Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On Mon, 2018-01-22 at 15:27 +, Jon Turney wrote: > Revised patch attached. This introduces a warning on my Fedora 27 machine: In file included from ../os/rpcauth.c:47:0: /usr/include/tirpc/rpc/rpc.h:83:12: warning: redundant redeclaration of ‘bindresvport’ [-Wredundant-decls] extern int bindresvport(int, struct sockaddr_in *); ^~~~ In file included from /usr/include/tirpc/rpc/rpc.h:40:0, from ../os/rpcauth.c:47: /usr/include/netinet/in.h:502:12: note: previous declaration of ‘bindresvport’ was here extern int bindresvport (int __sockfd, struct sockaddr_in *__sock_in) __THROW; ^~~~ I'm going to assume this is just what you get when glibc still has the rpc interfaces exposed, and hope it goes away later. In the meantime do 'meson configure -Dsecure-rpc=false' if it bothers you. Merged, thanks: remote: I: patch #199791 updated using rev 514d2c243e01b114de304ea72226bbf8772b1b11. remote: I: 1 patch(es) updated to state Accepted. To ssh://git.freedesktop.org/git/xorg/xserver f72587ecc..514d2c243 master -> master - ajax ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On 19/01/2018 11:37, Jon Turney wrote: On 18/01/2018 21:27, Adam Jackson wrote: On Wed, 2018-01-17 at 19:02 +, Jon Turney wrote: On 08/01/2018 20:50, Adam Jackson wrote: --- include/meson.build | 1 + meson_options.txt | 1 + os/meson.build | 4 3 files changed, 6 insertions(+) After this, I needed something like the attached. Eep, indeed you would. But I think we should actually prefer tirpc if it's available, glibc's rpc code has been deprecated for years and I believe the next Fedora release is going to try removing the headers for it again. I guess XTRANS_SECURE_RPC_FLAGS will also need adjusting to express that preference I took a brief look at this: as far as I can tell, the only users of XTRANS_SECURE_RPC_FLAGS are xserver, xhost and xdm. Of these, the only problem seems to be xdm, which uses getsecretkey(), which doesn't seem to be currently provided by libtirpc. This is not something I can easily test, so I think I'll leave it alone :) I'll see if I can revise this patch to prefer tirpc. Revised patch attached. From c4ac359e152eb8ea13f1c6d5894950563ab60b6b Mon Sep 17 00:00:00 2001 From: Jon TurneyDate: Wed, 17 Jan 2018 13:43:47 + Subject: [PATCH xserver] meson: Use and prefer tirpc for Secure RPC authentication --- os/meson.build | 5 + 1 file changed, 5 insertions(+) diff --git a/os/meson.build b/os/meson.build index 54124d32a..ff3a4615b 100644 --- a/os/meson.build +++ b/os/meson.build @@ -54,7 +54,11 @@ if get_option('xdmcp') srcs_os += 'xdmcp.c' endif +rpc_dep = [] if get_option('secure-rpc') +# prefer libtirpc (if available), otherwise assume RPC functions are +# provided by libc. +rpc_dep = dependency('libtirpc', required: false) srcs_os += 'rpcauth.c' endif @@ -73,6 +77,7 @@ libxserver_os = static_library('libxserver_os', common_dep, dl_dep, sha1_dep, +rpc_dep, dependency('xau') ], link_with: libxlibc, -- 2.15.1 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On 18/01/2018 21:00, Eric Anholt wrote: Jon Turney writes: On 08/01/2018 20:50, Adam Jackson wrote: --- include/meson.build | 1 + meson_options.txt | 1 + os/meson.build | 4 3 files changed, 6 insertions(+) After this, I needed something like the attached. I'm curious, why tirpc instead of rpcsvc like xtrans did before? XTRANS_SECURE_RPC_FLAGS does something totally other (and doesn't think secure RPC can be used if the libc in use has no RPC functions) If RPC functions have been found in libc, it adds rpcsvr if it's needed to provide getsecretkey (claiming that's the case on BSD) ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On 18/01/2018 21:27, Adam Jackson wrote: On Wed, 2018-01-17 at 19:02 +, Jon Turney wrote: On 08/01/2018 20:50, Adam Jackson wrote: --- include/meson.build | 1 + meson_options.txt | 1 + os/meson.build | 4 3 files changed, 6 insertions(+) After this, I needed something like the attached. Eep, indeed you would. But I think we should actually prefer tirpc if it's available, glibc's rpc code has been deprecated for years and I believe the next Fedora release is going to try removing the headers for it again. I guess XTRANS_SECURE_RPC_FLAGS will also need adjusting to express that preference Is the extra-underscore thing really necessary? I'd have hoped meson would take care of that. This is not due to leading-underscore ABI issues, it's due to me looking at the following in os/rpcauth.c: #ifdef SVR4 if ((why = __authenticate(, )) != AUTH_OK) { #else if ((why = _authenticate(, )) != AUTH_OK) { #endif I've no idea if that's legitimate or not :) (This is the function that os/rpcauth.c actually uses, as opposed to the function(s) that XTRANS_SECURE_RPC_FLAGS check for) I'll see if I can revise this patch to prefer tirpc. ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On Wed, 2018-01-17 at 19:02 +, Jon Turney wrote: > On 08/01/2018 20:50, Adam Jackson wrote: > > --- > > include/meson.build | 1 + > > meson_options.txt | 1 + > > os/meson.build | 4 > > 3 files changed, 6 insertions(+) > > After this, I needed something like the attached. Eep, indeed you would. But I think we should actually prefer tirpc if it's available, glibc's rpc code has been deprecated for years and I believe the next Fedora release is going to try removing the headers for it again. Is the extra-underscore thing really necessary? I'd have hoped meson would take care of that. - ajax ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
Jon Turneywrites: > On 08/01/2018 20:50, Adam Jackson wrote: >> --- >> include/meson.build | 1 + >> meson_options.txt | 1 + >> os/meson.build | 4 >> 3 files changed, 6 insertions(+) > > After this, I needed something like the attached. I'm curious, why tirpc instead of rpcsvc like xtrans did before? signature.asc Description: PGP signature ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
On 08/01/2018 20:50, Adam Jackson wrote: --- include/meson.build | 1 + meson_options.txt | 1 + os/meson.build | 4 3 files changed, 6 insertions(+) After this, I needed something like the attached. From 6f11847ccf0cc5833e73dba79380ec6ae5123782 Mon Sep 17 00:00:00 2001 From: Jon TurneyDate: Wed, 17 Jan 2018 13:43:47 + Subject: [PATCH xserver] meson: look for Secure RPC authentication function in tirpc If Secure RPC authentication isn't found in libc, look for it in tirpc. Signed-off-by: Jon Turney --- Notes: This does something different to XTRANS_SECURE_RPC_FLAGS, which I hadn't realized could be doing something like this. But maybe I should just default this to false for me, instead. os/meson.build | 5 + 1 file changed, 5 insertions(+) diff --git a/os/meson.build b/os/meson.build index 54124d32a..e2ab68346 100644 --- a/os/meson.build +++ b/os/meson.build @@ -54,7 +54,11 @@ if get_option('xdmcp') srcs_os += 'xdmcp.c' endif +rpc_dep = [] if get_option('secure-rpc') +if not (cc.has_function('_authenticate') or cc.has_function('__authenticate')) +rpc_dep = dependency('libtirpc') +endif srcs_os += 'rpcauth.c' endif @@ -73,6 +77,7 @@ libxserver_os = static_library('libxserver_os', common_dep, dl_dep, sha1_dep, +rpc_dep, dependency('xau') ], link_with: libxlibc, -- 2.15.1 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH xserver 1/2] meson: Enable SUN-DES-1 auth code
Adam Jacksonwrites: > Signed-off-by: Adam Jackson These two are: Reviewed-by: Eric Anholt signature.asc Description: PGP signature ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel