commit: e9a67e35cd6202716b4501a05c472cc067126a5e Author: Andreas Sturmlechner <andreas.sturmlechner <AT> gmail <DOT> com> AuthorDate: Sun Feb 21 19:45:04 2016 +0000 Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org> CommitDate: Wed Mar 2 19:23:18 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9a67e35
kde-apps/kwalletd-pam: Import from kde overlay Package-Manager: portage-2.2.27 kde-apps/kwalletd-pam/Manifest | 1 + .../files/kwalletd-pam-5.5.4-coverity.patch | 31 +++++++++++ kde-apps/kwalletd-pam/kwalletd-pam-5.5.5.ebuild | 63 ++++++++++++++++++++++ kde-apps/kwalletd-pam/metadata.xml | 8 +++ 4 files changed, 103 insertions(+) diff --git a/kde-apps/kwalletd-pam/Manifest b/kde-apps/kwalletd-pam/Manifest new file mode 100644 index 0000000..48196c7 --- /dev/null +++ b/kde-apps/kwalletd-pam/Manifest @@ -0,0 +1 @@ +DIST kwallet-pam-5.5.5.tar.xz 16280 SHA256 19c153a0593232767b370a1310f16d13673caba13842571bb7cb01535ba89336 SHA512 7daf595c110df7277a609590bb48da8a038c8516ed3bd6a6f55cdb73df850ef6989f248e5ed7b7128abd5fda0b358b4d695043c974d49451a0037b8a3280c92a WHIRLPOOL 7601debd5eed6baf4bddf98fff424280999e95bc30000663254b391e673df7b191f112689d3914d9dfec3f0bf3142fbe88b8d30b159563be659c9cc91a65ea49 diff --git a/kde-apps/kwalletd-pam/files/kwalletd-pam-5.5.4-coverity.patch b/kde-apps/kwalletd-pam/files/kwalletd-pam-5.5.4-coverity.patch new file mode 100644 index 0000000..4cfd513 --- /dev/null +++ b/kde-apps/kwalletd-pam/files/kwalletd-pam-5.5.4-coverity.patch @@ -0,0 +1,31 @@ +From: Michael Pyne <mp...@kde.org> +Date: Mon, 28 Dec 2015 01:33:23 +0000 +Subject: Check sockaddr_un buffer size before strcpy()ing into it. +X-Git-Url: http://quickgit.kde.org/?p=kwallet-pam.git&a=commitdiff&h=9543cc4058b24e4e5bfe8d324de309ca7050058b +--- +Check sockaddr_un buffer size before strcpy()ing into it. + +Coverity strikes again, and notes in CID 1335116 that copying the socket name +into a fixed-size buffer here could overflow the buffer. I don't see any reason +it would be wrong in all cases, so best to double-check. + +REVIEW:126539 +--- + + +--- a/pam_kwallet.c ++++ b/pam_kwallet.c +@@ -422,6 +422,12 @@ + + struct sockaddr_un local; + local.sun_family = AF_UNIX; ++ ++ if ((size_t)len > sizeof(local.sun_path)) { ++ pam_syslog(pamh, LOG_ERR, "%s: socket path %s too long to open", ++ logPrefix, fullSocket); ++ return; ++ } + strcpy(local.sun_path, fullSocket); + unlink(local.sun_path);//Just in case it exists from a previous login + + diff --git a/kde-apps/kwalletd-pam/kwalletd-pam-5.5.5.ebuild b/kde-apps/kwalletd-pam/kwalletd-pam-5.5.5.ebuild new file mode 100644 index 0000000..4be7775 --- /dev/null +++ b/kde-apps/kwalletd-pam/kwalletd-pam-5.5.5.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +MY_PN="kwallet-pam" +inherit cmake-utils multilib + +DESCRIPTION="KWallet PAM module to not enter password again" +HOMEPAGE="https://www.kde.org/"; +SRC_URI="mirror://kde/stable/plasma/${PV}/${MY_PN}-${PV}.tar.xz" + +LICENSE="LGPL-2.1" +SLOT="4" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND=" + dev-libs/libgcrypt:0= + virtual/pam +" +RDEPEND="${DEPEND} + net-misc/socat +" + +S="${WORKDIR}/${MY_PN}-${PV}" + +PATCHES=( "${FILESDIR}/${P}-coverity.patch" ) + +src_configure() { + local mycmakeargs=( + -DCMAKE_INSTALL_LIBDIR="/$(get_libdir)" + -DKWALLET4=1 + ) + + cmake-utils_src_configure +} + +pkg_postinst() { + check_dm() { + if [[ -e "${ROOT}${2}" ]] && \ + [[ -n $(egrep "auth\s+optional\s+pam_kwallet.so" "${ROOT}${2}") ]] && \ + [[ -n $(egrep "session\s+optional\s+pam_kwallet.so" "${ROOT}${2}") ]]; then + elog " ${1} - ${2} ...GOOD" + else + ewarn " ${1} - ${2} ...BAD" + fi + } + elog + elog "This package enables auto-unlocking of kde-apps/kwalletd:4." + elog "List of things to make it work:" + elog "1. Use same password for login and kwallet" + elog "2. A display manager with support for PAM" + elog "3.a Have the following lines in the display manager's pam.d file:" + elog " -auth optional pam_kwallet.so kdehome=.kde4" + elog " -session optional pam_kwallet.so" + elog "3.b Checking installed DMs..." + has_version "x11-misc/sddm" && check_dm "SDDM" "/etc/pam.d/sddm" + has_version "x11-misc/lightdm" && check_dm "LightDM" "/etc/pam.d/lightdm" + has_version "kde-base/kdm" && check_dm "KDM" "/etc/pam.d/kde" + elog +} diff --git a/kde-apps/kwalletd-pam/metadata.xml b/kde-apps/kwalletd-pam/metadata.xml new file mode 100644 index 0000000..2fdbf33 --- /dev/null +++ b/kde-apps/kwalletd-pam/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> + <maintainer type="project"> + <email>k...@gentoo.org</email> + <name>Gentoo KDE Project</name> + </maintainer> +</pkgmetadata>
