File kppp-security.diff of Package kdenetwork3

Index: kppp/connect.cpp
===================================================================
--- kppp/connect.cpp.orig
+++ kppp/connect.cpp
@@ -1345,7 +1345,7 @@ bool ConnectWidget::execppp() {
 
   kapp->flushX();
 
-  return Requester::rq->execPPPDaemon(command);
+  return Requester::rq->execPPPDaemon(command, gpppdata.password());
 }
 
 
Index: kppp/opener.cpp
===================================================================
--- kppp/opener.cpp.orig
+++ kppp/opener.cpp
@@ -302,7 +302,8 @@ void Opener::mainLoop() {
       case ExecPPPDaemon:
 	Debug("Opener: received ExecPPPDaemon");
 	MY_ASSERT(len == sizeof(struct ExecDaemonRequest));
-	response.status = execpppd(request.daemon.arguments);
+	response.status = execpppd(request.daemon.arguments,
+				   request.daemon.password);
 	sendResponse(&response);
 	break;
 
@@ -508,8 +509,7 @@ const char* Opener::authFile(Auth method
 }
 
 
-bool Opener::execpppd(const char *arguments) {
-  char buf[MAX_CMDLEN];
+bool Opener::execpppd(const char *arguments, char *password) {
   char *args[MaxArgs];
   pid_t pgrpid;
 
@@ -525,11 +525,28 @@ bool Opener::execpppd(const char *argume
       return false;
       break;
 
-    case 0:
+    case 0: {
+      
+      char buffer[MAX_CMDLEN] = "";
+      
+      // if (access( "passwordfd.so", F_OK) == 0) {
+
+      // open a pipe to pass password to pppd
+      int pppd_passwdfd[2];
+      if (pipe (pppd_passwdfd) == -1) {
+        fprintf (stderr, "pipe failed: %s\n", strerror(errno));
+        exit (EXIT_FAILURE);
+      }
+      write (pppd_passwdfd[1], (const char *) password, strlen (password));
+      close (pppd_passwdfd[1]);
+
+      snprintf (buffer, MAX_CMDLEN, "%s call kppp passwordfd %d",
+                arguments, pppd_passwdfd[0]);
+
       // let's parse the arguments the user supplied into UNIX suitable form
       // that is a list of pointers each pointing to exactly one word
-      strlcpy(buf, arguments, sizeof(buf));
-      parseargs(buf, args);
+      parseargs(buffer, args);
+
       // become a session leader and let /dev/ttySx
       // be the controlling terminal.
       pgrpid = setsid();
@@ -560,7 +577,7 @@ bool Opener::execpppd(const char *argume
 
       execve(pppdPath(), args, 0L);
       _exit(0);
-      break;
+    } break;
 
     default:
       Debug2("In parent: pppd pid %d\n",pppdPid);
Index: kppp/opener.h
===================================================================
--- kppp/opener.h.orig
+++ kppp/opener.h
@@ -48,7 +48,7 @@ private:
   bool createAuthFile(Auth method, char *username, char *password);
   bool removeAuthFile(Auth method);
   const char* authFile(Auth method, int version = Original);
-  bool execpppd(const char *arguments);
+  bool execpppd(const char *arguments, char *password);
   bool killpppd()const;
   void parseargs(char* buf, char** args);
 
@@ -114,6 +114,7 @@ struct SetHostnameRequest {
 struct ExecDaemonRequest {
   struct RequestHeader header;
   char   arguments[MAX_CMDLEN+1];
+  char   password[Opener::MaxStrLen+1];
 };
 
 struct KillDaemonRequest {
Index: kppp_peers
===================================================================
--- /dev/null
+++ kppp_peers
@@ -0,0 +1,2 @@
+plugin passwordfd.so
+
Index: kppp/requester.cpp
===================================================================
--- kppp/requester.cpp.orig
+++ kppp/requester.cpp
@@ -284,11 +284,13 @@ bool Requester::setHostname(const QStrin
 }
 
 
-bool Requester::execPPPDaemon(const QString &arguments) {
+bool Requester::execPPPDaemon(const QString &arguments, const QString &password) {
   struct ExecDaemonRequest req;
   req.header.type = Opener::ExecPPPDaemon;
   strncpy(req.arguments, QFile::encodeName(arguments), MAX_CMDLEN);
   req.arguments[MAX_CMDLEN] = '\0';
+  strncpy(req.password, QFile::encodeName(password), Opener::MaxStrLen);
+  req.password[Opener::MaxStrLen] = '\0';
   sendRequest((struct RequestHeader *) &req, sizeof(req));
   if(recvResponse()==0) {
     gpppdata.setpppdRunning(true);
Index: kppp/requester.h
===================================================================
--- kppp/requester.h.orig
+++ kppp/requester.h
@@ -15,7 +15,7 @@ public:
   bool setSecret(int method, const QString & name, const QString & password);
   bool removeSecret(int authMethode);
   bool setHostname(const QString & name);
-  bool execPPPDaemon(const QString & arguments);
+  bool execPPPDaemon(const QString & arguments, const QString & password);
   bool killPPPDaemon();
   int  pppdExitStatus();
   bool stop();
openSUSE Build Service is sponsored by