x11-misc/alock: revbump to 94-r1

* Fix printf issue on compiling * Remove dependency on libXxf86misc; it's deprecated * Correct strict-aliasing error * Correct handling of setuid() return value Patches will be presented to upstream for review Package-Manager: portage-2.2.26
author: Daniel Campbell <zlg@gentoo.org> 2016-01-10 01:42:09 -0800
committer: Daniel Campbell <zlg@gentoo.org> 2016-01-10 01:42:35 -0800
commit: c174fed67ba441d51f8375b4dbe9ed74e861c547 (patch)
tree: 59b0f7b6b3c6b1ebd86ec7a8cb5557a602114acd /x11-misc/alock
parent: d31310c3f0cd8af9ddaa6dd02a6999e26a3caa7c (diff)
download: gentoo-c174fed67ba441d51f8375b4dbe9ed74e861c547.tar.gz
gentoo-c174fed67ba441d51f8375b4dbe9ed74e861c547.tar.xz
5 files changed, 275 insertions, 0 deletions
diff --git a/x11-misc/alock/alock-94-r1.ebuild b/x11-misc/alock/alock-94-r1.ebuild
new file mode 100644
index 00000000000..ceaceb864a7
--- /dev/null
+++ b/x11-misc/alock/alock-94-r1.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit eutils toolchain-funcs
+
+DESCRIPTION="locks the local X display until a password is entered"
+HOMEPAGE="https://code.google.com/p/alock/
+	http://darkshed.net/projects/alock
+	https://github.com/mgumz/alock"
+SRC_URI="https://alock.googlecode.com/files/alock-svn-${PV}.tar.bz2"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="imlib pam"
+
+DEPEND="x11-libs/libX11
+	x11-libs/libXext
+	x11-libs/libXpm
+	x11-libs/libXrender
+	x11-libs/libXcursor
+	imlib? ( media-libs/imlib2[X] )
+	pam? ( virtual/pam )"
+RDEPEND="${DEPEND}"
+
+S=${WORKDIR}/${PN}-svn-${PV}
+
+src_prepare() {
+	epatch "${FILESDIR}"/implicit_pointer_conversion_fix_amd64.patch
+	epatch "${FILESDIR}"/check-setuid.patch
+	epatch "${FILESDIR}"/tidy-printf.patch
+	epatch "${FILESDIR}"/fix-aliasing.patch
+	epatch "${FILESDIR}"/no-xf86misc.patch
+}
+
+src_configure() {
+	tc-export CC
+
+	econf \
+		--prefix=/usr \
+		--with-all \
+		$(use_with pam) \
+		$(use_with imlib imlib2)
+}
+
+src_compile() {
+	# xmlto isn't required, so set to 'true' as dummy program
+	# alock.1 is suitable for a manpage
+	emake XMLTO=true
+}
+
+src_install() {
+	dobin src/alock
+	doman alock.1
+	dodoc {CHANGELOG,README,TODO}.txt
+
+	insinto /usr/share/alock/xcursors
+	doins contrib/xcursor-*
+
+	insinto /usr/share/alock/bitmaps
+	doins bitmaps/*
+
+	if ! use pam; then
+		# Sets suid so alock can correctly work with shadow
+		fperms 4755 /usr/bin/alock
+	fi
+}
diff --git a/x11-misc/alock/files/check-setuid.patch b/x11-misc/alock/files/check-setuid.patch
new file mode 100644
index 00000000000..d29beb07295
--- /dev/null
+++ b/x11-misc/alock/files/check-setuid.patch
@@ -0,0 +1,31 @@
+--- a/src/auth_pam.c
++++ b/src/auth_pam.c
+@@ -138,7 +138,12 @@
+ 
+     /* we can be installed setuid root to support shadow passwords,
+        and we don't need root privileges any longer.  --marekm */
+-    setuid(getuid());
++    int retval;
++    retval = setuid(getuid());
++    /* if setuid's return value isn't checked, it's a security issue */
++    if (retval != 0) {
++        return 0;
++    }
+ 
+     return 1;
+ }
+--- a/src/auth_passwd.c
++++ a/src/auth_passwd.c
+@@ -68,7 +68,11 @@
+ 
+     /* we can be installed setuid root to support shadow passwords,
+        and we don't need root privileges any longer.  --marekm */
+-    setuid(getuid());
++    int retval;
++    retval = setuid(getuid());
++    if (retval != 0) {
++        return 0;
++    }
+ 
+     if (strlen(pwd_entry->pw_passwd) < 13) {
+         perror("password entry has no pwd\n");
diff --git a/x11-misc/alock/files/fix-aliasing.patch b/x11-misc/alock/files/fix-aliasing.patch
new file mode 100644
index 00000000000..a4462c25694
--- /dev/null
+++ b/x11-misc/alock/files/fix-aliasing.patch
@@ -0,0 +1,23 @@
+--- a/src/auth_sha2.c
++++ b/src/auth_sha2.c
+@@ -511,7 +517,8 @@
+             *context->buffer = 0x80;
+         }
+         /* Set the bit count: */
+-        *(u_int64_t *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
++        /* Use memcpy so we're not casting or aliasing */
++        memcpy(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], &context->bitcount, sizeof (context->bitcount));
+ 
+         /* Final transform: */
+         sha256_transform(context, context->buffer);
+@@ -789,8 +796,8 @@
+         *context->buffer = 0x80;
+     }
+     /* Store the length of input data (in bits): */
+-    *(u_int64_t *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
+-    *(u_int64_t *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
++    memcpy(&context->buffer+SHA512_SHORT_BLOCK_LENGTH, &context->bitcount+1, sizeof (context->bitcount+1));
++    memcpy(&context->buffer+SHA512_SHORT_BLOCK_LENGTH+8, &context->bitcount, sizeof (context->bitcount));
+ 
+     /* Final transform: */
+     sha512_transform(context, context->buffer);
diff --git a/x11-misc/alock/files/no-xf86misc.patch b/x11-misc/alock/files/no-xf86misc.patch
new file mode 100644
index 00000000000..7ce3326000f
--- /dev/null
+++ b/x11-misc/alock/files/no-xf86misc.patch
@@ -0,0 +1,129 @@
+--- a/configure
++++ b/configure
+@@ -163,44 +163,6 @@
+     exit 1
+ }
+ 
+-check_xf86misc() {
+-
+-    cat << EOF > tmp.c
+-#include <X11/Xlib.h>
+-#include <X11/extensions/xf86misc.h>
+-int main() {
+-    XF86MiscSetGrabKeysState(NULL, True);
+-    return 0;
+-}
+-EOF
+-    msg_chkfor "extensions/xf86misc.h"
+-    if ${CC} ${CFLAGS} -c tmp.c -o /dev/null 2>&3
+-    then
+-        echo "ok."
+-        msg_chkfor "xf86misc"
+-        if ${CC} ${CFLAGS} tmp.c -o /dev/null ${LDFLAGS} -lX11 -lXxf86misc 2>&3
+-        then
+-            echo "ok."
+-            echo "#_______________________" >&4
+-            echo "WITH_XF86MISC:=1" >&4
+-            echo "LIBS += -lXxf86misc" >&4
+-            echo "" >&4
+-            return
+-        fi
+-    fi
+-    echo "no."
+-    echo " "
+-    echo "!!! WARNING !!!"
+-    echo "   if the xserver is configured to allow"
+-    echo "   'AllowDeactivateGrabs' or 'AllowClosedownGrabs'"
+-    echo "   people can bypass alock !!! consider"
+-    echo "   to install the xf86misc extension!"
+-    echo "!!! WARNING !!!"
+-    echo " "
+-}
+-
+-
+-
+ 
+ check_xlib() {
+ 
+@@ -431,7 +393,6 @@
+ check_docs
+ check_tools
+ check_xlib
+-check_xf86misc
+ check_xlogo16
+ [ "$CHECK_XPM" -eq 1 ] && check_xpm
+ [ "$CHECK_XRENDER" -eq 1 ] && check_xrender
+--- a/src/GNUmakefile
++++ b/src/GNUmakefile
+@@ -46,7 +46,7 @@
+ 
+ ######################
+ 
+-MODULES = PAM PASSWD HASH XRENDER XCURSOR XF86MISC IMLIB2 XPM
++MODULES = PAM PASSWD HASH XRENDER XCURSOR IMLIB2 XPM
+ STAND_ALONES = $(subst auth_,,$(SRC_HASH:.c=))
+ 
+ $(foreach module,$(MODULES),$(eval $(call funcAddModule,$(module))))
+--- a/src/alock.c
++++ b/src/alock.c
+@@ -24,10 +24,6 @@
+ #include <unistd.h>
+ #include <poll.h>
+ 
+-#ifdef HAVE_XF86MISC
+-#include <X11/extensions/xf86misc.h>
+-#endif
+-
+ /*----------------------------------------------*\
+ \*----------------------------------------------*/
+ 
+@@ -405,11 +401,6 @@
+     struct aXInfo xinfo;
+     struct aOpts opts;
+ 
+-#if HAVE_XF86MISC
+-    int xf86misc_major = -1;
+-    int xf86misc_minor = -1;
+-#endif
+-
+     int arg = 0;
+     const char* cursor_args = NULL;
+     const char* background_args = NULL;
+@@ -587,23 +578,6 @@
+         }
+     }
+ 
+-#if HAVE_XF86MISC
+-    {
+-        if (XF86MiscQueryVersion(xinfo.display, &xf86misc_major, &xf86misc_minor) == True) {
+-
+-            if (xf86misc_major >= 0 &&
+-                xf86misc_minor >= 5 &&
+-                XF86MiscSetGrabKeysState(xinfo.display, False) == MiscExtGrabStateLocked) {
+-
+-                printf("%s", "alock: cant disable xserver hotkeys to remove grabs.\n");
+-                exit(EXIT_FAILURE);
+-            }
+-
+-            printf("%s", "disabled AllowDeactivateGrabs and AllowClosedownGrabs\n.");
+-        }
+-    }
+-#endif
+-
+     /* TODO: think about it: do we really need NR_SCREEN cursors ? we grab the
+      * pointer on :*.0 anyway ... */
+     if (XGrabPointer(xinfo.display, xinfo.window[0], False, None,
+@@ -621,13 +595,6 @@
+     opts.cursor->deinit(&xinfo);
+     opts.background->deinit(&xinfo);
+ 
+-#if HAVE_XF86MISC
+-    if (xf86misc_major >= 0 && xf86misc_minor >= 5) {
+-        XF86MiscSetGrabKeysState(xinfo.display, True);
+-        XFlush(xinfo.display);
+-    }
+-#endif
+-
+     XCloseDisplay(xinfo.display);
+ 
+     return EXIT_SUCCESS;
diff --git a/x11-misc/alock/files/tidy-printf.patch b/x11-misc/alock/files/tidy-printf.patch
new file mode 100644
index 00000000000..06a8a37ba7d
--- /dev/null
+++ b/x11-misc/alock/files/tidy-printf.patch
@@ -0,0 +1,23 @@
+--- a/src/cursor_xcursor.c
++++ a/src/cursor_xcursor.c
+@@ -37,17 +37,17 @@
+         return 0;
+ 
+     if (!args || strlen(args) < 13) {
+-        printf("%s", "alock: error, missing arguments for [xcursor].\n");
++        printf("alock: error, missing arguments for [xcursor].\n");
+         return 0;
+     }
+ 
+     if (strstr(args, "xcursor:") != args || strstr(&args[8], "file=") != &args[8]) {
+-        printf("%s", "alock: error, wrong arguments for [xcursor].\n");
++        printf("alock: error, wrong arguments for [xcursor].\n");
+         return 0;
+     }
+ 
+     if (!(cursor = XcursorFilenameLoadCursor(xinfo->display, &args[13]))) {
+-        printf("%s", "alock: error, couldnt load [%s]\n", &args[13]);
++        printf("alock: error, couldnt load [%s]\n", &args[13]);
+         return 0;
+     }
+
author	Daniel Campbell <zlg@gentoo.org>	2016-01-10 01:42:09 -0800
committer	Daniel Campbell <zlg@gentoo.org>	2016-01-10 01:42:35 -0800
commit	c174fed67ba441d51f8375b4dbe9ed74e861c547 (patch)
tree	59b0f7b6b3c6b1ebd86ec7a8cb5557a602114acd /x11-misc/alock
parent	d31310c3f0cd8af9ddaa6dd02a6999e26a3caa7c (diff)
download	gentoo-c174fed67ba441d51f8375b4dbe9ed74e861c547.tar.gz gentoo-c174fed67ba441d51f8375b4dbe9ed74e861c547.tar.xz