aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/lib
diff options
context:
space:
mode:
Diffstat (limited to 'nx-X11/lib')
-rw-r--r--nx-X11/lib/Imakefile5
-rw-r--r--nx-X11/lib/X11/AuDispose.c (renamed from nx-X11/lib/Xau/AuDispose.c)0
-rw-r--r--nx-X11/lib/X11/AuFileName.c (renamed from nx-X11/lib/Xau/AuFileName.c)0
-rw-r--r--nx-X11/lib/X11/AuGetBest.c (renamed from nx-X11/lib/Xau/AuGetBest.c)2
-rw-r--r--nx-X11/lib/X11/AuRead.c (renamed from nx-X11/lib/Xau/AuRead.c)0
-rw-r--r--nx-X11/lib/X11/Imakefile9
-rw-r--r--nx-X11/lib/Xau/AuGetAddr.c112
-rw-r--r--nx-X11/lib/Xau/AuLock.c106
-rw-r--r--nx-X11/lib/Xau/AuUnlock.c62
-rw-r--r--nx-X11/lib/Xau/AuWrite.c73
-rw-r--r--nx-X11/lib/Xau/Autest.c71
-rw-r--r--nx-X11/lib/Xau/Imakefile49
-rw-r--r--nx-X11/lib/Xau/README184
-rw-r--r--nx-X11/lib/Xau/Xauth.h162
-rw-r--r--nx-X11/lib/Xau/k5encode.c186
15 files changed, 1 insertions, 1020 deletions
diff --git a/nx-X11/lib/Imakefile b/nx-X11/lib/Imakefile
index 20a18dab1..4cf8bf08e 100644
--- a/nx-X11/lib/Imakefile
+++ b/nx-X11/lib/Imakefile
@@ -15,10 +15,6 @@ NULL =
XKBLIBDIR = xkbfile
#endif
-#if BuildXauLib
-XAULIBDIR = Xau
-#endif
-
#if BuildX11Lib
X11LIBDIR = X11
#endif
@@ -29,7 +25,6 @@ XEXTLIBDIR = Xext
LINTSUBDIRS = \
- $(XAULIBDIR) \
$(X11LIBDIR) \
$(XEXTLIBDIR) \
$(XKBLIBDIR) \
diff --git a/nx-X11/lib/Xau/AuDispose.c b/nx-X11/lib/X11/AuDispose.c
index dc2080f40..dc2080f40 100644
--- a/nx-X11/lib/Xau/AuDispose.c
+++ b/nx-X11/lib/X11/AuDispose.c
diff --git a/nx-X11/lib/Xau/AuFileName.c b/nx-X11/lib/X11/AuFileName.c
index 6ab0138b8..6ab0138b8 100644
--- a/nx-X11/lib/Xau/AuFileName.c
+++ b/nx-X11/lib/X11/AuFileName.c
diff --git a/nx-X11/lib/Xau/AuGetBest.c b/nx-X11/lib/X11/AuGetBest.c
index eb27f24c1..03d49ac80 100644
--- a/nx-X11/lib/Xau/AuGetBest.c
+++ b/nx-X11/lib/X11/AuGetBest.c
@@ -132,7 +132,7 @@ XauGetBestAuthByAddr (
if ((family == FamilyWild || entry->family == FamilyWild ||
(entry->family == family &&
((address_length == entry->address_length &&
- binaryEqual (entry->address, address, (int)address_length))
+ binaryEqual (entry->address, address, (int)address_length))
#ifdef hpux
|| (family == FamilyLocal &&
fully_qual_address_length == entry->address_length &&
diff --git a/nx-X11/lib/Xau/AuRead.c b/nx-X11/lib/X11/AuRead.c
index 2e2509633..2e2509633 100644
--- a/nx-X11/lib/Xau/AuRead.c
+++ b/nx-X11/lib/X11/AuRead.c
diff --git a/nx-X11/lib/X11/Imakefile b/nx-X11/lib/X11/Imakefile
index 1ba1e4818..8be1b592d 100644
--- a/nx-X11/lib/X11/Imakefile
+++ b/nx-X11/lib/X11/Imakefile
@@ -1104,15 +1104,6 @@ InstallNonExecFile(XErrorDB,$(LIBDIR))
InstallNonExecFile(XKeysymDB,$(LIBDIR))
InstallLintLibrary(X11,$(LINTLIBDIR))
-
-LinkSourceFile(AuDispose.c,$(XAUTHSRC))
-LinkSourceFile(AuGetBest.c,$(XAUTHSRC))
-LinkSourceFile(AuFileName.c,$(XAUTHSRC))
-LinkSourceFile(AuRead.c,$(XAUTHSRC))
-#if HasKrb5
-LinkSourceFile(k5encode.c,$(XAUTHSRC))
-#endif
-
#ifdef QNX4Architecture
LOCAL_LDFLAGS=-F
#endif
diff --git a/nx-X11/lib/Xau/AuGetAddr.c b/nx-X11/lib/Xau/AuGetAddr.c
deleted file mode 100644
index d68ceadc2..000000000
--- a/nx-X11/lib/Xau/AuGetAddr.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $Xorg: AuGetAddr.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-/* $XFree86: xc/lib/Xau/AuGetAddr.c,v 1.5 2001/12/14 19:54:36 dawes Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <nx-X11/Xauth.h>
-#include <nx-X11/Xos.h>
-
-static int
-binaryEqual (_Xconst char *a, _Xconst char *b, int len)
-{
- while (len--)
- if (*a++ != *b++)
- return 0;
- return 1;
-}
-
-Xauth *
-XauGetAuthByAddr (
-#if NeedWidePrototypes
-unsigned int family,
-unsigned int address_length,
-#else
-unsigned short family,
-unsigned short address_length,
-#endif
-_Xconst char* address,
-#if NeedWidePrototypes
-unsigned int number_length,
-#else
-unsigned short number_length,
-#endif
-_Xconst char* number,
-#if NeedWidePrototypes
-unsigned int name_length,
-#else
-unsigned short name_length,
-#endif
-_Xconst char* name)
-{
- FILE *auth_file;
- char *auth_name;
- Xauth *entry;
-
- auth_name = XauFileName ();
- if (!auth_name)
- return 0;
- if (access (auth_name, R_OK) != 0) /* checks REAL id */
- return 0;
- auth_file = fopen (auth_name, "rb");
- if (!auth_file)
- return 0;
- for (;;) {
- entry = XauReadAuth (auth_file);
- if (!entry)
- break;
- /*
- * Match when:
- * either family or entry->family are FamilyWild or
- * family and entry->family are the same and
- * address and entry->address are the same
- * and
- * either number or entry->number are empty or
- * number and entry->number are the same
- * and
- * either name or entry->name are empty or
- * name and entry->name are the same
- */
-
- if ((family == FamilyWild || entry->family == FamilyWild ||
- (entry->family == family &&
- address_length == entry->address_length &&
- binaryEqual (entry->address, address, (int)address_length))) &&
- (number_length == 0 || entry->number_length == 0 ||
- (number_length == entry->number_length &&
- binaryEqual (entry->number, number, (int)number_length))) &&
- (name_length == 0 || entry->name_length == 0 ||
- (entry->name_length == name_length &&
- binaryEqual (entry->name, name, (int)name_length))))
- break;
- XauDisposeAuth (entry);
- }
- (void) fclose (auth_file);
- return entry;
-}
diff --git a/nx-X11/lib/Xau/AuLock.c b/nx-X11/lib/Xau/AuLock.c
deleted file mode 100644
index 1813dc368..000000000
--- a/nx-X11/lib/Xau/AuLock.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $Xorg: AuLock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-/* $XFree86: xc/lib/Xau/AuLock.c,v 3.6 2002/05/31 18:45:43 dawes Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <nx-X11/Xauth.h>
-#include <nx-X11/Xos.h>
-#include <sys/stat.h>
-#include <errno.h>
-#include <time.h>
-#define Time_t time_t
-#ifndef X_NOT_POSIX
-#include <unistd.h>
-#else
-#ifndef WIN32
-extern unsigned sleep ();
-#else
-#include <nx-X11/Xwindows.h>
-#define link rename
-#endif
-#endif
-#ifdef __UNIXOS2__
-#define link rename
-#endif
-
-int
-XauLockAuth (
-_Xconst char *file_name,
-int retries,
-int timeout,
-long dead)
-{
- char creat_name[1025], link_name[1025];
- struct stat statb;
- Time_t now;
- int creat_fd = -1;
-
- if (strlen (file_name) > 1022)
- return LOCK_ERROR;
- (void) strcpy (creat_name, file_name);
- (void) strcat (creat_name, "-c");
- (void) strcpy (link_name, file_name);
- (void) strcat (link_name, "-l");
- if (stat (creat_name, &statb) != -1) {
- now = time ((Time_t *) 0);
- /*
- * NFS may cause ctime to be before now, special
- * case a 0 deadtime to force lock removal
- */
- if (dead == 0 || now - statb.st_ctime > dead) {
- (void) unlink (creat_name);
- (void) unlink (link_name);
- }
- }
-
- while (retries > 0) {
- if (creat_fd == -1) {
- creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
- if (creat_fd == -1) {
- if (errno != EACCES)
- return LOCK_ERROR;
- } else
- (void) close (creat_fd);
- }
- if (creat_fd != -1) {
- if (link (creat_name, link_name) != -1)
- return LOCK_SUCCESS;
- if (errno == ENOENT) {
- creat_fd = -1; /* force re-creat next time around */
- continue;
- }
- if (errno != EEXIST)
- return LOCK_ERROR;
- }
- (void) sleep ((unsigned) timeout);
- --retries;
- }
- return LOCK_TIMEOUT;
-}
diff --git a/nx-X11/lib/Xau/AuUnlock.c b/nx-X11/lib/Xau/AuUnlock.c
deleted file mode 100644
index e40042104..000000000
--- a/nx-X11/lib/Xau/AuUnlock.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* $Xorg: AuUnlock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-/* $XFree86: xc/lib/Xau/AuUnlock.c,v 1.4 2001/12/14 19:54:36 dawes Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <nx-X11/Xauth.h>
-#include <nx-X11/Xos.h>
-
-int
-XauUnlockAuth (
-_Xconst char *file_name)
-{
-#ifndef WIN32
- char creat_name[1025];
-#endif
- char link_name[1025];
-
- if (strlen (file_name) > 1022)
- return 0;
-#ifndef WIN32
- (void) strcpy (creat_name, file_name);
- (void) strcat (creat_name, "-c");
-#endif
- (void) strcpy (link_name, file_name);
- (void) strcat (link_name, "-l");
- /*
- * I think this is the correct order
- */
-#ifndef WIN32
- (void) unlink (creat_name);
-#endif
- (void) unlink (link_name);
-
- return 1;
-}
diff --git a/nx-X11/lib/Xau/AuWrite.c b/nx-X11/lib/Xau/AuWrite.c
deleted file mode 100644
index 5a9b44eb2..000000000
--- a/nx-X11/lib/Xau/AuWrite.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* $Xorg: AuWrite.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-/* $XFree86: xc/lib/Xau/AuWrite.c,v 1.3 2001/01/17 19:42:24 dawes Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <nx-X11/Xauth.h>
-
-static int
-write_short (unsigned short s, FILE *file)
-{
- unsigned char file_short[2];
-
- file_short[0] = (s & (unsigned)0xff00) >> 8;
- file_short[1] = s & 0xff;
- if (fwrite ((char *) file_short, (int) sizeof (file_short), 1, file) != 1)
- return 0;
- return 1;
-}
-
-static int
-write_counted_string (unsigned short count, char *string, FILE *file)
-{
- if (write_short (count, file) == 0)
- return 0;
- if (fwrite (string, (int) sizeof (char), (int) count, file) != count)
- return 0;
- return 1;
-}
-
-int
-XauWriteAuth (auth_file, auth)
-FILE *auth_file;
-Xauth *auth;
-{
- if (write_short (auth->family, auth_file) == 0)
- return 0;
- if (write_counted_string (auth->address_length, auth->address, auth_file) == 0)
- return 0;
- if (write_counted_string (auth->number_length, auth->number, auth_file) == 0)
- return 0;
- if (write_counted_string (auth->name_length, auth->name, auth_file) == 0)
- return 0;
- if (write_counted_string (auth->data_length, auth->data, auth_file) == 0)
- return 0;
- return 1;
-}
diff --git a/nx-X11/lib/Xau/Autest.c b/nx-X11/lib/Xau/Autest.c
deleted file mode 100644
index 2352cf170..000000000
--- a/nx-X11/lib/Xau/Autest.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* $Xorg: Autest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <nx-X11/Xauth.h>
-
-main (argc, argv)
-char **argv;
-{
- Xauth test_data;
- char *name, *data, *file;
- int state = 0;
- FILE *output;
-
- while (*++argv) {
- if (!strcmp (*argv, "-file"))
- file = *++argv;
- else if (state == 0) {
- name = *argv;
- ++state;
- } else if (state == 1) {
- data = *argv;
- ++state;
- }
- }
- if(!file) {
- fprintf (stderr, "No file\n");
- exit (1);
- }
- test_data.family = 0;
- test_data.address_length = 0;
- test_data.address = "";
- test_data.number_length = 0;
- test_data.number = "";
- test_data.name_length = strlen (name);
- test_data.name = name;
- test_data.data_length = strlen (data);
- test_data.data = data;
- output = fopen (file, "w");
- if (output) {
- XauWriteAuth (output, &test_data);
- fclose (output);
- }
-}
diff --git a/nx-X11/lib/Xau/Imakefile b/nx-X11/lib/Xau/Imakefile
deleted file mode 100644
index df80d28d4..000000000
--- a/nx-X11/lib/Xau/Imakefile
+++ /dev/null
@@ -1,49 +0,0 @@
-XCOMM $Xorg: Imakefile,v 1.3 2000/08/17 19:45:29 cpqbld Exp $
-XCOMM $XdotOrg: xc/lib/Xau/Imakefile,v 1.4 2005/09/22 23:54:18 alanc Exp $
-
-
-
-XCOMM $XFree86: xc/lib/Xau/Imakefile,v 3.5 1999/04/17 09:08:11 dawes Exp $
-
-#define DoNormalLib NormalLibXau
-#define DoSharedLib SharedLibXau
-#define DoExtraLib SharedLibXau
-#define DoDebugLib DebugLibXau
-#define DoProfileLib ProfileLibXau
-#define LibName NX_Xau
-#define SoRev SOXAUTHREV
-#define IncSubdir nx-X11
-
-#include <Threads.tmpl>
-
-#ifdef SharedXauReqs
-REQUIREDLIBS = SharedXauReqs
-#endif
-
- LINTLIBS = $(LINTXLIB)
-
-#if HasKrb5
-K5ENCSRC = k5encode.c
-K5ENCOBJ = k5encode.o
-INCLUDES = Krb5Includes
-#else
-K5ENCSRC =
-K5ENCOBJ =
-INCLUDES =
-#endif
-
-HEADERS = \
- Xauth.h
-
-SRCS = AuDispose.c AuFileName.c AuGetAddr.c AuGetBest.c AuLock.c \
- AuRead.c AuUnlock.c AuWrite.c $(K5ENCSRC)
-
-OBJS = AuDispose.o AuFileName.o AuGetAddr.o AuGetBest.o AuLock.o \
- AuRead.o AuUnlock.o AuWrite.o $(K5ENCOBJ)
-
-#define IncludeSharedObjectInNormalLib
-#define UnsharedLibObjCompile(options) LibObjCompile(unshared,$(CDEBUGFLAGS) $(CLIBDEBUGFLAGS) options $(PICFLAGS))
-
-#include <Library.tmpl>
-
-DependTarget()
diff --git a/nx-X11/lib/Xau/README b/nx-X11/lib/Xau/README
deleted file mode 100644
index 404eef079..000000000
--- a/nx-X11/lib/Xau/README
+++ /dev/null
@@ -1,184 +0,0 @@
-
-
- A Sample Authorization Protocol for X
-
-
-Overview
-
-The following note describes a very simple mechanism for providing individual
-access to an X Window System display. It uses existing core protocol and
-library hooks for specifying authorization data in the connection setup block
-to restrict use of the display to only those clients that show that they
-know a server-specific key called a "magic cookie". This mechanism is *not*
-being proposed as an addition to the Xlib standard; among other reasons, a
-protocol extension is needed to support more flexible mechanisms. We have
-implemented this mechanism already; if you have comments, please send them
-to us.
-
-This scheme involves changes to the following parts of the sample release:
-
- o xdm
- - generate random magic cookie and store in protected file
- - pass name of magic cookie file to server
- - when user logs in, add magic cookie to user's auth file
- - when user logs out, generate a new cookie for server
-
- o server
- - a new command line option to specify cookie file
- - check client authorization data against magic cookie
- - read in cookie whenever the server resets
- - do not add local machine to host list if magic cookie given
-
- o Xlib
- - read in authorization data from file
- - find data for appropriate server
- - send authorization data if found
-
- o xauth [new program to manage user auth file]
- - add entries to user's auth file
- - remove entries from user's auth file
-
-This mechanism assumes that the superuser and the transport layer between
-the client and the server is secure. Organizations that desire stricter
-security are encouraged to look at systems such as Kerberos (at Project
-Athena).
-
-
-Description
-
-The sample implementation will use the xdm Display Manager to set up and
-control the server's authorization file. Sites that do not run xdm will
-need to build their own mechanisms.
-
-Xdm uses a random key (seeded by the system time and check sum of /dev/kmem)
-to generate a unique sequence of characters at 16 bytes long. This sequence
-will be written to a file which is made readable only by the server. The
-server will then be started with a command line option instructing it to use
-the contents of the file as the magic cookie for connections that include
-authorization data. This will also disable the server from adding the local
-machine's address to the initial host list. Note that the actual cookie must
-not be stored on the command line or in an environment variable, to prevent
-it from being publicly obtainable by the "ps" command.
-
-If a client presents an authorization name of "MIT-MAGIC-COOKIE-1" and
-authorization data that matches the magic cookie, that client is allowed
-access. If the name or data does not match and the host list is empty,
-that client will be denied access. Otherwise, the existing host-based access
-control will be used. Since any client that is making a connection from a
-machine on the host list will be granted access even if their authorization
-data is incorrect, sites are strongly urged not to set up any default hosts
-using the /etc/X*.hosts files. Granting access to other machines should be
-done by the user's session manager instead.
-
-Assuming the server is configured with an empty host list, the existence of the
-cookie is sufficient to ensure there will be no unauthorized access to the
-display. However, xdm will (continue to) work to minimize the chances of
-spoofing on servers that do not support this authorization mechanism. This
-will be done by grabbing the server and the keyboard after opening the display.
-This action will be surrounded by a timer which will kill the server if the
-grabs cannot be done within several seconds. [This level of security is now
-implemented in patches already sent out.]
-
-After the user logs in, xdm will add authorization entries for each of the
-server machine's network addresses to the user's authorization file (the format
-of which is described below). This file will usually be named .Xauthority in
-the users's home directory; will be owned by the user (as specified by the
-pw_uid and pw_gid fields in the user's password entry), and will be accessible
-only to the user (no group access). This file will contain authorization data
-for all of the displays opened by the user.
-
-When the session terminates, xdm will generate and store a new magic cookie
-for the server. Then, xdm will shutdown its own connection and send a
-SIGHUP to the server process, which should cause the server to reset. The
-server will then read in the new magic cookie.
-
-To support accesses (both read and write) from multiple machines (for use in
-environments that use distributed file systems), file locking is done using
-hard links. This is done by creat'ing (sic) a lock file and then linking it
-to another name in the same directory. If the link-target already exists,
-the link will fail, indicating failure to obtain the lock. Linking is used
-instead of just creating the file read-only since link will fail even for
-the superuser.
-
-Problems and Solutions
-
-There are a few problems with .Xauthority as described. If no home directory
-exists, or if xdm cannot create a file there (disk full), xdm stores the
-cookie in a file in a resource-specified back-up directory, and sets an
-environment variable in the user's session (called XAUTHORITY) naming this
-file. There is also the problem that the locking attempts will need to be
-timed out, due to a leftover lock. Xdm, again, creates a file and set an
-environment variable. Finally, the back-up directory might be full. Xdm,
-as a last resort, provides a function key binding that allows a user to log
-in without having the authorization data stored, and with host-based access
-control disabled.
-
-Xlib
-
-XOpenDisplay in Xlib was enhanced to allow specification of authorization
-information. As implied above, Xlib looks for the data in the
-.Xauthority file of the home directory, or in the file pointed at by the
-XAUTHORITY environment variable instead if that is defined. This required
-no programmatic interface change to Xlib. In addition, a new Xlib routine
-is provided to explicitly specify authorization.
-
- XSetAuthorization(name, namelen, data, datalen)
- int namelen, datalen;
- char *name, *data;
-
-There are three types of input:
-
- name NULL, data don't care - use default authorization mechanism.
- name non-NULL, data NULL - use the named authorization; get
- data from that mechanism's default.
- name non-NULL, data non-NULL - use the given authorization and data.
-
-This interface is used by xdm and might also be used by any other
-applications that wish to explicitly set the authorization information.
-
-Authorization File
-
-The .Xauthority file is a binary file consisting of a sequence of entries
-in the following format:
-
- 2 bytes Family value (second byte is as in protocol HOST)
- 2 bytes address length (always MSB first)
- A bytes host address (as in protocol HOST)
- 2 bytes display "number" length (always MSB first)
- S bytes display "number" string
- 2 bytes name length (always MSB first)
- N bytes authorization name string
- 2 bytes data length (always MSB first)
- D bytes authorization data string
-
-The format is binary for easy processing, since authorization information
-usually consists of arbitrary data. Host addresses are used instead of
-names to eliminate potentially time-consuming name resolutions in
-XOpenDisplay. Programs, such as xdm, that initialize the user's
-authorization file will have to do the same work as the server in finding
-addresses for all network interfaces. If more than one entry matches the
-desired address, the entry that is chosen is implementation-dependent. In
-our implementation, it is always the first in the file.
-
-The Family is specified in two bytes to allow out-of-band values
-(i.e. values not in the Protocol) to be used. In particular,
-two new values "FamilyLocal" and "FamilyWild" are defined. FamilyLocal
-refers to any connections using a non-network method of connetion from the
-local machine (Unix domain sockets, shared memory, loopback serial line).
-In this case the host address is specified by the data returned from
-gethostname() and better be unique in a collection of machines
-which share NFS directories. FamilyWild is currently used only
-by xdm to communicate authorization data to the server. It matches
-any family/host address pair.
-
-For FamilyInternet, the host address is the 4 byte internet address, for
-FamilyDecnet, the host address is the byte decnet address, for FamilyChaos
-the address is also two bytes.
-
-The Display Number is the ascii representation of the display number
-portion of the display name. It is in ascii to allow future expansion
-to PseudoRoots or anything else that might happen.
-
-A utility called "xauth" will be provided for editing and viewing the
-contents of authorization files. Note that the user's authorization file is
-not the same as the server's magic cookie file.
diff --git a/nx-X11/lib/Xau/Xauth.h b/nx-X11/lib/Xau/Xauth.h
deleted file mode 100644
index 7ac8bf77b..000000000
--- a/nx-X11/lib/Xau/Xauth.h
+++ /dev/null
@@ -1,162 +0,0 @@
-/* $Xorg: Xauth.h,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-
-/* $XFree86: xc/lib/Xau/Xauth.h,v 1.5 2001/12/14 19:54:36 dawes Exp $ */
-
-#ifndef _Xauth_h
-#define _Xauth_h
-
-typedef struct xauth {
- unsigned short family;
- unsigned short address_length;
- char *address;
- unsigned short number_length;
- char *number;
- unsigned short name_length;
- char *name;
- unsigned short data_length;
- char *data;
-} Xauth;
-
-#ifndef _XAUTH_STRUCT_ONLY
-
-# include <nx-X11/Xfuncproto.h>
-# include <nx-X11/Xfuncs.h>
-
-# include <stdio.h>
-
-# define FamilyLocal (256) /* not part of X standard (i.e. X.h) */
-# define FamilyWild (65535)
-# define FamilyNetname (254) /* not part of X standard */
-# define FamilyKrb5Principal (253) /* Kerberos 5 principal name */
-# define FamilyLocalHost (252) /* for local non-net authentication */
-
-
-_XFUNCPROTOBEGIN
-
-char *XauFileName(void);
-
-Xauth *XauReadAuth(
-FILE* /* auth_file */
-);
-
-int XauLockAuth(
-_Xconst char* /* file_name */,
-int /* retries */,
-int /* timeout */,
-long /* dead */
-);
-
-int XauUnlockAuth(
-_Xconst char* /* file_name */
-);
-
-int XauWriteAuth(
-FILE* /* auth_file */,
-Xauth* /* auth */
-);
-
-Xauth *XauGetAuthByName(
-_Xconst char* /* display_name */
-);
-
-Xauth *XauGetAuthByAddr(
-#if NeedWidePrototypes
-unsigned int /* family */,
-unsigned int /* address_length */,
-#else
-unsigned short /* family */,
-unsigned short /* address_length */,
-#endif
-_Xconst char* /* address */,
-#if NeedWidePrototypes
-unsigned int /* number_length */,
-#else
-unsigned short /* number_length */,
-#endif
-_Xconst char* /* number */,
-#if NeedWidePrototypes
-unsigned int /* name_length */,
-#else
-unsigned short /* name_length */,
-#endif
-_Xconst char* /* name */
-);
-
-Xauth *XauGetBestAuthByAddr(
-#if NeedWidePrototypes
-unsigned int /* family */,
-unsigned int /* address_length */,
-#else
-unsigned short /* family */,
-unsigned short /* address_length */,
-#endif
-_Xconst char* /* address */,
-#if NeedWidePrototypes
-unsigned int /* number_length */,
-#else
-unsigned short /* number_length */,
-#endif
-_Xconst char* /* number */,
-int /* types_length */,
-char** /* type_names */,
-_Xconst int* /* type_lengths */
-);
-
-void XauDisposeAuth(
-Xauth* /* auth */
-);
-
-#ifdef K5AUTH
-#include <krb5/krb5.h>
-/* 9/93: krb5.h leaks some symbols */
-#undef BITS32
-#undef xfree
-
-int XauKrb5Encode(
- krb5_principal /* princ */,
- krb5_data * /* outbuf */
-);
-
-int XauKrb5Decode(
- krb5_data /* inbuf */,
- krb5_principal * /* princ */
-);
-#endif /* K5AUTH */
-
-_XFUNCPROTOEND
-
-/* Return values from XauLockAuth */
-
-# define LOCK_SUCCESS 0 /* lock succeeded */
-# define LOCK_ERROR 1 /* lock unexpectely failed, check errno */
-# define LOCK_TIMEOUT 2 /* lock failed, timeouts expired */
-
-#endif /* _XAUTH_STRUCT_ONLY */
-
-#endif /* _Xauth_h */
diff --git a/nx-X11/lib/Xau/k5encode.c b/nx-X11/lib/Xau/k5encode.c
deleted file mode 100644
index c71222e1c..000000000
--- a/nx-X11/lib/Xau/k5encode.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* $Xorg: k5encode.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1993, 1994, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-
-/*
- * functions to encode/decode Kerberos V5 principals
- * into something that can be reasonable spewed over
- * the wire
- *
- * Author: Tom Yu <tlyu@MIT.EDU>
- *
- * Still needs to be fixed up wrt signed/unsigned lengths, but we'll worry
- * about that later.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <krb5/krb5.h>
-/* 9/93: krb5.h leaks some symbols */
-#undef BITS32
-#undef xfree
-
-#include <nx-X11/X.h>
-#include <nx-X11/Xos.h>
-#include <nx-X11/Xmd.h>
-#include <nx-X11/Xfuncs.h>
-
-/*
- * XauKrb5Encode
- *
- * this function encodes the principal passed to it in a format that can
- * easily be dealt with by stuffing it into an X packet. Encoding is as
- * follows:
- * length count of the realm name
- * realm
- * component count
- * length of component
- * actual principal component
- * etc....
- *
- * Note that this function allocates a hunk of memory, which must be
- * freed to avoid nasty memory leak type things. All counts are
- * byte-swapped if needed. (except for the total length returned)
- *
- * nevermind.... stuffing the encoded packet in net byte order just to
- * always do the right thing. Don't have to frob with alignment that way.
- */
-int
-XauKrb5Encode(princ, outbuf)
- krb5_principal princ; /* principal to encode */
- krb5_data *outbuf; /* output buffer */
-{
- CARD16 i, numparts, totlen = 0, plen, rlen;
- char *cp, *pdata;
-
- rlen = krb5_princ_realm(princ)->length;
- numparts = krb5_princ_size(princ);
- totlen = 2 + rlen + 2; /* include room for realm length
- and component count */
- for (i = 0; i < numparts; i++)
- totlen += krb5_princ_component(princ, i)->length + 2;
- /* add 2 bytes each time for length */
- if ((outbuf->data = (char *)malloc(totlen)) == NULL)
- return -1;
- cp = outbuf->data;
- *cp++ = (char)((int)(0xff00 & rlen) >> 8);
- *cp++ = (char)(0x00ff & rlen);
- memcpy(cp, krb5_princ_realm(princ)->data, rlen);
- cp += rlen;
- *cp++ = (char)((int)(0xff00 & numparts) >> 8);
- *cp++ = (char)(0x00ff & numparts);
- for (i = 0; i < numparts; i++)
- {
- plen = krb5_princ_component(princ, i)->length;
- pdata = krb5_princ_component(princ, i)->data;
- *cp++ = (char)((int)(0xff00 & plen) >> 8);
- *cp++ = (char)(0x00ff & plen);
- memcpy(cp, pdata, plen);
- cp += plen;
- }
- outbuf->length = totlen;
- return 0;
-}
-
-/*
- * XauKrb5Decode
- *
- * This function essentially reverses what XauKrb5Encode does.
- * return value: 0 if okay, -1 if malloc fails, -2 if inbuf format bad
- */
-int
-XauKrb5Decode(inbuf, princ)
- krb5_data inbuf;
- krb5_principal *princ;
-{
- CARD16 i, numparts, plen, rlen;
- CARD8 *cp, *pdata;
-
- if (inbuf.length < 4)
- {
- return -2;
- }
- *princ = (krb5_principal)malloc(sizeof (krb5_principal_data));
- if (*princ == NULL)
- return -1;
- bzero(*princ, sizeof (krb5_principal_data));
- cp = (CARD8 *)inbuf.data;
- rlen = *cp++ << 8;
- rlen |= *cp++;
- if (inbuf.length < 4 + (int)rlen + 2)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- krb5_princ_realm(*princ)->data = (char *)malloc(rlen);
- if (krb5_princ_realm(*princ)->data == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_realm(*princ)->length = rlen;
- memcpy(krb5_princ_realm(*princ)->data, cp, rlen);
- cp += rlen;
- numparts = *cp++ << 8;
- numparts |= *cp++;
- krb5_princ_name(*princ) =
- (krb5_data *)malloc(numparts * sizeof (krb5_data));
- if (krb5_princ_name(*princ) == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_size(*princ) = 0;
- for (i = 0; i < numparts; i++)
- {
- if (cp + 2 > (CARD8 *)inbuf.data + inbuf.length)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- plen = *cp++ << 8;
- plen |= *cp++;
- if (cp + plen > (CARD8 *)inbuf.data + inbuf.length)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- pdata = (CARD8 *)malloc(plen);
- if (pdata == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_component(*princ, i)->data = (char *)pdata;
- krb5_princ_component(*princ, i)->length = plen;
- memcpy(pdata, cp, plen);
- cp += plen;
- krb5_princ_size(*princ)++;
- }
- return 0;
-}