ports/security/authenticator/files/patch-zbus
Jan Beich b5c2b9bdf0 security/authenticator: add new port
Simple application for generating Two-Factor Authentication Codes.

Features:
- Time-based/Counter-based/Steam methods support
- SHA-1/SHA-256/SHA-512 algorithms support
- QR code scanner using a camera or from a screenshot
- Lock the application with a password
- Beautiful UI
- Backup/Restore from/into known applications like FreeOTP+, andOTP

https://gitlab.gnome.org/World/Authenticator
2021-08-23 12:52:23 +00:00

226 lines
10 KiB
Text

https://gitlab.freedesktop.org/dbus/zbus/-/commit/01d8f0ec41d3
https://gitlab.freedesktop.org/dbus/zbus/-/commit/807909a6c7bf
https://gitlab.freedesktop.org/dbus/zbus/-/commit/e3e2f7ddfd6e
https://gitlab.freedesktop.org/dbus/zbus/-/commit/35d1b8778754
--- cargo-crates/zbus-1.8.0/Cargo.toml.orig 2021-01-07 11:47:37 UTC
+++ cargo-crates/zbus-1.8.0/Cargo.toml
@@ -48,7 +48,7 @@ version = "0.3.8"
version = "1.0.2"
[dependencies.nix]
-version = "^0.17"
+version = "0.20.0"
[dependencies.once_cell]
version = "1.4.0"
--- cargo-crates/zbus-1.8.0/src/address.rs.orig 2020-12-18 16:22:53 UTC
+++ cargo-crates/zbus-1.8.0/src/address.rs
@@ -55,8 +55,9 @@ impl Address {
match env::var("DBUS_SESSION_BUS_ADDRESS") {
Ok(val) => Self::from_str(&val),
_ => {
- let uid = Uid::current();
- let path = format!("unix:path=/run/user/{}/bus", uid);
+ let runtime_dir = env::var("XDG_RUNTIME_DIR")
+ .unwrap_or_else(|_| format!("/run/user/{}", Uid::current()));
+ let path = format!("unix:path={}/bus", runtime_dir);
Self::from_str(&path)
}
--- cargo-crates/zbus-1.8.0/src/azync/connection.rs.orig 2021-01-02 23:08:29 UTC
+++ cargo-crates/zbus-1.8.0/src/azync/connection.rs
@@ -177,13 +177,29 @@ where
/// Upon successful return, the connection is fully established and negotiated: D-Bus messages
/// can be sent and received.
pub async fn new_server(stream: S, guid: &Guid) -> Result<Self> {
- use nix::sys::socket::{getsockopt, sockopt::PeerCredentials};
+ #[cfg(any(target_os = "android", target_os = "linux"))]
+ let client_uid = {
+ use nix::sys::socket::{getsockopt, sockopt::PeerCredentials};
- // FIXME: Could and should this be async?
- let creds = getsockopt(stream.as_raw_fd(), PeerCredentials)
- .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?;
+ let creds = getsockopt(stream.as_raw_fd(), PeerCredentials)
+ .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?;
- let auth = Authenticated::server(Async::new(stream)?, guid.clone(), creds.uid()).await?;
+ creds.uid()
+ };
+ #[cfg(any(
+ target_os = "macos",
+ target_os = "ios",
+ target_os = "freebsd",
+ target_os = "dragonfly",
+ target_os = "openbsd",
+ target_os = "netbsd"
+ ))]
+ let client_uid = nix::unistd::getpeereid(stream.as_raw_fd())
+ .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?
+ .0
+ .into();
+
+ let auth = Authenticated::server(Async::new(stream)?, guid.clone(), client_uid).await?;
Ok(Self::new_authenticated(auth))
}
--- cargo-crates/zbus-1.8.0/src/connection.rs.orig 2021-01-04 14:16:50 UTC
+++ cargo-crates/zbus-1.8.0/src/connection.rs
@@ -160,12 +160,29 @@ impl Connection {
/// Upon successful return, the connection is fully established and negotiated: D-Bus messages
/// can be sent and received.
pub fn new_unix_server(stream: UnixStream, guid: &Guid) -> Result<Self> {
- use nix::sys::socket::{getsockopt, sockopt::PeerCredentials};
+ #[cfg(any(target_os = "android", target_os = "linux"))]
+ let client_uid = {
+ use nix::sys::socket::{getsockopt, sockopt::PeerCredentials};
- let creds = getsockopt(stream.as_raw_fd(), PeerCredentials)
- .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?;
+ let creds = getsockopt(stream.as_raw_fd(), PeerCredentials)
+ .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?;
- let handshake = ServerHandshake::new(stream, guid.clone(), creds.uid());
+ creds.uid()
+ };
+ #[cfg(any(
+ target_os = "macos",
+ target_os = "ios",
+ target_os = "freebsd",
+ target_os = "dragonfly",
+ target_os = "openbsd",
+ target_os = "netbsd"
+ ))]
+ let client_uid = nix::unistd::getpeereid(stream.as_raw_fd())
+ .map_err(|e| Error::Handshake(format!("Failed to get peer credentials: {}", e)))?
+ .0
+ .into();
+
+ let handshake = ServerHandshake::new(stream, guid.clone(), client_uid);
handshake
.blocking_finish()
.map(Connection::new_authenticated_unix)
--- cargo-crates/zbus-1.8.0/src/handshake.rs.orig 2020-12-18 16:22:53 UTC
+++ cargo-crates/zbus-1.8.0/src/handshake.rs
@@ -124,7 +124,7 @@ impl<S: Socket> ClientHandshake<S> {
fn flush_buffer(&mut self) -> Result<()> {
while !self.buffer.is_empty() {
- let written = self.socket.sendmsg(&self.buffer, &[])?;
+ let written = self.socket.sendmsg(&self.buffer, &[], false)?;
self.buffer.drain(..written);
}
Ok(())
@@ -182,6 +182,15 @@ impl<S: Socket> Handshake<S> for ClientHandshake<S> {
self.step = ClientHandshakeStep::SendingOauth;
}
ClientHandshakeStep::SendingOauth => {
+ #[cfg(any(target_os = "freebsd", target_os = "dragonfly"))]
+ {
+ let zero = self.buffer.drain(..1).next().unwrap();
+ if self.socket.sendmsg(&[zero], &[], true)? != 1 {
+ return Err(Error::Handshake(
+ "Could not send zero byte with credentials".to_string(),
+ ));
+ }
+ }
self.flush_buffer()?;
self.step = ClientHandshakeStep::WaitOauth;
}
@@ -385,7 +394,7 @@ impl<S: Socket> ServerHandshake<S> {
fn flush_buffer(&mut self) -> Result<()> {
while !self.buffer.is_empty() {
- let written = self.socket.sendmsg(&self.buffer, &[])?;
+ let written = self.socket.sendmsg(&self.buffer, &[], false)?;
self.buffer.drain(..written);
}
Ok(())
--- cargo-crates/zbus-1.8.0/src/raw/connection.rs.orig 2020-12-17 17:09:36 UTC
+++ cargo-crates/zbus-1.8.0/src/raw/connection.rs
@@ -47,7 +47,7 @@ impl<S: Socket> Connection<S> {
// VecDeque should never return an empty front buffer if the VecDeque
// itself is not empty
debug_assert!(!front.is_empty());
- let written = self.socket.sendmsg(front, &[])?;
+ let written = self.socket.sendmsg(front, &[], false)?;
self.raw_out_buffer.drain(..written);
}
@@ -55,14 +55,14 @@ impl<S: Socket> Connection<S> {
while let Some(msg) = self.msg_out_buffer.front() {
let mut data = msg.as_bytes();
let fds = msg.fds();
- let written = self.socket.sendmsg(data, &fds)?;
+ let written = self.socket.sendmsg(data, &fds, false)?;
// at least some part of the message has been sent, see if we can/need to send more
// now the message must be removed from msg_out_buffer and any leftover bytes
// must be stored into raw_out_buffer
let msg = self.msg_out_buffer.pop_front().unwrap();
data = &msg.as_bytes()[written..];
while !data.is_empty() {
- match self.socket.sendmsg(data, &[]) {
+ match self.socket.sendmsg(data, &[], false) {
Ok(n) => data = &data[n..],
Err(e) => {
// an error occured, we cannot send more, store the remaining into
--- cargo-crates/zbus-1.8.0/src/raw/socket.rs.orig 2021-01-02 23:09:29 UTC
+++ cargo-crates/zbus-1.8.0/src/raw/socket.rs
@@ -47,7 +47,7 @@ pub trait Socket {
///
/// If the underlying transport does not support transmitting file descriptors, this
/// will return `Err(ErrorKind::InvalidInput)`.
- fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd]) -> io::Result<usize>;
+ fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd], creds: bool) -> io::Result<usize>;
/// Close the socket.
///
@@ -74,6 +74,10 @@ impl Socket for UnixStream {
Ok(msg) => {
let mut fds = vec![];
for cmsg in msg.cmsgs() {
+ #[cfg(any(target_os = "freebsd", target_os = "dragonfly"))]
+ if let ControlMessageOwned::ScmCreds(_) = cmsg {
+ continue;
+ }
if let ControlMessageOwned::ScmRights(fd) = cmsg {
fds.extend(fd.iter().map(|&f| unsafe { OwnedFd::from_raw_fd(f) }));
} else {
@@ -90,12 +94,23 @@ impl Socket for UnixStream {
}
}
- fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd]) -> io::Result<usize> {
- let cmsg = if !fds.is_empty() {
+ fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd], creds: bool) -> io::Result<usize> {
+ let mut cmsg = if !fds.is_empty() {
vec![ControlMessage::ScmRights(fds)]
} else {
vec![]
};
+ #[cfg(any(target_os = "android", target_os = "linux"))]
+ let unix_creds;
+ if creds {
+ #[cfg(any(target_os = "android", target_os = "linux"))]
+ {
+ unix_creds = Some(nix::sys::socket::UnixCredentials::new());
+ cmsg.push(ControlMessage::ScmCredentials(unix_creds.as_ref().unwrap()));
+ }
+ #[cfg(any(target_os = "freebsd", target_os = "dragonfly"))]
+ cmsg.push(ControlMessage::ScmCreds);
+ }
let iov = [IoVec::from_slice(buffer)];
match sendmsg(self.as_raw_fd(), &iov, &cmsg, MsgFlags::empty(), None) {
// can it really happen?
@@ -124,8 +139,8 @@ where
self.get_mut().recvmsg(buffer)
}
- fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd]) -> io::Result<usize> {
- self.get_mut().sendmsg(buffer, fds)
+ fn sendmsg(&mut self, buffer: &[u8], fds: &[RawFd], creds: bool) -> io::Result<usize> {
+ self.get_mut().sendmsg(buffer, fds, creds)
}
fn close(&self) -> io::Result<()> {