get_value_string (GDM_KEY_SOUND_ON_LOGIN_FAILURE_FILE);
@@ -2674,9 +2689,9 @@
default:
VE_IGNORE_EINTR (close (pipe1[0]));
- VE_IGNORE_EINTR (close (pipe2[1]));
+ whack_greeter_and_slave_fds ();
- whack_greeter_fds ();
+ slave_fd_out = pipe2[1];
greeter_fd_out = pipe1[1];
greeter_fd_in = pipe2[0];
@@ -4661,7 +4676,7 @@
greet = FALSE;
d->greetpid = 0;
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
do_restart_greeter = TRUE;
@@ -4673,7 +4688,7 @@
continue;
}
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
/* if greet is TRUE, then the greeter died outside of our
* control really, so clean up and die, something is wrong
@@ -4816,6 +4831,11 @@
gdm_wait_for_go = FALSE;
} else if (strcmp (&s[1], GDM_NOTIFY_TWIDDLE_POINTER) == 0) {
gdm_twiddle_pointer (d);
+ } else if (strcmp (&s[1], GDM_NOTIFY_RESET) == 0) {
+ if (!d->logged_in) {
+ gdm_fdprintf (slave_fd_out, "%c%c%c\n",
+ STX, BEL, GDM_INTERRUPT_CANCEL);
+ }
}
}
}
--- gdm-2.16.4/daemon/gdm.h.reset-pam 2006-08-23 23:47:43.000000000 -0400
+++ gdm-2.16.4/daemon/gdm.h 2006-12-15 11:03:01.000000000 -0500
@@ -710,6 +710,9 @@
/* Start a new standard X flexible server */
#define GDM_SOP_FLEXI_XSERVER "FLEXI_XSERVER" /* no arguments */
+/* Reset any in progress authentication conversations */
+#define GDM_SOP_CANCEL_LOGIN_REQUESTS "CANCEL_LOGIN_REQUESTS" /* no arguments */
+
/* Notification protocol */
/* keys */
#define GDM_NOTIFY_ALLOW_REMOTE_ROOT "AllowRemoteRoot" /* <true/false as int> */
@@ -736,6 +739,7 @@
#define GDM_NOTIFY_SOFT_RESTART_SERVERS "SOFT_RESTART_SERVERS"
#define GDM_NOTIFY_GO "GO"
#define GDM_NOTIFY_TWIDDLE_POINTER "TWIDDLE_POINTER"
+#define GDM_NOTIFY_RESET "RESET"
/* Ack for a slave message */
/* Note that an extra response can follow an 'ack' */
--- gdm-2.16.4/daemon/gdm.c.reset-pam 2006-10-16 13:37:32.000000000 -0400
+++ gdm-2.16.4/daemon/gdm.c 2006-12-15 11:03:01.000000000 -0500
@@ -2388,6 +2388,14 @@
TRUE /* handled */,
FALSE /* chooser */,
NULL, 0, NULL, NULL);
+ } else if (strcmp (msg, GDM_SOP_CANCEL_LOGIN_REQUESTS) == 0) {
+ GSList *li;
+ for (li = displays; li != NULL; li = li->next) {
+ GdmDisplay *d = li->data;
+ if (!d->logged_in) {
+ send_slave_command (d, GDM_NOTIFY_RESET);
+ }
+ }
}
}
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/gdm/FC-6/.cvsignore,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- .cvsignore 5 Sep 2006 05:54:17 -0000 1.34
+++ .cvsignore 15 Dec 2006 16:21:00 -0000 1.35
@@ -1 +1 @@
-gdm-2.16.0.tar.bz2
+gdm-2.16.4.tar.bz2
Index: gdm.spec
===================================================================
RCS file: /cvs/dist/rpms/gdm/FC-6/gdm.spec,v
retrieving revision 1.210
retrieving revision 1.211
diff -u -r1.210 -r1.211
--- gdm.spec 17 Oct 2006 14:00:36 -0000 1.210
+++ gdm.spec 15 Dec 2006 16:21:00 -0000 1.211
@@ -15,8 +15,8 @@
Summary: The GNOME Display Manager.
Name: gdm
-Version: 2.16.0
-Release: 18%{?dist}
+Version: 2.16.4
+Release: 1%{?dist}
Epoch: 1
License: LGPL/GPL
Group: User Interface/X
@@ -39,8 +39,8 @@
Patch12: gdm-2.13.0.4-audit-login.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=347798
-Patch19: gdm-2.15.5-move-default-message.patch
-Patch20: gdm-2.15.5-reset-pam.patch
+Patch19: gdm-2.16.4-move-default-message.patch
+Patch20: gdm-2.16.4-reset-pam.patch
Patch21: gdm-2.16.0-security-tokens.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=347871
@@ -54,7 +54,7 @@
Patch27: gdm-2.16.0-close.patch
-Patch28: gdm-2.16.0-desensitize-entry.patch
+Patch28: gdm-2.16.4-desensitize-entry.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=362853
Patch29: gdm-2.16.0-photo-setup-help.patch
@@ -128,10 +128,10 @@
%patch21 -p1 -b .security-tokens
%patch24 -p1 -b .wtmp
%patch25 -p1 -b .indic-langs
-%patch26 -p1 -b .markup
-%patch27 -p1 -b .close
+##patch26 -p1 -b .markup
+##patch27 -p1 -b .close
%patch28 -p1 -b .desensitize-entry
-%patch29 -p1 -b .photo-setup-help
+##patch29 -p1 -b .photo-setup-help
%build
cp -f %{SOURCE1} config/gdm
@@ -319,6 +319,11 @@
%attr(1770, root, gdm) %dir %{_localstatedir}/gdm
%changelog
+* Fri Dec 15 2006 Matthias Clasen <mclasen at redhat.com> - 1:2.16.4-1.fc6
+- Update to 2.16.4, which fixes CVE-2006-6105
+- Update patches
+- Drop upstreamed patches
+
* Tue Oct 17 2006 Matthias Clasen <mclasen at redhat.com> - 1:2.16.0-18.fc6
- Make photosetup help button work (#198138)
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/gdm/FC-6/sources,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- sources 5 Sep 2006 05:54:17 -0000 1.36
+++ sources 15 Dec 2006 16:21:00 -0000 1.37
@@ -1 +1 @@
-641116667d3486eca842dd1a2fc792c7 gdm-2.16.0.tar.bz2
+7eb4a475cccba73d78af9e0852b7e82a gdm-2.16.4.tar.bz2
More information about the fedora-cvs-commits
mailing list