diff options
Diffstat (limited to 'nx-X11/lib/Xau')
| -rw-r--r-- | nx-X11/lib/Xau/AuDispose.c | 51 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuFileName.c | 75 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuGetAddr.c | 112 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuGetBest.c | 173 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuLock.c | 106 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuRead.c | 137 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuRead.c.NX.original | 137 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuRead.c.X.original | 111 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuUnlock.c | 62 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/AuWrite.c | 73 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/Autest.c | 71 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/Imakefile | 49 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/README | 184 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/Xauth.h | 162 | ||||
| -rw-r--r-- | nx-X11/lib/Xau/k5encode.c | 186 |
15 files changed, 1689 insertions, 0 deletions
diff --git a/nx-X11/lib/Xau/AuDispose.c b/nx-X11/lib/Xau/AuDispose.c new file mode 100644 index 000000000..58ffd61e7 --- /dev/null +++ b/nx-X11/lib/Xau/AuDispose.c @@ -0,0 +1,51 @@ +/* $Xorg: AuDispose.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuDispose.c,v 1.4 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <stdlib.h> + +void +XauDisposeAuth (auth) +Xauth *auth; +{ + if (auth) { + if (auth->address) (void) free (auth->address); + if (auth->number) (void) free (auth->number); + if (auth->name) (void) free (auth->name); + if (auth->data) { + (void) bzero (auth->data, auth->data_length); + (void) free (auth->data); + } + free ((char *) auth); + } + return; +} diff --git a/nx-X11/lib/Xau/AuFileName.c b/nx-X11/lib/Xau/AuFileName.c new file mode 100644 index 000000000..a51fc3bff --- /dev/null +++ b/nx-X11/lib/Xau/AuFileName.c @@ -0,0 +1,75 @@ +/* $Xorg: AuFileName.c,v 1.5 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuFileName.c,v 3.6 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <X11/Xos.h> +#include <stdlib.h> + +char * +XauFileName () +{ + char *slashDotXauthority = "/.Xauthority"; + char *name; + static char *buf; + static int bsize; +#ifdef WIN32 + char dir[128]; +#endif + int size; + + if ((name = getenv ("XAUTHORITY"))) + return name; + name = getenv ("HOME"); + if (!name) { +#ifdef WIN32 + (void) strcpy (dir, "/users/"); + if ((name = getenv("USERNAME"))) { + (void) strcat (dir, name); + name = dir; + } + if (!name) +#endif + return 0; + } + size = strlen (name) + strlen(&slashDotXauthority[1]) + 2; + if (size > bsize) { + if (buf) + free (buf); + buf = malloc ((unsigned) size); + if (!buf) + return 0; + bsize = size; + } + strcpy (buf, name); + strcat (buf, slashDotXauthority + (name[1] == '\0' ? 1 : 0)); + return buf; +} diff --git a/nx-X11/lib/Xau/AuGetAddr.c b/nx-X11/lib/Xau/AuGetAddr.c new file mode 100644 index 000000000..ab13cb630 --- /dev/null +++ b/nx-X11/lib/Xau/AuGetAddr.c @@ -0,0 +1,112 @@ +/* $Xorg: AuGetAddr.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuGetAddr.c,v 1.5 2001/12/14 19:54:36 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <X11/Xos.h> + +static int +binaryEqual (_Xconst char *a, _Xconst char *b, int len) +{ + while (len--) + if (*a++ != *b++) + return 0; + return 1; +} + +Xauth * +XauGetAuthByAddr ( +#if NeedWidePrototypes +unsigned int family, +unsigned int address_length, +#else +unsigned short family, +unsigned short address_length, +#endif +_Xconst char* address, +#if NeedWidePrototypes +unsigned int number_length, +#else +unsigned short number_length, +#endif +_Xconst char* number, +#if NeedWidePrototypes +unsigned int name_length, +#else +unsigned short name_length, +#endif +_Xconst char* name) +{ + FILE *auth_file; + char *auth_name; + Xauth *entry; + + auth_name = XauFileName (); + if (!auth_name) + return 0; + if (access (auth_name, R_OK) != 0) /* checks REAL id */ + return 0; + auth_file = fopen (auth_name, "rb"); + if (!auth_file) + return 0; + for (;;) { + entry = XauReadAuth (auth_file); + if (!entry) + break; + /* + * Match when: + * either family or entry->family are FamilyWild or + * family and entry->family are the same and + * address and entry->address are the same + * and + * either number or entry->number are empty or + * number and entry->number are the same + * and + * either name or entry->name are empty or + * name and entry->name are the same + */ + + if ((family == FamilyWild || entry->family == FamilyWild || + (entry->family == family && + address_length == entry->address_length && + binaryEqual (entry->address, address, (int)address_length))) && + (number_length == 0 || entry->number_length == 0 || + (number_length == entry->number_length && + binaryEqual (entry->number, number, (int)number_length))) && + (name_length == 0 || entry->name_length == 0 || + (entry->name_length == name_length && + binaryEqual (entry->name, name, (int)name_length)))) + break; + XauDisposeAuth (entry); + } + (void) fclose (auth_file); + return entry; +} diff --git a/nx-X11/lib/Xau/AuGetBest.c b/nx-X11/lib/Xau/AuGetBest.c new file mode 100644 index 000000000..5ff1c7cd3 --- /dev/null +++ b/nx-X11/lib/Xau/AuGetBest.c @@ -0,0 +1,173 @@ +/* $Xorg: AuGetBest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuGetBest.c,v 1.7 2001/12/14 19:54:36 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <X11/Xos.h> +#ifdef XTHREADS +#include <X11/Xthreads.h> +#endif +#ifdef hpux +#define X_INCLUDE_NETDB_H +#define XOS_USE_NO_LOCKING +#include <X11/Xos_r.h> +#endif + +static int +binaryEqual (_Xconst char *a, _Xconst char *b, int len) +{ + while (len--) + if (*a++ != *b++) + return 0; + return 1; +} + +Xauth * +XauGetBestAuthByAddr ( +#if NeedWidePrototypes + unsigned int family, + unsigned int address_length, +#else + unsigned short family, + unsigned short address_length, +#endif + _Xconst char* address, +#if NeedWidePrototypes + unsigned int number_length, +#else + unsigned short number_length, +#endif + _Xconst char* number, + int types_length, + char** types, + _Xconst int* type_lengths) +{ + FILE *auth_file; + char *auth_name; + Xauth *entry; + Xauth *best; + int best_type; + int type; +#ifdef hpux + char *fully_qual_address; + unsigned short fully_qual_address_length; +#endif + + auth_name = XauFileName (); + if (!auth_name) + return 0; + if (access (auth_name, R_OK) != 0) /* checks REAL id */ + return 0; + auth_file = fopen (auth_name, "rb"); + if (!auth_file) + return 0; + +#ifdef hpux + if (family == FamilyLocal) { +#ifdef XTHREADS_NEEDS_BYNAMEPARAMS + _Xgethostbynameparams hparams; +#endif + struct hostent *hostp; + + /* make sure we try fully-qualified hostname */ + if ((hostp = _XGethostbyname(address,hparams)) != NULL) { + fully_qual_address = hostp->h_name; + fully_qual_address_length = strlen(fully_qual_address); + } + else + { + fully_qual_address = NULL; + fully_qual_address_length = 0; + } + } +#endif /* hpux */ + + best = 0; + best_type = types_length; + for (;;) { + entry = XauReadAuth (auth_file); + if (!entry) + break; + /* + * Match when: + * either family or entry->family are FamilyWild or + * family and entry->family are the same and + * address and entry->address are the same + * and + * either number or entry->number are empty or + * number and entry->number are the same + * and + * either name or entry->name are empty or + * name and entry->name are the same + */ + + if ((family == FamilyWild || entry->family == FamilyWild || + (entry->family == family && + ((address_length == entry->address_length && + binaryEqual (entry->address, address, (int)address_length)) +#ifdef hpux + || (family == FamilyLocal && + fully_qual_address_length == entry->address_length && + binaryEqual (entry->address, fully_qual_address, + (int) fully_qual_address_length)) +#endif + ))) && + (number_length == 0 || entry->number_length == 0 || + (number_length == entry->number_length && + binaryEqual (entry->number, number, (int)number_length)))) + { + if (best_type == 0) + { + best = entry; + break; + } + for (type = 0; type < best_type; type++) + if (type_lengths[type] == entry->name_length && + !(strncmp (types[type], entry->name, entry->name_length))) + { + break; + } + if (type < best_type) + { + if (best) + XauDisposeAuth (best); + best = entry; + best_type = type; + if (type == 0) + break; + continue; + } + } + XauDisposeAuth (entry); + } + (void) fclose (auth_file); + return best; +} diff --git a/nx-X11/lib/Xau/AuLock.c b/nx-X11/lib/Xau/AuLock.c new file mode 100644 index 000000000..001235607 --- /dev/null +++ b/nx-X11/lib/Xau/AuLock.c @@ -0,0 +1,106 @@ +/* $Xorg: AuLock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuLock.c,v 3.6 2002/05/31 18:45:43 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <X11/Xos.h> +#include <sys/stat.h> +#include <errno.h> +#include <time.h> +#define Time_t time_t +#ifndef X_NOT_POSIX +#include <unistd.h> +#else +#ifndef WIN32 +extern unsigned sleep (); +#else +#include <X11/Xwindows.h> +#define link rename +#endif +#endif +#ifdef __UNIXOS2__ +#define link rename +#endif + +int +XauLockAuth ( +_Xconst char *file_name, +int retries, +int timeout, +long dead) +{ + char creat_name[1025], link_name[1025]; + struct stat statb; + Time_t now; + int creat_fd = -1; + + if (strlen (file_name) > 1022) + return LOCK_ERROR; + (void) strcpy (creat_name, file_name); + (void) strcat (creat_name, "-c"); + (void) strcpy (link_name, file_name); + (void) strcat (link_name, "-l"); + if (stat (creat_name, &statb) != -1) { + now = time ((Time_t *) 0); + /* + * NFS may cause ctime to be before now, special + * case a 0 deadtime to force lock removal + */ + if (dead == 0 || now - statb.st_ctime > dead) { + (void) unlink (creat_name); + (void) unlink (link_name); + } + } + + while (retries > 0) { + if (creat_fd == -1) { + creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600); + if (creat_fd == -1) { + if (errno != EACCES) + return LOCK_ERROR; + } else + (void) close (creat_fd); + } + if (creat_fd != -1) { + if (link (creat_name, link_name) != -1) + return LOCK_SUCCESS; + if (errno == ENOENT) { + creat_fd = -1; /* force re-creat next time around */ + continue; + } + if (errno != EEXIST) + return LOCK_ERROR; + } + (void) sleep ((unsigned) timeout); + --retries; + } + return LOCK_TIMEOUT; +} diff --git a/nx-X11/lib/Xau/AuRead.c b/nx-X11/lib/Xau/AuRead.c new file mode 100644 index 000000000..60a0d747f --- /dev/null +++ b/nx-X11/lib/Xau/AuRead.c @@ -0,0 +1,137 @@ +/* $Xorg: AuRead.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuRead.c,v 1.5 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <stdlib.h> +#include <errno.h> + +static int +read_short (unsigned short *shortp, FILE *file) +{ + unsigned char file_short[2]; + + /* + * Added a check on EINTR to prevent the fread() call to be + * interrupted by any signal not blocked by OsBlockSignals(). + */ + + for (;;) { + if (fread ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) { + if (errno == EINTR && ferror (file)) { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + return 0; + } + break; + } + *shortp = file_short[0] * 256 + file_short[1]; + return 1; +} + +static int +read_counted_string (unsigned short *countp, char **stringp, FILE *file) +{ + unsigned short len; + char *data; + + if (read_short (&len, file) == 0) + return 0; + if (len == 0) { + data = 0; + } else { + data = malloc ((unsigned) len); + if (!data) + return 0; + for (;;) + { + if (fread (data, (int) sizeof (char), (int) len, file) != len) + { + if (errno == EINTR && ferror (file)) + { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + bzero (data, len); + free (data); + return 0; + } + break; + } + } + *stringp = data; + *countp = len; + return 1; +} + +Xauth * +XauReadAuth (auth_file) +FILE *auth_file; +{ + Xauth local; + Xauth *ret; + + if (read_short (&local.family, auth_file) == 0) + return 0; + if (read_counted_string (&local.address_length, &local.address, auth_file) == 0) + return 0; + if (read_counted_string (&local.number_length, &local.number, auth_file) == 0) { + if (local.address) free (local.address); + return 0; + } + if (read_counted_string (&local.name_length, &local.name, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + return 0; + } + if (read_counted_string (&local.data_length, &local.data, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + return 0; + } + ret = (Xauth *) malloc (sizeof (Xauth)); + if (!ret) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + if (local.data) { + bzero (local.data, local.data_length); + free (local.data); + } + return 0; + } + *ret = local; + return ret; +} diff --git a/nx-X11/lib/Xau/AuRead.c.NX.original b/nx-X11/lib/Xau/AuRead.c.NX.original new file mode 100644 index 000000000..60a0d747f --- /dev/null +++ b/nx-X11/lib/Xau/AuRead.c.NX.original @@ -0,0 +1,137 @@ +/* $Xorg: AuRead.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuRead.c,v 1.5 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <stdlib.h> +#include <errno.h> + +static int +read_short (unsigned short *shortp, FILE *file) +{ + unsigned char file_short[2]; + + /* + * Added a check on EINTR to prevent the fread() call to be + * interrupted by any signal not blocked by OsBlockSignals(). + */ + + for (;;) { + if (fread ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) { + if (errno == EINTR && ferror (file)) { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + return 0; + } + break; + } + *shortp = file_short[0] * 256 + file_short[1]; + return 1; +} + +static int +read_counted_string (unsigned short *countp, char **stringp, FILE *file) +{ + unsigned short len; + char *data; + + if (read_short (&len, file) == 0) + return 0; + if (len == 0) { + data = 0; + } else { + data = malloc ((unsigned) len); + if (!data) + return 0; + for (;;) + { + if (fread (data, (int) sizeof (char), (int) len, file) != len) + { + if (errno == EINTR && ferror (file)) + { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + bzero (data, len); + free (data); + return 0; + } + break; + } + } + *stringp = data; + *countp = len; + return 1; +} + +Xauth * +XauReadAuth (auth_file) +FILE *auth_file; +{ + Xauth local; + Xauth *ret; + + if (read_short (&local.family, auth_file) == 0) + return 0; + if (read_counted_string (&local.address_length, &local.address, auth_file) == 0) + return 0; + if (read_counted_string (&local.number_length, &local.number, auth_file) == 0) { + if (local.address) free (local.address); + return 0; + } + if (read_counted_string (&local.name_length, &local.name, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + return 0; + } + if (read_counted_string (&local.data_length, &local.data, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + return 0; + } + ret = (Xauth *) malloc (sizeof (Xauth)); + if (!ret) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + if (local.data) { + bzero (local.data, local.data_length); + free (local.data); + } + return 0; + } + *ret = local; + return ret; +} diff --git a/nx-X11/lib/Xau/AuRead.c.X.original b/nx-X11/lib/Xau/AuRead.c.X.original new file mode 100644 index 000000000..f7cdf8f3a --- /dev/null +++ b/nx-X11/lib/Xau/AuRead.c.X.original @@ -0,0 +1,111 @@ +/* $Xorg: AuRead.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuRead.c,v 1.5 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <stdlib.h> + +static int +read_short (unsigned short *shortp, FILE *file) +{ + unsigned char file_short[2]; + + if (fread ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) + return 0; + *shortp = file_short[0] * 256 + file_short[1]; + return 1; +} + +static int +read_counted_string (unsigned short *countp, char **stringp, FILE *file) +{ + unsigned short len; + char *data; + + if (read_short (&len, file) == 0) + return 0; + if (len == 0) { + data = 0; + } else { + data = malloc ((unsigned) len); + if (!data) + return 0; + if (fread (data, (int) sizeof (char), (int) len, file) != len) { + bzero (data, len); + free (data); + return 0; + } + } + *stringp = data; + *countp = len; + return 1; +} + +Xauth * +XauReadAuth (auth_file) +FILE *auth_file; +{ + Xauth local; + Xauth *ret; + + if (read_short (&local.family, auth_file) == 0) + return 0; + if (read_counted_string (&local.address_length, &local.address, auth_file) == 0) + return 0; + if (read_counted_string (&local.number_length, &local.number, auth_file) == 0) { + if (local.address) free (local.address); + return 0; + } + if (read_counted_string (&local.name_length, &local.name, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + return 0; + } + if (read_counted_string (&local.data_length, &local.data, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + return 0; + } + ret = (Xauth *) malloc (sizeof (Xauth)); + if (!ret) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + if (local.data) { + bzero (local.data, local.data_length); + free (local.data); + } + return 0; + } + *ret = local; + return ret; +} diff --git a/nx-X11/lib/Xau/AuUnlock.c b/nx-X11/lib/Xau/AuUnlock.c new file mode 100644 index 000000000..460effe86 --- /dev/null +++ b/nx-X11/lib/Xau/AuUnlock.c @@ -0,0 +1,62 @@ +/* $Xorg: AuUnlock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuUnlock.c,v 1.4 2001/12/14 19:54:36 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> +#include <X11/Xos.h> + +int +XauUnlockAuth ( +_Xconst char *file_name) +{ +#ifndef WIN32 + char creat_name[1025]; +#endif + char link_name[1025]; + + if (strlen (file_name) > 1022) + return 0; +#ifndef WIN32 + (void) strcpy (creat_name, file_name); + (void) strcat (creat_name, "-c"); +#endif + (void) strcpy (link_name, file_name); + (void) strcat (link_name, "-l"); + /* + * I think this is the correct order + */ +#ifndef WIN32 + (void) unlink (creat_name); +#endif + (void) unlink (link_name); + + return 1; +} diff --git a/nx-X11/lib/Xau/AuWrite.c b/nx-X11/lib/Xau/AuWrite.c new file mode 100644 index 000000000..f25abc9e6 --- /dev/null +++ b/nx-X11/lib/Xau/AuWrite.c @@ -0,0 +1,73 @@ +/* $Xorg: AuWrite.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuWrite.c,v 1.3 2001/01/17 19:42:24 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> + +static int +write_short (unsigned short s, FILE *file) +{ + unsigned char file_short[2]; + + file_short[0] = (s & (unsigned)0xff00) >> 8; + file_short[1] = s & 0xff; + if (fwrite ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) + return 0; + return 1; +} + +static int +write_counted_string (unsigned short count, char *string, FILE *file) +{ + if (write_short (count, file) == 0) + return 0; + if (fwrite (string, (int) sizeof (char), (int) count, file) != count) + return 0; + return 1; +} + +int +XauWriteAuth (auth_file, auth) +FILE *auth_file; +Xauth *auth; +{ + if (write_short (auth->family, auth_file) == 0) + return 0; + if (write_counted_string (auth->address_length, auth->address, auth_file) == 0) + return 0; + if (write_counted_string (auth->number_length, auth->number, auth_file) == 0) + return 0; + if (write_counted_string (auth->name_length, auth->name, auth_file) == 0) + return 0; + if (write_counted_string (auth->data_length, auth->data, auth_file) == 0) + return 0; + return 1; +} diff --git a/nx-X11/lib/Xau/Autest.c b/nx-X11/lib/Xau/Autest.c new file mode 100644 index 000000000..298464908 --- /dev/null +++ b/nx-X11/lib/Xau/Autest.c @@ -0,0 +1,71 @@ +/* $Xorg: Autest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <X11/Xauth.h> + +main (argc, argv) +char **argv; +{ + Xauth test_data; + char *name, *data, *file; + int state = 0; + FILE *output; + + while (*++argv) { + if (!strcmp (*argv, "-file")) + file = *++argv; + else if (state == 0) { + name = *argv; + ++state; + } else if (state == 1) { + data = *argv; + ++state; + } + } + if(!file) { + fprintf (stderr, "No file\n"); + exit (1); + } + test_data.family = 0; + test_data.address_length = 0; + test_data.address = ""; + test_data.number_length = 0; + test_data.number = ""; + test_data.name_length = strlen (name); + test_data.name = name; + test_data.data_length = strlen (data); + test_data.data = data; + output = fopen (file, "w"); + if (output) { + XauWriteAuth (output, &test_data); + fclose (output); + } +} diff --git a/nx-X11/lib/Xau/Imakefile b/nx-X11/lib/Xau/Imakefile new file mode 100644 index 000000000..49cb7dcd3 --- /dev/null +++ b/nx-X11/lib/Xau/Imakefile @@ -0,0 +1,49 @@ +XCOMM $Xorg: Imakefile,v 1.3 2000/08/17 19:45:29 cpqbld Exp $ +XCOMM $XdotOrg: xc/lib/Xau/Imakefile,v 1.4 2005/09/22 23:54:18 alanc Exp $ + + + +XCOMM $XFree86: xc/lib/Xau/Imakefile,v 3.5 1999/04/17 09:08:11 dawes Exp $ + +#define DoNormalLib NormalLibXau +#define DoSharedLib SharedLibXau +#define DoExtraLib SharedLibXau +#define DoDebugLib DebugLibXau +#define DoProfileLib ProfileLibXau +#define LibName Xau +#define SoRev SOXAUTHREV +#define IncSubdir X11 + +#include <Threads.tmpl> + +#ifdef SharedXauReqs +REQUIREDLIBS = SharedXauReqs +#endif + + LINTLIBS = $(LINTXLIB) + +#if HasKrb5 +K5ENCSRC = k5encode.c +K5ENCOBJ = k5encode.o +INCLUDES = Krb5Includes +#else +K5ENCSRC = +K5ENCOBJ = +INCLUDES = +#endif + +HEADERS = \ + Xauth.h + +SRCS = AuDispose.c AuFileName.c AuGetAddr.c AuGetBest.c AuLock.c \ + AuRead.c AuUnlock.c AuWrite.c $(K5ENCSRC) + +OBJS = AuDispose.o AuFileName.o AuGetAddr.o AuGetBest.o AuLock.o \ + AuRead.o AuUnlock.o AuWrite.o $(K5ENCOBJ) + +#define IncludeSharedObjectInNormalLib +#define UnsharedLibObjCompile(options) LibObjCompile(unshared,$(CDEBUGFLAGS) $(CLIBDEBUGFLAGS) options $(PICFLAGS)) + +#include <Library.tmpl> + +DependTarget() diff --git a/nx-X11/lib/Xau/README b/nx-X11/lib/Xau/README new file mode 100644 index 000000000..404eef079 --- /dev/null +++ b/nx-X11/lib/Xau/README @@ -0,0 +1,184 @@ + + + A Sample Authorization Protocol for X + + +Overview + +The following note describes a very simple mechanism for providing individual +access to an X Window System display. It uses existing core protocol and +library hooks for specifying authorization data in the connection setup block +to restrict use of the display to only those clients that show that they +know a server-specific key called a "magic cookie". This mechanism is *not* +being proposed as an addition to the Xlib standard; among other reasons, a +protocol extension is needed to support more flexible mechanisms. We have +implemented this mechanism already; if you have comments, please send them +to us. + +This scheme involves changes to the following parts of the sample release: + + o xdm + - generate random magic cookie and store in protected file + - pass name of magic cookie file to server + - when user logs in, add magic cookie to user's auth file + - when user logs out, generate a new cookie for server + + o server + - a new command line option to specify cookie file + - check client authorization data against magic cookie + - read in cookie whenever the server resets + - do not add local machine to host list if magic cookie given + + o Xlib + - read in authorization data from file + - find data for appropriate server + - send authorization data if found + + o xauth [new program to manage user auth file] + - add entries to user's auth file + - remove entries from user's auth file + +This mechanism assumes that the superuser and the transport layer between +the client and the server is secure. Organizations that desire stricter +security are encouraged to look at systems such as Kerberos (at Project +Athena). + + +Description + +The sample implementation will use the xdm Display Manager to set up and +control the server's authorization file. Sites that do not run xdm will +need to build their own mechanisms. + +Xdm uses a random key (seeded by the system time and check sum of /dev/kmem) +to generate a unique sequence of characters at 16 bytes long. This sequence +will be written to a file which is made readable only by the server. The +server will then be started with a command line option instructing it to use +the contents of the file as the magic cookie for connections that include +authorization data. This will also disable the server from adding the local +machine's address to the initial host list. Note that the actual cookie must +not be stored on the command line or in an environment variable, to prevent +it from being publicly obtainable by the "ps" command. + +If a client presents an authorization name of "MIT-MAGIC-COOKIE-1" and +authorization data that matches the magic cookie, that client is allowed +access. If the name or data does not match and the host list is empty, +that client will be denied access. Otherwise, the existing host-based access +control will be used. Since any client that is making a connection from a +machine on the host list will be granted access even if their authorization +data is incorrect, sites are strongly urged not to set up any default hosts +using the /etc/X*.hosts files. Granting access to other machines should be +done by the user's session manager instead. + +Assuming the server is configured with an empty host list, the existence of the +cookie is sufficient to ensure there will be no unauthorized access to the +display. However, xdm will (continue to) work to minimize the chances of +spoofing on servers that do not support this authorization mechanism. This +will be done by grabbing the server and the keyboard after opening the display. +This action will be surrounded by a timer which will kill the server if the +grabs cannot be done within several seconds. [This level of security is now +implemented in patches already sent out.] + +After the user logs in, xdm will add authorization entries for each of the +server machine's network addresses to the user's authorization file (the format +of which is described below). This file will usually be named .Xauthority in +the users's home directory; will be owned by the user (as specified by the +pw_uid and pw_gid fields in the user's password entry), and will be accessible +only to the user (no group access). This file will contain authorization data +for all of the displays opened by the user. + +When the session terminates, xdm will generate and store a new magic cookie +for the server. Then, xdm will shutdown its own connection and send a +SIGHUP to the server process, which should cause the server to reset. The +server will then read in the new magic cookie. + +To support accesses (both read and write) from multiple machines (for use in +environments that use distributed file systems), file locking is done using +hard links. This is done by creat'ing (sic) a lock file and then linking it +to another name in the same directory. If the link-target already exists, +the link will fail, indicating failure to obtain the lock. Linking is used +instead of just creating the file read-only since link will fail even for +the superuser. + +Problems and Solutions + +There are a few problems with .Xauthority as described. If no home directory +exists, or if xdm cannot create a file there (disk full), xdm stores the +cookie in a file in a resource-specified back-up directory, and sets an +environment variable in the user's session (called XAUTHORITY) naming this +file. There is also the problem that the locking attempts will need to be +timed out, due to a leftover lock. Xdm, again, creates a file and set an +environment variable. Finally, the back-up directory might be full. Xdm, +as a last resort, provides a function key binding that allows a user to log +in without having the authorization data stored, and with host-based access +control disabled. + +Xlib + +XOpenDisplay in Xlib was enhanced to allow specification of authorization +information. As implied above, Xlib looks for the data in the +.Xauthority file of the home directory, or in the file pointed at by the +XAUTHORITY environment variable instead if that is defined. This required +no programmatic interface change to Xlib. In addition, a new Xlib routine +is provided to explicitly specify authorization. + + XSetAuthorization(name, namelen, data, datalen) + int namelen, datalen; + char *name, *data; + +There are three types of input: + + name NULL, data don't care - use default authorization mechanism. + name non-NULL, data NULL - use the named authorization; get + data from that mechanism's default. + name non-NULL, data non-NULL - use the given authorization and data. + +This interface is used by xdm and might also be used by any other +applications that wish to explicitly set the authorization information. + +Authorization File + +The .Xauthority file is a binary file consisting of a sequence of entries +in the following format: + + 2 bytes Family value (second byte is as in protocol HOST) + 2 bytes address length (always MSB first) + A bytes host address (as in protocol HOST) + 2 bytes display "number" length (always MSB first) + S bytes display "number" string + 2 bytes name length (always MSB first) + N bytes authorization name string + 2 bytes data length (always MSB first) + D bytes authorization data string + +The format is binary for easy processing, since authorization information +usually consists of arbitrary data. Host addresses are used instead of +names to eliminate potentially time-consuming name resolutions in +XOpenDisplay. Programs, such as xdm, that initialize the user's +authorization file will have to do the same work as the server in finding +addresses for all network interfaces. If more than one entry matches the +desired address, the entry that is chosen is implementation-dependent. In +our implementation, it is always the first in the file. + +The Family is specified in two bytes to allow out-of-band values +(i.e. values not in the Protocol) to be used. In particular, +two new values "FamilyLocal" and "FamilyWild" are defined. FamilyLocal +refers to any connections using a non-network method of connetion from the +local machine (Unix domain sockets, shared memory, loopback serial line). +In this case the host address is specified by the data returned from +gethostname() and better be unique in a collection of machines +which share NFS directories. FamilyWild is currently used only +by xdm to communicate authorization data to the server. It matches +any family/host address pair. + +For FamilyInternet, the host address is the 4 byte internet address, for +FamilyDecnet, the host address is the byte decnet address, for FamilyChaos +the address is also two bytes. + +The Display Number is the ascii representation of the display number +portion of the display name. It is in ascii to allow future expansion +to PseudoRoots or anything else that might happen. + +A utility called "xauth" will be provided for editing and viewing the +contents of authorization files. Note that the user's authorization file is +not the same as the server's magic cookie file. diff --git a/nx-X11/lib/Xau/Xauth.h b/nx-X11/lib/Xau/Xauth.h new file mode 100644 index 000000000..fa9c96bf8 --- /dev/null +++ b/nx-X11/lib/Xau/Xauth.h @@ -0,0 +1,162 @@ +/* $Xorg: Xauth.h,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ + +/* $XFree86: xc/lib/Xau/Xauth.h,v 1.5 2001/12/14 19:54:36 dawes Exp $ */ + +#ifndef _Xauth_h +#define _Xauth_h + +typedef struct xauth { + unsigned short family; + unsigned short address_length; + char *address; + unsigned short number_length; + char *number; + unsigned short name_length; + char *name; + unsigned short data_length; + char *data; +} Xauth; + +#ifndef _XAUTH_STRUCT_ONLY + +# include <X11/Xfuncproto.h> +# include <X11/Xfuncs.h> + +# include <stdio.h> + +# define FamilyLocal (256) /* not part of X standard (i.e. X.h) */ +# define FamilyWild (65535) +# define FamilyNetname (254) /* not part of X standard */ +# define FamilyKrb5Principal (253) /* Kerberos 5 principal name */ +# define FamilyLocalHost (252) /* for local non-net authentication */ + + +_XFUNCPROTOBEGIN + +char *XauFileName(void); + +Xauth *XauReadAuth( +FILE* /* auth_file */ +); + +int XauLockAuth( +_Xconst char* /* file_name */, +int /* retries */, +int /* timeout */, +long /* dead */ +); + +int XauUnlockAuth( +_Xconst char* /* file_name */ +); + +int XauWriteAuth( +FILE* /* auth_file */, +Xauth* /* auth */ +); + +Xauth *XauGetAuthByName( +_Xconst char* /* display_name */ +); + +Xauth *XauGetAuthByAddr( +#if NeedWidePrototypes +unsigned int /* family */, +unsigned int /* address_length */, +#else +unsigned short /* family */, +unsigned short /* address_length */, +#endif +_Xconst char* /* address */, +#if NeedWidePrototypes +unsigned int /* number_length */, +#else +unsigned short /* number_length */, +#endif +_Xconst char* /* number */, +#if NeedWidePrototypes +unsigned int /* name_length */, +#else +unsigned short /* name_length */, +#endif +_Xconst char* /* name */ +); + +Xauth *XauGetBestAuthByAddr( +#if NeedWidePrototypes +unsigned int /* family */, +unsigned int /* address_length */, +#else +unsigned short /* family */, +unsigned short /* address_length */, +#endif +_Xconst char* /* address */, +#if NeedWidePrototypes +unsigned int /* number_length */, +#else +unsigned short /* number_length */, +#endif +_Xconst char* /* number */, +int /* types_length */, +char** /* type_names */, +_Xconst int* /* type_lengths */ +); + +void XauDisposeAuth( +Xauth* /* auth */ +); + +#ifdef K5AUTH +#include <krb5/krb5.h> +/* 9/93: krb5.h leaks some symbols */ +#undef BITS32 +#undef xfree + +int XauKrb5Encode( + krb5_principal /* princ */, + krb5_data * /* outbuf */ +); + +int XauKrb5Decode( + krb5_data /* inbuf */, + krb5_principal * /* princ */ +); +#endif /* K5AUTH */ + +_XFUNCPROTOEND + +/* Return values from XauLockAuth */ + +# define LOCK_SUCCESS 0 /* lock succeeded */ +# define LOCK_ERROR 1 /* lock unexpectely failed, check errno */ +# define LOCK_TIMEOUT 2 /* lock failed, timeouts expired */ + +#endif /* _XAUTH_STRUCT_ONLY */ + +#endif /* _Xauth_h */ diff --git a/nx-X11/lib/Xau/k5encode.c b/nx-X11/lib/Xau/k5encode.c new file mode 100644 index 000000000..a3c6c09b1 --- /dev/null +++ b/nx-X11/lib/Xau/k5encode.c @@ -0,0 +1,186 @@ +/* $Xorg: k5encode.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1993, 1994, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ + +/* + * functions to encode/decode Kerberos V5 principals + * into something that can be reasonable spewed over + * the wire + * + * Author: Tom Yu <tlyu@MIT.EDU> + * + * Still needs to be fixed up wrt signed/unsigned lengths, but we'll worry + * about that later. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <krb5/krb5.h> +/* 9/93: krb5.h leaks some symbols */ +#undef BITS32 +#undef xfree + +#include <X11/X.h> +#include <X11/Xos.h> +#include <X11/Xmd.h> +#include <X11/Xfuncs.h> + +/* + * XauKrb5Encode + * + * this function encodes the principal passed to it in a format that can + * easily be dealt with by stuffing it into an X packet. Encoding is as + * follows: + * length count of the realm name + * realm + * component count + * length of component + * actual principal component + * etc.... + * + * Note that this function allocates a hunk of memory, which must be + * freed to avoid nasty memory leak type things. All counts are + * byte-swapped if needed. (except for the total length returned) + * + * nevermind.... stuffing the encoded packet in net byte order just to + * always do the right thing. Don't have to frob with alignment that way. + */ +int +XauKrb5Encode(princ, outbuf) + krb5_principal princ; /* principal to encode */ + krb5_data *outbuf; /* output buffer */ +{ + CARD16 i, numparts, totlen = 0, plen, rlen; + char *cp, *pdata; + + rlen = krb5_princ_realm(princ)->length; + numparts = krb5_princ_size(princ); + totlen = 2 + rlen + 2; /* include room for realm length + and component count */ + for (i = 0; i < numparts; i++) + totlen += krb5_princ_component(princ, i)->length + 2; + /* add 2 bytes each time for length */ + if ((outbuf->data = (char *)malloc(totlen)) == NULL) + return -1; + cp = outbuf->data; + *cp++ = (char)((int)(0xff00 & rlen) >> 8); + *cp++ = (char)(0x00ff & rlen); + memcpy(cp, krb5_princ_realm(princ)->data, rlen); + cp += rlen; + *cp++ = (char)((int)(0xff00 & numparts) >> 8); + *cp++ = (char)(0x00ff & numparts); + for (i = 0; i < numparts; i++) + { + plen = krb5_princ_component(princ, i)->length; + pdata = krb5_princ_component(princ, i)->data; + *cp++ = (char)((int)(0xff00 & plen) >> 8); + *cp++ = (char)(0x00ff & plen); + memcpy(cp, pdata, plen); + cp += plen; + } + outbuf->length = totlen; + return 0; +} + +/* + * XauKrb5Decode + * + * This function essentially reverses what XauKrb5Encode does. + * return value: 0 if okay, -1 if malloc fails, -2 if inbuf format bad + */ +int +XauKrb5Decode(inbuf, princ) + krb5_data inbuf; + krb5_principal *princ; +{ + CARD16 i, numparts, plen, rlen; + CARD8 *cp, *pdata; + + if (inbuf.length < 4) + { + return -2; + } + *princ = (krb5_principal)malloc(sizeof (krb5_principal_data)); + if (*princ == NULL) + return -1; + bzero(*princ, sizeof (krb5_principal_data)); + cp = (CARD8 *)inbuf.data; + rlen = *cp++ << 8; + rlen |= *cp++; + if (inbuf.length < 4 + (int)rlen + 2) + { + krb5_free_principal(*princ); + return -2; + } + krb5_princ_realm(*princ)->data = (char *)malloc(rlen); + if (krb5_princ_realm(*princ)->data == NULL) + { + krb5_free_principal(*princ); + return -1; + } + krb5_princ_realm(*princ)->length = rlen; + memcpy(krb5_princ_realm(*princ)->data, cp, rlen); + cp += rlen; + numparts = *cp++ << 8; + numparts |= *cp++; + krb5_princ_name(*princ) = + (krb5_data *)malloc(numparts * sizeof (krb5_data)); + if (krb5_princ_name(*princ) == NULL) + { + krb5_free_principal(*princ); + return -1; + } + krb5_princ_size(*princ) = 0; + for (i = 0; i < numparts; i++) + { + if (cp + 2 > (CARD8 *)inbuf.data + inbuf.length) + { + krb5_free_principal(*princ); + return -2; + } + plen = *cp++ << 8; + plen |= *cp++; + if (cp + plen > (CARD8 *)inbuf.data + inbuf.length) + { + krb5_free_principal(*princ); + return -2; + } + pdata = (CARD8 *)malloc(plen); + if (pdata == NULL) + { + krb5_free_principal(*princ); + return -1; + } + krb5_princ_component(*princ, i)->data = (char *)pdata; + krb5_princ_component(*princ, i)->length = plen; + memcpy(pdata, cp, plen); + cp += plen; + krb5_princ_size(*princ)++; + } + return 0; +} |