Hello community,
here is the log from the commit of package lightdm for openSUSE:Factory checked in at 2013-02-01 09:45:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lightdm (Old)
and /work/SRC/openSUSE:Factory/.lightdm.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lightdm", Maintainer is ""
Changes:
--------
--- /work/SRC/openSUSE:Factory/lightdm/lightdm.changes 2013-01-31 10:27:21.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.lightdm.new/lightdm.changes 2013-02-01 09:45:29.000000000 +0100
@@ -1,0 +2,10 @@
+Thu Jan 31 18:17:14 UTC 2013 - gber@opensuse.org
+
+- added lightdm-use-fine-grained-memory-locking.patch in order to
+ use libgcrypt to selectively secure password memory instead of
+ the big-hammer approach of mlockall (backported from upstrem bzr)
+- added lightdm-fix-determining-active-display.patch in order to
+ correctly work out the active display from the active VT when it
+ exits so a greeter starts (backported from upstrem bzr)
+
+-------------------------------------------------------------------
New:
----
lightdm-fix-determining-active-display.patch
lightdm-use-fine-grained-memory-locking.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lightdm.spec ++++++
--- /var/tmp/diff_new_pack.xqQdPy/_old 2013-02-01 09:45:32.000000000 +0100
+++ /var/tmp/diff_new_pack.xqQdPy/_new 2013-02-01 09:45:32.000000000 +0100
@@ -60,6 +60,10 @@
Patch8: lightdm-do-not-strip-codeset-from-language.patch
# PATCH-FIX-OPENSUSE lightdm-use-run-dir.patch gber@opensuse.org -- Use /run instead of /var/run
Patch9: lightdm-use-run-dir.patch
+# PATCH-FIX-UPSTREAM lightdm-fix-determining-active-display.patch gber@opensuse.org -- Correctly work out the active display from the active VT when it exits so a greeter starts (backported from upstrem bzr)
+Patch10: lightdm-fix-determining-active-display.patch
+# PATCH-FIX-UPSTREAM lightdm-use-fine-grained-memory-locking.patch gber@opensuse.org -- Use libgcrypt to selectively secure password memory instead of the big-hammer approach of mlockall (backported from upstrem bzr)
+Patch11: lightdm-use-fine-grained-memory-locking.patch
BuildRequires: gcc-c++
BuildRequires: gnome-common
BuildRequires: gtk-doc
@@ -72,6 +76,7 @@
BuildRequires: xdm
%endif
BuildRequires: polkit
+BuildRequires: libgcrypt-devel
BuildRequires: pkgconfig(gobject-introspection-1.0)
BuildRequires: pkgconfig(gio-2.0)
BuildRequires: pkgconfig(gio-unix-2.0)
@@ -158,6 +163,8 @@
%if 0%{?suse_version} >= 1230
%patch9 -p1
%endif
+%patch10 -p1
+%patch11 -p1
%build
./autogen.sh
++++++ lightdm-fix-determining-active-display.patch ++++++
# HG changeset patch
# User Robert Ancell
# Date 1354075156 -46800
# Branch lightdm
# Node ID ed6e0407be07304f9a7e95b1723205363e2914f7
# Parent a2ded106d9a556fbadb661003e300cd3d0c49a1f
Correctly work out the active display from the active VT when it exits so a greeter starts
diff --git a/src/display.c b/src/display.c
--- a/src/display.c
+++ b/src/display.c
@@ -112,8 +112,11 @@ static void user_session_stopped_cb (Ses
Display *
display_new (DisplayServer *display_server)
{
- Display *display = g_object_new (DISPLAY_TYPE, NULL);
+ Display *display;
+ g_return_val_if_fail (display_server != NULL, NULL);
+
+ display = g_object_new (DISPLAY_TYPE, NULL);
display->priv->display_server = g_object_ref (display_server);
return display;
@@ -604,7 +607,7 @@ greeter_session_stopped_cb (Session *ses
return;
}
- if (!display->priv->display_server)
+ if (display_server_get_is_stopped (display->priv->display_server))
return;
/* Start the session for the authenticated user */
@@ -764,10 +767,6 @@ display_server_stopped_cb (DisplayServer
{
g_debug ("Display server stopped");
- g_signal_handlers_disconnect_matched (display->priv->display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, display);
- g_object_unref (display->priv->display_server);
- display->priv->display_server = NULL;
-
/* Stop this display, it will be restarted by the seat if necessary */
display_stop (display);
}
@@ -835,47 +834,6 @@ display_start (Display *display)
return TRUE;
}
-void
-display_stop (Display *display)
-{
- g_return_if_fail (display != NULL);
-
- if (display->priv->stopped)
- return;
-
- if (!display->priv->stopping)
- {
- g_debug ("Stopping display");
- display->priv->stopping = TRUE;
- }
-
- /* Stop the session first */
- if (display->priv->session)
- {
- session_stop (display->priv->session);
- if (display->priv->session && !session_get_is_stopped (display->priv->session))
- return;
- g_signal_handlers_disconnect_matched (display->priv->session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, display);
- g_object_unref (display->priv->session);
- display->priv->session = NULL;
- }
-
- /* Stop the display server after that */
- if (display->priv->display_server)
- {
- display_server_stop (display->priv->display_server);
- if (display->priv->display_server && !display_server_get_is_stopped (display->priv->display_server))
- return;
- g_signal_handlers_disconnect_matched (display->priv->display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, display);
- g_object_unref (display->priv->display_server);
- display->priv->display_server = NULL;
- }
-
- display->priv->stopped = TRUE;
- g_debug ("Display stopped");
- g_signal_emit (display, signals[STOPPED], 0);
-}
-
gboolean
display_get_is_ready (Display *display)
{
@@ -910,6 +868,51 @@ display_unlock (Display *display)
session_unlock (display->priv->session);
}
+void
+display_stop (Display *display)
+{
+ g_return_if_fail (display != NULL);
+
+ if (display->priv->stopped)
+ return;
+
+ if (!display->priv->stopping)
+ {
+ g_debug ("Stopping display");
+ display->priv->stopping = TRUE;
+ }
+
+ /* Stop the session first */
+ if (display->priv->session)
+ {
+ session_stop (display->priv->session);
+ if (display->priv->session && !session_get_is_stopped (display->priv->session))
+ return;
+ g_signal_handlers_disconnect_matched (display->priv->session, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, display);
+ g_object_unref (display->priv->session);
+ display->priv->session = NULL;
+ }
+
+ /* Stop the display server after that */
+ if (!display_server_get_is_stopped (display->priv->display_server))
+ {
+ display_server_stop (display->priv->display_server);
+ if (!display_server_get_is_stopped (display->priv->display_server))
+ return;
+ }
+
+ display->priv->stopped = TRUE;
+ g_debug ("Display stopped");
+ g_signal_emit (display, signals[STOPPED], 0);
+}
+
+gboolean
+display_get_is_stopped (Display *display)
+{
+ g_return_val_if_fail (display != NULL, FALSE);
+ return display->priv->stopped;
+}
+
static gboolean
display_real_switch_to_user (Display *display, User *user)
{
@@ -941,11 +944,8 @@ display_finalize (GObject *object)
self = DISPLAY (object);
- if (self->priv->display_server)
- {
- g_signal_handlers_disconnect_matched (self->priv->display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self);
- g_object_unref (self->priv->display_server);
- }
+ g_signal_handlers_disconnect_matched (self->priv->display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self);
+ g_object_unref (self->priv->display_server);
g_free (self->priv->greeter_session);
if (self->priv->greeter)
{
diff --git a/src/display.h b/src/display.h
--- a/src/display.h
+++ b/src/display.h
@@ -90,6 +90,8 @@ void display_unlock (Display *display);
void display_stop (Display *display);
+gboolean display_get_is_stopped (Display *display);
+
G_END_DECLS
#endif /* _DISPLAY_H_ */
diff --git a/src/seat-xdmcp-session.c b/src/seat-xdmcp-session.c
--- a/src/seat-xdmcp-session.c
+++ b/src/seat-xdmcp-session.c
@@ -64,12 +64,6 @@ seat_xdmcp_session_create_session (Seat
}
static void
-seat_xdmcp_session_display_removed (Seat *seat, Display *display)
-{
- seat_stop (seat);
-}
-
-static void
seat_xdmcp_session_init (SeatXDMCPSession *seat)
{
seat->priv = G_TYPE_INSTANCE_GET_PRIVATE (seat, SEAT_XDMCP_SESSION_TYPE, SeatXDMCPSessionPrivate);
@@ -95,7 +89,6 @@ seat_xdmcp_session_class_init (SeatXDMCP
seat_class->create_display_server = seat_xdmcp_session_create_display_server;
seat_class->create_session = seat_xdmcp_session_create_session;
- seat_class->display_removed = seat_xdmcp_session_display_removed;
object_class->finalize = seat_xdmcp_session_finalize;
g_type_class_add_private (klass, sizeof (SeatXDMCPSessionPrivate));
diff --git a/src/seat-xlocal.c b/src/seat-xlocal.c
--- a/src/seat-xlocal.c
+++ b/src/seat-xlocal.c
@@ -125,13 +125,36 @@ seat_xlocal_create_session (Seat *seat,
static void
seat_xlocal_set_active_display (Seat *seat, Display *display)
{
- gint number = xserver_local_get_vt (XSERVER_LOCAL (XSERVER (display_get_display_server (display))));
- if (number >= 0)
- vt_set_active (number);
+ gint vt = xserver_local_get_vt (XSERVER_LOCAL (display_get_display_server (display)));
+ if (vt >= 0)
+ vt_set_active (vt);
SEAT_CLASS (seat_xlocal_parent_class)->set_active_display (seat, display);
}
+static Display *
+seat_xlocal_get_active_display (Seat *seat)
+{
+ gint vt;
+ GList *link;
+
+ vt = vt_get_active ();
+ if (vt < 0)
+ return NULL;
+
+ for (link = seat_get_displays (seat); link; link = link->next)
+ {
+ Display *display = link->data;
+ XServerLocal *xserver;
+
+ xserver = XSERVER_LOCAL (display_get_display_server (display));
+ if (xserver_local_get_vt (xserver) == vt)
+ return display;
+ }
+
+ return NULL;
+}
+
static void
seat_xlocal_run_script (Seat *seat, Display *display, Process *script)
{
@@ -151,28 +174,6 @@ seat_xlocal_run_script (Seat *seat, Disp
}
static void
-seat_xlocal_display_removed (Seat *seat, Display *display)
-{
- if (seat_get_is_stopping (seat))
- return;
-
- /* If this is the only display and it failed to start then stop this seat */
- if (g_list_length (seat_get_displays (seat)) == 0 && !display_get_is_ready (display))
- {
- g_debug ("Stopping X local seat, failed to start a display");
- seat_stop (seat);
- return;
- }
-
- /* Show a new greeter */
- if (display == seat_get_active_display (seat))
- {
- g_debug ("Active display stopped, switching to greeter");
- seat_switch_to_greeter (seat);
- }
-}
-
-static void
seat_xlocal_init (SeatXLocal *seat)
{
}
@@ -186,6 +187,6 @@ seat_xlocal_class_init (SeatXLocalClass
seat_class->create_display_server = seat_xlocal_create_display_server;
seat_class->create_session = seat_xlocal_create_session;
seat_class->set_active_display = seat_xlocal_set_active_display;
+ seat_class->get_active_display = seat_xlocal_get_active_display;
seat_class->run_script = seat_xlocal_run_script;
- seat_class->display_removed = seat_xlocal_display_removed;
}
diff --git a/src/seat-xremote.c b/src/seat-xremote.c
--- a/src/seat-xremote.c
+++ b/src/seat-xremote.c
@@ -71,13 +71,6 @@ seat_xremote_run_script (Seat *seat, Dis
}
static void
-seat_xremote_display_removed (Seat *seat, Display *display)
-{
- /* Can't restart the display, so remove this seat */
- seat_stop (seat);
-}
-
-static void
seat_xremote_init (SeatXRemote *seat)
{
}
@@ -91,5 +84,4 @@ seat_xremote_class_init (SeatXRemoteClas
seat_class->create_display_server = seat_xremote_create_display_server;
seat_class->create_session = seat_xremote_create_session;
seat_class->run_script = seat_xremote_run_script;
- seat_class->display_removed = seat_xremote_display_removed;
}
diff --git a/src/seat-xvnc.c b/src/seat-xvnc.c
--- a/src/seat-xvnc.c
+++ b/src/seat-xvnc.c
@@ -104,12 +104,6 @@ seat_xvnc_run_script (Seat *seat, Displa
}
static void
-seat_xvnc_display_removed (Seat *seat, Display *display)
-{
- seat_stop (seat);
-}
-
-static void
seat_xvnc_init (SeatXVNC *seat)
{
seat->priv = G_TYPE_INSTANCE_GET_PRIVATE (seat, SEAT_XVNC_TYPE, SeatXVNCPrivate);
@@ -136,7 +130,6 @@ seat_xvnc_class_init (SeatXVNCClass *kla
seat_class->create_display_server = seat_xvnc_create_display_server;
seat_class->create_session = seat_xvnc_create_session;
seat_class->run_script = seat_xvnc_run_script;
- seat_class->display_removed = seat_xvnc_display_removed;
object_class->finalize = seat_xdmcp_session_finalize;
g_type_class_add_private (klass, sizeof (SeatXVNCPrivate));
diff --git a/src/seat.c b/src/seat.c
--- a/src/seat.c
+++ b/src/seat.c
@@ -38,9 +38,6 @@ struct SeatPrivate
/* The displays for this seat */
GList *displays;
- /* The active display */
- Display *active_display;
-
/* TRUE if stopping this seat (waiting for displays to stop) */
gboolean stopping;
@@ -162,7 +159,7 @@ Display *
seat_get_active_display (Seat *seat)
{
g_return_val_if_fail (seat != NULL, NULL);
- return seat->priv->active_display;
+ return SEAT_GET_CLASS (seat)->get_active_display (seat);
}
gboolean
@@ -196,6 +193,9 @@ switch_to_user (Seat *seat, const gchar
{
Display *display = link->data;
+ if (display_get_is_stopped (display))
+ continue;
+
/* If already logged in, then switch to that display */
if (g_strcmp0 (display_get_username (display), username) == 0)
{
@@ -427,11 +427,51 @@ check_stopped (Seat *seat)
static void
display_stopped_cb (Display *display, Seat *seat)
{
+ gboolean is_active;
+
+ is_active = display == seat_get_active_display (seat);
+
+ g_signal_handlers_disconnect_matched (display, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, seat);
seat->priv->displays = g_list_remove (seat->priv->displays, display);
- g_signal_handlers_disconnect_matched (display, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, seat);
- g_signal_emit (seat, signals[DISPLAY_REMOVED], 0, display);
g_object_unref (display);
+ g_signal_emit (seat, signals[DISPLAY_REMOVED], 0, display);
+
+ /* If no more displays running either start a greeter or stop the seat */
+ if (!seat->priv->stopping)
+ {
+ if (g_list_length (seat->priv->displays) == 0)
+ {
+ /* If failed to start then stop this seat */
+ if (!display_get_is_ready (display))
+ {
+ g_debug ("Stopping seat, failed to start a display");
+ seat_stop (seat);
+ }
+ /* Attempt to start a greeter */
+ else if (!seat->priv->can_switch)
+ {
+ g_debug ("Stopping seat, display stopped");
+ seat_stop (seat);
+ }
+
+ else if (!seat_switch_to_greeter (seat))
+ {
+ g_debug ("Stopping seat, unable to start greeter");
+ seat_stop (seat);
+ }
+ }
+ else if (is_active)
+ {
+ g_debug ("Active display stopped, switching to greeter");
+ if (!seat_switch_to_greeter (seat))
+ {
+ g_debug ("Stopping seat, unable to start greeter");
+ seat_stop (seat);
+ }
+ }
+ }
+
check_stopped (seat);
}
@@ -502,7 +542,7 @@ switch_to_user_or_start_greeter (Seat *s
g_signal_emit (seat, signals[DISPLAY_ADDED], 0, display);
/* Switch to this display if currently not looking at anything */
- if (!seat->priv->active_display)
+ if (seat_get_active_display (seat) == NULL)
seat_set_active_display (seat, display);
return display_start (display);
@@ -610,25 +650,30 @@ seat_real_start (Seat *seat)
static void
seat_real_set_active_display (Seat *seat, Display *display)
{
- if (display == seat->priv->active_display)
- return;
+ GList *link;
- if (seat->priv->active_display)
+ for (link = seat->priv->displays; link; link = link->next)
{
- /* Stop the existing display if it is a greeter */
- if (!display_get_username (seat->priv->active_display))
+ Display *d = link->data;
+
+ if (d == display)
+ continue;
+
+ /* Stop any greeters and lock any other sessions */
+ if (!display_get_username (d))
{
- g_debug ("Stopping greeter display being switched from");
- display_stop (seat->priv->active_display);
+ g_debug ("Stopping background greeter");
+ display_stop (d);
}
- /* Otherwise lock it */
else
- {
- display_lock (seat->priv->active_display);
- }
- g_object_unref (seat->priv->active_display);
- }
- seat->priv->active_display = g_object_ref (display);
+ display_lock (d);
+ }
+}
+
+static Display *
+seat_real_get_active_display (Seat *seat)
+{
+ return NULL;
}
static void
@@ -664,8 +709,6 @@ seat_finalize (GObject *object)
g_hash_table_unref (self->priv->properties);
g_free (self->priv->guest_username);
g_list_free_full (self->priv->displays, g_object_unref);
- if (self->priv->active_display)
- g_object_unref (self->priv->active_display);
G_OBJECT_CLASS (seat_parent_class)->finalize (object);
}
@@ -678,6 +721,7 @@ seat_class_init (SeatClass *klass)
klass->setup = seat_real_setup;
klass->start = seat_real_start;
klass->set_active_display = seat_real_set_active_display;
+ klass->get_active_display = seat_real_get_active_display;
klass->run_script = seat_real_run_script;
klass->stop = seat_real_stop;
diff --git a/src/seat.h b/src/seat.h
--- a/src/seat.h
+++ b/src/seat.h
@@ -40,6 +40,7 @@ typedef struct
DisplayServer *(*create_display_server) (Seat *seat);
Session *(*create_session) (Seat *seat, Display *display);
void (*set_active_display)(Seat *seat, Display *display);
+ Display *(*get_active_display)(Seat *seat);
void (*run_script)(Seat *seat, Display *display, Process *script);
void (*stop)(Seat *seat);
diff --git a/src/xserver-local.c b/src/xserver-local.c
--- a/src/xserver-local.c
+++ b/src/xserver-local.c
@@ -61,6 +61,9 @@ struct XServerLocalPrivate
/* VT to run on */
gint vt;
+ /* TRUE if holding a reference to the VT */
+ gboolean have_vt_ref;
+
/* TRUE if replacing Plymouth */
gboolean replacing_plymouth;
};
@@ -148,7 +151,10 @@ xserver_local_new (void)
if (self->priv->vt < 0)
self->priv->vt = vt_get_unused ();
if (self->priv->vt >= 0)
+ {
vt_ref (self->priv->vt);
+ self->priv->have_vt_ref = TRUE;
+ }
return self;
}
@@ -316,9 +322,6 @@ stopped_cb (Process *process, XServerLoc
{
g_debug ("X server stopped");
- g_object_unref (server->priv->xserver_process);
- server->priv->xserver_process = NULL;
-
xserver_local_release_display_number (xserver_get_display_number (XSERVER (server)));
if (xserver_get_authority (XSERVER (server)) && server->priv->authority_file)
@@ -339,11 +342,11 @@ stopped_cb (Process *process, XServerLoc
server->priv->authority_file = NULL;
}
- if (server->priv->vt >= 0)
+ if (server->priv->have_vt_ref)
{
vt_unref (server->priv->vt);
- server->priv->vt = -1;
- }
+ server->priv->have_vt_ref = FALSE;
+ }
if (server->priv->replacing_plymouth && plymouth_get_is_running ())
{
@@ -546,7 +549,7 @@ xserver_local_finalize (GObject *object)
g_free (self->priv->xdmcp_key);
if (self->priv->authority_file)
g_object_unref (self->priv->authority_file);
- if (self->priv->vt >= 0)
+ if (self->priv->have_vt_ref)
vt_unref (self->priv->vt);
G_OBJECT_CLASS (xserver_local_parent_class)->finalize (object);
++++++ lightdm-use-fine-grained-memory-locking.patch ++++++
# HG changeset patch
# User Michael Terry
# Date 1359392941 18000
# Branch precise-mlock
# Node ID 5b070d44540db1caad11c998a8678aafb1a2f4a5
# Parent ce5521d07555b291eb3a9cdc56a13e634dd951a9
Use libgcrypt to selectively secure password memory instead of the big-hammer approach of mlockall
diff --git a/src/Makefile.am b/src/Makefile.am
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -95,6 +95,7 @@ lightdm_CFLAGS = \
lightdm_LDADD = \
$(LIGHTDM_LIBS) \
+ -lgcrypt \
-lpam
pkglibexec_PROGRAMS = lightdm-guest-session-wrapper
diff --git a/src/greeter.c b/src/greeter.c
--- a/src/greeter.c
+++ b/src/greeter.c
@@ -15,6 +15,7 @@
#include
#include
#include
+#include
#include "greeter.h"
#include "ldm-marshal.h"
@@ -40,6 +41,7 @@ struct GreeterPrivate
/* Buffer for data read from greeter */
guint8 *read_buffer;
gsize n_read;
+ gboolean use_secure_memory;
/* Hints for the greeter */
GHashTable *hints;
@@ -105,6 +107,7 @@ greeter_new (Session *session, const gch
greeter->priv->session = g_object_ref (session);
greeter->priv->pam_service = g_strdup (pam_service);
greeter->priv->autologin_pam_service = g_strdup (autologin_pam_service);
+ greeter->priv->use_secure_memory = config_get_boolean (config_get_instance (), "LightDM", "lock-memory");
return greeter;
}
@@ -121,6 +124,33 @@ greeter_set_hint (Greeter *greeter, cons
g_hash_table_insert (greeter->priv->hints, g_strdup (name), g_strdup (value));
}
+static void *
+secure_malloc (Greeter *greeter, size_t n)
+{
+ if (greeter->priv->use_secure_memory)
+ return gcry_malloc_secure (n);
+ else
+ return g_malloc (n);
+}
+
+static void *
+secure_realloc (Greeter *greeter, void *ptr, size_t n)
+{
+ if (greeter->priv->use_secure_memory)
+ return gcry_realloc (ptr, n);
+ else
+ return g_realloc (ptr, n);
+}
+
+static void
+secure_free (Greeter *greeter, void *ptr)
+{
+ if (greeter->priv->use_secure_memory)
+ return gcry_free (ptr);
+ else
+ return g_free (ptr);
+}
+
static guint32
int_length ()
{
@@ -259,6 +289,7 @@ pam_messages_cb (Session *session, Greet
struct pam_response *response;
response = calloc (messages_length, sizeof (struct pam_response));
session_respond (greeter->priv->authentication_session, response);
+ free (response);
}
}
@@ -490,12 +521,18 @@ handle_continue_authentication (Greeter
int msg_style = messages[i].msg_style;
if (msg_style == PAM_PROMPT_ECHO_OFF || msg_style == PAM_PROMPT_ECHO_ON)
{
- response[i].resp = strdup (secrets[j]); // FIXME: Need to convert from UTF-8
+ size_t secret_length = strlen (secrets[j]) + 1;
+ response[i].resp = secure_malloc (greeter, secret_length);
+ memcpy (response[i].resp, secrets[j], secret_length); // FIXME: Need to convert from UTF-8
j++;
}
}
session_respond (greeter->priv->authentication_session, response);
+
+ for (i = 0; i < messages_length; i++)
+ secure_free (greeter, response[i].resp);
+ free (response);
}
static void
@@ -587,7 +624,7 @@ read_int (Greeter *greeter, gsize *offse
}
static gchar *
-read_string (Greeter *greeter, gsize *offset)
+read_string_full (Greeter *greeter, gsize *offset, void* (*alloc_fn)(size_t n))
{
guint32 length;
gchar *value;
@@ -599,7 +636,7 @@ read_string (Greeter *greeter, gsize *of
return g_strdup ("");
}
- value = g_malloc (sizeof (gchar *) * (length + 1));
+ value = (*alloc_fn) (sizeof (gchar *) * (length + 1));
memcpy (value, greeter->priv->read_buffer + *offset, length);
value[length] = '\0';
*offset += length;
@@ -607,6 +644,21 @@ read_string (Greeter *greeter, gsize *of
return value;
}
+static gchar *
+read_string (Greeter *greeter, gsize *offset)
+{
+ return read_string_full (greeter, offset, g_malloc);
+}
+
+static gchar *
+read_secret (Greeter *greeter, gsize *offset)
+{
+ if (greeter->priv->use_secure_memory)
+ return read_string_full (greeter, offset, gcry_malloc_secure);
+ else
+ return read_string_full (greeter, offset, g_malloc);
+}
+
static gboolean
read_cb (GIOChannel *source, GIOCondition condition, gpointer data)
{
@@ -654,7 +706,7 @@ read_cb (GIOChannel *source, GIOConditio
n_to_read = read_int (greeter, &offset);
if (n_to_read > 0)
{
- greeter->priv->read_buffer = g_realloc (greeter->priv->read_buffer, HEADER_SIZE + n_to_read);
+ greeter->priv->read_buffer = secure_realloc (greeter, greeter->priv->read_buffer, HEADER_SIZE + n_to_read);
read_cb (source, condition, greeter);
return TRUE;
}
@@ -690,10 +742,12 @@ read_cb (GIOChannel *source, GIOConditio
n_secrets = read_int (greeter, &offset);
secrets = g_malloc (sizeof (gchar *) * (n_secrets + 1));
for (i = 0; i < n_secrets; i++)
- secrets[i] = read_string (greeter, &offset);
+ secrets[i] = read_secret (greeter, &offset);
secrets[i] = NULL;
handle_continue_authentication (greeter, secrets);
- g_strfreev (secrets);
+ for (i = 0; i < n_secrets; i++)
+ secure_free (greeter, secrets[i]);
+ g_free (secrets);
break;
case GREETER_MESSAGE_CANCEL_AUTHENTICATION:
handle_cancel_authentication (greeter);
@@ -796,7 +850,7 @@ static void
greeter_init (Greeter *greeter)
{
greeter->priv = G_TYPE_INSTANCE_GET_PRIVATE (greeter, GREETER_TYPE, GreeterPrivate);
- greeter->priv->read_buffer = g_malloc (HEADER_SIZE);
+ greeter->priv->read_buffer = secure_malloc (greeter, HEADER_SIZE);
greeter->priv->hints = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
}
@@ -811,7 +865,7 @@ greeter_finalize (GObject *object)
g_object_unref (self->priv->session);
g_free (self->priv->pam_service);
g_free (self->priv->autologin_pam_service);
- g_free (self->priv->read_buffer);
+ secure_free (self, self->priv->read_buffer);
g_hash_table_unref (self->priv->hints);
g_free (self->priv->remote_session);
if (self->priv->authentication_session)
diff --git a/src/lightdm.c b/src/lightdm.c
--- a/src/lightdm.c
+++ b/src/lightdm.c
@@ -19,7 +19,6 @@
#include
#include
#include
-#include
#include "configuration.h"
#include "opensuse-sysconfig.h"
@@ -1194,12 +1193,6 @@ main (int argc, char **argv)
NULL,
NULL);
- if (config_get_boolean (config_get_instance (), "LightDM", "lock-memory"))
- {
- /* Protect memory from being paged to disk, as we deal with passwords */
- mlockall (MCL_CURRENT | MCL_FUTURE);
- }
-
if (getuid () != 0)
g_debug ("Running in user mode");
if (getenv ("DISPLAY"))
diff --git a/src/session-child.c b/src/session-child.c
--- a/src/session-child.c
+++ b/src/session-child.c
@@ -67,7 +67,7 @@ read_data (void *buf, size_t count)
}
static gchar *
-read_string ()
+read_string_full (void* (*alloc_fn)(size_t n))
{
int length;
char *value;
@@ -82,13 +82,19 @@ read_string ()
return NULL;
}
- value = g_malloc (sizeof (char) * (length + 1));
+ value = (*alloc_fn) (sizeof (char) * (length + 1));
read_data (value, length);
value[length] = '\0';
return value;
}
+static gchar *
+read_string ()
+{
+ return read_string_full (g_malloc);
+}
+
static int
pam_conv_cb (int msg_length, const struct pam_message **msg, struct pam_response **resp, void *app_data)
{
@@ -139,7 +145,9 @@ pam_conv_cb (int msg_length, const struc
for (i = 0; i < msg_length; i++)
{
struct pam_response *r = &response[i];
- r->resp = read_string ();
+ // callers of this function inside pam will expect to be able to call
+ // free() on the strings we give back. So alloc with malloc.
+ r->resp = read_string_full (malloc);
read_data (&r->resp_retcode, sizeof (r->resp_retcode));
}
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org