File kppp-security.diff of Package kdenetwork3

--- kppp/connect.cpp
+++ kppp/connect.cpp	2004/01/27 14:06:46
@@ -1263,7 +1263,7 @@
 
   kapp->flushX();
 
-  return Requester::rq->execPPPDaemon(command);
+  return Requester::rq->execPPPDaemon(command, gpppdata.password());
 }
 
 
--- kppp/opener.cpp
+++ kppp/opener.cpp	2004/01/27 14:06:46
@@ -298,7 +298,8 @@
       case ExecPPPDaemon:
 	Debug("Opener: received ExecPPPDaemon");
 	MY_ASSERT(len == sizeof(struct ExecDaemonRequest));
-	response.status = execpppd(request.daemon.arguments);
+	response.status = execpppd(request.daemon.arguments,
+				   request.daemon.password);
 	sendResponse(&response);
 	break;
 
@@ -504,8 +505,7 @@
 }
 
 
-bool Opener::execpppd(const char *arguments) {
-  char buf[MAX_CMDLEN];
+bool Opener::execpppd(const char *arguments, char *password) {
   char *args[MaxArgs];
   pid_t pgrpid;
 
@@ -521,11 +521,28 @@
       return false;
       break;
 
-    case 0:
+    case 0: {
+      
+      char buffer[MAX_CMDLEN] = "";
+      
+      // if (access( "passwordfd.so", F_OK) == 0) {
+
+      // open a pipe to pass password to pppd
+      int pppd_passwdfd[2];
+      if (pipe (pppd_passwdfd) == -1) {
+        fprintf (stderr, "pipe failed: %s\n", strerror(errno));
+        exit (EXIT_FAILURE);
+      }
+      write (pppd_passwdfd[1], (const char *) password, strlen (password));
+      close (pppd_passwdfd[1]);
+
+      snprintf (buffer, MAX_CMDLEN, "%s call kppp passwordfd %d",
+                arguments, pppd_passwdfd[0]);
+
       // let's parse the arguments the user supplied into UNIX suitable form
       // that is a list of pointers each pointing to exactly one word
-      strlcpy(buf, arguments, sizeof(buf));
-      parseargs(buf, args);
+      parseargs(buffer, args);
+
       // become a session leader and let /dev/ttySx
       // be the controlling terminal.
       pgrpid = setsid();
@@ -556,7 +573,7 @@
 
       execve(pppdPath(), args, 0L);
       _exit(0);
-      break;
+    } break;
 
     default:
       Debug2("In parent: pppd pid %d\n",pppdPid);
--- kppp/opener.h
+++ kppp/opener.h	2004/01/27 14:07:39
@@ -48,7 +48,7 @@
   bool createAuthFile(Auth method, char *username, char *password);
   bool removeAuthFile(Auth method);
   const char* authFile(Auth method, int version = Original);
-  bool execpppd(const char *arguments);
+  bool execpppd(const char *arguments, char *password);
   bool killpppd()const;
   void parseargs(char* buf, char** args);
 
@@ -114,6 +114,7 @@
 struct ExecDaemonRequest {
   struct RequestHeader header;
   char   arguments[MAX_CMDLEN+1];
+  char   password[Opener::MaxStrLen+1];
 };
 
 struct KillDaemonRequest {
--- kppp_peers
+++ kppp_peers	2004/01/27 14:06:46
@@ -0,0 +1,2 @@
+plugin passwordfd.so
+
--- kppp/requester.cpp
+++ kppp/requester.cpp	2004/01/27 14:06:46
@@ -284,11 +284,13 @@
 }
 
 
-bool Requester::execPPPDaemon(const QString &arguments) {
+bool Requester::execPPPDaemon(const QString &arguments, const QString &password) {
   struct ExecDaemonRequest req;
   req.header.type = Opener::ExecPPPDaemon;
   strncpy(req.arguments, QFile::encodeName(arguments), MAX_CMDLEN);
   req.arguments[MAX_CMDLEN] = '\0';
+  strncpy(req.password, QFile::encodeName(password), Opener::MaxStrLen);
+  req.password[Opener::MaxStrLen] = '\0';
   sendRequest((struct RequestHeader *) &req, sizeof(req));
   if(recvResponse()==0) {
     gpppdata.setpppdRunning(true);
--- kppp/requester.h
+++ kppp/requester.h	2004/01/27 14:06:46
@@ -15,7 +15,7 @@
   bool setSecret(int method, const QString & name, const QString & password);
   bool removeSecret(int authMethode);
   bool setHostname(const QString & name);
-  bool execPPPDaemon(const QString & arguments);
+  bool execPPPDaemon(const QString & arguments, const QString & password);
   bool killPPPDaemon();
   int  pppdExitStatus();
   bool stop();
openSUSE Build Service is sponsored by