Attachment #108879 for bug #149809

View | Details | Raw Unified | Return to bug 149809
Collapse All | Expand All

Lines 6-13 Link Here

(-)x11/slim/Makefile (-2 / +1 lines)
6	#	6	#
7		7
8	PORTNAME= slim	8	PORTNAME= slim
9	PORTVERSION= 1.3.1	9	PORTVERSION= 1.3.2
10	PORTREVISION= 9
11	CATEGORIES= x11	10	CATEGORIES= x11
12	MASTER_SITES= ${MASTER_SITE_BERLIOS} \	11	MASTER_SITES= ${MASTER_SITE_BERLIOS} \
13	http://depot.fsck.ch/mirror/distfiles/	12	http://depot.fsck.ch/mirror/distfiles/

Lines 1-3 Link Here

(-)x11/slim/distinfo (-3 / +3 lines)
1	MD5 (slim-1.3.1.tar.gz) = 727d0acb24c0fbf0751134c37a9c895f	1	MD5 (slim-1.3.2.tar.gz) = ca1ae6120e6f4b4969f2d6cf94f47b42
2	SHA256 (slim-1.3.1.tar.gz) = acd7a4024bfd7c2a4f3cd5d77ffed4956d13727a8f554042126d0568defe0f77	2	SHA256 (slim-1.3.2.tar.gz) = f1560125005f253b9b88220598fed7a9575ef405716862c6ca3fcc72dbd482b8
3	SIZE (slim-1.3.1.tar.gz) = 219446	3	SIZE (slim-1.3.2.tar.gz) = 220592




From 72625a9dacfbd448ba7a84725d66bb2bfc9801f0 Mon Sep 17 00:00:00 2001
From: Eygene Ryabinkin <rea@codelabs.ru>
Date: Wed, 20 May 2009 18:44:57 +0400
Subject: [PATCH] Do not specify magic cookie for xauth in the xauth command line

Instead, open xauth as a pipe and feed commands via its stdin.

Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
---
 Makefile         |    3 ++-
 Makefile.freebsd |    3 ++-
 Makefile.netbsd  |    3 ++-
 Makefile.openbsd |    3 ++-
 app.cpp          |    5 +++--
 switchuser.cpp   |    7 ++++---
 util.cpp         |   32 ++++++++++++++++++++++++++++++++
 util.h           |   19 +++++++++++++++++++
 8 files changed, 66 insertions(+), 9 deletions(-)
 create mode 100644 util.cpp
 create mode 100644 util.h

diff --git Makefile b/Makefile
index f7d3d2d..240669d 100644
--- Makefile
+++ Makefile
@@ -25,7 +25,8 @@ VERSION=1.3.1
 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
 
-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
+	panel.o util.o
 ifdef USE_PAM
 OBJECTS+=PAM.o
 endif
diff --git Makefile.freebsd b/Makefile.freebsd
index 3ff326e..c925a39 100644
--- Makefile.freebsd
+++ Makefile.freebsd
@@ -24,7 +24,8 @@ VERSION=1.3.1
 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
 
-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
+	panel.o util.o
 .ifdef USE_PAM
   OBJECTS+=PAM.o 
 .endif
diff --git Makefile.netbsd b/Makefile.netbsd
index ad8bb8b..45f33e6 100644
--- Makefile.netbsd
+++ Makefile.netbsd
@@ -24,7 +24,8 @@ VERSION=1.3.1
 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
 
-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
+	panel.o util.o
 .ifdef USE_PAM
   OBJECTS+=PAM.o 
 .endif
diff --git Makefile.openbsd b/Makefile.openbsd
index b1829f8..1205b84 100644
--- Makefile.openbsd
+++ Makefile.openbsd
@@ -20,7 +20,8 @@ VERSION=1.3.1
 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
 		-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
 
-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
+	util.o panel.o
 
 .SUFFIXES: .c.o .cpp.o
 
diff --git app.cpp b/app.cpp
index 83ae947..04caaa1 100644
--- app.cpp
+++ app.cpp
@@ -24,6 +24,7 @@
 #include <algorithm>
 #include "app.h"
 #include "numlock.h"
+#include "util.h"
 
 
 #ifdef HAVE_SHADOW
@@ -1185,8 +1186,8 @@ void App::CreateServerAuth() {
     authfile = cfg->getOption("authfile");
     remove(authfile.c_str());
     putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
-    cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
-    system(cmd.c_str());
+    Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
+      authfile);
 }
 
 char* App::StrConcat(const char* str1, const char* str2) {
diff --git switchuser.cpp b/switchuser.cpp
index e72a8fc..ec298e1 100644
--- switchuser.cpp
+++ switchuser.cpp
@@ -10,6 +10,7 @@
 */
 
 #include "switchuser.h"
+#include "util.h"
 
 using namespace std;
 
@@ -53,10 +54,10 @@ void SwitchUser::Execute(const char* cmd) {
 }
 
 void SwitchUser::SetClientAuth(const char* mcookie) {
-    int r;
+    bool r;
     string home = string(Pw->pw_dir);
     string authfile = home + "/.Xauthority";
     remove(authfile.c_str());
-    string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
-    r = system(cmd.c_str());
+    r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
+      authfile);
 }
diff --git util.cpp b/util.cpp
new file mode 100644
index 0000000..309ce4f
--- /dev/null
+++ util.cpp
@@ -0,0 +1,32 @@
+/* SLiM - Simple Login Manager
+   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+*/
+
+#include <stdio.h>
+#include "util.h"
+
+/*
+ * Adds the given cookie to the specified Xauthority file.
+ * Returns true on success, false on fault.
+ */
+bool Util::add_mcookie(const std::string &mcookie, const char *display,
+    const std::string &xauth_cmd, const std::string &authfile)
+{
+	FILE *fp;
+	std::string cmd = xauth_cmd + " -f " + authfile + " -q";
+
+	fp = popen(cmd.c_str(), "w");
+	if (!fp)
+		return false;
+	fprintf(fp, "remove %s\n", display);
+	fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
+	fprintf(fp, "exit\n");
+
+	pclose(fp);
+	return true;
+}
diff --git util.h b/util.h
new file mode 100644
index 0000000..8bd52be
--- /dev/null
+++ util.h
@@ -0,0 +1,19 @@
+/* SLiM - Simple Login Manager
+   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+*/
+#ifndef __UTIL_H__
+#define __UTIL_H__
+
+#include <string>
+
+namespace Util {
+	bool add_mcookie(const std::string &mcookie, const char *display,
+	    const std::string &xauth_cmd, const std::string &authfile);
+};
+
+#endif /* __UTIL_H__ */
-- 
1.6.3.1





From 5beb217296e3074cadc5bcb3e40355f54ee705f0 Mon Sep 17 00:00:00 2001
From: Eygene Ryabinkin <rea@shadow.codelabs.ru>
Date: Thu, 21 May 2009 11:56:27 +0400
Subject: [PATCH] Create interface for random number generator and use it everywhere

Don't use rand()/srand() at all -- they are very weak.  Provide our
wrappers for random()/srandom() and make utility function that will
generate seed for srandom.

Rework MIT magic cookie generation: consume 4 bytes of input in one
pass -- random() should produce values that are usable for this purpose.

Signed-off-by: Eygene Ryabinkin <rea@shadow.codelabs.ru>
---
 app.cpp  |   49 ++++++++++++++++++++++++++-----------------------
 app.h    |    2 ++
 util.cpp |   37 +++++++++++++++++++++++++++++++++++++
 util.h   |    5 +++++
 4 files changed, 70 insertions(+), 23 deletions(-)

diff --git app.cpp b/app.cpp
index 04caaa1..0ac8c3a 100644
--- app.cpp
+++ app.cpp
@@ -129,15 +129,18 @@ void User1Signal(int sig) {
 
 
 #ifdef USE_PAM
-App::App(int argc, char** argv):
-    pam(conv, static_cast<void*>(&LoginPanel)){
+App::App(int argc, char** argv)
+  : pam(conv, static_cast<void*>(&LoginPanel)),
 #else
-App::App(int argc, char** argv){
+App::App(int argc, char** argv)
+  :
 #endif
+    mcookiesize(32)		// Must be divisible by 4
+{
     int tmp;
     ServerPID = -1;
     testing = false;
-    mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+    mcookie = string(App::mcookiesize, 'a');
     daemonmode = false;
     force_nodaemon = false;
     firstlogin = true;
@@ -1128,13 +1131,13 @@ string App::findValidRandomTheme(const string& set)
         name = name.substr(0, name.length() - 1);
     }
 
-    srandom(getpid()+time(NULL));
+    Util::srandom(Util::makeseed());
 
     vector<string> themes;
     string themefile;
     Cfg::split(themes, name, ',');
     do {
-        int sel = random() % themes.size();
+        int sel = Util::random() % themes.size();
 
         name = Cfg::Trim(themes[sel]);
         themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
@@ -1161,27 +1164,27 @@ void App::replaceVariables(string& input,
 }
 
 
+/*
+ * We rely on the fact that all bits generated by Util::random()
+ * are usable, so we are taking full words from its output.
+ */
 void App::CreateServerAuth() {
     /* create mit cookie */
-    int i, r;
-    int hexcount = 0;
-        string authfile;
-    string cmd;
+    uint16_t word;
+    uint8_t hi, lo;
+    int i;
+    string authfile;
     const char *digits = "0123456789abcdef";
-        srand( time(NULL) );
-    for ( i = 0; i < 31; i++ ) {
-        r = rand()%16;
-                mcookie[i] = digits[r];
-                if (r>9)
-                        hexcount++;
+    Util::srandom(Util::makeseed());
+    for (i = 0; i < App::mcookiesize; i+=4) {
+        word = Util::random() & 0xffff;
+        lo = word & 0xff;
+        hi = word >> 8;
+        mcookie[i] = digits[lo & 0x0f];
+        mcookie[i+1] = digits[lo >> 4];
+        mcookie[i+2] = digits[hi & 0x0f];
+        mcookie[i+3] = digits[hi >> 4];
     }
-        /* MIT-COOKIE: even occurrences of digits and hex digits */
-        if ((hexcount%2) == 0) {
-                r = rand()%10;
-        } else {
-                r = rand()%5+10;
-        }
-        mcookie[31] = digits[r];
     /* reinitialize auth file */
     authfile = cfg->getOption("authfile");
     remove(authfile.c_str());
diff --git app.h b/app.h
index 7b4bd10..9a44269 100644
--- app.h
+++ app.h
@@ -101,6 +101,8 @@ private:
     
     std::string themeName;
     std::string mcookie;
+
+    const int mcookiesize;
 };
 
 
diff --git util.cpp b/util.cpp
index 309ce4f..5ed972f 100644
--- util.cpp
+++ util.cpp
@@ -7,7 +7,13 @@
    (at your option) any later version.
 */
 
+#include <sys/types.h>
+
 #include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <unistd.h>
+
 #include "util.h"
 
 /*
@@ -30,3 +36,34 @@ bool Util::add_mcookie(const std::string &mcookie, const char *display,
 	pclose(fp);
 	return true;
 }
+
+/*
+ * Interface for random number generator.  Just now it uses ordinary
+ * random/srandom routines and serves as a wrapper for them.
+ */
+void Util::srandom(unsigned long seed)
+{
+	::srandom(seed);
+}
+
+long Util::random(void)
+{
+	return ::random();
+}
+
+/*
+ * Makes seed for the srandom() using "random" values obtained from
+ * getpid(), time(NULL) and others.
+ */
+long Util::makeseed(void)
+{
+	struct timespec ts;
+	long pid = getpid();
+	long tm = time(NULL);
+
+	if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
+		ts.tv_sec = ts.tv_nsec = 0;
+	}
+
+	return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
+}
diff --git util.h b/util.h
index 8bd52be..b8d2993 100644
--- util.h
+++ util.h
@@ -14,6 +14,11 @@
 namespace Util {
 	bool add_mcookie(const std::string &mcookie, const char *display,
 	    const std::string &xauth_cmd, const std::string &authfile);
+
+	void srandom(unsigned long seed);
+	long random(void);
+
+	long makeseed(void);
 };
 
 #endif /* __UTIL_H__ */
-- 
1.6.3.1





------------------------------------------------------------------------
r169 | iwamatsu | 2009-11-14 09:13:57 +0100 (Sat, 14 Nov 2009) | 11 lines

Add flag of server check

Slim gets this SIGTERM, and its signal handler calls
CloseServer() to teardown X. But X is not yet started (as StartServer()
is still running in another thread, waiting in pause()), and hence this
calls XcloseDisplay which frees some resources which are not yet allocated.

This parch fix this problem.
Thanks, Landry Breuil, goebbels, jasper and OpenBSD Developer.

Signed-off-by: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
------------------------------------------------------------------------
--- app.h	(revision 168)
+++ app.h	(revision 169)
@@ -36,6 +36,7 @@
     int GetServerPID();
     void StopServer();
 
+	bool serverStarted;
     // Lock functions
     void GetLock();
     void RemoveLock();
--- app.cpp	(revision 168)
+++ app.cpp	(revision 169)
@@ -105,7 +105,10 @@
 
 void CatchSignal(int sig) {
     cerr << APPNAME << ": unexpected signal " << sig << endl;
-    LoginApp->StopServer();
+
+    if (LoginApp->serverStarted)
+        LoginApp->StopServer();
+
     LoginApp->RemoveLock();
     exit(ERR_EXIT);
 }
@@ -140,6 +143,7 @@
     int tmp;
     ServerPID = -1;
     testing = false;
+    serverStarted = false;
     mcookie = string(App::mcookiesize, 'a');
     daemonmode = false;
     force_nodaemon = false;
@@ -860,6 +864,8 @@
     char* args = new char[argOption.length()+2]; // NULL plus vt
     strcpy(args, argOption.c_str());
 
+    serverStarted = false;
+
     int argc = 1;
     int pos = 0;
     bool hasVtSet = false;
@@ -940,6 +946,8 @@
     
     delete args;
 
+    serverStarted = true;
+
     return ServerPID;
 }
 

Lines 3-12 Link Here

(-)x11/slim/files/patch-slim.conf (-2 / +2 lines)
3	@@ -1,17 +1,19 @@	3	@@ -1,17 +1,19 @@
4	# Path, X server and arguments (if needed)	4	# Path, X server and arguments (if needed)
5	# Note: -xauth $authfile is automatically appended	5	# Note: -xauth $authfile is automatically appended
6	-default_path ./:/bin:/usr/bin:/usr/local/bin	6	-default_path /bin:/usr/bin:/usr/local/bin
7	-default_xserver /usr/bin/X	7	-default_xserver /usr/bin/X
8	-#xserver_arguments -dpi 75	8	-#xserver_arguments -dpi 75
9	+default_path ./:/bin:/usr/bin:%%LOCALBASE%%/bin:%%LOCALBASE%%/bin	9	+default_path /bin:/usr/bin:%%LOCALBASE%%/bin
10	+default_xserver %%LOCALBASE%%/bin/X	10	+default_xserver %%LOCALBASE%%/bin/X
11	+# The X server needs to be started on an unused virtual terminal,	11	+# The X server needs to be started on an unused virtual terminal,
12	+# for FreeBSD in a default configuration, the first one of those is #09	12	+# for FreeBSD in a default configuration, the first one of those is #09

Return to bug 149809

Lines 1-192 Link Here

(-)x11/slim/files/patch-000-fix-visible-mcookie (-192 lines)
1	From 72625a9dacfbd448ba7a84725d66bb2bfc9801f0 Mon Sep 17 00:00:00 2001
2	From: Eygene Ryabinkin <rea@codelabs.ru>
3	Date: Wed, 20 May 2009 18:44:57 +0400
4	Subject: [PATCH] Do not specify magic cookie for xauth in the xauth command line
5
6	Instead, open xauth as a pipe and feed commands via its stdin.
7
8	Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
9	---
10	Makefile \| 3 ++-
11	Makefile.freebsd \| 3 ++-
12	Makefile.netbsd \| 3 ++-
13	Makefile.openbsd \| 3 ++-
14	app.cpp \| 5 +++--
15	switchuser.cpp \| 7 ++++---
16	util.cpp \| 32 ++++++++++++++++++++++++++++++++
17	util.h \| 19 +++++++++++++++++++
18	8 files changed, 66 insertions(+), 9 deletions(-)
19	create mode 100644 util.cpp
20	create mode 100644 util.h
21
22	diff --git Makefile b/Makefile
23	index f7d3d2d..240669d 100644
24	--- Makefile
25	+++ Makefile
26	@@ -25,7 +25,8 @@ VERSION=1.3.1
27	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
28	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
29
30	-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
31	+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
32	+ panel.o util.o
33	ifdef USE_PAM
34	OBJECTS+=PAM.o
35	endif
36	diff --git Makefile.freebsd b/Makefile.freebsd
37	index 3ff326e..c925a39 100644
38	--- Makefile.freebsd
39	+++ Makefile.freebsd
40	@@ -24,7 +24,8 @@ VERSION=1.3.1
41	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
42	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
43
44	-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
45	+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
46	+ panel.o util.o
47	.ifdef USE_PAM
48	OBJECTS+=PAM.o
49	.endif
50	diff --git Makefile.netbsd b/Makefile.netbsd
51	index ad8bb8b..45f33e6 100644
52	--- Makefile.netbsd
53	+++ Makefile.netbsd
54	@@ -24,7 +24,8 @@ VERSION=1.3.1
55	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
56	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
57
58	-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
59	+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
60	+ panel.o util.o
61	.ifdef USE_PAM
62	OBJECTS+=PAM.o
63	.endif
64	diff --git Makefile.openbsd b/Makefile.openbsd
65	index b1829f8..1205b84 100644
66	--- Makefile.openbsd
67	+++ Makefile.openbsd
68	@@ -20,7 +20,8 @@ VERSION=1.3.1
69	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
70	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
71
72	-OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
73	+OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
74	+ util.o panel.o
75
76	.SUFFIXES: .c.o .cpp.o
77
78	diff --git app.cpp b/app.cpp
79	index 83ae947..04caaa1 100644
80	--- app.cpp
81	+++ app.cpp
82	@@ -24,6 +24,7 @@
83	#include <algorithm>
84	#include "app.h"
85	#include "numlock.h"
86	+#include "util.h"
87
88
89	#ifdef HAVE_SHADOW
90	@@ -1185,8 +1186,8 @@ void App::CreateServerAuth() {
91	authfile = cfg->getOption("authfile");
92	remove(authfile.c_str());
93	putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
94	- cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
95	- system(cmd.c_str());
96	+ Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
97	+ authfile);
98	}
99
100	char* App::StrConcat(const char* str1, const char* str2) {
101	diff --git switchuser.cpp b/switchuser.cpp
102	index e72a8fc..ec298e1 100644
103	--- switchuser.cpp
104	+++ switchuser.cpp
105	@@ -10,6 +10,7 @@
106	*/
107
108	#include "switchuser.h"
109	+#include "util.h"
110
111	using namespace std;
112
113	@@ -53,10 +54,10 @@ void SwitchUser::Execute(const char* cmd) {
114	}
115
116	void SwitchUser::SetClientAuth(const char* mcookie) {
117	- int r;
118	+ bool r;
119	string home = string(Pw->pw_dir);
120	string authfile = home + "/.Xauthority";
121	remove(authfile.c_str());
122	- string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
123	- r = system(cmd.c_str());
124	+ r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
125	+ authfile);
126	}
127	diff --git util.cpp b/util.cpp
128	new file mode 100644
129	index 0000000..309ce4f
130	--- /dev/null
131	+++ util.cpp
132	@@ -0,0 +1,32 @@
133	+/* SLiM - Simple Login Manager
134	+ Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
135	+
136	+ This program is free software; you can redistribute it and/or modify
137	+ it under the terms of the GNU General Public License as published by
138	+ the Free Software Foundation; either version 2 of the License, or
139	+ (at your option) any later version.
140	+*/
141	+
142	+#include <stdio.h>
143	+#include "util.h"
144	+
145	+/*
146	+ * Adds the given cookie to the specified Xauthority file.
147	+ * Returns true on success, false on fault.
148	+ */
149	+bool Util::add_mcookie(const std::string &mcookie, const char *display,
150	+ const std::string &xauth_cmd, const std::string &authfile)
151	+{
152	+ FILE *fp;
153	+ std::string cmd = xauth_cmd + " -f " + authfile + " -q";
154	+
155	+ fp = popen(cmd.c_str(), "w");
156	+ if (!fp)
157	+ return false;
158	+ fprintf(fp, "remove %s\n", display);
159	+ fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
160	+ fprintf(fp, "exit\n");
161	+
162	+ pclose(fp);
163	+ return true;
164	+}
165	diff --git util.h b/util.h
166	new file mode 100644
167	index 0000000..8bd52be
168	--- /dev/null
169	+++ util.h
170	@@ -0,0 +1,19 @@
171	+/* SLiM - Simple Login Manager
172	+ Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
173	+
174	+ This program is free software; you can redistribute it and/or modify
175	+ it under the terms of the GNU General Public License as published by
176	+ the Free Software Foundation; either version 2 of the License, or
177	+ (at your option) any later version.
178	+*/
179	+#ifndef __UTIL_H__
180	+#define __UTIL_H__
181	+
182	+#include <string>
183	+
184	+namespace Util {
185	+ bool add_mcookie(const std::string &mcookie, const char *display,
186	+ const std::string &xauth_cmd, const std::string &authfile);
187	+};
188	+
189	+#endif /* __UTIL_H__ */
190	--
191	1.6.3.1
192

Lines 1-193 Link Here

(-)x11/slim/files/patch-001-random-routines (-193 lines)
1	From 5beb217296e3074cadc5bcb3e40355f54ee705f0 Mon Sep 17 00:00:00 2001
2	From: Eygene Ryabinkin <rea@shadow.codelabs.ru>
3	Date: Thu, 21 May 2009 11:56:27 +0400
4	Subject: [PATCH] Create interface for random number generator and use it everywhere
5
6	Don't use rand()/srand() at all -- they are very weak. Provide our
7	wrappers for random()/srandom() and make utility function that will
8	generate seed for srandom.
9
10	Rework MIT magic cookie generation: consume 4 bytes of input in one
11	pass -- random() should produce values that are usable for this purpose.
12
13	Signed-off-by: Eygene Ryabinkin <rea@shadow.codelabs.ru>
14	---
15	app.cpp \| 49 ++++++++++++++++++++++++++-----------------------
16	app.h \| 2 ++
17	util.cpp \| 37 +++++++++++++++++++++++++++++++++++++
18	util.h \| 5 +++++
19	4 files changed, 70 insertions(+), 23 deletions(-)
20
21	diff --git app.cpp b/app.cpp
22	index 04caaa1..0ac8c3a 100644
23	--- app.cpp
24	+++ app.cpp
25	@@ -129,15 +129,18 @@ void User1Signal(int sig) {
26
27
28	#ifdef USE_PAM
29	-App::App(int argc, char** argv):
30	- pam(conv, static_cast<void*>(&LoginPanel)){
31	+App::App(int argc, char** argv)
32	+ : pam(conv, static_cast<void*>(&LoginPanel)),
33	#else
34	-App::App(int argc, char** argv){
35	+App::App(int argc, char** argv)
36	+ :
37	#endif
38	+ mcookiesize(32) // Must be divisible by 4
39	+{
40	int tmp;
41	ServerPID = -1;
42	testing = false;
43	- mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
44	+ mcookie = string(App::mcookiesize, 'a');
45	daemonmode = false;
46	force_nodaemon = false;
47	firstlogin = true;
48	@@ -1128,13 +1131,13 @@ string App::findValidRandomTheme(const string& set)
49	name = name.substr(0, name.length() - 1);
50	}
51
52	- srandom(getpid()+time(NULL));
53	+ Util::srandom(Util::makeseed());
54
55	vector<string> themes;
56	string themefile;
57	Cfg::split(themes, name, ',');
58	do {
59	- int sel = random() % themes.size();
60	+ int sel = Util::random() % themes.size();
61
62	name = Cfg::Trim(themes[sel]);
63	themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
64	@@ -1161,27 +1164,27 @@ void App::replaceVariables(string& input,
65	}
66
67
68	+/*
69	+ * We rely on the fact that all bits generated by Util::random()
70	+ * are usable, so we are taking full words from its output.
71	+ */
72	void App::CreateServerAuth() {
73	/* create mit cookie */
74	- int i, r;
75	- int hexcount = 0;
76	- string authfile;
77	- string cmd;
78	+ uint16_t word;
79	+ uint8_t hi, lo;
80	+ int i;
81	+ string authfile;
82	const char *digits = "0123456789abcdef";
83	- srand( time(NULL) );
84	- for ( i = 0; i < 31; i++ ) {
85	- r = rand()%16;
86	- mcookie[i] = digits[r];
87	- if (r>9)
88	- hexcount++;
89	+ Util::srandom(Util::makeseed());
90	+ for (i = 0; i < App::mcookiesize; i+=4) {
91	+ word = Util::random() & 0xffff;
92	+ lo = word & 0xff;
93	+ hi = word >> 8;
94	+ mcookie[i] = digits[lo & 0x0f];
95	+ mcookie[i+1] = digits[lo >> 4];
96	+ mcookie[i+2] = digits[hi & 0x0f];
97	+ mcookie[i+3] = digits[hi >> 4];
98	}
99	- /* MIT-COOKIE: even occurrences of digits and hex digits */
100	- if ((hexcount%2) == 0) {
101	- r = rand()%10;
102	- } else {
103	- r = rand()%5+10;
104	- }
105	- mcookie[31] = digits[r];
106	/* reinitialize auth file */
107	authfile = cfg->getOption("authfile");
108	remove(authfile.c_str());
109	diff --git app.h b/app.h
110	index 7b4bd10..9a44269 100644
111	--- app.h
112	+++ app.h
113	@@ -101,6 +101,8 @@ private:
114
115	std::string themeName;
116	std::string mcookie;
117	+
118	+ const int mcookiesize;
119	};
120
121
122	diff --git util.cpp b/util.cpp
123	index 309ce4f..5ed972f 100644
124	--- util.cpp
125	+++ util.cpp
126	@@ -7,7 +7,13 @@
127	(at your option) any later version.
128	*/
129
130	+#include <sys/types.h>
131	+
132	#include <stdio.h>
133	+#include <stdlib.h>
134	+#include <time.h>
135	+#include <unistd.h>
136	+
137	#include "util.h"
138
139	/*
140	@@ -30,3 +36,34 @@ bool Util::add_mcookie(const std::string &mcookie, const char *display,
141	pclose(fp);
142	return true;
143	}
144	+
145	+/*
146	+ * Interface for random number generator. Just now it uses ordinary
147	+ * random/srandom routines and serves as a wrapper for them.
148	+ */
149	+void Util::srandom(unsigned long seed)
150	+{
151	+ ::srandom(seed);
152	+}
153	+
154	+long Util::random(void)
155	+{
156	+ return ::random();
157	+}
158	+
159	+/*
160	+ * Makes seed for the srandom() using "random" values obtained from
161	+ * getpid(), time(NULL) and others.
162	+ */
163	+long Util::makeseed(void)
164	+{
165	+ struct timespec ts;
166	+ long pid = getpid();
167	+ long tm = time(NULL);
168	+
169	+ if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
170	+ ts.tv_sec = ts.tv_nsec = 0;
171	+ }
172	+
173	+ return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
174	+}
175	diff --git util.h b/util.h
176	index 8bd52be..b8d2993 100644
177	--- util.h
178	+++ util.h
179	@@ -14,6 +14,11 @@
180	namespace Util {
181	bool add_mcookie(const std::string &mcookie, const char *display,
182	const std::string &xauth_cmd, const std::string &authfile);
183	+
184	+ void srandom(unsigned long seed);
185	+ long random(void);
186	+
187	+ long makeseed(void);
188	};
189
190	#endif /* __UTIL_H__ */
191	--
192	1.6.3.1
193

Lines 1-65 Link Here

(-)x11/slim/files/patch-002-fix-shutdown (-65 lines)
1	------------------------------------------------------------------------
2	r169 \| iwamatsu \| 2009-11-14 09:13:57 +0100 (Sat, 14 Nov 2009) \| 11 lines
3
4	Add flag of server check
5
6	Slim gets this SIGTERM, and its signal handler calls
7	CloseServer() to teardown X. But X is not yet started (as StartServer()
8	is still running in another thread, waiting in pause()), and hence this
9	calls XcloseDisplay which frees some resources which are not yet allocated.
10
11	This parch fix this problem.
12	Thanks, Landry Breuil, goebbels, jasper and OpenBSD Developer.
13
14	Signed-off-by: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
15	------------------------------------------------------------------------
16	--- app.h (revision 168)
17	+++ app.h (revision 169)
18	@@ -36,6 +36,7 @@
19	int GetServerPID();
20	void StopServer();
21
22	+ bool serverStarted;
23	// Lock functions
24	void GetLock();
25	void RemoveLock();
26	--- app.cpp (revision 168)
27	+++ app.cpp (revision 169)
28	@@ -105,7 +105,10 @@
29
30	void CatchSignal(int sig) {
31	cerr << APPNAME << ": unexpected signal " << sig << endl;
32	- LoginApp->StopServer();
33	+
34	+ if (LoginApp->serverStarted)
35	+ LoginApp->StopServer();
36	+
37	LoginApp->RemoveLock();
38	exit(ERR_EXIT);
39	}
40	@@ -140,6 +143,7 @@
41	int tmp;
42	ServerPID = -1;
43	testing = false;
44	+ serverStarted = false;
45	mcookie = string(App::mcookiesize, 'a');
46	daemonmode = false;
47	force_nodaemon = false;
48	@@ -860,6 +864,8 @@
49	char* args = new char[argOption.length()+2]; // NULL plus vt
50	strcpy(args, argOption.c_str());
51
52	+ serverStarted = false;
53	+
54	int argc = 1;
55	int pos = 0;
56	bool hasVtSet = false;
57	@@ -940,6 +946,8 @@
58
59	delete args;
60
61	+ serverStarted = true;
62	+
63	return ServerPID;
64	}
65