[pkgsrc/trunk]: pkgsrc/security/gnome-keyring Implement support for LOCAL_CRE...

[jmmv <jmmv%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/0d6017f590db
branches:  trunk
changeset: 517967:0d6017f590db
user:      jmmv <jmmv%pkgsrc.org@localhost>
date:      Sun Aug 27 16:10:21 2006 +0000

description:
Implement support for LOCAL_CREDS socket credentials.  Bump PKGREVISION to 2.

This fixes gnome-keyring under NetBSD which, AFAICT, didn't work at all.
There are still some problems remaining in gnome-keyring-manager, but I
think these are not related to this issue.

diffstat:

 security/gnome-keyring/Makefile         |    4 +-
 security/gnome-keyring/distinfo         |    4 +-
 security/gnome-keyring/patches/patch-aa |  141 ++++++++++++++++++++++++++++++++
 security/gnome-keyring/patches/patch-ab |   65 ++++++++++++++
 4 files changed, 211 insertions(+), 3 deletions(-)

diffs (240 lines):

diff -r 20d9ae04e369 -r 0d6017f590db security/gnome-keyring/Makefile
--- a/security/gnome-keyring/Makefile   Sun Aug 27 14:23:23 2006 +0000
+++ b/security/gnome-keyring/Makefile   Sun Aug 27 16:10:21 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.22 2006/04/17 13:46:09 wiz Exp $
+# $NetBSD: Makefile,v 1.23 2006/08/27 16:10:21 jmmv Exp $
 #
 
 DISTNAME=      gnome-keyring-0.4.9
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    security gnome
 MASTER_SITES=  ${MASTER_SITE_GNOME:=sources/gnome-keyring/0.4/}
 EXTRACT_SUFX=  .tar.bz2
diff -r 20d9ae04e369 -r 0d6017f590db security/gnome-keyring/distinfo
--- a/security/gnome-keyring/distinfo   Sun Aug 27 14:23:23 2006 +0000
+++ b/security/gnome-keyring/distinfo   Sun Aug 27 16:10:21 2006 +0000
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.13 2006/03/13 18:27:46 wiz Exp $
+$NetBSD: distinfo,v 1.14 2006/08/27 16:10:21 jmmv Exp $
 
 SHA1 (gnome-keyring-0.4.9.tar.bz2) = 56a9f2b634fd0f1b9bd73bab3824d02a77ad34c3
 RMD160 (gnome-keyring-0.4.9.tar.bz2) = 9deca60a67cba29b978974007c59e6963fec900e
 Size (gnome-keyring-0.4.9.tar.bz2) = 396162 bytes
+SHA1 (patch-aa) = f4d1146311e1e2d4519e8e570f99b5650757e0d2
+SHA1 (patch-ab) = 872632fc8b6865018a5b9bdcfc9e6d463d7d0ac3
diff -r 20d9ae04e369 -r 0d6017f590db security/gnome-keyring/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/gnome-keyring/patches/patch-aa   Sun Aug 27 16:10:21 2006 +0000
@@ -0,0 +1,141 @@
+$NetBSD: patch-aa,v 1.1 2006/08/27 16:10:21 jmmv Exp $
+
+http://bugzilla.gnome.org/show_bug.cgi?id=353105
+
+--- gnome-keyring-daemon-io.c.orig     2005-05-04 09:17:18.000000000 +0200
++++ gnome-keyring-daemon-io.c
+@@ -45,6 +45,7 @@
+ #endif
+ 
+ typedef enum {
++      GNOME_CLIENT_STATE_INIT,
+       GNOME_CLIENT_STATE_CREDENTIALS,
+       GNOME_CLIENT_STATE_READ_DISPLAYNAME,
+       GNOME_CLIENT_STATE_READ_PACKET,
+@@ -91,6 +92,38 @@ static void gnome_keyring_client_state_m
+ 
+ 
+ static gboolean
++init_connection (int fd)
++{
++      char buf = '\0';
++        ssize_t len;
++
++#if defined(LOCAL_CREDS) && !defined(HAVE_CMSGCRED)
++      /* Set the socket to receive credentials on the next message,
++       * which must be the nul-byte credentials message expected by
++       * read_unix_socket_credentials().
++       * CMSGCRED is preferred over LOCAL_CREDS because it provides
++       * the remote PID. */
++      {
++              int on = 1;
++              if (setsockopt (fd, 0, LOCAL_CREDS, &on, sizeof (on)) < 0) {
++                      g_warning ("Unable to set LOCAL_CREDS socket option\n");
++                      return FALSE;
++              }
++      }
++#endif
++
++      len = write (fd, &buf, sizeof (buf));
++      if (len != sizeof (buf)) {
++              g_warning ("Failed to write initialization byte: %s",
++                         len == 0 ? "No data written" : strerror (errno));
++              return FALSE;
++      }
++
++      return TRUE;
++}
++
++
++static gboolean
+ read_unix_socket_credentials (int fd,
+                             pid_t *pid,
+                             uid_t *uid)
+@@ -102,22 +135,14 @@ read_unix_socket_credentials (int fd,
+ #ifdef HAVE_CMSGCRED 
+       char cmsgmem[CMSG_SPACE (sizeof (struct cmsgcred))];
+       struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
++#elif defined(LOCAL_CREDS)
++      char cmsgmem[CMSG_SPACE (sizeof (struct sockcred))];
++      struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
+ #endif
+       
+       *pid = 0;
+       *uid = 0;
+       
+-#if defined(LOCAL_CREDS) && defined(HAVE_CMSGCRED)
+-      /* Set the socket to receive credentials on the next message */
+-      {
+-              int on = 1;
+-              if (setsockopt (fd, 0, LOCAL_CREDS, &on, sizeof (on)) < 0) {
+-                      g_warning ("Unable to set LOCAL_CREDS socket option\n");
+-                      return FALSE;
+-              }
+-      }
+-#endif
+-      
+       iov.iov_base = &buf;
+       iov.iov_len = 1;
+       
+@@ -125,7 +150,7 @@ read_unix_socket_credentials (int fd,
+       msg.msg_iov = &iov;
+       msg.msg_iovlen = 1;
+       
+-#ifdef HAVE_CMSGCRED
++#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+       memset (cmsgmem, 0, sizeof (cmsgmem));
+       msg.msg_control = cmsgmem;
+       msg.msg_controllen = sizeof (cmsgmem);
+@@ -146,7 +171,7 @@ read_unix_socket_credentials (int fd,
+               return FALSE;
+       }
+ 
+-#ifdef HAVE_CMSGCRED
++#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+       if (cmsg->cmsg_len < sizeof (cmsgmem) || cmsg->cmsg_type != SCM_CREDS) {
+               g_warning ("Message from recvmsg() was not SCM_CREDS\n");
+               return FALSE;
+@@ -174,6 +199,13 @@ read_unix_socket_credentials (int fd,
+               
+               *pid = cred->cmcred_pid;
+               *uid = cred->cmcred_euid;
++#elif defined(LOCAL_CREDS)
++              struct sockcred *cred;
++              
++              cred = (struct sockcred *) CMSG_DATA (cmsg);
++              
++              *pid = -1;
++              *uid = cred->sc_euid;
+ #else /* !SO_PEERCRED && !HAVE_CMSGCRED */
+               g_warning ("Socket credentials not supported on this OS\n");
+               return FALSE;
+@@ -345,6 +377,12 @@ gnome_keyring_client_state_machine (Gnom
+       
+  new_state:
+       switch (client->state) {
++      case GNOME_CLIENT_STATE_INIT:
++              debug_print (("GNOME_CLIENT_STATE_INIT %p\n", client));
++                if (init_connection (client->sock))
++                      client->state = GNOME_CLIENT_STATE_CREDENTIALS;
++              break;
++
+       case GNOME_CLIENT_STATE_CREDENTIALS:
+               debug_print (("GNOME_CLIENT_STATE_CREDENTIALS %p\n", client));
+               if (!read_unix_socket_credentials (client->sock, &pid, &uid)) {
+@@ -536,13 +574,15 @@ gnome_keyring_client_new (int fd)
+                                             gnome_keyring_client_hup, client);
+       g_io_channel_unref (channel);
+ 
+-      client->state = GNOME_CLIENT_STATE_CREDENTIALS;
++      client->state = GNOME_CLIENT_STATE_INIT;
+       client->sock = fd;
+       client->input_channel = channel;
+       client->input_buffer = g_string_new (NULL);
+       client->input_pos = 0;
+ 
+       clients = g_list_prepend (clients, client);
++
++      gnome_keyring_client_state_machine (client);
+ }
+ 
+ 
diff -r 20d9ae04e369 -r 0d6017f590db security/gnome-keyring/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/gnome-keyring/patches/patch-ab   Sun Aug 27 16:10:21 2006 +0000
@@ -0,0 +1,65 @@
+$NetBSD: patch-ab,v 1.1 2006/08/27 16:10:21 jmmv Exp $
+
+http://bugzilla.gnome.org/show_bug.cgi?id=353105
+
+--- gnome-keyring.c.orig       2006-03-03 14:58:58.000000000 +0100
++++ gnome-keyring.c
+@@ -52,6 +52,7 @@ typedef enum {
+ 
+ typedef enum {
+       STATE_FAILED,
++      STATE_INITIALIZING,
+       STATE_WRITING_CREDS,
+       STATE_WRITING_PACKET,
+       STATE_READING_REPLY
+@@ -248,6 +249,24 @@ write_all (int fd, const char *buf, size
+       return 0;
+ }
+ 
++static void
++init_connection (GnomeKeyringOperation *op)
++{
++      char buf;
++      ssize_t len;
++
++      len = read (op->socket, &buf, sizeof (buf));
++      if (len == sizeof (buf)) {
++              if (buf != '\0')
++                      g_warning ("Invalid initialization byte: %d\n", buf);
++              else
++                      op->state = STATE_WRITING_CREDS;
++      } else
++              g_warning ("Failed to read initialization byte: %s",
++                         len == 0 ? "No data available" : strerror (errno));
++}
++
++
+ static GnomeKeyringResult
+ write_credentials_byte_sync (int socket)
+ {
+@@ -314,6 +333,9 @@ operation_io (GIOChannel  *io_channel,
+               schedule_op_failed (op, GNOME_KEYRING_RESULT_IO_ERROR);
+       }
+ 
++      if (op->state == STATE_INITIALIZING && (cond & G_IO_IN)) {
++              init_connection (op);
++      }
+       if (op->state == STATE_WRITING_CREDS && (cond & G_IO_OUT)) {
+               write_credentials_byte (op);
+       }
+@@ -420,13 +442,13 @@ start_operation (gpointer callback, Keyr
+       if (op->socket < 0) {
+               schedule_op_failed (op, GNOME_KEYRING_RESULT_NO_KEYRING_DAEMON);
+       } else  {
+-              op->state = STATE_WRITING_CREDS;
++              op->state = STATE_INITIALIZING;
+               op->send_buffer = g_string_new (NULL);
+               op->send_pos = 0;
+               
+               channel = g_io_channel_unix_new (op->socket);
+               op->io_watch = g_io_add_watch (channel,
+-                                             G_IO_OUT | G_IO_HUP,
++                                             G_IO_IN | G_IO_OUT | G_IO_HUP,
+                                              operation_io, op);
+               g_io_channel_unref (channel);
+       }