diff options
Diffstat (limited to 'patches/source/xscreensaver')
-rwxr-xr-x | patches/source/xscreensaver/dump.android.osx.sources.sh | 14 | ||||
-rw-r--r-- | patches/source/xscreensaver/setuid.c | 274 | ||||
-rw-r--r-- | patches/source/xscreensaver/slack-desc | 19 | ||||
-rw-r--r-- | patches/source/xscreensaver/xscreensaver-getimage-file-5.14 | 555 | ||||
-rwxr-xr-x | patches/source/xscreensaver/xscreensaver.SlackBuild | 141 | ||||
-rw-r--r-- | patches/source/xscreensaver/xscreensaver.electricsheep.diff | 20 | ||||
-rw-r--r-- | patches/source/xscreensaver/xscreensaver.no.expiration.date.diff | 29 | ||||
-rw-r--r-- | patches/source/xscreensaver/xscreensaver.setuid.diff | 179 |
8 files changed, 1231 insertions, 0 deletions
diff --git a/patches/source/xscreensaver/dump.android.osx.sources.sh b/patches/source/xscreensaver/dump.android.osx.sources.sh new file mode 100755 index 00000000..3993f510 --- /dev/null +++ b/patches/source/xscreensaver/dump.android.osx.sources.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Repacks the xscreensaver tarball to remove the unneeded OSX sources. + +VERSION=${VERSION:-$(echo xscreensaver-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} + +tar xf xscreensaver-${VERSION}.tar.xz || exit 1 +mv xscreensaver-${VERSION}.tar.xz xscreensaver-${VERSION}.tar.xz.orig +rm -r xscreensaver-${VERSION}/OSX/* +rm -r xscreensaver-${VERSION}/android/* +tar cf xscreensaver-${VERSION}.tar xscreensaver-${VERSION} +rm -r xscreensaver-${VERSION} +xz -9 xscreensaver-${VERSION}.tar +touch -r xscreensaver-${VERSION}.tar.xz.orig xscreensaver-${VERSION}.tar.xz +rm xscreensaver-${VERSION}.tar.xz.orig diff --git a/patches/source/xscreensaver/setuid.c b/patches/source/xscreensaver/setuid.c new file mode 100644 index 00000000..343dcf09 --- /dev/null +++ b/patches/source/xscreensaver/setuid.c @@ -0,0 +1,274 @@ +/* setuid.c --- management of runtime privileges. + * xscreensaver, Copyright (c) 1993-1998 Jamie Zawinski <jwz@jwz.org> + * + * Permission to use, copy, modify, distribute, and sell this software and its + * documentation for any purpose is hereby granted without fee, provided that + * the above copyright notice appear in all copies and that both that + * copyright notice and this permission notice appear in supporting + * documentation. No representations are made about the suitability of this + * software for any purpose. It is provided "as is" without express or + * implied warranty. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <X11/Xlib.h> /* not used for much... */ + +/* This file doesn't need the Xt headers, so stub these types out... */ +#undef XtPointer +#define XtAppContext void* +#define XrmDatabase void* +#define XtIntervalId void* +#define XtPointer void* +#define Widget void* + +#include "xscreensaver.h" + +#ifndef EPERM +#include <errno.h> +#endif + +#include <pwd.h> /* for getpwnam() and struct passwd */ +#include <grp.h> /* for getgrgid() and struct group */ + +static const char * +uid_gid_string (uid_t uid, gid_t gid) +{ + static char buf[255]; + struct passwd *p = 0; + struct group *g = 0; + p = getpwuid (uid); + g = getgrgid (gid); + sprintf (buf, "%s/%s (%ld/%ld)", + (p && p->pw_name ? p->pw_name : "???"), + (g && g->gr_name ? g->gr_name : "???"), + (long) uid, (long) gid); + return buf; +} + + +void +describe_uids (saver_info *si, FILE *out) +{ + uid_t uid = getuid(); + gid_t gid = getgid(); + uid_t euid = geteuid(); + gid_t egid = getegid(); + char *s1 = strdup (uid_gid_string (uid, gid)); + char *s2 = strdup (uid_gid_string (euid, egid)); + + if (si->orig_uid && *si->orig_uid && + (!!strcmp (si->orig_uid, s1) || + !!strcmp (si->orig_uid, s2))) + fprintf (out, "%s: initial effective uid/gid was %s\n", blurb(), + si->orig_uid); + + fprintf (out, "%s: running as %s", blurb(), s1); + if (uid != euid || gid != egid) + fprintf (out, "; effectively %s", s2); + fprintf(out, "\n"); + free(s1); + free(s2); +} + + +static int +set_ids_by_number (uid_t uid, gid_t gid, char **message_ret) +{ + int uid_errno = 0; + int gid_errno = 0; + struct passwd *p = getpwuid (uid); + struct group *g = getgrgid (gid); + + if (message_ret) + *message_ret = 0; + + /* Rumor has it that some implementations of of setuid() do nothing + when called with -1; therefore, if the "nobody" user has a uid of + -1, then that would be Really Bad. Rumor further has it that such + systems really ought to be using -2 for "nobody", since that works. + So, if we get a uid (or gid, for good measure) of -1, switch to -2 + instead. Note that this must be done after we've looked up the + user/group names with getpwuid(-1) and/or getgrgid(-1). + */ + if (gid == (gid_t) -1) gid = (gid_t) -2; + if (uid == (uid_t) -1) uid = (uid_t) -2; + + errno = 0; + if (setgid (gid) != 0) + gid_errno = errno ? errno : -1; + + errno = 0; + if (setuid (uid) != 0) + uid_errno = errno ? errno : -1; + + if (uid_errno == 0 && gid_errno == 0) + { + static char buf [1024]; + sprintf (buf, "changed uid/gid to %s/%s (%ld/%ld).", + (p && p->pw_name ? p->pw_name : "???"), + (g && g->gr_name ? g->gr_name : "???"), + (long) uid, (long) gid); + if (message_ret) + *message_ret = buf; + return 0; + } + else + { + char buf [1024]; + if (gid_errno) + { + sprintf (buf, "%s: couldn't set gid to %s (%ld)", + blurb(), + (g && g->gr_name ? g->gr_name : "???"), + (long) gid); + if (gid_errno == -1) + fprintf(stderr, "%s: unknown error\n", buf); + else + perror(buf); + } + + if (uid_errno) + { + sprintf (buf, "%s: couldn't set uid to %s (%ld)", + blurb(), + (p && p->pw_name ? p->pw_name : "???"), + (long) uid); + if (uid_errno == -1) + fprintf(stderr, "%s: unknown error\n", buf); + else + perror(buf); + } + + return -1; + } +} + + +/* If we've been run as setuid or setgid to someone else (most likely root) + turn off the extra permissions so that random user-specified programs + don't get special privileges. (On some systems it is necessary to install + this program as setuid root in order to read the passwd file to implement + lock-mode.) + + *** WARNING: DO NOT DISABLE ANY OF THE FOLLOWING CODE! + If you do so, you will open a security hole. See the sections + of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", + and "USING XDM". + */ +void +hack_uid (saver_info *si) +{ + + /* Discard privileges, and set the effective user/group ids to the + real user/group ids. That is, give up our "chmod +s" rights. + */ + { + uid_t euid = geteuid(); + gid_t egid = getegid(); + uid_t uid = getuid(); + gid_t gid = getgid(); + + si->orig_uid = strdup (uid_gid_string (euid, egid)); + + if (uid != euid || gid != egid) + if (set_ids_by_number (uid, gid, &si->uid_message) != 0) + saver_exit (si, 1, 0); + } + + + /* Locking can't work when running as root, because we have no way of + knowing what the user id of the logged in user is (so we don't know + whose password to prompt for.) + + *** WARNING: DO NOT DISABLE THIS CODE! + If you do so, you will open a security hole. See the sections + of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", + and "USING XDM". + */ + if (getuid() == (uid_t) 0) + { + si->locking_disabled_p = True; + si->nolock_reason = "running as root"; + } + + + /* If we're running as root, switch to a safer user. This is above and + beyond the fact that we've disabling locking, above -- the theory is + that running graphics demos as root is just always a stupid thing + to do, since they have probably never been security reviewed and are + more likely to be buggy than just about any other kind of program. + (And that assumes non-malicious code. There are also attacks here.) + + *** WARNING: DO NOT DISABLE THIS CODE! + If you do so, you will open a security hole. See the sections + of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", + and "USING XDM". + */ + if (getuid() == (uid_t) 0) + { + struct passwd *p; + + p = getpwnam ("nobody"); + if (! p) p = getpwnam ("noaccess"); + if (! p) p = getpwnam ("daemon"); + if (! p) + { + fprintf (stderr, + "%s: running as root, and couldn't find a safer uid.\n", + blurb()); + saver_exit(si, 1, 0); + } + + if (set_ids_by_number (p->pw_uid, p->pw_gid, &si->uid_message) != 0) + saver_exit (si, -1, 0); + } + + + /* If there's anything even remotely funny looking about the passwd struct, + or if we're running as some other user from the list below (a + non-comprehensive selection of users known to be privileged in some way, + and not normal end-users) then disable locking. If it was possible, + switching to "nobody" would be the thing to do, but only root itself has + the privs to do that. + + *** WARNING: DO NOT DISABLE THIS CODE! + If you do so, you will open a security hole. See the sections + of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", + and "USING XDM". + */ + { + uid_t uid = getuid (); /* get it again */ + struct passwd *p = getpwuid (uid); /* get it again */ + + if (!p || + uid == (uid_t) 0 || + uid == (uid_t) -1 || + uid == (uid_t) -2 || + p->pw_uid == (uid_t) 0 || + p->pw_uid == (uid_t) -1 || + p->pw_uid == (uid_t) -2 || + !p->pw_name || + !*p->pw_name || + !strcmp (p->pw_name, "root") || + !strcmp (p->pw_name, "nobody") || + !strcmp (p->pw_name, "noaccess") || + !strcmp (p->pw_name, "operator") || + !strcmp (p->pw_name, "daemon") || + !strcmp (p->pw_name, "bin") || + !strcmp (p->pw_name, "adm") || + !strcmp (p->pw_name, "sys") || + !strcmp (p->pw_name, "games")) + { + static char buf [1024]; + sprintf (buf, "running as %s", + (p && p->pw_name && *p->pw_name + ? p->pw_name : "<unknown>")); + si->nolock_reason = buf; + si->locking_disabled_p = True; + si->dangerous_uid_p = True; + } + } +} diff --git a/patches/source/xscreensaver/slack-desc b/patches/source/xscreensaver/slack-desc new file mode 100644 index 00000000..ea0efe02 --- /dev/null +++ b/patches/source/xscreensaver/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xscreensaver: xscreensaver (a screen saver and locker for X) +xscreensaver: +xscreensaver: A modular screen saver and locker for the X Window System. Highly +xscreensaver: customizable: allows the use of any program that can draw on the +xscreensaver: root window as a display mode. More than 100 display modes are +xscreensaver: included in this package. +xscreensaver: +xscreensaver: Homepage: http://www.jwz.org/xscreensaver +xscreensaver: +xscreensaver: +xscreensaver: diff --git a/patches/source/xscreensaver/xscreensaver-getimage-file-5.14 b/patches/source/xscreensaver/xscreensaver-getimage-file-5.14 new file mode 100644 index 00000000..bc7bcbd9 --- /dev/null +++ b/patches/source/xscreensaver/xscreensaver-getimage-file-5.14 @@ -0,0 +1,555 @@ +#!/usr/bin/perl -w +# Copyright © 2001-2011 Jamie Zawinski <jwz@jwz.org>. +# +# Permission to use, copy, modify, distribute, and sell this software and its +# documentation for any purpose is hereby granted without fee, provided that +# the above copyright notice appear in all copies and that both that +# copyright notice and this permission notice appear in supporting +# documentation. No representations are made about the suitability of this +# software for any purpose. It is provided "as is" without express or +# implied warranty. +# +# This program chooses a random file from under the given directory, and +# prints its name. The file will be an image file whose dimensions are +# larger than a certain minimum size. +# +# The various xscreensaver hacks that manipulate images ("jigsaw", etc.) get +# the image to manipulate by running the "xscreensaver-getimage" program. +# +# Under X11, the "xscreensaver-getimage" program invokes this script, +# depending on the value of the "chooseRandomImages" and "imageDirectory" +# settings in the ~/.xscreensaver file (or .../app-defaults/XScreenSaver). +# The screen savers invoke "xscreensaver-getimage" via utils/grabclient.c, +# which then invokes this script. +# +# Under Cocoa, this script lives inside the .saver bundle, and is invoked +# directly from utils/grabclient.c. +# +# Created: 12-Apr-01. + +require 5; +#use diagnostics; # Fails on some MacOS 10.5 systems +use strict; + +use POSIX; +use Fcntl; + +use Fcntl ':flock'; # import LOCK_* constants + +use POSIX ':fcntl_h'; # S_ISDIR was here in Perl 5.6 +import Fcntl ':mode' unless defined &S_ISUID; # but it is here in Perl 5.8 + # but in Perl 5.10, both of these load, and cause errors! + # So we have to check for S_ISUID instead of S_ISDIR? WTF? + +use bytes; # Larry can take Unicode and shove it up his ass sideways. + # Perl 5.8.0 causes us to start getting incomprehensible + # errors about UTF-8 all over the place without this. + +my $progname = $0; $progname =~ s@.*/@@g; +my $version = q{ $Revision: 1.29 $ }; $version =~ s/^[^0-9]+([0-9.]+).*$/$1/; + +my $verbose = 0; + +# Whether to use MacOS X's Spotlight to generate the list of files. +# When set to -1, uses Spotlight if "mdfind" exists. +# +# (In my experience, this isn't actually any faster, and might not find +# everything if your Spotlight index is out of date, which happens often.) +# +my $use_spotlight_p = 0; + +# Whether to cache the results of the last run. +# +my $cache_p = 1; + +# Regenerate the cache if it is older than this many seconds. +# +my $cache_max_age = 60 * 60 * 3; # 3 hours + + +# This matches files that we are allowed to use as images (case-insensitive.) +# Anything not matching this is ignored. This is so you can point your +# imageDirectory at directory trees that have things other than images in +# them, but it assumes that you gave your images sensible file extensions. +# +my @good_extensions = ('jpg', 'jpeg', 'pjpeg', 'pjpg', 'png', 'gif', + 'tif', 'tiff', 'xbm', 'xpm'); +my $good_file_re = '\.(' . join("|", @good_extensions) . ')$'; + +# This matches file extensions that might occur in an image directory, +# and that are never used in the name of a subdirectory. This is an +# optimization that prevents us from having to stat() those files to +# tell whether they are directories or not. (It speeds things up a +# lot. Don't give your directories stupid names.) +# +my @nondir_extensions = ('ai', 'bmp', 'bz2', 'cr2', 'crw', 'db', + 'dmg', 'eps', 'gz', 'hqx', 'htm', 'html', 'icns', 'ilbm', 'mov', + 'nef', 'pbm', 'pdf', 'pl', 'ppm', 'ps', 'psd', 'sea', 'sh', 'shtml', + 'tar', 'tgz', 'thb', 'txt', 'xcf', 'xmp', 'Z', 'zip' ); +my $nondir_re = '\.(' . join("|", @nondir_extensions) . ')$'; + + +# JPEG, GIF, and PNG files that are are smaller than this are rejected: +# this is so that you can use an image directory that contains both big +# images and thumbnails, and have it only select the big versions. +# +my $min_image_width = 255; +my $min_image_height = 255; + +my @all_files = (); # list of "good" files we've collected +my %seen_inodes; # for breaking recursive symlink loops + +# For diagnostic messages: +# +my $dir_count = 1; # number of directories seen +my $stat_count = 0; # number of files/dirs stat'ed +my $skip_count_unstat = 0; # number of files skipped without stat'ing +my $skip_count_stat = 0; # number of files skipped after stat + +sub find_all_files($); +sub find_all_files($) { + my ($dir) = @_; + + print STDERR "$progname: + reading dir $dir/...\n" if ($verbose > 1); + + my $dd; + if (! opendir ($dd, $dir)) { + print STDERR "$progname: couldn't open $dir: $!\n" if ($verbose); + return; + } + my @files = readdir ($dd); + closedir ($dd); + + my @dirs = (); + + foreach my $file (@files) { + next if ($file =~ m/^\./); # silently ignore dot files/dirs + + if ($file =~ m/[~%\#]$/) { # ignore backup files (and dirs...) + $skip_count_unstat++; + print STDERR "$progname: - skip file $file\n" if ($verbose > 1); + } + + $file = "$dir/$file"; + + if ($file =~ m/$good_file_re/io) { + # + # Assume that files ending in .jpg exist and are not directories. + # + push @all_files, $file; + print STDERR "$progname: - found file $file\n" if ($verbose > 1); + + } elsif ($file =~ m/$nondir_re/io) { + # + # Assume that files ending in .html are not directories. + # + $skip_count_unstat++; + print STDERR "$progname: -- skip file $file\n" if ($verbose > 1); + + } else { + # + # Now we need to stat the file to see if it's a subdirectory. + # + # Note: we could use the trick of checking "nlinks" on the parent + # directory to see if this directory contains any subdirectories, + # but that would exclude any symlinks to directories. + # + my @st = stat($file); + my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size, + $atime,$mtime,$ctime,$blksize,$blocks) = @st; + + $stat_count++; + + if ($#st == -1) { + if ($verbose) { + my $ll = readlink $file; + if (defined ($ll)) { + print STDERR "$progname: + dangling symlink: $file -> $ll\n"; + } else { + print STDERR "$progname: + unreadable: $file\n"; + } + } + next; + } + + next if ($seen_inodes{"$dev:$ino"}); # break symlink loops + $seen_inodes{"$dev:$ino"} = 1; + + if (S_ISDIR($mode)) { + push @dirs, $file; + $dir_count++; + print STDERR "$progname: + found dir $file\n" if ($verbose > 1); + + } else { + $skip_count_stat++; + print STDERR "$progname: + skip file $file\n" if ($verbose > 1); + } + } + } + + foreach (@dirs) { + find_all_files ($_); + } +} + + +sub spotlight_all_files($) { + my ($dir) = @_; + + my @terms = (); + # "public.image" matches all (indexed) images, including Photoshop, etc. +# push @terms, "kMDItemContentTypeTree == 'public.image'"; + foreach (@good_extensions) { + + # kMDItemFSName hits the file system every time: much worse than "find". +# push @terms, "kMDItemFSName == '*.$_'"; + + # kMDItemDisplayName matches against the name in the Spotlight index, + # but won't find files that (for whatever reason) didn't get indexed. + push @terms, "kMDItemDisplayName == '*.$_'"; + } + + $dir =~ s@([^-_/a-z\d.,])@\\$1@gsi; # quote for sh + my $cmd = "mdfind -onlyin $dir \"" . join (' || ', @terms) . "\""; + + print STDERR "$progname: executing: $cmd\n" if ($verbose > 1); + @all_files = split (/[\r\n]+/, `$cmd`); +} + + +# If we're using cacheing, read the cache file and return its contents, +# if any. This also holds an exclusive lock on the cache file, which +# has the additional benefit that if two copies of this program are +# running at once, one will wait for the other, instead of both of +# them spanking the same file system at the same time. +# +my $cache_fd = undef; +my $cache_file_name = undef; +my $read_cache_p = 0; + +sub read_cache($) { + my ($dir) = @_; + + return () unless ($cache_p); + + my $dd = "$ENV{HOME}/Library/Caches"; # MacOS location + if (-d $dd) { + $cache_file_name = "$dd/org.jwz.xscreensaver.getimage.cache"; + } elsif (-d "$ENV{HOME}/tmp") { + $cache_file_name = "$ENV{HOME}/tmp/.xscreensaver-getimage.cache"; + } else { + $cache_file_name = "$ENV{HOME}/.xscreensaver-getimage.cache"; + } + + print STDERR "$progname: awaiting lock: $cache_file_name\n" + if ($verbose > 1); + + my $file = $cache_file_name; + open ($cache_fd, '+>>', $file) || error ("unable to write $file: $!"); + flock ($cache_fd, LOCK_EX) || error ("unable to lock $file: $!"); + seek ($cache_fd, 0, 0) || error ("unable to rewind $file: $!"); + + my $mtime = (stat($cache_fd))[9]; + + if ($mtime + $cache_max_age < time) { + print STDERR "$progname: cache is too old\n" if ($verbose); + return (); + } + + my $odir = <$cache_fd>; + $odir =~ s/[\r\n]+$//s if defined ($odir); + if (!defined ($odir) || ($dir ne $odir)) { + print STDERR "$progname: cache is for $odir, not $dir\n" + if ($verbose && $odir); + return (); + } + + my @files = (); + while (<$cache_fd>) { + s/[\r\n]+$//s; + push @files, "$odir/$_"; + } + + print STDERR "$progname: " . ($#files+1) . " files in cache\n" + if ($verbose); + + $read_cache_p = 1; + return @files; +} + + +sub write_cache($) { + my ($dir) = @_; + + return unless ($cache_p); + + # If we read the cache, just close it without rewriting it. + # If we didn't read it, then write it now. + + if (! $read_cache_p) { + + truncate ($cache_fd, 0) || + error ("unable to truncate $cache_file_name: $!"); + seek ($cache_fd, 0, 0) || + error ("unable to rewind $cache_file_name: $!"); + + if ($#all_files >= 0) { + print $cache_fd "$dir\n"; + foreach (@all_files) { + my $f = $_; # stupid Perl. do this to avoid modifying @all_files! + $f =~ s@^\Q$dir\L/@@so || die; # remove $dir from front + print $cache_fd "$f\n"; + } + } + + print STDERR "$progname: cached " . ($#all_files+1) . " files\n" + if ($verbose); + } + + flock ($cache_fd, LOCK_UN) || + error ("unable to unlock $cache_file_name: $!"); + close ($cache_fd); + $cache_fd = undef; +} + + +sub find_random_file($) { + my ($dir) = @_; + + if ($use_spotlight_p == -1) { + $use_spotlight_p = 0; + if (-x '/usr/bin/mdfind') { + $use_spotlight_p = 1; + } + } + + @all_files = read_cache ($dir); + + if ($#all_files >= 0) { + # got it from the cache... + + } elsif ($use_spotlight_p) { + print STDERR "$progname: spotlighting $dir...\n" if ($verbose); + spotlight_all_files ($dir); + print STDERR "$progname: found " . ($#all_files+1) . + " file" . ($#all_files == 0 ? "" : "s") . + " via Spotlight\n" + if ($verbose); + } else { + print STDERR "$progname: recursively reading $dir...\n" if ($verbose); + find_all_files ($dir); + print STDERR "$progname: " . + "f=" . ($#all_files+1) . "; " . + "d=$dir_count; " . + "s=$stat_count; " . + "skip=${skip_count_unstat}+$skip_count_stat=" . + ($skip_count_unstat + $skip_count_stat) . + ".\n" + if ($verbose); + } + + write_cache ($dir); + +# @all_files = sort(@all_files); + + if ($#all_files < 0) { + print STDERR "$progname: no files in $dir\n"; + exit 1; + } + + my $max_tries = 50; + for (my $i = 0; $i < $max_tries; $i++) { + + my $n = int (rand ($#all_files + 1)); + my $file = $all_files[$n]; + if (large_enough_p ($file)) { + $file =~ s@^\Q$dir\L/@@so || die; # remove $dir from front + return $file; + } + } + + print STDERR "$progname: no suitable images in $dir " . + "(after $max_tries tries)\n"; + exit 1; +} + + +sub large_enough_p($) { + my ($file) = @_; + + my ($w, $h) = image_file_size ($file); + + if (!defined ($h)) { + print STDERR "$progname: $file: unable to determine image size\n" + if ($verbose); + # Assume that unknown files are of good sizes: this will happen if + # they matched $good_file_re, but we don't have code to parse them. + # (This will also happen if the file is junk...) + return 1; + } + + if ($w < $min_image_width || $h < $min_image_height) { + print STDERR "$progname: $file: too small ($w x $h)\n" if ($verbose); + return 0; + } + + print STDERR "$progname: $file: $w x $h\n" if ($verbose); + return 1; +} + + + +# Given the raw body of a GIF document, returns the dimensions of the image. +# +sub gif_size($) { + my ($body) = @_; + my $type = substr($body, 0, 6); + my $s; + return () unless ($type =~ /GIF8[7,9]a/); + $s = substr ($body, 6, 10); + my ($a,$b,$c,$d) = unpack ("C"x4, $s); + return (($b<<8|$a), ($d<<8|$c)); +} + +# Given the raw body of a JPEG document, returns the dimensions of the image. +# +sub jpeg_size($) { + my ($body) = @_; + my $i = 0; + my $L = length($body); + + my $c1 = substr($body, $i, 1); $i++; + my $c2 = substr($body, $i, 1); $i++; + return () unless (ord($c1) == 0xFF && ord($c2) == 0xD8); + + my $ch = "0"; + while (ord($ch) != 0xDA && $i < $L) { + # Find next marker, beginning with 0xFF. + while (ord($ch) != 0xFF) { + return () if (length($body) <= $i); + $ch = substr($body, $i, 1); $i++; + } + # markers can be padded with any number of 0xFF. + while (ord($ch) == 0xFF) { + return () if (length($body) <= $i); + $ch = substr($body, $i, 1); $i++; + } + + # $ch contains the value of the marker. + my $marker = ord($ch); + + if (($marker >= 0xC0) && + ($marker <= 0xCF) && + ($marker != 0xC4) && + ($marker != 0xCC)) { # it's a SOFn marker + $i += 3; + return () if (length($body) <= $i); + my $s = substr($body, $i, 4); $i += 4; + my ($a,$b,$c,$d) = unpack("C"x4, $s); + return (($c<<8|$d), ($a<<8|$b)); + + } else { + # We must skip variables, since FFs in variable names aren't + # valid JPEG markers. + return () if (length($body) <= $i); + my $s = substr($body, $i, 2); $i += 2; + my ($c1, $c2) = unpack ("C"x2, $s); + my $length = ($c1 << 8) | $c2; + return () if ($length < 2); + $i += $length-2; + } + } + return (); +} + +# Given the raw body of a PNG document, returns the dimensions of the image. +# +sub png_size($) { + my ($body) = @_; + return () unless ($body =~ m/^\211PNG\r/s); + my ($bits) = ($body =~ m/^.{12}(.{12})/s); + return () unless defined ($bits); + return () unless ($bits =~ /^IHDR/); + my ($ign, $w, $h) = unpack("a4N2", $bits); + return ($w, $h); +} + + +# Given the raw body of a GIF, JPEG, or PNG document, returns the dimensions +# of the image. +# +sub image_size($) { + my ($body) = @_; + return () if (length($body) < 10); + my ($w, $h) = gif_size ($body); + if ($w && $h) { return ($w, $h); } + ($w, $h) = jpeg_size ($body); + if ($w && $h) { return ($w, $h); } + # #### TODO: need image parsers for TIFF, XPM, XBM. + return png_size ($body); +} + +# Returns the dimensions of the image file. +# +sub image_file_size($) { + my ($file) = @_; + my $in; + if (! open ($in, '<', $file)) { + print STDERR "$progname: $file: $!\n" if ($verbose); + return undef; + } + binmode ($in); # Larry can take Unicode and shove it up his ass sideways. + my $body = ''; + sysread ($in, $body, 1024 * 50); # The first 50k should be enough. + close $in; # (It's not for certain huge jpegs... + return image_size ($body); # but we know they're huge!) +} + + +sub error($) { + my ($err) = @_; + print STDERR "$progname: $err\n"; + exit 1; +} + +sub usage() { + print STDERR "usage: $progname [--verbose] directory\n" . + " Prints the name of a randomly-selected image file. The directory\n" . + " is searched recursively. Images smaller than " . + "${min_image_width}x${min_image_height} are excluded.\n"; + exit 1; +} + +sub main() { + my $dir = undef; + + while ($_ = $ARGV[0]) { + shift @ARGV; + if ($_ eq "--verbose") { $verbose++; } + elsif (m/^-v+$/) { $verbose += length($_)-1; } + elsif ($_ eq "--name") { } # ignored, for compatibility + elsif ($_ eq "--spotlight") { $use_spotlight_p = 1; } + elsif ($_ eq "--no-spotlight") { $use_spotlight_p = 0; } + elsif ($_ eq "--cache") { $cache_p = 1; } + elsif ($_ eq "--no-cache") { $cache_p = 0; } + elsif (m/^-./) { usage; } + elsif (!defined($dir)) { $dir = $_; } + else { usage; } + } + + usage unless (defined($dir)); + + $dir =~ s@^~/@$ENV{HOME}/@s; # allow literal "~/" + $dir =~ s@/+$@@s; # omit trailing / + + if (! -d $dir) { + print STDERR "$progname: $dir: not a directory\n"; + usage; + } + + my $file = find_random_file ($dir); + print STDOUT "$file\n"; +} + +main; +exit 0; diff --git a/patches/source/xscreensaver/xscreensaver.SlackBuild b/patches/source/xscreensaver/xscreensaver.SlackBuild new file mode 100755 index 00000000..3846d532 --- /dev/null +++ b/patches/source/xscreensaver/xscreensaver.SlackBuild @@ -0,0 +1,141 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo xscreensaver-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack14.2} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-xscreensaver + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf xscreensaver-$VERSION +tar xvf $CWD/xscreensaver-$VERSION.tar.?z* || exit 1 +cd xscreensaver-$VERSION + +# Allow xscreensaver to work setgid shadow. I'd rather avoid requiring +# setuid root on this if at all possible... +zcat $CWD/xscreensaver.setuid.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Add support for the electricsheep distributed screensaver: +zcat $CWD/xscreensaver.electricsheep.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Remove a feature that pops up a nag screen claiming the version is old +# after one year. Just don't send in bug reports on an old version, OK folks? +# I hate to swim against upstream, but with all respect this feature is not +# helpful to distributions. +zcat $CWD/xscreensaver.no.expiration.date.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +xml_config=/usr/bin/xml-config xml2_config=/usr/bin/xml2-config \ +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --with-x-app-defaults=/etc/X11/app-defaults \ + --with-text-file=/usr/doc/netdate/COPYRIGHT \ + --with-shadow \ + --with-jpeg \ + --with-gl \ + --build=$ARCH-slackware-linux || exit 1 + +# Build: +make $NUMJOBS || make || exit 1 +make install_prefix=$PKG install-strip || exit 1 + +# Needed for password unlock: +chown root:shadow $PKG/usr/bin/xscreensaver +chmod 2751 $PKG/usr/bin/xscreensaver + +# This is needed for the menus: +mkdir -p $PKG/usr/share/pixmaps +mkdir -p $PKG/etc +mkdir -p $PKG/usr/doc/xscreensaver-$VERSION +cp -a \ + README* \ + $PKG/usr/doc/xscreensaver-$VERSION + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Insert an older version of xscreensaver-getimage-file to avoid depending +# on libwww-perl. Maybe we'll eventually add this, but bundling 14 perl +# modules is a lot of maintainance just to get slidescreen working again. +# This restores the functionality that we had before without all that. +cat $CWD/xscreensaver-getimage-file-5.14 > $PKG/usr/bin/xscreensaver-getimage-file + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/xscreensaver-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/xscreensaver/xscreensaver.electricsheep.diff b/patches/source/xscreensaver/xscreensaver.electricsheep.diff new file mode 100644 index 00000000..27b11961 --- /dev/null +++ b/patches/source/xscreensaver/xscreensaver.electricsheep.diff @@ -0,0 +1,20 @@ +--- ./driver/XScreenSaver_ad.h.orig 2008-12-28 01:59:19.000000000 -0600 ++++ ./driver/XScreenSaver_ad.h 2009-05-15 16:22:44.000000000 -0500 +@@ -138,6 +138,7 @@ + squiral -root \\n\ + wander -root \\n\ + - webcollage -root \\n\ ++ electricsheep --root 1 \\n\ + xflame -root \\n\ + xmatrix -root \\n\ + GL: gflux -root \\n\ +--- ./driver/XScreenSaver.ad.in.orig 2008-12-28 01:33:15.000000000 -0600 ++++ ./driver/XScreenSaver.ad.in 2009-05-15 16:22:04.000000000 -0500 +@@ -239,6 +239,7 @@ + squiral -root \n\ + wander -root \n\ + - webcollage -root \n\ ++ electricsheep --root 1 \n\ + xflame -root \n\ + xmatrix -root \n\ + @GL_KLUDGE@ GL: gflux -root \n\ diff --git a/patches/source/xscreensaver/xscreensaver.no.expiration.date.diff b/patches/source/xscreensaver/xscreensaver.no.expiration.date.diff new file mode 100644 index 00000000..bdbcbe1d --- /dev/null +++ b/patches/source/xscreensaver/xscreensaver.no.expiration.date.diff @@ -0,0 +1,29 @@ +--- ./driver/prefs.c.orig 2016-05-23 22:08:27.000000000 -0500 ++++ ./driver/prefs.c 2016-05-30 15:29:36.446721679 -0500 +@@ -1734,6 +1734,17 @@ + shipping the last version with the old license and then never + upgrading it again -- which would be the worst possible outcome for + everyone involved, most especially the users. ++ ++ --- ++ ++ NOTE: This feature is disabled by Slackware... we do not ship multi-year ++ old versions, nor do we think it is a good idea to include nag screens ++ that activate when an expiration date is reached. In this case, the ++ nag screen was activated after only one year, which practically insures ++ that this will be seen before the next stable Slackware release. ++ If there's a problem that needs fixing, we'll issue a fix. ++ No nag screens please. Thanks for possibly reconsidering this! ++ + */ + + time_t now = time ((time_t *) 0); /* */ +@@ -1766,5 +1777,7 @@ + months = ((((tm->tm_year + 1900) * 12) + tm->tm_mon) - /* h */ + (y * 12 + m)); /* p */ + /* . */ +- return (months >= 17); /* */ ++ /* Disable date checking for Slackware: */ /* \ö/ */ ++ /* return (months >= 17); */ /* */ ++ return ( 0 ); + } diff --git a/patches/source/xscreensaver/xscreensaver.setuid.diff b/patches/source/xscreensaver/xscreensaver.setuid.diff new file mode 100644 index 00000000..c6810af5 --- /dev/null +++ b/patches/source/xscreensaver/xscreensaver.setuid.diff @@ -0,0 +1,179 @@ +--- ./driver/setuid.c.orig 2006-02-08 20:28:38.000000000 -0600 ++++ ./driver/setuid.c 2006-04-04 16:48:08.000000000 -0500 +@@ -1,5 +1,5 @@ + /* setuid.c --- management of runtime privileges. +- * xscreensaver, Copyright (c) 1993-1998, 2005 Jamie Zawinski <jwz@jwz.org> ++ * xscreensaver, Copyright (c) 1993-1998 Jamie Zawinski <jwz@jwz.org> + * + * Permission to use, copy, modify, distribute, and sell this software and its + * documentation for any purpose is hereby granted without fee, provided that +@@ -41,7 +41,7 @@ + struct group *g = 0; + p = getpwuid (uid); + g = getgrgid (gid); +- sprintf (buf, "%.100s/%.100s (%ld/%ld)", ++ sprintf (buf, "%s/%s (%ld/%ld)", + (p && p->pw_name ? p->pw_name : "???"), + (g && g->gr_name ? g->gr_name : "???"), + (long) uid, (long) gid); +@@ -74,50 +74,11 @@ + } + + +-/* Returns true if we need to call setgroups(). +- +- Without calling setgroups(), the process will retain any supplementary +- gids associated with the uid, e.g.: +- +- % groups root +- root : root bin daemon sys adm disk wheel +- +- However, setgroups() can only be called by root, and returns EPERM +- for other users even if the call would be a no-op (e.g., setting the +- group list to the current list.) So, to avoid that spurious error, +- before calling setgroups() we first check whether the current list +- of groups contains only one element, our target group. If so, we +- don't need to call setgroups(). +- */ +-static int +-setgroups_needed_p (uid_t target_group) +-{ +- gid_t groups[1024]; +- int n, size; +- size = sizeof(groups) / sizeof(gid_t); +- n = getgroups (size - 1, groups); +- if (n < 0) +- { +- char buf [1024]; +- sprintf (buf, "%s: getgroups(%ld, ...)", blurb(), (long int)(size - 1)); +- perror (buf); +- return 1; +- } +- else if (n == 0) /* an empty list means only egid is in effect. */ +- return 0; +- else if (n == 1 && groups[0] == target_group) /* one element, the target */ +- return 0; +- else /* more than one, or the wrong one. */ +- return 1; +-} +- +- + static int + set_ids_by_number (uid_t uid, gid_t gid, char **message_ret) + { + int uid_errno = 0; + int gid_errno = 0; +- int sgs_errno = 0; + struct passwd *p = getpwuid (uid); + struct group *g = getgrgid (gid); + +@@ -136,11 +97,6 @@ + if (uid == (uid_t) -1) uid = (uid_t) -2; + + errno = 0; +- if (setgroups_needed_p (gid) && +- setgroups (1, &gid) < 0) +- sgs_errno = errno ? errno : -1; +- +- errno = 0; + if (setgid (gid) != 0) + gid_errno = errno ? errno : -1; + +@@ -148,10 +104,10 @@ + if (setuid (uid) != 0) + uid_errno = errno ? errno : -1; + +- if (uid_errno == 0 && gid_errno == 0 && sgs_errno == 0) ++ if (uid_errno == 0 && gid_errno == 0) + { + static char buf [1024]; +- sprintf (buf, "changed uid/gid to %.100s/%.100s (%ld/%ld).", ++ sprintf (buf, "changed uid/gid to %s/%s (%ld/%ld).", + (p && p->pw_name ? p->pw_name : "???"), + (g && g->gr_name ? g->gr_name : "???"), + (long) uid, (long) gid); +@@ -162,71 +118,28 @@ + else + { + char buf [1024]; +- gid_t groups[1024]; +- int n, size; +- +- if (sgs_errno) +- { +- sprintf (buf, "%s: couldn't setgroups to %.100s (%ld)", +- blurb(), +- (g && g->gr_name ? g->gr_name : "???"), +- (long) gid); +- if (sgs_errno == -1) +- fprintf(stderr, "%s: unknown error\n", buf); +- else +- { +- errno = sgs_errno; +- perror(buf); +- } +- +- fprintf (stderr, "%s: effective group list: ", blurb()); +- size = sizeof(groups) / sizeof(gid_t); +- n = getgroups (size - 1, groups); +- if (n < 0) +- fprintf (stderr, "unknown!\n"); +- else +- { +- int i; +- fprintf (stderr, "["); +- for (i = 0; i < n; i++) +- { +- g = getgrgid (groups[i]); +- if (i > 0) fprintf (stderr, ", "); +- if (g && g->gr_name) fprintf (stderr, "%s", g->gr_name); +- else fprintf (stderr, "%ld", (long) groups[i]); +- } +- fprintf (stderr, "]\n"); +- } +- } +- + if (gid_errno) + { +- sprintf (buf, "%s: couldn't set gid to %.100s (%ld)", ++ sprintf (buf, "%s: couldn't set gid to %s (%ld)", + blurb(), + (g && g->gr_name ? g->gr_name : "???"), + (long) gid); + if (gid_errno == -1) + fprintf(stderr, "%s: unknown error\n", buf); + else +- { +- errno = gid_errno; +- perror(buf); +- } ++ perror(buf); + } + + if (uid_errno) + { +- sprintf (buf, "%s: couldn't set uid to %.100s (%ld)", ++ sprintf (buf, "%s: couldn't set uid to %s (%ld)", + blurb(), + (p && p->pw_name ? p->pw_name : "???"), + (long) uid); + if (uid_errno == -1) + fprintf(stderr, "%s: unknown error\n", buf); + else +- { +- errno = uid_errno; +- perror(buf); +- } ++ perror(buf); + } + + return -1; +@@ -350,7 +263,7 @@ + !strcmp (p->pw_name, "games")) + { + static char buf [1024]; +- sprintf (buf, "running as %.100s", ++ sprintf (buf, "running as %s", + (p && p->pw_name && *p->pw_name + ? p->pw_name : "<unknown>")); + si->nolock_reason = buf; |