File U_Remove-client-side-abstract-socket-support.patch of Package xtrans

Overview Repositories Revisions Requests Users Attributes Meta

File U_Remove-client-side-abstract-socket-support.patch of Package xtrans

From e24adec1203cd25423ab2835a5be4f6b828b72a5 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demiobenour@gmail.com>
Date: Thu, 17 Dec 2020 03:28:45 +0000
Subject: [PATCH] Remove client-side abstract socket support

CVE-2020-25697 and the Flatpak documentation show that clients using
abstract sockets without mutual authentication is unsafe.
TRANS_ABSTRACT remains supported, but it is now a no-op on the client
side.  Abstract sockets are still supported for servers, as the X server
authenticates the client via other methods.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
---
 Xtransint.h  |  4 +++-
 Xtranssock.c | 33 +++------------------------------
 2 files changed, 6 insertions(+), 31 deletions(-)

Index: xtrans-1.3.5/Xtransint.h
===================================================================
--- xtrans-1.3.5.orig/Xtransint.h
+++ xtrans-1.3.5/Xtransint.h
@@ -329,7 +329,9 @@ typedef struct _Xtransport_table {
 #define TRANS_DISABLED	(1<<2)	/* Don't open this one */
 #define TRANS_NOLISTEN  (1<<3)  /* Don't listen on this one */
 #define TRANS_NOUNLINK	(1<<4)	/* Don't unlink transport endpoints */
-#define TRANS_ABSTRACT	(1<<5)	/* Use abstract sockets if available */
+#define TRANS_ABSTRACT	(1<<5)	/* This previously meant that abstract sockets should be used available.  For security
+                                 * reasons, this is now a no-op on the client side, but it is still supported for servers.
+                                 */
 #define TRANS_NOXAUTH	(1<<6)	/* Don't verify authentication (because it's secure some other way at the OS layer) */
 #define TRANS_RECEIVED	(1<<7)  /* The fd for this has already been opened by someone else. */
 
Index: xtrans-1.3.5/Xtranssock.c
===================================================================
--- xtrans-1.3.5.orig/Xtranssock.c
+++ xtrans-1.3.5/Xtranssock.c
@@ -149,7 +149,7 @@ from the copyright holders.
 /* others don't need this */
 #define SocketInitOnce() /**/
 
-#ifdef linux
+#ifdef __linux__
 #define HAVE_ABSTRACT_SOCKETS
 #endif
 
@@ -1956,12 +1956,6 @@ TRANS(SocketUNIXConnect) (XtransConnInfo
     struct sockaddr_un	sockname;
     SOCKLEN_T		namelen;
 
-
-    int abstract = 0;
-#ifdef HAVE_ABSTRACT_SOCKETS
-    abstract = ciptr->transptr->flags & TRANS_ABSTRACT;
-#endif
-
     prmsg (2,"SocketUNIXConnect(%d,%s,%s)\n", ciptr->fd, host, port);
 
     /*
@@ -1997,7 +1991,7 @@ TRANS(SocketUNIXConnect) (XtransConnInfo
 
     sockname.sun_family = AF_UNIX;
 
-    if (set_sun_path(port, UNIX_PATH, sockname.sun_path, abstract) != 0) {
+    if (set_sun_path(port, UNIX_PATH, sockname.sun_path, 0) != 0) {
 	prmsg (1, "SocketUNIXConnect: path too long\n");
 	return TRANS_CONNECT_FAILED;
     }
@@ -2013,16 +2007,6 @@ TRANS(SocketUNIXConnect) (XtransConnInfo
 #endif
 
 
-
-    /*
-     * Adjust the socket path if using abstract sockets.
-     * Done here because otherwise all the strlen() calls above would fail.
-     */
-
-    if (abstract) {
-	sockname.sun_path[0] = '\0';
-    }
-
     /*
      * Do the connect()
      */
@@ -2056,15 +2040,7 @@ TRANS(SocketUNIXConnect) (XtransConnInfo
 		return TRANS_IN_PROGRESS;
 	    else if (olderrno == EINTR)
 		return TRANS_TRY_CONNECT_AGAIN;
-	    else if (olderrno == ENOENT || olderrno == ECONNREFUSED) {
-		/* If opening as abstract socket failed, try again normally */
-		if (abstract) {
-		    ciptr->transptr->flags &= ~(TRANS_ABSTRACT);
-		    return TRANS_TRY_CONNECT_AGAIN;
-		} else {
-		    return TRANS_CONNECT_FAILED;
-		}
-	    } else {
+	    else {
 		prmsg (2,"SocketUNIXConnect: Can't connect: errno = %d\n",
 		       EGET());
 
@@ -2086,9 +2062,6 @@ TRANS(SocketUNIXConnect) (XtransConnInfo
         return TRANS_CONNECT_FAILED;
     }
 
-    if (abstract)
-	sockname.sun_path[0] = '@';
-
     ciptr->family = AF_UNIX;
     ciptr->addrlen = namelen;
     ciptr->peeraddrlen = namelen;

Places

File U_Remove-client-side-abstract-socket-support.patch of Package xtrans

Places