rpms/gdm/devel gdm-2.25.2-dont-depend-on-hostname.patch, NONE, 1.1 gdm.spec, 1.452, 1.453 gdm-2.25.2-use-resolvable-hostname.patch, 1.1, NONE
Ray Strode
rstrode at fedoraproject.org
Sun Mar 15 03:55:42 UTC 2009
Author: rstrode
Update of /cvs/pkgs/rpms/gdm/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22085
Modified Files:
gdm.spec
Added Files:
gdm-2.25.2-dont-depend-on-hostname.patch
Removed Files:
gdm-2.25.2-use-resolvable-hostname.patch
Log Message:
- Drop the use localhost patch because it broke things.
Instead add authorization that doesn't depend on a hostname
gdm-2.25.2-dont-depend-on-hostname.patch:
--- NEW FILE gdm-2.25.2-dont-depend-on-hostname.patch ---
commit c8ff53ab9bd73dd6f752afbf7f7d541ec5e4514e
Author: Ray Strode <rstrode at redhat.com>
Date: Sat Mar 14 22:11:10 2009 -0400
Make GetX11Cookie dbus method work
We were trying to send a binary blob as a utf-8 string.
Now we use an ugly GArray.
diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c
index 323d941..671857a 100644
--- a/daemon/gdm-display.c
+++ b/daemon/gdm-display.c
@@ -416,19 +416,16 @@ gdm_display_remove_user_authorization (GdmDisplay *display,
gboolean
gdm_display_get_x11_cookie (GdmDisplay *display,
- char **x11_cookie,
- gsize *x11_cookie_size,
+ GArray **x11_cookie,
GError **error)
{
g_return_val_if_fail (GDM_IS_DISPLAY (display), FALSE);
if (x11_cookie != NULL) {
- *x11_cookie = g_memdup (display->priv->x11_cookie,
- display->priv->x11_cookie_size);
- }
-
- if (x11_cookie_size != NULL) {
- *x11_cookie_size = display->priv->x11_cookie_size;
+ *x11_cookie = g_array_new (FALSE, FALSE, sizeof (char));
+ g_array_append_vals (*x11_cookie,
+ display->priv->x11_cookie,
+ display->priv->x11_cookie_size);
}
return TRUE;
diff --git a/daemon/gdm-display.h b/daemon/gdm-display.h
index 2914c81..607ea1d 100644
--- a/daemon/gdm-display.h
+++ b/daemon/gdm-display.h
@@ -125,8 +125,7 @@ gboolean gdm_display_get_timed_login_details (GdmDisplay *disp
/* exported but protected */
gboolean gdm_display_get_x11_cookie (GdmDisplay *display,
- char **x11_cookie,
- gsize *cookie_size,
+ GArray **x11_cookie,
GError **error);
gboolean gdm_display_get_x11_authority_file (GdmDisplay *display,
char **filename,
diff --git a/daemon/gdm-display.xml b/daemon/gdm-display.xml
index e8a2369..a92e37f 100644
--- a/daemon/gdm-display.xml
+++ b/daemon/gdm-display.xml
@@ -11,7 +11,7 @@
<arg name="name" direction="out" type="i"/>
</method>
<method name="GetX11Cookie">
- <arg name="x11_cookie" direction="out" type="s"/>
+ <arg name="x11_cookie" direction="out" type="ay"/>
</method>
<method name="GetX11AuthorityFile">
<arg name="filename" direction="out" type="s"/>
diff --git a/daemon/gdm-xdmcp-display-factory.c b/daemon/gdm-xdmcp-display-factory.c
index 58cdf59..b12b726 100644
--- a/daemon/gdm-xdmcp-display-factory.c
+++ b/daemon/gdm-xdmcp-display-factory.c
@@ -2277,19 +2277,17 @@ gdm_xdmcp_handle_request (GdmXdmcpDisplayFactory *factory,
ARRAY8 authorization_name;
ARRAY8 authorization_data;
gint32 session_number;
- char *cookie;
- gsize cookie_size;
+ GArray *cookie;
char *name;
- gdm_display_get_x11_cookie (display, &cookie,
- &cookie_size, NULL);
+ gdm_display_get_x11_cookie (display, &cookie, NULL);
gdm_display_get_x11_display_name (display, &name, NULL);
g_debug ("GdmXdmcpDisplayFactory: Sending authorization key for display %s", name);
g_free (name);
- g_debug ("GdmXdmcpDisplayFactory: cookie len %d", (int) cookie_size);
+ g_debug ("GdmXdmcpDisplayFactory: cookie len %d", (int) cookie->len);
session_number = gdm_xdmcp_display_get_session_number (GDM_XDMCP_DISPLAY (display));
@@ -2304,8 +2302,10 @@ gdm_xdmcp_handle_request (GdmXdmcpDisplayFactory *factory,
authorization_name.data = (CARD8 *) "MIT-MAGIC-COOKIE-1";
authorization_name.length = strlen ((char *) authorization_name.data);
- authorization_data.data = (CARD8 *) cookie;
- authorization_data.length = cookie_size;
+ authorization_data.data = (CARD8 *) cookie->data;
+ authorization_data.length = cookie->len;
+
+ g_array_free (cookie, TRUE);
/* the addrs are NOT copied */
gdm_xdmcp_send_accept (factory,
commit 8d141425bed92140b866c1a83e460aa74d97760f
Author: Ray Strode <rstrode at redhat.com>
Date: Sat Mar 14 22:11:58 2009 -0400
Don't make slave and greeter display authorization dependent on hostname
The hostname can get changed out from under us at any
point, so we need to give the slave (and its helpers)
and the greeter access to the display based solely on the
X11 cookie, without any hostname constraints.
diff --git a/daemon/gdm-slave.c b/daemon/gdm-slave.c
index 19432dc..a241f73 100644
--- a/daemon/gdm-slave.c
+++ b/daemon/gdm-slave.c
@@ -89,6 +89,8 @@ struct GdmSlavePrivate
char *parent_display_name;
char *parent_display_x11_authority_file;
+ GArray *display_x11_cookie;
+
DBusGProxy *display_proxy;
DBusGConnection *connection;
};
@@ -449,6 +451,12 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave)
sigaddset (&mask, SIGCHLD);
sigprocmask (SIG_BLOCK, &mask, &omask);
+ /* Give slave access to the display independent of current hostname */
+ XSetAuthorization ("MIT-MAGIC-COOKIE-1",
+ strlen ("MIT-MAGIC-COOKIE-1"),
+ slave->priv->display_x11_cookie->data,
+ slave->priv->display_x11_cookie->len);
+
slave->priv->server_display = XOpenDisplay (slave->priv->display_name);
sigprocmask (SIG_SETMASK, &omask, NULL);
@@ -458,8 +466,35 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave)
g_warning ("Unable to connect to display %s", slave->priv->display_name);
ret = FALSE;
} else {
+ XHostAddress host_entries[2] = {
+ { FamilyServerInterpreted },
+ { FamilyServerInterpreted }
+ };
+ XServerInterpretedAddress si_entries[2];
+
g_debug ("GdmSlave: Connected to display %s", slave->priv->display_name);
ret = TRUE;
+
+ /* Give programs run by the slave and greeter access to the display
+ * independent of current hostname
+ */
+ si_entries[0].type = "localuser";
+ si_entries[0].typelength = strlen ("localuser");
+ si_entries[1].type = "localuser";
+ si_entries[1].typelength = strlen ("localuser");
+
+ si_entries[0].value = "root";
+ si_entries[0].valuelength = strlen ("root");
+ si_entries[1].value = GDM_USERNAME;
+ si_entries[1].valuelength = strlen (GDM_USERNAME);
+
+ host_entries[0].address = (char *) &si_entries[0];
+ host_entries[0].length = sizeof (XServerInterpretedAddress);
+ host_entries[1].address = (char *) &si_entries[1];
+ host_entries[1].length = sizeof (XServerInterpretedAddress);
+
+ XAddHosts (slave->priv->server_display, host_entries,
+ G_N_ELEMENTS (host_entries));
}
return ret;
@@ -639,6 +674,25 @@ gdm_slave_real_start (GdmSlave *slave)
error = NULL;
res = dbus_g_proxy_call (slave->priv->display_proxy,
+ "GetX11Cookie",
+ &error,
+ G_TYPE_INVALID,
+ dbus_g_type_get_collection ("GArray", G_TYPE_CHAR),
+ &slave->priv->display_x11_cookie,
+ G_TYPE_INVALID);
+ if (! res) {
+ if (error != NULL) {
+ g_warning ("Failed to get value: %s", error->message);
+ g_error_free (error);
+ } else {
+ g_warning ("Failed to get value");
+ }
+
+ return FALSE;
+ }
+
+ error = NULL;
+ res = dbus_g_proxy_call (slave->priv->display_proxy,
"GetX11AuthorityFile",
&error,
G_TYPE_INVALID,
@@ -1475,6 +1529,7 @@ gdm_slave_finalize (GObject *object)
g_free (slave->priv->display_x11_authority_file);
g_free (slave->priv->parent_display_name);
g_free (slave->priv->parent_display_x11_authority_file);
+ g_array_free (slave->priv->display_x11_cookie, TRUE);
G_OBJECT_CLASS (gdm_slave_parent_class)->finalize (object);
}
Index: gdm.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gdm/devel/gdm.spec,v
retrieving revision 1.452
retrieving revision 1.453
diff -u -r1.452 -r1.453
--- gdm.spec 12 Mar 2009 19:24:34 -0000 1.452
+++ gdm.spec 15 Mar 2009 03:55:12 -0000 1.453
@@ -15,7 +15,7 @@
Summary: The GNOME Display Manager
Name: gdm
Version: 2.25.2
-Release: 19%{?dist}
+Release: 20%{?dist}
Epoch: 1
License: GPLv2+
Group: User Interface/X
@@ -93,7 +93,7 @@
Patch14: gdm-2.25.2-multistack-but-boring.patch
Patch15: gdm-2.25.2-start-faster.patch
-Patch16: gdm-2.25.2-use-resolvable-hostname.patch
+Patch16: gdm-2.25.2-dont-depend-on-hostname.patch
Patch17: gdm-2.25.2-maybe-work-around-gcc-bug.patch
# Fedora-specific
@@ -123,7 +123,7 @@
%patch14 -p1 -b .multistack-but-boring
%patch15 -p1 -b .start-faster
-%patch16 -p1 -b .use-resolvable-hostname
+%patch16 -p1 -b .dont-depend-on-hostname
%patch17 -p1 -b .maybe-work-around-gcc-bug
%patch99 -p1 -b .fedora-logo
@@ -348,6 +348,10 @@
%{_datadir}/gnome-2.0/ui/GNOME_FastUserSwitchApplet.xml
%changelog
+* Sat Mar 14 2009 Ray Strode <rstrode at redhat.com> - 1:2.25.2-20
+- Drop the use localhost patch because it broke things.
+ Instead add authorization that doesn't depend on a hostname
+
* Thu Mar 12 2009 Ray Strode <rstrode at redhat.com> - 1:2.25.2-19
- Add a lame patch in the off chance it might work around a
gcc bug on ppc:
--- gdm-2.25.2-use-resolvable-hostname.patch DELETED ---
More information about the fedora-extras-commits
mailing list