1 diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN libgksu-2.0.12.orig/libgksu/libgksu.c libgksu-2.0.12/libgksu/libgksu.c
2 --- libgksu-2.0.12.orig/libgksu/libgksu.c 2009-06-29 13:48:24.000000000 -0400
3 +++ libgksu-2.0.12/libgksu/libgksu.c 2010-01-12 07:32:10.450657456 -0500
6 * Gksu -- a library providing access to su functionality
7 * Copyright (C) 2004-2009 Gustavo Noronha Silva
8 - * Portions Copyright (C) 2009 VMware, Inc.
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
14 gksu_context_launch_complete (GksuContext *context);
17 -read_line (int fd, gchar *buffer, int n);
20 gksu_error_get_type (void)
22 @@ -2009,8 +2005,6 @@ gksu_su_fuller (GksuContext *context,
23 for (i = 0 ; cmd[i] != NULL ; i++)
31 @@ -2125,10 +2119,10 @@ gksu_su_fuller (GksuContext *context,
32 /* drop the \n echoed on password entry if su did request
35 - read_line (fdpty, buf, 255);
36 + read (fdpty, buf, 255);
38 fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
39 - read_line (fdpty, buf, 255);
40 + read (fdpty, buf, 255);
42 fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
44 @@ -2142,9 +2136,7 @@ gksu_su_fuller (GksuContext *context,
48 - /* Red Hat's su shows the full path to su in its error messages. */
49 - if (!strncmp (buf, "su:", 3) ||
50 - !strncmp (buf, "/bin/su:", 7))
51 + if (!strncmp (buf, "su", 2))
55 @@ -2155,11 +2147,7 @@ gksu_su_fuller (GksuContext *context,
58 strings = g_strsplit (buf, ":", 2);
60 - /* Red Hat and Fedora use 'incorrect password'. */
62 - (g_str_has_prefix(strings[1], " Authentication failure") ||
63 - g_str_has_prefix(strings[1], " incorrect password")))
64 + if (strings[1] && !strncmp (strings[1], " Authentication failure", 23))
66 if (used_gnome_keyring)
67 g_set_error (error, gksu_quark,
68 @@ -2473,12 +2461,6 @@ gksu_sudo_fuller (GksuContext *context,
71 char buffer[256] = {0};
72 - char *child_stderr = NULL;
73 - /* This command is used to gain a token */
74 - char *const verifycmd[] =
76 - "/usr/bin/sudo", "-p", "GNOME_SUDO_PASS", "-v", NULL
81 @@ -2489,8 +2471,9 @@ gksu_sudo_fuller (GksuContext *context,
85 - FILE *fdfile = NULL;
87 + FILE *infile, *outfile;
88 + int parent_pipe[2]; /* For talking to the parent */
89 + int child_pipe[2]; /* For talking to the child */
91 context->sudo_mode = TRUE;
93 @@ -2565,10 +2548,6 @@ gksu_sudo_fuller (GksuContext *context,
94 cmd[argcount] = g_strdup("-S");
97 - /* Make sudo noninteractive (we should already have a token) */
98 - cmd[argcount] = g_strdup("-n");
101 /* Make sudo use next arg as prompt */
102 cmd[argcount] = g_strdup("-p");
104 @@ -2647,21 +2626,26 @@ gksu_sudo_fuller (GksuContext *context,
105 fprintf (stderr, "cmd[%d]: %s\n", i, cmd[i]);
108 - pid = forkpty(&fdpty, NULL, NULL, NULL);
110 + if ((pipe(parent_pipe)) == -1)
113 - setsid(); // make us session leader
115 - execv(verifycmd[0], verifycmd);
116 + g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
117 + _("Error creating pipe: %s"),
119 + sudo_reset_xauth (context, xauth, xauth_env);
123 - g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
124 - _("Failed to exec new process: %s"),
125 + if ((pipe(child_pipe)) == -1)
127 + g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
128 + _("Error creating pipe: %s"),
130 sudo_reset_xauth (context, xauth, xauth_env);
133 - else if (pid == -1)
138 g_set_error (error, gksu_quark, GKSU_ERROR_FORK,
139 _("Failed to fork new process: %s"),
140 @@ -2669,26 +2653,56 @@ gksu_sudo_fuller (GksuContext *context,
141 sudo_reset_xauth (context, xauth, xauth_env);
147 + setsid(); // make us session leader
148 + close(child_pipe[1]);
149 + dup2(child_pipe[0], STDIN_FILENO);
150 + dup2(parent_pipe[1], STDERR_FILENO);
152 + execv(cmd[0], cmd);
154 + g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
155 + _("Failed to exec new process: %s"),
157 + sudo_reset_xauth (context, xauth, xauth_env);
163 gchar *cmdline = NULL;
164 - struct termios tio;
167 - fdfile = fdopen(fdpty, "w+");
168 + close(parent_pipe[1]);
170 - /* make sure we notice that ECHO is turned off, if it gets
172 - tcgetattr (fdpty, &tio);
173 - for (counter = 0; (tio.c_lflag & ECHO) && counter < 15; counter++)
176 - tcgetattr (fdpty, &tio);
178 + infile = fdopen(parent_pipe[0], "r");
181 + g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
182 + _("Error opening pipe: %s"),
184 + sudo_reset_xauth (context, xauth, xauth_env);
188 - fcntl (fdpty, F_SETFL, O_NONBLOCK);
189 + outfile = fdopen(child_pipe[1], "w");
192 + g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
193 + _("Error opening pipe: %s"),
195 + sudo_reset_xauth (context, xauth, xauth_env);
200 + we are expecting to receive a GNOME_SUDO_PASS
201 + if we don't there are two possibilities: an error
202 + or a password is not needed
204 + fcntl (parent_pipe[0], F_SETFL, O_NONBLOCK);
206 { /* no matter if we can read, since we're using
207 O_NONBLOCK; this is just to avoid the prompt
208 @@ -2697,11 +2711,11 @@ gksu_sudo_fuller (GksuContext *context,
212 - FD_SET(fdpty, &rfds);
213 + FD_SET(parent_pipe[0], &rfds);
217 - select (fdpty + 1, &rfds, NULL, NULL, &tv);
218 + select (parent_pipe[0] + 1, &rfds, NULL, NULL, &tv);
221 /* Try hard to find the prompt; it may happen that we're
222 @@ -2713,7 +2727,7 @@ gksu_sudo_fuller (GksuContext *context,
223 if (strncmp (buffer, "GNOME_SUDO_PASS", 15) == 0)
226 - read_line (fdpty, buffer, 256);
227 + read_line (parent_pipe[0], buffer, 256);
230 fprintf (stderr, "buffer: -%s-\n", buffer);
231 @@ -2747,17 +2761,18 @@ gksu_sudo_fuller (GksuContext *context,
235 - write (fdpty, password, strlen(password) + 1);
236 - write (fdpty, "\n", 1);
237 + fprintf (outfile, "%s\n", password);
240 nullify_password (password);
242 - fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
243 + /* turn NONBLOCK off */
244 + fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
245 /* ignore the first newline that comes right after sudo receives
247 - fgets (buffer, 255, fdfile);
248 - /* this is the status we are interested in */
249 - fgets (buffer, 255, fdfile);
250 + fgets (buffer, 255, infile);
251 + /* this is the status we are interessted in */
252 + fgets (buffer, 255, infile);
256 @@ -2766,7 +2781,7 @@ gksu_sudo_fuller (GksuContext *context,
257 fprintf (stderr, "No password prompt found; we'll assume we don't need a password.\n");
259 /* turn NONBLOCK off, also if have no prompt */
260 - fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
261 + fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
263 should_display = gconf_client_get_bool (context->gconf_client,
264 BASE_PATH "display-no-pass-info", NULL);
265 @@ -2785,9 +2800,14 @@ gksu_sudo_fuller (GksuContext *context,
266 fprintf (stderr, "%s", buffer);
269 - if (g_str_has_prefix (buffer, "Sorry, try again."))
270 + if (!strcmp (buffer, "Sorry, try again.\n"))
271 g_set_error (error, gksu_quark, GKSU_ERROR_WRONGPASS,
272 _("Wrong password."));
273 + else if (!strncmp (buffer, "Sorry, user ", 12))
274 + g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
275 + _("The underlying authorization mechanism (sudo) "
276 + "does not allow you to run this program. Contact "
277 + "the system administrator."));
280 gchar *haystack = buffer;
281 @@ -2805,10 +2825,6 @@ gksu_sudo_fuller (GksuContext *context,
285 - /* If we have an error, let's just stop sudo right there. */
289 cmdline = g_strdup("sudo");
290 /* wait for the child process to end or become something other
292 @@ -2825,23 +2841,17 @@ gksu_sudo_fuller (GksuContext *context,
293 if (context->sn_context)
294 gksu_context_launch_complete (context);
296 + while (read (parent_pipe[0], buffer, 255) > 0)
298 + fprintf (stderr, "%s", buffer);
299 + bzero(buffer, 256);
302 /* if the process is still active waitpid() on it */
303 if (pid_exited != pid)
304 waitpid(pid, &status, 0);
305 sudo_reset_xauth (context, xauth, xauth_env);
308 - * Did token acquisition succeed? If so, spawn sudo in
309 - * non-interactive mode. It should either succeed or die
310 - * immediately if you're not allowed to run the command.
312 - if (WEXITSTATUS(status) == 0)
314 - g_spawn_sync(NULL, cmd, NULL, 0, NULL, NULL,
315 - NULL, &child_stderr, &status,
321 if (WIFEXITED(status)) {
322 @@ -2853,13 +2863,6 @@ gksu_sudo_fuller (GksuContext *context,
324 if (WEXITSTATUS(status))
326 - if (g_str_has_prefix(child_stderr, "Sorry, user "))
328 - g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
329 - _("The underlying authorization mechanism (sudo) "
330 - "does not allow you to run this program. Contact "
331 - "the system administrator."));
335 /* sudo already exec()ed something else, don't report
336 @@ -2868,7 +2871,6 @@ gksu_sudo_fuller (GksuContext *context,
337 if (!g_str_has_suffix (cmdline, "sudo"))
340 - g_free (child_stderr);
344 @@ -2881,11 +2883,11 @@ gksu_sudo_fuller (GksuContext *context,
348 - fprintf(stderr, child_stderr);
349 - g_free(child_stderr);
351 /* if error is set we have found an error condition */
352 - return (error == NULL);