From d9c819ab0177f1f5bfc37b94dfcbac0f8223652e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 31 2020 09:34:11 +0000 Subject: import bluez-5.44-6.el7 --- diff --git a/SOURCES/0001-core-Add-AlwaysPairable-to-main.conf.patch b/SOURCES/0001-core-Add-AlwaysPairable-to-main.conf.patch new file mode 100644 index 0000000..affa8d8 --- /dev/null +++ b/SOURCES/0001-core-Add-AlwaysPairable-to-main.conf.patch @@ -0,0 +1,145 @@ +From 370c254b22b98787b38732f47cf499f7a57289e2 Mon Sep 17 00:00:00 2001 +From: Gopal Tiwari +Date: Tue, 23 Jul 2019 18:04:27 +0530 +Subject: [PATCH BlueZ 1/2] core: Add AlwaysPairable to main.conf + +commit 1880b299086659844889cdaf687133aca5eaf102 +Author: Luiz Augusto von Dentz +Date: Fri Jul 27 11:14:04 2018 +0300 + + core: Add AlwaysPairable to main.conf + + This adds a new option called AlwaysPairable to main.conf, it can be + used to enable Adapter.Pairable even in case there is no Agent + available. + + Since that could be consider a security problem to allow pairing + without user's consent the option defaults to false. + +Signed-off-by: Gopal Tiwari +--- + src/adapter.c | 16 +++++++++++++++- + src/agent.h | 7 +++++++ + src/device.c | 2 -- + src/hcid.h | 1 + + src/main.c | 10 ++++++++++ + src/main.conf | 5 +++++ + 6 files changed, 38 insertions(+), 3 deletions(-) + +diff --git a/src/adapter.c b/src/adapter.c +index 3dac7d649..d412bc58e 100644 +--- a/src/adapter.c ++++ b/src/adapter.c +@@ -7334,6 +7334,19 @@ int adapter_set_io_capability(struct btd_adapter *adapter, uint8_t io_cap) + { + struct mgmt_cp_set_io_capability cp; + ++ if (!main_opts.pairable) { ++ if (io_cap == IO_CAPABILITY_INVALID) { ++ if (adapter->current_settings & MGMT_SETTING_BONDABLE) ++ set_mode(adapter, MGMT_OP_SET_BONDABLE, 0x00); ++ ++ return 0; ++ } ++ ++ if (!(adapter->current_settings & MGMT_SETTING_BONDABLE)) ++ set_mode(adapter, MGMT_OP_SET_BONDABLE, 0x01); ++ } else if (io_cap == IO_CAPABILITY_INVALID) ++ io_cap = IO_CAPABILITY_NOINPUTNOOUTPUT; ++ + memset(&cp, 0, sizeof(cp)); + cp.io_capability = io_cap; + +@@ -8259,7 +8272,8 @@ static void read_info_complete(uint8_t status, uint16_t length, + + set_name(adapter, btd_adapter_get_name(adapter)); + +- if (!(adapter->current_settings & MGMT_SETTING_BONDABLE)) ++ if (main_opts.pairable && ++ !(adapter->current_settings & MGMT_SETTING_BONDABLE)) + set_mode(adapter, MGMT_OP_SET_BONDABLE, 0x01); + + if (!kernel_conn_control) +diff --git a/src/agent.h b/src/agent.h +index 1e4692036..f14d14325 100644 +--- a/src/agent.h ++++ b/src/agent.h +@@ -22,6 +22,13 @@ + * + */ + ++#define IO_CAPABILITY_DISPLAYONLY 0x00 ++#define IO_CAPABILITY_DISPLAYYESNO 0x01 ++#define IO_CAPABILITY_KEYBOARDONLY 0x02 ++#define IO_CAPABILITY_NOINPUTNOOUTPUT 0x03 ++#define IO_CAPABILITY_KEYBOARDDISPLAY 0x04 ++#define IO_CAPABILITY_INVALID 0xFF ++ + struct agent; + + typedef void (*agent_cb) (struct agent *agent, DBusError *err, +diff --git a/src/device.c b/src/device.c +index 8693eb826..43cd758d4 100644 +--- a/src/device.c ++++ b/src/device.c +@@ -75,8 +75,6 @@ + #include "attrib-server.h" + #include "eir.h" + +-#define IO_CAPABILITY_NOINPUTNOOUTPUT 0x03 +- + #define DISCONNECT_TIMER 2 + #define DISCOVERY_TIMER 1 + #define INVALID_FLAGS 0xff +diff --git a/src/hcid.h b/src/hcid.h +index 0b785ee9b..335ddeabf 100644 +--- a/src/hcid.h ++++ b/src/hcid.h +@@ -32,6 +32,7 @@ typedef enum { + struct main_opts { + char *name; + uint32_t class; ++ gboolean pairable; + uint16_t autoto; + uint32_t pairto; + uint32_t discovto; +diff --git a/src/main.c b/src/main.c +index bcc1e6fae..2d03ed459 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -236,6 +236,16 @@ static void parse_config(GKeyFile *config) + main_opts.discovto = val; + } + ++ boolean = g_key_file_get_boolean(config, "General", ++ "AlwaysPairable", &err); ++ if (err) { ++ DBG("%s", err->message); ++ g_clear_error(&err); ++ } else { ++ DBG("pairable=%s", boolean ? "true" : "false"); ++ main_opts.pairable = boolean; ++ } ++ + val = g_key_file_get_integer(config, "General", + "PairableTimeout", &err); + if (err) { +diff --git a/src/main.conf b/src/main.conf +index a6492761b..c1ae35f11 100644 +--- a/src/main.conf ++++ b/src/main.conf +@@ -13,6 +13,11 @@ + # 0 = disable timer, i.e. stay discoverable forever + #DiscoverableTimeout = 0 + ++# Always allow pairing even if there are no agent registered ++# Possible values: true, false ++# Default: false ++#AlwaysPairable = false ++ + # How long to stay in pairable mode before going back to non-discoverable + # The value is in seconds. Default is 0. + # 0 = disable timer, i.e. stay pairable forever +-- +2.17.2 + diff --git a/SOURCES/0002-agent-Make-the-first-agent-to-register-the-default.patch b/SOURCES/0002-agent-Make-the-first-agent-to-register-the-default.patch new file mode 100644 index 0000000..c7adba4 --- /dev/null +++ b/SOURCES/0002-agent-Make-the-first-agent-to-register-the-default.patch @@ -0,0 +1,63 @@ +From 15bcb7be08286c6c59044b4201ad1408dbe93a7e Mon Sep 17 00:00:00 2001 +From: Gopal Tiwari +Date: Tue, 23 Jul 2019 18:12:20 +0530 +Subject: [PATCH BlueZ 2/2] agent: Make the first agent to register the + default + +commit 9213ff7642a33aa481e3c61989ad60f7985b9984 +Author: Luiz Augusto von Dentz +Date: Fri Jul 27 11:01:04 2018 +0300 + + agent: Make the first agent to register the default + + This simplifies the handling of default agent and enforce the IO + capabilities to be set whenever there is an agent available in the + system. + +Signed-off-by: Gopal Tiwari +--- + src/agent.c | 14 ++++++-------- + 1 file changed, 6 insertions(+), 8 deletions(-) + +diff --git a/src/agent.c b/src/agent.c +index ff44d5755..183e2f190 100644 +--- a/src/agent.c ++++ b/src/agent.c +@@ -50,13 +50,6 @@ + #include "agent.h" + #include "shared/queue.h" + +-#define IO_CAPABILITY_DISPLAYONLY 0x00 +-#define IO_CAPABILITY_DISPLAYYESNO 0x01 +-#define IO_CAPABILITY_KEYBOARDONLY 0x02 +-#define IO_CAPABILITY_NOINPUTNOOUTPUT 0x03 +-#define IO_CAPABILITY_KEYBOARDDISPLAY 0x04 +-#define IO_CAPABILITY_INVALID 0xFF +- + #define REQUEST_TIMEOUT (60 * 1000) /* 60 seconds */ + #define AGENT_INTERFACE "org.bluez.Agent1" + +@@ -150,7 +143,7 @@ static void set_io_cap(struct btd_adapter *adapter, gpointer user_data) + if (agent) + io_cap = agent->capability; + else +- io_cap = IO_CAPABILITY_NOINPUTNOOUTPUT; ++ io_cap = IO_CAPABILITY_INVALID; + + adapter_set_io_capability(adapter, io_cap); + } +@@ -294,6 +287,11 @@ static struct agent *agent_create( const char *name, const char *path, + name, agent_disconnect, + agent, NULL); + ++ if (queue_isempty(default_agents)) ++ add_default_agent(agent); ++ else ++ queue_push_tail(default_agents, agent); ++ + return agent_ref(agent); + } + +-- +2.17.2 + diff --git a/SPECS/bluez.spec b/SPECS/bluez.spec index 62f6723..33158b8 100644 --- a/SPECS/bluez.spec +++ b/SPECS/bluez.spec @@ -1,7 +1,7 @@ Summary: Bluetooth utilities Name: bluez Version: 5.44 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Group: Applications/System URL: http://www.bluez.org/ @@ -20,6 +20,9 @@ Patch8: 0001-Out-of-bounds-heap-read-in-service_search_attr_req-f.patch #Upstream Patch9: 0001-device-Fix-crashing-when-connecting-ATT-over-BR-EDR.patch Patch10: 0002-device-Fix-crash-when-connecting-ATT-with-BR-EDR-onl.patch +Patch11: 0001-core-Add-AlwaysPairable-to-main.conf.patch +Patch12: 0002-agent-Make-the-first-agent-to-register-the-default.patch + %global _hardened_build 1 BuildRequires: git @@ -255,6 +258,10 @@ sed -i 's/#\[Policy\]$/\[Policy\]/; s/#AutoEnable=false/AutoEnable=false/' ${RPM %changelog +* Wed Jul 24 2019 Gopal Tiwari 5.44-6 +- fixing CVE-2018-10910. +Resolves: #1609340 + * Thu Apr 25 2019 Gopal Tiwari 5.44-5 - fixing crash with SIGSEGV when pairing with headset Resolves: #1667100