diff --git a/SOURCES/0001-Check-if-we-are-on-tty-before-initializing-curses.patch b/SOURCES/0001-Check-if-we-are-on-tty-before-initializing-curses.patch new file mode 100644 index 0000000..509b48f --- /dev/null +++ b/SOURCES/0001-Check-if-we-are-on-tty-before-initializing-curses.patch @@ -0,0 +1,39 @@ +From a3a81549ffb787410a694b6e29de6638588eaf88 Mon Sep 17 00:00:00 2001 +From: Stanislav Ochotnicky +Date: Fri, 14 Feb 2014 12:58:38 +0100 +Subject: [PATCH] Check if we are on tty before initializing curses. + +* pinentry/pinentry-curses.c (dialog_run): Check stant stdin and stout +are connected to ttys. + +-- + +When we did not have a ttyname we just used stdin/out without checking +if it's a proper TTY or a pipe. In some cases this can cause endless +loop or escape seqeunces on the terminal. + +This commit changes behaviour so that if stdin/out is not tty and no +ttyname is specified we error-out with errno set to ENOTTY +--- + pinentry/pinentry-curses.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/pinentry/pinentry-curses.c b/pinentry/pinentry-curses.c +index 585059f..5482c15 100644 +--- a/pinentry/pinentry-curses.c ++++ b/pinentry/pinentry-curses.c +@@ -746,6 +746,11 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) + { + if (!init_screen) + { ++ if (!(isatty(fileno(stdin)) && isatty(fileno(stdout)))) ++ { ++ errno = ENOTTY; ++ return -1; ++ } + init_screen = 1; + initscr (); + } +-- +2.5.0 + diff --git a/SOURCES/pinentry-wrapper b/SOURCES/pinentry-wrapper index d4644b7..281bc6b 100644 --- a/SOURCES/pinentry-wrapper +++ b/SOURCES/pinentry-wrapper @@ -2,78 +2,81 @@ # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2009 Fedora Project +# Copyright (c) 2014 Red Hat # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugzilla.redhat.com/ # # Anna Bernathova 2006 # Pavel Nemec 2006 # Rex Dieter 2009 +# Pavol Rusnak 2009 +# Boris Ranto 2014 # -# use proper binary (pinentry-qt, pinentry-gtk-2 or pinentry-curses) - -if [ -z "$PINENTRY_BINARY" ]; then +# use proper binary (pinentry-qt4, pinentry-qt, pinentry-gtk-2 or pinentry-curses) kde_running= -if [ -n "$KDE_FULL_SESSION" ]; then +arg= +display= +# look for a --display option +for opt in "$@"; do + if [ "$opt" = "--display" ]; then + arg=1 + elif [ -n "$arg" ]; then + display="$opt" + else + arg= + fi +done + +# export DISPLAY if pinentry is meant to be run on a different display +# check the KDE_FULL_SESSION variable otherwise +if [ -n "$display" -a "$DISPLAY" != "$display" ]; then + export DISPLAY="$display" +elif [ -n "$KDE_FULL_SESSION" ]; then kde_running=1 -elif [ -n "$DISPLAY" ]; then + kde_ver="$KDE_SESSION_VERSION" +fi + +# Check for presence of xprop binary +type xprop >/dev/null 2>/dev/null +XPROP=$? + +if [ -n "$DISPLAY" -a $XPROP -eq 0 ]; then xprop -root | grep "^KDE_FULL_SESSION" >/dev/null 2>/dev/null if test $? -eq 0; then kde_running=1 - fi -else - arg= - display= - for opt in "$@"; do - if [ "$opt" = "--display" ]; then - arg=1 - elif [ -n "$arg" ]; then - display="$opt" - else - arg= - fi - done - if [ -n "$display" ]; then - DISPLAY="$display" xprop -root | grep "^KDE_FULL_SESSION" >/dev/null 2>/dev/null - if test $? -eq 0; then - kde_running=1 - fi + kde_ver="`xprop -root | sed -n 's/KDE_SESSION_VERSION(CARDINAL) = //p'`" 2>/dev/null fi fi +# if a user supplied a pinentry binary, use it +if [ -n "$PINENTRY_BINARY" ]; +then + export PINENTRY_BINARY="$PINENTRY_BINARY" +# if KDE is detected and pinentry-qt4 exists, use pinentry-qt4 +elif [ -n "$kde_running" -a "$kde_ver"x = 4x -a -x /usr/bin/pinentry-qt4 ] +then + export PINENTRY_BINARY="/usr/bin/pinentry-qt4" # if KDE is detected and pinentry-qt exists, use pinentry-qt -if [ -n "$kde_running" -a -x /usr/bin/pinentry-qt ] +elif [ -n "$kde_running" -a -x /usr/bin/pinentry-qt ] then export PINENTRY_BINARY="/usr/bin/pinentry-qt" # otherwise test if pinentry-gtk-2 is installed -elif [ -x /usr/bin/pinentry-gtk-2 ] +elif [ -n "$DISPLAY" -a -x /usr/bin/pinentry-gtk-2 ] then export PINENTRY_BINARY="/usr/bin/pinentry-gtk-2" -# otherwise test if pinentry-qt4 is installed -elif [ -x /usr/bin/pinentry-qt4 ] +# otherwise test if pinentry-qt4 exists although KDE is not detected +elif [ -n "$DISPLAY" -a -x /usr/bin/pinentry-qt4 ] then - export PINENTRY_BINARY="/usr/bin/pinentry-qt4" + export PINENTRY_BINARY="/usr/bin/pinentry-qt4" # otherwise test if pinentry-qt exists although KDE is not detected -elif [ -x /usr/bin/pinentry-qt ] +elif [ -n "$DISPLAY" -a -x /usr/bin/pinentry-qt ] then export PINENTRY_BINARY="/usr/bin/pinentry-qt" -# pinentry-curses is installed by default, test if we're in a terminal -elif [ -t 2 ] -then - export PINENTRY_BINARY="/usr/bin/pinentry-curses" +# pinentry-curses is installed by default else - #test if gui binary is required - for opt in "$@"; do - if [ "x$opt" = "x--display" ]; then - # should not happen because of package dependencies - echo "Please install pinentry-gui" >&2 - exit 1 - fi - done - export PINENTRY_BINARY="/usr/bin/pinentry-curses" -fi + export PINENTRY_BINARY="/usr/bin/pinentry-curses" fi - exec $PINENTRY_BINARY "$@" diff --git a/SPECS/pinentry.spec b/SPECS/pinentry.spec index 2383cc5..4da5afb 100644 --- a/SPECS/pinentry.spec +++ b/SPECS/pinentry.spec @@ -17,7 +17,7 @@ Name: pinentry Version: 0.8.1 -Release: 14%{?dist} +Release: 17%{?dist} Summary: Collection of simple PIN or passphrase entry dialogs Group: Applications/System @@ -36,6 +36,7 @@ Patch53: 0001-Fix-qt4-pinentry-window-created-in-the-background.patch ## Backported patches Patch200: 0001-Add-wide-char-support-to-pinentry-curses.patch +Patch201: 0001-Check-if-we-are-on-tty-before-initializing-curses.patch BuildRequires: gettext-devel BuildRequires: autoconf, automake @@ -110,6 +111,7 @@ Support for Qt4 is new, and a bit experimental. %patch53 -p1 -b .rhbug_589532 %patch200 -p1 +%patch201 -p1 # patch200 changes configure.ac so we need to regenerate ./autogen.sh @@ -204,6 +206,18 @@ fi %changelog +* Thu Mar 17 2016 Boris Ranto - 0.8.1-17 +- actually apply the previous patch in the spec file +- resolves: rhbz#1058972 + +* Fri Feb 19 2016 Boris Ranto - 0.8.1-16 +- curses: detect non-tty environment and exit gracefully +- resolves: rhbz#1058972 + +* Fri Feb 19 2016 Boris Ranto - 0.8.1-15 +- rewrite the pinentry-wrapper shell script to better handle corner cases +- resolves: rhbz#1231229 + * Thu Jan 30 2014 Stanislav Ochotnicky - 0.8.1-14 - Add wide-char support to pinentry-curses - Resolves: rhbz#1059729 @@ -262,10 +276,10 @@ fi * Sun Apr 18 2010 Rex Dieter - 0.7.6-5 - pinentry-gtk -g segfaults on focus change (#520236) -* Wed Sep 13 2009 Rex Dieter - 0.7.6-4 +* Sun Sep 13 2009 Rex Dieter - 0.7.6-4 - Errors installing with --excludedocs (#515925) -* Wed Sep 13 2009 Rex Dieter - 0.7.6-3 +* Sun Sep 13 2009 Rex Dieter - 0.7.6-3 - drop alternatives, use app-wrapper instead (borrowed from opensuse) - -qt4 experimental subpkg, -qt includes qt3 version again (#523488) @@ -328,7 +342,7 @@ fi - Build with dependency tracking disabled. - Clean up obsolete pre-FC2 support. -* Fri Apr 7 2005 Michael Schwendt - 0.7.1-4 +* Thu Apr 7 2005 Michael Schwendt - 0.7.1-4 - rebuilt * Wed Jun 30 2004 Ville Skyttä - 0:0.7.1-0.fdr.3 @@ -352,7 +366,7 @@ fi * Sat Mar 22 2003 Ville Skyttä - 0:0.6.8-0.fdr.1 - Update to current Fedora guidelines. -* Tue Feb 12 2003 Warren Togami 0.6.8-1.fedora.3 +* Wed Feb 12 2003 Warren Togami 0.6.8-1.fedora.3 - info/dir temporary workaround * Sat Feb 8 2003 Ville Skyttä - 0.6.8-1.fedora.1