pool/kscreenlocker
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Add upstream patch to fix screenlocker breaking with empty password

Browse Source 
(kde#380491):
  * 0001-Fixup-protocol-mismatch-between-greeter-and-kcheckpa.patch

OBS-URL: https://build.opensuse.org/package/show/KDE:Frameworks5/kscreenlocker?expand=0&rev=80
This commit is contained in:
Fabian Vogt 2017-06-04 19:22:26 +00:00 committed by Git OBS Bridge
parent 09ef5c4264
commit 11a63271a3
3 changed files with 95 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
0001-Fixup-protocol-mismatch-between-greeter-and-kcheckpa.patch Normal file
View File

@ -0,0 +1,85 @@
From ae211ad069a8a72df1436ef02d0d5151b62e7c02 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Sun, 4 Jun 2017 20:44:18 +0200
Subject: [PATCH] Fixup protocol mismatch between greeter and kcheckpass
Summary:
The receiver (kcheckpass) reads a string and if it is !nullptr, reads an int:
msg = GRecvStr ();
if (msg && (GRecvInt() & IsPassword) && !*msg)
The sender (kscreenlocker_greet) sends a string and if it is not empty,
sends an int:
GSendStr(m_password.toUtf8().constData());
if (!m_password.isEmpty()) {
// IsSecret
GSendInt(1);
}
This does not work out for empty strings, as those still have a length of 1,
resulting in kcheckpass waiting indefinitely for an int that does not get sent.
Testing for a nullptr on the sender side instead of the string length fixes this.
Also clean up the code duplication and IsSecret (1)/IsPassword (2) mismatch.
BUG: 380491
Test Plan:
Reproduced the bug without this patch, with this patch it does not
happen anymore. Authentication still works and fails as expected.
Reviewers: #plasma
Subscribers: plasma-devel
Tags: #plasma
Differential Revision: https://phabricator.kde.org/D6091
---
greeter/authenticator.cpp | 22 +++++++---------------
1 file changed, 7 insertions(+), 15 deletions(-)
diff --git a/greeter/authenticator.cpp b/greeter/authenticator.cpp
index f3ee0d1..8c9391b 100644
--- a/greeter/authenticator.cpp
+++ b/greeter/authenticator.cpp
@@ -243,27 +243,19 @@ void KCheckPass::handleVerify()
::free( arr );
return;
case ConvGetNormal:
- if (!GRecvArr( &arr ))
- break;
- GSendStr(m_password.toUtf8().constData());
- if (!m_password.isEmpty()) {
- // IsSecret
- GSendInt(1);
- }
- if (arr)
- ::free( arr );
- return;
case ConvGetHidden:
+ {
if (!GRecvArr( &arr ))
break;
- GSendStr(m_password.toUtf8().constData());
- if (!m_password.isEmpty()) {
- // IsSecret
- GSendInt(1);
- }
+ QByteArray utf8pass = m_password.toUtf8();
+ GSendStr(utf8pass.constData());
+ if (utf8pass.constData() != nullptr)
+ GSendInt(IsPassword);
+
if (arr)
::free( arr );
return;
+ }
case ConvPutInfo:
if (!GRecvArr( &arr ))
break;
--
2.13.0

7
kscreenlocker.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Sun Jun 4 19:00:05 UTC 2017 - fabian@ritter-vogt.de
- Add upstream patch to fix screenlocker breaking with empty password
(kde#380491):
* 0001-Fixup-protocol-mismatch-between-greeter-and-kcheckpa.patch
-------------------------------------------------------------------
Fri May 26 14:10:30 CEST 2017 - fabian@ritter-vogt.de

3
kscreenlocker.spec
View File

@ -27,6 +27,8 @@ Url: https://projects.kde.org/kscreenlocker
Source: kscreenlocker-%{version}.tar.xz
# PATCH-FIX-OPENSUSE fix-wayland-version-requirement.diff -- Changes wayland requirement from 1.3 to 1.2.1
Patch0: fix-wayland-version-requirement.diff
# PATCH-FIX-UPSTREAM
Patch100: 0001-Fixup-protocol-mismatch-between-greeter-and-kcheckpa.patch
BuildRequires: cmake >= 2.8.12
BuildRequires: extra-cmake-modules >= 1.8.0
BuildRequires: kf5-filesystem
@ -92,6 +94,7 @@ Development files for Library and components for secure lock screen architecture
# SLE12 has a patched 1.2.1 wayland with all features KDE needs from up to 1.7.0
%patch0 -p1
%endif
%patch100 -p1
%build
%cmake_kf5 -d build -- -DKDE4_COMMON_PAM_SERVICE=xdm -DCMAKE_INSTALL_LOCALEDIR=%{_kf5_localedir}