--- /dev/null
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/g10/status.c 2004-07-21 09:59:45.000000000 +0200
++++ gnupg-1.2.5/g10/status.c 2004-08-01 20:07:42.071690680 +0200
+@@ -346,6 +346,9 @@
+ {
+ char buf[100];
+ struct shmid_ds shmds;
++#ifdef USE_CAPABILITIES
++ cap_t caps;
++#endif
+
+ #ifndef IPC_RMID_DEFERRED_RELEASE
+ atexit( remove_shmid );
+@@ -371,7 +374,9 @@
+ (unsigned)shm_size/1024, shm_area, shm_id );
+ if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+- cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++ caps = cap_from_text("cap_ipc_lock=ep");
++ cap_set_proc( caps );
++ cap_free( caps );
+ #endif
+ /* (need the cast for Solaris with Sun's workshop compilers) */
+ if ( mlock ( (char*)shm_area, shm_size) )
+@@ -380,7 +385,9 @@
+ else
+ shm_is_locked = 1;
+ #ifdef USE_CAPABILITIES
+- cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++ caps = cap_from_text("cap_ipc_lock=p");
++ cap_set_proc( caps );
++ cap_free( caps );
+ #endif
+ }
+
+@@ -407,7 +414,9 @@
+
+ if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+- cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++ caps = cap_from_text("cap_ipc_lock=ep");
++ cap_set_proc( caps );
++ cap_free( caps );
+ #endif
+ #ifdef IPC_HAVE_SHM_LOCK
+ if ( shmctl (shm_id, SHM_LOCK, 0) )
+@@ -419,7 +428,9 @@
+ log_info("Locking shared memory %d failed: No way to do it\n", shm_id );
+ #endif
+ #ifdef USE_CAPABILITIES
+- cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++ caps = cap_from_text("cap_ipc_lock=p");
++ cap_set_proc( caps );
++ cap_free( caps );
+ #endif
+ }
+
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/util/secmem.c 2004-02-24 17:06:58.000000000 +0100
++++ gnupg-1.2.5/util/secmem.c 2004-08-01 20:08:10.873412378 +0200
+@@ -97,12 +97,18 @@
+ {
+ #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
+ int err;
++ cap_t caps;
++
++ caps = cap_from_text("cap_ipc_lock=ep");
++ cap_set_proc( caps );
++ cap_free( caps );
+
+- cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+ err = mlock( p, n );
+ if( err && errno )
+ err = errno;
+- cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++ caps = cap_from_text("cap_ipc_lock=p");
++ cap_set_proc( caps );
++ cap_free( caps );
+
+ if( err ) {
+ if( errno != EPERM
+@@ -301,8 +307,12 @@
+ if( !n ) {
+ #ifndef __riscos__
+ #ifdef USE_CAPABILITIES
++ cap_t caps;
++
+ /* drop all capabilities */
+- cap_set_proc( cap_from_text("all-eip") );
++ caps = cap_from_text("all-eip");
++ cap_set_proc( caps );
++ cap_free( caps );
+
+ #elif !defined(HAVE_DOSISH_SYSTEM)
+ uid_t uid;
--- /dev/null
+--- gnupg-1.4.0/g10/g10.c 2004-12-16 09:47:36.000000000 +0000
++++ /tmp/dpep.O5S02c/gnupg-1.4.0/g10/g10.c 2005-02-03 23:31:40.645873299 +0000
+@@ -69,6 +69,11 @@
+ #endif
+
+
++#ifdef USE_CAPABILITIES
++#include <sys/capability.h>
++#include <sys/prctl.h>
++#endif
++
+ enum cmd_and_opt_values
+ {
+ aNull = 0,
+@@ -1618,6 +1623,10 @@
+ #ifdef USE_SHM_COPROCESSING
+ ulong requested_shm_size=0;
+ #endif
++#ifdef USE_CAPABILITIES
++ uid_t curr_uid;
++ cap_t caps;
++#endif
+
+ #ifdef __riscos__
+ opt.lock_once = 1;
+@@ -1629,6 +1638,33 @@
+ * when adding any stuff between here and the call to
+ * secmem_init() somewhere after the option parsing
+ */
++
++ /* if we use capabilities and run as root, we can immediately setuid back
++ * to the normal user and only keep CAP_IPC_LOCK until the shared memory is
++ * set up.
++ */
++#ifdef USE_CAPABILITIES
++ curr_uid = getuid();
++ if( curr_uid && !geteuid() ) { /* we are setuid root */
++ if( prctl( PR_SET_KEEPCAPS, 1, 0, 0, 0 ) ) {
++ perror( "main(): could not keep capabilities" );
++ return -100;
++ }
++
++ if( setuid( curr_uid ) ) {
++ perror( "main(): could not set user id" );
++ return -100;
++ }
++
++ caps = cap_from_text( "cap_ipc_lock=p" );
++ if( cap_set_proc( caps ) ) {
++ perror( "main(): could not install capabilities" );
++ return -100;
++ }
++ cap_free( caps );
++ }
++#endif
++
+ log_set_name("gpg");
+ secure_random_alloc(); /* put random number into secure memory */
+ may_coredump = disable_core_dumps();
+@@ -1747,7 +1783,7 @@
+ }
+ #endif
+ /* initialize the secure memory. */
+- got_secmem=secmem_init( 32768 );
++ got_secmem=secmem_init( 32768 ); /* this will drop all remaining privileges */
+ maybe_setuid = 0;
+ /* Okay, we are now working under our real uid */
+
--- /dev/null
+diff -urNad gnupg-1.4.2~/mpi/mpicoder.c gnupg-1.4.2/mpi/mpicoder.c
+--- gnupg-1.4.2~/mpi/mpicoder.c 2005-05-31 06:30:05.000000000 +0000
++++ gnupg-1.4.2/mpi/mpicoder.c 2005-09-29 00:52:19.000000000 +0000
+@@ -80,16 +80,20 @@
+ mpi_limb_t a;
+ MPI val = MPI_NULL;
+
++ if (nread == nmax)
++ goto overflow;
+ if( (c = iobuf_get(inp)) == -1 )
+ goto leave;
+- if (++nread >= nmax)
+- goto overflow;
++ nread++;
+ nbits = c << 8;
++
++ if (nread == nmax)
++ goto overflow;
+ if( (c = iobuf_get(inp)) == -1 )
+ goto leave;
+- if (++nread >= nmax)
+- goto overflow;
++ nread++;
+ nbits |= c;
++
+ if( nbits > MAX_EXTERN_MPI_BITS ) {
+ log_error("mpi too large for this implementation (%u bits)\n", nbits);
+ goto leave;
+@@ -112,7 +116,7 @@
+ for( ; j > 0; j-- ) {
+ a = 0;
+ for(; i < BYTES_PER_MPI_LIMB; i++ ) {
+- if (nread >= nmax) {
++ if (nread == nmax) {
+ #ifdef M_DEBUG
+ mpi_debug_free (val);
+ #else
--- /dev/null
+include gnupg.inc
+
+DEPENDS += "readline"
+EXTRA_OECONF += "--with-readline=${STAGING_LIBDIR}/.."
+# --without-readline do not support fancy command line editing
+
+SRC_URI += "file://15_free_caps.patch;patch=1 \
+ file://16_min_privileges.patch;patch=1 \
+ file://22_zero_length_mpi_fix.patch;patch=1 "
+
+S = "${WORKDIR}/gnupg-${PV}"
projects / vuplus_openembedded / commitdiff