Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[xsrc/trunk]: xsrc/external/mit/libSM/dist initial import of libSM-1.2.3
details: https://anonhg.NetBSD.org/xsrc/rev/8aa711c5ffbb
branches: trunk
changeset: 10003:8aa711c5ffbb
user: mrg <mrg%NetBSD.org@localhost>
date: Fri Dec 28 08:56:25 2018 +0000
description:
initial import of libSM-1.2.3
diffstat:
external/mit/libSM/dist/ChangeLog | 136 +
external/mit/libSM/dist/INSTALL | 119 +-
external/mit/libSM/dist/Makefile.in | 56 +-
external/mit/libSM/dist/aclocal.m4 | 5426 +++++++++++++++------------
external/mit/libSM/dist/compile | 2 +-
external/mit/libSM/dist/config.guess | 858 ++--
external/mit/libSM/dist/config.h.in | 9 +-
external/mit/libSM/dist/config.sub | 343 +-
external/mit/libSM/dist/configure | 3020 +++++++++------
external/mit/libSM/dist/configure.ac | 2 +-
external/mit/libSM/dist/depcomp | 6 +-
external/mit/libSM/dist/doc/Makefile.in | 30 +-
external/mit/libSM/dist/doc/SMlib.xml | 4 +-
external/mit/libSM/dist/install-sh | 361 +-
external/mit/libSM/dist/ltmain.sh | 5841 ++++++++++++++++++-----------
external/mit/libSM/dist/missing | 6 +-
external/mit/libSM/dist/src/Makefile.am | 3 +-
external/mit/libSM/dist/src/Makefile.in | 33 +-
external/mit/libSM/dist/src/SMlibint.h | 74 -
external/mit/libSM/dist/src/sm_genid.c | 12 +-
external/mit/libSM/dist/src/sm_process.c | 318 +-
21 files changed, 9810 insertions(+), 6849 deletions(-)
diffs (truncated from 29391 to 300 lines):
diff -r 8c6b2cb03103 -r 8aa711c5ffbb external/mit/libSM/dist/ChangeLog
--- a/external/mit/libSM/dist/ChangeLog Sun Dec 02 00:42:04 2018 +0000
+++ b/external/mit/libSM/dist/ChangeLog Fri Dec 28 08:56:25 2018 +0000
@@ -1,3 +1,139 @@
+commit a52c79544fcd6b5e2242b9122dfaa34be07aebb2
+Author: Matthieu Herrb <matthieu%herrb.eu@localhost>
+Date: Sun Sep 30 11:03:41 2018 +0200
+
+ libSM 1.2.3
+
+ Signed-off-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit d86106f2369ecf81155decaa360f9162c0c3cd53
+Author: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+Date: Wed Aug 15 21:21:09 2018 +0200
+
+ Fixed out ouf boundary accesses.
+
+ Out of boundary accesses can occur while processing messages. This
+ affects clients and the session server.
+
+ Generally, the code tries to prevent out of boundary accesses. It
+ initially "skips" over the memory areas by parsing supplied lengths.
+ Then, it checks if it skipped over the memory boundary. If not, then
+ data is actually read and memory allocated, etc.
+
+ The problem is that while initially skipping over the memory,
+ subsequent lengths are already parsed, i.e. accessed. This results in
+ out of boundary reads on hostile messages.
+
+ Lengths could also overflow on 32 bit systems, leading to out of
+ boundary writes if not enough bytes have been allocated.
+
+ Authentication is handled by libICE, which is not affected, because the
+ macros for skipping already take care about memory boundaries.
+
+ Therefore, this flaw can only be used by authenticated clients or by
+ hostile servers (which could simply accept every MIT cookie). Most
+ session managers only use Unix sockets, so in many cases it takes a
+ local authenticated user.
+
+ In order to fix this, I decided to move the macros from SMlibint.h to
+ its only callers in sm_process.c, turning them into functions for much
+ easier error handling and readability.
+
+ Instead of skipping over the memory, validation happens during actual
+ read and memory allocation operations, as it's rather unlikely to
+ encounter hostile code anyway, i.e. my code has more error cleanup
+ handling in it.
+
+ Signed-off-by: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+ Reviewed-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit 75ffafb4e04661fb890a9e8088b743cb077050a6
+Author: Fab <netbox253%free.fr@localhost>
+Date: Sat Oct 7 14:23:52 2017 +0000
+
+ Fix callbacks signatures in libSM documentation
+
+ https://bugs.freedesktop.org/show_bug.cgi?id=103135
+
+ Reviewed-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+
+commit b347e9f8ef3ae027c049741ab5c0c8dac45c9eb2
+Author: Mihail Konev <k.mvc%ya.ru@localhost>
+Date: Thu Jan 26 13:52:49 2017 +1000
+
+ autogen: add default patch prefix
+
+ Signed-off-by: Mihail Konev <k.mvc%ya.ru@localhost>
+
+commit d34f694e810d11f95cd61e4209cd6e38f70bce58
+Author: Emil Velikov <emil.l.velikov%gmail.com@localhost>
+Date: Mon Mar 9 12:00:52 2015 +0000
+
+ autogen.sh: use quoted string variables
+
+ Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
+ fall-outs, when they contain space.
+
+ Signed-off-by: Emil Velikov <emil.l.velikov%gmail.com@localhost>
+ Reviewed-by: Peter Hutterer <peter.hutterer%who-t.net@localhost>
+ Signed-off-by: Peter Hutterer <peter.hutterer%who-t.net@localhost>
+
+commit e27964e499f31f48782a6db7421660a230471b2c
+Author: Peter Hutterer <peter.hutterer%who-t.net@localhost>
+Date: Tue Jan 24 10:32:07 2017 +1000
+
+ autogen.sh: use exec instead of waiting for configure to finish
+
+ Syncs the invocation of configure with the one from the server.
+
+ Signed-off-by: Peter Hutterer <peter.hutterer%who-t.net@localhost>
+ Reviewed-by: Emil Velikov <emil.velikov%collabora.com@localhost>
+
+commit b64aa0ef375f2df3ce166733fe92429ba43b6145
+Author: Matthieu Herrb <matthieu%herrb.eu@localhost>
+Date: Tue Oct 20 14:48:52 2015 -0400
+
+ Get rid of strcpy() in the HAVE_UUID_CREATE case
+
+ Even though this use was safe, some linkers produce a warning
+ when strcpy() is used, and this is the only use in libSM.
+
+ Reviewed-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+
+commit 0bf5d26d1d55029846514758f2ffd80e816bd9fb
+Author: Matthieu Herrb <matthieu%herrb.eu@localhost>
+Date: Tue Oct 20 14:47:50 2015 -0400
+
+ Fix uuid_to_string(3) type
+
+ It should be char *.
+
+ Reviewed-by: Adam Jackson <ajax%redhat.com@localhost>
+
+commit 29ea6247434a85934986e7d4fc60862231c5d77d
+Author: Jon TURNEY <jon.turney%dronecode.org.uk@localhost>
+Date: Sat Sep 13 19:38:12 2014 +0100
+
+ Include unistd.h for getpid()
+
+ Signed-off-by: Jon TURNEY <jon.turney%dronecode.org.uk@localhost>
+ Reviewed-by: David Macek <david.macek.0%gmail.com@localhost>
+
+commit f2dd6934c38414bc448ee49b47604f135f5487ea
+Author: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+Date: Sat Nov 16 19:35:15 2013 -0800
+
+ Stop compiling empty sm_auth.c stub
+
+ File exists as a placeholder in case someone someday decides to add
+ additional auth methods on top of what libICE provides, but it's been
+ two decades and no one has, so stop spending time compiling & linking
+ for now.
+
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+ Reviewed-by: Adam Jackson <ajax%redhat.com@localhost>
+
commit 0fd7aa17da41779129a3acfdad28e07c0072a160
Author: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
Date: Sat Sep 7 23:05:16 2013 -0700
diff -r 8c6b2cb03103 -r 8aa711c5ffbb external/mit/libSM/dist/INSTALL
--- a/external/mit/libSM/dist/INSTALL Sun Dec 02 00:42:04 2018 +0000
+++ b/external/mit/libSM/dist/INSTALL Fri Dec 28 08:56:25 2018 +0000
@@ -1,11 +1,13 @@
Installation Instructions
*************************
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
-2006, 2007, 2008 Free Software Foundation, Inc.
+Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
+Inc.
- This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
+ Copying and distribution of this file, with or without modification,
+are permitted in any medium without royalty provided the copyright
+notice and this notice are preserved. This file is offered as-is,
+without warranty of any kind.
Basic Installation
==================
@@ -13,7 +15,11 @@
Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
-instructions specific to this package.
+instructions specific to this package. Some packages provide this
+`INSTALL' file but do not implement all of the features documented
+below. The lack of an optional feature in a given package is not
+necessarily a bug. More recommendations for GNU packages can be found
+in *note Makefile Conventions: (standards)Makefile Conventions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
@@ -42,7 +48,7 @@
you want to change it or regenerate `configure' using a newer version
of `autoconf'.
-The simplest way to compile this package is:
+ The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system.
@@ -53,12 +59,22 @@
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
- the package.
+ the package, generally using the just-built uninstalled binaries.
4. Type `make install' to install the programs and any data files and
- documentation.
+ documentation. When installing into a prefix owned by root, it is
+ recommended that the package be configured and built as a regular
+ user, and only the `make install' phase executed with root
+ privileges.
- 5. You can remove the program binaries and object files from the
+ 5. Optionally, type `make installcheck' to repeat any self-tests, but
+ this time using the binaries in their final installed location.
+ This target does not install anything. Running this target as a
+ regular user, particularly if the prior `make install' required
+ root privileges, verifies that the installation completed
+ correctly.
+
+ 6. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
@@ -67,8 +83,15 @@
all sorts of other programs in order to regenerate files that came
with the distribution.
- 6. Often, you can also type `make uninstall' to remove the installed
- files again.
+ 7. Often, you can also type `make uninstall' to remove the installed
+ files again. In practice, not all packages have tested that
+ uninstallation works correctly, even though it is required by the
+ GNU Coding Standards.
+
+ 8. Some packages, particularly those that use Automake, provide `make
+ distcheck', which can by used by developers to test that all other
+ targets like `make install' and `make uninstall' work correctly.
+ This target is generally not run by end users.
Compilers and Options
=====================
@@ -93,7 +116,8 @@
own directory. To do this, you can use GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
+source code in the directory that `configure' is in and in `..'. This
+is known as a "VPATH" build.
With a non-GNU `make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
@@ -120,7 +144,8 @@
By default, `make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX'.
+`configure' the option `--prefix=PREFIX', where PREFIX must be an
+absolute file name.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
@@ -131,15 +156,46 @@
In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
+you can set and what kinds of files go in them. In general, the
+default for these options is expressed in terms of `${prefix}', so that
+specifying just `--prefix' will affect all of the other directory
+specifications that were not explicitly provided.
+
+ The most portable way to affect installation locations is to pass the
+correct locations to `configure'; however, many packages provide one or
+both of the following shortcuts of passing variable assignments to the
+`make install' command line to change installation locations without
+having to reconfigure or recompile.
+
+ The first method involves providing an override variable for each
+affected directory. For example, `make install
+prefix=/alternate/directory' will choose an alternate location for all
+directory configuration variables that were expressed in terms of
+`${prefix}'. Any directories that were specified during `configure',
+but not in terms of `${prefix}', must each be overridden at install
+time for the entire installation to be relocated. The approach of
+makefile variable overrides for each directory variable is required by
+the GNU Coding Standards, and ideally causes no recompilation.
+However, some platforms have known limitations with the semantics of
+shared libraries that end up requiring recompilation when using this
+method, particularly noticeable in packages that use GNU Libtool.
+
+ The second method involves providing the `DESTDIR' variable. For
+example, `make install DESTDIR=/alternate/directory' will prepend
+`/alternate/directory' before all installation names. The approach of
+`DESTDIR' overrides is not required by the GNU Coding Standards, and
+does not work on platforms that have drive letters. On the other hand,
+it does better at avoiding recompilation issues, and works well even
+when some directory options were not specified in terms of `${prefix}'
+at `configure' time.
+
+Optional Features
+=================
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-Optional Features
-=================
-
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
Home |
Main Index |
Thread Index |
Old Index