svn commit: r510087 - in head/security/plasma5-kwallet-pam: . files

Tobias C. Berner tcberner at FreeBSD.org
Wed Aug 28 18:09:17 UTC 2019 

Author: tcberner
Date: Wed Aug 28 18:09:16 2019
New Revision: 510087
URL: https://svnweb.freebsd.org/changeset/ports/510087

Log:
  security/plasma5-kwallet-pam: make it work
  
  - Replace the use of socat with netcat which is in base.  Note that netcat is
    bidirectional.  It sends input from stdin over the socket and input from the
    socket to stdout.  After receiving EOF on stdin it keeps polling the socket
    for input until the other end closes the connection, which in the case of
    kwalletd never happens because it's also waiting for more data until the
    other end closes the connection.  Call netcat using "nc | :" so its stdout is
    a pipe of which the far end closes immediately (stdout itself stays open).
    Without a valid stdout netcat becomes unidirectional.  Using "nc >&-" doesn't
    work because it closes stdout itself and its descriptor will be reused for
    the socket so netcat thinks it has a valid stdout.
  
  - Fix an off-by-one buffer size check.
  
  - Fix a call to bind(2).  The third argument should be the size of the sockaddr
    struct.  It contains an extra field besides sun_path and sun_family in BSD so
    the name of the socket got truncated.
  
  PR:		228291
  Submitted by:	tijl,  mikael.urankar at gmail.com

Added:
  head/security/plasma5-kwallet-pam/files/
  head/security/plasma5-kwallet-pam/files/patch-pam__kwallet.c   (contents, props changed)
  head/security/plasma5-kwallet-pam/files/patch-pam__kwallet__init   (contents, props changed)
Modified:
  head/security/plasma5-kwallet-pam/Makefile
  head/security/plasma5-kwallet-pam/pkg-plist

Modified: head/security/plasma5-kwallet-pam/Makefile
==============================================================================
--- head/security/plasma5-kwallet-pam/Makefile	Wed Aug 28 17:21:42 2019	(r510086)
+++ head/security/plasma5-kwallet-pam/Makefile	Wed Aug 28 18:09:16 2019	(r510087)
@@ -2,6 +2,7 @@
 
 PORTNAME=	kwallet-pam
 DISTVERSION=	${KDE_PLASMA_VERSION}
+PORTREVISION=	1
 CATEGORIES=	security kde kde-plasma
 
 MAINTAINER=	kde at FreeBSD.org
@@ -16,5 +17,11 @@ USES=		cmake cpe gettext kde:5 qt:5 tar:xz
 USE_KDE=	ecm wallet
 USE_QT=		gui \
 		buildtools_build qmake_build
+
+post-patch:
+	@${REINPLACE_CMD} -e 's,socat,nc,' -e 's,/security,,' \
+		${WRKSRC}/CMakeLists.txt
+	@${REINPLACE_CMD} 's,/usr/bin/kwalletd,${LOCALBASE}/bin/kwalletd,' \
+		${WRKSRC}/pam_kwallet.c
 
 .include <bsd.port.mk>

Added: head/security/plasma5-kwallet-pam/files/patch-pam__kwallet.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/plasma5-kwallet-pam/files/patch-pam__kwallet.c	Wed Aug 28 18:09:16 2019	(r510087)
@@ -0,0 +1,21 @@
+---pam_kwallet.c	2019-08-28 10:45:20.619019000 +0200
++++ pam_kwallet.c	2019-08-28 10:47:11.632255000 +0200
+@@ -390,7 +390,7 @@ static void execute_kwallet(pam_handle_t *pamh, struct
+     struct sockaddr_un local;
+     local.sun_family = AF_UNIX;
+ 
+-    if (strlen(fullSocket) > sizeof(local.sun_path)) {
++    if (strlen(fullSocket) >= sizeof(local.sun_path)) {
+         syslog(LOG_ERR, "%s: socket path %s too long to open",
+                    logPrefix, fullSocket);
+         free(fullSocket);
+@@ -403,8 +403,7 @@ static void execute_kwallet(pam_handle_t *pamh, struct
+ 
+     syslog(LOG_DEBUG, "%s: final socket path: %s", logPrefix, local.sun_path);
+ 
+-    size_t len = strlen(local.sun_path) + sizeof(local.sun_family);
+-    if (bind(envSocket, (struct sockaddr *)&local, len) == -1) {
++    if (bind(envSocket, (struct sockaddr *)&local, sizeof(local)) == -1) {
+         syslog(LOG_INFO, "%s-kwalletd: Couldn't bind to local file\n", logPrefix);
+         goto cleanup;
+     }

Added: head/security/plasma5-kwallet-pam/files/patch-pam__kwallet__init
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/plasma5-kwallet-pam/files/patch-pam__kwallet__init	Wed Aug 28 18:09:16 2019	(r510087)
@@ -0,0 +1,10 @@
+--- pam_kwallet_init.orig	2019-08-09 12:51:25.200806000 +0200
++++ pam_kwallet_init	2019-08-09 12:51:41.765221000 +0200
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+ 
+ if test -n "$PAM_KWALLET5_LOGIN" ; then
+-    env | socat STDIN UNIX-CONNECT:$PAM_KWALLET5_LOGIN
++    env | nc -U "$PAM_KWALLET5_LOGIN" | :
+ fi
+ 

Modified: head/security/plasma5-kwallet-pam/pkg-plist
==============================================================================
--- head/security/plasma5-kwallet-pam/pkg-plist	Wed Aug 28 17:21:42 2019	(r510086)
+++ head/security/plasma5-kwallet-pam/pkg-plist	Wed Aug 28 18:09:16 2019	(r510087)
@@ -1,3 +1,3 @@
 etc/xdg/autostart/pam_kwallet_init.desktop
 lib/libexec/pam_kwallet_init
-lib/security/pam_kwallet5.so
+lib/pam_kwallet5.so

More information about the svn-ports-head mailing list