Bug#691844: xauth: Failed X11 forwarding when using GDM via XDMCP

2012-10-30 Thread Stefan Voelkel 
Package: xauth
Version: 1:1.0.4-1
Severity: normal
Tags: upstream patch


When using GDM via XDMCP, for examle when accessing GDM via
vncserver->XDMCP->localhost, ssh is no longer able to forward X11.

Invalid MIT-MAGIC-COOKIE-1 keyxterm Xt error: Can't open display:
localhost:10.0

The problem is, that xauth is unable to deal with the Family "FamilyWild" which
is used by GDM in XDMCP to store the MIT-MAGIC-COOKIE-1 for the user.

Attached are two patches, one for 1.0.4-1 and one for 1.0.7-1. The original
Patch is by Dr. Tilmann Bubeck.

Upstream Bug is at

https://bugs.freedesktop.org/show_bug.cgi?id=43425

FWIW, Redhat also has a bug for this:

https://bugzilla.redhat.com/show_bug.cgi?id=505545

-- System Information:
Debian Release: 6.0.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-xen-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages xauth depends on:
ii  libc6 2.11.3-4   Embedded GNU C Library: Shared lib
ii  libx11-6  2:1.3.3-4  X11 client-side library
ii  libxau6   1:1.0.6-1  X11 authorisation library
ii  libxext6  2:1.1.2-1  X11 miscellaneous extension librar
ii  libxmuu1  2:1.0.5-2  X11 miscellaneous micro-utility li

xauth recommends no packages.

xauth suggests no packages.

-- no debconf information
>From 5da21eaf6ec6537c3aab23adbebd617050e0c2c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20V=C3=B6lkel?= 
Date: Wed, 8 Aug 2012 14:13:08 +0200
Subject: [PATCH] improve to handle FamilyWild necessary for GDM/XDMCP/SSH #43425

---
 process.c |   76 +---
 1 files changed, 67 insertions(+), 9 deletions(-)

diff --git a/process.c b/process.c
index 893b51d..5a3984c 100644
--- a/process.c
+++ b/process.c
@@ -465,8 +465,11 @@ read_auth_entries(FILE *fp, Bool numeric, AuthList 
**headp, AuthList **tailp)
 return n;
 }
 
-static Bool 
-get_displayname_auth(char *displayname, AuthList **authl)
+/**
+ * Parse the given displayname and build a corresponding AuthList.
+ */
+static Bool
+get_displayname_auth(const char *displayname, AuthList **authl)
 {
 int family;
 char *host = NULL, *rest = NULL;
@@ -997,6 +1000,9 @@ dump_entry(char *inputfilename, int lineno, Xauth *auth, 
char *data)
fwrite (auth->address, sizeof (char), auth->address_length, fp);
fprintf (fp, "/unix");
break;
+ case FamilyWild:
+   fwrite (auth->address, sizeof (char), auth->address_length, fp);
+   break;
  case FamilyInternet:
 #if defined(IPv6) && defined(AF_INET6)
  case FamilyInternet6:
@@ -1079,6 +1085,49 @@ match_auth_dpy(register Xauth *a, register Xauth *b)
 memcmp(a->number, b->number, a->number_length) == 0) ? 1 : 0);
 }
 
+static int
+match_authwild_dpy(register Xauth *a, const char *displayname)
+{
+int family;
+char *host = NULL, *rest = NULL;
+int dpynum, scrnum;
+char dpynumbuf[40];/* want to hold largest display 
num */
+
+if ( a->family != FamilyWild )
+   return False;
+
+if (!parse_displayname (displayname,
+   &family, &host, &dpynum, &scrnum, &rest)) {
+   free(host);
+   free(rest);
+
+   return False;
+}
+
+dpynumbuf[0] = '\0';
+sprintf (dpynumbuf, "%d", dpynum);
+
+if (a->address_length != strlen(host) || a->number_length != 
strlen(dpynumbuf)) {
+   free(host);
+   free(rest);
+
+return False;
+}
+
+if (memcmp(a->address, host, a->address_length) == 0 &&
+memcmp(a->number, dpynumbuf, a->number_length) == 0) {
+   free(host);
+   free(rest);
+
+return True;
+} else {
+   free(host);
+   free(rest);
+
+return False;
+   }
+}
+
 /* return non-zero iff display and authorization type are the same */
 
 static int 
@@ -1242,13 +1291,22 @@ iterdpy (char *inputfilename, int lineno, int start,
/* l may be freed by remove_entry below. so save its contents */
next = l->next;
tmp_auth = copyAuth(l->auth);
-   for (proto = proto_head; proto; proto = proto->next) {
-   if (match_auth_dpy (proto->auth, tmp_auth)) {
-   matched = True;
-   if (yfunc) {
-   status = (*yfunc) (inputfilename, lineno,
-  tmp_auth, data);
-   if (status < 0) break;
+
+   if ( match_authwild_dpy(tmp_auth, displayname) ) {
+   matched = True;
+   if (yfunc) {
+   status = (*yfunc) (inputfilename, lineno,
+  tmp_auth, data);
+   }
+   } else {
+   for (proto = proto_he

Bug#453007: xbacklight: Also on nc10

2010-04-19 Thread Stefan Voelkel 
Package: xbacklight
Version: 1.1.1-1
Severity: normal

[ I guess the bug's subject is wrong, should be
 
  "xbacklight -inc doesn't work, xbacklight -dec and xbacklight -set work"

]

On my Samsung nc10 using awesome as windowmanager -inc does not work, -dec and
-set do.

HTH

  Stefan

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-3-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages xbacklight depends on:
ii  libc6 2.10.2-6   Embedded GNU C Library: Shared lib
ii  libx11-6  2:1.3.3-2  X11 client-side library
ii  libxrandr22:1.3.0-3  X11 RandR extension library
ii  libxrender1   1:0.9.5-2  X Rendering Extension client libra

xbacklight recommends no packages.

xbacklight suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20100419120448.5690.60953.report...@nc10.bc