From 26bf48bab8f6ca72d20f5375a4cbc02dbefcb359 Mon Sep 17 00:00:00 2001 From: Mike Gabriel Date: Thu, 23 Jun 2016 10:31:42 +0200 Subject: library-cleanup: Don't build libNX_Xau anymore. Use system's libXau shared library. --- nx-X11/lib/Imakefile | 5 -- nx-X11/lib/X11/AuDispose.c | 51 ++++++++++++ nx-X11/lib/X11/AuFileName.c | 75 ++++++++++++++++++ nx-X11/lib/X11/AuGetBest.c | 173 ++++++++++++++++++++++++++++++++++++++++ nx-X11/lib/X11/AuRead.c | 137 ++++++++++++++++++++++++++++++++ nx-X11/lib/X11/Imakefile | 9 --- nx-X11/lib/Xau/AuDispose.c | 51 ------------ nx-X11/lib/Xau/AuFileName.c | 75 ------------------ nx-X11/lib/Xau/AuGetAddr.c | 112 -------------------------- nx-X11/lib/Xau/AuGetBest.c | 173 ---------------------------------------- nx-X11/lib/Xau/AuLock.c | 106 ------------------------- nx-X11/lib/Xau/AuRead.c | 137 -------------------------------- nx-X11/lib/Xau/AuUnlock.c | 62 --------------- nx-X11/lib/Xau/AuWrite.c | 73 ----------------- nx-X11/lib/Xau/Autest.c | 71 ----------------- nx-X11/lib/Xau/Imakefile | 49 ------------ nx-X11/lib/Xau/README | 184 ------------------------------------------- nx-X11/lib/Xau/Xauth.h | 162 -------------------------------------- nx-X11/lib/Xau/k5encode.c | 186 -------------------------------------------- 19 files changed, 436 insertions(+), 1455 deletions(-) create mode 100644 nx-X11/lib/X11/AuDispose.c create mode 100644 nx-X11/lib/X11/AuFileName.c create mode 100644 nx-X11/lib/X11/AuGetBest.c create mode 100644 nx-X11/lib/X11/AuRead.c delete mode 100644 nx-X11/lib/Xau/AuDispose.c delete mode 100644 nx-X11/lib/Xau/AuFileName.c delete mode 100644 nx-X11/lib/Xau/AuGetAddr.c delete mode 100644 nx-X11/lib/Xau/AuGetBest.c delete mode 100644 nx-X11/lib/Xau/AuLock.c delete mode 100644 nx-X11/lib/Xau/AuRead.c delete mode 100644 nx-X11/lib/Xau/AuUnlock.c delete mode 100644 nx-X11/lib/Xau/AuWrite.c delete mode 100644 nx-X11/lib/Xau/Autest.c delete mode 100644 nx-X11/lib/Xau/Imakefile delete mode 100644 nx-X11/lib/Xau/README delete mode 100644 nx-X11/lib/Xau/Xauth.h delete mode 100644 nx-X11/lib/Xau/k5encode.c (limited to 'nx-X11/lib') diff --git a/nx-X11/lib/Imakefile b/nx-X11/lib/Imakefile index 20a18dab1..4cf8bf08e 100644 --- a/nx-X11/lib/Imakefile +++ b/nx-X11/lib/Imakefile @@ -15,10 +15,6 @@ NULL = XKBLIBDIR = xkbfile #endif -#if BuildXauLib -XAULIBDIR = Xau -#endif - #if BuildX11Lib X11LIBDIR = X11 #endif @@ -29,7 +25,6 @@ XEXTLIBDIR = Xext LINTSUBDIRS = \ - $(XAULIBDIR) \ $(X11LIBDIR) \ $(XEXTLIBDIR) \ $(XKBLIBDIR) \ diff --git a/nx-X11/lib/X11/AuDispose.c b/nx-X11/lib/X11/AuDispose.c new file mode 100644 index 000000000..dc2080f40 --- /dev/null +++ b/nx-X11/lib/X11/AuDispose.c @@ -0,0 +1,51 @@ +/* $Xorg: AuDispose.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuDispose.c,v 1.4 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include + +void +XauDisposeAuth (auth) +Xauth *auth; +{ + if (auth) { + if (auth->address) (void) free (auth->address); + if (auth->number) (void) free (auth->number); + if (auth->name) (void) free (auth->name); + if (auth->data) { + (void) bzero (auth->data, auth->data_length); + (void) free (auth->data); + } + free ((char *) auth); + } + return; +} diff --git a/nx-X11/lib/X11/AuFileName.c b/nx-X11/lib/X11/AuFileName.c new file mode 100644 index 000000000..6ab0138b8 --- /dev/null +++ b/nx-X11/lib/X11/AuFileName.c @@ -0,0 +1,75 @@ +/* $Xorg: AuFileName.c,v 1.5 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuFileName.c,v 3.6 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include + +char * +XauFileName () +{ + char *slashDotXauthority = "/.Xauthority"; + char *name; + static char *buf; + static int bsize; +#ifdef WIN32 + char dir[128]; +#endif + int size; + + if ((name = getenv ("XAUTHORITY"))) + return name; + name = getenv ("HOME"); + if (!name) { +#ifdef WIN32 + (void) strcpy (dir, "/users/"); + if ((name = getenv("USERNAME"))) { + (void) strcat (dir, name); + name = dir; + } + if (!name) +#endif + return 0; + } + size = strlen (name) + strlen(&slashDotXauthority[1]) + 2; + if (size > bsize) { + if (buf) + free (buf); + buf = malloc ((unsigned) size); + if (!buf) + return 0; + bsize = size; + } + strcpy (buf, name); + strcat (buf, slashDotXauthority + (name[1] == '\0' ? 1 : 0)); + return buf; +} diff --git a/nx-X11/lib/X11/AuGetBest.c b/nx-X11/lib/X11/AuGetBest.c new file mode 100644 index 000000000..03d49ac80 --- /dev/null +++ b/nx-X11/lib/X11/AuGetBest.c @@ -0,0 +1,173 @@ +/* $Xorg: AuGetBest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuGetBest.c,v 1.7 2001/12/14 19:54:36 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#ifdef XTHREADS +#include +#endif +#ifdef hpux +#define X_INCLUDE_NETDB_H +#define XOS_USE_NO_LOCKING +#include +#endif + +static int +binaryEqual (_Xconst char *a, _Xconst char *b, int len) +{ + while (len--) + if (*a++ != *b++) + return 0; + return 1; +} + +Xauth * +XauGetBestAuthByAddr ( +#if NeedWidePrototypes + unsigned int family, + unsigned int address_length, +#else + unsigned short family, + unsigned short address_length, +#endif + _Xconst char* address, +#if NeedWidePrototypes + unsigned int number_length, +#else + unsigned short number_length, +#endif + _Xconst char* number, + int types_length, + char** types, + _Xconst int* type_lengths) +{ + FILE *auth_file; + char *auth_name; + Xauth *entry; + Xauth *best; + int best_type; + int type; +#ifdef hpux + char *fully_qual_address; + unsigned short fully_qual_address_length; +#endif + + auth_name = XauFileName (); + if (!auth_name) + return 0; + if (access (auth_name, R_OK) != 0) /* checks REAL id */ + return 0; + auth_file = fopen (auth_name, "rb"); + if (!auth_file) + return 0; + +#ifdef hpux + if (family == FamilyLocal) { +#ifdef XTHREADS_NEEDS_BYNAMEPARAMS + _Xgethostbynameparams hparams; +#endif + struct hostent *hostp; + + /* make sure we try fully-qualified hostname */ + if ((hostp = _XGethostbyname(address,hparams)) != NULL) { + fully_qual_address = hostp->h_name; + fully_qual_address_length = strlen(fully_qual_address); + } + else + { + fully_qual_address = NULL; + fully_qual_address_length = 0; + } + } +#endif /* hpux */ + + best = 0; + best_type = types_length; + for (;;) { + entry = XauReadAuth (auth_file); + if (!entry) + break; + /* + * Match when: + * either family or entry->family are FamilyWild or + * family and entry->family are the same and + * address and entry->address are the same + * and + * either number or entry->number are empty or + * number and entry->number are the same + * and + * either name or entry->name are empty or + * name and entry->name are the same + */ + + if ((family == FamilyWild || entry->family == FamilyWild || + (entry->family == family && + ((address_length == entry->address_length && + binaryEqual (entry->address, address, (int)address_length)) +#ifdef hpux + || (family == FamilyLocal && + fully_qual_address_length == entry->address_length && + binaryEqual (entry->address, fully_qual_address, + (int) fully_qual_address_length)) +#endif + ))) && + (number_length == 0 || entry->number_length == 0 || + (number_length == entry->number_length && + binaryEqual (entry->number, number, (int)number_length)))) + { + if (best_type == 0) + { + best = entry; + break; + } + for (type = 0; type < best_type; type++) + if (type_lengths[type] == entry->name_length && + !(strncmp (types[type], entry->name, entry->name_length))) + { + break; + } + if (type < best_type) + { + if (best) + XauDisposeAuth (best); + best = entry; + best_type = type; + if (type == 0) + break; + continue; + } + } + XauDisposeAuth (entry); + } + (void) fclose (auth_file); + return best; +} diff --git a/nx-X11/lib/X11/AuRead.c b/nx-X11/lib/X11/AuRead.c new file mode 100644 index 000000000..2e2509633 --- /dev/null +++ b/nx-X11/lib/X11/AuRead.c @@ -0,0 +1,137 @@ +/* $Xorg: AuRead.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ + +/* + +Copyright 1988, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from The Open Group. + +*/ +/* $XFree86: xc/lib/Xau/AuRead.c,v 1.5 2001/07/25 15:04:48 dawes Exp $ */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include + +static int +read_short (unsigned short *shortp, FILE *file) +{ + unsigned char file_short[2]; + + /* + * Added a check on EINTR to prevent the fread() call to be + * interrupted by any signal not blocked by OsBlockSignals(). + */ + + for (;;) { + if (fread ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) { + if (errno == EINTR && ferror (file)) { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + return 0; + } + break; + } + *shortp = file_short[0] * 256 + file_short[1]; + return 1; +} + +static int +read_counted_string (unsigned short *countp, char **stringp, FILE *file) +{ + unsigned short len; + char *data; + + if (read_short (&len, file) == 0) + return 0; + if (len == 0) { + data = 0; + } else { + data = malloc ((unsigned) len); + if (!data) + return 0; + for (;;) + { + if (fread (data, (int) sizeof (char), (int) len, file) != len) + { + if (errno == EINTR && ferror (file)) + { + perror ("Reading from auth file"); + clearerr (file); + continue; + } + bzero (data, len); + free (data); + return 0; + } + break; + } + } + *stringp = data; + *countp = len; + return 1; +} + +Xauth * +XauReadAuth (auth_file) +FILE *auth_file; +{ + Xauth local; + Xauth *ret; + + if (read_short (&local.family, auth_file) == 0) + return 0; + if (read_counted_string (&local.address_length, &local.address, auth_file) == 0) + return 0; + if (read_counted_string (&local.number_length, &local.number, auth_file) == 0) { + if (local.address) free (local.address); + return 0; + } + if (read_counted_string (&local.name_length, &local.name, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + return 0; + } + if (read_counted_string (&local.data_length, &local.data, auth_file) == 0) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + return 0; + } + ret = (Xauth *) malloc (sizeof (Xauth)); + if (!ret) { + if (local.address) free (local.address); + if (local.number) free (local.number); + if (local.name) free (local.name); + if (local.data) { + bzero (local.data, local.data_length); + free (local.data); + } + return 0; + } + *ret = local; + return ret; +} diff --git a/nx-X11/lib/X11/Imakefile b/nx-X11/lib/X11/Imakefile index 1ba1e4818..8be1b592d 100644 --- a/nx-X11/lib/X11/Imakefile +++ b/nx-X11/lib/X11/Imakefile @@ -1104,15 +1104,6 @@ InstallNonExecFile(XErrorDB,$(LIBDIR)) InstallNonExecFile(XKeysymDB,$(LIBDIR)) InstallLintLibrary(X11,$(LINTLIBDIR)) - -LinkSourceFile(AuDispose.c,$(XAUTHSRC)) -LinkSourceFile(AuGetBest.c,$(XAUTHSRC)) -LinkSourceFile(AuFileName.c,$(XAUTHSRC)) -LinkSourceFile(AuRead.c,$(XAUTHSRC)) -#if HasKrb5 -LinkSourceFile(k5encode.c,$(XAUTHSRC)) -#endif - #ifdef QNX4Architecture LOCAL_LDFLAGS=-F #endif diff --git a/nx-X11/lib/Xau/AuDispose.c b/nx-X11/lib/Xau/AuDispose.c deleted file mode 100644 index dc2080f40..000000000 --- a/nx-X11/lib/Xau/AuDispose.c +++ /dev/null @@ -1,51 +0,0 @@ -/* $Xorg: AuDispose.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuDispose.c,v 1.4 2001/07/25 15:04:48 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include - -void -XauDisposeAuth (auth) -Xauth *auth; -{ - if (auth) { - if (auth->address) (void) free (auth->address); - if (auth->number) (void) free (auth->number); - if (auth->name) (void) free (auth->name); - if (auth->data) { - (void) bzero (auth->data, auth->data_length); - (void) free (auth->data); - } - free ((char *) auth); - } - return; -} diff --git a/nx-X11/lib/Xau/AuFileName.c b/nx-X11/lib/Xau/AuFileName.c deleted file mode 100644 index 6ab0138b8..000000000 --- a/nx-X11/lib/Xau/AuFileName.c +++ /dev/null @@ -1,75 +0,0 @@ -/* $Xorg: AuFileName.c,v 1.5 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuFileName.c,v 3.6 2001/07/25 15:04:48 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include - -char * -XauFileName () -{ - char *slashDotXauthority = "/.Xauthority"; - char *name; - static char *buf; - static int bsize; -#ifdef WIN32 - char dir[128]; -#endif - int size; - - if ((name = getenv ("XAUTHORITY"))) - return name; - name = getenv ("HOME"); - if (!name) { -#ifdef WIN32 - (void) strcpy (dir, "/users/"); - if ((name = getenv("USERNAME"))) { - (void) strcat (dir, name); - name = dir; - } - if (!name) -#endif - return 0; - } - size = strlen (name) + strlen(&slashDotXauthority[1]) + 2; - if (size > bsize) { - if (buf) - free (buf); - buf = malloc ((unsigned) size); - if (!buf) - return 0; - bsize = size; - } - strcpy (buf, name); - strcat (buf, slashDotXauthority + (name[1] == '\0' ? 1 : 0)); - return buf; -} diff --git a/nx-X11/lib/Xau/AuGetAddr.c b/nx-X11/lib/Xau/AuGetAddr.c deleted file mode 100644 index d68ceadc2..000000000 --- a/nx-X11/lib/Xau/AuGetAddr.c +++ /dev/null @@ -1,112 +0,0 @@ -/* $Xorg: AuGetAddr.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuGetAddr.c,v 1.5 2001/12/14 19:54:36 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include - -static int -binaryEqual (_Xconst char *a, _Xconst char *b, int len) -{ - while (len--) - if (*a++ != *b++) - return 0; - return 1; -} - -Xauth * -XauGetAuthByAddr ( -#if NeedWidePrototypes -unsigned int family, -unsigned int address_length, -#else -unsigned short family, -unsigned short address_length, -#endif -_Xconst char* address, -#if NeedWidePrototypes -unsigned int number_length, -#else -unsigned short number_length, -#endif -_Xconst char* number, -#if NeedWidePrototypes -unsigned int name_length, -#else -unsigned short name_length, -#endif -_Xconst char* name) -{ - FILE *auth_file; - char *auth_name; - Xauth *entry; - - auth_name = XauFileName (); - if (!auth_name) - return 0; - if (access (auth_name, R_OK) != 0) /* checks REAL id */ - return 0; - auth_file = fopen (auth_name, "rb"); - if (!auth_file) - return 0; - for (;;) { - entry = XauReadAuth (auth_file); - if (!entry) - break; - /* - * Match when: - * either family or entry->family are FamilyWild or - * family and entry->family are the same and - * address and entry->address are the same - * and - * either number or entry->number are empty or - * number and entry->number are the same - * and - * either name or entry->name are empty or - * name and entry->name are the same - */ - - if ((family == FamilyWild || entry->family == FamilyWild || - (entry->family == family && - address_length == entry->address_length && - binaryEqual (entry->address, address, (int)address_length))) && - (number_length == 0 || entry->number_length == 0 || - (number_length == entry->number_length && - binaryEqual (entry->number, number, (int)number_length))) && - (name_length == 0 || entry->name_length == 0 || - (entry->name_length == name_length && - binaryEqual (entry->name, name, (int)name_length)))) - break; - XauDisposeAuth (entry); - } - (void) fclose (auth_file); - return entry; -} diff --git a/nx-X11/lib/Xau/AuGetBest.c b/nx-X11/lib/Xau/AuGetBest.c deleted file mode 100644 index eb27f24c1..000000000 --- a/nx-X11/lib/Xau/AuGetBest.c +++ /dev/null @@ -1,173 +0,0 @@ -/* $Xorg: AuGetBest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuGetBest.c,v 1.7 2001/12/14 19:54:36 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#ifdef XTHREADS -#include -#endif -#ifdef hpux -#define X_INCLUDE_NETDB_H -#define XOS_USE_NO_LOCKING -#include -#endif - -static int -binaryEqual (_Xconst char *a, _Xconst char *b, int len) -{ - while (len--) - if (*a++ != *b++) - return 0; - return 1; -} - -Xauth * -XauGetBestAuthByAddr ( -#if NeedWidePrototypes - unsigned int family, - unsigned int address_length, -#else - unsigned short family, - unsigned short address_length, -#endif - _Xconst char* address, -#if NeedWidePrototypes - unsigned int number_length, -#else - unsigned short number_length, -#endif - _Xconst char* number, - int types_length, - char** types, - _Xconst int* type_lengths) -{ - FILE *auth_file; - char *auth_name; - Xauth *entry; - Xauth *best; - int best_type; - int type; -#ifdef hpux - char *fully_qual_address; - unsigned short fully_qual_address_length; -#endif - - auth_name = XauFileName (); - if (!auth_name) - return 0; - if (access (auth_name, R_OK) != 0) /* checks REAL id */ - return 0; - auth_file = fopen (auth_name, "rb"); - if (!auth_file) - return 0; - -#ifdef hpux - if (family == FamilyLocal) { -#ifdef XTHREADS_NEEDS_BYNAMEPARAMS - _Xgethostbynameparams hparams; -#endif - struct hostent *hostp; - - /* make sure we try fully-qualified hostname */ - if ((hostp = _XGethostbyname(address,hparams)) != NULL) { - fully_qual_address = hostp->h_name; - fully_qual_address_length = strlen(fully_qual_address); - } - else - { - fully_qual_address = NULL; - fully_qual_address_length = 0; - } - } -#endif /* hpux */ - - best = 0; - best_type = types_length; - for (;;) { - entry = XauReadAuth (auth_file); - if (!entry) - break; - /* - * Match when: - * either family or entry->family are FamilyWild or - * family and entry->family are the same and - * address and entry->address are the same - * and - * either number or entry->number are empty or - * number and entry->number are the same - * and - * either name or entry->name are empty or - * name and entry->name are the same - */ - - if ((family == FamilyWild || entry->family == FamilyWild || - (entry->family == family && - ((address_length == entry->address_length && - binaryEqual (entry->address, address, (int)address_length)) -#ifdef hpux - || (family == FamilyLocal && - fully_qual_address_length == entry->address_length && - binaryEqual (entry->address, fully_qual_address, - (int) fully_qual_address_length)) -#endif - ))) && - (number_length == 0 || entry->number_length == 0 || - (number_length == entry->number_length && - binaryEqual (entry->number, number, (int)number_length)))) - { - if (best_type == 0) - { - best = entry; - break; - } - for (type = 0; type < best_type; type++) - if (type_lengths[type] == entry->name_length && - !(strncmp (types[type], entry->name, entry->name_length))) - { - break; - } - if (type < best_type) - { - if (best) - XauDisposeAuth (best); - best = entry; - best_type = type; - if (type == 0) - break; - continue; - } - } - XauDisposeAuth (entry); - } - (void) fclose (auth_file); - return best; -} diff --git a/nx-X11/lib/Xau/AuLock.c b/nx-X11/lib/Xau/AuLock.c deleted file mode 100644 index 1813dc368..000000000 --- a/nx-X11/lib/Xau/AuLock.c +++ /dev/null @@ -1,106 +0,0 @@ -/* $Xorg: AuLock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuLock.c,v 3.6 2002/05/31 18:45:43 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#define Time_t time_t -#ifndef X_NOT_POSIX -#include -#else -#ifndef WIN32 -extern unsigned sleep (); -#else -#include -#define link rename -#endif -#endif -#ifdef __UNIXOS2__ -#define link rename -#endif - -int -XauLockAuth ( -_Xconst char *file_name, -int retries, -int timeout, -long dead) -{ - char creat_name[1025], link_name[1025]; - struct stat statb; - Time_t now; - int creat_fd = -1; - - if (strlen (file_name) > 1022) - return LOCK_ERROR; - (void) strcpy (creat_name, file_name); - (void) strcat (creat_name, "-c"); - (void) strcpy (link_name, file_name); - (void) strcat (link_name, "-l"); - if (stat (creat_name, &statb) != -1) { - now = time ((Time_t *) 0); - /* - * NFS may cause ctime to be before now, special - * case a 0 deadtime to force lock removal - */ - if (dead == 0 || now - statb.st_ctime > dead) { - (void) unlink (creat_name); - (void) unlink (link_name); - } - } - - while (retries > 0) { - if (creat_fd == -1) { - creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600); - if (creat_fd == -1) { - if (errno != EACCES) - return LOCK_ERROR; - } else - (void) close (creat_fd); - } - if (creat_fd != -1) { - if (link (creat_name, link_name) != -1) - return LOCK_SUCCESS; - if (errno == ENOENT) { - creat_fd = -1; /* force re-creat next time around */ - continue; - } - if (errno != EEXIST) - return LOCK_ERROR; - } - (void) sleep ((unsigned) timeout); - --retries; - } - return LOCK_TIMEOUT; -} diff --git a/nx-X11/lib/Xau/AuRead.c b/nx-X11/lib/Xau/AuRead.c deleted file mode 100644 index 2e2509633..000000000 --- a/nx-X11/lib/Xau/AuRead.c +++ /dev/null @@ -1,137 +0,0 @@ -/* $Xorg: AuRead.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuRead.c,v 1.5 2001/07/25 15:04:48 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include - -static int -read_short (unsigned short *shortp, FILE *file) -{ - unsigned char file_short[2]; - - /* - * Added a check on EINTR to prevent the fread() call to be - * interrupted by any signal not blocked by OsBlockSignals(). - */ - - for (;;) { - if (fread ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) { - if (errno == EINTR && ferror (file)) { - perror ("Reading from auth file"); - clearerr (file); - continue; - } - return 0; - } - break; - } - *shortp = file_short[0] * 256 + file_short[1]; - return 1; -} - -static int -read_counted_string (unsigned short *countp, char **stringp, FILE *file) -{ - unsigned short len; - char *data; - - if (read_short (&len, file) == 0) - return 0; - if (len == 0) { - data = 0; - } else { - data = malloc ((unsigned) len); - if (!data) - return 0; - for (;;) - { - if (fread (data, (int) sizeof (char), (int) len, file) != len) - { - if (errno == EINTR && ferror (file)) - { - perror ("Reading from auth file"); - clearerr (file); - continue; - } - bzero (data, len); - free (data); - return 0; - } - break; - } - } - *stringp = data; - *countp = len; - return 1; -} - -Xauth * -XauReadAuth (auth_file) -FILE *auth_file; -{ - Xauth local; - Xauth *ret; - - if (read_short (&local.family, auth_file) == 0) - return 0; - if (read_counted_string (&local.address_length, &local.address, auth_file) == 0) - return 0; - if (read_counted_string (&local.number_length, &local.number, auth_file) == 0) { - if (local.address) free (local.address); - return 0; - } - if (read_counted_string (&local.name_length, &local.name, auth_file) == 0) { - if (local.address) free (local.address); - if (local.number) free (local.number); - return 0; - } - if (read_counted_string (&local.data_length, &local.data, auth_file) == 0) { - if (local.address) free (local.address); - if (local.number) free (local.number); - if (local.name) free (local.name); - return 0; - } - ret = (Xauth *) malloc (sizeof (Xauth)); - if (!ret) { - if (local.address) free (local.address); - if (local.number) free (local.number); - if (local.name) free (local.name); - if (local.data) { - bzero (local.data, local.data_length); - free (local.data); - } - return 0; - } - *ret = local; - return ret; -} diff --git a/nx-X11/lib/Xau/AuUnlock.c b/nx-X11/lib/Xau/AuUnlock.c deleted file mode 100644 index e40042104..000000000 --- a/nx-X11/lib/Xau/AuUnlock.c +++ /dev/null @@ -1,62 +0,0 @@ -/* $Xorg: AuUnlock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuUnlock.c,v 1.4 2001/12/14 19:54:36 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include - -int -XauUnlockAuth ( -_Xconst char *file_name) -{ -#ifndef WIN32 - char creat_name[1025]; -#endif - char link_name[1025]; - - if (strlen (file_name) > 1022) - return 0; -#ifndef WIN32 - (void) strcpy (creat_name, file_name); - (void) strcat (creat_name, "-c"); -#endif - (void) strcpy (link_name, file_name); - (void) strcat (link_name, "-l"); - /* - * I think this is the correct order - */ -#ifndef WIN32 - (void) unlink (creat_name); -#endif - (void) unlink (link_name); - - return 1; -} diff --git a/nx-X11/lib/Xau/AuWrite.c b/nx-X11/lib/Xau/AuWrite.c deleted file mode 100644 index 5a9b44eb2..000000000 --- a/nx-X11/lib/Xau/AuWrite.c +++ /dev/null @@ -1,73 +0,0 @@ -/* $Xorg: AuWrite.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ -/* $XFree86: xc/lib/Xau/AuWrite.c,v 1.3 2001/01/17 19:42:24 dawes Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include - -static int -write_short (unsigned short s, FILE *file) -{ - unsigned char file_short[2]; - - file_short[0] = (s & (unsigned)0xff00) >> 8; - file_short[1] = s & 0xff; - if (fwrite ((char *) file_short, (int) sizeof (file_short), 1, file) != 1) - return 0; - return 1; -} - -static int -write_counted_string (unsigned short count, char *string, FILE *file) -{ - if (write_short (count, file) == 0) - return 0; - if (fwrite (string, (int) sizeof (char), (int) count, file) != count) - return 0; - return 1; -} - -int -XauWriteAuth (auth_file, auth) -FILE *auth_file; -Xauth *auth; -{ - if (write_short (auth->family, auth_file) == 0) - return 0; - if (write_counted_string (auth->address_length, auth->address, auth_file) == 0) - return 0; - if (write_counted_string (auth->number_length, auth->number, auth_file) == 0) - return 0; - if (write_counted_string (auth->name_length, auth->name, auth_file) == 0) - return 0; - if (write_counted_string (auth->data_length, auth->data, auth_file) == 0) - return 0; - return 1; -} diff --git a/nx-X11/lib/Xau/Autest.c b/nx-X11/lib/Xau/Autest.c deleted file mode 100644 index 2352cf170..000000000 --- a/nx-X11/lib/Xau/Autest.c +++ /dev/null @@ -1,71 +0,0 @@ -/* $Xorg: Autest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include - -main (argc, argv) -char **argv; -{ - Xauth test_data; - char *name, *data, *file; - int state = 0; - FILE *output; - - while (*++argv) { - if (!strcmp (*argv, "-file")) - file = *++argv; - else if (state == 0) { - name = *argv; - ++state; - } else if (state == 1) { - data = *argv; - ++state; - } - } - if(!file) { - fprintf (stderr, "No file\n"); - exit (1); - } - test_data.family = 0; - test_data.address_length = 0; - test_data.address = ""; - test_data.number_length = 0; - test_data.number = ""; - test_data.name_length = strlen (name); - test_data.name = name; - test_data.data_length = strlen (data); - test_data.data = data; - output = fopen (file, "w"); - if (output) { - XauWriteAuth (output, &test_data); - fclose (output); - } -} diff --git a/nx-X11/lib/Xau/Imakefile b/nx-X11/lib/Xau/Imakefile deleted file mode 100644 index df80d28d4..000000000 --- a/nx-X11/lib/Xau/Imakefile +++ /dev/null @@ -1,49 +0,0 @@ -XCOMM $Xorg: Imakefile,v 1.3 2000/08/17 19:45:29 cpqbld Exp $ -XCOMM $XdotOrg: xc/lib/Xau/Imakefile,v 1.4 2005/09/22 23:54:18 alanc Exp $ - - - -XCOMM $XFree86: xc/lib/Xau/Imakefile,v 3.5 1999/04/17 09:08:11 dawes Exp $ - -#define DoNormalLib NormalLibXau -#define DoSharedLib SharedLibXau -#define DoExtraLib SharedLibXau -#define DoDebugLib DebugLibXau -#define DoProfileLib ProfileLibXau -#define LibName NX_Xau -#define SoRev SOXAUTHREV -#define IncSubdir nx-X11 - -#include - -#ifdef SharedXauReqs -REQUIREDLIBS = SharedXauReqs -#endif - - LINTLIBS = $(LINTXLIB) - -#if HasKrb5 -K5ENCSRC = k5encode.c -K5ENCOBJ = k5encode.o -INCLUDES = Krb5Includes -#else -K5ENCSRC = -K5ENCOBJ = -INCLUDES = -#endif - -HEADERS = \ - Xauth.h - -SRCS = AuDispose.c AuFileName.c AuGetAddr.c AuGetBest.c AuLock.c \ - AuRead.c AuUnlock.c AuWrite.c $(K5ENCSRC) - -OBJS = AuDispose.o AuFileName.o AuGetAddr.o AuGetBest.o AuLock.o \ - AuRead.o AuUnlock.o AuWrite.o $(K5ENCOBJ) - -#define IncludeSharedObjectInNormalLib -#define UnsharedLibObjCompile(options) LibObjCompile(unshared,$(CDEBUGFLAGS) $(CLIBDEBUGFLAGS) options $(PICFLAGS)) - -#include - -DependTarget() diff --git a/nx-X11/lib/Xau/README b/nx-X11/lib/Xau/README deleted file mode 100644 index 404eef079..000000000 --- a/nx-X11/lib/Xau/README +++ /dev/null @@ -1,184 +0,0 @@ - - - A Sample Authorization Protocol for X - - -Overview - -The following note describes a very simple mechanism for providing individual -access to an X Window System display. It uses existing core protocol and -library hooks for specifying authorization data in the connection setup block -to restrict use of the display to only those clients that show that they -know a server-specific key called a "magic cookie". This mechanism is *not* -being proposed as an addition to the Xlib standard; among other reasons, a -protocol extension is needed to support more flexible mechanisms. We have -implemented this mechanism already; if you have comments, please send them -to us. - -This scheme involves changes to the following parts of the sample release: - - o xdm - - generate random magic cookie and store in protected file - - pass name of magic cookie file to server - - when user logs in, add magic cookie to user's auth file - - when user logs out, generate a new cookie for server - - o server - - a new command line option to specify cookie file - - check client authorization data against magic cookie - - read in cookie whenever the server resets - - do not add local machine to host list if magic cookie given - - o Xlib - - read in authorization data from file - - find data for appropriate server - - send authorization data if found - - o xauth [new program to manage user auth file] - - add entries to user's auth file - - remove entries from user's auth file - -This mechanism assumes that the superuser and the transport layer between -the client and the server is secure. Organizations that desire stricter -security are encouraged to look at systems such as Kerberos (at Project -Athena). - - -Description - -The sample implementation will use the xdm Display Manager to set up and -control the server's authorization file. Sites that do not run xdm will -need to build their own mechanisms. - -Xdm uses a random key (seeded by the system time and check sum of /dev/kmem) -to generate a unique sequence of characters at 16 bytes long. This sequence -will be written to a file which is made readable only by the server. The -server will then be started with a command line option instructing it to use -the contents of the file as the magic cookie for connections that include -authorization data. This will also disable the server from adding the local -machine's address to the initial host list. Note that the actual cookie must -not be stored on the command line or in an environment variable, to prevent -it from being publicly obtainable by the "ps" command. - -If a client presents an authorization name of "MIT-MAGIC-COOKIE-1" and -authorization data that matches the magic cookie, that client is allowed -access. If the name or data does not match and the host list is empty, -that client will be denied access. Otherwise, the existing host-based access -control will be used. Since any client that is making a connection from a -machine on the host list will be granted access even if their authorization -data is incorrect, sites are strongly urged not to set up any default hosts -using the /etc/X*.hosts files. Granting access to other machines should be -done by the user's session manager instead. - -Assuming the server is configured with an empty host list, the existence of the -cookie is sufficient to ensure there will be no unauthorized access to the -display. However, xdm will (continue to) work to minimize the chances of -spoofing on servers that do not support this authorization mechanism. This -will be done by grabbing the server and the keyboard after opening the display. -This action will be surrounded by a timer which will kill the server if the -grabs cannot be done within several seconds. [This level of security is now -implemented in patches already sent out.] - -After the user logs in, xdm will add authorization entries for each of the -server machine's network addresses to the user's authorization file (the format -of which is described below). This file will usually be named .Xauthority in -the users's home directory; will be owned by the user (as specified by the -pw_uid and pw_gid fields in the user's password entry), and will be accessible -only to the user (no group access). This file will contain authorization data -for all of the displays opened by the user. - -When the session terminates, xdm will generate and store a new magic cookie -for the server. Then, xdm will shutdown its own connection and send a -SIGHUP to the server process, which should cause the server to reset. The -server will then read in the new magic cookie. - -To support accesses (both read and write) from multiple machines (for use in -environments that use distributed file systems), file locking is done using -hard links. This is done by creat'ing (sic) a lock file and then linking it -to another name in the same directory. If the link-target already exists, -the link will fail, indicating failure to obtain the lock. Linking is used -instead of just creating the file read-only since link will fail even for -the superuser. - -Problems and Solutions - -There are a few problems with .Xauthority as described. If no home directory -exists, or if xdm cannot create a file there (disk full), xdm stores the -cookie in a file in a resource-specified back-up directory, and sets an -environment variable in the user's session (called XAUTHORITY) naming this -file. There is also the problem that the locking attempts will need to be -timed out, due to a leftover lock. Xdm, again, creates a file and set an -environment variable. Finally, the back-up directory might be full. Xdm, -as a last resort, provides a function key binding that allows a user to log -in without having the authorization data stored, and with host-based access -control disabled. - -Xlib - -XOpenDisplay in Xlib was enhanced to allow specification of authorization -information. As implied above, Xlib looks for the data in the -.Xauthority file of the home directory, or in the file pointed at by the -XAUTHORITY environment variable instead if that is defined. This required -no programmatic interface change to Xlib. In addition, a new Xlib routine -is provided to explicitly specify authorization. - - XSetAuthorization(name, namelen, data, datalen) - int namelen, datalen; - char *name, *data; - -There are three types of input: - - name NULL, data don't care - use default authorization mechanism. - name non-NULL, data NULL - use the named authorization; get - data from that mechanism's default. - name non-NULL, data non-NULL - use the given authorization and data. - -This interface is used by xdm and might also be used by any other -applications that wish to explicitly set the authorization information. - -Authorization File - -The .Xauthority file is a binary file consisting of a sequence of entries -in the following format: - - 2 bytes Family value (second byte is as in protocol HOST) - 2 bytes address length (always MSB first) - A bytes host address (as in protocol HOST) - 2 bytes display "number" length (always MSB first) - S bytes display "number" string - 2 bytes name length (always MSB first) - N bytes authorization name string - 2 bytes data length (always MSB first) - D bytes authorization data string - -The format is binary for easy processing, since authorization information -usually consists of arbitrary data. Host addresses are used instead of -names to eliminate potentially time-consuming name resolutions in -XOpenDisplay. Programs, such as xdm, that initialize the user's -authorization file will have to do the same work as the server in finding -addresses for all network interfaces. If more than one entry matches the -desired address, the entry that is chosen is implementation-dependent. In -our implementation, it is always the first in the file. - -The Family is specified in two bytes to allow out-of-band values -(i.e. values not in the Protocol) to be used. In particular, -two new values "FamilyLocal" and "FamilyWild" are defined. FamilyLocal -refers to any connections using a non-network method of connetion from the -local machine (Unix domain sockets, shared memory, loopback serial line). -In this case the host address is specified by the data returned from -gethostname() and better be unique in a collection of machines -which share NFS directories. FamilyWild is currently used only -by xdm to communicate authorization data to the server. It matches -any family/host address pair. - -For FamilyInternet, the host address is the 4 byte internet address, for -FamilyDecnet, the host address is the byte decnet address, for FamilyChaos -the address is also two bytes. - -The Display Number is the ascii representation of the display number -portion of the display name. It is in ascii to allow future expansion -to PseudoRoots or anything else that might happen. - -A utility called "xauth" will be provided for editing and viewing the -contents of authorization files. Note that the user's authorization file is -not the same as the server's magic cookie file. diff --git a/nx-X11/lib/Xau/Xauth.h b/nx-X11/lib/Xau/Xauth.h deleted file mode 100644 index 7ac8bf77b..000000000 --- a/nx-X11/lib/Xau/Xauth.h +++ /dev/null @@ -1,162 +0,0 @@ -/* $Xorg: Xauth.h,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1988, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ - -/* $XFree86: xc/lib/Xau/Xauth.h,v 1.5 2001/12/14 19:54:36 dawes Exp $ */ - -#ifndef _Xauth_h -#define _Xauth_h - -typedef struct xauth { - unsigned short family; - unsigned short address_length; - char *address; - unsigned short number_length; - char *number; - unsigned short name_length; - char *name; - unsigned short data_length; - char *data; -} Xauth; - -#ifndef _XAUTH_STRUCT_ONLY - -# include -# include - -# include - -# define FamilyLocal (256) /* not part of X standard (i.e. X.h) */ -# define FamilyWild (65535) -# define FamilyNetname (254) /* not part of X standard */ -# define FamilyKrb5Principal (253) /* Kerberos 5 principal name */ -# define FamilyLocalHost (252) /* for local non-net authentication */ - - -_XFUNCPROTOBEGIN - -char *XauFileName(void); - -Xauth *XauReadAuth( -FILE* /* auth_file */ -); - -int XauLockAuth( -_Xconst char* /* file_name */, -int /* retries */, -int /* timeout */, -long /* dead */ -); - -int XauUnlockAuth( -_Xconst char* /* file_name */ -); - -int XauWriteAuth( -FILE* /* auth_file */, -Xauth* /* auth */ -); - -Xauth *XauGetAuthByName( -_Xconst char* /* display_name */ -); - -Xauth *XauGetAuthByAddr( -#if NeedWidePrototypes -unsigned int /* family */, -unsigned int /* address_length */, -#else -unsigned short /* family */, -unsigned short /* address_length */, -#endif -_Xconst char* /* address */, -#if NeedWidePrototypes -unsigned int /* number_length */, -#else -unsigned short /* number_length */, -#endif -_Xconst char* /* number */, -#if NeedWidePrototypes -unsigned int /* name_length */, -#else -unsigned short /* name_length */, -#endif -_Xconst char* /* name */ -); - -Xauth *XauGetBestAuthByAddr( -#if NeedWidePrototypes -unsigned int /* family */, -unsigned int /* address_length */, -#else -unsigned short /* family */, -unsigned short /* address_length */, -#endif -_Xconst char* /* address */, -#if NeedWidePrototypes -unsigned int /* number_length */, -#else -unsigned short /* number_length */, -#endif -_Xconst char* /* number */, -int /* types_length */, -char** /* type_names */, -_Xconst int* /* type_lengths */ -); - -void XauDisposeAuth( -Xauth* /* auth */ -); - -#ifdef K5AUTH -#include -/* 9/93: krb5.h leaks some symbols */ -#undef BITS32 -#undef xfree - -int XauKrb5Encode( - krb5_principal /* princ */, - krb5_data * /* outbuf */ -); - -int XauKrb5Decode( - krb5_data /* inbuf */, - krb5_principal * /* princ */ -); -#endif /* K5AUTH */ - -_XFUNCPROTOEND - -/* Return values from XauLockAuth */ - -# define LOCK_SUCCESS 0 /* lock succeeded */ -# define LOCK_ERROR 1 /* lock unexpectely failed, check errno */ -# define LOCK_TIMEOUT 2 /* lock failed, timeouts expired */ - -#endif /* _XAUTH_STRUCT_ONLY */ - -#endif /* _Xauth_h */ diff --git a/nx-X11/lib/Xau/k5encode.c b/nx-X11/lib/Xau/k5encode.c deleted file mode 100644 index c71222e1c..000000000 --- a/nx-X11/lib/Xau/k5encode.c +++ /dev/null @@ -1,186 +0,0 @@ -/* $Xorg: k5encode.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */ - -/* - -Copyright 1993, 1994, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from The Open Group. - -*/ - -/* - * functions to encode/decode Kerberos V5 principals - * into something that can be reasonable spewed over - * the wire - * - * Author: Tom Yu - * - * Still needs to be fixed up wrt signed/unsigned lengths, but we'll worry - * about that later. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -/* 9/93: krb5.h leaks some symbols */ -#undef BITS32 -#undef xfree - -#include -#include -#include -#include - -/* - * XauKrb5Encode - * - * this function encodes the principal passed to it in a format that can - * easily be dealt with by stuffing it into an X packet. Encoding is as - * follows: - * length count of the realm name - * realm - * component count - * length of component - * actual principal component - * etc.... - * - * Note that this function allocates a hunk of memory, which must be - * freed to avoid nasty memory leak type things. All counts are - * byte-swapped if needed. (except for the total length returned) - * - * nevermind.... stuffing the encoded packet in net byte order just to - * always do the right thing. Don't have to frob with alignment that way. - */ -int -XauKrb5Encode(princ, outbuf) - krb5_principal princ; /* principal to encode */ - krb5_data *outbuf; /* output buffer */ -{ - CARD16 i, numparts, totlen = 0, plen, rlen; - char *cp, *pdata; - - rlen = krb5_princ_realm(princ)->length; - numparts = krb5_princ_size(princ); - totlen = 2 + rlen + 2; /* include room for realm length - and component count */ - for (i = 0; i < numparts; i++) - totlen += krb5_princ_component(princ, i)->length + 2; - /* add 2 bytes each time for length */ - if ((outbuf->data = (char *)malloc(totlen)) == NULL) - return -1; - cp = outbuf->data; - *cp++ = (char)((int)(0xff00 & rlen) >> 8); - *cp++ = (char)(0x00ff & rlen); - memcpy(cp, krb5_princ_realm(princ)->data, rlen); - cp += rlen; - *cp++ = (char)((int)(0xff00 & numparts) >> 8); - *cp++ = (char)(0x00ff & numparts); - for (i = 0; i < numparts; i++) - { - plen = krb5_princ_component(princ, i)->length; - pdata = krb5_princ_component(princ, i)->data; - *cp++ = (char)((int)(0xff00 & plen) >> 8); - *cp++ = (char)(0x00ff & plen); - memcpy(cp, pdata, plen); - cp += plen; - } - outbuf->length = totlen; - return 0; -} - -/* - * XauKrb5Decode - * - * This function essentially reverses what XauKrb5Encode does. - * return value: 0 if okay, -1 if malloc fails, -2 if inbuf format bad - */ -int -XauKrb5Decode(inbuf, princ) - krb5_data inbuf; - krb5_principal *princ; -{ - CARD16 i, numparts, plen, rlen; - CARD8 *cp, *pdata; - - if (inbuf.length < 4) - { - return -2; - } - *princ = (krb5_principal)malloc(sizeof (krb5_principal_data)); - if (*princ == NULL) - return -1; - bzero(*princ, sizeof (krb5_principal_data)); - cp = (CARD8 *)inbuf.data; - rlen = *cp++ << 8; - rlen |= *cp++; - if (inbuf.length < 4 + (int)rlen + 2) - { - krb5_free_principal(*princ); - return -2; - } - krb5_princ_realm(*princ)->data = (char *)malloc(rlen); - if (krb5_princ_realm(*princ)->data == NULL) - { - krb5_free_principal(*princ); - return -1; - } - krb5_princ_realm(*princ)->length = rlen; - memcpy(krb5_princ_realm(*princ)->data, cp, rlen); - cp += rlen; - numparts = *cp++ << 8; - numparts |= *cp++; - krb5_princ_name(*princ) = - (krb5_data *)malloc(numparts * sizeof (krb5_data)); - if (krb5_princ_name(*princ) == NULL) - { - krb5_free_principal(*princ); - return -1; - } - krb5_princ_size(*princ) = 0; - for (i = 0; i < numparts; i++) - { - if (cp + 2 > (CARD8 *)inbuf.data + inbuf.length) - { - krb5_free_principal(*princ); - return -2; - } - plen = *cp++ << 8; - plen |= *cp++; - if (cp + plen > (CARD8 *)inbuf.data + inbuf.length) - { - krb5_free_principal(*princ); - return -2; - } - pdata = (CARD8 *)malloc(plen); - if (pdata == NULL) - { - krb5_free_principal(*princ); - return -1; - } - krb5_princ_component(*princ, i)->data = (char *)pdata; - krb5_princ_component(*princ, i)->length = plen; - memcpy(pdata, cp, plen); - cp += plen; - krb5_princ_size(*princ)++; - } - return 0; -} -- cgit v1.2.3 From 20454528656dbe98a538de7c67ce89e50841bd5f Mon Sep 17 00:00:00 2001 From: Mike Gabriel Date: Thu, 23 Jun 2016 10:46:48 +0200 Subject: nxagent Xserver: Drop Kerberos code. Not used in nxagent. --- nx-X11/config/cf/Imake.tmpl | 29 +- nx-X11/config/cf/README | 7 - nx-X11/config/cf/X11.tmpl | 14 - nx-X11/lib/X11/Imakefile | 9 - nx-X11/programs/Xserver/Imakefile | 2 +- nx-X11/programs/Xserver/dix/Imakefile | 6 - nx-X11/programs/Xserver/dix/dispatch.c | 10 - nx-X11/programs/Xserver/dix/tables.c | 15 - nx-X11/programs/Xserver/include/dixstruct.h | 4 - nx-X11/programs/Xserver/os/Imakefile | 18 +- nx-X11/programs/Xserver/os/access.c | 31 -- nx-X11/programs/Xserver/os/auth.c | 12 - nx-X11/programs/Xserver/os/k5auth.c | 801 ---------------------------- nx-X11/programs/Xserver/os/osdep.h | 23 - nx-X11/programs/Xserver/os/rpcauth.c | 2 +- 15 files changed, 7 insertions(+), 976 deletions(-) delete mode 100644 nx-X11/programs/Xserver/os/k5auth.c (limited to 'nx-X11/lib') diff --git a/nx-X11/config/cf/Imake.tmpl b/nx-X11/config/cf/Imake.tmpl index f40864ced..d540f418b 100644 --- a/nx-X11/config/cf/Imake.tmpl +++ b/nx-X11/config/cf/Imake.tmpl @@ -566,12 +566,6 @@ X_BYTE_ORDER = ByteOrder #ifndef HasSecureRPC #define HasSecureRPC NO /* if you have Secure RPC */ #endif -#ifndef HasKrbIV -#define HasKrbIV NO /* if you have Kerberos IV */ -#endif -#ifndef HasKrb5 -#define HasKrb5 NO /* if you have Kerberos V5 */ -#endif #ifndef HasLatex #define HasLatex NO #endif @@ -591,27 +585,6 @@ X_BYTE_ORDER = ByteOrder #ifndef GzipLibrary /* if OS config didn't define it, assume it's -lz */ #define GzipLibrary -lz #endif -#if HasKrbIV -#ifndef KrbIVIncludes -#define KrbIVIncludes /**/ -#endif -#ifndef KrbIVLibraries -#define KrbIVLibraries -lkrb -ldes -#endif -#endif -#if HasKrb5 -#ifndef Krb5Includes -#define Krb5Includes -I/krb5/include -#endif -#ifndef Krb5Libraries -#define Krb5Libraries -L/krb5/lib -L/usr/isode/lib -lkrb5 -lcrypto -lisode -lcom_err -ldbm -#endif -#else -#undef Krb5Includes -#define Krb5Includes /**/ -#undef Krb5Libraries -#define Krb5Libraries /**/ -#endif #ifndef UseGnuMalloc #define UseGnuMalloc NO #endif @@ -1878,7 +1851,7 @@ MODLDCOMBINEFLAGS = ModuleLdCombineFlags STD_DEFINES = StandardDefines $(PROJECT_DEFINES) EXTRA_LOAD_FLAGS = ExtraLoadFlags EXTRA_LDOPTIONS = ExtraLoadOptions - EXTRA_LIBRARIES = MallocLibraries ExtraLibraries Krb5Libraries + EXTRA_LIBRARIES = MallocLibraries ExtraLibraries TAGS = TagsCmd #if ConstructMFLAGS MFLAGS = -$(MAKEFLAGS) diff --git a/nx-X11/config/cf/README b/nx-X11/config/cf/README index 41ff36a01..0cd37245a 100644 --- a/nx-X11/config/cf/README +++ b/nx-X11/config/cf/README @@ -68,8 +68,6 @@ Imake.tmpl provides defaults for the following variables: HasGnuMake use the GNU make program? HasGhostPCL boolean for system has GhostPCL HasGhostScript boolean for system has GhostScript - HasKrbIV system has Kerberos version IV support? - HasKrb5 system has Kerberos version 5 support? HasLargeTmp boolean for system has /tmp space HasLatex system has LaTeX document preparation software HasLibCrypt boolean for system has libcrypt @@ -105,10 +103,6 @@ Imake.tmpl provides defaults for the following variables: InstPgmFlags install flags for normal programs InstUidFlags install flags for xterm to chown /dev/ptys InstallCmd command to install files - KrbIVIncludes where to include KerberosIV header files from - KrbIVLibraries where to load KerberosIV libraries from - Krb5Includes where to include Kerberos header files from - Krb5Libraries where to load Kerberos libraries from LdCmd command to run loader LdCombineFlags flags for incremental loading LexCmd command to run lex @@ -207,7 +201,6 @@ X11.tmpl provides defaults for the following variables: needs Wraphelp.c, see Release Notes InstallLibManPages boolean for installing library man pages InstallSecurityConfig install server security policy file over old? - KrbIVDefines defines for use with KerberosIV LibDir directory in which to install X11 support files LibManSuffix man suffix for library pages LibmanDir directory in which to install library man pages diff --git a/nx-X11/config/cf/X11.tmpl b/nx-X11/config/cf/X11.tmpl index a40df9fa2..ce952fb68 100644 --- a/nx-X11/config/cf/X11.tmpl +++ b/nx-X11/config/cf/X11.tmpl @@ -739,20 +739,6 @@ FCHOWN_DEFINES = -DHAS_FCHOWN #ifndef ServerOSDefines #define ServerOSDefines /**/ #endif -#if HasKrbIV -#ifndef KrbIVDefines -#define KrbIVDefines -DKERBEROS -#endif -#else -#define KrbIVDefines /**/ -#endif -#if HasKrb5 -#ifndef Krb5Defines -#define Krb5Defines -DK5AUTH -#endif -#else -#define Krb5Defines /**/ -#endif #ifndef ServerExtraDefines #define ServerExtraDefines /* -DPIXPRIV */ #endif diff --git a/nx-X11/lib/X11/Imakefile b/nx-X11/lib/X11/Imakefile index 8be1b592d..cc87d6e7b 100644 --- a/nx-X11/lib/X11/Imakefile +++ b/nx-X11/lib/X11/Imakefile @@ -172,12 +172,6 @@ EXTRA_LIBRARIES = /**/ SETID_DEFINES = -DHASGETRESUID #endif XLC_DEFINES = -DXLOCALEDIR=\"$(XLOCALEDIR)\" -#if HasKrb5 - K5OBJS = k5encode.o - K5SRCS = k5encode.c - K5INCL = Krb5Includes - K5DEFS = Krb5Defines -#endif #if (defined(FreeBSDArchitecture) && OSRelVersion < 500016) || \ defined(OpenBSDArchitecture) THRSTUBSRCS = UIThrStubs.c @@ -1082,9 +1076,6 @@ SpecialCLibObjectRule(KeyBind,$(ICONFIGFILES),$(XKB_DEFINES)) SpecialCLibObjectRule(XKBBind,$(ICONFIGFILES),$(XKB_DEFINES)) SpecialCLibObjectRule(imConv,$(ICONFIGFILES),$(XKB_DEFINES)) #endif -#if HasKrb5 -SpecialCLibObjectRule(k5encode,$(_NOOP_),$(K5INCL)) -#endif #if BuildLoadableXlibI18n SpecialCLibObjectRuleSeparateOpts(lcInit,$(ICONFIGFILES),$(_NOOP_),$(LC_DYNDEFINES)) SpecialCLibObjectRuleSeparateOpts(lcGeneric,$(ICONFIGFILES),$(_NOOP_),$(LC_DYNDEFINES)) diff --git a/nx-X11/programs/Xserver/Imakefile b/nx-X11/programs/Xserver/Imakefile index 6a8e736f1..93a3286b1 100644 --- a/nx-X11/programs/Xserver/Imakefile +++ b/nx-X11/programs/Xserver/Imakefile @@ -246,7 +246,7 @@ INSTPGMFLAGS = #if !(SystemV4 || defined(SGIArchitecture) || UseRgbTxt) DBMLIBS = DBMLibrary #endif - SYSLIBS = $(ZLIB) MathLibrary Krb5Libraries $(DBMLIBS) $(USB) \ + SYSLIBS = $(ZLIB) MathLibrary $(DBMLIBS) $(USB) \ $(PAMLIBS) $(EXTRASYSLIBS) #if !HasCbrt CBRT = mi/LibraryTargetName(cbrt) diff --git a/nx-X11/programs/Xserver/dix/Imakefile b/nx-X11/programs/Xserver/dix/Imakefile index ed7530caf..fb67cb65b 100644 --- a/nx-X11/programs/Xserver/dix/Imakefile +++ b/nx-X11/programs/Xserver/dix/Imakefile @@ -126,10 +126,6 @@ VENDORRELEASE = XVendorRelease VENDOR_RELEASE = -DVENDOR_RELEASE="$(VENDORRELEASE)" #endif -#if HasKrb5 - K5DEFS = Krb5Defines -#endif - #ifdef DarwinArchitecture #if DarwinQuartzSupport QUARTZ_DEFINES = -DDARWIN_WITH_QUARTZ @@ -146,8 +142,6 @@ LintLibraryTarget(dix,$(SRCS) $(XPSRC)) NormalLintTarget($(SRCS) $(XPSRC)) SpecialCObjectRule(globals,$(ICONFIGFILES),$(SITE_DEFINES)) -SpecialCObjectRule(tables,$(ICONFIGFILES),$(K5DEFS)) -SpecialCObjectRule(dispatch,$(ICONFIGFILES),$(K5DEFS)) SpecialCObjectRule(main,$(ICONFIGFILES),$(VENDOR_DEFINES)) SpecialCObjectRule(pixmap,$(ICONFIGFILES),$(_NOOP_)) SpecialCObjectRule(privates,$(ICONFIGFILES),$(_NOOP_)) diff --git a/nx-X11/programs/Xserver/dix/dispatch.c b/nx-X11/programs/Xserver/dix/dispatch.c index fe4da8a0c..803870369 100644 --- a/nx-X11/programs/Xserver/dix/dispatch.c +++ b/nx-X11/programs/Xserver/dix/dispatch.c @@ -955,10 +955,6 @@ ProcGetAtomName(register ClientPtr client) } } -#ifdef K5AUTH -extern int k5_bad(); -#endif - #ifndef NXAGENT_SERVER int ProcSetSelectionOwner(register ClientPtr client) @@ -3506,12 +3502,6 @@ InitProcVectors(void) ProcVector[i] = SwappedProcVector[i] = ProcBadRequest; ReplySwapVector[i] = ReplyNotSwappd; } -#ifdef K5AUTH - if (!k5_Vector[i]) - { - k5_Vector[i] = k5_bad; - } -#endif } for(i = LASTEvent; i < 128; i++) { diff --git a/nx-X11/programs/Xserver/dix/tables.c b/nx-X11/programs/Xserver/dix/tables.c index eb4f4c8d2..df15de7d1 100644 --- a/nx-X11/programs/Xserver/dix/tables.c +++ b/nx-X11/programs/Xserver/dix/tables.c @@ -63,11 +63,6 @@ SOFTWARE. #include "swaprep.h" #include "swapreq.h" -#ifdef K5AUTH -extern int - k5_stage1(), k5_stage2(), k5_stage3(), k5_bad(); -#endif - int (* InitialVector[3]) ( ClientPtr /* client */ ) = @@ -517,13 +512,3 @@ ReplySwapPtr ReplySwapVector[256] = ReplyNotSwappd, /* NoOperation */ ReplyNotSwappd }; - -#ifdef K5AUTH -int (*k5_Vector[256])() = -{ - k5_bad, - k5_stage1, - k5_bad, - k5_stage3 -}; -#endif diff --git a/nx-X11/programs/Xserver/include/dixstruct.h b/nx-X11/programs/Xserver/include/dixstruct.h index 01a1c86dc..57033a43e 100644 --- a/nx-X11/programs/Xserver/include/dixstruct.h +++ b/nx-X11/programs/Xserver/include/dixstruct.h @@ -219,10 +219,6 @@ extern int (* ProcVector[256]) (ClientPtr /*client*/); extern int (* SwappedProcVector[256]) (ClientPtr /*client*/); -#ifdef K5AUTH -extern int (*k5_Vector[256])(ClientPtr /*client*/); -#endif - extern ReplySwapPtr ReplySwapVector[256]; extern int ProcBadRequest(ClientPtr /*client*/); diff --git a/nx-X11/programs/Xserver/os/Imakefile b/nx-X11/programs/Xserver/os/Imakefile index 5245b7841..00d28deb1 100644 --- a/nx-X11/programs/Xserver/os/Imakefile +++ b/nx-X11/programs/Xserver/os/Imakefile @@ -78,11 +78,6 @@ RPCOBJS = RPCSRCS = #endif -#if HasKrb5 -KRB5OBJS = k5auth.o k5encode.o -KRB5SRCS = k5auth.c k5encode.c -#endif - #if HasBSD44Sockets SOCK_DEFINES = -DBSD44SOCKETS #endif @@ -122,12 +117,12 @@ GETPEER_DEFINES = -DHAS_GETPEEREID BOOTSTRAPCFLAGS = SRCS = WaitFor.c access.c connection.c io.c $(COLOR_SRCS) \ osinit.c utils.c log.c auth.c mitauth.c secauth.c \ - $(XDMAUTHSRCS) $(RPCSRCS) $(KRB5SRCS) xdmcp.c OtherSources \ + $(XDMAUTHSRCS) $(RPCSRCS) xdmcp.c OtherSources \ transport.c $(SNPRINTF_SRCS) $(STRLCAT_SRCS) \ $(MALLOC_SRCS) xprintf.c OBJS = WaitFor.o access.o connection.o io.o $(COLOR_OBJS) \ osinit.o utils.o log.o auth.o mitauth.o secauth.o \ - $(XDMAUTHOBJS) $(RPCOBJS) $(KRB5OBJS) xdmcp.o OtherObjects \ + $(XDMAUTHOBJS) $(RPCOBJS) xdmcp.o OtherObjects \ transport.o $(SNPRINTF_OBJS) $(STRLCAT_OBJS) \ $(MALLOC_OBJS) xprintf.o @@ -146,7 +141,6 @@ BOOTSTRAPCFLAGS = DBM_DEFINES = NdbmDefines ADM_DEFINES = -DADMPATH=\"$(ADMDIR)/X\%smsgs\" XDMCP_DEFINES = ServerXdmcpDefines - KRB5_DEFINES = Krb5Defines XALLOC_DEFINES = XallocDefines ERROR_DEFINES = ServerErrorDefines #if HasPam && HasPamMisc @@ -154,11 +148,11 @@ BOOTSTRAPCFLAGS = #endif DEFINES = -DXSERV_t -DTRANS_SERVER $(CONNECTION_FLAGS) $(MEM_DEFINES) \ $(XDMAUTHDEFS) $(RPCDEFS) $(SIGNAL_DEFINES) $(OS_DEFINES) \ - $(KRB5_DEFINES) $(RGB_DEFINES) $(GETPEER_DEFINES) \ + $(RGB_DEFINES) $(GETPEER_DEFINES) \ $(RANDOM_DEFINES) $(BUGMSG) $(XTRANS_FAILDEFINES) $(NX_DEFINES) INCLUDES = -I. -I../include -I$(XINCLUDESRC) -I$(EXTINCSRC) \ -I$(SERVERSRC)/Xext -I$(SERVERSRC)/render \ - -I$(TOP)/lib/Xau Krb5Includes $(NX_INCLUDES) \ + -I$(TOP)/lib/Xau $(NX_INCLUDES) \ `pkg-config --cflags-only-I pixman-1` DEPEND_DEFINES = $(DBM_DEFINES) $(XDMCP_DEFINES) $(EXT_DEFINES) \ $(TRANS_INCLUDES) $(CONNECTION_FLAGS) $(GETPEER_DEFINES) \ @@ -204,10 +198,6 @@ oscolor.o: oscolor.c $(ICONFIGFILES) SpecialCObjectRule(oscolor,$(ICONFIGFILES),$(DBM_DEFINES)) #endif -#if HasKrb5 -LinkSourceFile(k5encode.c,$(XAUTHSRC)) -#endif - #if !HasSnprintf LinkSourceFile(snprintf.c,$(LIBSRC)/misc) #endif diff --git a/nx-X11/programs/Xserver/os/access.c b/nx-X11/programs/Xserver/os/access.c index d2bf972fe..7f45e5ec9 100644 --- a/nx-X11/programs/Xserver/os/access.c +++ b/nx-X11/programs/Xserver/os/access.c @@ -1169,10 +1169,6 @@ ResetHosts (char *display) #ifdef DNETCONN struct nodeent *np; struct dn_naddr dnaddr, *dnaddrp, *dnet_addr(); -#endif -#ifdef K5AUTH - krb5_principal princ; - krb5_data kbuf; #endif int family = 0; void *addr; @@ -1248,13 +1244,6 @@ ResetHosts (char *display) family = FamilyNetname; hostname = ohostname + 4; } -#endif -#ifdef K5AUTH - else if (!strncmp("krb:", lhostname, 4)) - { - family = FamilyKrb5Principal; - hostname = ohostname + 4; - } #endif else if (!strncmp("si:", lhostname, 3)) { @@ -1298,16 +1287,6 @@ ResetHosts (char *display) } else #endif /* DNETCONN */ -#ifdef K5AUTH - if (family == FamilyKrb5Principal) - { - krb5_parse_name(hostname, &princ); - XauKrb5Encode(princ, &kbuf); - (void) NewHost(FamilyKrb5Principal, kbuf.data, kbuf.length, FALSE); - krb5_free_principal(princ); - } - else -#endif #ifdef SECURE_RPC if ((family == FamilyNetname) || (strchr(hostname, '@'))) { @@ -1553,11 +1532,6 @@ AddHost (ClientPtr client, len = length; LocalHostEnabled = TRUE; break; -#ifdef K5AUTH - case FamilyKrb5Principal: - len = length; - break; -#endif #ifdef SECURE_RPC case FamilyNetname: len = length; @@ -1656,11 +1630,6 @@ RemoveHost ( len = length; LocalHostEnabled = FALSE; break; -#ifdef K5AUTH - case FamilyKrb5Principal: - len = length; - break; -#endif #ifdef SECURE_RPC case FamilyNetname: len = length; diff --git a/nx-X11/programs/Xserver/os/auth.c b/nx-X11/programs/Xserver/os/auth.c index c14c1e874..587e0d5ec 100644 --- a/nx-X11/programs/Xserver/os/auth.c +++ b/nx-X11/programs/Xserver/os/auth.c @@ -54,9 +54,6 @@ from The Open Group. #include #endif -#ifdef K5AUTH -# include -#endif # include # include # include "misc.h" @@ -112,15 +109,6 @@ static struct protocol protocols[] = { #endif }, #endif -#ifdef K5AUTH -{ (unsigned short) 14, "MIT-KERBEROS-5", - K5Add, K5Check, K5Reset, - K5ToID, K5FromID, K5Remove, -#ifdef XCSECURITY - NULL -#endif -}, -#endif #ifdef XCSECURITY { (unsigned short) XSecurityAuthorizationNameLen, XSecurityAuthorizationName, diff --git a/nx-X11/programs/Xserver/os/k5auth.c b/nx-X11/programs/Xserver/os/k5auth.c deleted file mode 100644 index f2ed5369d..000000000 --- a/nx-X11/programs/Xserver/os/k5auth.c +++ /dev/null @@ -1,801 +0,0 @@ -/* $Xorg: k5auth.c,v 1.4 2001/02/09 02:05:23 xorgcvs Exp $ */ -/* - -Copyright 1993, 1994, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR -OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall -not be used in advertising or otherwise to promote the sale, use or -other dealings in this Software without prior written authorization -from The Open Group. - -*/ -/* $XFree86: xc/programs/Xserver/os/k5auth.c,v 3.4 2001/01/17 22:37:10 dawes Exp $ */ - -/* - * Kerberos V5 authentication scheme - * Author: Tom Yu - * - * Mostly snarfed wholesale from the user_user demo in the - * krb5 distribution. (At least the checking part) - */ - -#ifdef HAVE_DIX_CONFIG_H -#include -#endif - -#include -#include -#ifdef TCPCONN -#include -#endif -#ifdef DNETCONN -#include -#endif -#include -#include -/* 9/93: krb5.h leaks some symbols */ -#undef BITS32 -#undef xfree -#include -#include -#include "os.h" -#include "osdep.h" -#include -#include -#include "dixstruct.h" -#include -#include "Xauth.h" - -extern int (*k5_Vector[256])(); -extern int SendConnSetup(); -extern char *display; /* need this to generate rcache name */ - -static XID krb5_id = ~0L; -static krb5_principal srvname = NULL; /* service name */ -static char *ccname = NULL; -static char *ktname = NULL; /* key table name */ -static char kerror[256]; - -/* - * tgt_keyproc: - * - * extract session key from a credentials struct - */ -krb5_error_code tgt_keyproc(keyprocarg, principal, vno, key) - krb5_void * keyprocarg; - krb5_principal principal; - krb5_kvno vno; - krb5_keyblock **key; -{ - krb5_creds *creds = (krb5_creds *)keyprocarg; - - return krb5_copy_keyblock(&creds->keyblock, key); -} - -/* - * k5_cmpenc: - * - * compare "encoded" principals - */ -Bool k5_cmpenc(pname, plen, buf) - unsigned char *pname; - short plen; - krb5_data *buf; -{ - return (plen == buf->length && - memcmp(pname, buf->data, plen) == 0); -} - -/* - * K5Check: - * - * This is stage 0 of the krb5 authentication protocol. It - * goes through the current credentials cache and extracts the - * primary principal and tgt to send to the client, or as - * appropriate, extracts from a keytab. - * - * The packet sent to the client has the following format: - * - * CARD8 reqType = 2 - * CARD8 data = 0 - * CARD16 length = total length of packet (in 32 bit units) - * CARD16 plen = length of encoded principal following - * STRING8 princ = encoded principal - * STRING8 ticket = server tgt - * - * For client-server authentication, the packet is as follows: - * - * CARD8 reqType = 3 - * CARD8 data = 0 - * CARD16 length = total length - * STRING8 princ = encoded principal of server - */ -XID K5Check(data_length, data, client, reason) - unsigned short data_length; - char *data; - ClientPtr client; - char **reason; -{ - krb5_error_code retval; - CARD16 tlen; - krb5_principal sprinc, cprinc; - krb5_ccache cc; - krb5_creds *creds; - char *outbuf, *cp; - krb5_data princ; - register char n; - xReq prefix; - - if (krb5_id == ~0L) - return ~0L; - if (!ccname && !srvname) - return ~0L; - if (ccname) - { - if ((creds = (krb5_creds *)malloc(sizeof(krb5_creds))) == NULL) - return ~0L; - if (retval = krb5_cc_resolve(ccname, &cc)) - return ~0L; - bzero((char*)creds, sizeof (krb5_creds)); - if (retval = krb5_cc_get_principal(cc, &cprinc)) - { - krb5_free_creds(creds); - krb5_cc_close(cc); - return ~0L; - } - creds->client = cprinc; - if (retval = - krb5_build_principal_ext(&sprinc, - krb5_princ_realm(creds->client)->length, - krb5_princ_realm(creds->client)->data, - 6, "krbtgt", - krb5_princ_realm(creds->client)->length, - krb5_princ_realm(creds->client)->data, - 0)) - { - krb5_free_creds(creds); - krb5_cc_close(cc); - return ~0L; - } - creds->server = sprinc; - retval = krb5_get_credentials(KRB5_GC_CACHED, cc, creds); - krb5_cc_close(cc); - if (retval) - { - krb5_free_creds(creds); - return ~0L; - } - if (retval = XauKrb5Encode(cprinc, &princ)) - { - krb5_free_creds(creds); - return ~0L; - } - tlen = sz_xReq + 2 + princ.length + creds->ticket.length; - prefix.reqType = 2; /* opcode = authenticate user-to-user */ - } - else if (srvname) - { - if (retval = XauKrb5Encode(srvname, &princ)) - { - return ~0L; - } - tlen = sz_xReq + princ.length; - prefix.reqType = 3; /* opcode = authenticate client-server */ - } - prefix.data = 0; /* stage = 0 */ - prefix.length = (tlen + 3) >> 2; /* round up to nearest multiple - of 4 bytes */ - if (client->swapped) - { - swaps(&prefix.length, n); - } - if ((cp = outbuf = (char *)malloc(tlen)) == NULL) - { - if (ccname) - { - krb5_free_creds(creds); - } - free(princ.data); - return ~0L; - } - memcpy(cp, &prefix, sz_xReq); - cp += sz_xReq; - if (ccname) - { - memcpy(cp, &princ.length, 2); - if (client->swapped) - { - swaps((CARD16 *)cp, n); - } - cp += 2; - } - memcpy(cp, princ.data, princ.length); - cp += princ.length; - free(princ.data); /* we don't need that anymore */ - if (ccname) - memcpy(cp, creds->ticket.data, creds->ticket.length); - WriteToClient(client, tlen, outbuf); - free(outbuf); - client->requestVector = k5_Vector; /* hack in our dispatch vector */ - client->clientState = ClientStateAuthenticating; - if (ccname) - { - ((OsCommPtr)client->osPrivate)->authstate.srvcreds = (void *)creds; /* save tgt creds */ - ((OsCommPtr)client->osPrivate)->authstate.ktname = NULL; - ((OsCommPtr)client->osPrivate)->authstate.srvname = NULL; - } - if (srvname) - { - ((OsCommPtr)client->osPrivate)->authstate.srvcreds = NULL; - ((OsCommPtr)client->osPrivate)->authstate.ktname = (void *)ktname; - ((OsCommPtr)client->osPrivate)->authstate.srvname = (void *)srvname; - } - ((OsCommPtr)client->osPrivate)->authstate.stageno = 1; /* next stage is 1 */ - return krb5_id; -} - -/* - * k5_stage1: - * - * This gets called out of the dispatcher after K5Check frobs with the - * client->requestVector. It accepts the ap_req from the client and verifies - * it. In addition, if the client has set AP_OPTS_MUTUAL_REQUIRED, it then - * sends an ap_rep to the client to achieve mutual authentication. - * - * client stage1 packet format is as follows: - * - * CARD8 reqType = 1 - * CARD8 data = ignored - * CARD16 length = total length - * STRING8 data = the actual ap_req - * - * stage2 packet sent back to client for mutual authentication: - * - * CARD8 reqType = 2 - * CARD8 data = 2 - * CARD16 length = total length - * STRING8 data = the ap_rep - */ -int k5_stage1(client) - register ClientPtr client; -{ - long addrlen; - krb5_error_code retval, retval2; - register char n; - struct sockaddr cli_net_addr; - xReq prefix; - krb5_principal cprinc; - krb5_data buf; - krb5_creds *creds = (krb5_creds *)((OsCommPtr)client->osPrivate)->authstate.srvcreds; - krb5_keyblock *skey; - krb5_address cli_addr, **localaddrs = NULL; - krb5_tkt_authent *authdat; - krb5_ap_rep_enc_part rep; - krb5_int32 ctime, cusec; - krb5_rcache rcache = NULL; - char *cachename = NULL, *rc_type = NULL, *rc_base = "rcX", *kt = NULL; - REQUEST(xReq); - - if (((OsCommPtr)client->osPrivate)->authstate.stageno != 1) - { - if (creds) - krb5_free_creds(creds); - return(SendConnSetup(client, "expected Krb5 stage1 packet")); - } - addrlen = sizeof (cli_net_addr); - if (getpeername(((OsCommPtr)client->osPrivate)->fd, - &cli_net_addr, &addrlen) == -1) - { - if (creds) - krb5_free_creds(creds); - return(SendConnSetup(client, "Krb5 stage1: getpeername failed")); - } - if (cli_net_addr.sa_family == AF_UNSPEC -#if defined(UNIXCONN) || defined(LOCALCONN) || defined(OS2PIPECONN) - || cli_net_addr.sa_family == AF_UNIX -#endif - ) /* assume local host */ - { - krb5_os_localaddr(&localaddrs); - if (!localaddrs || !localaddrs[0]) - { - if (creds) - krb5_free_creds(creds); - return(SendConnSetup(client, "Krb5 failed to get localaddrs")); - } - cli_addr.addrtype = localaddrs[0]->addrtype; - cli_addr.length = localaddrs[0]->length; - cli_addr.contents = localaddrs[0]->contents; - } - else - { - cli_addr.addrtype = cli_net_addr.sa_family; /* the values - are compatible */ - switch (cli_net_addr.sa_family) - { -#ifdef TCPCONN - case AF_INET: - cli_addr.length = sizeof (struct in_addr); - cli_addr.contents = - (krb5_octet *)&((struct sockaddr_in *)&cli_net_addr)->sin_addr; - break; -#endif -#ifdef DNETCONN - case AF_DECnet: - cli_addr.length = sizeof (struct dn_naddr); - cli_addr.contents = - (krb5_octet *)&((struct sockaddr_dn *)&cli_net_addr)->sdn_add; - break; -#endif - default: - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - sprintf(kerror, "Krb5 stage1: unknown address family %d from getpeername", - cli_net_addr.sa_family); - return(SendConnSetup(client, kerror)); - } - } - if ((rcache = (krb5_rcache)malloc(sizeof(*rcache))) == NULL) - { - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - return(SendConnSetup(client, "malloc bombed for krb5_rcache")); - } - if ((rc_type = krb5_rc_default_type()) == NULL) - rc_type = "dfl"; - if (retval = krb5_rc_resolve_type(&rcache, rc_type)) - { - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - free(rcache); - strcpy(kerror, "krb5_rc_resolve_type failed: "); - strncat(kerror, error_message(retval), 231); - return(SendConnSetup(client, kerror)); - } - if ((cachename = (char *)malloc(strlen(rc_base) + strlen(display) + 1)) - == NULL) - { - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - free(rcache); - return(SendConnSetup(client, "Krb5: malloc bombed for cachename")); - } - strcpy(cachename, rc_base); - strcat(cachename, display); - if (retval = krb5_rc_resolve(rcache, cachename)) - { - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - free(rcache); - free(cachename); - strcpy(kerror, "krb5_rc_resolve failed: "); - strncat(kerror, error_message(retval), 236); - return(SendConnSetup(client, kerror)); - } - free(cachename); - if (krb5_rc_recover(rcache)) - { - extern krb5_deltat krb5_clockskew; - if (retval = krb5_rc_initialize(rcache, krb5_clockskew)) - { - if (localaddrs) - krb5_free_addresses(localaddrs); - if (creds) - krb5_free_creds(creds); - if (retval2 = krb5_rc_close(rcache)) - { - strcpy(kerror, "krb5_rc_close failed: "); - strncat(kerror, error_message(retval2), 238); - return(SendConnSetup(client, kerror)); - } - free(rcache); - strcpy(kerror, "krb5_rc_initialize failed: "); - strncat(kerror, error_message(retval), 233); - return(SendConnSetup(client, kerror)); - } - } - buf.length = (stuff->length << 2) - sz_xReq; - buf.data = (char *)stuff + sz_xReq; - if (creds) - { - retval = krb5_rd_req(&buf, - NULL, /* don't bother with server name */ - &cli_addr, - NULL, /* no fetchfrom */ - tgt_keyproc, - creds, /* credentials as arg to - keyproc */ - rcache, - &authdat); - krb5_free_creds(creds); - } - else if (kt = (char *)((OsCommPtr)client->osPrivate)->authstate.ktname) - { - retval = krb5_rd_req(&buf, srvname, &cli_addr, kt, NULL, NULL, - rcache, &authdat); - ((OsCommPtr)client->osPrivate)->authstate.ktname = NULL; - } - else - { - if (localaddrs) - krb5_free_addresses(localaddrs); - return(SendConnSetup(client, "Krb5: neither srvcreds nor ktname set")); - } - if (localaddrs) - krb5_free_addresses(localaddrs); - if (rcache) - { - if (retval2 = krb5_rc_close(rcache)) - { - strcpy(kerror, "krb5_rc_close failed (2): "); - strncat(kerror, error_message(retval2), 230); - return(SendConnSetup(client, kerror)); - } - free(rcache); - } - if (retval) - { - strcpy(kerror, "Krb5: Bad application request: "); - strncat(kerror, error_message(retval), 224); - return(SendConnSetup(client, kerror)); - } - cprinc = authdat->ticket->enc_part2->client; - skey = authdat->ticket->enc_part2->session; - if (XauKrb5Encode(cprinc, &buf)) - { - krb5_free_tkt_authent(authdat); - return(SendConnSetup(client, "XauKrb5Encode bombed")); - } - /* - * Now check to see if the principal we got is one that we want to let in - */ - if (ForEachHostInFamily(FamilyKrb5Principal, k5_cmpenc, (void *)&buf)) - { - free(buf.data); - /* - * The following deals with sending an ap_rep to the client to - * achieve mutual authentication. The client sends back a stage 3 - * packet if all is ok. - */ - if (authdat->ap_options | AP_OPTS_MUTUAL_REQUIRED) - { - /* - * stage 2: send ap_rep to client - */ - if (retval = krb5_us_timeofday(&ctime, &cusec)) - { - krb5_free_tkt_authent(authdat); - strcpy(kerror, "error in krb5_us_timeofday: "); - strncat(kerror, error_message(retval), 234); - return(SendConnSetup(client, kerror)); - } - rep.ctime = ctime; - rep.cusec = cusec; - rep.subkey = NULL; - rep.seq_number = 0; - if (retval = krb5_mk_rep(&rep, skey, &buf)) - { - krb5_free_tkt_authent(authdat); - strcpy(kerror, "error in krb5_mk_rep: "); - strncat(kerror, error_message(retval), 238); - return(SendConnSetup(client, kerror)); - } - prefix.reqType = 2; /* opcode = authenticate */ - prefix.data = 2; /* stage = 2 */ - prefix.length = (buf.length + sz_xReq + 3) >> 2; - if (client->swapped) - { - swaps(&prefix.length, n); - } - WriteToClient(client, sz_xReq, (char *)&prefix); - WriteToClient(client, buf.length, buf.data); - free(buf.data); - krb5_free_tkt_authent(authdat); - ((OsCommPtr)client->osPrivate)->authstate.stageno = 3; /* expect stage3 packet */ - return(Success); - } - else - { - free(buf.data); - krb5_free_tkt_authent(authdat); - return(SendConnSetup(client, NULL)); /* success! */ - } - } - else - { - char *kname; - - krb5_free_tkt_authent(authdat); - free(buf.data); - retval = krb5_unparse_name(cprinc, &kname); - if (retval == 0) - { - sprintf(kerror, "Principal \"%s\" is not authorized to connect", - kname); - if (kname) - free(kname); - return(SendConnSetup(client, kerror)); - } - else - return(SendConnSetup(client,"Principal is not authorized to connect to Server")); - } -} - -/* - * k5_stage3: - * - * Get the short ack packet from the client. This packet can conceivably - * be expanded to allow for switching on end-to-end encryption. - * - * stage3 packet format: - * - * CARD8 reqType = 3 - * CARD8 data = ignored (for now) - * CARD16 length = should be zero - */ -int k5_stage3(client) - register ClientPtr client; -{ - REQUEST(xReq); - - if (((OsCommPtr)client->osPrivate)->authstate.stageno != 3) - { - return(SendConnSetup(client, "expected Krb5 stage3 packet")); - } - else - return(SendConnSetup(client, NULL)); /* success! */ -} - -k5_bad(client) - register ClientPtr client; -{ - if (((OsCommPtr)client->osPrivate)->authstate.srvcreds) - krb5_free_creds((krb5_creds *)((OsCommPtr)client->osPrivate)->authstate.srvcreds); - sprintf(kerror, "unrecognized Krb5 auth packet %d, expecting %d", - ((xReq *)client->requestBuffer)->reqType, - ((OsCommPtr)client->osPrivate)->authstate.stageno); - return(SendConnSetup(client, kerror)); -} - -/* - * K5Add: - * - * Takes the name of a credentials cache and resolves it. Also adds the - * primary principal of the ccache to the acl. - * - * Now will also take a service name. - */ -int K5Add(data_length, data, id) - unsigned short data_length; - char *data; - XID id; -{ - krb5_principal princ; - krb5_error_code retval; - krb5_keytab_entry tmp_entry; - krb5_keytab keytab; - krb5_kvno kvno = 0; - krb5_ccache cc; - char *nbuf, *cp; - krb5_data kbuf; - int i, ktlen; - - krb5_init_ets(); /* can't think of a better place to put it */ - krb5_id = ~0L; - if (data_length < 3) - return 0; - if ((nbuf = (char *)malloc(data_length - 2)) == NULL) - return 0; - memcpy(nbuf, data + 3, data_length - 3); - nbuf[data_length - 3] = '\0'; - if (ccname) - { - free(ccname); - ccname = NULL; - } - if (srvname) - { - krb5_free_principal(srvname); - srvname = NULL; - } - if (ktname) - { - free(ktname); - ktname = NULL; - } - if (!strncmp(data, "UU:", 3)) - { - if (retval = krb5_cc_resolve(nbuf, &cc)) - { - ErrorF("K5Add: krb5_cc_resolve of \"%s\" failed: %s\n", - nbuf, error_message(retval)); - free(nbuf); - return 0; - } - if (cc && !(retval = krb5_cc_get_principal(cc, &princ))) - { - if (XauKrb5Encode(princ, &kbuf)) - { - free(nbuf); - krb5_free_principal(princ); - krb5_cc_close(cc); - return 0; - } - if (krb5_cc_close(cc)) - return 0; - AddHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data); - krb5_free_principal(princ); - free(kbuf.data); - ccname = nbuf; - krb5_id = id; - return 1; - } - else - { - ErrorF("K5Add: getting principal from cache \"%s\" failed: %s\n", - nbuf, error_message(retval)); - } - } - else if (!strncmp(data, "CS:", 3)) - { - if ((cp = strchr(nbuf, ',')) == NULL) - { - free(nbuf); - return 0; - } - *cp = '\0'; /* gross but it works :-) */ - ktlen = strlen(cp + 1); - if ((ktname = (char *)malloc(ktlen + 1)) == NULL) - { - free(nbuf); - return 0; - } - strcpy(ktname, cp + 1); - retval = krb5_sname_to_principal(NULL, /* NULL for hostname uses - local host name*/ - nbuf, KRB5_NT_SRV_HST, - &srvname); - free(nbuf); - if (retval) - { - free(ktname); - ktname = NULL; - return 0; - } - if (retval = krb5_kt_resolve(ktname, &keytab)) - { - free(ktname); - ktname = NULL; - krb5_free_principal(srvname); - srvname = NULL; - return 0; - } - retval = krb5_kt_get_entry(keytab, srvname, kvno, &tmp_entry); - krb5_kt_free_entry(&tmp_entry); - if (retval) - { - free(ktname); - ktname = NULL; - krb5_free_principal(srvname); - srvname = NULL; - return 0; - } - if (XauKrb5Encode(srvname, &kbuf)) - { - free(ktname); - ktname = NULL; - krb5_free_principal(srvname); - srvname = NULL; - return 0; - } - AddHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data); - krb5_id = id; - return 1; - } - else - { - ErrorF("K5Add: credentials cache name \"%.*s\" in auth file: unknown type\n", - data_length, data); - } - return 0; -} - -/* - * K5Reset: - * - * Reset krb5_id, also nuke the current principal from the acl. - */ -int K5Reset() -{ - krb5_principal princ; - krb5_error_code retval; - krb5_ccache cc; - krb5_data kbuf; - int i; - - if (ccname) - { - if (retval = krb5_cc_resolve(ccname, &cc)) - { - free(ccname); - ccname = NULL; - } - if (cc && !(retval = krb5_cc_get_principal(cc, &princ))) - { - if (XauKrb5Encode(princ, &kbuf)) - return 1; - RemoveHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data); - krb5_free_principal(princ); - free(kbuf.data); - if (krb5_cc_close(cc)) - return 1; - free(ccname); - ccname = NULL; - } - } - if (srvname) - { - if (XauKrb5Encode(srvname, &kbuf)) - return 1; - RemoveHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data); - krb5_free_principal(srvname); - free(kbuf.data); - srvname = NULL; - } - if (ktname) - { - free(ktname); - ktname = NULL; - } - krb5_id = ~0L; - return 0; -} - -XID K5ToID(data_length, data) - unsigned short data_length; - char *data; -{ - return krb5_id; -} - -int K5FromID(id, data_lenp, datap) - XID id; - unsigned short *data_lenp; - char **datap; -{ - return 0; -} - -int K5Remove(data_length, data) - unsigned short data_length; - char *data; -{ - return 0; -} diff --git a/nx-X11/programs/Xserver/os/osdep.h b/nx-X11/programs/Xserver/os/osdep.h index acf832e1c..633039f4a 100644 --- a/nx-X11/programs/Xserver/os/osdep.h +++ b/nx-X11/programs/Xserver/os/osdep.h @@ -145,16 +145,6 @@ typedef struct _connectionOutput { int count; } ConnectionOutput, *ConnectionOutputPtr; -#ifdef K5AUTH -typedef struct _k5_state { - int stageno; /* current stage of auth protocol */ - void *srvcreds; /* server credentials */ - void *srvname; /* server principal name */ - void *ktname; /* key table: principal-key pairs */ - void *skey; /* session key */ -} k5_state; -#endif - struct _osComm; #define AuthInitArgs void @@ -190,9 +180,6 @@ typedef struct _osComm { ConnectionInputPtr input; ConnectionOutputPtr output; XID auth_id; /* authorization id */ -#ifdef K5AUTH - k5_state authstate; /* state of setup auth conversation */ -#endif CARD32 conn_time; /* timestamp if not established, else 0 */ struct _XtransConnInfo *trans_conn; /* transport connection object */ } OsCommRec, *OsCommPtr; @@ -283,16 +270,6 @@ extern int SecureRPCRemove (AuthRemCArgs); extern int SecureRPCReset (AuthRstCArgs); #endif -/* in k5auth.c */ -#ifdef K5AUTH -extern XID K5Check (AuthCheckArgs); -extern XID K5ToID (AuthToIDArgs); -extern int K5Add (AuthAddCArgs); -extern int K5FromID (AuthFromIDArgs); -extern int K5Remove (AuthRemCArgs); -extern int K5Reset (AuthRstCArgs); -#endif - /* in secauth.c */ extern XID AuthSecurityCheck (AuthCheckArgs); diff --git a/nx-X11/programs/Xserver/os/rpcauth.c b/nx-X11/programs/Xserver/os/rpcauth.c index 94c26651b..91823553c 100644 --- a/nx-X11/programs/Xserver/os/rpcauth.c +++ b/nx-X11/programs/Xserver/os/rpcauth.c @@ -41,7 +41,7 @@ from The Open Group. #ifdef SECURE_RPC #include -#include "Xauth.h" +#include #include "misc.h" #include "os.h" #include "dixstruct.h" -- cgit v1.2.3