FreeBSD Bugzilla – Attachment 148483 Details for
Bug 194474
[maintainer update] net/xrdp: Fix PAM authentication failure
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
patch-xrdp-0.6.1_5,1.txt (text/plain), 11.45 KB, created by
Koichiro Iwao
on 2014-10-20 01:09:15 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Koichiro Iwao
Created:
2014-10-20 01:09:15 UTC
Size:
11.45 KB
patch
obsolete
>diff -ruN /usr/ports/net/xrdp/Makefile net/xrdp/Makefile >--- /usr/ports/net/xrdp/Makefile 2014-10-06 09:24:47.228941603 +0900 >+++ net/xrdp/Makefile 2014-10-16 21:23:19.081200553 +0900 >@@ -3,7 +3,7 @@ > > PORTNAME= xrdp > PORTVERSION= 0.6.1 >-PORTREVISION= 4 >+PORTREVISION= 5 > PORTEPOCH= 1 > CATEGORIES= net > MASTER_SITES= GH >diff -ruN /usr/ports/net/xrdp/files/patch-common__os_calls.c net/xrdp/files/patch-common__os_calls.c >--- /usr/ports/net/xrdp/files/patch-common__os_calls.c 2013-03-13 20:05:28.742796560 +0900 >+++ net/xrdp/files/patch-common__os_calls.c 2014-10-17 15:11:26.390782738 +0900 >@@ -1,11 +1,17 @@ >---- common/os_calls.c.orig 2011-03-12 16:10:35.000000000 +0900 >-+++ common/os_calls.c 2011-03-12 16:34:05.000000000 +0900 >-@@ -1987,6 +1987,8 @@ >- g_clearenv(void) >+diff --git common/os_calls.c common/os_calls.c >+index 692dc01..7075ee3 100644 >+--- common/os_calls.c >++++ common/os_calls.c >+@@ -2115,8 +2115,12 @@ g_clearenv(void) > { > #if defined(_WIN32) >-+#elif defined(__FreeBSD__) >-+ environ[0] = NULL; > #else >++#if defined(BSD) >++ environ[0] = 0; >++#else > environ = 0; > #endif >++#endif >+ } >+ >+ /*****************************************************************************/ >diff -ruN /usr/ports/net/xrdp/files/patch-sesman__session.c net/xrdp/files/patch-sesman__session.c >--- /usr/ports/net/xrdp/files/patch-sesman__session.c 1970-01-01 09:00:00.000000000 +0900 >+++ net/xrdp/files/patch-sesman__session.c 2013-03-13 20:05:28.743796000 +0900 >@@ -0,0 +1,85 @@ >+--- sesman/session.c.orig 2011-03-12 16:10:35.000000000 +0900 >++++ sesman/session.c 2011-10-27 12:13:11.000000000 +0900 >+@@ -16,7 +16,47 @@ >+ xrdp: A Remote Desktop Protocol server. >+ Copyright (C) Jay Sorg 2005-2008 >+ */ >+- >++/* >++ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland >++ * All rights reserved >++ * >++ * As far as I am concerned, the code I have written for this software >++ * can be used freely for any purpose. Any derived versions of this >++ * software must be clearly marked as such, and if the derived work is >++ * incompatible with the protocol description in the RFC file, it must be >++ * called by a name other than "ssh" or "Secure Shell". >++ * >++ * SSH2 support by Markus Friedl. >++ * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. >++ * >++ * Redistribution and use in source and binary forms, with or without >++ * modification, are permitted provided that the following conditions >++ * are met: >++ * 1. Redistributions of source code must retain the above copyright >++ * notice, this list of conditions and the following disclaimer. >++ * 2. Redistributions in binary form must reproduce the above copyright >++ * notice, this list of conditions and the following disclaimer in the >++ * documentation and/or other materials provided with the distribution. >++ * >++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR >++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES >++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. >++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, >++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT >++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF >++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >++ * >++ * Copyright (c) 2011 Iwao, Koichiro <meta@club.kyutech.ac.jp>, >++ * Kyushu Institute of Technology. >++ * All rights reserved. >++ * >++ * from: OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp >++ * with some ideas about process grouping from OpenSSH to xrdp >++ * >++ */ >+ /** >+ * >+ * @file session.c >+@@ -373,6 +413,33 @@ >+ g_sprintf(geometry, "%dx%d", width, height); >+ g_sprintf(depth, "%d", bpp); >+ g_sprintf(screen, ":%d", display); >++#ifdef __FreeBSD__ >++ /* >++ * Create a new session and process group since 4.4BSD >++ * setlogin affects the entire process group. >++ */ >++ pid_t bsdsespid = g_fork(); >++ >++ if (bsdsespid == -1) >++ { >++ } >++ else if (bsdsespid == 0) /* BSD session leader */ >++ { >++ if (setsid() < 0) >++ { >++ log_message(&(g_cfg->log), LOG_LEVEL_ERROR, >++ "setsid failed: %.100s", strerror(errno)); >++ } >++ >++ if (setlogin(username) < 0) >++ { >++ log_message(&(g_cfg->log), LOG_LEVEL_ERROR, >++ "setlogin failed: %.100s", strerror(errno)); >++ } >++ } >++ >++ g_waitpid(bsdsespid); >++#endif >+ wmpid = g_fork(); >+ if (wmpid == -1) >+ { >diff -ruN /usr/ports/net/xrdp/files/patch-sesman__session_1.patch net/xrdp/files/patch-sesman__session_1.patch >--- /usr/ports/net/xrdp/files/patch-sesman__session_1.patch 2013-03-13 20:05:28.743796370 +0900 >+++ net/xrdp/files/patch-sesman__session_1.patch 1970-01-01 09:00:00.000000000 +0900 >@@ -1,85 +0,0 @@ >---- sesman/session.c.orig 2011-03-12 16:10:35.000000000 +0900 >-+++ sesman/session.c 2011-10-27 12:13:11.000000000 +0900 >-@@ -16,7 +16,47 @@ >- xrdp: A Remote Desktop Protocol server. >- Copyright (C) Jay Sorg 2005-2008 >- */ >-- >-+/* >-+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland >-+ * All rights reserved >-+ * >-+ * As far as I am concerned, the code I have written for this software >-+ * can be used freely for any purpose. Any derived versions of this >-+ * software must be clearly marked as such, and if the derived work is >-+ * incompatible with the protocol description in the RFC file, it must be >-+ * called by a name other than "ssh" or "Secure Shell". >-+ * >-+ * SSH2 support by Markus Friedl. >-+ * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. >-+ * >-+ * Redistribution and use in source and binary forms, with or without >-+ * modification, are permitted provided that the following conditions >-+ * are met: >-+ * 1. Redistributions of source code must retain the above copyright >-+ * notice, this list of conditions and the following disclaimer. >-+ * 2. Redistributions in binary form must reproduce the above copyright >-+ * notice, this list of conditions and the following disclaimer in the >-+ * documentation and/or other materials provided with the distribution. >-+ * >-+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR >-+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES >-+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. >-+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, >-+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT >-+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >-+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >-+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >-+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF >-+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >-+ * >-+ * Copyright (c) 2011 Iwao, Koichiro <meta@club.kyutech.ac.jp>, >-+ * Kyushu Institute of Technology. >-+ * All rights reserved. >-+ * >-+ * from: OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp >-+ * with some ideas about process grouping from OpenSSH to xrdp >-+ * >-+ */ >- /** >- * >- * @file session.c >-@@ -373,6 +413,33 @@ >- g_sprintf(geometry, "%dx%d", width, height); >- g_sprintf(depth, "%d", bpp); >- g_sprintf(screen, ":%d", display); >-+#ifdef __FreeBSD__ >-+ /* >-+ * Create a new session and process group since 4.4BSD >-+ * setlogin affects the entire process group. >-+ */ >-+ pid_t bsdsespid = g_fork(); >-+ >-+ if (bsdsespid == -1) >-+ { >-+ } >-+ else if (bsdsespid == 0) /* BSD session leader */ >-+ { >-+ if (setsid() < 0) >-+ { >-+ log_message(&(g_cfg->log), LOG_LEVEL_ERROR, >-+ "setsid failed: %.100s", strerror(errno)); >-+ } >-+ >-+ if (setlogin(username) < 0) >-+ { >-+ log_message(&(g_cfg->log), LOG_LEVEL_ERROR, >-+ "setlogin failed: %.100s", strerror(errno)); >-+ } >-+ } >-+ >-+ g_waitpid(bsdsespid); >-+#endif >- wmpid = g_fork(); >- if (wmpid == -1) >- { >diff -ruN /usr/ports/net/xrdp/files/patch-sesman__verify_user_pam.c net/xrdp/files/patch-sesman__verify_user_pam.c >--- /usr/ports/net/xrdp/files/patch-sesman__verify_user_pam.c 1970-01-01 09:00:00.000000000 +0900 >+++ net/xrdp/files/patch-sesman__verify_user_pam.c 2014-10-17 14:29:40.634955594 +0900 >@@ -0,0 +1,19 @@ >+diff --git sesman/verify_user_pam.c sesman/verify_user_pam.c >+index e3d8596..281e297 100644 >+--- sesman/verify_user_pam.c >++++ sesman/verify_user_pam.c >+@@ -117,6 +117,14 @@ auth_userpass(char* user, char* pass) >+ g_free(auth_info); >+ return 0; >+ } >++ >++ error = pam_set_item(auth_info->ph, PAM_TTY, service_name); >++ if (error != PAM_SUCCESS) >++ { >++ g_printf("pam_set_item failed: %s\r\n", >++ pam_strerror(auth_info->ph, error)); >++ } >++ >+ error = pam_authenticate(auth_info->ph, 0); >+ if (error != PAM_SUCCESS) >+ { >diff -ruN /usr/ports/net/xrdp/pkg-plist net/xrdp/pkg-plist >--- /usr/ports/net/xrdp/pkg-plist 2014-07-05 18:40:14.065635764 +0900 >+++ net/xrdp/pkg-plist 2014-10-17 15:08:21.881796310 +0900 >@@ -39,24 +39,24 @@ > man/man8/xrdp-sesrun.8.gz > man/man8/xrdp.8.gz > etc/pam.d/xrdp-sesman >-etc/xrdp/km-0407.ini >-etc/xrdp/km-0409.ini >-etc/xrdp/km-040c.ini >-etc/xrdp/km-0410.ini >-etc/xrdp/km-0419.ini >-etc/xrdp/km-041d.ini >-%%JP106%%etc/xrdp/km-0411.ini >-%%JP106%%etc/xrdp/km-e0010411.ini >-%%JP106%%etc/xrdp/km-e0200411.ini >-%%JP106%%etc/xrdp/km-e0210411.ini >+%%ETCDIR%%/km-0407.ini >+%%ETCDIR%%/km-0409.ini >+%%ETCDIR%%/km-040c.ini >+%%ETCDIR%%/km-0410.ini >+%%ETCDIR%%/km-0419.ini >+%%ETCDIR%%/km-041d.ini >+%%JP106%%%%ETCDIR%%/km-0411.ini >+%%JP106%%%%ETCDIR%%/km-e0010411.ini >+%%JP106%%%%ETCDIR%%/km-e0200411.ini >+%%JP106%%%%ETCDIR%%/km-e0210411.ini > @unexec if cmp -s %D/etc/xrdp/rsakeys.ini.sample %D/etc/xrdp/rsakeys.ini; then rm -f %D/etc/xrdp/rsakeys.ini; fi > @unexec if cmp -s %D/etc/xrdp/sesman.ini.sample %D/etc/xrdp/sesman.ini; then rm -f %D/etc/xrdp/sesman.ini; fi > @unexec if cmp -s %D/etc/xrdp/startwm.sh.sample %D/etc/xrdp/startwm.sh; then rm -f %D/etc/xrdp/startwm.sh; fi > @unexec if cmp -s %D/etc/xrdp/xrdp.ini.sample %D/etc/xrdp/xrdp.ini; then rm -f %D/etc/xrdp/xrdp.ini; fi >-etc/xrdp/rsakeys.ini.sample >-etc/xrdp/sesman.ini.sample >-etc/xrdp/startwm.sh.sample >-etc/xrdp/xrdp.ini.sample >+@sample %%ETCDIR%%/rsakeys.ini.sample >+@sample %%ETCDIR%%/sesman.ini.sample >+@sample %%ETCDIR%%/startwm.sh.sample >+@sample %%ETCDIR%%/xrdp.ini.sample > @exec [ -f %D/etc/xrdp/sesman.ini ] || cp -p %D/etc/xrdp/sesman.ini.sample %D/etc/xrdp/sesman.ini > @exec [ -f %D/etc/xrdp/startwm.sh ] || cp -p %D/etc/xrdp/startwm.sh.sample %D/etc/xrdp/startwm.sh > @exec [ -f %D/etc/xrdp/xrdp.ini ] || cp -p %D/etc/xrdp/xrdp.ini.sample %D/etc/xrdp/xrdp.ini >@@ -64,13 +64,10 @@ > sbin/xrdp-chansrv > sbin/xrdp-sesman > sbin/xrdp-sessvc >-share/xrdp/ad24b.bmp >-share/xrdp/ad256.bmp >-share/xrdp/cursor0.cur >-share/xrdp/cursor1.cur >-share/xrdp/sans-10.fv1 >-share/xrdp/xrdp24b.bmp >-share/xrdp/xrdp256.bmp >-@dirrm share/xrdp >-@dirrm lib/xrdp >-@dirrmtry etc/xrdp >+%%DATADIR%%/ad24b.bmp >+%%DATADIR%%/ad256.bmp >+%%DATADIR%%/cursor0.cur >+%%DATADIR%%/cursor1.cur >+%%DATADIR%%/sans-10.fv1 >+%%DATADIR%%/xrdp24b.bmp >+%%DATADIR%%/xrdp256.bmp
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=148483">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 194474
: 148483