networkmanager: Fix build with hardening

Drop using xlocale.h Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
author: Khem Raj <raj.khem@gmail.com> 2017-06-27 19:08:08 -0700
committer: Martin Jansa <Martin.Jansa@gmail.com> 2017-07-01 09:59:26 +0200
commit: 9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f (patch)
tree: 4e8a29efa32105683dffde996ad743ef266606e3 /meta-oe/recipes-connectivity/networkmanager
parent: c0d763a6e604647f6dad25119eed5820195c2280 (diff)
download: meta-openembedded-9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f.tar.gz
3 files changed, 98 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
new file mode 100644
index 000000000..4234e2be2
--- /dev/null
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
@@ -0,0 +1,29 @@
+From a9bfe6f2029d75caf28fcdf3e740843cf6359615 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 27 Jun 2017 07:31:25 -0700
+Subject: [PATCH 1/2] systemd: xlocale.h is dropped by newer glibc
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/systemd/src/basic/parse-util.c | 4 ----
+ 1 file changed, 4 deletions(-)
+diff --git a/src/systemd/src/basic/parse-util.c b/src/systemd/src/basic/parse-util.c
+index 9c21e5a..dd95d1f 100644
+--- a/src/systemd/src/basic/parse-util.c
+++ b/src/systemd/src/basic/parse-util.c
+@@ -25,11 +25,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#ifdef __GLIBC__
+-#include <xlocale.h>
+-#else
+ #include <locale.h>
+-#endif
+ #include "alloc-util.h"
+ #include "extract-word.h"
+ #include "macro.h"
+-- 
+2.13.2
diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch
new file mode 100644
index 000000000..e32b5c00d
--- /dev/null
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch
@@ -0,0 +1,67 @@
+From adc0668b854289a11cfc29597b5566ba1869d17e Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 27 Jun 2017 07:32:09 -0700
+Subject: [PATCH 2/2] user format string in g_dbus_message_new_method_error ()
+This fixes format errors with -Werror=format-security
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/nm-manager.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/src/nm-manager.c b/src/nm-manager.c
+index c3d65cd..e814912 100644
+--- a/src/nm-manager.c
+++ b/src/nm-manager.c
+@@ -4871,6 +4871,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+        if (error || (result != NM_AUTH_CALL_RESULT_YES)) {
+                reply = g_dbus_message_new_method_error (pfd->message,
+                                                         NM_PERM_DENIED_ERROR,
+                                                        "%s",
+                                                         (error_message = "Not authorized to perform this operation"));
+                if (error)
+                        error_message = error->message;
+@@ -4882,6 +4883,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+        if (!object) {
+                reply = g_dbus_message_new_method_error (pfd->message,
+                                                         "org.freedesktop.DBus.Error.UnknownObject",
+                                                        "%s",
+                                                         (error_message = "Object doesn't exist."));
+                goto done;
+        }
+@@ -4890,6 +4892,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+        if (!nm_exported_object_get_interface_by_type (object, pfd->interface_type)) {
+                reply = g_dbus_message_new_method_error (pfd->message,
+                                                         "org.freedesktop.DBus.Error.InvalidArgs",
+                                                        "%s",
+                                                         (error_message = "Object is of unexpected type."));
+                goto done;
+        }
+@@ -4905,6 +4908,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+                if (global_dns && !nm_global_dns_config_is_internal (global_dns)) {
+                        reply = g_dbus_message_new_method_error (pfd->message,
+                                                                 NM_PERM_DENIED_ERROR,
+                                                                "%s",
+                                                                 (error_message = "Global DNS configuration already set via configuration file"));
+                        goto done;
+                }
+@@ -4949,6 +4953,7 @@ do_set_property_check (gpointer user_data)
+        if (!pfd->subject) {
+                reply = g_dbus_message_new_method_error (pfd->message,
+                                                         NM_PERM_DENIED_ERROR,
+                                                        "%s",
+                                                         (error_message = "Could not determine request UID."));
+                goto out;
+        }
+@@ -4958,6 +4963,7 @@ do_set_property_check (gpointer user_data)
+        if (!chain) {
+                reply = g_dbus_message_new_method_error (pfd->message,
+                                                         NM_PERM_DENIED_ERROR,
+                                                        "%s",
+                                                         (error_message = "Could not authenticate request."));
+                goto out;
+        }
+-- 
+2.13.2
diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
index 0de4383fb..e7dd4ef31 100644
--- a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
@@ -34,6 +34,8 @@ SRC_URI = "${GNOME_MIRROR}/NetworkManager/${@gnome_verdir("${PV}")}/NetworkManag
           file://0001-check-for-strndupa-before-using-it.patch \
           file://0001-dns-resolved-add-systemd-resolved-backend.patch \
           file://0001-dns-resolved-also-check-for-etc-resolv-conf.systemd.patch \
+           file://0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch \
+           file://0002-user-format-string-in-g_dbus_message_new_method_erro.patch \
           "
 SRC_URI[md5sum] = "63f1e0d6d7e9099499d062c84c927a75"
 SRC_URI[sha256sum] = "829378f318cc008d138a23ca6a9191928ce75344e7e47a2f2c35f4ac82133309"
author	Khem Raj <raj.khem@gmail.com>	2017-06-27 19:08:08 -0700
committer	Martin Jansa <Martin.Jansa@gmail.com>	2017-07-01 09:59:26 +0200
commit	9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f (patch)
tree	4e8a29efa32105683dffde996ad743ef266606e3 /meta-oe/recipes-connectivity/networkmanager
parent	c0d763a6e604647f6dad25119eed5820195c2280 (diff)
download	meta-openembedded-9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f.tar.gz

diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch new file mode 100644 index 000000000..4234e2be2 --- /dev/null +++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
@@ -0,0 +1,29 @@
		1	From a9bfe6f2029d75caf28fcdf3e740843cf6359615 Mon Sep 17 00:00:00 2001
		2	From: Khem Raj <raj.khem@gmail.com>
		3	Date: Tue, 27 Jun 2017 07:31:25 -0700
		4	Subject: [PATCH 1/2] systemd: xlocale.h is dropped by newer glibc
		5
		6	Signed-off-by: Khem Raj <raj.khem@gmail.com>
		7	---
		8	src/systemd/src/basic/parse-util.c \| 4 ----
		9	1 file changed, 4 deletions(-)
		10
		11	diff --git a/src/systemd/src/basic/parse-util.c b/src/systemd/src/basic/parse-util.c
		12	index 9c21e5a..dd95d1f 100644
		13	--- a/src/systemd/src/basic/parse-util.c
		14	+++ b/src/systemd/src/basic/parse-util.c
		15	@@ -25,11 +25,7 @@
		16	#include <stdio.h>
		17	#include <stdlib.h>
		18	#include <string.h>
		19	-#ifdef __GLIBC__
		20	-#include <xlocale.h>
		21	-#else
		22	#include <locale.h>
		23	-#endif
		24	#include "alloc-util.h"
		25	#include "extract-word.h"
		26	#include "macro.h"
		27	--
		28	2.13.2
		29


diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch new file mode 100644 index 000000000..e32b5c00d --- /dev/null +++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch
@@ -0,0 +1,67 @@
		1	From adc0668b854289a11cfc29597b5566ba1869d17e Mon Sep 17 00:00:00 2001
		2	From: Khem Raj <raj.khem@gmail.com>
		3	Date: Tue, 27 Jun 2017 07:32:09 -0700
		4	Subject: [PATCH 2/2] user format string in g_dbus_message_new_method_error ()
		5
		6	This fixes format errors with -Werror=format-security
		7
		8	Signed-off-by: Khem Raj <raj.khem@gmail.com>
		9	---
		10	src/nm-manager.c \| 6 ++++++
		11	1 file changed, 6 insertions(+)
		12
		13	diff --git a/src/nm-manager.c b/src/nm-manager.c
		14	index c3d65cd..e814912 100644
		15	--- a/src/nm-manager.c
		16	+++ b/src/nm-manager.c
		17	@@ -4871,6 +4871,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
		18	if (error \|\| (result != NM_AUTH_CALL_RESULT_YES)) {
		19	reply = g_dbus_message_new_method_error (pfd->message,
		20	NM_PERM_DENIED_ERROR,
		21	+ "%s",
		22	(error_message = "Not authorized to perform this operation"));
		23	if (error)
		24	error_message = error->message;
		25	@@ -4882,6 +4883,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
		26	if (!object) {
		27	reply = g_dbus_message_new_method_error (pfd->message,
		28	"org.freedesktop.DBus.Error.UnknownObject",
		29	+ "%s",
		30	(error_message = "Object doesn't exist."));
		31	goto done;
		32	}
		33	@@ -4890,6 +4892,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
		34	if (!nm_exported_object_get_interface_by_type (object, pfd->interface_type)) {
		35	reply = g_dbus_message_new_method_error (pfd->message,
		36	"org.freedesktop.DBus.Error.InvalidArgs",
		37	+ "%s",
		38	(error_message = "Object is of unexpected type."));
		39	goto done;
		40	}
		41	@@ -4905,6 +4908,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
		42	if (global_dns && !nm_global_dns_config_is_internal (global_dns)) {
		43	reply = g_dbus_message_new_method_error (pfd->message,
		44	NM_PERM_DENIED_ERROR,
		45	+ "%s",
		46	(error_message = "Global DNS configuration already set via configuration file"));
		47	goto done;
		48	}
		49	@@ -4949,6 +4953,7 @@ do_set_property_check (gpointer user_data)
		50	if (!pfd->subject) {
		51	reply = g_dbus_message_new_method_error (pfd->message,
		52	NM_PERM_DENIED_ERROR,
		53	+ "%s",
		54	(error_message = "Could not determine request UID."));
		55	goto out;
		56	}
		57	@@ -4958,6 +4963,7 @@ do_set_property_check (gpointer user_data)
		58	if (!chain) {
		59	reply = g_dbus_message_new_method_error (pfd->message,
		60	NM_PERM_DENIED_ERROR,
		61	+ "%s",
		62	(error_message = "Could not authenticate request."));
		63	goto out;
		64	}
		65	--
		66	2.13.2
		67


diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb index 0de4383fb..e7dd4ef31 100644 --- a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb +++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
@@ -34,6 +34,8 @@ SRC_URI = "${GNOME_MIRROR}/NetworkManager/${@gnome_verdir("${PV}")}/NetworkManag
34	file://0001-check-for-strndupa-before-using-it.patch \	34	file://0001-check-for-strndupa-before-using-it.patch \
35	file://0001-dns-resolved-add-systemd-resolved-backend.patch \	35	file://0001-dns-resolved-add-systemd-resolved-backend.patch \
36	file://0001-dns-resolved-also-check-for-etc-resolv-conf.systemd.patch \	36	file://0001-dns-resolved-also-check-for-etc-resolv-conf.systemd.patch \
		37	file://0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch \
		38	file://0002-user-format-string-in-g_dbus_message_new_method_erro.patch \
37	"	39	"
38	SRC_URI[md5sum] = "63f1e0d6d7e9099499d062c84c927a75"	40	SRC_URI[md5sum] = "63f1e0d6d7e9099499d062c84c927a75"
39	SRC_URI[sha256sum] = "829378f318cc008d138a23ca6a9191928ce75344e7e47a2f2c35f4ac82133309"	41	SRC_URI[sha256sum] = "829378f318cc008d138a23ca6a9191928ce75344e7e47a2f2c35f4ac82133309"