summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormonsta <[email protected]>2017-01-18 15:55:22 +0300
committerAlexei Sorokin <[email protected]>2017-01-18 19:31:24 +0300
commit0fcdc12fd7c7b77402867027c2a48d3eb8f6e788 (patch)
tree4f4accd8a591a986cf0afb124e5a99df80667d83
parentd8da9efe02107489d90c89f7e3d5d6250010362c (diff)
downloadmate-session-manager-0fcdc12fd7c7b77402867027c2a48d3eb8f6e788.tar.bz2
mate-session-manager-0fcdc12fd7c7b77402867027c2a48d3eb8f6e788.tar.xz
build: check stricter for presence of xtrans
this should ensure that mate-session won't listen to TCP ports. if needed, this check can be disabled using --without-xtrans option. fixes https://github.com/mate-desktop/mate-session-manager/issues/131 adapted from: https://git.gnome.org/browse/gnome-session/commit/?id=aa4c9d125012ae94154ce075d62342b63b41a7d9
-rw-r--r--configure.ac16
-rw-r--r--mate-session/gsm-xsmp-server.c8
2 files changed, 15 insertions, 9 deletions
diff --git a/configure.ac b/configure.ac
index b039015..f69ea41 100644
--- a/configure.ac
+++ b/configure.ac
@@ -243,12 +243,18 @@ fi
AC_SUBST(EXECINFO_LIBS)
dnl ====================================================================
-dnl Check for newish X interface
+dnl Check for X transport interface - allows to disable ICE Transports
+dnl See also https://bugzilla.gnome.org/show_bug.cgi?id=725100
dnl ====================================================================
-oCFLAGS="$CFLAGS"
-CFLAGS="$CFLAGS $X_CFLAGS"
-AC_CHECK_HEADERS(X11/Xtrans/Xtrans.h)
-CFLAGS="$oCFLAGS"
+AC_ARG_WITH([xtrans],
+ [AS_HELP_STRING([--without-xtrans],
+ [Build without xtrans support (results in ICE listening on remote TCP ports)])],
+ [],
+ [with_xtrans=yes])
+AS_IF([test "$with_xtrans" != "no"],
+ [PKG_CHECK_MODULES(XTRANS, xtrans,
+ [AC_DEFINE(HAVE_XTRANS, 1, [Have the X Transport library])])])
+AC_SUBST(HAVE_XTRANS)
dnl ====================================================================
dnl Code for checking whether IPv6 is enabled on the system....
diff --git a/mate-session/gsm-xsmp-server.c b/mate-session/gsm-xsmp-server.c
index b1d96be..83ec21f 100644
--- a/mate-session/gsm-xsmp-server.c
+++ b/mate-session/gsm-xsmp-server.c
@@ -39,14 +39,14 @@
#include <X11/ICE/ICEconn.h>
#include <X11/SM/SMlib.h>
-#ifdef HAVE_X11_XTRANS_XTRANS_H
+#if HAVE_XTRANS
/* Get the proto for _IceTransNoListen */
#define ICE_t
#define TRANS_SERVER
#include <X11/Xtrans/Xtrans.h>
#undef ICE_t
#undef TRANS_SERVER
-#endif /* HAVE_X11_XTRANS_XTRANS_H */
+#endif /* HAVE_XTRANS */
#include "gsm-xsmp-server.h"
#include "gsm-xsmp-client.h"
@@ -560,7 +560,7 @@ setup_listener (GsmXsmpServer *server)
gsm_util_init_error (TRUE, "Could not initialize libSM: %s", error);
}
-#ifdef HAVE_X11_XTRANS_XTRANS_H
+#if HAVE_XTRANS
/* By default, IceListenForConnections will open one socket for each
* transport type known to X. We don't want connections from remote
* hosts, so for security reasons it would be best if ICE didn't
@@ -612,7 +612,7 @@ setup_listener (GsmXsmpServer *server)
gsm_util_init_error (TRUE, "IceListenForConnections did not return a local listener!");
}
-#ifdef HAVE_X11_XTRANS_XTRANS_H
+#ifdef HAVE_XTRANS
if (server->priv->num_local_xsmp_sockets != server->priv->num_xsmp_sockets) {
/* Xtrans was apparently compiled with support for some
* non-local transport besides TCP (which we disabled above); we