aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/programs/Xserver/os/access.c
Commit message (Collapse)AuthorAgeFilesLines
* os/access.c: unifdef WINTCPUlrich Sibiller2024-05-111-145/+0
|
* xserver doesn't stop all connections to localhostUlrich Sibiller2024-05-111-8/+5
| | | | | | | | | | | | | | | | | | Backport of the following commit + manual fix at some other locations. commit 75b9383d8a4c113ab3c6cfc1d5efcb5d9982a1bf Author: Jesse Adkins <jesserayadkins@gmail.com> Date: Tue Aug 18 21:13:40 2009 -0700 xserver doesn't stop all connections to localhost X.Org Bugzilla #23329: http://bugs.freedesktop.org/show_bug.cgi?id=23329 Patch #28648: http://bugs.freedesktop.org/attachment.cgi?id=28648 I noticed in xserver at os/access.c that xorg tries to stop connections to localhost by checking against the address 127.0.0.1. However, RFC 3330 defines the localhost network as 127.0.0.0/8. This means that any IPv4 address that starts with 127 is just another name for localhos
* os: unifdef WIN32Ulrich Sibiller2020-01-061-19/+0
|
* os: unifdef __SCO__Ulrich Sibiller2020-01-061-8/+4
|
* os: unifdef ISCUlrich Sibiller2020-01-061-31/+4
|
* os/access.c: add missing }Ulrich Sibiller2019-06-221-0/+1
|
* dix: Pull client-is-local flag up to the ClientRecAdam Jackson2017-03-211-8/+1
| | | | | | | | | | | | | | | Backported from X.org commit ff8e3ad8074cd2c8bed49b39c40c2b4892118270 Author: Adam Jackson <ajax@redhat.com> Date: Thu Sep 20 13:16:59 2012 -0400 dix: Pull client-is-local flag up to the ClientRec Reviewed-by: Daniel Stone <daniel@fooishbar.org> Signed-off-by: Adam Jackson <ajax@redhat.com> Backported-to-NX-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* os: always check if client is local when connection is acceptedPauli Nieminen2017-03-211-3/+14
| | | | | | | | | | | | | | | | | | | Backported from X.org: commit 2d67ada3c4079a11c52024a9c3d4138becca5171 Author: Pauli Nieminen <ext-pauli.nieminen@nokia.com> Date: Thu Dec 30 19:19:43 2010 +0200 os: always check if client is local when connection is accepted LocalClient is used for all DRI2 requests that makes it frequently called function. Querying if connection is local or not takes 10-15us (on ARM) depending on malloc speed. Signed-off-by: Pauli Nieminen <ext-pauli.nieminen@nokia.com> Reviewed-by: Daniel Stone <daniel@fooishbar.org> Backported-to-NX-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* os: Fix a memory leakPauli Nieminen2017-03-211-4/+6
| | | | | | | | | | | | | | | | Backported from X.org (+ coding style fixes in other free() calls): commit 617b7d22115ccaaaa7ec69c99885054d33a3bc37 Author: Pauli Nieminen <ext-pauli.nieminen@nokia.com> Date: Thu Dec 30 19:19:42 2010 +0200 os: Fix a memory leak Signed-off-by: Pauli Nieminen <ext-pauli.nieminen@nokia.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Daniel Stone <daniel@fooishbar.org> Backported-to-NX-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* Rework local client id finding code to be more uniformAlan Coopersmith2017-03-211-62/+99
| | | | | | | | | | | | | | | | | | | | | Backport of X.org commit: commit 2d93e69690d2c5d4a89a795ede6423796528e5df Author: Alan Coopersmith <alan.coopersmith@sun.com> Date: Thu Sep 27 16:47:06 2007 -0700 Rework local client id finding code to be more uniform Backported-to-NX-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Note: This commit also switches client_uid_string's size from 32 to 64 chars, as found in this X.org commit (spotted by Mihai Moldovan during code review): commit a7b944f0d96c3e0e15e75378a04def1ac96089fb Author: Alan Coopersmith <alan.coopersmith@sun.com> Date: Wed Nov 1 16:17:49 2006 -0800 If getpeerucred() is available, include pid & zoneid in audit messages too
* Xserver/os/: Drop not-used-anymore MNX_TCPCONN macro.Mike Gabriel2017-03-211-9/+8
|
* Don't crash on unconfigured interfaces. (X.org bug #5218, Andrei Barbu)Adam Jackson2017-03-201-0/+2
| | | | | | | | | | commit 9d62d1e6903ccc095f784279a699b3f40a8f0cf8 Author: Adam Jackson <ajax@nwnk.net> Date: Sat Jan 7 00:45:17 2006 +0000 Bug #5218: Don't crash on unconfigured interfaces. (Andrei Barbu) Backported-to-NX-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* drop platform support: unifdef sgi.Mike Gabriel2017-02-081-1/+1
| | | | Relates to ArcticaProject/nx-libs#275.
* drop platform support: unifdef QNX.Mike Gabriel2017-02-081-22/+2
| | | | Relates to ArcticaProject/nx-libs#275.
* drop platform support: unifdef DGUX.Mike Gabriel2017-02-081-17/+3
| | | | Relates to ArcticaProject/nx-libs#275.
* drop platform support: unifdef hpux and __hppa__.Mike Gabriel2017-02-081-4/+4
| | | | Fixes ArcticaProject/nx-libs#273.
* drop platform support: unifdef Lynx.Mike Gabriel2017-02-081-8/+0
| | | | Fixes ArcticaProject/nx-libs#272.
* drop platform support: unifdef __UNIXOS2__.Mike Gabriel2017-02-081-7/+0
| | | | Fixes ArcticaProject/nx-libs#271.
* Remove OS2PIPECONN transportUlrich Sibiller2016-11-021-1/+1
|
* Remove unused TLI ("STREAMSCONN") codeUlrich Sibiller2016-11-021-12/+12
|
* remove DECnet supportUlrich Sibiller2016-11-021-111/+1
| | | | just as Xorg upstream did
* os/access: fix regression in server interpreted authDave Airlie2016-10-061-1/+1
| | | | | | | | | | | | | | | | This was reported on irc on Fedora when rawhide went to 1.17.1. regression occured in: 2566835b4374edb3e5a8353d4f7c9e7ec4851c57 os: Eliminate uninitialized value warnings from access.c siAddrMatch doesn't need addr to be a useful value, it checks some things like localuser without having an address at all. Signed-off-by: Dave Airlie <airlied@redhat.com> Tested-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
* os: Eliminate uninitialized value warnings from access.cKeith Packard2016-10-061-8/+8
| | | | | | | | | | | | The ConvertAddr function doesn't reliably set the 'addr' return value, and so callers are getting flagged for using potentially uninitialized values. Initialize the value in the callers to NULL and then go ahead and check for NULL values before using them. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
* dix: GetHosts bounds check using wrong pointer value [CVE-2014-8092 pt. 6]Keith Packard2016-10-061-1/+1
| | | | | | | | | | | | | | | GetHosts saves the pointer to allocated memory in *data, and then wants to bounds-check writes to that region, but was mistakenly using a bare 'data' instead of '*data'. Also, data is declared as void **, so we need a cast to turn it into a byte pointer so we can actually do pointer comparisons. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> v1: Keith Packard v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
* replace transport.c link by xstrans.cUlrich Sibiller2016-10-061-0/+3
| | | | Just like upstream does
* VCS info lines: Remove ancient X.org / XFree86 VCS info line from code files.Mike Gabriel2016-07-061-3/+0
| | | | | This has already been started while replacing copyright info in file headers and has now been completed with this commit.
* nx-X11/programs/Xserver: Drop {X,x}alloc() macros, use malloc() instead.Mike Gabriel2016-07-021-6/+6
|
* nx-X11/programs/Xserver: Drop {X,x}free() macros, use free() instead.Mike Gabriel2016-07-021-7/+7
| | | | Fixes ArcticaProject/nx-libs#105
* nxagent Xserver: Drop Kerberos code. Not used in nxagent.Mike Gabriel2016-07-011-31/+0
|
* LBX: Drop all Xserver code blocks that relate to removed LBX extension.Mike Gabriel2016-06-011-4/+0
|
* Clear header file namespace separation (<X11/...> vs. <nx-X11/...>).Mike Gabriel2015-12-281-7/+7
| | | | | | | | | | | | | | | | | | | | In the process of building nxagent against more and more system-wide installed X.org libraries, we come to the limit of including structs from this (bundled nx-X11) and that (system-wide X.Org) library. This commit introduces a clear namespace separation of headers provided by nx-X11 and headers provided by X.Org. This approach is only temporary as we want to drop all nx-X11 bundled libraries from nx-libs. However, for a while we need to make this separation clear and also ship some reduced fake X.Org headers that avoid pulling in libX* and libNX_X* symbols at the same time. This patch has been tested on Debian jessie and unstable and requires no overall testing on various distros and distro versions, as we finally will drop all libNX_X* libraries and build against X.org's client libs. For now, this hack eases our development / cleanup process.
* Replace 'pointer' type with 'void *'Keith Packard2015-12-281-46/+46
| | | | | | | | | | This lets us stop using the 'pointer' typedef in Xdefs.h as 'pointer' is used throughout the X server for other things, and having duplicate names generates compiler warnings. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Eric Anholt <eric@anholt.net> Rebased against NX: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-161-0/+6
| | | | | | | | | | | | | | | | | | | | | GetHosts() iterates over all the hosts it has in memory, and copies them to a buffer. The buffer length is calculated by iterating over all the hosts and adding up all of their combined length. There is a potential integer overflow, if there are lots and lots of hosts (with a combined length of > ~4 gig). This should be possible by repeatedly calling ProcChangeHosts() on 64bit machines with enough memory. This patch caps the list at 1mb, because multi-megabyte hostname lists for X access control are insane. v2: backport to nx-libs 3.6.x (Mike DePaulo) v3: human-readable version of "1 MB" (Mihai Moldovan) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/access.c
* Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"Mihai Moldovan2015-02-161-6/+0
| | | | This reverts commit d4c76981f7fddb364166464c571ed8d3de3086cd.
* dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]Alan Coopersmith2015-02-141-0/+6
| | | | | | | | | | | | | | | | | | | | GetHosts() iterates over all the hosts it has in memory, and copies them to a buffer. The buffer length is calculated by iterating over all the hosts and adding up all of their combined length. There is a potential integer overflow, if there are lots and lots of hosts (with a combined length of > ~4 gig). This should be possible by repeatedly calling ProcChangeHosts() on 64bit machines with enough memory. This patch caps the list at 1mb, because multi-megabyte hostname lists for X access control are insane. v2: backport to nx-libs 3.6.x (Mike DePaulo) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/access.c
* Imported nx-X11-3.1.0-1.tar.gznx-X11/3.1.0-1Reinhard Tartler2011-10-101-0/+2429
Summary: Imported nx-X11-3.1.0-1.tar.gz Keywords: Imported nx-X11-3.1.0-1.tar.gz into Git repository