Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:belphegor_belbel:KDE3
kdenetwork3
kppp-security.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File kppp-security.diff of Package kdenetwork3
Index: kppp/connect.cpp =================================================================== --- kppp/connect.cpp.orig +++ kppp/connect.cpp @@ -1345,7 +1345,7 @@ bool ConnectWidget::execppp() { kapp->flushX(); - return Requester::rq->execPPPDaemon(command); + return Requester::rq->execPPPDaemon(command, gpppdata.password()); } Index: kppp/opener.cpp =================================================================== --- kppp/opener.cpp.orig +++ kppp/opener.cpp @@ -302,7 +302,8 @@ void Opener::mainLoop() { case ExecPPPDaemon: Debug("Opener: received ExecPPPDaemon"); MY_ASSERT(len == sizeof(struct ExecDaemonRequest)); - response.status = execpppd(request.daemon.arguments); + response.status = execpppd(request.daemon.arguments, + request.daemon.password); sendResponse(&response); break; @@ -508,8 +509,7 @@ const char* Opener::authFile(Auth method } -bool Opener::execpppd(const char *arguments) { - char buf[MAX_CMDLEN]; +bool Opener::execpppd(const char *arguments, char *password) { char *args[MaxArgs]; pid_t pgrpid; @@ -525,11 +525,28 @@ bool Opener::execpppd(const char *argume return false; break; - case 0: + case 0: { + + char buffer[MAX_CMDLEN] = ""; + + // if (access( "passwordfd.so", F_OK) == 0) { + + // open a pipe to pass password to pppd + int pppd_passwdfd[2]; + if (pipe (pppd_passwdfd) == -1) { + fprintf (stderr, "pipe failed: %s\n", strerror(errno)); + exit (EXIT_FAILURE); + } + write (pppd_passwdfd[1], (const char *) password, strlen (password)); + close (pppd_passwdfd[1]); + + snprintf (buffer, MAX_CMDLEN, "%s call kppp passwordfd %d", + arguments, pppd_passwdfd[0]); + // let's parse the arguments the user supplied into UNIX suitable form // that is a list of pointers each pointing to exactly one word - strlcpy(buf, arguments, sizeof(buf)); - parseargs(buf, args); + parseargs(buffer, args); + // become a session leader and let /dev/ttySx // be the controlling terminal. pgrpid = setsid(); @@ -560,7 +577,7 @@ bool Opener::execpppd(const char *argume execve(pppdPath(), args, 0L); _exit(0); - break; + } break; default: Debug2("In parent: pppd pid %d\n",pppdPid); Index: kppp/opener.h =================================================================== --- kppp/opener.h.orig +++ kppp/opener.h @@ -48,7 +48,7 @@ private: bool createAuthFile(Auth method, char *username, char *password); bool removeAuthFile(Auth method); const char* authFile(Auth method, int version = Original); - bool execpppd(const char *arguments); + bool execpppd(const char *arguments, char *password); bool killpppd()const; void parseargs(char* buf, char** args); @@ -114,6 +114,7 @@ struct SetHostnameRequest { struct ExecDaemonRequest { struct RequestHeader header; char arguments[MAX_CMDLEN+1]; + char password[Opener::MaxStrLen+1]; }; struct KillDaemonRequest { Index: kppp_peers =================================================================== --- /dev/null +++ kppp_peers @@ -0,0 +1,2 @@ +plugin passwordfd.so + Index: kppp/requester.cpp =================================================================== --- kppp/requester.cpp.orig +++ kppp/requester.cpp @@ -284,11 +284,13 @@ bool Requester::setHostname(const QStrin } -bool Requester::execPPPDaemon(const QString &arguments) { +bool Requester::execPPPDaemon(const QString &arguments, const QString &password) { struct ExecDaemonRequest req; req.header.type = Opener::ExecPPPDaemon; strncpy(req.arguments, QFile::encodeName(arguments), MAX_CMDLEN); req.arguments[MAX_CMDLEN] = '\0'; + strncpy(req.password, QFile::encodeName(password), Opener::MaxStrLen); + req.password[Opener::MaxStrLen] = '\0'; sendRequest((struct RequestHeader *) &req, sizeof(req)); if(recvResponse()==0) { gpppdata.setpppdRunning(true); Index: kppp/requester.h =================================================================== --- kppp/requester.h.orig +++ kppp/requester.h @@ -15,7 +15,7 @@ public: bool setSecret(int method, const QString & name, const QString & password); bool removeSecret(int authMethode); bool setHostname(const QString & name); - bool execPPPDaemon(const QString & arguments); + bool execPPPDaemon(const QString & arguments, const QString & password); bool killPPPDaemon(); int pppdExitStatus(); bool stop();
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor