[pkgsrc/trunk]: pkgsrc/security/gnome-keyring Redo LOCAL_CREDS support in a w...

[jmmv <jmmv%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1d7ce1811b7c
branches:  trunk
changeset: 517986:1d7ce1811b7c
user:      jmmv <jmmv%pkgsrc.org@localhost>
date:      Mon Aug 28 08:30:12 2006 +0000

description:
Redo LOCAL_CREDS support in a way that does not change the communication
protocol (it's more likely to be accepted and is much easier on the code).
Bump PKGREVISION to 3.

diffstat:

 security/gnome-keyring/Makefile         |   4 +-
 security/gnome-keyring/distinfo         |   5 +-
 security/gnome-keyring/patches/patch-aa |  94 +++++++++-----------------------
 security/gnome-keyring/patches/patch-ab |  65 ----------------------
 4 files changed, 32 insertions(+), 136 deletions(-)

diffs (246 lines):

diff -r 52529df7af80 -r 1d7ce1811b7c security/gnome-keyring/Makefile
--- a/security/gnome-keyring/Makefile   Mon Aug 28 08:28:57 2006 +0000
+++ b/security/gnome-keyring/Makefile   Mon Aug 28 08:30:12 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2006/08/27 16:10:21 jmmv Exp $
+# $NetBSD: Makefile,v 1.24 2006/08/28 08:30:12 jmmv Exp $
 #
 
 DISTNAME=      gnome-keyring-0.4.9
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    security gnome
 MASTER_SITES=  ${MASTER_SITE_GNOME:=sources/gnome-keyring/0.4/}
 EXTRACT_SUFX=  .tar.bz2
diff -r 52529df7af80 -r 1d7ce1811b7c security/gnome-keyring/distinfo
--- a/security/gnome-keyring/distinfo   Mon Aug 28 08:28:57 2006 +0000
+++ b/security/gnome-keyring/distinfo   Mon Aug 28 08:30:12 2006 +0000
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.14 2006/08/27 16:10:21 jmmv Exp $
+$NetBSD: distinfo,v 1.15 2006/08/28 08:30:12 jmmv Exp $
 
 SHA1 (gnome-keyring-0.4.9.tar.bz2) = 56a9f2b634fd0f1b9bd73bab3824d02a77ad34c3
 RMD160 (gnome-keyring-0.4.9.tar.bz2) = 9deca60a67cba29b978974007c59e6963fec900e
 Size (gnome-keyring-0.4.9.tar.bz2) = 396162 bytes
-SHA1 (patch-aa) = f4d1146311e1e2d4519e8e570f99b5650757e0d2
-SHA1 (patch-ab) = 872632fc8b6865018a5b9bdcfc9e6d463d7d0ac3
+SHA1 (patch-aa) = b04232b0d1d855d4fa795cf69dd290193ec83bc0
diff -r 52529df7af80 -r 1d7ce1811b7c security/gnome-keyring/patches/patch-aa
--- a/security/gnome-keyring/patches/patch-aa   Mon Aug 28 08:28:57 2006 +0000
+++ b/security/gnome-keyring/patches/patch-aa   Mon Aug 28 08:30:12 2006 +0000
@@ -1,49 +1,27 @@
-$NetBSD: patch-aa,v 1.1 2006/08/27 16:10:21 jmmv Exp $
+$NetBSD: patch-aa,v 1.2 2006/08/28 08:30:12 jmmv Exp $
 
 http://bugzilla.gnome.org/show_bug.cgi?id=353105
 
 --- gnome-keyring-daemon-io.c.orig     2005-05-04 09:17:18.000000000 +0200
 +++ gnome-keyring-daemon-io.c
-@@ -45,6 +45,7 @@
- #endif
- 
- typedef enum {
-+      GNOME_CLIENT_STATE_INIT,
-       GNOME_CLIENT_STATE_CREDENTIALS,
-       GNOME_CLIENT_STATE_READ_DISPLAYNAME,
-       GNOME_CLIENT_STATE_READ_PACKET,
-@@ -91,6 +92,38 @@ static void gnome_keyring_client_state_m
+@@ -91,6 +91,24 @@ static void gnome_keyring_client_state_m
  
  
  static gboolean
-+init_connection (int fd)
++set_local_creds (int fd, gboolean on)
 +{
-+      char buf = '\0';
-+        ssize_t len;
++  gboolean retval = TRUE;
 +
 +#if defined(LOCAL_CREDS) && !defined(HAVE_CMSGCRED)
-+      /* Set the socket to receive credentials on the next message,
-+       * which must be the nul-byte credentials message expected by
-+       * read_unix_socket_credentials().
-+       * CMSGCRED is preferred over LOCAL_CREDS because it provides
-+       * the remote PID. */
-+      {
-+              int on = 1;
-+              if (setsockopt (fd, 0, LOCAL_CREDS, &on, sizeof (on)) < 0) {
-+                      g_warning ("Unable to set LOCAL_CREDS socket option\n");
-+                      return FALSE;
-+              }
-+      }
++  int val = on ? 1 : 0;
++  if (setsockopt (fd, 0, LOCAL_CREDS, &val, sizeof (val)) < 0)
++    {
++      g_warning ("Unable to set LOCAL_CREDS socket option on fd %d\n", fd);
++      retval = FALSE;
++    }
 +#endif
 +
-+      len = write (fd, &buf, sizeof (buf));
-+      if (len != sizeof (buf)) {
-+              g_warning ("Failed to write initialization byte: %s",
-+                         len == 0 ? "No data written" : strerror (errno));
-+              return FALSE;
-+      }
-+
-+      return TRUE;
++  return retval;
 +}
 +
 +
@@ -51,7 +29,7 @@
  read_unix_socket_credentials (int fd,
                              pid_t *pid,
                              uid_t *uid)
-@@ -102,22 +135,14 @@ read_unix_socket_credentials (int fd,
+@@ -102,22 +120,14 @@ read_unix_socket_credentials (int fd,
  #ifdef HAVE_CMSGCRED 
        char cmsgmem[CMSG_SPACE (sizeof (struct cmsgcred))];
        struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
@@ -77,7 +55,7 @@
        iov.iov_base = &buf;
        iov.iov_len = 1;
        
-@@ -125,7 +150,7 @@ read_unix_socket_credentials (int fd,
+@@ -125,7 +135,7 @@ read_unix_socket_credentials (int fd,
        msg.msg_iov = &iov;
        msg.msg_iovlen = 1;
        
@@ -86,7 +64,7 @@
        memset (cmsgmem, 0, sizeof (cmsgmem));
        msg.msg_control = cmsgmem;
        msg.msg_controllen = sizeof (cmsgmem);
-@@ -146,7 +171,7 @@ read_unix_socket_credentials (int fd,
+@@ -146,7 +156,7 @@ read_unix_socket_credentials (int fd,
                return FALSE;
        }
  
@@ -95,7 +73,7 @@
        if (cmsg->cmsg_len < sizeof (cmsgmem) || cmsg->cmsg_type != SCM_CREDS) {
                g_warning ("Message from recvmsg() was not SCM_CREDS\n");
                return FALSE;
-@@ -174,6 +199,13 @@ read_unix_socket_credentials (int fd,
+@@ -174,6 +184,14 @@ read_unix_socket_credentials (int fd,
                
                *pid = cred->cmcred_pid;
                *uid = cred->cmcred_euid;
@@ -106,36 +84,20 @@
 +              
 +              *pid = -1;
 +              *uid = cred->sc_euid;
++              set_local_creds(fd, FALSE);
  #else /* !SO_PEERCRED && !HAVE_CMSGCRED */
                g_warning ("Socket credentials not supported on this OS\n");
                return FALSE;
-@@ -345,6 +377,12 @@ gnome_keyring_client_state_machine (Gnom
-       
-  new_state:
-       switch (client->state) {
-+      case GNOME_CLIENT_STATE_INIT:
-+              debug_print (("GNOME_CLIENT_STATE_INIT %p\n", client));
-+                if (init_connection (client->sock))
-+                      client->state = GNOME_CLIENT_STATE_CREDENTIALS;
-+              break;
+@@ -625,6 +643,12 @@ create_master_socket (const char **path)
+               return FALSE;
+       }
+ 
++        if (!set_local_creds (sock, TRUE)) {
++              close (sock);
++              cleanup_socket_dir ();
++              return FALSE;
++      }
 +
-       case GNOME_CLIENT_STATE_CREDENTIALS:
-               debug_print (("GNOME_CLIENT_STATE_CREDENTIALS %p\n", client));
-               if (!read_unix_socket_credentials (client->sock, &pid, &uid)) {
-@@ -536,13 +574,15 @@ gnome_keyring_client_new (int fd)
-                                             gnome_keyring_client_hup, client);
-       g_io_channel_unref (channel);
- 
--      client->state = GNOME_CLIENT_STATE_CREDENTIALS;
-+      client->state = GNOME_CLIENT_STATE_INIT;
-       client->sock = fd;
-       client->input_channel = channel;
-       client->input_buffer = g_string_new (NULL);
-       client->input_pos = 0;
- 
-       clients = g_list_prepend (clients, client);
-+
-+      gnome_keyring_client_state_machine (client);
- }
- 
- 
+       g_free (tmp_tmp_dir);
+       channel = g_io_channel_unix_new (sock);
+       g_io_add_watch (channel, G_IO_IN | G_IO_HUP, new_client, NULL);
diff -r 52529df7af80 -r 1d7ce1811b7c security/gnome-keyring/patches/patch-ab
--- a/security/gnome-keyring/patches/patch-ab   Mon Aug 28 08:28:57 2006 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-$NetBSD: patch-ab,v 1.1 2006/08/27 16:10:21 jmmv Exp $
-
-http://bugzilla.gnome.org/show_bug.cgi?id=353105
-
---- gnome-keyring.c.orig       2006-03-03 14:58:58.000000000 +0100
-+++ gnome-keyring.c
-@@ -52,6 +52,7 @@ typedef enum {
- 
- typedef enum {
-       STATE_FAILED,
-+      STATE_INITIALIZING,
-       STATE_WRITING_CREDS,
-       STATE_WRITING_PACKET,
-       STATE_READING_REPLY
-@@ -248,6 +249,24 @@ write_all (int fd, const char *buf, size
-       return 0;
- }
- 
-+static void
-+init_connection (GnomeKeyringOperation *op)
-+{
-+      char buf;
-+      ssize_t len;
-+
-+      len = read (op->socket, &buf, sizeof (buf));
-+      if (len == sizeof (buf)) {
-+              if (buf != '\0')
-+                      g_warning ("Invalid initialization byte: %d\n", buf);
-+              else
-+                      op->state = STATE_WRITING_CREDS;
-+      } else
-+              g_warning ("Failed to read initialization byte: %s",
-+                         len == 0 ? "No data available" : strerror (errno));
-+}
-+
-+
- static GnomeKeyringResult
- write_credentials_byte_sync (int socket)
- {
-@@ -314,6 +333,9 @@ operation_io (GIOChannel  *io_channel,
-               schedule_op_failed (op, GNOME_KEYRING_RESULT_IO_ERROR);
-       }
- 
-+      if (op->state == STATE_INITIALIZING && (cond & G_IO_IN)) {
-+              init_connection (op);
-+      }
-       if (op->state == STATE_WRITING_CREDS && (cond & G_IO_OUT)) {
-               write_credentials_byte (op);
-       }
-@@ -420,13 +442,13 @@ start_operation (gpointer callback, Keyr
-       if (op->socket < 0) {
-               schedule_op_failed (op, GNOME_KEYRING_RESULT_NO_KEYRING_DAEMON);
-       } else  {
--              op->state = STATE_WRITING_CREDS;
-+              op->state = STATE_INITIALIZING;
-               op->send_buffer = g_string_new (NULL);
-               op->send_pos = 0;
-               
-               channel = g_io_channel_unix_new (op->socket);
-               op->io_watch = g_io_add_watch (channel,
--                                             G_IO_OUT | G_IO_HUP,
-+                                             G_IO_IN | G_IO_OUT | G_IO_HUP,
-                                              operation_io, op);
-               g_io_channel_unref (channel);
-       }