diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2017-05-24 22:23:33 +0200 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-05-24 22:24:22 +0200 |
commit | f8e3f9a83b957405c6ea66930254a4a0bde5ec02 (patch) | |
tree | 522f0bdd8ee1eae4020ceb4f7ffd6c577e2dc1a3 /kde-frameworks/kauth | |
parent | kde-frameworks/kcoreaddons: Add kdirwatch fix (diff) | |
download | gentoo-f8e3f9a83b957405c6ea66930254a4a0bde5ec02.tar.gz gentoo-f8e3f9a83b957405c6ea66930254a4a0bde5ec02.tar.bz2 gentoo-f8e3f9a83b957405c6ea66930254a4a0bde5ec02.zip |
kde-frameworks: Remove KDE Frameworks 5.33.0
Package-Manager: Portage-2.3.5, Repoman-2.3.1
Diffstat (limited to 'kde-frameworks/kauth')
-rw-r--r-- | kde-frameworks/kauth/Manifest | 1 | ||||
-rw-r--r-- | kde-frameworks/kauth/files/kauth-5.33.0-CVE-2017-8422.patch | 186 | ||||
-rw-r--r-- | kde-frameworks/kauth/kauth-5.33.0-r1.ebuild | 35 |
3 files changed, 0 insertions, 222 deletions
diff --git a/kde-frameworks/kauth/Manifest b/kde-frameworks/kauth/Manifest index 71734ceb341e..695757f999eb 100644 --- a/kde-frameworks/kauth/Manifest +++ b/kde-frameworks/kauth/Manifest @@ -1,3 +1,2 @@ DIST kauth-5.29.0.tar.xz 2551192 SHA256 f2c51dfb42196fe5d604883c9f28bda7fd3f40d308144f521f4090a941c2091d SHA512 96729a2f34fe34786c798bfd86577e781da717485da8ec2502423937eed51750eedd120390b95f2e409ad1159fab72c3b05bdb720ae20685992786cd5cc95c7c WHIRLPOOL d76b40236edafd03c241a2d138b35db461ee8e38cc2bd0c6e2a43d00112bd00651f1a3f8bfb87abf4e1c5dbf68e6b6fc69b40340a01eb759121b8351b4933a1f -DIST kauth-5.33.0.tar.xz 84036 SHA256 c7a77c00cc4f09d8cea32d953718db5b841ed2454e8e6df04035b1270927d1d1 SHA512 7961815949828c2b0c40fba3a5ebb8a7dac5a29f8f88311a6051559ae4147621d376517dc77267979f6deb3042515e52c60d45925cd4ea9a8bbbec434e9e1652 WHIRLPOOL c89863197bde7d6052b01c67a5b59b96885d3a610a52e08622e9c37f921d9652971d1f60cc5c1f5cded0a8e2b2e07f190626d0f36b8a190ebe316f66ed387447 DIST kauth-5.34.0.tar.xz 84248 SHA256 6da4cd885c1fcb474e3b4b46fb7a2ce39ee0a152a84a451f2fd0c673f50a9c19 SHA512 7218e09965e9ea9875d129433534888d8cc1668dd7b7d1be9265d8327d1a167bc3e918a1aba0835bf3edd70d552ad17fc22ffa4fe182c13a08b8304f2e52ad4b WHIRLPOOL 787c355b806f141fa70965ad49c6eeaa9d7c10a5bff5d8818618033bb401f4979def8ddcd66a955ad3695786ffe275fe3f6391c0d852147cb09ef5f6791ba023 diff --git a/kde-frameworks/kauth/files/kauth-5.33.0-CVE-2017-8422.patch b/kde-frameworks/kauth/files/kauth-5.33.0-CVE-2017-8422.patch deleted file mode 100644 index b789d734f18a..000000000000 --- a/kde-frameworks/kauth/files/kauth-5.33.0-CVE-2017-8422.patch +++ /dev/null @@ -1,186 +0,0 @@ -commit df875f725293af53399f5146362eb158b4f9216a -Author: Albert Astals Cid <aacid@kde.org> -Date: Wed May 10 10:03:45 2017 +0200 - - Verify that whoever is calling us is actually who he says he is - - CVE-2017-8422 - -diff --git a/src/AuthBackend.cpp b/src/AuthBackend.cpp -index a41d4f1..a847494 100644 ---- a/src/AuthBackend.cpp -+++ b/src/AuthBackend.cpp -@@ -54,6 +54,11 @@ void AuthBackend::setCapabilities(AuthBackend::Capabilities capabilities) - d->capabilities = capabilities; - } - -+AuthBackend::ExtraCallerIDVerificationMethod AuthBackend::extraCallerIDVerificationMethod() const -+{ -+ return NoExtraCallerIDVerificationMethod; -+} -+ - bool AuthBackend::actionExists(const QString &action) - { - Q_UNUSED(action); -diff --git a/src/AuthBackend.h b/src/AuthBackend.h -index c67a706..09195ef 100644 ---- a/src/AuthBackend.h -+++ b/src/AuthBackend.h -@@ -43,6 +43,12 @@ public: - }; - Q_DECLARE_FLAGS(Capabilities, Capability) - -+ enum ExtraCallerIDVerificationMethod { -+ NoExtraCallerIDVerificationMethod, -+ VerifyAgainstDBusServiceName, -+ VerifyAgainstDBusServicePid, -+ }; -+ - AuthBackend(); - virtual ~AuthBackend(); - virtual void setupAction(const QString &action) = 0; -@@ -50,6 +56,7 @@ public: - virtual Action::AuthStatus authorizeAction(const QString &action) = 0; - virtual Action::AuthStatus actionStatus(const QString &action) = 0; - virtual QByteArray callerID() const = 0; -+ virtual ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const; - virtual bool isCallerAuthorized(const QString &action, QByteArray callerID) = 0; - virtual bool actionExists(const QString &action); - -diff --git a/src/backends/dbus/DBusHelperProxy.cpp b/src/backends/dbus/DBusHelperProxy.cpp -index 9c5cb96..3c1c108 100644 ---- a/src/backends/dbus/DBusHelperProxy.cpp -+++ b/src/backends/dbus/DBusHelperProxy.cpp -@@ -235,6 +235,29 @@ bool DBusHelperProxy::hasToStopAction() - return m_stopRequest; - } - -+bool DBusHelperProxy::isCallerAuthorized(const QString &action, const QByteArray &callerID) -+{ -+ // Check the caller is really who it says it is -+ switch (BackendsManager::authBackend()->extraCallerIDVerificationMethod()) { -+ case AuthBackend::NoExtraCallerIDVerificationMethod: -+ break; -+ -+ case AuthBackend::VerifyAgainstDBusServiceName: -+ if (message().service().toUtf8() != callerID) { -+ return false; -+ } -+ break; -+ -+ case AuthBackend::VerifyAgainstDBusServicePid: -+ if (connection().interface()->servicePid(message().service()).value() != callerID.toUInt()) { -+ return false; -+ } -+ break; -+ } -+ -+ return BackendsManager::authBackend()->isCallerAuthorized(action, callerID); -+} -+ - QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArray &callerID, QByteArray arguments) - { - if (!responder) { -@@ -259,7 +282,7 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra - QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer *>(); - timer->stop(); - -- if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) { -+ if (isCallerAuthorized(action, callerID)) { - QString slotname = action; - if (slotname.startsWith(m_name + QLatin1Char('.'))) { - slotname = slotname.right(slotname.length() - m_name.length() - 1); -@@ -301,7 +324,7 @@ uint DBusHelperProxy::authorizeAction(const QString &action, const QByteArray &c - QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer *>(); - timer->stop(); - -- if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) { -+ if (isCallerAuthorized(action, callerID)) { - retVal = static_cast<uint>(Action::AuthorizedStatus); - } else { - retVal = static_cast<uint>(Action::DeniedStatus); -diff --git a/src/backends/dbus/DBusHelperProxy.h b/src/backends/dbus/DBusHelperProxy.h -index 52b0ac4..82cec5a 100644 ---- a/src/backends/dbus/DBusHelperProxy.h -+++ b/src/backends/dbus/DBusHelperProxy.h -@@ -25,12 +25,13 @@ - #include "kauthactionreply.h" - - #include <QDBusConnection> -+#include <QDBusContext> - #include <QVariant> - - namespace KAuth - { - --class DBusHelperProxy : public HelperProxy -+class DBusHelperProxy : public HelperProxy, protected QDBusContext - { - Q_OBJECT - Q_PLUGIN_METADATA(IID "org.kde.DBusHelperProxy") -@@ -79,6 +80,9 @@ Q_SIGNALS: - - private Q_SLOTS: - void remoteSignalReceived(int type, const QString &action, QByteArray blob); -+ -+private: -+ bool isCallerAuthorized(const QString &action, const QByteArray &callerID); - }; - - } // namespace Auth -diff --git a/src/backends/policykit/PolicyKitBackend.cpp b/src/backends/policykit/PolicyKitBackend.cpp -index c2b4d42..bf038a8 100644 ---- a/src/backends/policykit/PolicyKitBackend.cpp -+++ b/src/backends/policykit/PolicyKitBackend.cpp -@@ -78,6 +78,11 @@ QByteArray PolicyKitBackend::callerID() const - return a; - } - -+AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const -+{ -+ return VerifyAgainstDBusServicePid; -+} -+ - bool PolicyKitBackend::isCallerAuthorized(const QString &action, QByteArray callerID) - { - QDataStream s(&callerID, QIODevice::ReadOnly); -diff --git a/src/backends/policykit/PolicyKitBackend.h b/src/backends/policykit/PolicyKitBackend.h -index eb17a3a..38b0240 100644 ---- a/src/backends/policykit/PolicyKitBackend.h -+++ b/src/backends/policykit/PolicyKitBackend.h -@@ -40,6 +40,7 @@ public: - virtual Action::AuthStatus authorizeAction(const QString &); - virtual Action::AuthStatus actionStatus(const QString &); - virtual QByteArray callerID() const; -+ ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const Q_DECL_OVERRIDE; - virtual bool isCallerAuthorized(const QString &action, QByteArray callerID); - - private Q_SLOTS: -diff --git a/src/backends/polkit-1/Polkit1Backend.cpp b/src/backends/polkit-1/Polkit1Backend.cpp -index 78ee5bb..774588c 100644 ---- a/src/backends/polkit-1/Polkit1Backend.cpp -+++ b/src/backends/polkit-1/Polkit1Backend.cpp -@@ -162,6 +162,11 @@ QByteArray Polkit1Backend::callerID() const - return QDBusConnection::systemBus().baseService().toUtf8(); - } - -+AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const -+{ -+ return VerifyAgainstDBusServiceName; -+} -+ - bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID) - { - PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID)); -diff --git a/src/backends/polkit-1/Polkit1Backend.h b/src/backends/polkit-1/Polkit1Backend.h -index d7d1e3a..2357892 100644 ---- a/src/backends/polkit-1/Polkit1Backend.h -+++ b/src/backends/polkit-1/Polkit1Backend.h -@@ -49,6 +49,7 @@ public: - Action::AuthStatus authorizeAction(const QString &) Q_DECL_OVERRIDE; - Action::AuthStatus actionStatus(const QString &) Q_DECL_OVERRIDE; - QByteArray callerID() const Q_DECL_OVERRIDE; -+ ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const Q_DECL_OVERRIDE; - bool isCallerAuthorized(const QString &action, QByteArray callerID) Q_DECL_OVERRIDE; - bool actionExists(const QString &action) Q_DECL_OVERRIDE; - diff --git a/kde-frameworks/kauth/kauth-5.33.0-r1.ebuild b/kde-frameworks/kauth/kauth-5.33.0-r1.ebuild deleted file mode 100644 index 24fc0d1e02cf..000000000000 --- a/kde-frameworks/kauth/kauth-5.33.0-r1.ebuild +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -VIRTUALX_REQUIRED="test" -inherit kde5 - -DESCRIPTION="Framework to let applications perform actions as a privileged user" -LICENSE="LGPL-2.1+" -KEYWORDS="~amd64 ~arm ~x86" -IUSE="nls +policykit" - -# drop qtgui subslot operator when QT_MINIMAL >= 5.7.0 -RDEPEND=" - $(add_frameworks_dep kcoreaddons) - $(add_qt_dep qtdbus '' '' '5=') - $(add_qt_dep qtgui) - $(add_qt_dep qtwidgets) - policykit? ( sys-auth/polkit-qt[qt5] ) -" -DEPEND="${RDEPEND} - nls? ( $(add_qt_dep linguist-tools) ) -" -PDEPEND="policykit? ( kde-plasma/polkit-kde-agent )" - -PATCHES=( "${FILESDIR}/${P}-CVE-2017-8422.patch" ) - -src_configure() { - local mycmakeargs=( - $(cmake-utils_use_find_package policykit PolkitQt5-1) - ) - - kde5_src_configure -} |