diff options
| author | Jon TURNEY <jon.turney@dronecode.org.uk> | 2015-07-06 17:15:44 +0100 |
|---|---|---|
| committer | Adam Jackson <ajax@redhat.com> | 2015-09-21 13:07:02 -0400 |
| commit | cdd1d58159140759052ec043bc9828d94ba97bc7 (patch) | |
| tree | e3333e4eaa8c01c1ecd806dce2f180729749be2c | |
| parent | f8a2c087c89ed5b638a2e62987f255d3f04f914e (diff) | |
mingw: Fix NO_LOCAL_CLIENT_CRED build
Commit 4b4b9086 "os: support new implicit local user access mode [CVE-2015-3164
2/3]" carefully places the relevant code it adds under !NO_LOCAL_CLIENT_CRED,
but unfortunately doesn't notice that NO_LOCAL_CLIENT_CRED is defined as a
side-effect in the middle of GetLocalClientCreds(), so many of these checks
precede its definition.
Move the check if NO_LOCAL_CLIENT_CRED should be defined to configure.ac, so it
always occurs before it's first use.
v2:
Move check to configure.ac
v3:
Use AC_CACHE_CHECK and name cache varaible appropriately
[ajax: Massaged commit message]
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Ray Strode <rstrode@redhat.com>
| -rw-r--r-- | configure.ac | 18 | ||||
| -rw-r--r-- | include/dix-config.h.in | 3 | ||||
| -rw-r--r-- | os/access.c | 1 |
3 files changed, 21 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index bab7d89bd..0ab756dc7 100644 --- a/configure.ac +++ b/configure.ac @@ -223,6 +223,24 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup]) AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]]) +dnl Check for SO_PEERCRED #define +AC_CACHE_CHECK([for SO_PEERCRED in sys/socket.h], + [xorg_cv_sys_have_so_peercred], + [AC_EGREP_CPP(yes_have_so_peercred,[ +#include <sys/types.h> +#include <sys/socket.h> +#ifdef SO_PEERCRED +yes_have_so_peercred +#endif +], + [xorg_cv_sys_have_so_peercred=yes], + [xorg_cv_sys_have_so_peercred=no])]) + +dnl define NO_LOCAL_CLIENT_CRED if no getpeereid, getpeerucred or SO_PEERCRED +if test "x$ac_cv_func_getpeereid" = xno && test "x$ac_cv_func_getpeerucred" = xno && test "x$xorg_cv_sys_have_so_peercred" = xno ; then + AC_DEFINE([NO_LOCAL_CLIENT_CRED], 1, [Define to 1 if no local socket credentials interface exists]) +fi + dnl Find the math libary, then check for cbrt function in it. AC_CHECK_LIB(m, sqrt) AC_CHECK_FUNCS([cbrt]) diff --git a/include/dix-config.h.in b/include/dix-config.h.in index c2ba4347f..daaff8d5a 100644 --- a/include/dix-config.h.in +++ b/include/dix-config.h.in @@ -518,4 +518,7 @@ /* Listen on local socket */ #undef LISTEN_LOCAL +/* Define if no local socket credentials interface exists */ +#undef NO_LOCAL_CLIENT_CRED + #endif /* _DIX_CONFIG_H_ */ diff --git a/os/access.c b/os/access.c index 75e7a6983..54f069024 100644 --- a/os/access.c +++ b/os/access.c @@ -1221,7 +1221,6 @@ GetLocalClientCreds(ClientPtr client, LocalClientCredRec ** lccp) #endif #else /* No system call available to get the credentials of the peer */ -#define NO_LOCAL_CLIENT_CRED return -1; #endif } |