pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q3]: pkgsrc/x11/gdm Pullup ticket 2200 - requested by hauke
details: https://anonhg.NetBSD.org/pkgsrc/rev/7678e3375ed2
branches: pkgsrc-2007Q3
changeset: 534013:7678e3375ed2
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Oct 22 09:14:36 2007 +0000
description:
Pullup ticket 2200 - requested by hauke
security fix for gdm
- pkgsrc/x11/gdm/Makefile 1.133
- pkgsrc/x11/gdm/distinfo 1.51
- pkgsrc/x11/gdm/patches/patch-am 1.3
- pkgsrc/x11/gdm/patches/patch-an 1.1
Module Name: pkgsrc
Committed By: hauke
Date: Thu Oct 11 09:35:11 UTC 2007
Added Files:
pkgsrc/x11/gdm/patches: patch-am patch-an
Log Message:
The code to verify user and password provided in
daemon/verify-{crypt,shadow}.c prints out the user name in various
places, where daemon/verify-pam.c code does not. Get out of sync with
the login dialog, and you'll have your password logged.
Adapt patches from the gdm 2.20 branch for
(1) not logging the user name in any sy slog error messages
(2) not localizing the log messages.
Fixes PR 31417.
diffstat:
x11/gdm/Makefile | 4 +-
x11/gdm/distinfo | 4 +-
x11/gdm/patches/patch-am | 100 +++++++++++++++++++++++++++++++++++++++++++++++
x11/gdm/patches/patch-an | 100 +++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 205 insertions(+), 3 deletions(-)
diffs (237 lines):
diff -r 3e6b944fb854 -r 7678e3375ed2 x11/gdm/Makefile
--- a/x11/gdm/Makefile Mon Oct 22 08:50:34 2007 +0000
+++ b/x11/gdm/Makefile Mon Oct 22 09:14:36 2007 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.132 2007/09/21 13:04:29 wiz Exp $
+# $NetBSD: Makefile,v 1.132.2.1 2007/10/22 09:14:36 ghen Exp $
#
DISTNAME= gdm-2.18.4
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= x11 gnome
MASTER_SITES= ${MASTER_SITE_GNOME:=sources/gdm/2.18/}
EXTRACT_SUFX= .tar.bz2
diff -r 3e6b944fb854 -r 7678e3375ed2 x11/gdm/distinfo
--- a/x11/gdm/distinfo Mon Oct 22 08:50:34 2007 +0000
+++ b/x11/gdm/distinfo Mon Oct 22 09:14:36 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.50 2007/08/09 19:39:16 drochner Exp $
+$NetBSD: distinfo,v 1.50.2.1 2007/10/22 09:14:37 ghen Exp $
SHA1 (gdm-2.18.4.tar.bz2) = 8bf2c8745d7c38f5f08641abed4ca103cad0ecb8
RMD160 (gdm-2.18.4.tar.bz2) = 4922af1321f707279c1eb6354d1c56cc39bce20e
@@ -9,3 +9,5 @@
SHA1 (patch-ae) = c95265b55c968a0466e1ae50bbe58c121f05b027
SHA1 (patch-ak) = e3eaf2dfa1e393f9808d22fe4384710a46a83afc
SHA1 (patch-al) = 3b66dd3f4cdea6a3af5cbd0ff65eb02ccdead483
+SHA1 (patch-am) = 12db3ab28d530096d03575a92c5493d6149c39ed
+SHA1 (patch-an) = 45a9d4a8b5c8fa6014664525ae3e27fe3ad15208
diff -r 3e6b944fb854 -r 7678e3375ed2 x11/gdm/patches/patch-am
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/gdm/patches/patch-am Mon Oct 22 09:14:36 2007 +0000
@@ -0,0 +1,100 @@
+$NetBSD: patch-am,v 1.2.18.1 2007/10/22 09:14:38 ghen Exp $
+
+--- daemon/verify-shadow.c.orig 2007-07-30 22:06:56.000000000 +0200
++++ daemon/verify-shadow.c
+@@ -199,7 +199,7 @@ authenticate_again:
+
+ if (pwent == NULL) {
+ gdm_sleep_no_signal (gdm_get_value_int (GDM_KEY_RETRY_DELAY));
+- gdm_error (_("Couldn't authenticate user \"%s\""), login);
++ gdm_error ("Couldn't authenticate user");
+
+ print_cant_auth_errbox ();
+
+@@ -213,7 +213,7 @@ authenticate_again:
+ if (ppasswd == NULL || (ppasswd[0] != '\0' &&
+ strcmp (crypt (passwd, ppasswd), ppasswd) != 0)) {
+ gdm_sleep_no_signal (gdm_get_value_int (GDM_KEY_RETRY_DELAY));
+- gdm_error (_("Couldn't authenticate user \"%s\""), login);
++ gdm_error ("Couldn't authenticate user");
+
+ print_cant_auth_errbox ();
+
+@@ -226,7 +226,7 @@ authenticate_again:
+ if ( ( ! gdm_get_value_bool (GDM_KEY_ALLOW_ROOT)||
+ ( ! gdm_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT) && ! local) ) &&
+ pwent->pw_uid == 0) {
+- gdm_error (_("Root login disallowed on display '%s'"), display);
++ gdm_error ("Root login disallowed on display '%s'", display);
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("The system administrator "
+ "is not allowed to login "
+@@ -244,7 +244,7 @@ authenticate_again:
+ /* Check with the 'loginrestrictions' function
+ if the user has been disallowed */
+ if (loginrestrictions (login, 0, NULL, &message) != 0) {
+- gdm_error (_("User %s not allowed to log in"), login);
++ gdm_error ("User not allowed to log in");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nThe system administrator "
+ "has disabled your "
+@@ -268,7 +268,7 @@ authenticate_again:
+ (strcmp (pwent->pw_shell, "/sbin/nologin") == 0 ||
+ strcmp (pwent->pw_shell, "/bin/true") == 0 ||
+ strcmp (pwent->pw_shell, "/bin/false") == 0)) {
+- gdm_error (_("User %s not allowed to log in"), login);
++ gdm_error ("User not allowed to log in");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nThe system administrator "
+ "has disabled your "
+@@ -293,7 +293,7 @@ authenticate_again:
+ }
+
+ if ( ! gdm_setup_gids (login, pwent->pw_gid)) {
+- gdm_error (_("Cannot set user group for %s"), login);
++ gdm_error ("Cannot set user group");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nCannot set your user group; "
+ "you will not be able to log in. "
+@@ -306,7 +306,7 @@ authenticate_again:
+
+ switch (passwdexpired (login, &info_msg)) {
+ case 1 :
+- gdm_error (_("Password of %s has expired"), login);
++ gdm_error ("User password has expired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("You are required to change your password.\n"
+ "Please choose a new one."));
+@@ -380,7 +380,7 @@ authenticate_again:
+ break;
+
+ case 2 :
+- gdm_error (_("Password of %s has expired"), login);
++ gdm_error ("User password has expired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("Your password has expired.\n"
+ "Only a system administrator can now change it"));
+@@ -389,7 +389,7 @@ authenticate_again:
+ break;
+
+ case -1 :
+- gdm_error (_("Internal error on passwdexpired"));
++ gdm_error ("Internal error on passwdexpired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("An internal error occurred. You will not be able to log in.\n"
+ "Please try again later or contact your system administrator."));
+@@ -426,12 +426,12 @@ gdm_verify_setup_user (GdmDisplay *d, co
+
+ pwent = getpwnam (login);
+ if (pwent == NULL) {
+- gdm_error (_("Cannot get passwd structure for %s"), login);
++ gdm_error ("Cannot get passwd structure for user");
+ return FALSE;
+ }
+
+ if ( ! gdm_setup_gids (login, pwent->pw_gid)) {
+- gdm_error (_("Cannot set user group for %s"), login);
++ gdm_error ("Cannot set user group");
+ gdm_error_box (d,
+ GTK_MESSAGE_ERROR,
+ _("\nCannot set your user group; "
diff -r 3e6b944fb854 -r 7678e3375ed2 x11/gdm/patches/patch-an
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/gdm/patches/patch-an Mon Oct 22 09:14:36 2007 +0000
@@ -0,0 +1,100 @@
+$NetBSD: patch-an,v 1.1.2.2 2007/10/22 09:14:39 ghen Exp $
+
+--- daemon/verify-crypt.c.orig 2007-07-30 22:06:56.000000000 +0200
++++ daemon/verify-crypt.c
+@@ -178,7 +178,7 @@ authenticate_again:
+
+ if (pwent == NULL) {
+ gdm_sleep_no_signal (gdm_get_value_int (GDM_KEY_RETRY_DELAY));
+- gdm_error (_("Couldn't authenticate user \"%s\""), login);
++ gdm_error ("Couldn't authenticate user");
+
+ print_cant_auth_errbox ();
+
+@@ -192,7 +192,7 @@ authenticate_again:
+ if (ppasswd == NULL || (ppasswd[0] != '\0' &&
+ strcmp (crypt (passwd, ppasswd), ppasswd) != 0)) {
+ gdm_sleep_no_signal (gdm_get_value_int (GDM_KEY_RETRY_DELAY));
+- gdm_error (_("Couldn't authenticate user \"%s\""), login);
++ gdm_error ("Couldn't authenticate user");
+
+ print_cant_auth_errbox ();
+
+@@ -205,7 +205,7 @@ authenticate_again:
+ if ( ( ! gdm_get_value_bool (GDM_KEY_ALLOW_ROOT)||
+ ( ! gdm_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT) && ! local) ) &&
+ pwent->pw_uid == 0) {
+- gdm_error (_("Root login disallowed on display '%s'"), display);
++ gdm_error ("Root login disallowed on display '%s'", display);
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("The system administrator "
+ "is not allowed to login "
+@@ -223,7 +223,7 @@ authenticate_again:
+ /* Check with the 'loginrestrictions' function
+ if the user has been disallowed */
+ if (loginrestrictions (login, 0, NULL, &message) != 0) {
+- gdm_error (_("User %s not allowed to log in"), login);
++ gdm_error ("User not allowed to log in");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nThe system administrator "
+ "has disabled your "
+@@ -247,7 +247,7 @@ authenticate_again:
+ (strcmp (pwent->pw_shell, "/sbin/nologin") == 0 ||
+ strcmp (pwent->pw_shell, "/bin/true") == 0 ||
+ strcmp (pwent->pw_shell, "/bin/false") == 0)) {
+- gdm_error (_("User %s not allowed to log in"), login);
++ gdm_error ("User not allowed to log in");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nThe system administrator "
+ "has disabled your "
+@@ -272,7 +272,7 @@ authenticate_again:
+ }
+
+ if ( ! gdm_setup_gids (login, pwent->pw_gid)) {
+- gdm_error (_("Cannot set user group for %s"), login);
++ gdm_error ("Cannot set user group");
+ gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
+ _("\nCannot set your user group; "
+ "you will not be able to log in. "
+@@ -285,7 +285,7 @@ authenticate_again:
+
+ switch (passwdexpired (login, &info_msg)) {
+ case 1 :
+- gdm_error (_("Password of %s has expired"), login);
++ gdm_error ("User password has expired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("You are required to change your password.\n"
+ "Please choose a new one."));
+@@ -358,7 +358,7 @@ authenticate_again:
+ break;
+
+ case 2 :
+- gdm_error (_("Password of %s has expired"), login);
++ gdm_error ("User password has expired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("Your password has expired.\n"
+ "Only a system administrator can now change it"));
+@@ -367,7 +367,7 @@ authenticate_again:
+ break;
+
+ case -1 :
+- gdm_error (_("Internal error on passwdexpired"));
++ gdm_error ("Internal error on passwdexpired");
+ gdm_error_box (d, GTK_MESSAGE_ERROR,
+ _("An internal error occurred. You will not be able to log in.\n"
+ "Please try again later or contact your system administrator."));
+@@ -405,12 +405,12 @@ gdm_verify_setup_user (GdmDisplay *d,
+
+ pwent = getpwnam (login);
+ if (pwent == NULL) {
+- gdm_error (_("Cannot get passwd structure for %s"), login);
++ gdm_error ("Cannot get passwd structure for %s", login);
+ return FALSE;
+ }
+
+ if ( ! gdm_setup_gids (login, pwent->pw_gid)) {
+- gdm_error (_("Cannot set user group for %s"), login);
++ gdm_error ("Cannot set user group");
+ gdm_error_box (d,
+ GTK_MESSAGE_ERROR,
+ _("\nCannot set your user group; "
Home |
Main Index |
Thread Index |
Old Index