Index: head/x11/gdm/Makefile =================================================================== --- head/x11/gdm/Makefile (revision 401857) +++ head/x11/gdm/Makefile (revision 401858) @@ -1,159 +1,160 @@ # Created by: Joe Marcus Clarke # $FreeBSD$ PORTNAME= gdm PORTVERSION= 3.16.2 +PORTREVISION= 1 CATEGORIES= x11 gnome MASTER_SITES= GNOME DIST_SUBDIR= gnome3 MAINTAINER= gnome@FreeBSD.org COMMENT= GNOME 3 version of xdm display manager BUILD_DEPENDS= zenity>=3.0.0:${PORTSDIR}/x11/zenity \ itstool:${PORTSDIR}/textproc/itstool \ iso-codes>=0:${PORTSDIR}/misc/iso-codes LIB_DEPENDS= libck-connector.so:${PORTSDIR}/sysutils/consolekit \ libdbus-glib-1.so:${PORTSDIR}/devel/dbus-glib \ libupower-glib.so:${PORTSDIR}/sysutils/upower \ libnss3.so:${PORTSDIR}/security/nss \ libfontconfig.so:${PORTSDIR}/x11-fonts/fontconfig \ libaccountsservice.so:${PORTSDIR}/sysutils/accountsservice \ libcanberra-gtk3.so:${PORTSDIR}/audio/libcanberra-gtk3 RUN_DEPENDS= zenity>=3.0.0:${PORTSDIR}/x11/zenity \ gnome-shell>=3.15.92:${PORTSDIR}/x11/gnome-shell \ gnome-settings-daemon>=3.0.0:${PORTSDIR}/sysutils/gnome-settings-daemon \ gnome-keyring-3:${PORTSDIR}/security/gnome-keyring \ gnome-session>=3.0.0:${PORTSDIR}/x11/gnome-session \ gnome-icon-theme-symbolic>=0:${PORTSDIR}/x11-themes/gnome-icon-theme-symbolic \ polkit-gnome>=0.105:${PORTSDIR}/sysutils/polkit-gnome \ at-spi2-core>=0:${PORTSDIR}/accessibility/at-spi2-core \ iso-codes>=0:${PORTSDIR}/misc/iso-codes # used in scripts RUN_DEPENDS+= xrdb:${PORTSDIR}/x11/xrdb \ setxkbmap:${PORTSDIR}/x11/setxkbmap \ xmodmap:${PORTSDIR}/x11/xmodmap \ xterm:${PORTSDIR}/x11/xterm USERS= gdm GROUPS= gdm PORTSCOUT= limitw:1,even USES= execinfo gettext gmake libtool pathfix pkgconfig tar:xz USE_GNOME= dconf intlhack introspection librsvg2 USE_LDCONFIG= yes USE_XORG= dmx dmxproto INSTALLS_ICONS= yes USE_RC_SUBR= gdm USE_GNOME_SUBR= yes GNU_CONFIGURE= yes GLIB_SCHEMAS= org.gnome.login-screen.gschema.xml CONFIGURE_ARGS= --disable-static \ --mandir=${PREFIX}/man \ --with-lang-file=${PREFIX}/etc/gdm/locale.conf \ --with-at-spi-registryd-directory=${LOCALBASE}/libexec \ --with-custom-conf=${PREFIX}/etc/gdm/custom.conf \ --with-dbus-sys=${PREFIX}/etc/dbus-1/system.d \ --with-log-dir=/var/log/gdm \ --localstatedir=/var \ --with-console-kit \ --with-working-directory=${PREFIX}/etc/gdm/home \ --with-sysconfsubdir=gdm \ --with-pid-file=/var/run/gdm.pid \ --with-dmconfdir=${LOCALBASE}/share/xsessions \ --with-screenshot-dir=/var/run/gdm/greeter \ --enable-authentication-scheme=pam \ --without-plymouth \ --with-user=gdm \ --with-group=gdm \ --with-initial-vt=09 \ --disable-wayland-support \ --with-systemd=no # this is a hack until we can get our own pam dir and dir in order. CONFIGURE_ARGS+=--with-default-pam-config=redhat CPPFLAGS+= -I${LOCALBASE}/include -DHAS_SA_LEN LDFLAGS+= -L${LOCALBASE}/lib INSTALL_TARGET= install-strip SUB_FILES+= gdm-launch-environment \ gdm-password \ gdm-autologin \ client.conf \ locale.conf GDMDIR?= ${PREFIX}/etc/gdm PKGMESSAGE= ${WRKDIR}/pkg-message GNOME_LOCALSTATEDIR= /var OPTIONS_DEFINE= IPV6 KEYRING OPTIONS_DEFAULT=KEYRING KEYRING_DESC= Gnomekeyring/PAM integration KEYRING_LIB_DEPENDS= libgnome-keyring.so:${PORTSDIR}/security/libgnome-keyring IPV6_CONFIGURE_ENABLE= ipv6 .include .if defined(WITH_DEBUG) CONFIGURE_ARGS+= --enable-debug .endif .if ${PORT_OPTIONS:MKEYRING} SUB_LIST+= PAM_KEYRING= .else SUB_LIST+= PAM_KEYRING=\# .endif post-patch: @${REINPLACE_CMD} -e 's|root:root|root:wheel|g' \ ${WRKSRC}/data/Makefile.in @${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \ -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ ${WRKSRC}/daemon/gdm-session-worker.c @${REINPLACE_CMD} -e 's|/usr/X11R6|${LOCALBASE}|g' \ -e 's|/usr/bin/X|${LOCALBASE}/bin/X|g' \ -e 's|/usr/bin/Xorg|${LOCALBASE}/bin/Xorg|g' \ ${WRKSRC}/configure ${WRKSRC}/daemon/*.c ${WRKSRC}/po/*.po @${REINPLACE_CMD} -e 's|/at-spi-registryd|/at-spi2-registryd|g' \ ${WRKSRC}/gui/simple-chooser/gdm-host-chooser.c \ ${WRKSRC}/gui/simple-chooser/chooser-main.c @${REINPLACE_CMD} -e 's|/etc/X11|${LOCALBASE}/etc/X11|g' \ ${WRKSRC}/data/Init.in \ ${WRKSRC}/data/PostLogin \ ${WRKSRC}/data/PostSession.in \ ${WRKSRC}/data/PreSession.in \ ${WRKSRC}/data/Xsession.in @${RM} ${WRKSRC}/data/applications/gdm-simple-greeter.desktop \ ${WRKSRC}/data/applications/gdm-simple-greeter.desktop.in \ ${WRKSRC}/data/applications/gnome-shell.desktop \ post-install: ${INSTALL_DATA} ${WRKSRC}/data/gdm.conf-custom \ ${STAGEDIR}${PREFIX}/etc/gdm/custom.conf.sample @${RM} ${STAGEDIR}${PREFIX}/etc/gdm/custom.conf ${MV} ${STAGEDIR}${PREFIX}/etc/gdm/PostSession/Default \ ${STAGEDIR}${PREFIX}/etc/gdm/PostSession/Default.sample ${MV} ${STAGEDIR}${PREFIX}/etc/gdm/PreSession/Default \ ${STAGEDIR}${PREFIX}/etc/gdm/PreSession/Default.sample ${MKDIR} ${STAGEDIR}${PREFIX}/share/xsessions ${MKDIR} ${STAGEDIR}${PREFIX}/etc/gdm/Sessions ${MKDIR} ${STAGEDIR}${PREFIX}/etc/dm/Sessions ${MKDIR} ${STAGEDIR}${PREFIX}/etc/gdm/home ${MKDIR} ${STAGEDIR}${PREFIX}/etc/gdm/home/.pulse/ ${INSTALL_DATA} ${WRKDIR}/gdm-autologin ${STAGEDIR}${PREFIX}/etc/pam.d/gdm-autologin ${INSTALL_DATA} ${WRKDIR}/gdm-launch-environment ${STAGEDIR}${PREFIX}/etc/pam.d/gdm-launch-environment ${INSTALL_DATA} ${WRKDIR}/gdm-password ${STAGEDIR}${PREFIX}/etc/pam.d/gdm-password ${INSTALL_DATA} ${WRKDIR}/client.conf ${STAGEDIR}${PREFIX}/etc/gdm/home/.pulse/ ${INSTALL_DATA} ${WRKDIR}/locale.conf ${STAGEDIR}${PREFIX}/etc/gdm/ @${SED} -e 's|%%PREFIX%%|${PREFIX}|g' < ${PKGDIR}/pkg-message \ | /usr/bin/fmt 75 79 > ${PKGMESSAGE} .include Index: head/x11/gdm/files/patch-CVE-2015-7496 =================================================================== --- head/x11/gdm/files/patch-CVE-2015-7496 (nonexistent) +++ head/x11/gdm/files/patch-CVE-2015-7496 (revision 401858) @@ -0,0 +1,207 @@ +From 05e5fc24b0f803098c1d05dae86f5eb05bd0c2a4 Mon Sep 17 00:00:00 2001 +From: Rui Matos +Date: Sun, 15 Nov 2015 14:07:53 -0500 +Subject: session: Cancel worker proxy async ops when freeing conversations + +We need to cancel ongoing async ops for worker proxies when freeing +conversations or we'll crash when the completion handler runs and we +access free'd memory. + +https://bugzilla.gnome.org/show_bug.cgi?id=758032 + +--- + +From 5ac224602f1d603aac5eaa72e1760d3e33a26f0a Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Fri, 13 Nov 2015 11:14:59 -0500 +Subject: session: disconnect signals from worker proxy when conversation is + freed + +We don't want an outstanding reference on the worker proxy to lead to +signal handlers getting dispatched after the conversation is freed. + +https://bugzilla.gnome.org/show_bug.cgi?id=758032 + +--- + + +--- daemon/gdm-session.c.orig 2015-11-18 10:47:55.522178000 +0100 ++++ daemon/gdm-session.c 2015-11-18 10:48:00.450095000 +0100 +@@ -73,6 +73,7 @@ typedef struct + GDBusMethodInvocation *pending_invocation; + GdmDBusWorkerManager *worker_manager_interface; + GdmDBusWorker *worker_proxy; ++ GCancellable *worker_cancellable; + char *session_id; + guint32 is_stopping : 1; + +@@ -1031,6 +1032,8 @@ register_worker (GdmDBusWorkerManager * + + g_dbus_proxy_set_default_timeout (G_DBUS_PROXY (conversation->worker_proxy), G_MAXINT); + ++ conversation->worker_cancellable = g_cancellable_new (); ++ + g_signal_connect (conversation->worker_proxy, + "username-changed", + G_CALLBACK (worker_on_username_changed), conversation); +@@ -1666,7 +1669,28 @@ free_conversation (GdmSessionConversatio + g_free (conversation->starting_username); + g_free (conversation->session_id); + g_clear_object (&conversation->worker_manager_interface); +- g_clear_object (&conversation->worker_proxy); ++ ++ if (conversation->worker_proxy != NULL) { ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_username_changed), ++ conversation); ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_session_exited), ++ conversation); ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_reauthenticated), ++ conversation); ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_saved_language_name_read), ++ conversation); ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_saved_session_name_read), ++ conversation); ++ g_signal_handlers_disconnect_by_func (conversation->worker_proxy, ++ G_CALLBACK (worker_on_cancel_pending_query), ++ conversation); ++ g_clear_object (&conversation->worker_proxy); ++ } + g_clear_object (&conversation->session); + g_free (conversation); + } +@@ -1828,6 +1852,9 @@ close_conversation (GdmSessionConversati + g_clear_object (&conversation->worker_manager_interface); + } + ++ g_cancellable_cancel (conversation->worker_cancellable); ++ g_clear_object (&conversation->worker_cancellable); ++ + if (conversation->worker_proxy != NULL) { + GDBusConnection *connection = g_dbus_proxy_get_connection (G_DBUS_PROXY (conversation->worker_proxy)); + g_dbus_connection_close_sync (connection, NULL, NULL); +@@ -1996,7 +2023,7 @@ send_setup (GdmSession *self, + display_hostname, + self->priv->display_is_local, + self->priv->display_is_initial, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_setup_complete_cb, + conversation); + } +@@ -2062,7 +2089,7 @@ send_setup_for_user (GdmSession *self, + display_hostname, + self->priv->display_is_local, + self->priv->display_is_initial, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_setup_complete_cb, + conversation); + } +@@ -2124,7 +2151,7 @@ send_setup_for_program (GdmSession *self + self->priv->display_is_local, + self->priv->display_is_initial, + log_file, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_setup_complete_cb, + conversation); + } +@@ -2182,7 +2209,7 @@ gdm_session_authenticate (GdmSession *se + conversation = find_conversation_by_name (self, service_name); + if (conversation != NULL) { + gdm_dbus_worker_call_authenticate (conversation->worker_proxy, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_authenticate_cb, + conversation); + } +@@ -2199,7 +2226,7 @@ gdm_session_authorize (GdmSession *self, + conversation = find_conversation_by_name (self, service_name); + if (conversation != NULL) { + gdm_dbus_worker_call_authorize (conversation->worker_proxy, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_authorize_cb, + conversation); + } +@@ -2216,7 +2243,7 @@ gdm_session_accredit (GdmSession *self, + conversation = find_conversation_by_name (self, service_name); + if (conversation != NULL) { + gdm_dbus_worker_call_establish_credentials (conversation->worker_proxy, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_establish_credentials_cb, + conversation); + } +@@ -2230,7 +2257,8 @@ send_environment_variable (const char + { + gdm_dbus_worker_call_set_environment_variable (conversation->worker_proxy, + key, value, +- NULL, NULL, NULL); ++ conversation->worker_cancellable, ++ NULL, NULL); + } + + static void +@@ -2418,7 +2446,8 @@ send_display_mode (GdmSession *self, + mode = gdm_session_get_display_mode (self); + gdm_dbus_worker_call_set_session_display_mode (conversation->worker_proxy, + gdm_session_display_mode_to_string (mode), +- NULL, NULL, NULL); ++ conversation->worker_cancellable, ++ NULL, NULL); + } + + static void +@@ -2434,7 +2463,8 @@ send_session_type (GdmSession *self, + gdm_dbus_worker_call_set_environment_variable (conversation->worker_proxy, + "XDG_SESSION_TYPE", + session_type, +- NULL, NULL, NULL); ++ conversation->worker_cancellable, ++ NULL, NULL); + } + + void +@@ -2452,7 +2482,7 @@ gdm_session_open_session (GdmSession *se + send_session_type (self, conversation); + + gdm_dbus_worker_call_open (conversation->worker_proxy, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_opened, conversation); + } + } +@@ -2638,7 +2668,7 @@ gdm_session_start_session (GdmSession *s + + gdm_dbus_worker_call_start_program (conversation->worker_proxy, + program, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_start_program_cb, + conversation); + g_free (program); +@@ -2770,7 +2800,7 @@ gdm_session_start_reauthentication (GdmS + gdm_dbus_worker_call_start_reauthentication (conversation->worker_proxy, + (int) pid_of_caller, + (int) uid_of_caller, +- NULL, ++ conversation->worker_cancellable, + (GAsyncReadyCallback) on_reauthentication_started_cb, + conversation); + } +@@ -3032,7 +3062,8 @@ gdm_session_select_session (GdmSession * + + gdm_dbus_worker_call_set_session_name (conversation->worker_proxy, + get_session_name (self), +- NULL, NULL, NULL); ++ conversation->worker_cancellable, ++ NULL, NULL); + } + } + Property changes on: head/x11/gdm/files/patch-CVE-2015-7496 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property