summaryrefslogtreecommitdiff
path: root/libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch')
-rw-r--r--libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch359
1 files changed, 359 insertions, 0 deletions
diff --git a/libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch b/libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch
new file mode 100644
index 0000000000..2c3a8cc786
--- /dev/null
+++ b/libraries/libgksu/patches/libgksu-2.0.12-revert-forkpty.patch
@@ -0,0 +1,359 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN libgksu-2.0.12.orig/libgksu/libgksu.c libgksu-2.0.12/libgksu/libgksu.c
+--- libgksu-2.0.12.orig/libgksu/libgksu.c 2009-06-29 13:48:24.000000000 -0400
++++ libgksu-2.0.12/libgksu/libgksu.c 2010-01-12 07:32:10.450657456 -0500
+@@ -1,7 +1,6 @@
+ /*
+ * Gksu -- a library providing access to su functionality
+ * Copyright (C) 2004-2009 Gustavo Noronha Silva
+- * Portions Copyright (C) 2009 VMware, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -56,9 +55,6 @@
+ static void
+ gksu_context_launch_complete (GksuContext *context);
+
+-static void
+-read_line (int fd, gchar *buffer, int n);
+-
+ GType
+ gksu_error_get_type (void)
+ {
+@@ -2009,8 +2005,6 @@ gksu_su_fuller (GksuContext *context,
+ for (i = 0 ; cmd[i] != NULL ; i++)
+ g_free (cmd[i]);
+ g_free(cmd);
+-
+- _exit(1);
+ }
+ else if (pid == -1)
+ {
+@@ -2125,10 +2119,10 @@ gksu_su_fuller (GksuContext *context,
+ /* drop the \n echoed on password entry if su did request
+ a password */
+ if (password_needed)
+- read_line (fdpty, buf, 255);
++ read (fdpty, buf, 255);
+ if (context->debug)
+ fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
+- read_line (fdpty, buf, 255);
++ read (fdpty, buf, 255);
+ if (context->debug)
+ fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
+ }
+@@ -2142,9 +2136,7 @@ gksu_su_fuller (GksuContext *context,
+ {
+ int retval = 0;
+
+- /* Red Hat's su shows the full path to su in its error messages. */
+- if (!strncmp (buf, "su:", 3) ||
+- !strncmp (buf, "/bin/su:", 7))
++ if (!strncmp (buf, "su", 2))
+ {
+ gchar **strings;
+
+@@ -2155,11 +2147,7 @@ gksu_su_fuller (GksuContext *context,
+ }
+
+ strings = g_strsplit (buf, ":", 2);
+-
+- /* Red Hat and Fedora use 'incorrect password'. */
+- if (strings[1] &&
+- (g_str_has_prefix(strings[1], " Authentication failure") ||
+- g_str_has_prefix(strings[1], " incorrect password")))
++ if (strings[1] && !strncmp (strings[1], " Authentication failure", 23))
+ {
+ if (used_gnome_keyring)
+ g_set_error (error, gksu_quark,
+@@ -2473,12 +2461,6 @@ gksu_sudo_fuller (GksuContext *context,
+ {
+ char **cmd;
+ char buffer[256] = {0};
+- char *child_stderr = NULL;
+- /* This command is used to gain a token */
+- char *const verifycmd[] =
+- {
+- "/usr/bin/sudo", "-p", "GNOME_SUDO_PASS", "-v", NULL
+- };
+ int argcount = 8;
+ int i, j;
+
+@@ -2489,8 +2471,9 @@ gksu_sudo_fuller (GksuContext *context,
+
+ pid_t pid;
+ int status;
+- FILE *fdfile = NULL;
+- int fdpty = -1;
++ FILE *infile, *outfile;
++ int parent_pipe[2]; /* For talking to the parent */
++ int child_pipe[2]; /* For talking to the child */
+
+ context->sudo_mode = TRUE;
+
+@@ -2565,10 +2548,6 @@ gksu_sudo_fuller (GksuContext *context,
+ cmd[argcount] = g_strdup("-S");
+ argcount++;
+
+- /* Make sudo noninteractive (we should already have a token) */
+- cmd[argcount] = g_strdup("-n");
+- argcount++;
+-
+ /* Make sudo use next arg as prompt */
+ cmd[argcount] = g_strdup("-p");
+ argcount++;
+@@ -2647,21 +2626,26 @@ gksu_sudo_fuller (GksuContext *context,
+ fprintf (stderr, "cmd[%d]: %s\n", i, cmd[i]);
+ }
+
+- pid = forkpty(&fdpty, NULL, NULL, NULL);
+- if (pid == 0)
++ if ((pipe(parent_pipe)) == -1)
+ {
+- // Child
+- setsid(); // make us session leader
+-
+- execv(verifycmd[0], verifycmd);
++ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++ _("Error creating pipe: %s"),
++ strerror(errno));
++ sudo_reset_xauth (context, xauth, xauth_env);
++ return FALSE;
++ }
+
+- g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
+- _("Failed to exec new process: %s"),
++ if ((pipe(child_pipe)) == -1)
++ {
++ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++ _("Error creating pipe: %s"),
+ strerror(errno));
+ sudo_reset_xauth (context, xauth, xauth_env);
+ return FALSE;
+ }
+- else if (pid == -1)
++
++ pid = fork();
++ if (pid == -1)
+ {
+ g_set_error (error, gksu_quark, GKSU_ERROR_FORK,
+ _("Failed to fork new process: %s"),
+@@ -2669,26 +2653,56 @@ gksu_sudo_fuller (GksuContext *context,
+ sudo_reset_xauth (context, xauth, xauth_env);
+ return FALSE;
+ }
++ else if (pid == 0)
++ {
++ // Child
++ setsid(); // make us session leader
++ close(child_pipe[1]);
++ dup2(child_pipe[0], STDIN_FILENO);
++ dup2(parent_pipe[1], STDERR_FILENO);
+
++ execv(cmd[0], cmd);
++
++ g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
++ _("Failed to exec new process: %s"),
++ strerror(errno));
++ sudo_reset_xauth (context, xauth, xauth_env);
++ return FALSE;
++ }
+ else
+ {
+ gint counter = 0;
+ gchar *cmdline = NULL;
+- struct termios tio;
+
+ // Parent
+- fdfile = fdopen(fdpty, "w+");
++ close(parent_pipe[1]);
+
+- /* make sure we notice that ECHO is turned off, if it gets
+- turned off */
+- tcgetattr (fdpty, &tio);
+- for (counter = 0; (tio.c_lflag & ECHO) && counter < 15; counter++)
+- {
+- usleep (1000);
+- tcgetattr (fdpty, &tio);
+- }
++ infile = fdopen(parent_pipe[0], "r");
++ if (!infile)
++ {
++ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++ _("Error opening pipe: %s"),
++ strerror(errno));
++ sudo_reset_xauth (context, xauth, xauth_env);
++ return FALSE;
++ }
+
+- fcntl (fdpty, F_SETFL, O_NONBLOCK);
++ outfile = fdopen(child_pipe[1], "w");
++ if (!outfile)
++ {
++ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++ _("Error opening pipe: %s"),
++ strerror(errno));
++ sudo_reset_xauth (context, xauth, xauth_env);
++ return FALSE;
++ }
++
++ /*
++ we are expecting to receive a GNOME_SUDO_PASS
++ if we don't there are two possibilities: an error
++ or a password is not needed
++ */
++ fcntl (parent_pipe[0], F_SETFL, O_NONBLOCK);
+
+ { /* no matter if we can read, since we're using
+ O_NONBLOCK; this is just to avoid the prompt
+@@ -2697,11 +2711,11 @@ gksu_sudo_fuller (GksuContext *context,
+ struct timeval tv;
+
+ FD_ZERO(&rfds);
+- FD_SET(fdpty, &rfds);
++ FD_SET(parent_pipe[0], &rfds);
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+
+- select (fdpty + 1, &rfds, NULL, NULL, &tv);
++ select (parent_pipe[0] + 1, &rfds, NULL, NULL, &tv);
+ }
+
+ /* Try hard to find the prompt; it may happen that we're
+@@ -2713,7 +2727,7 @@ gksu_sudo_fuller (GksuContext *context,
+ if (strncmp (buffer, "GNOME_SUDO_PASS", 15) == 0)
+ break;
+
+- read_line (fdpty, buffer, 256);
++ read_line (parent_pipe[0], buffer, 256);
+
+ if (context->debug)
+ fprintf (stderr, "buffer: -%s-\n", buffer);
+@@ -2747,17 +2761,18 @@ gksu_sudo_fuller (GksuContext *context,
+
+ usleep (1000);
+
+- write (fdpty, password, strlen(password) + 1);
+- write (fdpty, "\n", 1);
++ fprintf (outfile, "%s\n", password);
++ fclose (outfile);
+
+ nullify_password (password);
+
+- fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
++ /* turn NONBLOCK off */
++ fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
+ /* ignore the first newline that comes right after sudo receives
+ the password */
+- fgets (buffer, 255, fdfile);
+- /* this is the status we are interested in */
+- fgets (buffer, 255, fdfile);
++ fgets (buffer, 255, infile);
++ /* this is the status we are interessted in */
++ fgets (buffer, 255, infile);
+ }
+ else
+ {
+@@ -2766,7 +2781,7 @@ gksu_sudo_fuller (GksuContext *context,
+ fprintf (stderr, "No password prompt found; we'll assume we don't need a password.\n");
+
+ /* turn NONBLOCK off, also if have no prompt */
+- fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
++ fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
+
+ should_display = gconf_client_get_bool (context->gconf_client,
+ BASE_PATH "display-no-pass-info", NULL);
+@@ -2785,9 +2800,14 @@ gksu_sudo_fuller (GksuContext *context,
+ fprintf (stderr, "%s", buffer);
+ }
+
+- if (g_str_has_prefix (buffer, "Sorry, try again."))
++ if (!strcmp (buffer, "Sorry, try again.\n"))
+ g_set_error (error, gksu_quark, GKSU_ERROR_WRONGPASS,
+ _("Wrong password."));
++ else if (!strncmp (buffer, "Sorry, user ", 12))
++ g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
++ _("The underlying authorization mechanism (sudo) "
++ "does not allow you to run this program. Contact "
++ "the system administrator."));
+ else
+ {
+ gchar *haystack = buffer;
+@@ -2805,10 +2825,6 @@ gksu_sudo_fuller (GksuContext *context,
+ }
+ }
+
+- /* If we have an error, let's just stop sudo right there. */
+- if (error)
+- close(fdpty);
+-
+ cmdline = g_strdup("sudo");
+ /* wait for the child process to end or become something other
+ than sudo */
+@@ -2825,23 +2841,17 @@ gksu_sudo_fuller (GksuContext *context,
+ if (context->sn_context)
+ gksu_context_launch_complete (context);
+
++ while (read (parent_pipe[0], buffer, 255) > 0)
++ {
++ fprintf (stderr, "%s", buffer);
++ bzero(buffer, 256);
++ }
++
+ /* if the process is still active waitpid() on it */
+ if (pid_exited != pid)
+ waitpid(pid, &status, 0);
+ sudo_reset_xauth (context, xauth, xauth_env);
+
+- /*
+- * Did token acquisition succeed? If so, spawn sudo in
+- * non-interactive mode. It should either succeed or die
+- * immediately if you're not allowed to run the command.
+- */
+- if (WEXITSTATUS(status) == 0)
+- {
+- g_spawn_sync(NULL, cmd, NULL, 0, NULL, NULL,
+- NULL, &child_stderr, &status,
+- error);
+- }
+-
+ if (exit_status)
+ {
+ if (WIFEXITED(status)) {
+@@ -2853,13 +2863,6 @@ gksu_sudo_fuller (GksuContext *context,
+
+ if (WEXITSTATUS(status))
+ {
+- if (g_str_has_prefix(child_stderr, "Sorry, user "))
+- {
+- g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
+- _("The underlying authorization mechanism (sudo) "
+- "does not allow you to run this program. Contact "
+- "the system administrator."));
+- }
+ if(cmdline)
+ {
+ /* sudo already exec()ed something else, don't report
+@@ -2868,7 +2871,6 @@ gksu_sudo_fuller (GksuContext *context,
+ if (!g_str_has_suffix (cmdline, "sudo"))
+ {
+ g_free (cmdline);
+- g_free (child_stderr);
+ return FALSE;
+ }
+ g_free (cmdline);
+@@ -2881,11 +2883,11 @@ gksu_sudo_fuller (GksuContext *context,
+ }
+ }
+
+- fprintf(stderr, child_stderr);
+- g_free(child_stderr);
+-
+ /* if error is set we have found an error condition */
+- return (error == NULL);
++ if (error)
++ return FALSE;
++
++ return TRUE;
+ }
+
+ /**