[pulseaudio-commits] [SCM] PulseAudio Sound Server branch, master, updated. v0.9.19-337-g21cbcc1
Lennart Poettering
gitmailer-noreply at 0pointer.de
Wed Jan 13 13:17:00 PST 2010
This is an automated email from the git hooks/post-receive script. It was
generated because of a push to the "PulseAudio Sound Server" repository.
The master branch has been updated
from 4b1679e06d3b4ed98ed8e934db8c0fe99877a56c (commit)
- Log -----------------------------------------------------------------
21cbcc1 client: introduce auto-connect-display= following the scheme of auto-connect-localhost=
3d6cc02 client: introduce auto-connect-localhost= option in client.conf
-----------------------------------------------------------------------
Summary of changes:
man/pulse-client.conf.5.xml.in | 17 +++++++++++++++++
src/pulse/client-conf.c | 6 +++++-
src/pulse/client-conf.h | 2 +-
src/pulse/client.conf.in | 3 +++
src/pulse/context.c | 18 +++++++++++-------
5 files changed, 37 insertions(+), 9 deletions(-)
-----------------------------------------------------------------------
commit 3d6cc026e25ea3015ea989273ba69336a26ab686
Author: Lennart Poettering <lennart at poettering.net>
Date: Wed Jan 13 22:08:59 2010 +0100
client: introduce auto-connect-localhost= option in client.conf
Partly fixes:
http://pulseaudio.org/ticket/773
Also fixes a security hole since listening on the default port is not
access controlled right now.
diff --git a/man/pulse-client.conf.5.xml.in b/man/pulse-client.conf.5.xml.in
index 46cc845..349b515 100644
--- a/man/pulse-client.conf.5.xml.in
+++ b/man/pulse-client.conf.5.xml.in
@@ -106,6 +106,16 @@ USA.
memory overcommit.</p>
</option>
+ <option>
+ <p><opt>auto-connect-localhost=</opt> Automatically try to
+ connect to localhost via IP. Enabling this is a potential
+ security hole since connections are only authenticated one-way
+ and a rogue server might hence fool a client into sending it its
+ private (e.g. VoIP call) data. This was enabled by default on
+ PulseAudio version 0.9.21 and older. Defaults to
+ <opt>no</opt>.</p>
+ </option>
+
</section>
<section name="Authors">
diff --git a/src/pulse/client-conf.c b/src/pulse/client-conf.c
index 3eaca4d..6c97802 100644
--- a/src/pulse/client-conf.c
+++ b/src/pulse/client-conf.c
@@ -62,7 +62,8 @@ static const pa_client_conf default_conf = {
.disable_shm = FALSE,
.cookie_file = NULL,
.cookie_valid = FALSE,
- .shm_size = 0
+ .shm_size = 0,
+ .auto_connect_localhost = FALSE
};
pa_client_conf *pa_client_conf_new(void) {
@@ -105,6 +106,7 @@ int pa_client_conf_load(pa_client_conf *c, const char *filename) {
{ "disable-shm", pa_config_parse_bool, &c->disable_shm, NULL },
{ "enable-shm", pa_config_parse_not_bool, &c->disable_shm, NULL },
{ "shm-size-bytes", pa_config_parse_size, &c->shm_size, NULL },
+ { "auto-connect-localhost", pa_config_parse_bool, &c->auto_connect_localhost, NULL },
{ NULL, NULL, NULL, NULL },
};
diff --git a/src/pulse/client-conf.h b/src/pulse/client-conf.h
index 618216f..3bca8fd 100644
--- a/src/pulse/client-conf.h
+++ b/src/pulse/client-conf.h
@@ -29,7 +29,7 @@
typedef struct pa_client_conf {
char *daemon_binary, *extra_arguments, *default_sink, *default_source, *default_server, *default_dbus_server, *cookie_file;
- pa_bool_t autospawn, disable_shm;
+ pa_bool_t autospawn, disable_shm, auto_connect_localhost;
uint8_t cookie[PA_NATIVE_COOKIE_LENGTH];
pa_bool_t cookie_valid; /* non-zero, when cookie is valid */
size_t shm_size;
diff --git a/src/pulse/client.conf.in b/src/pulse/client.conf.in
index e03096e..090713e 100644
--- a/src/pulse/client.conf.in
+++ b/src/pulse/client.conf.in
@@ -32,3 +32,5 @@
; enable-shm = yes
; shm-size-bytes = 0 # setting this 0 will use the system-default, usually 64 MiB
+
+; auto-connect-localhost = no
diff --git a/src/pulse/context.c b/src/pulse/context.c
index 0018492..85b90ac 100644
--- a/src/pulse/context.c
+++ b/src/pulse/context.c
@@ -997,8 +997,10 @@ int pa_context_connect(
}
/* Add TCP/IP on the localhost */
- c->server_list = pa_strlist_prepend(c->server_list, "tcp6:[::1]");
- c->server_list = pa_strlist_prepend(c->server_list, "tcp4:127.0.0.1");
+ if (c->conf->auto_connect_localhost) {
+ c->server_list = pa_strlist_prepend(c->server_list, "tcp6:[::1]");
+ c->server_list = pa_strlist_prepend(c->server_list, "tcp4:127.0.0.1");
+ }
/* The system wide instance via PF_LOCAL */
c->server_list = pa_strlist_prepend(c->server_list, PA_SYSTEM_RUNTIME_PATH PA_PATH_SEP PA_NATIVE_DEFAULT_UNIX_SOCKET);
commit 21cbcc1a8a5900af9e820b10d5c1b28fc803f947
Author: Lennart Poettering <lennart at poettering.net>
Date: Wed Jan 13 22:15:52 2010 +0100
client: introduce auto-connect-display= following the scheme of auto-connect-localhost=
Just connecting to a PA server just because X11's $DISPLAY is set might
be a security hole.
diff --git a/man/pulse-client.conf.5.xml.in b/man/pulse-client.conf.5.xml.in
index 349b515..c2a847f 100644
--- a/man/pulse-client.conf.5.xml.in
+++ b/man/pulse-client.conf.5.xml.in
@@ -116,6 +116,13 @@ USA.
<opt>no</opt>.</p>
</option>
+ <option>
+ <p><opt>auto-connect-display=</opt> Automatically try to connect
+ to the host X11's $DISPLAY variable is set to. The same security
+ issues apply as to <opt>auto-connect-localhost=</opt>. Defaults
+ to <opt>no</opt>.</p>
+ </option>
+
</section>
<section name="Authors">
diff --git a/src/pulse/client-conf.c b/src/pulse/client-conf.c
index 6c97802..18fafe3 100644
--- a/src/pulse/client-conf.c
+++ b/src/pulse/client-conf.c
@@ -63,7 +63,8 @@ static const pa_client_conf default_conf = {
.cookie_file = NULL,
.cookie_valid = FALSE,
.shm_size = 0,
- .auto_connect_localhost = FALSE
+ .auto_connect_localhost = FALSE,
+ .auto_connect_display = FALSE
};
pa_client_conf *pa_client_conf_new(void) {
@@ -107,6 +108,7 @@ int pa_client_conf_load(pa_client_conf *c, const char *filename) {
{ "enable-shm", pa_config_parse_not_bool, &c->disable_shm, NULL },
{ "shm-size-bytes", pa_config_parse_size, &c->shm_size, NULL },
{ "auto-connect-localhost", pa_config_parse_bool, &c->auto_connect_localhost, NULL },
+ { "auto-connect-display", pa_config_parse_bool, &c->auto_connect_display, NULL },
{ NULL, NULL, NULL, NULL },
};
diff --git a/src/pulse/client-conf.h b/src/pulse/client-conf.h
index 3bca8fd..f281f4e 100644
--- a/src/pulse/client-conf.h
+++ b/src/pulse/client-conf.h
@@ -29,7 +29,7 @@
typedef struct pa_client_conf {
char *daemon_binary, *extra_arguments, *default_sink, *default_source, *default_server, *default_dbus_server, *cookie_file;
- pa_bool_t autospawn, disable_shm, auto_connect_localhost;
+ pa_bool_t autospawn, disable_shm, auto_connect_localhost, auto_connect_display;
uint8_t cookie[PA_NATIVE_COOKIE_LENGTH];
pa_bool_t cookie_valid; /* non-zero, when cookie is valid */
size_t shm_size;
diff --git a/src/pulse/client.conf.in b/src/pulse/client.conf.in
index 090713e..436747b 100644
--- a/src/pulse/client.conf.in
+++ b/src/pulse/client.conf.in
@@ -34,3 +34,4 @@
; shm-size-bytes = 0 # setting this 0 will use the system-default, usually 64 MiB
; auto-connect-localhost = no
+; auto-connect-display = no
diff --git a/src/pulse/context.c b/src/pulse/context.c
index 85b90ac..83e0dbb 100644
--- a/src/pulse/context.c
+++ b/src/pulse/context.c
@@ -987,13 +987,15 @@ int pa_context_connect(
/* Prepend in reverse order */
/* Follow the X display */
- if ((d = getenv("DISPLAY"))) {
- d = pa_xstrndup(d, strcspn(d, ":"));
+ if (c->conf->auto_connect_display) {
+ if ((d = getenv("DISPLAY"))) {
+ d = pa_xstrndup(d, strcspn(d, ":"));
- if (*d)
- c->server_list = pa_strlist_prepend(c->server_list, d);
+ if (*d)
+ c->server_list = pa_strlist_prepend(c->server_list, d);
- pa_xfree(d);
+ pa_xfree(d);
+ }
}
/* Add TCP/IP on the localhost */
--
hooks/post-receive
PulseAudio Sound Server
More information about the pulseaudio-commits
mailing list