summaryrefslogtreecommitdiff
path: root/app-crypt/monkeysphere/files
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/monkeysphere/files')
-rw-r--r--app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch45
-rw-r--r--app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch98
-rw-r--r--app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch53
3 files changed, 196 insertions, 0 deletions
diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch
new file mode 100644
index 00000000000..dbf9d5f590c
--- /dev/null
+++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch
@@ -0,0 +1,45 @@
+From b756fd2e58ab013b5c9bfc2658ed9ad48868067c Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Sun, 7 Aug 2016 18:24:47 -0400
+Subject: [PATCH] avoid warning about unused asprintf return value
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+some versions of gcc produce this warning, which is treated as an
+error due to our conservative defaults in Makefile:
+
+src/agent-transfer/main.c: In function ‘main’:
+src/agent-transfer/main.c:676:5: error: ignoring return value of ‘asprintf’, declared with attribute warn_unused_result [-Werror=unused-result]
+ asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip);
+ ^
+cc1: all warnings being treated as errors
+
+this patch avoids the warning.
+---
+ src/agent-transfer/main.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/agent-transfer/main.c b/src/agent-transfer/main.c
+index 406aaa3..3038f5c 100644
+--- a/src/agent-transfer/main.c
++++ b/src/agent-transfer/main.c
+@@ -672,8 +672,13 @@ int main (int argc, const char* argv[]) {
+ return 1;
+ }
+
+- if (!args.comment)
+- asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip);
++ if (!args.comment) {
++ err = asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip);
++ if (err < 0) {
++ fprintf (stderr, "failed to generate key comment\n");
++ return 1;
++ }
++ }
+
+ err = send_to_ssh_agent (&e, ssh_sock_fd, args.seconds, args.confirm,
+ args.comment ? args.comment : alt_comment);
+--
+2.7.3
+
diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch
new file mode 100644
index 00000000000..4d98c0a7cf5
--- /dev/null
+++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch
@@ -0,0 +1,98 @@
+From c75c7553a88e387013e2b4310f4c4956adfd8a98 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Mon, 8 Aug 2016 20:45:07 -0400
+Subject: [PATCH 1/2] avoid treating src/share/common as an executable
+
+having src/share/common treated as an executable (commit
+ed10318d3760b56e57d5e1bef04ab57761ab8bd1) was actually a terrible
+idea.
+
+In addition to causing "monkeysphere version" to print the version
+number twice, it meant that any invocation of a monkeysphere command
+that sourced src/share/common and had a first argument that happened
+to be a function name would accidentally invoke that function.
+
+This commit reverts that idea.
+---
+ Makefile | 2 +-
+ src/share/common | 5 -----
+ src/share/ma/add_certifier | 2 +-
+ src/share/ma/update_users | 2 +-
+ src/share/mh/add_revoker | 2 +-
+ 5 files changed, 4 insertions(+), 9 deletions(-)
+ mode change 100755 => 100644 src/share/common
+
+diff --git a/Makefile b/Makefile
+index 608a317..768564a 100755
+--- a/Makefile
++++ b/Makefile
+@@ -55,7 +55,7 @@ install: all installman
+ install src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin
+ sed -i 's:__SYSSHAREDIR_PREFIX__:$(PREFIX):' $(DESTDIR)$(PREFIX)/sbin/monkeysphere-authentication
+ install src/monkeysphere-authentication-keys-for-user $(DESTDIR)$(PREFIX)/share/monkeysphere
+- install -m 0755 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere
++ install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere
+ install -m 0644 src/share/defaultenv $(DESTDIR)$(PREFIX)/share/monkeysphere
+ sed -i 's:__SYSCONFDIR_PREFIX__:$(ETCPREFIX):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv
+ sed -i 's:__SYSDATADIR_PREFIX__:$(LOCALSTATEDIR):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv
+diff --git a/src/share/common b/src/share/common
+old mode 100755
+new mode 100644
+index 66181a3..b10a040
+--- a/src/share/common
++++ b/src/share/common
+@@ -1,4 +1,3 @@
+-#!/usr/bin/env bash
+ # -*-shell-script-*-
+ # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
+
+@@ -1022,7 +1021,3 @@ report_cruft() {
+ printf "The directories above are backups left over from a monkeysphere transition.\nThey may contain copies of sensitive data (host keys, certifier lists), but\nthey are no longer needed by monkeysphere.\nYou may remove them at any time.\n\n" | log info
+ fi
+ }
+-
+-if [ -n "$1" ] && [ "$(type -t "$1" || true)" = "function" ]; then
+- "$@"
+-fi
+diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier
+index 1d450e7..5416aa9 100644
+--- a/src/share/ma/add_certifier
++++ b/src/share/ma/add_certifier
+@@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then
+ # check the key is ok as monkeysphere user before loading
+ log debug "checking keys in file..."
+ fingerprint=$(su_monkeysphere_user \
+- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$keyID")
++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$keyID")
+
+ if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
+ failure "There was not exactly one gpg key in the file."
+diff --git a/src/share/ma/update_users b/src/share/ma/update_users
+index d23c125..4f83e0c 100644
+--- a/src/share/ma/update_users
++++ b/src/share/ma/update_users
+@@ -79,7 +79,7 @@ for uname in $unames ; do
+
+ # process authorized_user_ids file, as monkeysphere user
+ su_monkeysphere_user \
+- /usr/bin/env "STRICT_MODES=$STRICT_MODES" "${SYSSHAREDIR}/common" process_authorized_user_ids - \
++ /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c ". ${SYSSHAREDIR}/common && process_authorized_user_ids -" \
+ < "$authorizedUserIDs" \
+ > "$tmpAuthorizedKeys"
+
+diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker
+index 28b11ac..e00ac4e 100644
+--- a/src/share/mh/add_revoker
++++ b/src/share/mh/add_revoker
+@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then
+ # check the key is ok as monkeysphere user before loading
+ log debug "checking keys in file..."
+ fingerprint=$(su_monkeysphere_user \
+- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$revokerKeyID")
++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$revokerKeyID")
+
+ if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
+ failure "There was not exactly one gpg key in the file."
+--
+2.7.3
+
diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch
new file mode 100644
index 00000000000..65d3ba6a95a
--- /dev/null
+++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch
@@ -0,0 +1,53 @@
+From 0e339de4772b6de1849dc55790821c3dd5943be3 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Tue, 9 Aug 2016 09:39:45 -0400
+Subject: [PATCH 2/2] ensure that this works even if SYSSHAREDIR has whitespace
+
+---
+ src/share/ma/add_certifier | 2 +-
+ src/share/ma/update_users | 2 +-
+ src/share/mh/add_revoker | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier
+index 5416aa9..9488806 100644
+--- a/src/share/ma/add_certifier
++++ b/src/share/ma/add_certifier
+@@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then
+ # check the key is ok as monkeysphere user before loading
+ log debug "checking keys in file..."
+ fingerprint=$(su_monkeysphere_user \
+- bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$keyID")
++ bash -c "$(printf ". %q && list_primary_fingerprints" "${SYSSHAREDIR}/common")" < "$keyID")
+
+ if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
+ failure "There was not exactly one gpg key in the file."
+diff --git a/src/share/ma/update_users b/src/share/ma/update_users
+index 4f83e0c..a0ec21b 100644
+--- a/src/share/ma/update_users
++++ b/src/share/ma/update_users
+@@ -79,7 +79,7 @@ for uname in $unames ; do
+
+ # process authorized_user_ids file, as monkeysphere user
+ su_monkeysphere_user \
+- /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c ". ${SYSSHAREDIR}/common && process_authorized_user_ids -" \
++ /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c "$(printf ". %q && process_authorized_user_ids -" "${SYSSHAREDIR}/common")"\
+ < "$authorizedUserIDs" \
+ > "$tmpAuthorizedKeys"
+
+diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker
+index e00ac4e..de08961 100644
+--- a/src/share/mh/add_revoker
++++ b/src/share/mh/add_revoker
+@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then
+ # check the key is ok as monkeysphere user before loading
+ log debug "checking keys in file..."
+ fingerprint=$(su_monkeysphere_user \
+- bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$revokerKeyID")
++ bash -c "$(printf ". %q && list_primary_fingerprints" "${SYSSHAREDIR}/common")" < "$revokerKeyID")
+
+ if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
+ failure "There was not exactly one gpg key in the file."
+--
+2.7.3
+
generated by cgit v1.2.1 (git 2.18.0) at 2024-07-01 08:44:04 +0000