aboutsummaryrefslogtreecommitdiff
path: root/xorg-server/os
diff options
context:
space:
mode:
Diffstat (limited to 'xorg-server/os')
-rw-r--r--xorg-server/os/access.c4404
-rw-r--r--xorg-server/os/auth.c679
-rw-r--r--xorg-server/os/mitauth.c394
-rw-r--r--xorg-server/os/osdep.h23
-rw-r--r--xorg-server/os/rpcauth.c386
-rw-r--r--xorg-server/os/xdmauth.c998
-rw-r--r--xorg-server/os/xdmcp.c3332
7 files changed, 5109 insertions, 5107 deletions
diff --git a/xorg-server/os/access.c b/xorg-server/os/access.c
index 74c340a43..603210f85 100644
--- a/xorg-server/os/access.c
+++ b/xorg-server/os/access.c
@@ -1,2202 +1,2202 @@
-/***********************************************************
-
-Copyright 1987, 1998 The Open Group
-
-All rights reserved.
-
-Permission is hereby granted, free of charge, to any person obtaining a
-copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, and/or sell copies of the Software, and to permit persons
-to whom the Software is furnished to do so, provided that the above
-copyright notice(s) and this permission notice appear in all copies of
-the Software and that both the above copyright notice(s) and this
-permission notice appear in supporting documentation.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
-OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
-HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
-INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
-FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-Except as contained in this notice, the name of a copyright holder
-shall not be used in advertising or otherwise to promote the sale, use
-or other dealings in this Software without prior written authorization
-of the copyright holder.
-
-X Window System is a trademark of The Open Group.
-
-Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
-
- All Rights Reserved
-
-Permission to use, copy, modify, and distribute this software and its
-documentation for any purpose and without fee is hereby granted,
-provided that the above copyright notice appear in all copies and that
-both that copyright notice and this permission notice appear in
-supporting documentation, and that the name of Digital not be
-used in advertising or publicity pertaining to distribution of the
-software without specific, written prior permission.
-
-DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
-ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
-DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
-ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
-WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
-ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-SOFTWARE.
-
-******************************************************************/
-
-/*
- * Copyright © 2004 Sun Microsystems, Inc. All rights reserved.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a
- * copy of this software and associated documentation files (the "Software"),
- * to deal in the Software without restriction, including without limitation
- * the rights to use, copy, modify, merge, publish, distribute, sublicense,
- * and/or sell copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice (including the next
- * paragraph) shall be included in all copies or substantial portions of the
- * Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
- * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#ifdef WIN32
-#include <X11/Xwinsock.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#define XSERV_t
-#define TRANS_SERVER
-#define TRANS_REOPEN
-#include <X11/Xtrans/Xtrans.h>
-#include <X11/Xauth.h>
-#include <X11/X.h>
-#include <X11/Xproto.h>
-#include "misc.h"
-#include "site.h"
-#include <errno.h>
-#include <sys/types.h>
-#ifndef WIN32
-#include <sys/socket.h>
-#include <sys/ioctl.h>
-#include <ctype.h>
-
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(__SCO__)
-#include <netinet/in.h>
-#endif /* TCPCONN || STREAMSCONN || ISC || __SCO__ */
-#ifdef DNETCONN
-#include <netdnet/dn.h>
-#include <netdnet/dnetdb.h>
-#endif
-
-#ifdef HAS_GETPEERUCRED
-# include <ucred.h>
-# ifdef sun
-# include <zone.h>
-# endif
-#endif
-
-#if defined(SVR4) || (defined(SYSV) && defined(__i386__)) || defined(__GNU__)
-# include <sys/utsname.h>
-#endif
-#if defined(SYSV) && defined(__i386__)
-# include <sys/stream.h>
-#endif
-#ifdef __GNU__
-#undef SIOCGIFCONF
-#include <netdb.h>
-#else /*!__GNU__*/
-# include <net/if.h>
-#endif /*__GNU__ */
-
-#ifdef SVR4
-#include <sys/sockio.h>
-#include <sys/stropts.h>
-#endif
-
-#include <netdb.h>
-
-#ifdef CSRG_BASED
-#include <sys/param.h>
-#if (BSD >= 199103)
-#define VARIABLE_IFREQ
-#endif
-#endif
-
-#ifdef BSD44SOCKETS
-#ifndef VARIABLE_IFREQ
-#define VARIABLE_IFREQ
-#endif
-#endif
-
-#ifdef HAS_GETIFADDRS
-#include <ifaddrs.h>
-#endif
-
-/* Solaris provides an extended interface SIOCGLIFCONF. Other systems
- * may have this as well, but the code has only been tested on Solaris
- * so far, so we only enable it there. Other platforms may be added as
- * needed.
- *
- * Test for Solaris commented out -- TSI @ UQV 2003.06.13
- */
-#ifdef SIOCGLIFCONF
-/* #if defined(sun) */
-#define USE_SIOCGLIFCONF
-/* #endif */
-#endif
-
-#endif /* WIN32 */
-
-#ifndef PATH_MAX
-#include <sys/param.h>
-#ifndef PATH_MAX
-#ifdef MAXPATHLEN
-#define PATH_MAX MAXPATHLEN
-#else
-#define PATH_MAX 1024
-#endif
-#endif
-#endif
-
-#ifdef __SCO__
-/* The system defined value is wrong. MAXPATHLEN is set in sco5.cf. */
-#undef PATH_MAX
-#endif
-
-#define X_INCLUDE_NETDB_H
-#include <X11/Xos_r.h>
-
-#include "dixstruct.h"
-#include "osdep.h"
-
-#include "xace.h"
-
-#ifndef PATH_MAX
-#ifdef MAXPATHLEN
-#define PATH_MAX MAXPATHLEN
-#else
-#define PATH_MAX 1024
-#endif
-#endif
-
-Bool defeatAccessControl = FALSE;
-
-#define acmp(a1, a2, len) memcmp((char *)(a1), (char *)(a2), len)
-#define acopy(a1, a2, len) memmove((char *)(a2), (char *)(a1), len)
-#define addrEqual(fam, address, length, host) \
- ((fam) == (host)->family &&\
- (length) == (host)->len &&\
- !acmp (address, (host)->addr, length))
-
-static int ConvertAddr(struct sockaddr * /*saddr*/,
- int * /*len*/,
- pointer * /*addr*/);
-
-static int CheckAddr(int /*family*/,
- pointer /*pAddr*/,
- unsigned /*length*/);
-
-static Bool NewHost(int /*family*/,
- pointer /*addr*/,
- int /*len*/,
- int /* addingLocalHosts */);
-
-/* XFree86 bug #156: To keep track of which hosts were explicitly requested in
- /etc/X<display>.hosts, we've added a requested field to the HOST struct,
- and a LocalHostRequested variable. These default to FALSE, but are set
- to TRUE in ResetHosts when reading in /etc/X<display>.hosts. They are
- checked in DisableLocalHost(), which is called to disable the default
- local host entries when stronger authentication is turned on. */
-
-typedef struct _host {
- short family;
- short len;
- unsigned char *addr;
- struct _host *next;
- int requested;
-} HOST;
-
-#define MakeHost(h,l) (h)=xalloc(sizeof *(h)+(l));\
- if (h) { \
- (h)->addr=(unsigned char *) ((h) + 1);\
- (h)->requested = FALSE; \
- }
-#define FreeHost(h) xfree(h)
-static HOST *selfhosts = NULL;
-static HOST *validhosts = NULL;
-static int AccessEnabled = DEFAULT_ACCESS_CONTROL;
-static int LocalHostEnabled = FALSE;
-static int LocalHostRequested = FALSE;
-static int UsingXdmcp = FALSE;
-
-/* FamilyServerInterpreted implementation */
-static Bool siAddrMatch(int family, pointer addr, int len, HOST *host,
- ClientPtr client);
-static int siCheckAddr(const char *addrString, int length);
-static void siTypesInitialize(void);
-
-/*
- * called when authorization is not enabled to add the
- * local host to the access list
- */
-
-void
-EnableLocalHost (void)
-{
- if (!UsingXdmcp)
- {
- LocalHostEnabled = TRUE;
- AddLocalHosts ();
- }
-}
-
-/*
- * called when authorization is enabled to keep us secure
- */
-void
-DisableLocalHost (void)
-{
- HOST *self;
-
- if (!LocalHostRequested) /* Fix for XFree86 bug #156 */
- LocalHostEnabled = FALSE;
- for (self = selfhosts; self; self = self->next) {
- if (!self->requested) /* Fix for XFree86 bug #156 */
- (void) RemoveHost ((ClientPtr)NULL, self->family, self->len, (pointer)self->addr);
- }
-}
-
-/*
- * called at init time when XDMCP will be used; xdmcp always
- * adds local hosts manually when needed
- */
-
-void
-AccessUsingXdmcp (void)
-{
- UsingXdmcp = TRUE;
- LocalHostEnabled = FALSE;
-}
-
-
-#if defined(SVR4) && !defined(SCO325) && !defined(sun) && defined(SIOCGIFCONF) && !defined(USE_SIOCGLIFCONF)
-
-/* Deal with different SIOCGIFCONF ioctl semantics on these OSs */
-
-static int
-ifioctl (int fd, int cmd, char *arg)
-{
- struct strioctl ioc;
- int ret;
-
- bzero((char *) &ioc, sizeof(ioc));
- ioc.ic_cmd = cmd;
- ioc.ic_timout = 0;
- if (cmd == SIOCGIFCONF)
- {
- ioc.ic_len = ((struct ifconf *) arg)->ifc_len;
- ioc.ic_dp = ((struct ifconf *) arg)->ifc_buf;
- }
- else
- {
- ioc.ic_len = sizeof(struct ifreq);
- ioc.ic_dp = arg;
- }
- ret = ioctl(fd, I_STR, (char *) &ioc);
- if (ret >= 0 && cmd == SIOCGIFCONF)
-#ifdef SVR4
- ((struct ifconf *) arg)->ifc_len = ioc.ic_len;
-#endif
- return(ret);
-}
-#else /* Case sun, SCO325 and others */
-#define ifioctl ioctl
-#endif /* ((SVR4 && !sun !SCO325) || ISC) && SIOCGIFCONF */
-
-/*
- * DefineSelf (fd):
- *
- * Define this host for access control. Find all the hosts the OS knows about
- * for this fd and add them to the selfhosts list.
- */
-
-#if !defined(SIOCGIFCONF)
-void
-DefineSelf (int fd)
-{
-#if !defined(TCPCONN) && !defined(STREAMSCONN) && !defined(UNIXCONN) && !defined(MNX_TCPCONN)
- return;
-#else
- register int n;
- int len;
- caddr_t addr;
- int family;
- register HOST *host;
-
-#ifndef WIN32
- struct utsname name;
-#else
- struct {
- char nodename[512];
- } name;
-#endif
-
- register struct hostent *hp;
-
- union {
- struct sockaddr sa;
- struct sockaddr_in in;
-#if defined(IPv6) && defined(AF_INET6)
- struct sockaddr_in6 in6;
-#endif
- } saddr;
-
- struct sockaddr_in *inetaddr;
- struct sockaddr_in6 *inet6addr;
- struct sockaddr_in broad_addr;
-#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
- _Xgethostbynameparams hparams;
-#endif
-
- /* Why not use gethostname()? Well, at least on my system, I've had to
- * make an ugly kernel patch to get a name longer than 8 characters, and
- * uname() lets me access to the whole string (it smashes release, you
- * see), whereas gethostname() kindly truncates it for me.
- */
-#ifndef WIN32
- uname(&name);
-#else
- gethostname(name.nodename, sizeof(name.nodename));
-#endif
-
- hp = _XGethostbyname(name.nodename, hparams);
- if (hp != NULL)
- {
- saddr.sa.sa_family = hp->h_addrtype;
- switch (hp->h_addrtype) {
- case AF_INET:
- inetaddr = (struct sockaddr_in *) (&(saddr.sa));
- acopy ( hp->h_addr, &(inetaddr->sin_addr), hp->h_length);
- len = sizeof(saddr.sa);
- break;
-#if defined(IPv6) && defined(AF_INET6)
- case AF_INET6:
- inet6addr = (struct sockaddr_in6 *) (&(saddr.sa));
- acopy ( hp->h_addr, &(inet6addr->sin6_addr), hp->h_length);
- len = sizeof(saddr.in6);
- break;
-#endif
- default:
- goto DefineLocalHost;
- }
- family = ConvertAddr ( &(saddr.sa), &len, (pointer *)&addr);
- if ( family != -1 && family != FamilyLocal )
- {
- for (host = selfhosts;
- host && !addrEqual (family, addr, len, host);
- host = host->next) ;
- if (!host)
- {
- /* add this host to the host list. */
- MakeHost(host,len)
- if (host)
- {
- host->family = family;
- host->len = len;
- acopy ( addr, host->addr, len);
- host->next = selfhosts;
- selfhosts = host;
- }
-#ifdef XDMCP
- /*
- * If this is an Internet Address, but not the localhost
- * address (127.0.0.1), nor the bogus address (0.0.0.0),
- * register it.
- */
- if (family == FamilyInternet &&
- !(len == 4 &&
- ((addr[0] == 127) ||
- (addr[0] == 0 && addr[1] == 0 &&
- addr[2] == 0 && addr[3] == 0)))
- )
- {
- XdmcpRegisterConnection (family, (char *)addr, len);
- broad_addr = *inetaddr;
- ((struct sockaddr_in *) &broad_addr)->sin_addr.s_addr =
- htonl (INADDR_BROADCAST);
- XdmcpRegisterBroadcastAddress ((struct sockaddr_in *)
- &broad_addr);
- }
-#if defined(IPv6) && defined(AF_INET6)
- else if (family == FamilyInternet6 &&
- !(IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr)))
- {
- XdmcpRegisterConnection (family, (char *)addr, len);
- }
-#endif
-
-#endif /* XDMCP */
- }
- }
- }
- /*
- * now add a host of family FamilyLocalHost...
- */
-DefineLocalHost:
- for (host = selfhosts;
- host && !addrEqual(FamilyLocalHost, "", 0, host);
- host = host->next);
- if (!host)
- {
- MakeHost(host, 0);
- if (host)
- {
- host->family = FamilyLocalHost;
- host->len = 0;
- acopy("", host->addr, 0);
- host->next = selfhosts;
- selfhosts = host;
- }
- }
-#endif /* !TCPCONN && !STREAMSCONN && !UNIXCONN && !MNX_TCPCONN */
-}
-
-#else
-
-#ifdef USE_SIOCGLIFCONF
-#define ifr_type struct lifreq
-#else
-#define ifr_type struct ifreq
-#endif
-
-#ifdef VARIABLE_IFREQ
-#define ifr_size(p) (sizeof (struct ifreq) + \
- (p->ifr_addr.sa_len > sizeof (p->ifr_addr) ? \
- p->ifr_addr.sa_len - sizeof (p->ifr_addr) : 0))
-#define ifraddr_size(a) (a.sa_len)
-#else
-#define ifr_size(p) (sizeof (ifr_type))
-#define ifraddr_size(a) (sizeof (a))
-#endif
-
-#if defined(IPv6) && defined(AF_INET6)
-#include <arpa/inet.h>
-#endif
-
-#if defined(IPv6) && defined(AF_INET6)
-static void
-in6_fillscopeid(struct sockaddr_in6 *sin6)
-{
-#if defined(__KAME__)
- if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
- sin6->sin6_scope_id =
- ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]);
- sin6->sin6_addr.s6_addr[2] = sin6->sin6_addr.s6_addr[3] = 0;
- }
-#endif
-}
-#endif
-
-void
-DefineSelf (int fd)
-{
-#ifndef HAS_GETIFADDRS
- char *cp, *cplim;
-# ifdef USE_SIOCGLIFCONF
- struct sockaddr_storage buf[16];
- struct lifconf ifc;
- register struct lifreq *ifr;
-# ifdef SIOCGLIFNUM
- struct lifnum ifn;
-# endif
-# else /* !USE_SIOCGLIFCONF */
- char buf[2048];
- struct ifconf ifc;
- register struct ifreq *ifr;
-# endif
- void * bufptr = buf;
-#else /* HAS_GETIFADDRS */
- struct ifaddrs * ifap, *ifr;
-#endif
- int len;
- unsigned char * addr;
- int family;
- register HOST *host;
-
-#ifdef DNETCONN
- struct dn_naddr *dnaddr = getnodeadd();
- /*
- * AF_DECnet may not be listed in the interface list. Instead use
- * the supported library call to find out the local address (if any).
- */
- if (dnaddr)
- {
- addr = (unsigned char *) dnaddr;
- len = dnaddr->a_len + sizeof(dnaddr->a_len);
- family = FamilyDECnet;
- for (host = selfhosts;
- host && !addrEqual (family, addr, len, host);
- host = host->next)
- ;
- if (!host)
- {
- MakeHost(host,len)
- if (host)
- {
- host->family = family;
- host->len = len;
- acopy(addr, host->addr, len);
- host->next = selfhosts;
- selfhosts = host;
- }
- }
- }
-#endif /* DNETCONN */
-#ifndef HAS_GETIFADDRS
-
- len = sizeof(buf);
-
-#ifdef USE_SIOCGLIFCONF
-
-#ifdef SIOCGLIFNUM
- ifn.lifn_family = AF_UNSPEC;
- ifn.lifn_flags = 0;
- if (ioctl (fd, SIOCGLIFNUM, (char *) &ifn) < 0)
- Error ("Getting interface count");
- if (len < (ifn.lifn_count * sizeof(struct lifreq))) {
- len = ifn.lifn_count * sizeof(struct lifreq);
- bufptr = xalloc(len);
- }
-#endif
-
- ifc.lifc_family = AF_UNSPEC;
- ifc.lifc_flags = 0;
- ifc.lifc_len = len;
- ifc.lifc_buf = bufptr;
-
-#define IFC_IOCTL_REQ SIOCGLIFCONF
-#define IFC_IFC_REQ ifc.lifc_req
-#define IFC_IFC_LEN ifc.lifc_len
-#define IFR_IFR_ADDR ifr->lifr_addr
-#define IFR_IFR_NAME ifr->lifr_name
-
-#else /* Use SIOCGIFCONF */
- ifc.ifc_len = len;
- ifc.ifc_buf = bufptr;
-
-#define IFC_IOCTL_REQ SIOCGIFCONF
-#define IFC_IFC_REQ ifc.ifc_req
-#define IFC_IFC_LEN ifc.ifc_len
-#define IFR_IFR_ADDR ifr->ifr_addr
-#define IFR_IFR_NAME ifr->ifr_name
-#endif
-
- if (ifioctl (fd, IFC_IOCTL_REQ, (pointer) &ifc) < 0)
- Error ("Getting interface configuration (4)");
-
- cplim = (char *) IFC_IFC_REQ + IFC_IFC_LEN;
-
- for (cp = (char *) IFC_IFC_REQ; cp < cplim; cp += ifr_size (ifr))
- {
- ifr = (ifr_type *) cp;
- len = ifraddr_size (IFR_IFR_ADDR);
- family = ConvertAddr ((struct sockaddr *) &IFR_IFR_ADDR,
- &len, (pointer *)&addr);
-#ifdef DNETCONN
- /*
- * DECnet was handled up above.
- */
- if (family == AF_DECnet)
- continue;
-#endif /* DNETCONN */
- if (family == -1 || family == FamilyLocal)
- continue;
-#if defined(IPv6) && defined(AF_INET6)
- if (family == FamilyInternet6)
- in6_fillscopeid((struct sockaddr_in6 *)&IFR_IFR_ADDR);
-#endif
- for (host = selfhosts;
- host && !addrEqual (family, addr, len, host);
- host = host->next)
- ;
- if (host)
- continue;
- MakeHost(host,len)
- if (host)
- {
- host->family = family;
- host->len = len;
- acopy(addr, host->addr, len);
- host->next = selfhosts;
- selfhosts = host;
- }
-#ifdef XDMCP
- {
-#ifdef USE_SIOCGLIFCONF
- struct sockaddr_storage broad_addr;
-#else
- struct sockaddr broad_addr;
-#endif
-
- /*
- * If this isn't an Internet Address, don't register it.
- */
- if (family != FamilyInternet
-#if defined(IPv6) && defined(AF_INET6)
- && family != FamilyInternet6
-#endif
- )
- continue;
-
- /*
- * ignore 'localhost' entries as they're not useful
- * on the other end of the wire
- */
- if (family == FamilyInternet &&
- addr[0] == 127 && addr[1] == 0 &&
- addr[2] == 0 && addr[3] == 1)
- continue;
-#if defined(IPv6) && defined(AF_INET6)
- else if (family == FamilyInternet6 &&
- IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr))
- continue;
-#endif
-
- /*
- * Ignore '0.0.0.0' entries as they are
- * returned by some OSes for unconfigured NICs but they are
- * not useful on the other end of the wire.
- */
- if (len == 4 &&
- addr[0] == 0 && addr[1] == 0 &&
- addr[2] == 0 && addr[3] == 0)
- continue;
-
- XdmcpRegisterConnection (family, (char *)addr, len);
-
-#if defined(IPv6) && defined(AF_INET6)
- /* IPv6 doesn't support broadcasting, so we drop out here */
- if (family == FamilyInternet6)
- continue;
-#endif
-
- broad_addr = IFR_IFR_ADDR;
-
- ((struct sockaddr_in *) &broad_addr)->sin_addr.s_addr =
- htonl (INADDR_BROADCAST);
-#if defined(USE_SIOCGLIFCONF) && defined(SIOCGLIFBRDADDR)
- {
- struct lifreq broad_req;
-
- broad_req = *ifr;
- if (ioctl (fd, SIOCGLIFFLAGS, (char *) &broad_req) != -1 &&
- (broad_req.lifr_flags & IFF_BROADCAST) &&
- (broad_req.lifr_flags & IFF_UP)
- )
- {
- broad_req = *ifr;
- if (ioctl (fd, SIOCGLIFBRDADDR, &broad_req) != -1)
- broad_addr = broad_req.lifr_broadaddr;
- else
- continue;
- }
- else
- continue;
- }
-
-#elif defined(SIOCGIFBRDADDR)
- {
- struct ifreq broad_req;
-
- broad_req = *ifr;
- if (ifioctl (fd, SIOCGIFFLAGS, (pointer) &broad_req) != -1 &&
- (broad_req.ifr_flags & IFF_BROADCAST) &&
- (broad_req.ifr_flags & IFF_UP)
- )
- {
- broad_req = *ifr;
- if (ifioctl (fd, SIOCGIFBRDADDR, (pointer) &broad_req) != -1)
- broad_addr = broad_req.ifr_addr;
- else
- continue;
- }
- else
- continue;
- }
-#endif /* SIOCGIFBRDADDR */
- XdmcpRegisterBroadcastAddress ((struct sockaddr_in *) &broad_addr);
- }
-#endif /* XDMCP */
- }
- if (bufptr != buf)
- free(bufptr);
-#else /* HAS_GETIFADDRS */
- if (getifaddrs(&ifap) < 0) {
- ErrorF("Warning: getifaddrs returns %s\n", strerror(errno));
- return;
- }
- for (ifr = ifap; ifr != NULL; ifr = ifr->ifa_next) {
- if (!ifr->ifa_addr)
- continue;
-#ifdef DNETCONN
- if (ifr->ifa_addr.sa_family == AF_DECnet)
- continue;
-#endif /* DNETCONN */
- len = sizeof(*(ifr->ifa_addr));
- family = ConvertAddr(ifr->ifa_addr, &len, (pointer *)&addr);
- if (family == -1 || family == FamilyLocal)
- continue;
-#if defined(IPv6) && defined(AF_INET6)
- if (family == FamilyInternet6)
- in6_fillscopeid((struct sockaddr_in6 *)ifr->ifa_addr);
-#endif
-
- for (host = selfhosts;
- host != NULL && !addrEqual(family, addr, len, host);
- host = host->next)
- ;
- if (host != NULL)
- continue;
- MakeHost(host, len);
- if (host != NULL) {
- host->family = family;
- host->len = len;
- acopy(addr, host->addr, len);
- host->next = selfhosts;
- selfhosts = host;
- }
-#ifdef XDMCP
- {
- struct sockaddr broad_addr;
- /*
- * If this isn't an Internet Address, don't register it.
- */
- if (family != FamilyInternet
-#if defined(IPv6) && defined(AF_INET6)
- && family != FamilyInternet6
-#endif
- )
- continue;
-
- /*
- * ignore 'localhost' entries as they're not useful
- * on the other end of the wire
- */
- if (ifr->ifa_flags & IFF_LOOPBACK)
- continue;
-
- if (family == FamilyInternet &&
- addr[0] == 127 && addr[1] == 0 &&
- addr[2] == 0 && addr[3] == 1)
- continue;
-
- /*
- * Ignore '0.0.0.0' entries as they are
- * returned by some OSes for unconfigured NICs but they are
- * not useful on the other end of the wire.
- */
- if (len == 4 &&
- addr[0] == 0 && addr[1] == 0 &&
- addr[2] == 0 && addr[3] == 0)
- continue;
-#if defined(IPv6) && defined(AF_INET6)
- else if (family == FamilyInternet6 &&
- IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr))
- continue;
-#endif
- XdmcpRegisterConnection(family, (char *)addr, len);
-#if defined(IPv6) && defined(AF_INET6)
- if (family == FamilyInternet6)
- /* IPv6 doesn't support broadcasting, so we drop out here */
- continue;
-#endif
- if ((ifr->ifa_flags & IFF_BROADCAST) &&
- (ifr->ifa_flags & IFF_UP) &&
- ifr->ifa_broadaddr)
- broad_addr = *ifr->ifa_broadaddr;
- else
- continue;
- XdmcpRegisterBroadcastAddress((struct sockaddr_in *)
- &broad_addr);
- }
-#endif /* XDMCP */
-
- } /* for */
- freeifaddrs(ifap);
-#endif /* HAS_GETIFADDRS */
-
- /*
- * add something of FamilyLocalHost
- */
- for (host = selfhosts;
- host && !addrEqual(FamilyLocalHost, "", 0, host);
- host = host->next);
- if (!host)
- {
- MakeHost(host, 0);
- if (host)
- {
- host->family = FamilyLocalHost;
- host->len = 0;
- acopy("", host->addr, 0);
- host->next = selfhosts;
- selfhosts = host;
- }
- }
-}
-#endif /* hpux && !HAS_IFREQ */
-
-#ifdef XDMCP
-void
-AugmentSelf(pointer from, int len)
-{
- int family;
- pointer addr;
- register HOST *host;
-
- family = ConvertAddr(from, &len, (pointer *)&addr);
- if (family == -1 || family == FamilyLocal)
- return;
- for (host = selfhosts; host; host = host->next)
- {
- if (addrEqual(family, addr, len, host))
- return;
- }
- MakeHost(host,len)
- if (!host)
- return;
- host->family = family;
- host->len = len;
- acopy(addr, host->addr, len);
- host->next = selfhosts;
- selfhosts = host;
-}
-#endif
-
-void
-AddLocalHosts (void)
-{
- HOST *self;
-
- for (self = selfhosts; self; self = self->next)
- /* Fix for XFree86 bug #156: pass addingLocal = TRUE to
- * NewHost to tell that we are adding the default local
- * host entries and not to flag the entries as being
- * explicitely requested */
- (void) NewHost (self->family, self->addr, self->len, TRUE);
-}
-
-/* Reset access control list to initial hosts */
-void
-ResetHosts (char *display)
-{
- register HOST *host;
- char lhostname[120], ohostname[120];
- char *hostname = ohostname;
- char fname[PATH_MAX + 1];
- int fnamelen;
- FILE *fd;
- char *ptr;
- int i, hostlen;
-#if ((defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)) && \
- (!defined(IPv6) || !defined(AF_INET6))) || defined(DNETCONN)
- union {
- struct sockaddr sa;
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
- struct sockaddr_in in;
-#endif /* TCPCONN || STREAMSCONN */
-#ifdef DNETCONN
- struct sockaddr_dn dn;
-#endif
- } saddr;
-#endif
-#ifdef DNETCONN
- struct nodeent *np;
- struct dn_naddr dnaddr, *dnaddrp, *dnet_addr();
-#endif
- int family = 0;
- pointer addr;
- int len;
-
- siTypesInitialize();
- AccessEnabled = defeatAccessControl ? FALSE : DEFAULT_ACCESS_CONTROL;
- LocalHostEnabled = FALSE;
- while ((host = validhosts) != 0)
- {
- validhosts = host->next;
- FreeHost (host);
- }
-
-#if defined WIN32 && defined __MINGW32__
-#define ETC_HOST_PREFIX "X"
-#else
-#define ETC_HOST_PREFIX "/etc/X"
-#endif
-#define ETC_HOST_SUFFIX ".hosts"
- fnamelen = strlen(ETC_HOST_PREFIX) + strlen(ETC_HOST_SUFFIX) +
- strlen(display) + 1;
- if (fnamelen > sizeof(fname))
- FatalError("Display name `%s' is too long\n", display);
- snprintf(fname, sizeof(fname), ETC_HOST_PREFIX "%s" ETC_HOST_SUFFIX,
- display);
-
- if ((fd = fopen (fname, "r")) != 0)
- {
- while (fgets (ohostname, sizeof (ohostname), fd))
- {
- family = FamilyWild;
- if (*ohostname == '#')
- continue;
- if ((ptr = strchr(ohostname, '\n')) != 0)
- *ptr = 0;
- hostlen = strlen(ohostname) + 1;
- for (i = 0; i < hostlen; i++)
- lhostname[i] = tolower(ohostname[i]);
- hostname = ohostname;
- if (!strncmp("local:", lhostname, 6))
- {
- family = FamilyLocalHost;
- NewHost(family, "", 0, FALSE);
- LocalHostRequested = TRUE; /* Fix for XFree86 bug #156 */
- }
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
- else if (!strncmp("inet:", lhostname, 5))
- {
- family = FamilyInternet;
- hostname = ohostname + 5;
- }
-#if defined(IPv6) && defined(AF_INET6)
- else if (!strncmp("inet6:", lhostname, 6))
- {
- family = FamilyInternet6;
- hostname = ohostname + 6;
- }
-#endif
-#endif
-#ifdef DNETCONN
- else if (!strncmp("dnet:", lhostname, 5))
- {
- family = FamilyDECnet;
- hostname = ohostname + 5;
- }
-#endif
-#ifdef SECURE_RPC
- else if (!strncmp("nis:", lhostname, 4))
- {
- family = FamilyNetname;
- hostname = ohostname + 4;
- }
-#endif
- else if (!strncmp("si:", lhostname, 3))
- {
- family = FamilyServerInterpreted;
- hostname = ohostname + 3;
- hostlen -= 3;
- }
-
-
- if (family == FamilyServerInterpreted)
- {
- len = siCheckAddr(hostname, hostlen);
- if (len >= 0) {
- NewHost(family, hostname, len, FALSE);
- }
- }
- else
-#ifdef DNETCONN
- if ((family == FamilyDECnet) || ((family == FamilyWild) &&
- (ptr = strchr(hostname, ':')) && (*(ptr + 1) == ':') &&
- !(*ptr = '\0'))) /* bash trailing colons if necessary */
- {
- /* node name (DECnet names end in "::") */
- dnaddrp = dnet_addr(hostname);
- if (!dnaddrp && (np = getnodebyname (hostname)))
- {
- /* node was specified by name */
- saddr.sa.sa_family = np->n_addrtype;
- len = sizeof(saddr.sa);
- if (ConvertAddr (&saddr.sa, &len, (pointer *)&addr) == FamilyDECnet)
- {
- bzero ((char *) &dnaddr, sizeof (dnaddr));
- dnaddr.a_len = np->n_length;
- acopy (np->n_addr, dnaddr.a_addr, np->n_length);
- dnaddrp = &dnaddr;
- }
- }
- if (dnaddrp)
- (void) NewHost(FamilyDECnet, (pointer)dnaddrp,
- (int)(dnaddrp->a_len + sizeof(dnaddrp->a_len)), FALSE);
- }
- else
-#endif /* DNETCONN */
-#ifdef SECURE_RPC
- if ((family == FamilyNetname) || (strchr(hostname, '@')))
- {
- SecureRPCInit ();
- (void) NewHost (FamilyNetname, hostname, strlen (hostname), FALSE);
- }
- else
-#endif /* SECURE_RPC */
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
- {
-#if defined(IPv6) && defined(AF_INET6)
- if ( (family == FamilyInternet) || (family == FamilyInternet6) ||
- (family == FamilyWild) )
- {
- struct addrinfo *addresses;
- struct addrinfo *a;
- int f;
-
- if (getaddrinfo(hostname, NULL, NULL, &addresses) == 0) {
- for (a = addresses ; a != NULL ; a = a->ai_next) {
- len = a->ai_addrlen;
- f = ConvertAddr(a->ai_addr,&len,(pointer *)&addr);
- if ( (family == f) ||
- ((family == FamilyWild) && (f != -1)) ) {
- NewHost(f, addr, len, FALSE);
- }
- }
- freeaddrinfo(addresses);
- }
- }
-#else
-#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
- _Xgethostbynameparams hparams;
-#endif
- register struct hostent *hp;
-
- /* host name */
- if ((family == FamilyInternet &&
- ((hp = _XGethostbyname(hostname, hparams)) != 0)) ||
- ((hp = _XGethostbyname(hostname, hparams)) != 0))
- {
- saddr.sa.sa_family = hp->h_addrtype;
- len = sizeof(saddr.sa);
- if ((family = ConvertAddr (&saddr.sa, &len, (pointer *)&addr)) != -1)
- {
-#ifdef h_addr /* new 4.3bsd version of gethostent */
- char **list;
-
- /* iterate over the addresses */
- for (list = hp->h_addr_list; *list; list++)
- (void) NewHost (family, (pointer)*list, len, FALSE);
-#else
- (void) NewHost (family, (pointer)hp->h_addr, len, FALSE);
-#endif
- }
- }
-#endif /* IPv6 */
- }
-#endif /* TCPCONN || STREAMSCONN */
- family = FamilyWild;
- }
- fclose (fd);
- }
-}
-
-/* Is client on the local host */
-Bool LocalClient(ClientPtr client)
-{
- int alen, family, notused;
- Xtransaddr *from = NULL;
- pointer addr;
- register HOST *host;
-
- if (!_XSERVTransGetPeerAddr (((OsCommPtr)client->osPrivate)->trans_conn,
- &notused, &alen, &from))
- {
- family = ConvertAddr ((struct sockaddr *) from,
- &alen, (pointer *)&addr);
- if (family == -1)
- {
- xfree (from);
- return FALSE;
- }
- if (family == FamilyLocal)
- {
- xfree (from);
- return TRUE;
- }
- for (host = selfhosts; host; host = host->next)
- {
- if (addrEqual (family, addr, alen, host))
- return TRUE;
- }
- xfree (from);
- }
- return FALSE;
-}
-
-/*
- * Return the uid and gid of a connected local client
- *
- * Used by XShm to test access rights to shared memory segments
- */
-int
-LocalClientCred(ClientPtr client, int *pUid, int *pGid)
-{
- LocalClientCredRec *lcc;
- int ret = GetLocalClientCreds(client, &lcc);
-
- if (ret == 0) {
-#ifdef HAVE_GETZONEID /* only local if in the same zone */
- if ((lcc->fieldsSet & LCC_ZID_SET) && (lcc->zoneid != getzoneid())) {
- FreeLocalClientCreds(lcc);
- return -1;
- }
-#endif
- if ((lcc->fieldsSet & LCC_UID_SET) && (pUid != NULL))
- *pUid = lcc->euid;
- if ((lcc->fieldsSet & LCC_GID_SET) && (pGid != NULL))
- *pGid = lcc->egid;
- FreeLocalClientCreds(lcc);
- }
- return ret;
-}
-
-/*
- * Return the uid and all gids of a connected local client
- * Allocates a LocalClientCredRec - caller must call FreeLocalClientCreds
- *
- * Used by localuser & localgroup ServerInterpreted access control forms below
- * Used by AuthAudit to log who local connections came from
- */
-int
-GetLocalClientCreds(ClientPtr client, LocalClientCredRec **lccp)
-{
-#if defined(HAS_GETPEEREID) || defined(HAS_GETPEERUCRED) || defined(SO_PEERCRED)
- int fd;
- XtransConnInfo ci;
- LocalClientCredRec *lcc;
-#ifdef HAS_GETPEEREID
- uid_t uid;
- gid_t gid;
-#elif defined(HAS_GETPEERUCRED)
- ucred_t *peercred = NULL;
- const gid_t *gids;
-#elif defined(SO_PEERCRED)
- struct ucred peercred;
- socklen_t so_len = sizeof(peercred);
-#endif
-
- if (client == NULL)
- return -1;
- ci = ((OsCommPtr)client->osPrivate)->trans_conn;
-#if !(defined(sun) && defined(HAS_GETPEERUCRED))
- /* Most implementations can only determine peer credentials for Unix
- * domain sockets - Solaris getpeerucred can work with a bit more, so
- * we just let it tell us if the connection type is supported or not
- */
- if (!_XSERVTransIsLocal(ci)) {
- return -1;
- }
-#endif
-
- *lccp = Xcalloc(sizeof(LocalClientCredRec));
- if (*lccp == NULL)
- return -1;
- lcc = *lccp;
-
- fd = _XSERVTransGetConnectionNumber(ci);
-#ifdef HAS_GETPEEREID
- if (getpeereid(fd, &uid, &gid) == -1) {
- FreeLocalClientCreds(lcc);
- return -1;
- }
- lcc->euid = uid;
- lcc->egid = gid;
- lcc->fieldsSet = LCC_UID_SET | LCC_GID_SET;
- return 0;
-#elif defined(HAS_GETPEERUCRED)
- if (getpeerucred(fd, &peercred) < 0) {
- FreeLocalClientCreds(lcc);
- return -1;
- }
- lcc->euid = ucred_geteuid(peercred);
- if (lcc->euid != -1)
- lcc->fieldsSet |= LCC_UID_SET;
- lcc->egid = ucred_getegid(peercred);
- if (lcc->egid != -1)
- lcc->fieldsSet |= LCC_GID_SET;
- lcc->pid = ucred_getpid(peercred);
- if (lcc->pid != -1)
- lcc->fieldsSet |= LCC_PID_SET;
-#ifdef HAVE_GETZONEID
- lcc->zoneid = ucred_getzoneid(peercred);
- if (lcc->zoneid != -1)
- lcc->fieldsSet |= LCC_ZID_SET;
-#endif
- lcc->nSuppGids = ucred_getgroups(peercred, &gids);
- if (lcc->nSuppGids > 0) {
- lcc->pSuppGids = Xcalloc((lcc->nSuppGids) * sizeof(int));
- if (lcc->pSuppGids == NULL) {
- lcc->nSuppGids = 0;
- } else {
- int i;
- for (i = 0 ; i < lcc->nSuppGids; i++) {
- (lcc->pSuppGids)[i] = (int) gids[i];
- }
- }
- } else {
- lcc->nSuppGids = 0;
- }
- ucred_free(peercred);
- return 0;
-#elif defined(SO_PEERCRED)
- if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1) {
- FreeLocalClientCreds(lcc);
- return -1;
- }
- lcc->euid = peercred.uid;
- lcc->egid = peercred.gid;
- lcc->pid = peercred.pid;
- lcc->fieldsSet = LCC_UID_SET | LCC_GID_SET | LCC_PID_SET;
- return 0;
-#endif
-#else
- /* No system call available to get the credentials of the peer */
-#define NO_LOCAL_CLIENT_CRED
- return -1;
-#endif
-}
-
-void
-FreeLocalClientCreds(LocalClientCredRec *lcc)
-{
- if (lcc != NULL) {
- if (lcc->nSuppGids > 0) {
- Xfree(lcc->pSuppGids);
- }
- Xfree(lcc);
- }
-}
-
-static int
-AuthorizedClient(ClientPtr client)
-{
- int rc;
-
- if (!client || defeatAccessControl)
- return Success;
-
- /* untrusted clients can't change host access */
- rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
- if (rc != Success)
- return rc;
-
- return LocalClient(client) ? Success : BadAccess;
-}
-
-/* Add a host to the access control list. This is the external interface
- * called from the dispatcher */
-
-int
-AddHost (ClientPtr client,
- int family,
- unsigned length, /* of bytes in pAddr */
- pointer pAddr)
-{
- int rc, len;
-
- rc = AuthorizedClient(client);
- if (rc != Success)
- return rc;
- switch (family) {
- case FamilyLocalHost:
- len = length;
- LocalHostEnabled = TRUE;
- break;
-#ifdef SECURE_RPC
- case FamilyNetname:
- len = length;
- SecureRPCInit ();
- break;
-#endif
- case FamilyInternet:
-#if defined(IPv6) && defined(AF_INET6)
- case FamilyInternet6:
-#endif
- case FamilyDECnet:
- case FamilyChaos:
- case FamilyServerInterpreted:
- if ((len = CheckAddr (family, pAddr, length)) < 0)
- {
- client->errorValue = length;
- return (BadValue);
- }
- break;
- case FamilyLocal:
- default:
- client->errorValue = family;
- return (BadValue);
- }
- if (NewHost (family, pAddr, len, FALSE))
- return Success;
- return BadAlloc;
-}
-
-Bool
-ForEachHostInFamily (int family,
- Bool (*func)(
- unsigned char * /* addr */,
- short /* len */,
- pointer /* closure */),
- pointer closure)
-{
- HOST *host;
-
- for (host = validhosts; host; host = host->next)
- if (family == host->family && func (host->addr, host->len, closure))
- return TRUE;
- return FALSE;
-}
-
-/* Add a host to the access control list. This is the internal interface
- * called when starting or resetting the server */
-static Bool
-NewHost (int family,
- pointer addr,
- int len,
- int addingLocalHosts)
-{
- register HOST *host;
-
- for (host = validhosts; host; host = host->next)
- {
- if (addrEqual (family, addr, len, host))
- return TRUE;
- }
- if (!addingLocalHosts) { /* Fix for XFree86 bug #156 */
- for (host = selfhosts; host; host = host->next) {
- if (addrEqual (family, addr, len, host)) {
- host->requested = TRUE;
- break;
- }
- }
- }
- MakeHost(host,len)
- if (!host)
- return FALSE;
- host->family = family;
- host->len = len;
- acopy(addr, host->addr, len);
- host->next = validhosts;
- validhosts = host;
- return TRUE;
-}
-
-/* Remove a host from the access control list */
-
-int
-RemoveHost (
- ClientPtr client,
- int family,
- unsigned length, /* of bytes in pAddr */
- pointer pAddr)
-{
- int rc, len;
- register HOST *host, **prev;
-
- rc = AuthorizedClient(client);
- if (rc != Success)
- return rc;
- switch (family) {
- case FamilyLocalHost:
- len = length;
- LocalHostEnabled = FALSE;
- break;
-#ifdef SECURE_RPC
- case FamilyNetname:
- len = length;
- break;
-#endif
- case FamilyInternet:
-#if defined(IPv6) && defined(AF_INET6)
- case FamilyInternet6:
-#endif
- case FamilyDECnet:
- case FamilyChaos:
- case FamilyServerInterpreted:
- if ((len = CheckAddr (family, pAddr, length)) < 0)
- {
- client->errorValue = length;
- return(BadValue);
- }
- break;
- case FamilyLocal:
- default:
- client->errorValue = family;
- return(BadValue);
- }
- for (prev = &validhosts;
- (host = *prev) && (!addrEqual (family, pAddr, len, host));
- prev = &host->next)
- ;
- if (host)
- {
- *prev = host->next;
- FreeHost (host);
- }
- return (Success);
-}
-
-/* Get all hosts in the access control list */
-int
-GetHosts (
- pointer *data,
- int *pnHosts,
- int *pLen,
- BOOL *pEnabled)
-{
- int len;
- register int n = 0;
- register unsigned char *ptr;
- register HOST *host;
- int nHosts = 0;
-
- *pEnabled = AccessEnabled ? EnableAccess : DisableAccess;
- for (host = validhosts; host; host = host->next)
- {
- nHosts++;
- n += pad_to_int32(host->len) + sizeof(xHostEntry);
- }
- if (n)
- {
- *data = ptr = xalloc (n);
- if (!ptr)
- {
- return(BadAlloc);
- }
- for (host = validhosts; host; host = host->next)
- {
- len = host->len;
- ((xHostEntry *)ptr)->family = host->family;
- ((xHostEntry *)ptr)->length = len;
- ptr += sizeof(xHostEntry);
- acopy (host->addr, ptr, len);
- ptr += pad_to_int32(len);
- }
- } else {
- *data = NULL;
- }
- *pnHosts = nHosts;
- *pLen = n;
- return(Success);
-}
-
-/* Check for valid address family and length, and return address length. */
-
-/*ARGSUSED*/
-static int
-CheckAddr (
- int family,
- pointer pAddr,
- unsigned length)
-{
- int len;
-
- switch (family)
- {
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
- case FamilyInternet:
- if (length == sizeof (struct in_addr))
- len = length;
- else
- len = -1;
- break;
-#if defined(IPv6) && defined(AF_INET6)
- case FamilyInternet6:
- if (length == sizeof (struct in6_addr))
- len = length;
- else
- len = -1;
- break;
-#endif
-#endif
-#ifdef DNETCONN
- case FamilyDECnet:
- {
- struct dn_naddr *dnaddr = (struct dn_naddr *) pAddr;
-
- if ((length < sizeof(dnaddr->a_len)) ||
- (length < dnaddr->a_len + sizeof(dnaddr->a_len)))
- len = -1;
- else
- len = dnaddr->a_len + sizeof(dnaddr->a_len);
- if (len > sizeof(struct dn_naddr))
- len = -1;
- }
- break;
-#endif
- case FamilyServerInterpreted:
- len = siCheckAddr(pAddr, length);
- break;
- default:
- len = -1;
- }
- return (len);
-}
-
-/* Check if a host is not in the access control list.
- * Returns 1 if host is invalid, 0 if we've found it. */
-
-int
-InvalidHost (
- register struct sockaddr *saddr,
- int len,
- ClientPtr client)
-{
- int family;
- pointer addr;
- register HOST *selfhost, *host;
-
- if (!AccessEnabled) /* just let them in */
- return(0);
- family = ConvertAddr (saddr, &len, (pointer *)&addr);
- if (family == -1)
- return 1;
- if (family == FamilyLocal)
- {
- if (!LocalHostEnabled)
- {
- /*
- * check to see if any local address is enabled. This
- * implicitly enables local connections.
- */
- for (selfhost = selfhosts; selfhost; selfhost=selfhost->next)
- {
- for (host = validhosts; host; host=host->next)
- {
- if (addrEqual (selfhost->family, selfhost->addr,
- selfhost->len, host))
- return 0;
- }
- }
- } else
- return 0;
- }
- for (host = validhosts; host; host = host->next)
- {
- if ((host->family == FamilyServerInterpreted)) {
- if (siAddrMatch (family, addr, len, host, client)) {
- return (0);
- }
- } else {
- if (addrEqual (family, addr, len, host))
- return (0);
- }
-
- }
- return (1);
-}
-
-static int
-ConvertAddr (
- register struct sockaddr *saddr,
- int *len,
- pointer *addr)
-{
- if (*len == 0)
- return (FamilyLocal);
- switch (saddr->sa_family)
- {
- case AF_UNSPEC:
-#if defined(UNIXCONN) || defined(LOCALCONN)
- case AF_UNIX:
-#endif
- return FamilyLocal;
-#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
- case AF_INET:
-#ifdef WIN32
- if (16777343 == *(long*)&((struct sockaddr_in *) saddr)->sin_addr)
- return FamilyLocal;
-#endif
- *len = sizeof (struct in_addr);
- *addr = (pointer) &(((struct sockaddr_in *) saddr)->sin_addr);
- return FamilyInternet;
-#if defined(IPv6) && defined(AF_INET6)
- case AF_INET6:
- {
- struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *) saddr;
- if (IN6_IS_ADDR_V4MAPPED(&(saddr6->sin6_addr))) {
- *len = sizeof (struct in_addr);
- *addr = (pointer) &(saddr6->sin6_addr.s6_addr[12]);
- return FamilyInternet;
- } else {
- *len = sizeof (struct in6_addr);
- *addr = (pointer) &(saddr6->sin6_addr);
- return FamilyInternet6;
- }
- }
-#endif
-#endif
-#ifdef DNETCONN
- case AF_DECnet:
- {
- struct sockaddr_dn *sdn = (struct sockaddr_dn *) saddr;
- *len = sdn->sdn_nodeaddrl + sizeof(sdn->sdn_nodeaddrl);
- *addr = (pointer) &(sdn->sdn_add);
- }
- return FamilyDECnet;
-#endif
-#ifdef CHAOSCONN
- case AF_CHAOS:
- {
- not implemented
- }
- return FamilyChaos;
-#endif
- default:
- return -1;
- }
-}
-
-int
-ChangeAccessControl(
- ClientPtr client,
- int fEnabled)
-{
- int rc = AuthorizedClient(client);
- if (rc != Success)
- return rc;
- AccessEnabled = fEnabled;
- return Success;
-}
-
-/* returns FALSE if xhost + in effect, else TRUE */
-int
-GetAccessControl(void)
-{
- return AccessEnabled;
-}
-
-/*****************************************************************************
- * FamilyServerInterpreted host entry implementation
- *
- * Supports an extensible system of host types which the server can interpret
- * See the IPv6 extensions to the X11 protocol spec for the definition.
- *
- * Currently supported schemes:
- *
- * hostname - hostname as defined in IETF RFC 2396
- * ipv6 - IPv6 literal address as defined in IETF RFC's 3513 and <TBD>
- *
- * See xc/doc/specs/SIAddresses for formal definitions of each type.
- */
-
-/* These definitions and the siTypeAdd function could be exported in the
- * future to enable loading additional host types, but that was not done for
- * the initial implementation.
- */
-typedef Bool (*siAddrMatchFunc)(int family, pointer addr, int len,
- const char *siAddr, int siAddrlen, ClientPtr client, void *siTypePriv);
-typedef int (*siCheckAddrFunc)(const char *addrString, int length,
- void *siTypePriv);
-
-struct siType {
- struct siType * next;
- const char * typeName;
- siAddrMatchFunc addrMatch;
- siCheckAddrFunc checkAddr;
- void * typePriv; /* Private data for type routines */
-};
-
-static struct siType *siTypeList;
-
-static int
-siTypeAdd(const char *typeName, siAddrMatchFunc addrMatch,
- siCheckAddrFunc checkAddr, void *typePriv)
-{
- struct siType *s, *p;
-
- if ((typeName == NULL) || (addrMatch == NULL) || (checkAddr == NULL))
- return BadValue;
-
- for (s = siTypeList, p = NULL; s != NULL ; p = s, s = s->next) {
- if (strcmp(typeName, s->typeName) == 0) {
- s->addrMatch = addrMatch;
- s->checkAddr = checkAddr;
- s->typePriv = typePriv;
- return Success;
- }
- }
-
- s = xalloc(sizeof(struct siType));
- if (s == NULL)
- return BadAlloc;
-
- if (p == NULL)
- siTypeList = s;
- else
- p->next = s;
-
- s->next = NULL;
- s->typeName = typeName;
- s->addrMatch = addrMatch;
- s->checkAddr = checkAddr;
- s->typePriv = typePriv;
- return Success;
-}
-
-/* Checks to see if a host matches a server-interpreted host entry */
-static Bool
-siAddrMatch(int family, pointer addr, int len, HOST *host, ClientPtr client)
-{
- Bool matches = FALSE;
- struct siType *s;
- const char *valueString;
- int addrlen;
-
- valueString = (const char *) memchr(host->addr, '\0', host->len);
- if (valueString != NULL) {
- for (s = siTypeList; s != NULL ; s = s->next) {
- if (strcmp((char *) host->addr, s->typeName) == 0) {
- addrlen = host->len - (strlen((char *)host->addr) + 1);
- matches = s->addrMatch(family, addr, len,
- valueString + 1, addrlen, client, s->typePriv);
- break;
- }
- }
-#ifdef FAMILY_SI_DEBUG
- ErrorF(
- "Xserver: siAddrMatch(): type = %s, value = %*.*s -- %s\n",
- host->addr, addrlen, addrlen, valueString + 1,
- (matches) ? "accepted" : "rejected");
-#endif
- }
- return matches;
-}
-
-static int
-siCheckAddr(const char *addrString, int length)
-{
- const char *valueString;
- int addrlen, typelen;
- int len = -1;
- struct siType *s;
-
- /* Make sure there is a \0 byte inside the specified length
- to separate the address type from the address value. */
- valueString = (const char *) memchr(addrString, '\0', length);
- if (valueString != NULL) {
- /* Make sure the first string is a recognized address type,
- * and the second string is a valid address of that type.
- */
- typelen = strlen(addrString) + 1;
- addrlen = length - typelen;
-
- for (s = siTypeList; s != NULL ; s = s->next) {
- if (strcmp(addrString, s->typeName) == 0) {
- len = s->checkAddr(valueString + 1, addrlen, s->typePriv);
- if (len >= 0) {
- len += typelen;
- }
- break;
- }
- }
-#ifdef FAMILY_SI_DEBUG
- {
- const char *resultMsg;
-
- if (s == NULL) {
- resultMsg = "type not registered";
- } else {
- if (len == -1)
- resultMsg = "rejected";
- else
- resultMsg = "accepted";
- }
-
- ErrorF("Xserver: siCheckAddr(): type = %s, value = %*.*s, len = %d -- %s\n",
- addrString, addrlen, addrlen, valueString + 1, len, resultMsg);
- }
-#endif
- }
- return len;
-}
-
-
-/***
- * Hostname server-interpreted host type
- *
- * Stored as hostname string, explicitly defined to be resolved ONLY
- * at access check time, to allow for hosts with dynamic addresses
- * but static hostnames, such as found in some DHCP & mobile setups.
- *
- * Hostname must conform to IETF RFC 2396 sec. 3.2.2, which defines it as:
- * hostname = *( domainlabel "." ) toplabel [ "." ]
- * domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
- * toplabel = alpha | alpha *( alphanum | "-" ) alphanum
- */
-
-#ifdef NI_MAXHOST
-# define SI_HOSTNAME_MAXLEN NI_MAXHOST
-#else
-# ifdef MAXHOSTNAMELEN
-# define SI_HOSTNAME_MAXLEN MAXHOSTNAMELEN
-# else
-# define SI_HOSTNAME_MAXLEN 256
-# endif
-#endif
-
-static Bool
-siHostnameAddrMatch(int family, pointer addr, int len,
- const char *siAddr, int siAddrLen, ClientPtr client, void *typePriv)
-{
- Bool res = FALSE;
-
-/* Currently only supports checking against IPv4 & IPv6 connections, but
- * support for other address families, such as DECnet, could be added if
- * desired.
- */
-#if defined(IPv6) && defined(AF_INET6)
- if ((family == FamilyInternet) || (family == FamilyInternet6)) {
- char hostname[SI_HOSTNAME_MAXLEN];
- struct addrinfo *addresses;
- struct addrinfo *a;
- int f, hostaddrlen;
- pointer hostaddr;
-
- if (siAddrLen >= sizeof(hostname))
- return FALSE;
-
- strncpy(hostname, siAddr, siAddrLen);
- hostname[siAddrLen] = '\0';
-
- if (getaddrinfo(hostname, NULL, NULL, &addresses) == 0) {
- for (a = addresses ; a != NULL ; a = a->ai_next) {
- hostaddrlen = a->ai_addrlen;
- f = ConvertAddr(a->ai_addr,&hostaddrlen,&hostaddr);
- if ((f == family) && (len == hostaddrlen) &&
- (acmp (addr, hostaddr, len) == 0) ) {
- res = TRUE;
- break;
- }
- }
- freeaddrinfo(addresses);
- }
- }
-#else /* IPv6 not supported, use gethostbyname instead for IPv4 */
- if (family == FamilyInternet) {
- register struct hostent *hp;
-#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
- _Xgethostbynameparams hparams;
-#endif
- char hostname[SI_HOSTNAME_MAXLEN];
- int f, hostaddrlen;
- pointer hostaddr;
- const char **addrlist;
-
- if (siAddrLen >= sizeof(hostname))
- return FALSE;
-
- strncpy(hostname, siAddr, siAddrLen);
- hostname[siAddrLen] = '\0';
-
- if ((hp = _XGethostbyname(hostname, hparams)) != NULL) {
-#ifdef h_addr /* new 4.3bsd version of gethostent */
- /* iterate over the addresses */
- for (addrlist = hp->h_addr_list; *addrlist; addrlist++)
-#else
- addrlist = &hp->h_addr;
-#endif
- {
- struct sockaddr_in sin;
-
- sin.sin_family = hp->h_addrtype;
- acopy ( *addrlist, &(sin.sin_addr), hp->h_length);
- hostaddrlen = sizeof(sin);
- f = ConvertAddr ((struct sockaddr *)&sin,
- &hostaddrlen, &hostaddr);
- if ((f == family) && (len == hostaddrlen) &&
- (acmp (addr, hostaddr, len) == 0) ) {
- res = TRUE;
- break;
- }
- }
- }
- }
-#endif
- return res;
-}
-
-
-static int
-siHostnameCheckAddr(const char *valueString, int length, void *typePriv)
-{
- /* Check conformance of hostname to RFC 2396 sec. 3.2.2 definition.
- * We do not use ctype functions here to avoid locale-specific
- * character sets. Hostnames must be pure ASCII.
- */
- int len = length;
- int i;
- Bool dotAllowed = FALSE;
- Bool dashAllowed = FALSE;
-
- if ((length <= 0) || (length >= SI_HOSTNAME_MAXLEN)) {
- len = -1;
- } else {
- for (i = 0; i < length; i++) {
- char c = valueString[i];
-
- if (c == 0x2E) { /* '.' */
- if (dotAllowed == FALSE) {
- len = -1;
- break;
- } else {
- dotAllowed = FALSE;
- dashAllowed = FALSE;
- }
- } else if (c == 0x2D) { /* '-' */
- if (dashAllowed == FALSE) {
- len = -1;
- break;
- } else {
- dotAllowed = FALSE;
- }
- } else if (((c >= 0x30) && (c <= 0x3A)) /* 0-9 */ ||
- ((c >= 0x61) && (c <= 0x7A)) /* a-z */ ||
- ((c >= 0x41) && (c <= 0x5A)) /* A-Z */) {
- dotAllowed = TRUE;
- dashAllowed = TRUE;
- } else { /* Invalid character */
- len = -1;
- break;
- }
- }
- }
- return len;
-}
-
-#if defined(IPv6) && defined(AF_INET6)
-/***
- * "ipv6" server interpreted type
- *
- * Currently supports only IPv6 literal address as specified in IETF RFC 3513
- *
- * Once draft-ietf-ipv6-scoping-arch-00.txt becomes an RFC, support will be
- * added for the scoped address format it specifies.
- */
-
-/* Maximum length of an IPv6 address string - increase when adding support
- * for scoped address qualifiers. Includes room for trailing NUL byte.
- */
-#define SI_IPv6_MAXLEN INET6_ADDRSTRLEN
-
-static Bool
-siIPv6AddrMatch(int family, pointer addr, int len,
- const char *siAddr, int siAddrlen, ClientPtr client, void *typePriv)
-{
- struct in6_addr addr6;
- char addrbuf[SI_IPv6_MAXLEN];
-
- if ((family != FamilyInternet6) || (len != sizeof(addr6)))
- return FALSE;
-
- memcpy(addrbuf, siAddr, siAddrlen);
- addrbuf[siAddrlen] = '\0';
-
- if (inet_pton(AF_INET6, addrbuf, &addr6) != 1) {
- perror("inet_pton");
- return FALSE;
- }
-
- if (memcmp(addr, &addr6, len) == 0) {
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-static int
-siIPv6CheckAddr(const char *addrString, int length, void *typePriv)
-{
- int len;
-
- /* Minimum length is 3 (smallest legal address is "::1") */
- if (length < 3) {
- /* Address is too short! */
- len = -1;
- } else if (length >= SI_IPv6_MAXLEN) {
- /* Address is too long! */
- len = -1;
- } else {
- /* Assume inet_pton is sufficient validation */
- struct in6_addr addr6;
- char addrbuf[SI_IPv6_MAXLEN];
-
- memcpy(addrbuf, addrString, length);
- addrbuf[length] = '\0';
-
- if (inet_pton(AF_INET6, addrbuf, &addr6) != 1) {
- perror("inet_pton");
- len = -1;
- } else {
- len = length;
- }
- }
- return len;
-}
-#endif /* IPv6 */
-
-#if !defined(NO_LOCAL_CLIENT_CRED)
-/***
- * "localuser" & "localgroup" server interpreted types
- *
- * Allows local connections from a given local user or group
- */
-
-#include <pwd.h>
-#include <grp.h>
-
-#define LOCAL_USER 1
-#define LOCAL_GROUP 2
-
-typedef struct {
- int credType;
-} siLocalCredPrivRec, *siLocalCredPrivPtr;
-
-static siLocalCredPrivRec siLocalUserPriv = { LOCAL_USER };
-static siLocalCredPrivRec siLocalGroupPriv = { LOCAL_GROUP };
-
-static Bool
-siLocalCredGetId(const char *addr, int len, siLocalCredPrivPtr lcPriv, int *id)
-{
- Bool parsedOK = FALSE;
- char *addrbuf = xalloc(len + 1);
-
- if (addrbuf == NULL) {
- return FALSE;
- }
-
- memcpy(addrbuf, addr, len);
- addrbuf[len] = '\0';
-
- if (addr[0] == '#') { /* numeric id */
- char *cp;
- errno = 0;
- *id = strtol(addrbuf + 1, &cp, 0);
- if ((errno == 0) && (cp != (addrbuf+1))) {
- parsedOK = TRUE;
- }
- } else { /* non-numeric name */
- if (lcPriv->credType == LOCAL_USER) {
- struct passwd *pw = getpwnam(addrbuf);
-
- if (pw != NULL) {
- *id = (int) pw->pw_uid;
- parsedOK = TRUE;
- }
- } else { /* group */
- struct group *gr = getgrnam(addrbuf);
-
- if (gr != NULL) {
- *id = (int) gr->gr_gid;
- parsedOK = TRUE;
- }
- }
- }
-
- xfree(addrbuf);
- return parsedOK;
-}
-
-static Bool
-siLocalCredAddrMatch(int family, pointer addr, int len,
- const char *siAddr, int siAddrlen, ClientPtr client, void *typePriv)
-{
- int siAddrId;
- LocalClientCredRec *lcc;
- siLocalCredPrivPtr lcPriv = (siLocalCredPrivPtr) typePriv;
-
- if (GetLocalClientCreds(client, &lcc) == -1) {
- return FALSE;
- }
-
-#ifdef HAVE_GETZONEID /* Ensure process is in the same zone */
- if ((lcc->fieldsSet & LCC_ZID_SET) && (lcc->zoneid != getzoneid())) {
- FreeLocalClientCreds(lcc);
- return FALSE;
- }
-#endif
-
- if (siLocalCredGetId(siAddr, siAddrlen, lcPriv, &siAddrId) == FALSE) {
- FreeLocalClientCreds(lcc);
- return FALSE;
- }
-
- if (lcPriv->credType == LOCAL_USER) {
- if ((lcc->fieldsSet & LCC_UID_SET) && (lcc->euid == siAddrId)) {
- FreeLocalClientCreds(lcc);
- return TRUE;
- }
- } else {
- if ((lcc->fieldsSet & LCC_GID_SET) && (lcc->egid == siAddrId)) {
- FreeLocalClientCreds(lcc);
- return TRUE;
- }
- if (lcc->pSuppGids != NULL) {
- int i;
-
- for (i = 0 ; i < lcc->nSuppGids; i++) {
- if (lcc->pSuppGids[i] == siAddrId) {
- FreeLocalClientCreds(lcc);
- return TRUE;
- }
- }
- }
- }
- FreeLocalClientCreds(lcc);
- return FALSE;
-}
-
-static int
-siLocalCredCheckAddr(const char *addrString, int length, void *typePriv)
-{
- int len = length;
- int id;
-
- if (siLocalCredGetId(addrString, length,
- (siLocalCredPrivPtr)typePriv, &id) == FALSE) {
- len = -1;
- }
- return len;
-}
-#endif /* localuser */
-
-static void
-siTypesInitialize(void)
-{
- siTypeAdd("hostname", siHostnameAddrMatch, siHostnameCheckAddr, NULL);
-#if defined(IPv6) && defined(AF_INET6)
- siTypeAdd("ipv6", siIPv6AddrMatch, siIPv6CheckAddr, NULL);
-#endif
-#if !defined(NO_LOCAL_CLIENT_CRED)
- siTypeAdd("localuser", siLocalCredAddrMatch, siLocalCredCheckAddr,
- &siLocalUserPriv);
- siTypeAdd("localgroup", siLocalCredAddrMatch, siLocalCredCheckAddr,
- &siLocalGroupPriv);
-#endif
-}
+/***********************************************************
+
+Copyright 1987, 1998 The Open Group
+
+All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, and/or sell copies of the Software, and to permit persons
+to whom the Software is furnished to do so, provided that the above
+copyright notice(s) and this permission notice appear in all copies of
+the Software and that both the above copyright notice(s) and this
+permission notice appear in supporting documentation.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+Except as contained in this notice, the name of a copyright holder
+shall not be used in advertising or otherwise to promote the sale, use
+or other dealings in this Software without prior written authorization
+of the copyright holder.
+
+X Window System is a trademark of The Open Group.
+
+Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
+
+ All Rights Reserved
+
+Permission to use, copy, modify, and distribute this software and its
+documentation for any purpose and without fee is hereby granted,
+provided that the above copyright notice appear in all copies and that
+both that copyright notice and this permission notice appear in
+supporting documentation, and that the name of Digital not be
+used in advertising or publicity pertaining to distribution of the
+software without specific, written prior permission.
+
+DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
+ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
+DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
+ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
+ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+SOFTWARE.
+
+******************************************************************/
+
+/*
+ * Copyright © 2004 Sun Microsystems, Inc. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice (including the next
+ * paragraph) shall be included in all copies or substantial portions of the
+ * Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#ifdef WIN32
+#include <X11/Xwinsock.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#define XSERV_t
+#define TRANS_SERVER
+#define TRANS_REOPEN
+#include <X11/Xtrans/Xtrans.h>
+#include <X11/Xauth.h>
+#include <X11/X.h>
+#include <X11/Xproto.h>
+#include "misc.h"
+#include "site.h"
+#include <errno.h>
+#include <sys/types.h>
+#ifndef WIN32
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <ctype.h>
+
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(__SCO__)
+#include <netinet/in.h>
+#endif /* TCPCONN || STREAMSCONN || ISC || __SCO__ */
+#ifdef DNETCONN
+#include <netdnet/dn.h>
+#include <netdnet/dnetdb.h>
+#endif
+
+#ifdef HAS_GETPEERUCRED
+# include <ucred.h>
+# ifdef sun
+# include <zone.h>
+# endif
+#endif
+
+#if defined(SVR4) || (defined(SYSV) && defined(__i386__)) || defined(__GNU__)
+# include <sys/utsname.h>
+#endif
+#if defined(SYSV) && defined(__i386__)
+# include <sys/stream.h>
+#endif
+#ifdef __GNU__
+#undef SIOCGIFCONF
+#include <netdb.h>
+#else /*!__GNU__*/
+# include <net/if.h>
+#endif /*__GNU__ */
+
+#ifdef SVR4
+#include <sys/sockio.h>
+#include <sys/stropts.h>
+#endif
+
+#include <netdb.h>
+
+#ifdef CSRG_BASED
+#include <sys/param.h>
+#if (BSD >= 199103)
+#define VARIABLE_IFREQ
+#endif
+#endif
+
+#ifdef BSD44SOCKETS
+#ifndef VARIABLE_IFREQ
+#define VARIABLE_IFREQ
+#endif
+#endif
+
+#ifdef HAS_GETIFADDRS
+#include <ifaddrs.h>
+#endif
+
+/* Solaris provides an extended interface SIOCGLIFCONF. Other systems
+ * may have this as well, but the code has only been tested on Solaris
+ * so far, so we only enable it there. Other platforms may be added as
+ * needed.
+ *
+ * Test for Solaris commented out -- TSI @ UQV 2003.06.13
+ */
+#ifdef SIOCGLIFCONF
+/* #if defined(sun) */
+#define USE_SIOCGLIFCONF
+/* #endif */
+#endif
+
+#endif /* WIN32 */
+
+#ifndef PATH_MAX
+#include <sys/param.h>
+#ifndef PATH_MAX
+#ifdef MAXPATHLEN
+#define PATH_MAX MAXPATHLEN
+#else
+#define PATH_MAX 1024
+#endif
+#endif
+#endif
+
+#ifdef __SCO__
+/* The system defined value is wrong. MAXPATHLEN is set in sco5.cf. */
+#undef PATH_MAX
+#endif
+
+#define X_INCLUDE_NETDB_H
+#include <X11/Xos_r.h>
+
+#include "dixstruct.h"
+#include "osdep.h"
+
+#include "xace.h"
+
+#ifndef PATH_MAX
+#ifdef MAXPATHLEN
+#define PATH_MAX MAXPATHLEN
+#else
+#define PATH_MAX 1024
+#endif
+#endif
+
+Bool defeatAccessControl = FALSE;
+
+#define acmp(a1, a2, len) memcmp((char *)(a1), (char *)(a2), len)
+#define acopy(a1, a2, len) memmove((char *)(a2), (char *)(a1), len)
+#define addrEqual(fam, address, length, host) \
+ ((fam) == (host)->family &&\
+ (length) == (host)->len &&\
+ !acmp (address, (host)->addr, length))
+
+static int ConvertAddr(struct sockaddr * /*saddr*/,
+ int * /*len*/,
+ pointer * /*addr*/);
+
+static int CheckAddr(int /*family*/,
+ const void * /*pAddr*/,
+ unsigned /*length*/);
+
+static Bool NewHost(int /*family*/,
+ const void * /*addr*/,
+ int /*len*/,
+ int /* addingLocalHosts */);
+
+/* XFree86 bug #156: To keep track of which hosts were explicitly requested in
+ /etc/X<display>.hosts, we've added a requested field to the HOST struct,
+ and a LocalHostRequested variable. These default to FALSE, but are set
+ to TRUE in ResetHosts when reading in /etc/X<display>.hosts. They are
+ checked in DisableLocalHost(), which is called to disable the default
+ local host entries when stronger authentication is turned on. */
+
+typedef struct _host {
+ short family;
+ short len;
+ unsigned char *addr;
+ struct _host *next;
+ int requested;
+} HOST;
+
+#define MakeHost(h,l) (h)=xalloc(sizeof *(h)+(l));\
+ if (h) { \
+ (h)->addr=(unsigned char *) ((h) + 1);\
+ (h)->requested = FALSE; \
+ }
+#define FreeHost(h) xfree(h)
+static HOST *selfhosts = NULL;
+static HOST *validhosts = NULL;
+static int AccessEnabled = DEFAULT_ACCESS_CONTROL;
+static int LocalHostEnabled = FALSE;
+static int LocalHostRequested = FALSE;
+static int UsingXdmcp = FALSE;
+
+/* FamilyServerInterpreted implementation */
+static Bool siAddrMatch(int family, pointer addr, int len, HOST *host,
+ ClientPtr client);
+static int siCheckAddr(const char *addrString, int length);
+static void siTypesInitialize(void);
+
+/*
+ * called when authorization is not enabled to add the
+ * local host to the access list
+ */
+
+void
+EnableLocalHost (void)
+{
+ if (!UsingXdmcp)
+ {
+ LocalHostEnabled = TRUE;
+ AddLocalHosts ();
+ }
+}
+
+/*
+ * called when authorization is enabled to keep us secure
+ */
+void
+DisableLocalHost (void)
+{
+ HOST *self;
+
+ if (!LocalHostRequested) /* Fix for XFree86 bug #156 */
+ LocalHostEnabled = FALSE;
+ for (self = selfhosts; self; self = self->next) {
+ if (!self->requested) /* Fix for XFree86 bug #156 */
+ (void) RemoveHost ((ClientPtr)NULL, self->family, self->len, (pointer)self->addr);
+ }
+}
+
+/*
+ * called at init time when XDMCP will be used; xdmcp always
+ * adds local hosts manually when needed
+ */
+
+void
+AccessUsingXdmcp (void)
+{
+ UsingXdmcp = TRUE;
+ LocalHostEnabled = FALSE;
+}
+
+
+#if defined(SVR4) && !defined(SCO325) && !defined(sun) && defined(SIOCGIFCONF) && !defined(USE_SIOCGLIFCONF)
+
+/* Deal with different SIOCGIFCONF ioctl semantics on these OSs */
+
+static int
+ifioctl (int fd, int cmd, char *arg)
+{
+ struct strioctl ioc;
+ int ret;
+
+ bzero((char *) &ioc, sizeof(ioc));
+ ioc.ic_cmd = cmd;
+ ioc.ic_timout = 0;
+ if (cmd == SIOCGIFCONF)
+ {
+ ioc.ic_len = ((struct ifconf *) arg)->ifc_len;
+ ioc.ic_dp = ((struct ifconf *) arg)->ifc_buf;
+ }
+ else
+ {
+ ioc.ic_len = sizeof(struct ifreq);
+ ioc.ic_dp = arg;
+ }
+ ret = ioctl(fd, I_STR, (char *) &ioc);
+ if (ret >= 0 && cmd == SIOCGIFCONF)
+#ifdef SVR4
+ ((struct ifconf *) arg)->ifc_len = ioc.ic_len;
+#endif
+ return(ret);
+}
+#else /* Case sun, SCO325 and others */
+#define ifioctl ioctl
+#endif /* ((SVR4 && !sun !SCO325) || ISC) && SIOCGIFCONF */
+
+/*
+ * DefineSelf (fd):
+ *
+ * Define this host for access control. Find all the hosts the OS knows about
+ * for this fd and add them to the selfhosts list.
+ */
+
+#if !defined(SIOCGIFCONF)
+void
+DefineSelf (int fd)
+{
+#if !defined(TCPCONN) && !defined(STREAMSCONN) && !defined(UNIXCONN) && !defined(MNX_TCPCONN)
+ return;
+#else
+ register int n;
+ int len;
+ caddr_t addr;
+ int family;
+ register HOST *host;
+
+#ifndef WIN32
+ struct utsname name;
+#else
+ struct {
+ char nodename[512];
+ } name;
+#endif
+
+ register struct hostent *hp;
+
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in in;
+#if defined(IPv6) && defined(AF_INET6)
+ struct sockaddr_in6 in6;
+#endif
+ } saddr;
+
+ struct sockaddr_in *inetaddr;
+ struct sockaddr_in6 *inet6addr;
+ struct sockaddr_in broad_addr;
+#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
+ _Xgethostbynameparams hparams;
+#endif
+
+ /* Why not use gethostname()? Well, at least on my system, I've had to
+ * make an ugly kernel patch to get a name longer than 8 characters, and
+ * uname() lets me access to the whole string (it smashes release, you
+ * see), whereas gethostname() kindly truncates it for me.
+ */
+#ifndef WIN32
+ uname(&name);
+#else
+ gethostname(name.nodename, sizeof(name.nodename));
+#endif
+
+ hp = _XGethostbyname(name.nodename, hparams);
+ if (hp != NULL)
+ {
+ saddr.sa.sa_family = hp->h_addrtype;
+ switch (hp->h_addrtype) {
+ case AF_INET:
+ inetaddr = (struct sockaddr_in *) (&(saddr.sa));
+ acopy ( hp->h_addr, &(inetaddr->sin_addr), hp->h_length);
+ len = sizeof(saddr.sa);
+ break;
+#if defined(IPv6) && defined(AF_INET6)
+ case AF_INET6:
+ inet6addr = (struct sockaddr_in6 *) (&(saddr.sa));
+ acopy ( hp->h_addr, &(inet6addr->sin6_addr), hp->h_length);
+ len = sizeof(saddr.in6);
+ break;
+#endif
+ default:
+ goto DefineLocalHost;
+ }
+ family = ConvertAddr ( &(saddr.sa), &len, (pointer *)&addr);
+ if ( family != -1 && family != FamilyLocal )
+ {
+ for (host = selfhosts;
+ host && !addrEqual (family, addr, len, host);
+ host = host->next) ;
+ if (!host)
+ {
+ /* add this host to the host list. */
+ MakeHost(host,len)
+ if (host)
+ {
+ host->family = family;
+ host->len = len;
+ acopy ( addr, host->addr, len);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+#ifdef XDMCP
+ /*
+ * If this is an Internet Address, but not the localhost
+ * address (127.0.0.1), nor the bogus address (0.0.0.0),
+ * register it.
+ */
+ if (family == FamilyInternet &&
+ !(len == 4 &&
+ ((addr[0] == 127) ||
+ (addr[0] == 0 && addr[1] == 0 &&
+ addr[2] == 0 && addr[3] == 0)))
+ )
+ {
+ XdmcpRegisterConnection (family, (char *)addr, len);
+ broad_addr = *inetaddr;
+ ((struct sockaddr_in *) &broad_addr)->sin_addr.s_addr =
+ htonl (INADDR_BROADCAST);
+ XdmcpRegisterBroadcastAddress ((struct sockaddr_in *)
+ &broad_addr);
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ else if (family == FamilyInternet6 &&
+ !(IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr)))
+ {
+ XdmcpRegisterConnection (family, (char *)addr, len);
+ }
+#endif
+
+#endif /* XDMCP */
+ }
+ }
+ }
+ /*
+ * now add a host of family FamilyLocalHost...
+ */
+DefineLocalHost:
+ for (host = selfhosts;
+ host && !addrEqual(FamilyLocalHost, "", 0, host);
+ host = host->next);
+ if (!host)
+ {
+ MakeHost(host, 0);
+ if (host)
+ {
+ host->family = FamilyLocalHost;
+ host->len = 0;
+ acopy("", host->addr, 0);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+ }
+#endif /* !TCPCONN && !STREAMSCONN && !UNIXCONN && !MNX_TCPCONN */
+}
+
+#else
+
+#ifdef USE_SIOCGLIFCONF
+#define ifr_type struct lifreq
+#else
+#define ifr_type struct ifreq
+#endif
+
+#ifdef VARIABLE_IFREQ
+#define ifr_size(p) (sizeof (struct ifreq) + \
+ (p->ifr_addr.sa_len > sizeof (p->ifr_addr) ? \
+ p->ifr_addr.sa_len - sizeof (p->ifr_addr) : 0))
+#define ifraddr_size(a) (a.sa_len)
+#else
+#define ifr_size(p) (sizeof (ifr_type))
+#define ifraddr_size(a) (sizeof (a))
+#endif
+
+#if defined(IPv6) && defined(AF_INET6)
+#include <arpa/inet.h>
+#endif
+
+#if defined(IPv6) && defined(AF_INET6)
+static void
+in6_fillscopeid(struct sockaddr_in6 *sin6)
+{
+#if defined(__KAME__)
+ if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
+ sin6->sin6_scope_id =
+ ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]);
+ sin6->sin6_addr.s6_addr[2] = sin6->sin6_addr.s6_addr[3] = 0;
+ }
+#endif
+}
+#endif
+
+void
+DefineSelf (int fd)
+{
+#ifndef HAS_GETIFADDRS
+ char *cp, *cplim;
+# ifdef USE_SIOCGLIFCONF
+ struct sockaddr_storage buf[16];
+ struct lifconf ifc;
+ register struct lifreq *ifr;
+# ifdef SIOCGLIFNUM
+ struct lifnum ifn;
+# endif
+# else /* !USE_SIOCGLIFCONF */
+ char buf[2048];
+ struct ifconf ifc;
+ register struct ifreq *ifr;
+# endif
+ void * bufptr = buf;
+#else /* HAS_GETIFADDRS */
+ struct ifaddrs * ifap, *ifr;
+#endif
+ int len;
+ unsigned char * addr;
+ int family;
+ register HOST *host;
+
+#ifdef DNETCONN
+ struct dn_naddr *dnaddr = getnodeadd();
+ /*
+ * AF_DECnet may not be listed in the interface list. Instead use
+ * the supported library call to find out the local address (if any).
+ */
+ if (dnaddr)
+ {
+ addr = (unsigned char *) dnaddr;
+ len = dnaddr->a_len + sizeof(dnaddr->a_len);
+ family = FamilyDECnet;
+ for (host = selfhosts;
+ host && !addrEqual (family, addr, len, host);
+ host = host->next)
+ ;
+ if (!host)
+ {
+ MakeHost(host,len)
+ if (host)
+ {
+ host->family = family;
+ host->len = len;
+ acopy(addr, host->addr, len);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+ }
+ }
+#endif /* DNETCONN */
+#ifndef HAS_GETIFADDRS
+
+ len = sizeof(buf);
+
+#ifdef USE_SIOCGLIFCONF
+
+#ifdef SIOCGLIFNUM
+ ifn.lifn_family = AF_UNSPEC;
+ ifn.lifn_flags = 0;
+ if (ioctl (fd, SIOCGLIFNUM, (char *) &ifn) < 0)
+ Error ("Getting interface count");
+ if (len < (ifn.lifn_count * sizeof(struct lifreq))) {
+ len = ifn.lifn_count * sizeof(struct lifreq);
+ bufptr = xalloc(len);
+ }
+#endif
+
+ ifc.lifc_family = AF_UNSPEC;
+ ifc.lifc_flags = 0;
+ ifc.lifc_len = len;
+ ifc.lifc_buf = bufptr;
+
+#define IFC_IOCTL_REQ SIOCGLIFCONF
+#define IFC_IFC_REQ ifc.lifc_req
+#define IFC_IFC_LEN ifc.lifc_len
+#define IFR_IFR_ADDR ifr->lifr_addr
+#define IFR_IFR_NAME ifr->lifr_name
+
+#else /* Use SIOCGIFCONF */
+ ifc.ifc_len = len;
+ ifc.ifc_buf = bufptr;
+
+#define IFC_IOCTL_REQ SIOCGIFCONF
+#define IFC_IFC_REQ ifc.ifc_req
+#define IFC_IFC_LEN ifc.ifc_len
+#define IFR_IFR_ADDR ifr->ifr_addr
+#define IFR_IFR_NAME ifr->ifr_name
+#endif
+
+ if (ifioctl (fd, IFC_IOCTL_REQ, (pointer) &ifc) < 0)
+ Error ("Getting interface configuration (4)");
+
+ cplim = (char *) IFC_IFC_REQ + IFC_IFC_LEN;
+
+ for (cp = (char *) IFC_IFC_REQ; cp < cplim; cp += ifr_size (ifr))
+ {
+ ifr = (ifr_type *) cp;
+ len = ifraddr_size (IFR_IFR_ADDR);
+ family = ConvertAddr ((struct sockaddr *) &IFR_IFR_ADDR,
+ &len, (pointer *)&addr);
+#ifdef DNETCONN
+ /*
+ * DECnet was handled up above.
+ */
+ if (family == AF_DECnet)
+ continue;
+#endif /* DNETCONN */
+ if (family == -1 || family == FamilyLocal)
+ continue;
+#if defined(IPv6) && defined(AF_INET6)
+ if (family == FamilyInternet6)
+ in6_fillscopeid((struct sockaddr_in6 *)&IFR_IFR_ADDR);
+#endif
+ for (host = selfhosts;
+ host && !addrEqual (family, addr, len, host);
+ host = host->next)
+ ;
+ if (host)
+ continue;
+ MakeHost(host,len)
+ if (host)
+ {
+ host->family = family;
+ host->len = len;
+ acopy(addr, host->addr, len);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+#ifdef XDMCP
+ {
+#ifdef USE_SIOCGLIFCONF
+ struct sockaddr_storage broad_addr;
+#else
+ struct sockaddr broad_addr;
+#endif
+
+ /*
+ * If this isn't an Internet Address, don't register it.
+ */
+ if (family != FamilyInternet
+#if defined(IPv6) && defined(AF_INET6)
+ && family != FamilyInternet6
+#endif
+ )
+ continue;
+
+ /*
+ * ignore 'localhost' entries as they're not useful
+ * on the other end of the wire
+ */
+ if (family == FamilyInternet &&
+ addr[0] == 127 && addr[1] == 0 &&
+ addr[2] == 0 && addr[3] == 1)
+ continue;
+#if defined(IPv6) && defined(AF_INET6)
+ else if (family == FamilyInternet6 &&
+ IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr))
+ continue;
+#endif
+
+ /*
+ * Ignore '0.0.0.0' entries as they are
+ * returned by some OSes for unconfigured NICs but they are
+ * not useful on the other end of the wire.
+ */
+ if (len == 4 &&
+ addr[0] == 0 && addr[1] == 0 &&
+ addr[2] == 0 && addr[3] == 0)
+ continue;
+
+ XdmcpRegisterConnection (family, (char *)addr, len);
+
+#if defined(IPv6) && defined(AF_INET6)
+ /* IPv6 doesn't support broadcasting, so we drop out here */
+ if (family == FamilyInternet6)
+ continue;
+#endif
+
+ broad_addr = IFR_IFR_ADDR;
+
+ ((struct sockaddr_in *) &broad_addr)->sin_addr.s_addr =
+ htonl (INADDR_BROADCAST);
+#if defined(USE_SIOCGLIFCONF) && defined(SIOCGLIFBRDADDR)
+ {
+ struct lifreq broad_req;
+
+ broad_req = *ifr;
+ if (ioctl (fd, SIOCGLIFFLAGS, (char *) &broad_req) != -1 &&
+ (broad_req.lifr_flags & IFF_BROADCAST) &&
+ (broad_req.lifr_flags & IFF_UP)
+ )
+ {
+ broad_req = *ifr;
+ if (ioctl (fd, SIOCGLIFBRDADDR, &broad_req) != -1)
+ broad_addr = broad_req.lifr_broadaddr;
+ else
+ continue;
+ }
+ else
+ continue;
+ }
+
+#elif defined(SIOCGIFBRDADDR)
+ {
+ struct ifreq broad_req;
+
+ broad_req = *ifr;
+ if (ifioctl (fd, SIOCGIFFLAGS, (pointer) &broad_req) != -1 &&
+ (broad_req.ifr_flags & IFF_BROADCAST) &&
+ (broad_req.ifr_flags & IFF_UP)
+ )
+ {
+ broad_req = *ifr;
+ if (ifioctl (fd, SIOCGIFBRDADDR, (pointer) &broad_req) != -1)
+ broad_addr = broad_req.ifr_addr;
+ else
+ continue;
+ }
+ else
+ continue;
+ }
+#endif /* SIOCGIFBRDADDR */
+ XdmcpRegisterBroadcastAddress ((struct sockaddr_in *) &broad_addr);
+ }
+#endif /* XDMCP */
+ }
+ if (bufptr != buf)
+ free(bufptr);
+#else /* HAS_GETIFADDRS */
+ if (getifaddrs(&ifap) < 0) {
+ ErrorF("Warning: getifaddrs returns %s\n", strerror(errno));
+ return;
+ }
+ for (ifr = ifap; ifr != NULL; ifr = ifr->ifa_next) {
+ if (!ifr->ifa_addr)
+ continue;
+#ifdef DNETCONN
+ if (ifr->ifa_addr.sa_family == AF_DECnet)
+ continue;
+#endif /* DNETCONN */
+ len = sizeof(*(ifr->ifa_addr));
+ family = ConvertAddr(ifr->ifa_addr, &len, (pointer *)&addr);
+ if (family == -1 || family == FamilyLocal)
+ continue;
+#if defined(IPv6) && defined(AF_INET6)
+ if (family == FamilyInternet6)
+ in6_fillscopeid((struct sockaddr_in6 *)ifr->ifa_addr);
+#endif
+
+ for (host = selfhosts;
+ host != NULL && !addrEqual(family, addr, len, host);
+ host = host->next)
+ ;
+ if (host != NULL)
+ continue;
+ MakeHost(host, len);
+ if (host != NULL) {
+ host->family = family;
+ host->len = len;
+ acopy(addr, host->addr, len);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+#ifdef XDMCP
+ {
+ struct sockaddr broad_addr;
+ /*
+ * If this isn't an Internet Address, don't register it.
+ */
+ if (family != FamilyInternet
+#if defined(IPv6) && defined(AF_INET6)
+ && family != FamilyInternet6
+#endif
+ )
+ continue;
+
+ /*
+ * ignore 'localhost' entries as they're not useful
+ * on the other end of the wire
+ */
+ if (ifr->ifa_flags & IFF_LOOPBACK)
+ continue;
+
+ if (family == FamilyInternet &&
+ addr[0] == 127 && addr[1] == 0 &&
+ addr[2] == 0 && addr[3] == 1)
+ continue;
+
+ /*
+ * Ignore '0.0.0.0' entries as they are
+ * returned by some OSes for unconfigured NICs but they are
+ * not useful on the other end of the wire.
+ */
+ if (len == 4 &&
+ addr[0] == 0 && addr[1] == 0 &&
+ addr[2] == 0 && addr[3] == 0)
+ continue;
+#if defined(IPv6) && defined(AF_INET6)
+ else if (family == FamilyInternet6 &&
+ IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr))
+ continue;
+#endif
+ XdmcpRegisterConnection(family, (char *)addr, len);
+#if defined(IPv6) && defined(AF_INET6)
+ if (family == FamilyInternet6)
+ /* IPv6 doesn't support broadcasting, so we drop out here */
+ continue;
+#endif
+ if ((ifr->ifa_flags & IFF_BROADCAST) &&
+ (ifr->ifa_flags & IFF_UP) &&
+ ifr->ifa_broadaddr)
+ broad_addr = *ifr->ifa_broadaddr;
+ else
+ continue;
+ XdmcpRegisterBroadcastAddress((struct sockaddr_in *)
+ &broad_addr);
+ }
+#endif /* XDMCP */
+
+ } /* for */
+ freeifaddrs(ifap);
+#endif /* HAS_GETIFADDRS */
+
+ /*
+ * add something of FamilyLocalHost
+ */
+ for (host = selfhosts;
+ host && !addrEqual(FamilyLocalHost, "", 0, host);
+ host = host->next);
+ if (!host)
+ {
+ MakeHost(host, 0);
+ if (host)
+ {
+ host->family = FamilyLocalHost;
+ host->len = 0;
+ acopy("", host->addr, 0);
+ host->next = selfhosts;
+ selfhosts = host;
+ }
+ }
+}
+#endif /* hpux && !HAS_IFREQ */
+
+#ifdef XDMCP
+void
+AugmentSelf(pointer from, int len)
+{
+ int family;
+ pointer addr;
+ register HOST *host;
+
+ family = ConvertAddr(from, &len, (pointer *)&addr);
+ if (family == -1 || family == FamilyLocal)
+ return;
+ for (host = selfhosts; host; host = host->next)
+ {
+ if (addrEqual(family, addr, len, host))
+ return;
+ }
+ MakeHost(host,len)
+ if (!host)
+ return;
+ host->family = family;
+ host->len = len;
+ acopy(addr, host->addr, len);
+ host->next = selfhosts;
+ selfhosts = host;
+}
+#endif
+
+void
+AddLocalHosts (void)
+{
+ HOST *self;
+
+ for (self = selfhosts; self; self = self->next)
+ /* Fix for XFree86 bug #156: pass addingLocal = TRUE to
+ * NewHost to tell that we are adding the default local
+ * host entries and not to flag the entries as being
+ * explicitely requested */
+ (void) NewHost (self->family, self->addr, self->len, TRUE);
+}
+
+/* Reset access control list to initial hosts */
+void
+ResetHosts (char *display)
+{
+ register HOST *host;
+ char lhostname[120], ohostname[120];
+ char *hostname = ohostname;
+ char fname[PATH_MAX + 1];
+ int fnamelen;
+ FILE *fd;
+ char *ptr;
+ int i, hostlen;
+#if ((defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)) && \
+ (!defined(IPv6) || !defined(AF_INET6))) || defined(DNETCONN)
+ union {
+ struct sockaddr sa;
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
+ struct sockaddr_in in;
+#endif /* TCPCONN || STREAMSCONN */
+#ifdef DNETCONN
+ struct sockaddr_dn dn;
+#endif
+ } saddr;
+#endif
+#ifdef DNETCONN
+ struct nodeent *np;
+ struct dn_naddr dnaddr, *dnaddrp, *dnet_addr();
+#endif
+ int family = 0;
+ pointer addr;
+ int len;
+
+ siTypesInitialize();
+ AccessEnabled = defeatAccessControl ? FALSE : DEFAULT_ACCESS_CONTROL;
+ LocalHostEnabled = FALSE;
+ while ((host = validhosts) != 0)
+ {
+ validhosts = host->next;
+ FreeHost (host);
+ }
+
+#if defined WIN32 && defined __MINGW32__
+#define ETC_HOST_PREFIX "X"
+#else
+#define ETC_HOST_PREFIX "/etc/X"
+#endif
+#define ETC_HOST_SUFFIX ".hosts"
+ fnamelen = strlen(ETC_HOST_PREFIX) + strlen(ETC_HOST_SUFFIX) +
+ strlen(display) + 1;
+ if (fnamelen > sizeof(fname))
+ FatalError("Display name `%s' is too long\n", display);
+ snprintf(fname, sizeof(fname), ETC_HOST_PREFIX "%s" ETC_HOST_SUFFIX,
+ display);
+
+ if ((fd = fopen (fname, "r")) != 0)
+ {
+ while (fgets (ohostname, sizeof (ohostname), fd))
+ {
+ family = FamilyWild;
+ if (*ohostname == '#')
+ continue;
+ if ((ptr = strchr(ohostname, '\n')) != 0)
+ *ptr = 0;
+ hostlen = strlen(ohostname) + 1;
+ for (i = 0; i < hostlen; i++)
+ lhostname[i] = tolower(ohostname[i]);
+ hostname = ohostname;
+ if (!strncmp("local:", lhostname, 6))
+ {
+ family = FamilyLocalHost;
+ NewHost(family, "", 0, FALSE);
+ LocalHostRequested = TRUE; /* Fix for XFree86 bug #156 */
+ }
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
+ else if (!strncmp("inet:", lhostname, 5))
+ {
+ family = FamilyInternet;
+ hostname = ohostname + 5;
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ else if (!strncmp("inet6:", lhostname, 6))
+ {
+ family = FamilyInternet6;
+ hostname = ohostname + 6;
+ }
+#endif
+#endif
+#ifdef DNETCONN
+ else if (!strncmp("dnet:", lhostname, 5))
+ {
+ family = FamilyDECnet;
+ hostname = ohostname + 5;
+ }
+#endif
+#ifdef SECURE_RPC
+ else if (!strncmp("nis:", lhostname, 4))
+ {
+ family = FamilyNetname;
+ hostname = ohostname + 4;
+ }
+#endif
+ else if (!strncmp("si:", lhostname, 3))
+ {
+ family = FamilyServerInterpreted;
+ hostname = ohostname + 3;
+ hostlen -= 3;
+ }
+
+
+ if (family == FamilyServerInterpreted)
+ {
+ len = siCheckAddr(hostname, hostlen);
+ if (len >= 0) {
+ NewHost(family, hostname, len, FALSE);
+ }
+ }
+ else
+#ifdef DNETCONN
+ if ((family == FamilyDECnet) || ((family == FamilyWild) &&
+ (ptr = strchr(hostname, ':')) && (*(ptr + 1) == ':') &&
+ !(*ptr = '\0'))) /* bash trailing colons if necessary */
+ {
+ /* node name (DECnet names end in "::") */
+ dnaddrp = dnet_addr(hostname);
+ if (!dnaddrp && (np = getnodebyname (hostname)))
+ {
+ /* node was specified by name */
+ saddr.sa.sa_family = np->n_addrtype;
+ len = sizeof(saddr.sa);
+ if (ConvertAddr (&saddr.sa, &len, (pointer *)&addr) == FamilyDECnet)
+ {
+ bzero ((char *) &dnaddr, sizeof (dnaddr));
+ dnaddr.a_len = np->n_length;
+ acopy (np->n_addr, dnaddr.a_addr, np->n_length);
+ dnaddrp = &dnaddr;
+ }
+ }
+ if (dnaddrp)
+ (void) NewHost(FamilyDECnet, (pointer)dnaddrp,
+ (int)(dnaddrp->a_len + sizeof(dnaddrp->a_len)), FALSE);
+ }
+ else
+#endif /* DNETCONN */
+#ifdef SECURE_RPC
+ if ((family == FamilyNetname) || (strchr(hostname, '@')))
+ {
+ SecureRPCInit ();
+ (void) NewHost (FamilyNetname, hostname, strlen (hostname), FALSE);
+ }
+ else
+#endif /* SECURE_RPC */
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
+ {
+#if defined(IPv6) && defined(AF_INET6)
+ if ( (family == FamilyInternet) || (family == FamilyInternet6) ||
+ (family == FamilyWild) )
+ {
+ struct addrinfo *addresses;
+ struct addrinfo *a;
+ int f;
+
+ if (getaddrinfo(hostname, NULL, NULL, &addresses) == 0) {
+ for (a = addresses ; a != NULL ; a = a->ai_next) {
+ len = a->ai_addrlen;
+ f = ConvertAddr(a->ai_addr,&len,(pointer *)&addr);
+ if ( (family == f) ||
+ ((family == FamilyWild) && (f != -1)) ) {
+ NewHost(f, addr, len, FALSE);
+ }
+ }
+ freeaddrinfo(addresses);
+ }
+ }
+#else
+#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
+ _Xgethostbynameparams hparams;
+#endif
+ register struct hostent *hp;
+
+ /* host name */
+ if ((family == FamilyInternet &&
+ ((hp = _XGethostbyname(hostname, hparams)) != 0)) ||
+ ((hp = _XGethostbyname(hostname, hparams)) != 0))
+ {
+ saddr.sa.sa_family = hp->h_addrtype;
+ len = sizeof(saddr.sa);
+ if ((family = ConvertAddr (&saddr.sa, &len, (pointer *)&addr)) != -1)
+ {
+#ifdef h_addr /* new 4.3bsd version of gethostent */
+ char **list;
+
+ /* iterate over the addresses */
+ for (list = hp->h_addr_list; *list; list++)
+ (void) NewHost (family, (pointer)*list, len, FALSE);
+#else
+ (void) NewHost (family, (pointer)hp->h_addr, len, FALSE);
+#endif
+ }
+ }
+#endif /* IPv6 */
+ }
+#endif /* TCPCONN || STREAMSCONN */
+ family = FamilyWild;
+ }
+ fclose (fd);
+ }
+}
+
+/* Is client on the local host */
+Bool LocalClient(ClientPtr client)
+{
+ int alen, family, notused;
+ Xtransaddr *from = NULL;
+ pointer addr;
+ register HOST *host;
+
+ if (!_XSERVTransGetPeerAddr (((OsCommPtr)client->osPrivate)->trans_conn,
+ &notused, &alen, &from))
+ {
+ family = ConvertAddr ((struct sockaddr *) from,
+ &alen, (pointer *)&addr);
+ if (family == -1)
+ {
+ xfree (from);
+ return FALSE;
+ }
+ if (family == FamilyLocal)
+ {
+ xfree (from);
+ return TRUE;
+ }
+ for (host = selfhosts; host; host = host->next)
+ {
+ if (addrEqual (family, addr, alen, host))
+ return TRUE;
+ }
+ xfree (from);
+ }
+ return FALSE;
+}
+
+/*
+ * Return the uid and gid of a connected local client
+ *
+ * Used by XShm to test access rights to shared memory segments
+ */
+int
+LocalClientCred(ClientPtr client, int *pUid, int *pGid)
+{
+ LocalClientCredRec *lcc;
+ int ret = GetLocalClientCreds(client, &lcc);
+
+ if (ret == 0) {
+#ifdef HAVE_GETZONEID /* only local if in the same zone */
+ if ((lcc->fieldsSet & LCC_ZID_SET) && (lcc->zoneid != getzoneid())) {
+ FreeLocalClientCreds(lcc);
+ return -1;
+ }
+#endif
+ if ((lcc->fieldsSet & LCC_UID_SET) && (pUid != NULL))
+ *pUid = lcc->euid;
+ if ((lcc->fieldsSet & LCC_GID_SET) && (pGid != NULL))
+ *pGid = lcc->egid;
+ FreeLocalClientCreds(lcc);
+ }
+ return ret;
+}
+
+/*
+ * Return the uid and all gids of a connected local client
+ * Allocates a LocalClientCredRec - caller must call FreeLocalClientCreds
+ *
+ * Used by localuser & localgroup ServerInterpreted access control forms below
+ * Used by AuthAudit to log who local connections came from
+ */
+int
+GetLocalClientCreds(ClientPtr client, LocalClientCredRec **lccp)
+{
+#if defined(HAS_GETPEEREID) || defined(HAS_GETPEERUCRED) || defined(SO_PEERCRED)
+ int fd;
+ XtransConnInfo ci;
+ LocalClientCredRec *lcc;
+#ifdef HAS_GETPEEREID
+ uid_t uid;
+ gid_t gid;
+#elif defined(HAS_GETPEERUCRED)
+ ucred_t *peercred = NULL;
+ const gid_t *gids;
+#elif defined(SO_PEERCRED)
+ struct ucred peercred;
+ socklen_t so_len = sizeof(peercred);
+#endif
+
+ if (client == NULL)
+ return -1;
+ ci = ((OsCommPtr)client->osPrivate)->trans_conn;
+#if !(defined(sun) && defined(HAS_GETPEERUCRED))
+ /* Most implementations can only determine peer credentials for Unix
+ * domain sockets - Solaris getpeerucred can work with a bit more, so
+ * we just let it tell us if the connection type is supported or not
+ */
+ if (!_XSERVTransIsLocal(ci)) {
+ return -1;
+ }
+#endif
+
+ *lccp = Xcalloc(sizeof(LocalClientCredRec));
+ if (*lccp == NULL)
+ return -1;
+ lcc = *lccp;
+
+ fd = _XSERVTransGetConnectionNumber(ci);
+#ifdef HAS_GETPEEREID
+ if (getpeereid(fd, &uid, &gid) == -1) {
+ FreeLocalClientCreds(lcc);
+ return -1;
+ }
+ lcc->euid = uid;
+ lcc->egid = gid;
+ lcc->fieldsSet = LCC_UID_SET | LCC_GID_SET;
+ return 0;
+#elif defined(HAS_GETPEERUCRED)
+ if (getpeerucred(fd, &peercred) < 0) {
+ FreeLocalClientCreds(lcc);
+ return -1;
+ }
+ lcc->euid = ucred_geteuid(peercred);
+ if (lcc->euid != -1)
+ lcc->fieldsSet |= LCC_UID_SET;
+ lcc->egid = ucred_getegid(peercred);
+ if (lcc->egid != -1)
+ lcc->fieldsSet |= LCC_GID_SET;
+ lcc->pid = ucred_getpid(peercred);
+ if (lcc->pid != -1)
+ lcc->fieldsSet |= LCC_PID_SET;
+#ifdef HAVE_GETZONEID
+ lcc->zoneid = ucred_getzoneid(peercred);
+ if (lcc->zoneid != -1)
+ lcc->fieldsSet |= LCC_ZID_SET;
+#endif
+ lcc->nSuppGids = ucred_getgroups(peercred, &gids);
+ if (lcc->nSuppGids > 0) {
+ lcc->pSuppGids = Xcalloc((lcc->nSuppGids) * sizeof(int));
+ if (lcc->pSuppGids == NULL) {
+ lcc->nSuppGids = 0;
+ } else {
+ int i;
+ for (i = 0 ; i < lcc->nSuppGids; i++) {
+ (lcc->pSuppGids)[i] = (int) gids[i];
+ }
+ }
+ } else {
+ lcc->nSuppGids = 0;
+ }
+ ucred_free(peercred);
+ return 0;
+#elif defined(SO_PEERCRED)
+ if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1) {
+ FreeLocalClientCreds(lcc);
+ return -1;
+ }
+ lcc->euid = peercred.uid;
+ lcc->egid = peercred.gid;
+ lcc->pid = peercred.pid;
+ lcc->fieldsSet = LCC_UID_SET | LCC_GID_SET | LCC_PID_SET;
+ return 0;
+#endif
+#else
+ /* No system call available to get the credentials of the peer */
+#define NO_LOCAL_CLIENT_CRED
+ return -1;
+#endif
+}
+
+void
+FreeLocalClientCreds(LocalClientCredRec *lcc)
+{
+ if (lcc != NULL) {
+ if (lcc->nSuppGids > 0) {
+ Xfree(lcc->pSuppGids);
+ }
+ Xfree(lcc);
+ }
+}
+
+static int
+AuthorizedClient(ClientPtr client)
+{
+ int rc;
+
+ if (!client || defeatAccessControl)
+ return Success;
+
+ /* untrusted clients can't change host access */
+ rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
+ if (rc != Success)
+ return rc;
+
+ return LocalClient(client) ? Success : BadAccess;
+}
+
+/* Add a host to the access control list. This is the external interface
+ * called from the dispatcher */
+
+int
+AddHost (ClientPtr client,
+ int family,
+ unsigned length, /* of bytes in pAddr */
+ const void * pAddr)
+{
+ int rc, len;
+
+ rc = AuthorizedClient(client);
+ if (rc != Success)
+ return rc;
+ switch (family) {
+ case FamilyLocalHost:
+ len = length;
+ LocalHostEnabled = TRUE;
+ break;
+#ifdef SECURE_RPC
+ case FamilyNetname:
+ len = length;
+ SecureRPCInit ();
+ break;
+#endif
+ case FamilyInternet:
+#if defined(IPv6) && defined(AF_INET6)
+ case FamilyInternet6:
+#endif
+ case FamilyDECnet:
+ case FamilyChaos:
+ case FamilyServerInterpreted:
+ if ((len = CheckAddr (family, pAddr, length)) < 0)
+ {
+ client->errorValue = length;
+ return (BadValue);
+ }
+ break;
+ case FamilyLocal:
+ default:
+ client->errorValue = family;
+ return (BadValue);
+ }
+ if (NewHost (family, pAddr, len, FALSE))
+ return Success;
+ return BadAlloc;
+}
+
+Bool
+ForEachHostInFamily (int family,
+ Bool (*func)(
+ unsigned char * /* addr */,
+ short /* len */,
+ pointer /* closure */),
+ pointer closure)
+{
+ HOST *host;
+
+ for (host = validhosts; host; host = host->next)
+ if (family == host->family && func (host->addr, host->len, closure))
+ return TRUE;
+ return FALSE;
+}
+
+/* Add a host to the access control list. This is the internal interface
+ * called when starting or resetting the server */
+static Bool
+NewHost (int family,
+ const void * addr,
+ int len,
+ int addingLocalHosts)
+{
+ register HOST *host;
+
+ for (host = validhosts; host; host = host->next)
+ {
+ if (addrEqual (family, addr, len, host))
+ return TRUE;
+ }
+ if (!addingLocalHosts) { /* Fix for XFree86 bug #156 */
+ for (host = selfhosts; host; host = host->next) {
+ if (addrEqual (family, addr, len, host)) {
+ host->requested = TRUE;
+ break;
+ }
+ }
+ }
+ MakeHost(host,len)
+ if (!host)
+ return FALSE;
+ host->family = family;
+ host->len = len;
+ acopy(addr, host->addr, len);
+ host->next = validhosts;
+ validhosts = host;
+ return TRUE;
+}
+
+/* Remove a host from the access control list */
+
+int
+RemoveHost (
+ ClientPtr client,
+ int family,
+ unsigned length, /* of bytes in pAddr */
+ pointer pAddr)
+{
+ int rc, len;
+ register HOST *host, **prev;
+
+ rc = AuthorizedClient(client);
+ if (rc != Success)
+ return rc;
+ switch (family) {
+ case FamilyLocalHost:
+ len = length;
+ LocalHostEnabled = FALSE;
+ break;
+#ifdef SECURE_RPC
+ case FamilyNetname:
+ len = length;
+ break;
+#endif
+ case FamilyInternet:
+#if defined(IPv6) && defined(AF_INET6)
+ case FamilyInternet6:
+#endif
+ case FamilyDECnet:
+ case FamilyChaos:
+ case FamilyServerInterpreted:
+ if ((len = CheckAddr (family, pAddr, length)) < 0)
+ {
+ client->errorValue = length;
+ return(BadValue);
+ }
+ break;
+ case FamilyLocal:
+ default:
+ client->errorValue = family;
+ return(BadValue);
+ }
+ for (prev = &validhosts;
+ (host = *prev) && (!addrEqual (family, pAddr, len, host));
+ prev = &host->next)
+ ;
+ if (host)
+ {
+ *prev = host->next;
+ FreeHost (host);
+ }
+ return (Success);
+}
+
+/* Get all hosts in the access control list */
+int
+GetHosts (
+ pointer *data,
+ int *pnHosts,
+ int *pLen,
+ BOOL *pEnabled)
+{
+ int len;
+ register int n = 0;
+ register unsigned char *ptr;
+ register HOST *host;
+ int nHosts = 0;
+
+ *pEnabled = AccessEnabled ? EnableAccess : DisableAccess;
+ for (host = validhosts; host; host = host->next)
+ {
+ nHosts++;
+ n += pad_to_int32(host->len) + sizeof(xHostEntry);
+ }
+ if (n)
+ {
+ *data = ptr = xalloc (n);
+ if (!ptr)
+ {
+ return(BadAlloc);
+ }
+ for (host = validhosts; host; host = host->next)
+ {
+ len = host->len;
+ ((xHostEntry *)ptr)->family = host->family;
+ ((xHostEntry *)ptr)->length = len;
+ ptr += sizeof(xHostEntry);
+ acopy (host->addr, ptr, len);
+ ptr += pad_to_int32(len);
+ }
+ } else {
+ *data = NULL;
+ }
+ *pnHosts = nHosts;
+ *pLen = n;
+ return(Success);
+}
+
+/* Check for valid address family and length, and return address length. */
+
+/*ARGSUSED*/
+static int
+CheckAddr (
+ int family,
+ const void * pAddr,
+ unsigned length)
+{
+ int len;
+
+ switch (family)
+ {
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
+ case FamilyInternet:
+ if (length == sizeof (struct in_addr))
+ len = length;
+ else
+ len = -1;
+ break;
+#if defined(IPv6) && defined(AF_INET6)
+ case FamilyInternet6:
+ if (length == sizeof (struct in6_addr))
+ len = length;
+ else
+ len = -1;
+ break;
+#endif
+#endif
+#ifdef DNETCONN
+ case FamilyDECnet:
+ {
+ struct dn_naddr *dnaddr = (struct dn_naddr *) pAddr;
+
+ if ((length < sizeof(dnaddr->a_len)) ||
+ (length < dnaddr->a_len + sizeof(dnaddr->a_len)))
+ len = -1;
+ else
+ len = dnaddr->a_len + sizeof(dnaddr->a_len);
+ if (len > sizeof(struct dn_naddr))
+ len = -1;
+ }
+ break;
+#endif
+ case FamilyServerInterpreted:
+ len = siCheckAddr(pAddr, length);
+ break;
+ default:
+ len = -1;
+ }
+ return (len);
+}
+
+/* Check if a host is not in the access control list.
+ * Returns 1 if host is invalid, 0 if we've found it. */
+
+int
+InvalidHost (
+ register struct sockaddr *saddr,
+ int len,
+ ClientPtr client)
+{
+ int family;
+ pointer addr;
+ register HOST *selfhost, *host;
+
+ if (!AccessEnabled) /* just let them in */
+ return(0);
+ family = ConvertAddr (saddr, &len, (pointer *)&addr);
+ if (family == -1)
+ return 1;
+ if (family == FamilyLocal)
+ {
+ if (!LocalHostEnabled)
+ {
+ /*
+ * check to see if any local address is enabled. This
+ * implicitly enables local connections.
+ */
+ for (selfhost = selfhosts; selfhost; selfhost=selfhost->next)
+ {
+ for (host = validhosts; host; host=host->next)
+ {
+ if (addrEqual (selfhost->family, selfhost->addr,
+ selfhost->len, host))
+ return 0;
+ }
+ }
+ } else
+ return 0;
+ }
+ for (host = validhosts; host; host = host->next)
+ {
+ if ((host->family == FamilyServerInterpreted)) {
+ if (siAddrMatch (family, addr, len, host, client)) {
+ return (0);
+ }
+ } else {
+ if (addrEqual (family, addr, len, host))
+ return (0);
+ }
+
+ }
+ return (1);
+}
+
+static int
+ConvertAddr (
+ register struct sockaddr *saddr,
+ int *len,
+ pointer *addr)
+{
+ if (*len == 0)
+ return (FamilyLocal);
+ switch (saddr->sa_family)
+ {
+ case AF_UNSPEC:
+#if defined(UNIXCONN) || defined(LOCALCONN)
+ case AF_UNIX:
+#endif
+ return FamilyLocal;
+#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
+ case AF_INET:
+#ifdef WIN32
+ if (16777343 == *(long*)&((struct sockaddr_in *) saddr)->sin_addr)
+ return FamilyLocal;
+#endif
+ *len = sizeof (struct in_addr);
+ *addr = (pointer) &(((struct sockaddr_in *) saddr)->sin_addr);
+ return FamilyInternet;
+#if defined(IPv6) && defined(AF_INET6)
+ case AF_INET6:
+ {
+ struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *) saddr;
+ if (IN6_IS_ADDR_V4MAPPED(&(saddr6->sin6_addr))) {
+ *len = sizeof (struct in_addr);
+ *addr = (pointer) &(saddr6->sin6_addr.s6_addr[12]);
+ return FamilyInternet;
+ } else {
+ *len = sizeof (struct in6_addr);
+ *addr = (pointer) &(saddr6->sin6_addr);
+ return FamilyInternet6;
+ }
+ }
+#endif
+#endif
+#ifdef DNETCONN
+ case AF_DECnet:
+ {
+ struct sockaddr_dn *sdn = (struct sockaddr_dn *) saddr;
+ *len = sdn->sdn_nodeaddrl + sizeof(sdn->sdn_nodeaddrl);
+ *addr = (pointer) &(sdn->sdn_add);
+ }
+ return FamilyDECnet;
+#endif
+#ifdef CHAOSCONN
+ case AF_CHAOS:
+ {
+ not implemented
+ }
+ return FamilyChaos;
+#endif
+ default:
+ return -1;
+ }
+}
+
+int
+ChangeAccessControl(
+ ClientPtr client,
+ int fEnabled)
+{
+ int rc = AuthorizedClient(client);
+ if (rc != Success)
+ return rc;
+ AccessEnabled = fEnabled;
+ return Success;
+}
+
+/* returns FALSE if xhost + in effect, else TRUE */
+int
+GetAccessControl(void)
+{
+ return AccessEnabled;
+}
+
+/*****************************************************************************
+ * FamilyServerInterpreted host entry implementation
+ *
+ * Supports an extensible system of host types which the server can interpret
+ * See the IPv6 extensions to the X11 protocol spec for the definition.
+ *
+ * Currently supported schemes:
+ *
+ * hostname - hostname as defined in IETF RFC 2396
+ * ipv6 - IPv6 literal address as defined in IETF RFC's 3513 and <TBD>
+ *
+ * See xc/doc/specs/SIAddresses for formal definitions of each type.
+ */
+
+/* These definitions and the siTypeAdd function could be exported in the
+ * future to enable loading additional host types, but that was not done for
+ * the initial implementation.
+ */
+typedef Bool (*siAddrMatchFunc)(int family, pointer addr, int len,
+ const char *siAddr, int siAddrlen, ClientPtr client, void *siTypePriv);
+typedef int (*siCheckAddrFunc)(const char *addrString, int length,
+ void *siTypePriv);
+
+struct siType {
+ struct siType * next;
+ const char * typeName;
+ siAddrMatchFunc addrMatch;
+ siCheckAddrFunc checkAddr;
+ void * typePriv; /* Private data for type routines */
+};
+
+static struct siType *siTypeList;
+
+static int
+siTypeAdd(const char *typeName, siAddrMatchFunc addrMatch,
+ siCheckAddrFunc checkAddr, void *typePriv)
+{
+ struct siType *s, *p;
+
+ if ((typeName == NULL) || (addrMatch == NULL) || (checkAddr == NULL))
+ return BadValue;
+
+ for (s = siTypeList, p = NULL; s != NULL ; p = s, s = s->next) {
+ if (strcmp(typeName, s->typeName) == 0) {
+ s->addrMatch = addrMatch;
+ s->checkAddr = checkAddr;
+ s->typePriv = typePriv;
+ return Success;
+ }
+ }
+
+ s = xalloc(sizeof(struct siType));
+ if (s == NULL)
+ return BadAlloc;
+
+ if (p == NULL)
+ siTypeList = s;
+ else
+ p->next = s;
+
+ s->next = NULL;
+ s->typeName = typeName;
+ s->addrMatch = addrMatch;
+ s->checkAddr = checkAddr;
+ s->typePriv = typePriv;
+ return Success;
+}
+
+/* Checks to see if a host matches a server-interpreted host entry */
+static Bool
+siAddrMatch(int family, pointer addr, int len, HOST *host, ClientPtr client)
+{
+ Bool matches = FALSE;
+ struct siType *s;
+ const char *valueString;
+ int addrlen;
+
+ valueString = (const char *) memchr(host->addr, '\0', host->len);
+ if (valueString != NULL) {
+ for (s = siTypeList; s != NULL ; s = s->next) {
+ if (strcmp((char *) host->addr, s->typeName) == 0) {
+ addrlen = host->len - (strlen((char *)host->addr) + 1);
+ matches = s->addrMatch(family, addr, len,
+ valueString + 1, addrlen, client, s->typePriv);
+ break;
+ }
+ }
+#ifdef FAMILY_SI_DEBUG
+ ErrorF(
+ "Xserver: siAddrMatch(): type = %s, value = %*.*s -- %s\n",
+ host->addr, addrlen, addrlen, valueString + 1,
+ (matches) ? "accepted" : "rejected");
+#endif
+ }
+ return matches;
+}
+
+static int
+siCheckAddr(const char *addrString, int length)
+{
+ const char *valueString;
+ int addrlen, typelen;
+ int len = -1;
+ struct siType *s;
+
+ /* Make sure there is a \0 byte inside the specified length
+ to separate the address type from the address value. */
+ valueString = (const char *) memchr(addrString, '\0', length);
+ if (valueString != NULL) {
+ /* Make sure the first string is a recognized address type,
+ * and the second string is a valid address of that type.
+ */
+ typelen = strlen(addrString) + 1;
+ addrlen = length - typelen;
+
+ for (s = siTypeList; s != NULL ; s = s->next) {
+ if (strcmp(addrString, s->typeName) == 0) {
+ len = s->checkAddr(valueString + 1, addrlen, s->typePriv);
+ if (len >= 0) {
+ len += typelen;
+ }
+ break;
+ }
+ }
+#ifdef FAMILY_SI_DEBUG
+ {
+ const char *resultMsg;
+
+ if (s == NULL) {
+ resultMsg = "type not registered";
+ } else {
+ if (len == -1)
+ resultMsg = "rejected";
+ else
+ resultMsg = "accepted";
+ }
+
+ ErrorF("Xserver: siCheckAddr(): type = %s, value = %*.*s, len = %d -- %s\n",
+ addrString, addrlen, addrlen, valueString + 1, len, resultMsg);
+ }
+#endif
+ }
+ return len;
+}
+
+
+/***
+ * Hostname server-interpreted host type
+ *
+ * Stored as hostname string, explicitly defined to be resolved ONLY
+ * at access check time, to allow for hosts with dynamic addresses
+ * but static hostnames, such as found in some DHCP & mobile setups.
+ *
+ * Hostname must conform to IETF RFC 2396 sec. 3.2.2, which defines it as:
+ * hostname = *( domainlabel "." ) toplabel [ "." ]
+ * domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
+ * toplabel = alpha | alpha *( alphanum | "-" ) alphanum
+ */
+
+#ifdef NI_MAXHOST
+# define SI_HOSTNAME_MAXLEN NI_MAXHOST
+#else
+# ifdef MAXHOSTNAMELEN
+# define SI_HOSTNAME_MAXLEN MAXHOSTNAMELEN
+# else
+# define SI_HOSTNAME_MAXLEN 256
+# endif
+#endif
+
+static Bool
+siHostnameAddrMatch(int family, pointer addr, int len,
+ const char *siAddr, int siAddrLen, ClientPtr client, void *typePriv)
+{
+ Bool res = FALSE;
+
+/* Currently only supports checking against IPv4 & IPv6 connections, but
+ * support for other address families, such as DECnet, could be added if
+ * desired.
+ */
+#if defined(IPv6) && defined(AF_INET6)
+ if ((family == FamilyInternet) || (family == FamilyInternet6)) {
+ char hostname[SI_HOSTNAME_MAXLEN];
+ struct addrinfo *addresses;
+ struct addrinfo *a;
+ int f, hostaddrlen;
+ pointer hostaddr;
+
+ if (siAddrLen >= sizeof(hostname))
+ return FALSE;
+
+ strncpy(hostname, siAddr, siAddrLen);
+ hostname[siAddrLen] = '\0';
+
+ if (getaddrinfo(hostname, NULL, NULL, &addresses) == 0) {
+ for (a = addresses ; a != NULL ; a = a->ai_next) {
+ hostaddrlen = a->ai_addrlen;
+ f = ConvertAddr(a->ai_addr,&hostaddrlen,&hostaddr);
+ if ((f == family) && (len == hostaddrlen) &&
+ (acmp (addr, hostaddr, len) == 0) ) {
+ res = TRUE;
+ break;
+ }
+ }
+ freeaddrinfo(addresses);
+ }
+ }
+#else /* IPv6 not supported, use gethostbyname instead for IPv4 */
+ if (family == FamilyInternet) {
+ register struct hostent *hp;
+#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
+ _Xgethostbynameparams hparams;
+#endif
+ char hostname[SI_HOSTNAME_MAXLEN];
+ int f, hostaddrlen;
+ pointer hostaddr;
+ const char **addrlist;
+
+ if (siAddrLen >= sizeof(hostname))
+ return FALSE;
+
+ strncpy(hostname, siAddr, siAddrLen);
+ hostname[siAddrLen] = '\0';
+
+ if ((hp = _XGethostbyname(hostname, hparams)) != NULL) {
+#ifdef h_addr /* new 4.3bsd version of gethostent */
+ /* iterate over the addresses */
+ for (addrlist = hp->h_addr_list; *addrlist; addrlist++)
+#else
+ addrlist = &hp->h_addr;
+#endif
+ {
+ struct sockaddr_in sin;
+
+ sin.sin_family = hp->h_addrtype;
+ acopy ( *addrlist, &(sin.sin_addr), hp->h_length);
+ hostaddrlen = sizeof(sin);
+ f = ConvertAddr ((struct sockaddr *)&sin,
+ &hostaddrlen, &hostaddr);
+ if ((f == family) && (len == hostaddrlen) &&
+ (acmp (addr, hostaddr, len) == 0) ) {
+ res = TRUE;
+ break;
+ }
+ }
+ }
+ }
+#endif
+ return res;
+}
+
+
+static int
+siHostnameCheckAddr(const char *valueString, int length, void *typePriv)
+{
+ /* Check conformance of hostname to RFC 2396 sec. 3.2.2 definition.
+ * We do not use ctype functions here to avoid locale-specific
+ * character sets. Hostnames must be pure ASCII.
+ */
+ int len = length;
+ int i;
+ Bool dotAllowed = FALSE;
+ Bool dashAllowed = FALSE;
+
+ if ((length <= 0) || (length >= SI_HOSTNAME_MAXLEN)) {
+ len = -1;
+ } else {
+ for (i = 0; i < length; i++) {
+ char c = valueString[i];
+
+ if (c == 0x2E) { /* '.' */
+ if (dotAllowed == FALSE) {
+ len = -1;
+ break;
+ } else {
+ dotAllowed = FALSE;
+ dashAllowed = FALSE;
+ }
+ } else if (c == 0x2D) { /* '-' */
+ if (dashAllowed == FALSE) {
+ len = -1;
+ break;
+ } else {
+ dotAllowed = FALSE;
+ }
+ } else if (((c >= 0x30) && (c <= 0x3A)) /* 0-9 */ ||
+ ((c >= 0x61) && (c <= 0x7A)) /* a-z */ ||
+ ((c >= 0x41) && (c <= 0x5A)) /* A-Z */) {
+ dotAllowed = TRUE;
+ dashAllowed = TRUE;
+ } else { /* Invalid character */
+ len = -1;
+ break;
+ }
+ }
+ }
+ return len;
+}
+
+#if defined(IPv6) && defined(AF_INET6)
+/***
+ * "ipv6" server interpreted type
+ *
+ * Currently supports only IPv6 literal address as specified in IETF RFC 3513
+ *
+ * Once draft-ietf-ipv6-scoping-arch-00.txt becomes an RFC, support will be
+ * added for the scoped address format it specifies.
+ */
+
+/* Maximum length of an IPv6 address string - increase when adding support
+ * for scoped address qualifiers. Includes room for trailing NUL byte.
+ */
+#define SI_IPv6_MAXLEN INET6_ADDRSTRLEN
+
+static Bool
+siIPv6AddrMatch(int family, pointer addr, int len,
+ const char *siAddr, int siAddrlen, ClientPtr client, void *typePriv)
+{
+ struct in6_addr addr6;
+ char addrbuf[SI_IPv6_MAXLEN];
+
+ if ((family != FamilyInternet6) || (len != sizeof(addr6)))
+ return FALSE;
+
+ memcpy(addrbuf, siAddr, siAddrlen);
+ addrbuf[siAddrlen] = '\0';
+
+ if (inet_pton(AF_INET6, addrbuf, &addr6) != 1) {
+ perror("inet_pton");
+ return FALSE;
+ }
+
+ if (memcmp(addr, &addr6, len) == 0) {
+ return TRUE;
+ } else {
+ return FALSE;
+ }
+}
+
+static int
+siIPv6CheckAddr(const char *addrString, int length, void *typePriv)
+{
+ int len;
+
+ /* Minimum length is 3 (smallest legal address is "::1") */
+ if (length < 3) {
+ /* Address is too short! */
+ len = -1;
+ } else if (length >= SI_IPv6_MAXLEN) {
+ /* Address is too long! */
+ len = -1;
+ } else {
+ /* Assume inet_pton is sufficient validation */
+ struct in6_addr addr6;
+ char addrbuf[SI_IPv6_MAXLEN];
+
+ memcpy(addrbuf, addrString, length);
+ addrbuf[length] = '\0';
+
+ if (inet_pton(AF_INET6, addrbuf, &addr6) != 1) {
+ perror("inet_pton");
+ len = -1;
+ } else {
+ len = length;
+ }
+ }
+ return len;
+}
+#endif /* IPv6 */
+
+#if !defined(NO_LOCAL_CLIENT_CRED)
+/***
+ * "localuser" & "localgroup" server interpreted types
+ *
+ * Allows local connections from a given local user or group
+ */
+
+#include <pwd.h>
+#include <grp.h>
+
+#define LOCAL_USER 1
+#define LOCAL_GROUP 2
+
+typedef struct {
+ int credType;
+} siLocalCredPrivRec, *siLocalCredPrivPtr;
+
+static siLocalCredPrivRec siLocalUserPriv = { LOCAL_USER };
+static siLocalCredPrivRec siLocalGroupPriv = { LOCAL_GROUP };
+
+static Bool
+siLocalCredGetId(const char *addr, int len, siLocalCredPrivPtr lcPriv, int *id)
+{
+ Bool parsedOK = FALSE;
+ char *addrbuf = xalloc(len + 1);
+
+ if (addrbuf == NULL) {
+ return FALSE;
+ }
+
+ memcpy(addrbuf, addr, len);
+ addrbuf[len] = '\0';
+
+ if (addr[0] == '#') { /* numeric id */
+ char *cp;
+ errno = 0;
+ *id = strtol(addrbuf + 1, &cp, 0);
+ if ((errno == 0) && (cp != (addrbuf+1))) {
+ parsedOK = TRUE;
+ }
+ } else { /* non-numeric name */
+ if (lcPriv->credType == LOCAL_USER) {
+ struct passwd *pw = getpwnam(addrbuf);
+
+ if (pw != NULL) {
+ *id = (int) pw->pw_uid;
+ parsedOK = TRUE;
+ }
+ } else { /* group */
+ struct group *gr = getgrnam(addrbuf);
+
+ if (gr != NULL) {
+ *id = (int) gr->gr_gid;
+ parsedOK = TRUE;
+ }
+ }
+ }
+
+ xfree(addrbuf);
+ return parsedOK;
+}
+
+static Bool
+siLocalCredAddrMatch(int family, pointer addr, int len,
+ const char *siAddr, int siAddrlen, ClientPtr client, void *typePriv)
+{
+ int siAddrId;
+ LocalClientCredRec *lcc;
+ siLocalCredPrivPtr lcPriv = (siLocalCredPrivPtr) typePriv;
+
+ if (GetLocalClientCreds(client, &lcc) == -1) {
+ return FALSE;
+ }
+
+#ifdef HAVE_GETZONEID /* Ensure process is in the same zone */
+ if ((lcc->fieldsSet & LCC_ZID_SET) && (lcc->zoneid != getzoneid())) {
+ FreeLocalClientCreds(lcc);
+ return FALSE;
+ }
+#endif
+
+ if (siLocalCredGetId(siAddr, siAddrlen, lcPriv, &siAddrId) == FALSE) {
+ FreeLocalClientCreds(lcc);
+ return FALSE;
+ }
+
+ if (lcPriv->credType == LOCAL_USER) {
+ if ((lcc->fieldsSet & LCC_UID_SET) && (lcc->euid == siAddrId)) {
+ FreeLocalClientCreds(lcc);
+ return TRUE;
+ }
+ } else {
+ if ((lcc->fieldsSet & LCC_GID_SET) && (lcc->egid == siAddrId)) {
+ FreeLocalClientCreds(lcc);
+ return TRUE;
+ }
+ if (lcc->pSuppGids != NULL) {
+ int i;
+
+ for (i = 0 ; i < lcc->nSuppGids; i++) {
+ if (lcc->pSuppGids[i] == siAddrId) {
+ FreeLocalClientCreds(lcc);
+ return TRUE;
+ }
+ }
+ }
+ }
+ FreeLocalClientCreds(lcc);
+ return FALSE;
+}
+
+static int
+siLocalCredCheckAddr(const char *addrString, int length, void *typePriv)
+{
+ int len = length;
+ int id;
+
+ if (siLocalCredGetId(addrString, length,
+ (siLocalCredPrivPtr)typePriv, &id) == FALSE) {
+ len = -1;
+ }
+ return len;
+}
+#endif /* localuser */
+
+static void
+siTypesInitialize(void)
+{
+ siTypeAdd("hostname", siHostnameAddrMatch, siHostnameCheckAddr, NULL);
+#if defined(IPv6) && defined(AF_INET6)
+ siTypeAdd("ipv6", siIPv6AddrMatch, siIPv6CheckAddr, NULL);
+#endif
+#if !defined(NO_LOCAL_CLIENT_CRED)
+ siTypeAdd("localuser", siLocalCredAddrMatch, siLocalCredCheckAddr,
+ &siLocalUserPriv);
+ siTypeAdd("localgroup", siLocalCredAddrMatch, siLocalCredCheckAddr,
+ &siLocalGroupPriv);
+#endif
+}
diff --git a/xorg-server/os/auth.c b/xorg-server/os/auth.c
index 0514d1788..f80e53155 100644
--- a/xorg-server/os/auth.c
+++ b/xorg-server/os/auth.c
@@ -1,339 +1,340 @@
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included
-in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall
-not be used in advertising or otherwise to promote the sale, use or
-other dealings in this Software without prior written authorization
-from The Open Group.
-
-*/
-
-/*
- * authorization hooks for the server
- * Author: Keith Packard, MIT X Consortium
- */
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-# include <X11/X.h>
-# include <X11/Xauth.h>
-# include "misc.h"
-# include "osdep.h"
-# include "dixstruct.h"
-# include <sys/types.h>
-# include <sys/stat.h>
-#ifdef WIN32
-#include <X11/Xw32defs.h>
-#endif
-
-struct protocol {
- unsigned short name_length;
- char *name;
- AuthAddCFunc Add; /* new authorization data */
- AuthCheckFunc Check; /* verify client authorization data */
- AuthRstCFunc Reset; /* delete all authorization data entries */
- AuthToIDFunc ToID; /* convert cookie to ID */
- AuthFromIDFunc FromID; /* convert ID to cookie */
- AuthRemCFunc Remove; /* remove a specific cookie */
-#ifdef XCSECURITY
- AuthGenCFunc Generate;
-#endif
-};
-
-static struct protocol protocols[] = {
-{ (unsigned short) 18, "MIT-MAGIC-COOKIE-1",
- MitAddCookie, MitCheckCookie, MitResetCookie,
- MitToID, MitFromID, MitRemoveCookie,
-#ifdef XCSECURITY
- MitGenerateCookie
-#endif
-},
-#ifdef HASXDMAUTH
-{ (unsigned short) 19, "XDM-AUTHORIZATION-1",
- XdmAddCookie, XdmCheckCookie, XdmResetCookie,
- XdmToID, XdmFromID, XdmRemoveCookie,
-#ifdef XCSECURITY
- NULL
-#endif
-},
-#endif
-#ifdef SECURE_RPC
-{ (unsigned short) 9, "SUN-DES-1",
- SecureRPCAdd, SecureRPCCheck, SecureRPCReset,
- SecureRPCToID, SecureRPCFromID,SecureRPCRemove,
-#ifdef XCSECURITY
- NULL
-#endif
-},
-#endif
-};
-
-# define NUM_AUTHORIZATION (sizeof (protocols) /\
- sizeof (struct protocol))
-
-/*
- * Initialize all classes of authorization by reading the
- * specified authorization file
- */
-
-static char *authorization_file = (char *)NULL;
-
-static Bool ShouldLoadAuth = TRUE;
-
-void
-InitAuthorization (char *file_name)
-{
- authorization_file = file_name;
-}
-
-static int
-LoadAuthorization (void)
-{
- FILE *f;
- Xauth *auth;
- int i;
- int count = 0;
-
- ShouldLoadAuth = FALSE;
- if (!authorization_file)
- return 0;
-
- f = Fopen (authorization_file, "r");
- if (!f)
- return -1;
-
- while ((auth = XauReadAuth (f)) != 0) {
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].name_length == auth->name_length &&
- memcmp (protocols[i].name, auth->name, (int) auth->name_length) == 0 &&
- protocols[i].Add)
- {
- ++count;
- (*protocols[i].Add) (auth->data_length, auth->data,
- FakeClientID(0));
- }
- }
- XauDisposeAuth (auth);
- }
-
- Fclose (f);
- return count;
-}
-
-#ifdef XDMCP
-/*
- * XdmcpInit calls this function to discover all authorization
- * schemes supported by the display
- */
-void
-RegisterAuthorizations (void)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++)
- XdmcpRegisterAuthorization (protocols[i].name,
- (int)protocols[i].name_length);
-}
-#endif
-
-XID
-CheckAuthorization (
- unsigned int name_length,
- char *name,
- unsigned int data_length,
- char *data,
- ClientPtr client,
- char **reason) /* failure message. NULL for default msg */
-{
- int i;
- struct stat buf;
- static time_t lastmod = 0;
- static Bool loaded = FALSE;
-
- if (!authorization_file || stat(authorization_file, &buf))
- {
- if (lastmod != 0) {
- lastmod = 0;
- ShouldLoadAuth = TRUE; /* stat lost, so force reload */
- }
- }
- else if (buf.st_mtime > lastmod)
- {
- lastmod = buf.st_mtime;
- ShouldLoadAuth = TRUE;
- }
- if (ShouldLoadAuth)
- {
- int loadauth = LoadAuthorization();
-
- /*
- * If the authorization file has at least one entry for this server,
- * disable local host access. (loadauth > 0)
- *
- * If there are zero entries (either initially or when the
- * authorization file is later reloaded), or if a valid
- * authorization file was never loaded, enable local host access.
- * (loadauth == 0 || !loaded)
- *
- * If the authorization file was loaded initially (with valid
- * entries for this server), and reloading it later fails, don't
- * change anything. (loadauth == -1 && loaded)
- */
-
- if (loadauth > 0)
- {
- DisableLocalHost(); /* got at least one */
- loaded = TRUE;
- }
- else if (loadauth == 0 || !loaded)
- EnableLocalHost ();
- }
- if (name_length) {
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].name_length == name_length &&
- memcmp (protocols[i].name, name, (int) name_length) == 0)
- {
- return (*protocols[i].Check) (data_length, data, client, reason);
- }
- *reason = "Protocol not supported by server\n";
- }
- } else *reason = "No protocol specified\n";
- return (XID) ~0L;
-}
-
-void
-ResetAuthorization (void)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++)
- if (protocols[i].Reset)
- (*protocols[i].Reset)();
- ShouldLoadAuth = TRUE;
-}
-
-int
-AuthorizationFromID (
- XID id,
- unsigned short *name_lenp,
- char **namep,
- unsigned short *data_lenp,
- char **datap)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].FromID &&
- (*protocols[i].FromID) (id, data_lenp, datap)) {
- *name_lenp = protocols[i].name_length;
- *namep = protocols[i].name;
- return 1;
- }
- }
- return 0;
-}
-
-int
-RemoveAuthorization (
- unsigned short name_length,
- char *name,
- unsigned short data_length,
- char *data)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].name_length == name_length &&
- memcmp (protocols[i].name, name, (int) name_length) == 0 &&
- protocols[i].Remove)
- {
- return (*protocols[i].Remove) (data_length, data);
- }
- }
- return 0;
-}
-
-int
-AddAuthorization (unsigned name_length, char *name, unsigned data_length, char *data)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].name_length == name_length &&
- memcmp (protocols[i].name, name, (int) name_length) == 0 &&
- protocols[i].Add)
- {
- return (*protocols[i].Add) (data_length, data, FakeClientID(0));
- }
- }
- return 0;
-}
-
-#ifdef XCSECURITY
-
-XID
-GenerateAuthorization(
- unsigned name_length,
- char *name,
- unsigned data_length,
- char *data,
- unsigned *data_length_return,
- char **data_return)
-{
- int i;
-
- for (i = 0; i < NUM_AUTHORIZATION; i++) {
- if (protocols[i].name_length == name_length &&
- memcmp (protocols[i].name, name, (int) name_length) == 0 &&
- protocols[i].Generate)
- {
- return (*protocols[i].Generate) (data_length, data,
- FakeClientID(0), data_length_return, data_return);
- }
- }
- return -1;
-}
-
-void
-GenerateRandomData (int len, char *buf)
-{
-#ifdef _MSC_VER
- static HANDLE hAdvApi32;
- static BOOLEAN (_stdcall * RtlGenRandom)(void *,unsigned long);
-
- if (!hAdvApi32)
- {
- hAdvApi32=LoadLibrary("advapi32.dll");
- RtlGenRandom=(BOOLEAN (_stdcall *)(void*,unsigned long))GetProcAddress(hAdvApi32,"SystemFunction036");
- }
- RtlGenRandom(buf, len);
-#else
- int fd;
-
- fd = open("/dev/urandom", O_RDONLY);
- read(fd, buf, len);
- close(fd);
-#endif
-}
-
-#endif /* XCSECURITY */
+/*
+
+Copyright 1988, 1998 The Open Group
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+the above copyright notice appear in all copies and that both that
+copyright notice and this permission notice appear in supporting
+documentation.
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall
+not be used in advertising or otherwise to promote the sale, use or
+other dealings in this Software without prior written authorization
+from The Open Group.
+
+*/
+
+/*
+ * authorization hooks for the server
+ * Author: Keith Packard, MIT X Consortium
+ */
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+# include <X11/X.h>
+# include <X11/Xauth.h>
+# include "misc.h"
+# include "osdep.h"
+# include "dixstruct.h"
+# include <sys/types.h>
+# include <sys/stat.h>
+#ifdef WIN32
+#include <X11/Xw32defs.h>
+#endif
+
+struct protocol {
+ unsigned short name_length;
+ char *name;
+ AuthAddCFunc Add; /* new authorization data */
+ AuthCheckFunc Check; /* verify client authorization data */
+ AuthRstCFunc Reset; /* delete all authorization data entries */
+ AuthToIDFunc ToID; /* convert cookie to ID */
+ AuthFromIDFunc FromID; /* convert ID to cookie */
+ AuthRemCFunc Remove; /* remove a specific cookie */
+#ifdef XCSECURITY
+ AuthGenCFunc Generate;
+#endif
+};
+
+static struct protocol protocols[] = {
+{ (unsigned short) 18, "MIT-MAGIC-COOKIE-1",
+ MitAddCookie, MitCheckCookie, MitResetCookie,
+ MitToID, MitFromID, MitRemoveCookie,
+#ifdef XCSECURITY
+ MitGenerateCookie
+#endif
+},
+#ifdef HASXDMAUTH
+{ (unsigned short) 19, "XDM-AUTHORIZATION-1",
+ XdmAddCookie, XdmCheckCookie, XdmResetCookie,
+ XdmToID, XdmFromID, XdmRemoveCookie,
+#ifdef XCSECURITY
+ NULL
+#endif
+},
+#endif
+#ifdef SECURE_RPC
+{ (unsigned short) 9, "SUN-DES-1",
+ SecureRPCAdd, SecureRPCCheck, SecureRPCReset,
+ SecureRPCToID, SecureRPCFromID,SecureRPCRemove,
+#ifdef XCSECURITY
+ NULL
+#endif
+},
+#endif
+};
+
+# define NUM_AUTHORIZATION (sizeof (protocols) /\
+ sizeof (struct protocol))
+
+/*
+ * Initialize all classes of authorization by reading the
+ * specified authorization file
+ */
+
+static char *authorization_file = (char *)NULL;
+
+static Bool ShouldLoadAuth = TRUE;
+
+void
+InitAuthorization (char *file_name)
+{
+ authorization_file = file_name;
+}
+
+static int
+LoadAuthorization (void)
+{
+ FILE *f;
+ Xauth *auth;
+ int i;
+ int count = 0;
+
+ ShouldLoadAuth = FALSE;
+ if (!authorization_file)
+ return 0;
+
+ f = Fopen (authorization_file, "r");
+ if (!f)
+ return -1;
+
+ while ((auth = XauReadAuth (f)) != 0) {
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].name_length == auth->name_length &&
+ memcmp (protocols[i].name, auth->name, (int) auth->name_length) == 0 &&
+ protocols[i].Add)
+ {
+ ++count;
+ (*protocols[i].Add) (auth->data_length, auth->data,
+ FakeClientID(0));
+ }
+ }
+ XauDisposeAuth (auth);
+ }
+
+ Fclose (f);
+ return count;
+}
+
+#ifdef XDMCP
+/*
+ * XdmcpInit calls this function to discover all authorization
+ * schemes supported by the display
+ */
+void
+RegisterAuthorizations (void)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++)
+ XdmcpRegisterAuthorization (protocols[i].name,
+ (int)protocols[i].name_length);
+}
+#endif
+
+XID
+CheckAuthorization (
+ unsigned int name_length,
+ const char *name,
+ unsigned int data_length,
+ const char *data,
+ ClientPtr client,
+ char **reason) /* failure message. NULL for default msg */
+{
+ int i;
+ struct stat buf;
+ static time_t lastmod = 0;
+ static Bool loaded = FALSE;
+
+ if (!authorization_file || stat(authorization_file, &buf))
+ {
+ if (lastmod != 0) {
+ lastmod = 0;
+ ShouldLoadAuth = TRUE; /* stat lost, so force reload */
+ }
+ }
+ else if (buf.st_mtime > lastmod)
+ {
+ lastmod = buf.st_mtime;
+ ShouldLoadAuth = TRUE;
+ }
+ if (ShouldLoadAuth)
+ {
+ int loadauth = LoadAuthorization();
+
+ /*
+ * If the authorization file has at least one entry for this server,
+ * disable local host access. (loadauth > 0)
+ *
+ * If there are zero entries (either initially or when the
+ * authorization file is later reloaded), or if a valid
+ * authorization file was never loaded, enable local host access.
+ * (loadauth == 0 || !loaded)
+ *
+ * If the authorization file was loaded initially (with valid
+ * entries for this server), and reloading it later fails, don't
+ * change anything. (loadauth == -1 && loaded)
+ */
+
+ if (loadauth > 0)
+ {
+ DisableLocalHost(); /* got at least one */
+ loaded = TRUE;
+ }
+ else if (loadauth == 0 || !loaded)
+ EnableLocalHost ();
+ }
+ if (name_length) {
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].name_length == name_length &&
+ memcmp (protocols[i].name, name, (int) name_length) == 0)
+ {
+ return (*protocols[i].Check) (data_length, data, client, reason);
+ }
+ *reason = "Protocol not supported by server\n";
+ }
+ } else *reason = "No protocol specified\n";
+ return (XID) ~0L;
+}
+
+void
+ResetAuthorization (void)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++)
+ if (protocols[i].Reset)
+ (*protocols[i].Reset)();
+ ShouldLoadAuth = TRUE;
+}
+
+int
+AuthorizationFromID (
+ XID id,
+ unsigned short *name_lenp,
+ char **namep,
+ unsigned short *data_lenp,
+ char **datap)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].FromID &&
+ (*protocols[i].FromID) (id, data_lenp, datap)) {
+ *name_lenp = protocols[i].name_length;
+ *namep = protocols[i].name;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+int
+RemoveAuthorization (
+ unsigned short name_length,
+ const char *name,
+ unsigned short data_length,
+ const char *data)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].name_length == name_length &&
+ memcmp (protocols[i].name, name, (int) name_length) == 0 &&
+ protocols[i].Remove)
+ {
+ return (*protocols[i].Remove) (data_length, data);
+ }
+ }
+ return 0;
+}
+
+int
+AddAuthorization (unsigned name_length, const char *name,
+ unsigned data_length, char *data)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].name_length == name_length &&
+ memcmp (protocols[i].name, name, (int) name_length) == 0 &&
+ protocols[i].Add)
+ {
+ return (*protocols[i].Add) (data_length, data, FakeClientID(0));
+ }
+ }
+ return 0;
+}
+
+#ifdef XCSECURITY
+
+XID
+GenerateAuthorization(
+ unsigned name_length,
+ const char *name,
+ unsigned data_length,
+ const char *data,
+ unsigned *data_length_return,
+ char **data_return)
+{
+ int i;
+
+ for (i = 0; i < NUM_AUTHORIZATION; i++) {
+ if (protocols[i].name_length == name_length &&
+ memcmp (protocols[i].name, name, (int) name_length) == 0 &&
+ protocols[i].Generate)
+ {
+ return (*protocols[i].Generate) (data_length, data,
+ FakeClientID(0), data_length_return, data_return);
+ }
+ }
+ return -1;
+}
+
+void
+GenerateRandomData (int len, char *buf)
+{
+#ifdef _MSC_VER
+ static HANDLE hAdvApi32;
+ static BOOLEAN (_stdcall * RtlGenRandom)(void *,unsigned long);
+
+ if (!hAdvApi32)
+ {
+ hAdvApi32=LoadLibrary("advapi32.dll");
+ RtlGenRandom=(BOOLEAN (_stdcall *)(void*,unsigned long))GetProcAddress(hAdvApi32,"SystemFunction036");
+ }
+ RtlGenRandom(buf, len);
+#else
+ int fd;
+
+ fd = open("/dev/urandom", O_RDONLY);
+ read(fd, buf, len);
+ close(fd);
+#endif
+}
+
+#endif /* XCSECURITY */
diff --git a/xorg-server/os/mitauth.c b/xorg-server/os/mitauth.c
index a7968cbd7..5baf552bc 100644
--- a/xorg-server/os/mitauth.c
+++ b/xorg-server/os/mitauth.c
@@ -1,197 +1,197 @@
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included
-in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall
-not be used in advertising or otherwise to promote the sale, use or
-other dealings in this Software without prior written authorization
-from The Open Group.
-
-*/
-
-/*
- * MIT-MAGIC-COOKIE-1 authorization scheme
- * Author: Keith Packard, MIT X Consortium
- */
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#include <X11/X.h>
-#include "os.h"
-#include "osdep.h"
-#include "dixstruct.h"
-
-static struct auth {
- struct auth *next;
- unsigned short len;
- char *data;
- XID id;
-} *mit_auth;
-
-int
-MitAddCookie (
- unsigned short data_length,
- char *data,
- XID id)
-{
- struct auth *new;
-
- new = xalloc (sizeof (struct auth));
- if (!new)
- return 0;
- new->data = xalloc ((unsigned) data_length);
- if (!new->data) {
- xfree(new);
- return 0;
- }
- new->next = mit_auth;
- mit_auth = new;
- memmove(new->data, data, (int) data_length);
- new->len = data_length;
- new->id = id;
- return 1;
-}
-
-XID
-MitCheckCookie (
- unsigned short data_length,
- char *data,
- ClientPtr client,
- char **reason)
-{
- struct auth *auth;
-
- for (auth = mit_auth; auth; auth=auth->next) {
- if (data_length == auth->len &&
- memcmp (data, auth->data, (int) data_length) == 0)
- return auth->id;
- }
- *reason = "Invalid MIT-MAGIC-COOKIE-1 key";
- return (XID) -1;
-}
-
-int
-MitResetCookie (void)
-{
- struct auth *auth, *next;
-
- for (auth = mit_auth; auth; auth=next) {
- next = auth->next;
- xfree (auth->data);
- xfree (auth);
- }
- mit_auth = 0;
- return 0;
-}
-
-XID
-MitToID (
- unsigned short data_length,
- char *data)
-{
- struct auth *auth;
-
- for (auth = mit_auth; auth; auth=auth->next) {
- if (data_length == auth->len &&
- memcmp (data, auth->data, data_length) == 0)
- return auth->id;
- }
- return (XID) -1;
-}
-
-int
-MitFromID (
- XID id,
- unsigned short *data_lenp,
- char **datap)
-{
- struct auth *auth;
-
- for (auth = mit_auth; auth; auth=auth->next) {
- if (id == auth->id) {
- *data_lenp = auth->len;
- *datap = auth->data;
- return 1;
- }
- }
- return 0;
-}
-
-int
-MitRemoveCookie (
- unsigned short data_length,
- char *data)
-{
- struct auth *auth, *prev;
-
- prev = 0;
- for (auth = mit_auth; auth; prev = auth, auth=auth->next) {
- if (data_length == auth->len &&
- memcmp (data, auth->data, data_length) == 0)
- {
- if (prev)
- prev->next = auth->next;
- else
- mit_auth = auth->next;
- xfree (auth->data);
- xfree (auth);
- return 1;
- }
- }
- return 0;
-}
-
-#ifdef XCSECURITY
-
-static char cookie[16]; /* 128 bits */
-
-XID
-MitGenerateCookie (
- unsigned data_length,
- char *data,
- XID id,
- unsigned *data_length_return,
- char **data_return)
-{
- int i = 0;
- int status;
-
- while (data_length--)
- {
- cookie[i++] += *data++;
- if (i >= sizeof (cookie)) i = 0;
- }
- GenerateRandomData(sizeof (cookie), cookie);
- status = MitAddCookie(sizeof (cookie), cookie, id);
- if (!status)
- {
- id = -1;
- }
- else
- {
- *data_return = cookie;
- *data_length_return = sizeof (cookie);
- }
- return id;
-}
-
-#endif /* XCSECURITY */
+/*
+
+Copyright 1988, 1998 The Open Group
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+the above copyright notice appear in all copies and that both that
+copyright notice and this permission notice appear in supporting
+documentation.
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall
+not be used in advertising or otherwise to promote the sale, use or
+other dealings in this Software without prior written authorization
+from The Open Group.
+
+*/
+
+/*
+ * MIT-MAGIC-COOKIE-1 authorization scheme
+ * Author: Keith Packard, MIT X Consortium
+ */
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#include <X11/X.h>
+#include "os.h"
+#include "osdep.h"
+#include "dixstruct.h"
+
+static struct auth {
+ struct auth *next;
+ unsigned short len;
+ char *data;
+ XID id;
+} *mit_auth;
+
+int
+MitAddCookie (
+ unsigned short data_length,
+ const char *data,
+ XID id)
+{
+ struct auth *new;
+
+ new = xalloc (sizeof (struct auth));
+ if (!new)
+ return 0;
+ new->data = xalloc ((unsigned) data_length);
+ if (!new->data) {
+ xfree(new);
+ return 0;
+ }
+ new->next = mit_auth;
+ mit_auth = new;
+ memmove(new->data, data, (int) data_length);
+ new->len = data_length;
+ new->id = id;
+ return 1;
+}
+
+XID
+MitCheckCookie (
+ unsigned short data_length,
+ const char *data,
+ ClientPtr client,
+ char **reason)
+{
+ struct auth *auth;
+
+ for (auth = mit_auth; auth; auth=auth->next) {
+ if (data_length == auth->len &&
+ memcmp (data, auth->data, (int) data_length) == 0)
+ return auth->id;
+ }
+ *reason = "Invalid MIT-MAGIC-COOKIE-1 key";
+ return (XID) -1;
+}
+
+int
+MitResetCookie (void)
+{
+ struct auth *auth, *next;
+
+ for (auth = mit_auth; auth; auth=next) {
+ next = auth->next;
+ xfree (auth->data);
+ xfree (auth);
+ }
+ mit_auth = 0;
+ return 0;
+}
+
+XID
+MitToID (
+ unsigned short data_length,
+ char *data)
+{
+ struct auth *auth;
+
+ for (auth = mit_auth; auth; auth=auth->next) {
+ if (data_length == auth->len &&
+ memcmp (data, auth->data, data_length) == 0)
+ return auth->id;
+ }
+ return (XID) -1;
+}
+
+int
+MitFromID (
+ XID id,
+ unsigned short *data_lenp,
+ char **datap)
+{
+ struct auth *auth;
+
+ for (auth = mit_auth; auth; auth=auth->next) {
+ if (id == auth->id) {
+ *data_lenp = auth->len;
+ *datap = auth->data;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+int
+MitRemoveCookie (
+ unsigned short data_length,
+ const char *data)
+{
+ struct auth *auth, *prev;
+
+ prev = 0;
+ for (auth = mit_auth; auth; prev = auth, auth=auth->next) {
+ if (data_length == auth->len &&
+ memcmp (data, auth->data, data_length) == 0)
+ {
+ if (prev)
+ prev->next = auth->next;
+ else
+ mit_auth = auth->next;
+ xfree (auth->data);
+ xfree (auth);
+ return 1;
+ }
+ }
+ return 0;
+}
+
+#ifdef XCSECURITY
+
+static char cookie[16]; /* 128 bits */
+
+XID
+MitGenerateCookie (
+ unsigned data_length,
+ const char *data,
+ XID id,
+ unsigned *data_length_return,
+ char **data_return)
+{
+ int i = 0;
+ int status;
+
+ while (data_length--)
+ {
+ cookie[i++] += *data++;
+ if (i >= sizeof (cookie)) i = 0;
+ }
+ GenerateRandomData(sizeof (cookie), cookie);
+ status = MitAddCookie(sizeof (cookie), cookie, id);
+ if (!status)
+ {
+ id = -1;
+ }
+ else
+ {
+ *data_return = cookie;
+ *data_length_return = sizeof (cookie);
+ }
+ return id;
+}
+
+#endif /* XCSECURITY */
diff --git a/xorg-server/os/osdep.h b/xorg-server/os/osdep.h
index fda1edf72..32b4a6763 100644
--- a/xorg-server/os/osdep.h
+++ b/xorg-server/os/osdep.h
@@ -114,7 +114,8 @@ SOFTWARE.
#if defined(XDMCP) || defined(HASXDMAUTH)
typedef Bool (*ValidatorFunc)(ARRAY8Ptr Auth, ARRAY8Ptr Data, int packet_type);
typedef Bool (*GeneratorFunc)(ARRAY8Ptr Auth, ARRAY8Ptr Data, int packet_type);
-typedef Bool (*AddAuthorFunc)(unsigned name_length, char *name, unsigned data_length, char *data);
+typedef Bool (*AddAuthorFunc)(unsigned name_length, const char *name,
+ unsigned data_length, char *data);
#endif
typedef struct _connectionInput {
@@ -138,19 +139,19 @@ struct _osComm;
#define AuthInitArgs void
typedef void (*AuthInitFunc) (AuthInitArgs);
-#define AuthAddCArgs unsigned short data_length, char *data, XID id
+#define AuthAddCArgs unsigned short data_length, const char *data, XID id
typedef int (*AuthAddCFunc) (AuthAddCArgs);
-#define AuthCheckArgs unsigned short data_length, char *data, ClientPtr client, char **reason
+#define AuthCheckArgs unsigned short data_length, const char *data, ClientPtr client, char **reason
typedef XID (*AuthCheckFunc) (AuthCheckArgs);
#define AuthFromIDArgs XID id, unsigned short *data_lenp, char **datap
typedef int (*AuthFromIDFunc) (AuthFromIDArgs);
-#define AuthGenCArgs unsigned data_length, char *data, XID id, unsigned *data_length_return, char **data_return
+#define AuthGenCArgs unsigned data_length, const char *data, XID id, unsigned *data_length_return, char **data_return
typedef XID (*AuthGenCFunc) (AuthGenCArgs);
-#define AuthRemCArgs unsigned short data_length, char *data
+#define AuthRemCArgs unsigned short data_length, const char *data
typedef int (*AuthRemCFunc) (AuthRemCArgs);
#define AuthRstCArgs void
@@ -254,29 +255,29 @@ extern void XdmcpUseMsg (void);
extern int XdmcpOptions(int argc, char **argv, int i);
extern void XdmcpRegisterConnection (
int type,
- char *address,
+ const char *address,
int addrlen);
extern void XdmcpRegisterAuthorizations (void);
-extern void XdmcpRegisterAuthorization (char *name, int namelen);
+extern void XdmcpRegisterAuthorization (const char *name, int namelen);
extern void XdmcpInit (void);
extern void XdmcpReset (void);
extern void XdmcpOpenDisplay(int sock);
extern void XdmcpCloseDisplay(int sock);
extern void XdmcpRegisterAuthentication (
- char *name,
+ const char *name,
int namelen,
- char *data,
+ const char *data,
int datalen,
ValidatorFunc Validator,
GeneratorFunc Generator,
AddAuthorFunc AddAuth);
struct sockaddr_in;
-extern void XdmcpRegisterBroadcastAddress (struct sockaddr_in *addr);
+extern void XdmcpRegisterBroadcastAddress (const struct sockaddr_in *addr);
#endif
#ifdef HASXDMAUTH
-extern void XdmAuthenticationInit (char *cookie, int cookie_length);
+extern void XdmAuthenticationInit (const char *cookie, int cookie_length);
#endif
#endif /* _OSDEP_H_ */
diff --git a/xorg-server/os/rpcauth.c b/xorg-server/os/rpcauth.c
index 5ddbe210b..a63304375 100644
--- a/xorg-server/os/rpcauth.c
+++ b/xorg-server/os/rpcauth.c
@@ -1,193 +1,193 @@
-/*
-
-Copyright 1991, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included
-in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall
-not be used in advertising or otherwise to promote the sale, use or
-other dealings in this Software without prior written authorization
-from The Open Group.
-
-*/
-
-/*
- * SUN-DES-1 authentication mechanism
- * Author: Mayank Choudhary, Sun Microsystems
- */
-
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#ifdef SECURE_RPC
-
-#include <X11/X.h>
-#include <X11/Xauth.h>
-#include "misc.h"
-#include "os.h"
-#include "osdep.h"
-#include "dixstruct.h"
-
-#include <rpc/rpc.h>
-
-#ifdef sun
-/* <rpc/auth.h> only includes this if _KERNEL is #defined... */
-extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
-#endif
-
-static enum auth_stat why;
-
-static char *
-authdes_ezdecode(char *inmsg, int len)
-{
- struct rpc_msg msg;
- char cred_area[MAX_AUTH_BYTES];
- char verf_area[MAX_AUTH_BYTES];
- char *temp_inmsg;
- struct svc_req r;
- bool_t res0, res1;
- XDR xdr;
- SVCXPRT xprt;
-
- temp_inmsg = xalloc(len);
- memmove(temp_inmsg, inmsg, len);
-
- memset((char *)&msg, 0, sizeof(msg));
- memset((char *)&r, 0, sizeof(r));
- memset(cred_area, 0, sizeof(cred_area));
- memset(verf_area, 0, sizeof(verf_area));
-
- msg.rm_call.cb_cred.oa_base = cred_area;
- msg.rm_call.cb_verf.oa_base = verf_area;
- why = AUTH_FAILED;
- xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE);
-
- if ((r.rq_clntcred = xalloc(MAX_AUTH_BYTES)) == NULL)
- goto bad1;
- r.rq_xprt = &xprt;
-
- /* decode into msg */
- res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred));
- res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf));
- if ( ! (res0 && res1) )
- goto bad2;
-
- /* do the authentication */
-
- r.rq_cred = msg.rm_call.cb_cred; /* read by opaque stuff */
- if (r.rq_cred.oa_flavor != AUTH_DES) {
- why = AUTH_TOOWEAK;
- goto bad2;
- }
-#ifdef SVR4
- if ((why = __authenticate(&r, &msg)) != AUTH_OK) {
-#else
- if ((why = _authenticate(&r, &msg)) != AUTH_OK) {
-#endif
- goto bad2;
- }
- return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name);
-
-bad2:
- xfree(r.rq_clntcred);
-bad1:
- return ((char *)0); /* ((struct authdes_cred *) NULL); */
-}
-
-static XID rpc_id = (XID) ~0L;
-
-static Bool
-CheckNetName (
- unsigned char *addr,
- short len,
- pointer closure
-)
-{
- return (len == strlen ((char *) closure) &&
- strncmp ((char *) addr, (char *) closure, len) == 0);
-}
-
-static char rpc_error[MAXNETNAMELEN+50];
-
-_X_HIDDEN XID
-SecureRPCCheck (unsigned short data_length, char *data,
- ClientPtr client, char **reason)
-{
- char *fullname;
-
- if (rpc_id == (XID) ~0L) {
- *reason = "Secure RPC authorization not initialized";
- } else {
- fullname = authdes_ezdecode(data, data_length);
- if (fullname == (char *)0) {
- sprintf(rpc_error, "Unable to authenticate secure RPC client (why=%d)", why);
- *reason = rpc_error;
- } else {
- if (ForEachHostInFamily (FamilyNetname, CheckNetName, fullname))
- return rpc_id;
- sprintf(rpc_error, "Principal \"%s\" is not authorized to connect",
- fullname);
- *reason = rpc_error;
- }
- }
- return (XID) ~0L;
-}
-
-_X_HIDDEN void
-SecureRPCInit (void)
-{
- if (rpc_id == ~0L)
- AddAuthorization (9, "SUN-DES-1", 0, (char *) 0);
-}
-
-_X_HIDDEN int
-SecureRPCAdd (unsigned short data_length, char *data, XID id)
-{
- if (data_length)
- AddHost ((pointer) 0, FamilyNetname, data_length, data);
- rpc_id = id;
- return 1;
-}
-
-_X_HIDDEN int
-SecureRPCReset (void)
-{
- rpc_id = (XID) ~0L;
- return 1;
-}
-
-_X_HIDDEN XID
-SecureRPCToID (unsigned short data_length, char *data)
-{
- return rpc_id;
-}
-
-_X_HIDDEN int
-SecureRPCFromID (XID id, unsigned short *data_lenp, char **datap)
-{
- return 0;
-}
-
-_X_HIDDEN int
-SecureRPCRemove (unsigned short data_length, char *data)
-{
- return 0;
-}
-#endif /* SECURE_RPC */
+/*
+
+Copyright 1991, 1998 The Open Group
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+the above copyright notice appear in all copies and that both that
+copyright notice and this permission notice appear in supporting
+documentation.
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall
+not be used in advertising or otherwise to promote the sale, use or
+other dealings in this Software without prior written authorization
+from The Open Group.
+
+*/
+
+/*
+ * SUN-DES-1 authentication mechanism
+ * Author: Mayank Choudhary, Sun Microsystems
+ */
+
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#ifdef SECURE_RPC
+
+#include <X11/X.h>
+#include <X11/Xauth.h>
+#include "misc.h"
+#include "os.h"
+#include "osdep.h"
+#include "dixstruct.h"
+
+#include <rpc/rpc.h>
+
+#ifdef sun
+/* <rpc/auth.h> only includes this if _KERNEL is #defined... */
+extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
+#endif
+
+static enum auth_stat why;
+
+static char *
+authdes_ezdecode(const char *inmsg, int len)
+{
+ struct rpc_msg msg;
+ char cred_area[MAX_AUTH_BYTES];
+ char verf_area[MAX_AUTH_BYTES];
+ char *temp_inmsg;
+ struct svc_req r;
+ bool_t res0, res1;
+ XDR xdr;
+ SVCXPRT xprt;
+
+ temp_inmsg = xalloc(len);
+ memmove(temp_inmsg, inmsg, len);
+
+ memset((char *)&msg, 0, sizeof(msg));
+ memset((char *)&r, 0, sizeof(r));
+ memset(cred_area, 0, sizeof(cred_area));
+ memset(verf_area, 0, sizeof(verf_area));
+
+ msg.rm_call.cb_cred.oa_base = cred_area;
+ msg.rm_call.cb_verf.oa_base = verf_area;
+ why = AUTH_FAILED;
+ xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE);
+
+ if ((r.rq_clntcred = xalloc(MAX_AUTH_BYTES)) == NULL)
+ goto bad1;
+ r.rq_xprt = &xprt;
+
+ /* decode into msg */
+ res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred));
+ res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf));
+ if ( ! (res0 && res1) )
+ goto bad2;
+
+ /* do the authentication */
+
+ r.rq_cred = msg.rm_call.cb_cred; /* read by opaque stuff */
+ if (r.rq_cred.oa_flavor != AUTH_DES) {
+ why = AUTH_TOOWEAK;
+ goto bad2;
+ }
+#ifdef SVR4
+ if ((why = __authenticate(&r, &msg)) != AUTH_OK) {
+#else
+ if ((why = _authenticate(&r, &msg)) != AUTH_OK) {
+#endif
+ goto bad2;
+ }
+ return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name);
+
+bad2:
+ xfree(r.rq_clntcred);
+bad1:
+ return ((char *)0); /* ((struct authdes_cred *) NULL); */
+}
+
+static XID rpc_id = (XID) ~0L;
+
+static Bool
+CheckNetName (
+ unsigned char *addr,
+ short len,
+ pointer closure
+)
+{
+ return (len == strlen ((char *) closure) &&
+ strncmp ((char *) addr, (char *) closure, len) == 0);
+}
+
+static char rpc_error[MAXNETNAMELEN+50];
+
+_X_HIDDEN XID
+SecureRPCCheck (unsigned short data_length, const char *data,
+ ClientPtr client, char **reason)
+{
+ char *fullname;
+
+ if (rpc_id == (XID) ~0L) {
+ *reason = "Secure RPC authorization not initialized";
+ } else {
+ fullname = authdes_ezdecode(data, data_length);
+ if (fullname == (char *)0) {
+ sprintf(rpc_error, "Unable to authenticate secure RPC client (why=%d)", why);
+ *reason = rpc_error;
+ } else {
+ if (ForEachHostInFamily (FamilyNetname, CheckNetName, fullname))
+ return rpc_id;
+ sprintf(rpc_error, "Principal \"%s\" is not authorized to connect",
+ fullname);
+ *reason = rpc_error;
+ }
+ }
+ return (XID) ~0L;
+}
+
+_X_HIDDEN void
+SecureRPCInit (void)
+{
+ if (rpc_id == ~0L)
+ AddAuthorization (9, "SUN-DES-1", 0, (char *) 0);
+}
+
+_X_HIDDEN int
+SecureRPCAdd (unsigned short data_length, const char *data, XID id)
+{
+ if (data_length)
+ AddHost ((pointer) 0, FamilyNetname, data_length, data);
+ rpc_id = id;
+ return 1;
+}
+
+_X_HIDDEN int
+SecureRPCReset (void)
+{
+ rpc_id = (XID) ~0L;
+ return 1;
+}
+
+_X_HIDDEN XID
+SecureRPCToID (unsigned short data_length, char *data)
+{
+ return rpc_id;
+}
+
+_X_HIDDEN int
+SecureRPCFromID (XID id, unsigned short *data_lenp, char **datap)
+{
+ return 0;
+}
+
+_X_HIDDEN int
+SecureRPCRemove (unsigned short data_length, const char *data)
+{
+ return 0;
+}
+#endif /* SECURE_RPC */
diff --git a/xorg-server/os/xdmauth.c b/xorg-server/os/xdmauth.c
index e19e4f93d..7834b56f8 100644
--- a/xorg-server/os/xdmauth.c
+++ b/xorg-server/os/xdmauth.c
@@ -1,499 +1,499 @@
-/*
-
-Copyright 1988, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included
-in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall
-not be used in advertising or otherwise to promote the sale, use or
-other dealings in this Software without prior written authorization
-from The Open Group.
-
-*/
-
-/*
- * XDM-AUTHENTICATION-1 (XDMCP authentication) and
- * XDM-AUTHORIZATION-1 (client authorization) protocols
- *
- * Author: Keith Packard, MIT X Consortium
- */
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#include <stdio.h>
-#include <X11/X.h>
-#define XSERV_t
-#define TRANS_SERVER
-#define TRANS_REOPEN
-#include <X11/Xtrans/Xtrans.h>
-#include "os.h"
-#include "osdep.h"
-#include "dixstruct.h"
-
-#ifdef HASXDMAUTH
-
-static Bool authFromXDMCP;
-
-#ifdef XDMCP
-#include <X11/Xmd.h>
-#undef REQUEST
-#include <X11/Xdmcp.h>
-
-/* XDM-AUTHENTICATION-1 */
-
-static XdmAuthKeyRec privateKey;
-static char XdmAuthenticationName[] = "XDM-AUTHENTICATION-1";
-#define XdmAuthenticationNameLen (sizeof XdmAuthenticationName - 1)
-static XdmAuthKeyRec rho;
-
-static Bool
-XdmAuthenticationValidator (ARRAY8Ptr privateData, ARRAY8Ptr incomingData,
- xdmOpCode packet_type)
-{
- XdmAuthKeyPtr incoming;
-
- XdmcpUnwrap (incomingData->data, (unsigned char *)&privateKey,
- incomingData->data,incomingData->length);
- if (packet_type == ACCEPT) {
- if (incomingData->length != 8)
- return FALSE;
- incoming = (XdmAuthKeyPtr) incomingData->data;
- XdmcpDecrementKey (incoming);
- return XdmcpCompareKeys (incoming, &rho);
- }
- return FALSE;
-}
-
-static Bool
-XdmAuthenticationGenerator (ARRAY8Ptr privateData, ARRAY8Ptr outgoingData,
- xdmOpCode packet_type)
-{
- outgoingData->length = 0;
- outgoingData->data = 0;
- if (packet_type == REQUEST) {
- if (XdmcpAllocARRAY8 (outgoingData, 8))
- XdmcpWrap ((unsigned char *)&rho, (unsigned char *)&privateKey,
- outgoingData->data, 8);
- }
- return TRUE;
-}
-
-static Bool
-XdmAuthenticationAddAuth (int name_len, char *name,
- int data_len, char *data)
-{
- Bool ret;
- XdmcpUnwrap ((unsigned char *)data, (unsigned char *)&privateKey,
- (unsigned char *)data, data_len);
- authFromXDMCP = TRUE;
- ret = AddAuthorization (name_len, name, data_len, data);
- authFromXDMCP = FALSE;
- return ret;
-}
-
-
-#define atox(c) ('0' <= c && c <= '9' ? c - '0' : \
- 'a' <= c && c <= 'f' ? c - 'a' + 10 : \
- 'A' <= c && c <= 'F' ? c - 'A' + 10 : -1)
-
-static int
-HexToBinary (char *in, char *out, int len)
-{
- int top, bottom;
-
- while (len > 0)
- {
- top = atox(in[0]);
- if (top == -1)
- return 0;
- bottom = atox(in[1]);
- if (bottom == -1)
- return 0;
- *out++ = (top << 4) | bottom;
- in += 2;
- len -= 2;
- }
- if (len)
- return 0;
- *out++ = '\0';
- return 1;
-}
-
-void
-XdmAuthenticationInit (char *cookie, int cookie_len)
-{
- bzero (privateKey.data, 8);
- if (!strncmp (cookie, "0x", 2) || !strncmp (cookie, "0X", 2))
- {
- if (cookie_len > 2 + 2 * 8)
- cookie_len = 2 + 2 * 8;
- HexToBinary (cookie + 2, (char *)privateKey.data, cookie_len - 2);
- }
- else
- {
- if (cookie_len > 7)
- cookie_len = 7;
- memmove (privateKey.data + 1, cookie, cookie_len);
- }
- XdmcpGenerateKey (&rho);
- XdmcpRegisterAuthentication (XdmAuthenticationName, XdmAuthenticationNameLen,
- (char *)&rho,
- sizeof (rho),
- (ValidatorFunc)XdmAuthenticationValidator,
- (GeneratorFunc)XdmAuthenticationGenerator,
- (AddAuthorFunc)XdmAuthenticationAddAuth);
-}
-
-#endif /* XDMCP */
-
-/* XDM-AUTHORIZATION-1 */
-typedef struct _XdmAuthorization {
- struct _XdmAuthorization *next;
- XdmAuthKeyRec rho;
- XdmAuthKeyRec key;
- XID id;
-} XdmAuthorizationRec, *XdmAuthorizationPtr;
-
-static XdmAuthorizationPtr xdmAuth;
-
-typedef struct _XdmClientAuth {
- struct _XdmClientAuth *next;
- XdmAuthKeyRec rho;
- char client[6];
- long time;
-} XdmClientAuthRec, *XdmClientAuthPtr;
-
-static XdmClientAuthPtr xdmClients;
-static long clockOffset;
-static Bool gotClock;
-
-#define TwentyMinutes (20 * 60)
-#define TwentyFiveMinutes (25 * 60)
-
-static Bool
-XdmClientAuthCompare (XdmClientAuthPtr a, XdmClientAuthPtr b)
-{
- int i;
-
- if (!XdmcpCompareKeys (&a->rho, &b->rho))
- return FALSE;
- for (i = 0; i < 6; i++)
- if (a->client[i] != b->client[i])
- return FALSE;
- return a->time == b->time;
-}
-
-static void
-XdmClientAuthDecode (unsigned char *plain, XdmClientAuthPtr auth)
-{
- int i, j;
-
- j = 0;
- for (i = 0; i < 8; i++)
- {
- auth->rho.data[i] = plain[j];
- ++j;
- }
- for (i = 0; i < 6; i++)
- {
- auth->client[i] = plain[j];
- ++j;
- }
- auth->time = 0;
- for (i = 0; i < 4; i++)
- {
- auth->time |= plain[j] << ((3 - i) << 3);
- j++;
- }
-}
-
-static void
-XdmClientAuthTimeout (long now)
-{
- XdmClientAuthPtr client, next, prev;
-
- prev = 0;
- for (client = xdmClients; client; client=next)
- {
- next = client->next;
- if (abs (now - client->time) > TwentyFiveMinutes)
- {
- if (prev)
- prev->next = next;
- else
- xdmClients = next;
- xfree (client);
- }
- else
- prev = client;
- }
-}
-
-static XdmClientAuthPtr
-XdmAuthorizationValidate (unsigned char *plain, int length,
- XdmAuthKeyPtr rho, ClientPtr xclient, char **reason)
-{
- XdmClientAuthPtr client, existing;
- long now;
- int i;
-
- if (length != (192 / 8)) {
- if (reason)
- *reason = "Bad XDM authorization key length";
- return NULL;
- }
- client = xalloc (sizeof (XdmClientAuthRec));
- if (!client)
- return NULL;
- XdmClientAuthDecode (plain, client);
- if (!XdmcpCompareKeys (&client->rho, rho))
- {
- xfree (client);
- if (reason)
- *reason = "Invalid XDM-AUTHORIZATION-1 key (failed key comparison)";
- return NULL;
- }
- for (i = 18; i < 24; i++)
- if (plain[i] != 0) {
- xfree (client);
- if (reason)
- *reason = "Invalid XDM-AUTHORIZATION-1 key (failed NULL check)";
- return NULL;
- }
- if (xclient) {
- int family, addr_len;
- Xtransaddr *addr;
-
- if (_XSERVTransGetPeerAddr(((OsCommPtr)xclient->osPrivate)->trans_conn,
- &family, &addr_len, &addr) == 0
- && _XSERVTransConvertAddress(&family, &addr_len, &addr) == 0) {
-#if defined(TCPCONN) || defined(STREAMSCONN)
- if (family == FamilyInternet &&
- memcmp((char *)addr, client->client, 4) != 0) {
- xfree (client);
- xfree (addr);
- if (reason)
- *reason = "Invalid XDM-AUTHORIZATION-1 key (failed address comparison)";
- return NULL;
-
- }
-#endif
- xfree (addr);
- }
- }
- now = time(0);
- if (!gotClock)
- {
- clockOffset = client->time - now;
- gotClock = TRUE;
- }
- now += clockOffset;
- XdmClientAuthTimeout (now);
- if (abs (client->time - now) > TwentyMinutes)
- {
- xfree (client);
- if (reason)
- *reason = "Excessive XDM-AUTHORIZATION-1 time offset";
- return NULL;
- }
- for (existing = xdmClients; existing; existing=existing->next)
- {
- if (XdmClientAuthCompare (existing, client))
- {
- xfree (client);
- if (reason)
- *reason = "XDM authorization key matches an existing client!";
- return NULL;
- }
- }
- return client;
-}
-
-int
-XdmAddCookie (unsigned short data_length, char *data, XID id)
-{
- XdmAuthorizationPtr new;
- unsigned char *rho_bits, *key_bits;
-
- switch (data_length)
- {
- case 16: /* auth from files is 16 bytes long */
-#ifdef XDMCP
- if (authFromXDMCP)
- {
- /* R5 xdm sent bogus authorization data in the accept packet,
- * but we can recover */
- rho_bits = rho.data;
- key_bits = (unsigned char *) data;
- key_bits[0] = '\0';
- }
- else
-#endif
- {
- rho_bits = (unsigned char *) data;
- key_bits = (unsigned char *) (data + 8);
- }
- break;
-#ifdef XDMCP
- case 8: /* auth from XDMCP is 8 bytes long */
- rho_bits = rho.data;
- key_bits = (unsigned char *) data;
- break;
-#endif
- default:
- return 0;
- }
- /* the first octet of the key must be zero */
- if (key_bits[0] != '\0')
- return 0;
- new = xalloc (sizeof (XdmAuthorizationRec));
- if (!new)
- return 0;
- new->next = xdmAuth;
- xdmAuth = new;
- memmove (new->key.data, key_bits, (int) 8);
- memmove (new->rho.data, rho_bits, (int) 8);
- new->id = id;
- return 1;
-}
-
-XID
-XdmCheckCookie (unsigned short cookie_length, char *cookie,
- ClientPtr xclient, char **reason)
-{
- XdmAuthorizationPtr auth;
- XdmClientAuthPtr client;
- unsigned char *plain;
-
- /* Auth packets must be a multiple of 8 bytes long */
- if (cookie_length & 7)
- return (XID) -1;
- plain = xalloc (cookie_length);
- if (!plain)
- return (XID) -1;
- for (auth = xdmAuth; auth; auth=auth->next) {
- XdmcpUnwrap ((unsigned char *)cookie, (unsigned char *)&auth->key, plain, cookie_length);
- if ((client = XdmAuthorizationValidate (plain, cookie_length, &auth->rho, xclient, reason)) != NULL)
- {
- client->next = xdmClients;
- xdmClients = client;
- xfree (plain);
- return auth->id;
- }
- }
- xfree (plain);
- return (XID) -1;
-}
-
-int
-XdmResetCookie (void)
-{
- XdmAuthorizationPtr auth, next_auth;
- XdmClientAuthPtr client, next_client;
-
- for (auth = xdmAuth; auth; auth=next_auth)
- {
- next_auth = auth->next;
- xfree (auth);
- }
- xdmAuth = 0;
- for (client = xdmClients; client; client=next_client)
- {
- next_client = client->next;
- xfree (client);
- }
- xdmClients = (XdmClientAuthPtr) 0;
- return 1;
-}
-
-XID
-XdmToID (unsigned short cookie_length, char *cookie)
-{
- XdmAuthorizationPtr auth;
- XdmClientAuthPtr client;
- unsigned char *plain;
-
- plain = xalloc (cookie_length);
- if (!plain)
- return (XID) -1;
- for (auth = xdmAuth; auth; auth=auth->next) {
- XdmcpUnwrap ((unsigned char *)cookie, (unsigned char *)&auth->key, plain, cookie_length);
- if ((client = XdmAuthorizationValidate (plain, cookie_length, &auth->rho, NULL, NULL)) != NULL)
- {
- xfree (client);
- xfree (cookie);
- xfree (plain);
- return auth->id;
- }
- }
- xfree (cookie);
- xfree (plain);
- return (XID) -1;
-}
-
-int
-XdmFromID (XID id, unsigned short *data_lenp, char **datap)
-{
- XdmAuthorizationPtr auth;
-
- for (auth = xdmAuth; auth; auth=auth->next) {
- if (id == auth->id) {
- *data_lenp = 16;
- *datap = (char *) &auth->rho;
- return 1;
- }
- }
- return 0;
-}
-
-int
-XdmRemoveCookie (unsigned short data_length, char *data)
-{
- XdmAuthorizationPtr auth;
- XdmAuthKeyPtr key_bits, rho_bits;
-
- switch (data_length)
- {
- case 16:
- rho_bits = (XdmAuthKeyPtr) data;
- key_bits = (XdmAuthKeyPtr) (data + 8);
- break;
-#ifdef XDMCP
- case 8:
- rho_bits = &rho;
- key_bits = (XdmAuthKeyPtr) data;
- break;
-#endif
- default:
- return 0;
- }
- for (auth = xdmAuth; auth; auth=auth->next) {
- if (XdmcpCompareKeys (rho_bits, &auth->rho) &&
- XdmcpCompareKeys (key_bits, &auth->key))
- {
- xdmAuth = auth->next;
- xfree (auth);
- return 1;
- }
- }
- return 0;
-}
-
-#endif
+/*
+
+Copyright 1988, 1998 The Open Group
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+the above copyright notice appear in all copies and that both that
+copyright notice and this permission notice appear in supporting
+documentation.
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall
+not be used in advertising or otherwise to promote the sale, use or
+other dealings in this Software without prior written authorization
+from The Open Group.
+
+*/
+
+/*
+ * XDM-AUTHENTICATION-1 (XDMCP authentication) and
+ * XDM-AUTHORIZATION-1 (client authorization) protocols
+ *
+ * Author: Keith Packard, MIT X Consortium
+ */
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#include <stdio.h>
+#include <X11/X.h>
+#define XSERV_t
+#define TRANS_SERVER
+#define TRANS_REOPEN
+#include <X11/Xtrans/Xtrans.h>
+#include "os.h"
+#include "osdep.h"
+#include "dixstruct.h"
+
+#ifdef HASXDMAUTH
+
+static Bool authFromXDMCP;
+
+#ifdef XDMCP
+#include <X11/Xmd.h>
+#undef REQUEST
+#include <X11/Xdmcp.h>
+
+/* XDM-AUTHENTICATION-1 */
+
+static XdmAuthKeyRec privateKey;
+static char XdmAuthenticationName[] = "XDM-AUTHENTICATION-1";
+#define XdmAuthenticationNameLen (sizeof XdmAuthenticationName - 1)
+static XdmAuthKeyRec rho;
+
+static Bool
+XdmAuthenticationValidator (ARRAY8Ptr privateData, ARRAY8Ptr incomingData,
+ xdmOpCode packet_type)
+{
+ XdmAuthKeyPtr incoming;
+
+ XdmcpUnwrap (incomingData->data, (unsigned char *)&privateKey,
+ incomingData->data,incomingData->length);
+ if (packet_type == ACCEPT) {
+ if (incomingData->length != 8)
+ return FALSE;
+ incoming = (XdmAuthKeyPtr) incomingData->data;
+ XdmcpDecrementKey (incoming);
+ return XdmcpCompareKeys (incoming, &rho);
+ }
+ return FALSE;
+}
+
+static Bool
+XdmAuthenticationGenerator (ARRAY8Ptr privateData, ARRAY8Ptr outgoingData,
+ xdmOpCode packet_type)
+{
+ outgoingData->length = 0;
+ outgoingData->data = 0;
+ if (packet_type == REQUEST) {
+ if (XdmcpAllocARRAY8 (outgoingData, 8))
+ XdmcpWrap ((unsigned char *)&rho, (unsigned char *)&privateKey,
+ outgoingData->data, 8);
+ }
+ return TRUE;
+}
+
+static Bool
+XdmAuthenticationAddAuth (int name_len, const char *name,
+ int data_len, char *data)
+{
+ Bool ret;
+ XdmcpUnwrap ((unsigned char *)data, (unsigned char *)&privateKey,
+ (unsigned char *)data, data_len);
+ authFromXDMCP = TRUE;
+ ret = AddAuthorization (name_len, name, data_len, data);
+ authFromXDMCP = FALSE;
+ return ret;
+}
+
+
+#define atox(c) ('0' <= c && c <= '9' ? c - '0' : \
+ 'a' <= c && c <= 'f' ? c - 'a' + 10 : \
+ 'A' <= c && c <= 'F' ? c - 'A' + 10 : -1)
+
+static int
+HexToBinary (const char *in, char *out, int len)
+{
+ int top, bottom;
+
+ while (len > 0)
+ {
+ top = atox(in[0]);
+ if (top == -1)
+ return 0;
+ bottom = atox(in[1]);
+ if (bottom == -1)
+ return 0;
+ *out++ = (top << 4) | bottom;
+ in += 2;
+ len -= 2;
+ }
+ if (len)
+ return 0;
+ *out++ = '\0';
+ return 1;
+}
+
+void
+XdmAuthenticationInit (const char *cookie, int cookie_len)
+{
+ bzero (privateKey.data, 8);
+ if (!strncmp (cookie, "0x", 2) || !strncmp (cookie, "0X", 2))
+ {
+ if (cookie_len > 2 + 2 * 8)
+ cookie_len = 2 + 2 * 8;
+ HexToBinary (cookie + 2, (char *)privateKey.data, cookie_len - 2);
+ }
+ else
+ {
+ if (cookie_len > 7)
+ cookie_len = 7;
+ memmove (privateKey.data + 1, cookie, cookie_len);
+ }
+ XdmcpGenerateKey (&rho);
+ XdmcpRegisterAuthentication (XdmAuthenticationName, XdmAuthenticationNameLen,
+ (char *)&rho,
+ sizeof (rho),
+ (ValidatorFunc)XdmAuthenticationValidator,
+ (GeneratorFunc)XdmAuthenticationGenerator,
+ (AddAuthorFunc)XdmAuthenticationAddAuth);
+}
+
+#endif /* XDMCP */
+
+/* XDM-AUTHORIZATION-1 */
+typedef struct _XdmAuthorization {
+ struct _XdmAuthorization *next;
+ XdmAuthKeyRec rho;
+ XdmAuthKeyRec key;
+ XID id;
+} XdmAuthorizationRec, *XdmAuthorizationPtr;
+
+static XdmAuthorizationPtr xdmAuth;
+
+typedef struct _XdmClientAuth {
+ struct _XdmClientAuth *next;
+ XdmAuthKeyRec rho;
+ char client[6];
+ long time;
+} XdmClientAuthRec, *XdmClientAuthPtr;
+
+static XdmClientAuthPtr xdmClients;
+static long clockOffset;
+static Bool gotClock;
+
+#define TwentyMinutes (20 * 60)
+#define TwentyFiveMinutes (25 * 60)
+
+static Bool
+XdmClientAuthCompare (const XdmClientAuthPtr a, const XdmClientAuthPtr b)
+{
+ int i;
+
+ if (!XdmcpCompareKeys (&a->rho, &b->rho))
+ return FALSE;
+ for (i = 0; i < 6; i++)
+ if (a->client[i] != b->client[i])
+ return FALSE;
+ return a->time == b->time;
+}
+
+static void
+XdmClientAuthDecode (const unsigned char *plain, XdmClientAuthPtr auth)
+{
+ int i, j;
+
+ j = 0;
+ for (i = 0; i < 8; i++)
+ {
+ auth->rho.data[i] = plain[j];
+ ++j;
+ }
+ for (i = 0; i < 6; i++)
+ {
+ auth->client[i] = plain[j];
+ ++j;
+ }
+ auth->time = 0;
+ for (i = 0; i < 4; i++)
+ {
+ auth->time |= plain[j] << ((3 - i) << 3);
+ j++;
+ }
+}
+
+static void
+XdmClientAuthTimeout (long now)
+{
+ XdmClientAuthPtr client, next, prev;
+
+ prev = 0;
+ for (client = xdmClients; client; client=next)
+ {
+ next = client->next;
+ if (abs (now - client->time) > TwentyFiveMinutes)
+ {
+ if (prev)
+ prev->next = next;
+ else
+ xdmClients = next;
+ xfree (client);
+ }
+ else
+ prev = client;
+ }
+}
+
+static XdmClientAuthPtr
+XdmAuthorizationValidate (unsigned char *plain, int length,
+ XdmAuthKeyPtr rho, ClientPtr xclient, char **reason)
+{
+ XdmClientAuthPtr client, existing;
+ long now;
+ int i;
+
+ if (length != (192 / 8)) {
+ if (reason)
+ *reason = "Bad XDM authorization key length";
+ return NULL;
+ }
+ client = xalloc (sizeof (XdmClientAuthRec));
+ if (!client)
+ return NULL;
+ XdmClientAuthDecode (plain, client);
+ if (!XdmcpCompareKeys (&client->rho, rho))
+ {
+ xfree (client);
+ if (reason)
+ *reason = "Invalid XDM-AUTHORIZATION-1 key (failed key comparison)";
+ return NULL;
+ }
+ for (i = 18; i < 24; i++)
+ if (plain[i] != 0) {
+ xfree (client);
+ if (reason)
+ *reason = "Invalid XDM-AUTHORIZATION-1 key (failed NULL check)";
+ return NULL;
+ }
+ if (xclient) {
+ int family, addr_len;
+ Xtransaddr *addr;
+
+ if (_XSERVTransGetPeerAddr(((OsCommPtr)xclient->osPrivate)->trans_conn,
+ &family, &addr_len, &addr) == 0
+ && _XSERVTransConvertAddress(&family, &addr_len, &addr) == 0) {
+#if defined(TCPCONN) || defined(STREAMSCONN)
+ if (family == FamilyInternet &&
+ memcmp((char *)addr, client->client, 4) != 0) {
+ xfree (client);
+ xfree (addr);
+ if (reason)
+ *reason = "Invalid XDM-AUTHORIZATION-1 key (failed address comparison)";
+ return NULL;
+
+ }
+#endif
+ xfree (addr);
+ }
+ }
+ now = time(0);
+ if (!gotClock)
+ {
+ clockOffset = client->time - now;
+ gotClock = TRUE;
+ }
+ now += clockOffset;
+ XdmClientAuthTimeout (now);
+ if (abs (client->time - now) > TwentyMinutes)
+ {
+ xfree (client);
+ if (reason)
+ *reason = "Excessive XDM-AUTHORIZATION-1 time offset";
+ return NULL;
+ }
+ for (existing = xdmClients; existing; existing=existing->next)
+ {
+ if (XdmClientAuthCompare (existing, client))
+ {
+ xfree (client);
+ if (reason)
+ *reason = "XDM authorization key matches an existing client!";
+ return NULL;
+ }
+ }
+ return client;
+}
+
+int
+XdmAddCookie (unsigned short data_length, const char *data, XID id)
+{
+ XdmAuthorizationPtr new;
+ unsigned char *rho_bits, *key_bits;
+
+ switch (data_length)
+ {
+ case 16: /* auth from files is 16 bytes long */
+#ifdef XDMCP
+ if (authFromXDMCP)
+ {
+ /* R5 xdm sent bogus authorization data in the accept packet,
+ * but we can recover */
+ rho_bits = rho.data;
+ key_bits = (unsigned char *) data;
+ key_bits[0] = '\0';
+ }
+ else
+#endif
+ {
+ rho_bits = (unsigned char *) data;
+ key_bits = (unsigned char *) (data + 8);
+ }
+ break;
+#ifdef XDMCP
+ case 8: /* auth from XDMCP is 8 bytes long */
+ rho_bits = rho.data;
+ key_bits = (unsigned char *) data;
+ break;
+#endif
+ default:
+ return 0;
+ }
+ /* the first octet of the key must be zero */
+ if (key_bits[0] != '\0')
+ return 0;
+ new = xalloc (sizeof (XdmAuthorizationRec));
+ if (!new)
+ return 0;
+ new->next = xdmAuth;
+ xdmAuth = new;
+ memmove (new->key.data, key_bits, (int) 8);
+ memmove (new->rho.data, rho_bits, (int) 8);
+ new->id = id;
+ return 1;
+}
+
+XID
+XdmCheckCookie (unsigned short cookie_length, const char *cookie,
+ ClientPtr xclient, char **reason)
+{
+ XdmAuthorizationPtr auth;
+ XdmClientAuthPtr client;
+ unsigned char *plain;
+
+ /* Auth packets must be a multiple of 8 bytes long */
+ if (cookie_length & 7)
+ return (XID) -1;
+ plain = xalloc (cookie_length);
+ if (!plain)
+ return (XID) -1;
+ for (auth = xdmAuth; auth; auth=auth->next) {
+ XdmcpUnwrap ((unsigned char *)cookie, (unsigned char *)&auth->key, plain, cookie_length);
+ if ((client = XdmAuthorizationValidate (plain, cookie_length, &auth->rho, xclient, reason)) != NULL)
+ {
+ client->next = xdmClients;
+ xdmClients = client;
+ xfree (plain);
+ return auth->id;
+ }
+ }
+ xfree (plain);
+ return (XID) -1;
+}
+
+int
+XdmResetCookie (void)
+{
+ XdmAuthorizationPtr auth, next_auth;
+ XdmClientAuthPtr client, next_client;
+
+ for (auth = xdmAuth; auth; auth=next_auth)
+ {
+ next_auth = auth->next;
+ xfree (auth);
+ }
+ xdmAuth = 0;
+ for (client = xdmClients; client; client=next_client)
+ {
+ next_client = client->next;
+ xfree (client);
+ }
+ xdmClients = (XdmClientAuthPtr) 0;
+ return 1;
+}
+
+XID
+XdmToID (unsigned short cookie_length, char *cookie)
+{
+ XdmAuthorizationPtr auth;
+ XdmClientAuthPtr client;
+ unsigned char *plain;
+
+ plain = xalloc (cookie_length);
+ if (!plain)
+ return (XID) -1;
+ for (auth = xdmAuth; auth; auth=auth->next) {
+ XdmcpUnwrap ((unsigned char *)cookie, (unsigned char *)&auth->key, plain, cookie_length);
+ if ((client = XdmAuthorizationValidate (plain, cookie_length, &auth->rho, NULL, NULL)) != NULL)
+ {
+ xfree (client);
+ xfree (cookie);
+ xfree (plain);
+ return auth->id;
+ }
+ }
+ xfree (cookie);
+ xfree (plain);
+ return (XID) -1;
+}
+
+int
+XdmFromID (XID id, unsigned short *data_lenp, char **datap)
+{
+ XdmAuthorizationPtr auth;
+
+ for (auth = xdmAuth; auth; auth=auth->next) {
+ if (id == auth->id) {
+ *data_lenp = 16;
+ *datap = (char *) &auth->rho;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+int
+XdmRemoveCookie (unsigned short data_length, const char *data)
+{
+ XdmAuthorizationPtr auth;
+ XdmAuthKeyPtr key_bits, rho_bits;
+
+ switch (data_length)
+ {
+ case 16:
+ rho_bits = (XdmAuthKeyPtr) data;
+ key_bits = (XdmAuthKeyPtr) (data + 8);
+ break;
+#ifdef XDMCP
+ case 8:
+ rho_bits = &rho;
+ key_bits = (XdmAuthKeyPtr) data;
+ break;
+#endif
+ default:
+ return 0;
+ }
+ for (auth = xdmAuth; auth; auth=auth->next) {
+ if (XdmcpCompareKeys (rho_bits, &auth->rho) &&
+ XdmcpCompareKeys (key_bits, &auth->key))
+ {
+ xdmAuth = auth->next;
+ xfree (auth);
+ return 1;
+ }
+ }
+ return 0;
+}
+
+#endif
diff --git a/xorg-server/os/xdmcp.c b/xorg-server/os/xdmcp.c
index d6447e50a..ca890871e 100644
--- a/xorg-server/os/xdmcp.c
+++ b/xorg-server/os/xdmcp.c
@@ -1,1666 +1,1666 @@
-/*
- * Copyright 1989 Network Computing Devices, Inc., Mountain View, California.
- *
- * Permission to use, copy, modify, and distribute this software and its
- * documentation for any purpose and without fee is hereby granted, provided
- * that the above copyright notice appear in all copies and that both that
- * copyright notice and this permission notice appear in supporting
- * documentation, and that the name of N.C.D. not be used in advertising or
- * publicity pertaining to distribution of the software without specific,
- * written prior permission. N.C.D. makes no representations about the
- * suitability of this software for any purpose. It is provided "as is"
- * without express or implied warranty.
- *
- */
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#ifdef WIN32
-#include <X11/Xwinsock.h>
-#endif
-
-#include <X11/Xos.h>
-
-#if !defined(WIN32)
-#include <sys/param.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <X11/X.h>
-#include <X11/Xmd.h>
-#include "misc.h"
-#include <X11/Xpoll.h>
-#include "osdep.h"
-#include "input.h"
-#include "dixstruct.h"
-#include "opaque.h"
-#include "site.h"
-
-#ifdef STREAMSCONN
-#include <tiuser.h>
-#include <netconfig.h>
-#include <netdir.h>
-#endif
-
-#ifdef XDMCP
-#undef REQUEST
-
-#ifdef XDMCP_NO_IPV6
-#undef IPv6
-#endif
-
-#include <X11/Xdmcp.h>
-
-#define X_INCLUDE_NETDB_H
-#include <X11/Xos_r.h>
-
-static char *defaultDisplayClass = COMPILEDDISPLAYCLASS;
-
-static int xdmcpSocket, sessionSocket;
-static xdmcp_states state;
-#if defined(IPv6) && defined(AF_INET6)
-static int xdmcpSocket6;
-static struct sockaddr_storage req_sockaddr;
-#else
-static struct sockaddr_in req_sockaddr;
-#endif
-static int req_socklen;
-static CARD32 SessionID;
-static CARD32 timeOutTime;
-static int timeOutRtx;
-static CARD32 defaultKeepaliveDormancy = XDM_DEF_DORMANCY;
-static CARD32 keepaliveDormancy = XDM_DEF_DORMANCY;
-static CARD16 DisplayNumber;
-static xdmcp_states XDM_INIT_STATE = XDM_OFF;
-#ifdef HASXDMAUTH
-static char *xdmAuthCookie;
-#endif
-
-static XdmcpBuffer buffer;
-
-#if defined(IPv6) && defined(AF_INET6)
-
-static struct addrinfo *mgrAddr;
-static struct addrinfo *mgrAddrFirst;
-
-#define SOCKADDR_TYPE struct sockaddr_storage
-#define SOCKADDR_FAMILY(s) ((struct sockaddr *)&(s))->sa_family
-
-#ifdef BSD44SOCKETS
-#define SOCKLEN_FIELD(s) ((struct sockaddr *)&(s))->sa_len
-#define SOCKLEN_TYPE unsigned char
-#else
-#define SOCKLEN_TYPE unsigned int
-#endif
-
-#else
-
-#define SOCKADDR_TYPE struct sockaddr_in
-#define SOCKADDR_FAMILY(s) (s).sin_family
-
-#ifdef BSD44SOCKETS
-#define SOCKLEN_FIELD(s) (s).sin_len
-#define SOCKLEN_TYPE unsigned char
-#else
-#define SOCKLEN_TYPE size_t
-#endif
-
-#endif
-
-static SOCKADDR_TYPE ManagerAddress;
-static SOCKADDR_TYPE FromAddress;
-
-#ifdef SOCKLEN_FIELD
-#define ManagerAddressLen SOCKLEN_FIELD(ManagerAddress)
-#define FromAddressLen SOCKLEN_FIELD(FromAddress)
-#else
-static SOCKLEN_TYPE ManagerAddressLen, FromAddressLen;
-#endif
-
-#if defined(IPv6) && defined(AF_INET6)
-static struct multicastinfo {
- struct multicastinfo *next;
- struct addrinfo *ai;
- int hops;
-} *mcastlist;
-#endif
-
-static void XdmcpAddHost(
- struct sockaddr *from,
- int fromlen,
- ARRAY8Ptr AuthenticationName,
- ARRAY8Ptr hostname,
- ARRAY8Ptr status);
-
-static void XdmcpSelectHost(
- struct sockaddr *host_sockaddr,
- int host_len,
- ARRAY8Ptr AuthenticationName);
-
-static void get_xdmcp_sock(void);
-
-static void send_query_msg(void);
-
-static void recv_willing_msg(
- struct sockaddr * /*from*/,
- int /*fromlen*/,
- unsigned /*length*/);
-
-static void send_request_msg(void);
-
-static void recv_accept_msg(unsigned /*length*/);
-
-static void recv_decline_msg(unsigned /*length*/);
-
-static void send_manage_msg(void);
-
-static void recv_refuse_msg(unsigned /*length*/);
-
-static void recv_failed_msg(unsigned /*length*/);
-
-static void send_keepalive_msg(void);
-
-static void recv_alive_msg(unsigned /*length*/);
-
-static void XdmcpFatal(
- char * /*type*/,
- ARRAY8Ptr /*status*/);
-
-static void XdmcpWarning(char * /*str*/);
-
-static void get_manager_by_name(
- int /*argc*/,
- char ** /*argv*/,
- int /*i*/);
-
-static void get_fromaddr_by_name(int /*argc*/, char ** /*argv*/, int /*i*/);
-
-#if defined(IPv6) && defined(AF_INET6)
-static int get_mcast_options(int /*argc*/, char ** /*argv*/, int /*i*/);
-#endif
-
-static void receive_packet(int /*socketfd*/);
-
-static void send_packet(void);
-
-static void timeout(void);
-
-static void restart(void);
-
-static void XdmcpBlockHandler(
- pointer /*data*/,
- struct timeval ** /*wt*/,
- pointer /*LastSelectMask*/);
-
-static void XdmcpWakeupHandler(
- pointer /*data*/,
- int /*i*/,
- pointer /*LastSelectMask*/);
-
-#define XSERV_t
-#define TRANS_SERVER
-#define TRANS_REOPEN
-#include <X11/Xtrans/Xtrans.h>
-
-/*
- * Register the Manufacturer display ID
- */
-
-static ARRAY8 ManufacturerDisplayID;
-
-static void
-XdmcpRegisterManufacturerDisplayID (char *name, int length)
-{
- int i;
-
- XdmcpDisposeARRAY8 (&ManufacturerDisplayID);
- if (!XdmcpAllocARRAY8 (&ManufacturerDisplayID, length))
- return;
- for (i = 0; i < length; i++)
- ManufacturerDisplayID.data[i] = (CARD8) name[i];
-}
-
-static unsigned short xdm_udp_port = XDM_UDP_PORT;
-static Bool OneSession = FALSE;
-static const char *xdm_from = NULL;
-
-void
-XdmcpUseMsg (void)
-{
- ErrorF("-query host-name contact named host for XDMCP\n");
- ErrorF("-broadcast broadcast for XDMCP\n");
-#if defined(IPv6) && defined(AF_INET6)
- ErrorF("-multicast [addr [hops]] IPv6 multicast for XDMCP\n");
-#endif
- ErrorF("-indirect host-name contact named host for indirect XDMCP\n");
- ErrorF("-port port-num UDP port number to send messages to\n");
- ErrorF("-from local-address specify the local address to connect from\n");
- ErrorF("-once Terminate server after one session\n");
- ErrorF("-class display-class specify display class to send in manage\n");
-#ifdef HASXDMAUTH
- ErrorF("-cookie xdm-auth-bits specify the magic cookie for XDMCP\n");
-#endif
- ErrorF("-displayID display-id manufacturer display ID for request\n");
-}
-
-int
-XdmcpOptions(int argc, char **argv, int i)
-{
- if (strcmp(argv[i], "-query") == 0) {
- get_manager_by_name(argc, argv, i++);
- XDM_INIT_STATE = XDM_QUERY;
- AccessUsingXdmcp ();
- return (i + 1);
- }
- if (strcmp(argv[i], "-broadcast") == 0) {
- XDM_INIT_STATE = XDM_BROADCAST;
- AccessUsingXdmcp ();
- return (i + 1);
- }
-#if defined(IPv6) && defined(AF_INET6)
- if (strcmp(argv[i], "-multicast") == 0) {
- i = get_mcast_options(argc, argv, ++i);
- XDM_INIT_STATE = XDM_MULTICAST;
- AccessUsingXdmcp ();
- return (i + 1);
- }
-#endif
- if (strcmp(argv[i], "-indirect") == 0) {
- get_manager_by_name(argc, argv, i++);
- XDM_INIT_STATE = XDM_INDIRECT;
- AccessUsingXdmcp ();
- return (i + 1);
- }
- if (strcmp(argv[i], "-port") == 0) {
- if (++i == argc) {
- FatalError("Xserver: missing port number in command line\n");
- }
- xdm_udp_port = (unsigned short) atoi(argv[i]);
- return (i + 1);
- }
- if (strcmp(argv[i], "-from") == 0) {
- get_fromaddr_by_name(argc, argv, ++i);
- return (i + 1);
- }
- if (strcmp(argv[i], "-once") == 0) {
- OneSession = TRUE;
- return (i + 1);
- }
- if (strcmp(argv[i], "-class") == 0) {
- if (++i == argc) {
- FatalError("Xserver: missing class name in command line\n");
- }
- defaultDisplayClass = argv[i];
- return (i + 1);
- }
-#ifdef HASXDMAUTH
- if (strcmp(argv[i], "-cookie") == 0) {
- if (++i == argc) {
- FatalError("Xserver: missing cookie data in command line\n");
- }
- xdmAuthCookie = argv[i];
- return (i + 1);
- }
-#endif
- if (strcmp(argv[i], "-displayID") == 0) {
- if (++i == argc) {
- FatalError("Xserver: missing displayID in command line\n");
- }
- XdmcpRegisterManufacturerDisplayID (argv[i], strlen (argv[i]));
- return (i + 1);
- }
- return (i);
-}
-
-/*
- * This section is a collection of routines for
- * registering server-specific data with the XDMCP
- * state machine.
- */
-
-
-/*
- * Save all broadcast addresses away so BroadcastQuery
- * packets get sent everywhere
- */
-
-#define MAX_BROADCAST 10
-
-/* This stays sockaddr_in since IPv6 doesn't support broadcast */
-static struct sockaddr_in BroadcastAddresses[MAX_BROADCAST];
-static int NumBroadcastAddresses;
-
-void
-XdmcpRegisterBroadcastAddress (struct sockaddr_in *addr)
-{
- struct sockaddr_in *bcast;
- if (NumBroadcastAddresses >= MAX_BROADCAST)
- return;
- bcast = &BroadcastAddresses[NumBroadcastAddresses++];
- bzero (bcast, sizeof (struct sockaddr_in));
-#ifdef BSD44SOCKETS
- bcast->sin_len = addr->sin_len;
-#endif
- bcast->sin_family = addr->sin_family;
- bcast->sin_port = htons (xdm_udp_port);
- bcast->sin_addr = addr->sin_addr;
-}
-
-/*
- * Each authentication type is registered here; Validator
- * will be called to check all access attempts using
- * the specified authentication type
- */
-
-static ARRAYofARRAY8 AuthenticationNames, AuthenticationDatas;
-typedef struct _AuthenticationFuncs {
- ValidatorFunc Validator;
- GeneratorFunc Generator;
- AddAuthorFunc AddAuth;
-} AuthenticationFuncsRec, *AuthenticationFuncsPtr;
-
-static AuthenticationFuncsPtr AuthenticationFuncsList;
-
-void
-XdmcpRegisterAuthentication (
- char *name,
- int namelen,
- char *data,
- int datalen,
- ValidatorFunc Validator,
- GeneratorFunc Generator,
- AddAuthorFunc AddAuth)
-{
- int i;
- ARRAY8 AuthenticationName, AuthenticationData;
- static AuthenticationFuncsPtr newFuncs;
-
- if (!XdmcpAllocARRAY8 (&AuthenticationName, namelen))
- return;
- if (!XdmcpAllocARRAY8 (&AuthenticationData, datalen))
- {
- XdmcpDisposeARRAY8 (&AuthenticationName);
- return;
- }
- for (i = 0; i < namelen; i++)
- AuthenticationName.data[i] = name[i];
- for (i = 0; i < datalen; i++)
- AuthenticationData.data[i] = data[i];
- if (!(XdmcpReallocARRAYofARRAY8 (&AuthenticationNames,
- AuthenticationNames.length + 1) &&
- XdmcpReallocARRAYofARRAY8 (&AuthenticationDatas,
- AuthenticationDatas.length + 1) &&
- (newFuncs = xalloc ((AuthenticationNames.length + 1) * sizeof (AuthenticationFuncsRec)))))
- {
- XdmcpDisposeARRAY8 (&AuthenticationName);
- XdmcpDisposeARRAY8 (&AuthenticationData);
- return;
- }
- for (i = 0; i < AuthenticationNames.length - 1; i++)
- newFuncs[i] = AuthenticationFuncsList[i];
- newFuncs[AuthenticationNames.length-1].Validator = Validator;
- newFuncs[AuthenticationNames.length-1].Generator = Generator;
- newFuncs[AuthenticationNames.length-1].AddAuth = AddAuth;
- xfree (AuthenticationFuncsList);
- AuthenticationFuncsList = newFuncs;
- AuthenticationNames.data[AuthenticationNames.length-1] = AuthenticationName;
- AuthenticationDatas.data[AuthenticationDatas.length-1] = AuthenticationData;
-}
-
-/*
- * Select the authentication type to be used; this is
- * set by the manager of the host to be connected to.
- */
-
-static ARRAY8 noAuthenticationName = {(CARD16) 0, (CARD8Ptr) 0};
-static ARRAY8 noAuthenticationData = {(CARD16) 0, (CARD8Ptr) 0};
-static ARRAY8Ptr AuthenticationName = &noAuthenticationName;
-static ARRAY8Ptr AuthenticationData = &noAuthenticationData;
-static AuthenticationFuncsPtr AuthenticationFuncs;
-
-static void
-XdmcpSetAuthentication (ARRAY8Ptr name)
-{
- int i;
-
- for (i = 0; i < AuthenticationNames.length; i++)
- if (XdmcpARRAY8Equal (&AuthenticationNames.data[i], name))
- {
- AuthenticationName = &AuthenticationNames.data[i];
- AuthenticationData = &AuthenticationDatas.data[i];
- AuthenticationFuncs = &AuthenticationFuncsList[i];
- break;
- }
-}
-
-/*
- * Register the host address for the display
- */
-
-static ARRAY16 ConnectionTypes;
-static ARRAYofARRAY8 ConnectionAddresses;
-static long xdmcpGeneration;
-
-void
-XdmcpRegisterConnection (
- int type,
- char *address,
- int addrlen)
-{
- int i;
- CARD8 *newAddress;
-
- if (xdmcpGeneration != serverGeneration)
- {
- XdmcpDisposeARRAY16 (&ConnectionTypes);
- XdmcpDisposeARRAYofARRAY8 (&ConnectionAddresses);
- xdmcpGeneration = serverGeneration;
- }
- if (xdm_from != NULL) { /* Only register the requested address */
- const void *regAddr = address;
- const void *fromAddr = NULL;
- int regAddrlen = addrlen;
-
- if (addrlen == sizeof(struct in_addr)) {
- if (SOCKADDR_FAMILY(FromAddress) == AF_INET) {
- fromAddr = &((struct sockaddr_in *)&FromAddress)->sin_addr;
- }
-#if defined(IPv6) && defined(AF_INET6)
- else if ((SOCKADDR_FAMILY(FromAddress) == AF_INET6) &&
- IN6_IS_ADDR_V4MAPPED(
- &((struct sockaddr_in6 *)&FromAddress)->sin6_addr)) {
- fromAddr = &((struct sockaddr_in6 *)&FromAddress)->sin6_addr.s6_addr[12];
- }
-#endif
- }
-#if defined(IPv6) && defined(AF_INET6)
- else if (addrlen == sizeof(struct in6_addr)) {
- if (SOCKADDR_FAMILY(FromAddress) == AF_INET6) {
- fromAddr = &((struct sockaddr_in6 *)&FromAddress)->sin6_addr;
- } else if ((SOCKADDR_FAMILY(FromAddress) == AF_INET) &&
- IN6_IS_ADDR_V4MAPPED((struct in6_addr *) address)) {
- fromAddr = &((struct sockaddr_in *)&FromAddress)->sin_addr;
- regAddr = &((struct sockaddr_in6 *)&address)->sin6_addr.s6_addr[12];
- regAddrlen = sizeof(struct in_addr);
- }
- }
-#endif
- if (fromAddr && memcmp(regAddr, fromAddr, regAddrlen) != 0) {
- return;
- }
- }
- if (ConnectionAddresses.length + 1 == 256)
- return;
- newAddress = xalloc (addrlen * sizeof (CARD8));
- if (!newAddress)
- return;
- if (!XdmcpReallocARRAY16 (&ConnectionTypes, ConnectionTypes.length + 1))
- {
- xfree (newAddress);
- return;
- }
- if (!XdmcpReallocARRAYofARRAY8 (&ConnectionAddresses,
- ConnectionAddresses.length + 1))
- {
- xfree (newAddress);
- return;
- }
- ConnectionTypes.data[ConnectionTypes.length - 1] = (CARD16) type;
- for (i = 0; i < addrlen; i++)
- newAddress[i] = address[i];
- ConnectionAddresses.data[ConnectionAddresses.length-1].data = newAddress;
- ConnectionAddresses.data[ConnectionAddresses.length-1].length = addrlen;
-}
-
-/*
- * Register an Authorization Name. XDMCP advertises this list
- * to the manager.
- */
-
-static ARRAYofARRAY8 AuthorizationNames;
-
-void
-XdmcpRegisterAuthorizations (void)
-{
- XdmcpDisposeARRAYofARRAY8 (&AuthorizationNames);
- RegisterAuthorizations ();
-}
-
-void
-XdmcpRegisterAuthorization (char *name, int namelen)
-{
- ARRAY8 authName;
- int i;
-
- authName.data = xalloc (namelen * sizeof (CARD8));
- if (!authName.data)
- return;
- if (!XdmcpReallocARRAYofARRAY8 (&AuthorizationNames, AuthorizationNames.length +1))
- {
- xfree (authName.data);
- return;
- }
- for (i = 0; i < namelen; i++)
- authName.data[i] = (CARD8) name[i];
- authName.length = namelen;
- AuthorizationNames.data[AuthorizationNames.length-1] = authName;
-}
-
-/*
- * Register the DisplayClass string
- */
-
-static ARRAY8 DisplayClass;
-
-static void
-XdmcpRegisterDisplayClass (char *name, int length)
-{
- int i;
-
- XdmcpDisposeARRAY8 (&DisplayClass);
- if (!XdmcpAllocARRAY8 (&DisplayClass, length))
- return;
- for (i = 0; i < length; i++)
- DisplayClass.data[i] = (CARD8) name[i];
-}
-
-/*
- * initialize XDMCP; create the socket, compute the display
- * number, set up the state machine
- */
-
-void
-XdmcpInit(void)
-{
- state = XDM_INIT_STATE;
-#ifdef HASXDMAUTH
- if (xdmAuthCookie)
- XdmAuthenticationInit (xdmAuthCookie, strlen (xdmAuthCookie));
-#endif
- if (state != XDM_OFF)
- {
- XdmcpRegisterAuthorizations();
- XdmcpRegisterDisplayClass (defaultDisplayClass, strlen (defaultDisplayClass));
- AccessUsingXdmcp();
- RegisterBlockAndWakeupHandlers (XdmcpBlockHandler, XdmcpWakeupHandler,
- (pointer) 0);
- timeOutRtx = 0;
- DisplayNumber = (CARD16) atoi(display);
- get_xdmcp_sock();
- send_packet();
- }
-}
-
-void
-XdmcpReset (void)
-{
- state = XDM_INIT_STATE;
- if (state != XDM_OFF)
- {
- RegisterBlockAndWakeupHandlers (XdmcpBlockHandler, XdmcpWakeupHandler,
- (pointer) 0);
- timeOutRtx = 0;
- send_packet();
- }
-}
-
-/*
- * Called whenever a new connection is created; notices the
- * first connection and saves it to terminate the session
- * when it is closed
- */
-
-void
-XdmcpOpenDisplay(int sock)
-{
- if (state != XDM_AWAIT_MANAGE_RESPONSE)
- return;
- state = XDM_RUN_SESSION;
- sessionSocket = sock;
-}
-
-void
-XdmcpCloseDisplay(int sock)
-{
- if ((state != XDM_RUN_SESSION && state != XDM_AWAIT_ALIVE_RESPONSE)
- || sessionSocket != sock)
- return;
- state = XDM_INIT_STATE;
- if (OneSession)
- dispatchException |= DE_TERMINATE;
- else
- dispatchException |= DE_RESET;
- isItTimeToYield = TRUE;
-}
-
-/*
- * called before going to sleep, this routine
- * may modify the timeout value about to be sent
- * to select; in this way XDMCP can do appropriate things
- * dynamically while starting up
- */
-
-/*ARGSUSED*/
-static void
-XdmcpBlockHandler(
- pointer data, /* unused */
- struct timeval **wt,
- pointer pReadmask)
-{
- fd_set *LastSelectMask = (fd_set*)pReadmask;
- CARD32 millisToGo;
-
- if (state == XDM_OFF)
- return;
- FD_SET(xdmcpSocket, LastSelectMask);
-#if defined(IPv6) && defined(AF_INET6)
- if (xdmcpSocket6 >= 0)
- FD_SET(xdmcpSocket6, LastSelectMask);
-#endif
- if (timeOutTime == 0)
- return;
- millisToGo = timeOutTime - GetTimeInMillis();
- if ((int) millisToGo < 0)
- millisToGo = 0;
- AdjustWaitForDelay (wt, millisToGo);
-}
-
-/*
- * called after select returns; this routine will
- * recognise when XDMCP packets await and
- * process them appropriately
- */
-
-/*ARGSUSED*/
-static void
-XdmcpWakeupHandler(
- pointer data, /* unused */
- int i,
- pointer pReadmask)
-{
- fd_set* LastSelectMask = (fd_set*)pReadmask;
- fd_set devicesReadable;
-
- if (state == XDM_OFF)
- return;
- if (i > 0)
- {
- if (FD_ISSET(xdmcpSocket, LastSelectMask))
- {
- receive_packet(xdmcpSocket);
- FD_CLR(xdmcpSocket, LastSelectMask);
- }
-#if defined(IPv6) && defined(AF_INET6)
- if (xdmcpSocket6 >= 0 && FD_ISSET(xdmcpSocket6, LastSelectMask))
- {
- receive_packet(xdmcpSocket6);
- FD_CLR(xdmcpSocket6, LastSelectMask);
- }
-#endif
- XFD_ANDSET(&devicesReadable, LastSelectMask, &EnabledDevices);
- if (XFD_ANYSET(&devicesReadable))
- {
- if (state == XDM_AWAIT_USER_INPUT)
- restart();
- else if (state == XDM_RUN_SESSION)
- keepaliveDormancy = defaultKeepaliveDormancy;
- }
- if (XFD_ANYSET(&AllClients) && state == XDM_RUN_SESSION)
- timeOutTime = GetTimeInMillis() + keepaliveDormancy * 1000;
- }
- else if (timeOutTime && (int) (GetTimeInMillis() - timeOutTime) >= 0)
- {
- if (state == XDM_RUN_SESSION)
- {
- state = XDM_KEEPALIVE;
- send_packet();
- }
- else
- timeout();
- }
-}
-
-/*
- * This routine should be called from the routine that drives the
- * user's host menu when the user selects a host
- */
-
-static void
-XdmcpSelectHost(
- struct sockaddr *host_sockaddr,
- int host_len,
- ARRAY8Ptr AuthenticationName)
-{
- state = XDM_START_CONNECTION;
- memmove(&req_sockaddr, host_sockaddr, host_len);
- req_socklen = host_len;
- XdmcpSetAuthentication (AuthenticationName);
- send_packet();
-}
-
-/*
- * !!! this routine should be replaced by a routine that adds
- * the host to the user's host menu. the current version just
- * selects the first host to respond with willing message.
- */
-
-/*ARGSUSED*/
-static void
-XdmcpAddHost(
- struct sockaddr *from,
- int fromlen,
- ARRAY8Ptr AuthenticationName,
- ARRAY8Ptr hostname,
- ARRAY8Ptr status)
-{
- XdmcpSelectHost(from, fromlen, AuthenticationName);
-}
-
-/*
- * A message is queued on the socket; read it and
- * do the appropriate thing
- */
-
-static ARRAY8 UnwillingMessage = { (CARD8) 14, (CARD8 *) "Host unwilling" };
-
-static void
-receive_packet(int socketfd)
-{
-#if defined(IPv6) && defined(AF_INET6)
- struct sockaddr_storage from;
-#else
- struct sockaddr_in from;
-#endif
- int fromlen = sizeof(from);
- XdmcpHeader header;
-
- /* read message off socket */
- if (!XdmcpFill (socketfd, &buffer, (XdmcpNetaddr) &from, &fromlen))
- return;
-
- /* reset retransmission backoff */
- timeOutRtx = 0;
-
- if (!XdmcpReadHeader (&buffer, &header))
- return;
-
- if (header.version != XDM_PROTOCOL_VERSION)
- return;
-
- switch (header.opcode) {
- case WILLING:
- recv_willing_msg((struct sockaddr *) &from, fromlen, header.length);
- break;
- case UNWILLING:
- XdmcpFatal("Manager unwilling", &UnwillingMessage);
- break;
- case ACCEPT:
- recv_accept_msg(header.length);
- break;
- case DECLINE:
- recv_decline_msg(header.length);
- break;
- case REFUSE:
- recv_refuse_msg(header.length);
- break;
- case FAILED:
- recv_failed_msg(header.length);
- break;
- case ALIVE:
- recv_alive_msg(header.length);
- break;
- }
-}
-
-/*
- * send the appropriate message given the current state
- */
-
-static void
-send_packet(void)
-{
- int rtx;
- switch (state) {
- case XDM_QUERY:
- case XDM_BROADCAST:
- case XDM_INDIRECT:
-#if defined(IPv6) && defined(AF_INET6)
- case XDM_MULTICAST:
-#endif
- send_query_msg();
- break;
- case XDM_START_CONNECTION:
- send_request_msg();
- break;
- case XDM_MANAGE:
- send_manage_msg();
- break;
- case XDM_KEEPALIVE:
- send_keepalive_msg();
- break;
- default:
- break;
- }
- rtx = (XDM_MIN_RTX << timeOutRtx);
- if (rtx > XDM_MAX_RTX)
- rtx = XDM_MAX_RTX;
- timeOutTime = GetTimeInMillis() + rtx * 1000;
-}
-
-/*
- * The session is declared dead for some reason; too many
- * timeouts, or Keepalive failure.
- */
-
-static void
-XdmcpDeadSession (char *reason)
-{
- ErrorF ("XDM: %s, declaring session dead\n", reason);
- state = XDM_INIT_STATE;
- isItTimeToYield = TRUE;
- dispatchException |= DE_RESET;
- timeOutTime = 0;
- timeOutRtx = 0;
- send_packet();
-}
-
-/*
- * Timeout waiting for an XDMCP response.
- */
-
-static void
-timeout(void)
-{
- timeOutRtx++;
- if (state == XDM_AWAIT_ALIVE_RESPONSE && timeOutRtx >= XDM_KA_RTX_LIMIT )
- {
- XdmcpDeadSession ("too many keepalive retransmissions");
- return;
- }
- else if (timeOutRtx >= XDM_RTX_LIMIT)
- {
- /* Quit if "-once" specified, otherwise reset and try again. */
- if (OneSession) {
- dispatchException |= DE_TERMINATE;
- ErrorF("XDM: too many retransmissions\n");
- } else {
- XdmcpDeadSession("too many retransmissions");
- }
- return;
- }
-
-#if defined(IPv6) && defined(AF_INET6)
- if (state == XDM_COLLECT_QUERY || state == XDM_COLLECT_INDIRECT_QUERY) {
- /* Try next address */
- for (mgrAddr = mgrAddr->ai_next; ; mgrAddr = mgrAddr->ai_next) {
- if (mgrAddr == NULL) {
- mgrAddr = mgrAddrFirst;
- }
- if (mgrAddr->ai_family == AF_INET
- || mgrAddr->ai_family == AF_INET6)
- break;
- }
-#ifndef SIN6_LEN
- ManagerAddressLen = mgrAddr->ai_addrlen;
-#endif
- memcpy(&ManagerAddress, mgrAddr->ai_addr, mgrAddr->ai_addrlen);
- }
-#endif
-
- switch (state) {
- case XDM_COLLECT_QUERY:
- state = XDM_QUERY;
- break;
- case XDM_COLLECT_BROADCAST_QUERY:
- state = XDM_BROADCAST;
- break;
-#if defined(IPv6) && defined(AF_INET6)
- case XDM_COLLECT_MULTICAST_QUERY:
- state = XDM_MULTICAST;
- break;
-#endif
- case XDM_COLLECT_INDIRECT_QUERY:
- state = XDM_INDIRECT;
- break;
- case XDM_AWAIT_REQUEST_RESPONSE:
- state = XDM_START_CONNECTION;
- break;
- case XDM_AWAIT_MANAGE_RESPONSE:
- state = XDM_MANAGE;
- break;
- case XDM_AWAIT_ALIVE_RESPONSE:
- state = XDM_KEEPALIVE;
- break;
- default:
- break;
- }
- send_packet();
-}
-
-static void
-restart(void)
-{
- state = XDM_INIT_STATE;
- timeOutRtx = 0;
- send_packet();
-}
-
-static int
-XdmcpCheckAuthentication (ARRAY8Ptr Name, ARRAY8Ptr Data, int packet_type)
-{
- return (XdmcpARRAY8Equal (Name, AuthenticationName) &&
- (AuthenticationName->length == 0 ||
- (*AuthenticationFuncs->Validator) (AuthenticationData, Data, packet_type)));
-}
-
-static int
-XdmcpAddAuthorization (ARRAY8Ptr name, ARRAY8Ptr data)
-{
- AddAuthorFunc AddAuth;
-
- if (AuthenticationFuncs && AuthenticationFuncs->AddAuth)
- AddAuth = AuthenticationFuncs->AddAuth;
- else
- AddAuth = AddAuthorization;
- return (*AddAuth) ((unsigned short)name->length,
- (char *)name->data,
- (unsigned short)data->length,
- (char *)data->data);
-}
-
-/*
- * from here to the end of this file are routines private
- * to the state machine.
- */
-
-static void
-get_xdmcp_sock(void)
-{
-#ifdef STREAMSCONN
- struct netconfig *nconf;
-
- if ((xdmcpSocket = t_open("/dev/udp", O_RDWR, 0)) < 0) {
- XdmcpWarning("t_open() of /dev/udp failed");
- return;
- }
-
- if( t_bind(xdmcpSocket,NULL,NULL) < 0 ) {
- XdmcpWarning("UDP socket creation failed");
- t_error("t_bind(xdmcpSocket) failed" );
- t_close(xdmcpSocket);
- return;
- }
-
- /*
- * This part of the code looks contrived. It will actually fit in nicely
- * when the CLTS part of Xtrans is implemented.
- */
-
- if( (nconf=getnetconfigent("udp")) == NULL ) {
- XdmcpWarning("UDP socket creation failed: getnetconfigent()");
- t_unbind(xdmcpSocket);
- t_close(xdmcpSocket);
- return;
- }
-
- if( netdir_options(nconf, ND_SET_BROADCAST, xdmcpSocket, NULL) ) {
- XdmcpWarning("UDP set broadcast option failed: netdir_options()");
- freenetconfigent(nconf);
- t_unbind(xdmcpSocket);
- t_close(xdmcpSocket);
- return;
- }
-
- freenetconfigent(nconf);
-#else
- int soopts = 1;
-
-#if defined(IPv6) && defined(AF_INET6)
- if ((xdmcpSocket6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
- XdmcpWarning("INET6 UDP socket creation failed");
-#endif
- if ((xdmcpSocket = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
- XdmcpWarning("UDP socket creation failed");
-#ifdef SO_BROADCAST
- else if (setsockopt(xdmcpSocket, SOL_SOCKET, SO_BROADCAST, (char *)&soopts,
- sizeof(soopts)) < 0)
- XdmcpWarning("UDP set broadcast socket-option failed");
-#endif /* SO_BROADCAST */
- if (xdmcpSocket >= 0 && xdm_from != NULL) {
- if (bind(xdmcpSocket, (struct sockaddr *)&FromAddress,
- FromAddressLen) < 0) {
- FatalError("Xserver: failed to bind to -from address: %s\n", xdm_from);
- }
- }
-#endif /* STREAMSCONN */
-}
-
-static void
-send_query_msg(void)
-{
- XdmcpHeader header;
- Bool broadcast = FALSE;
-#if defined(IPv6) && defined(AF_INET6)
- Bool multicast = FALSE;
-#endif
- int i;
- int socketfd = xdmcpSocket;
-
- header.version = XDM_PROTOCOL_VERSION;
- switch(state){
- case XDM_QUERY:
- header.opcode = (CARD16) QUERY;
- state = XDM_COLLECT_QUERY;
- break;
- case XDM_BROADCAST:
- header.opcode = (CARD16) BROADCAST_QUERY;
- state = XDM_COLLECT_BROADCAST_QUERY;
- broadcast = TRUE;
- break;
-#if defined(IPv6) && defined(AF_INET6)
- case XDM_MULTICAST:
- header.opcode = (CARD16) BROADCAST_QUERY;
- state = XDM_COLLECT_MULTICAST_QUERY;
- multicast = TRUE;
- break;
-#endif
- case XDM_INDIRECT:
- header.opcode = (CARD16) INDIRECT_QUERY;
- state = XDM_COLLECT_INDIRECT_QUERY;
- break;
- default:
- break;
- }
- header.length = 1;
- for (i = 0; i < AuthenticationNames.length; i++)
- header.length += 2 + AuthenticationNames.data[i].length;
-
- XdmcpWriteHeader (&buffer, &header);
- XdmcpWriteARRAYofARRAY8 (&buffer, &AuthenticationNames);
- if (broadcast)
- {
- int i;
-
- for (i = 0; i < NumBroadcastAddresses; i++)
- XdmcpFlush (xdmcpSocket, &buffer, (XdmcpNetaddr) &BroadcastAddresses[i],
- sizeof (struct sockaddr_in));
- }
-#if defined(IPv6) && defined(AF_INET6)
- else if (multicast)
- {
- struct multicastinfo *mcl;
- struct addrinfo *ai;
-
- for (mcl = mcastlist; mcl != NULL; mcl = mcl->next) {
- for (ai = mcl->ai ; ai != NULL; ai = ai->ai_next) {
- if (ai->ai_family == AF_INET) {
- unsigned char hopflag = (unsigned char) mcl->hops;
- socketfd = xdmcpSocket;
- setsockopt(socketfd, IPPROTO_IP, IP_MULTICAST_TTL,
- &hopflag, sizeof(hopflag));
- } else if (ai->ai_family == AF_INET6) {
- int hopflag6 = mcl->hops;
- socketfd = xdmcpSocket6;
- setsockopt(socketfd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
- &hopflag6, sizeof(hopflag6));
- } else {
- continue;
- }
- XdmcpFlush (socketfd, &buffer,
- (XdmcpNetaddr) ai->ai_addr, ai->ai_addrlen);
- break;
- }
- }
- }
-#endif
- else
- {
-#if defined(IPv6) && defined(AF_INET6)
- if (SOCKADDR_FAMILY(ManagerAddress) == AF_INET6)
- socketfd = xdmcpSocket6;
-#endif
- XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &ManagerAddress,
- ManagerAddressLen);
- }
-}
-
-static void
-recv_willing_msg(
- struct sockaddr *from,
- int fromlen,
- unsigned length)
-{
- ARRAY8 authenticationName;
- ARRAY8 hostname;
- ARRAY8 status;
-
- authenticationName.data = 0;
- hostname.data = 0;
- status.data = 0;
- if (XdmcpReadARRAY8 (&buffer, &authenticationName) &&
- XdmcpReadARRAY8 (&buffer, &hostname) &&
- XdmcpReadARRAY8 (&buffer, &status))
- {
- if (length == 6 + authenticationName.length +
- hostname.length + status.length)
- {
- switch (state)
- {
- case XDM_COLLECT_QUERY:
- XdmcpSelectHost(from, fromlen, &authenticationName);
- break;
- case XDM_COLLECT_BROADCAST_QUERY:
-#if defined(IPv6) && defined(AF_INET6)
- case XDM_COLLECT_MULTICAST_QUERY:
-#endif
- case XDM_COLLECT_INDIRECT_QUERY:
- XdmcpAddHost(from, fromlen, &authenticationName, &hostname, &status);
- break;
- default:
- break;
- }
- }
- }
- XdmcpDisposeARRAY8 (&authenticationName);
- XdmcpDisposeARRAY8 (&hostname);
- XdmcpDisposeARRAY8 (&status);
-}
-
-static void
-send_request_msg(void)
-{
- XdmcpHeader header;
- int length;
- int i;
- CARD16 XdmcpConnectionType;
- ARRAY8 authenticationData;
- int socketfd = xdmcpSocket;
-
- switch (SOCKADDR_FAMILY(ManagerAddress))
- {
- case AF_INET: XdmcpConnectionType=FamilyInternet; break;
-#if defined(IPv6) && defined(AF_INET6)
- case AF_INET6: XdmcpConnectionType=FamilyInternet6; break;
-#endif
- default: XdmcpConnectionType=0xffff; break;
- }
-
- header.version = XDM_PROTOCOL_VERSION;
- header.opcode = (CARD16) REQUEST;
-
- length = 2; /* display number */
- length += 1 + 2 * ConnectionTypes.length; /* connection types */
- length += 1; /* connection addresses */
- for (i = 0; i < ConnectionAddresses.length; i++)
- length += 2 + ConnectionAddresses.data[i].length;
- authenticationData.length = 0;
- authenticationData.data = 0;
- if (AuthenticationFuncs)
- {
- (*AuthenticationFuncs->Generator) (AuthenticationData,
- &authenticationData,
- REQUEST);
- }
- length += 2 + AuthenticationName->length; /* authentication name */
- length += 2 + authenticationData.length; /* authentication data */
- length += 1; /* authorization names */
- for (i = 0; i < AuthorizationNames.length; i++)
- length += 2 + AuthorizationNames.data[i].length;
- length += 2 + ManufacturerDisplayID.length; /* display ID */
- header.length = length;
-
- if (!XdmcpWriteHeader (&buffer, &header))
- {
- XdmcpDisposeARRAY8 (&authenticationData);
- return;
- }
- XdmcpWriteCARD16 (&buffer, DisplayNumber);
- XdmcpWriteCARD8 (&buffer, ConnectionTypes.length);
-
- /* The connection array is send reordered, so that connections of */
- /* the same address type as the XDMCP manager connection are send */
- /* first. This works around a bug in xdm. mario@klebsch.de */
- for (i = 0; i < (int)ConnectionTypes.length; i++)
- if (ConnectionTypes.data[i]==XdmcpConnectionType)
- XdmcpWriteCARD16 (&buffer, ConnectionTypes.data[i]);
- for (i = 0; i < (int)ConnectionTypes.length; i++)
- if (ConnectionTypes.data[i]!=XdmcpConnectionType)
- XdmcpWriteCARD16 (&buffer, ConnectionTypes.data[i]);
-
- XdmcpWriteCARD8 (&buffer, ConnectionAddresses.length);
- for (i = 0; i < (int)ConnectionAddresses.length; i++)
- if ( (i<ConnectionTypes.length) &&
- (ConnectionTypes.data[i]==XdmcpConnectionType) )
- XdmcpWriteARRAY8 (&buffer, &ConnectionAddresses.data[i]);
- for (i = 0; i < (int)ConnectionAddresses.length; i++)
- if ( (i>=ConnectionTypes.length) ||
- (ConnectionTypes.data[i]!=XdmcpConnectionType) )
- XdmcpWriteARRAY8 (&buffer, &ConnectionAddresses.data[i]);
-
- XdmcpWriteARRAY8 (&buffer, AuthenticationName);
- XdmcpWriteARRAY8 (&buffer, &authenticationData);
- XdmcpDisposeARRAY8 (&authenticationData);
- XdmcpWriteARRAYofARRAY8 (&buffer, &AuthorizationNames);
- XdmcpWriteARRAY8 (&buffer, &ManufacturerDisplayID);
-#if defined(IPv6) && defined(AF_INET6)
- if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
- socketfd = xdmcpSocket6;
-#endif
- if (XdmcpFlush (socketfd, &buffer,
- (XdmcpNetaddr) &req_sockaddr, req_socklen))
- state = XDM_AWAIT_REQUEST_RESPONSE;
-}
-
-static void
-recv_accept_msg(unsigned length)
-{
- CARD32 AcceptSessionID;
- ARRAY8 AcceptAuthenticationName, AcceptAuthenticationData;
- ARRAY8 AcceptAuthorizationName, AcceptAuthorizationData;
-
- if (state != XDM_AWAIT_REQUEST_RESPONSE)
- return;
- AcceptAuthenticationName.data = 0;
- AcceptAuthenticationData.data = 0;
- AcceptAuthorizationName.data = 0;
- AcceptAuthorizationData.data = 0;
- if (XdmcpReadCARD32 (&buffer, &AcceptSessionID) &&
- XdmcpReadARRAY8 (&buffer, &AcceptAuthenticationName) &&
- XdmcpReadARRAY8 (&buffer, &AcceptAuthenticationData) &&
- XdmcpReadARRAY8 (&buffer, &AcceptAuthorizationName) &&
- XdmcpReadARRAY8 (&buffer, &AcceptAuthorizationData))
- {
- if (length == 12 + AcceptAuthenticationName.length +
- AcceptAuthenticationData.length +
- AcceptAuthorizationName.length +
- AcceptAuthorizationData.length)
- {
- if (!XdmcpCheckAuthentication (&AcceptAuthenticationName,
- &AcceptAuthenticationData, ACCEPT))
- {
- XdmcpFatal ("Authentication Failure", &AcceptAuthenticationName);
- }
- /* permit access control manipulations from this host */
- AugmentSelf (&req_sockaddr, req_socklen);
- /* if the authorization specified in the packet fails
- * to be acceptable, enable the local addresses
- */
- if (!XdmcpAddAuthorization (&AcceptAuthorizationName,
- &AcceptAuthorizationData))
- {
- AddLocalHosts ();
- }
- SessionID = AcceptSessionID;
- state = XDM_MANAGE;
- send_packet();
- }
- }
- XdmcpDisposeARRAY8 (&AcceptAuthenticationName);
- XdmcpDisposeARRAY8 (&AcceptAuthenticationData);
- XdmcpDisposeARRAY8 (&AcceptAuthorizationName);
- XdmcpDisposeARRAY8 (&AcceptAuthorizationData);
-}
-
-static void
-recv_decline_msg(unsigned length)
-{
- ARRAY8 status, DeclineAuthenticationName, DeclineAuthenticationData;
-
- status.data = 0;
- DeclineAuthenticationName.data = 0;
- DeclineAuthenticationData.data = 0;
- if (XdmcpReadARRAY8 (&buffer, &status) &&
- XdmcpReadARRAY8 (&buffer, &DeclineAuthenticationName) &&
- XdmcpReadARRAY8 (&buffer, &DeclineAuthenticationData))
- {
- if (length == 6 + status.length +
- DeclineAuthenticationName.length +
- DeclineAuthenticationData.length &&
- XdmcpCheckAuthentication (&DeclineAuthenticationName,
- &DeclineAuthenticationData, DECLINE))
- {
- XdmcpFatal ("Session declined", &status);
- }
- }
- XdmcpDisposeARRAY8 (&status);
- XdmcpDisposeARRAY8 (&DeclineAuthenticationName);
- XdmcpDisposeARRAY8 (&DeclineAuthenticationData);
-}
-
-static void
-send_manage_msg(void)
-{
- XdmcpHeader header;
- int socketfd = xdmcpSocket;
-
- header.version = XDM_PROTOCOL_VERSION;
- header.opcode = (CARD16) MANAGE;
- header.length = 8 + DisplayClass.length;
-
- if (!XdmcpWriteHeader (&buffer, &header))
- return;
- XdmcpWriteCARD32 (&buffer, SessionID);
- XdmcpWriteCARD16 (&buffer, DisplayNumber);
- XdmcpWriteARRAY8 (&buffer, &DisplayClass);
- state = XDM_AWAIT_MANAGE_RESPONSE;
-#if defined(IPv6) && defined(AF_INET6)
- if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
- socketfd = xdmcpSocket6;
-#endif
- XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &req_sockaddr, req_socklen);
-}
-
-static void
-recv_refuse_msg(unsigned length)
-{
- CARD32 RefusedSessionID;
-
- if (state != XDM_AWAIT_MANAGE_RESPONSE)
- return;
- if (length != 4)
- return;
- if (XdmcpReadCARD32 (&buffer, &RefusedSessionID))
- {
- if (RefusedSessionID == SessionID)
- {
- state = XDM_START_CONNECTION;
- send_packet();
- }
- }
-}
-
-static void
-recv_failed_msg(unsigned length)
-{
- CARD32 FailedSessionID;
- ARRAY8 status;
-
- if (state != XDM_AWAIT_MANAGE_RESPONSE)
- return;
- status.data = 0;
- if (XdmcpReadCARD32 (&buffer, &FailedSessionID) &&
- XdmcpReadARRAY8 (&buffer, &status))
- {
- if (length == 6 + status.length &&
- SessionID == FailedSessionID)
- {
- XdmcpFatal ("Session failed", &status);
- }
- }
- XdmcpDisposeARRAY8 (&status);
-}
-
-static void
-send_keepalive_msg(void)
-{
- XdmcpHeader header;
- int socketfd = xdmcpSocket;
-
- header.version = XDM_PROTOCOL_VERSION;
- header.opcode = (CARD16) KEEPALIVE;
- header.length = 6;
-
- XdmcpWriteHeader (&buffer, &header);
- XdmcpWriteCARD16 (&buffer, DisplayNumber);
- XdmcpWriteCARD32 (&buffer, SessionID);
-
- state = XDM_AWAIT_ALIVE_RESPONSE;
-#if defined(IPv6) && defined(AF_INET6)
- if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
- socketfd = xdmcpSocket6;
-#endif
- XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &req_sockaddr, req_socklen);
-}
-
-static void
-recv_alive_msg (unsigned length)
-{
- CARD8 SessionRunning;
- CARD32 AliveSessionID;
-
- if (state != XDM_AWAIT_ALIVE_RESPONSE)
- return;
- if (length != 5)
- return;
- if (XdmcpReadCARD8 (&buffer, &SessionRunning) &&
- XdmcpReadCARD32 (&buffer, &AliveSessionID))
- {
- if (SessionRunning && AliveSessionID == SessionID)
- {
- /* backoff dormancy period */
- state = XDM_RUN_SESSION;
- if ((GetTimeInMillis() - lastDeviceEventTime.milliseconds) >
- keepaliveDormancy * 1000)
- {
- keepaliveDormancy <<= 1;
- if (keepaliveDormancy > XDM_MAX_DORMANCY)
- keepaliveDormancy = XDM_MAX_DORMANCY;
- }
- timeOutTime = GetTimeInMillis() + keepaliveDormancy * 1000;
- }
- else
- {
- XdmcpDeadSession ("Alive response indicates session dead");
- }
- }
-}
-
-static void
-XdmcpFatal (
- char *type,
- ARRAY8Ptr status)
-{
- FatalError ("XDMCP fatal error: %s %*.*s\n", type,
- status->length, status->length, status->data);
-}
-
-static void
-XdmcpWarning(char *str)
-{
- ErrorF("XDMCP warning: %s\n", str);
-}
-
-static void
-get_addr_by_name(
- char * argtype,
- char * namestr,
- int port,
- int socktype,
- SOCKADDR_TYPE *addr,
- SOCKLEN_TYPE *addrlen
-#if defined(IPv6) && defined(AF_INET6)
- ,
- struct addrinfo **aip,
- struct addrinfo **aifirstp
-#endif
- )
-{
-#if defined(IPv6) && defined(AF_INET6)
- struct addrinfo *ai;
- struct addrinfo hints;
- char portstr[6];
- char *pport = portstr;
- int gaierr;
-
- bzero(&hints, sizeof(hints));
- hints.ai_socktype = socktype;
-
- if (port == 0) {
- pport = NULL;
- } else if (port > 0 && port < 65535) {
- sprintf(portstr, "%d", port);
- } else {
- FatalError("Xserver: port out of range: %d\n", port);
- }
-
- if (*aifirstp != NULL) {
- freeaddrinfo(*aifirstp);
- *aifirstp = NULL;
- }
-
- if ((gaierr = getaddrinfo(namestr, pport, &hints, aifirstp)) == 0) {
- for (ai = *aifirstp; ai != NULL; ai = ai->ai_next) {
- if (ai->ai_family == AF_INET || ai->ai_family == AF_INET6)
- break;
- }
- if ((ai == NULL) || (ai->ai_addrlen > sizeof(SOCKADDR_TYPE))) {
- FatalError ("Xserver: %s host %s not on supported network type\n",
- argtype, namestr);
- } else {
- *aip = ai;
- *addrlen = ai->ai_addrlen;
- memcpy(addr, ai->ai_addr, ai->ai_addrlen);
- }
- } else {
- FatalError("Xserver: %s: %s %s\n", gai_strerror(gaierr), argtype, namestr);
- }
-#else
- struct hostent *hep;
-#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
- _Xgethostbynameparams hparams;
-#endif
-#if defined(WIN32) && (defined(TCPCONN) || defined(DNETCONN))
- _XSERVTransWSAStartup();
-#endif
- if (!(hep = _XGethostbyname(namestr, hparams)))
- {
- FatalError("Xserver: %s unknown host: %s\n", argtype, namestr);
- }
- if (hep->h_length == sizeof (struct in_addr))
- {
- memmove(&addr->sin_addr, hep->h_addr, hep->h_length);
- *addrlen = sizeof(struct sockaddr_in);
- addr->sin_family = AF_INET;
- addr->sin_port = htons (port);
- }
- else
- {
- FatalError("Xserver: %s host on strange network %s\n", argtype, namestr);
- }
-#endif
-}
-
-static void
-get_manager_by_name(
- int argc,
- char **argv,
- int i)
-{
-
- if ((i + 1) == argc)
- {
- FatalError("Xserver: missing %s host name in command line\n", argv[i]);
- }
-
- get_addr_by_name(argv[i], argv[i+1], xdm_udp_port, SOCK_DGRAM,
- &ManagerAddress, &ManagerAddressLen
-#if defined(IPv6) && defined(AF_INET6)
- , &mgrAddr, &mgrAddrFirst
-#endif
- );
-}
-
-
-static void
-get_fromaddr_by_name(
- int argc,
- char **argv,
- int i)
-{
-#if defined(IPv6) && defined(AF_INET6)
- struct addrinfo *ai = NULL;
- struct addrinfo *aifirst = NULL;
-#endif
- if (i == argc)
- {
- FatalError("Xserver: missing -from host name in command line\n");
- }
- get_addr_by_name("-from", argv[i], 0, 0, &FromAddress, &FromAddressLen
-#if defined(IPv6) && defined(AF_INET6)
- , &ai, &aifirst
-#endif
- );
-#if defined(IPv6) && defined(AF_INET6)
- if (aifirst != NULL)
- freeaddrinfo(aifirst);
-#endif
- xdm_from = argv[i];
-}
-
-
-#if defined(IPv6) && defined(AF_INET6)
-static int
-get_mcast_options(int argc, char **argv, int i)
-{
- char *address = XDM_DEFAULT_MCAST_ADDR6;
- int hopcount = 1;
- struct addrinfo hints;
- char portstr[6];
- int gaierr;
- struct addrinfo *ai, *firstai;
-
- if ((i < argc) && (argv[i][0] != '-') && (argv[i][0] != '+')) {
- address = argv[i++];
- if ((i < argc) && (argv[i][0] != '-') && (argv[i][0] != '+')) {
- hopcount = strtol(argv[i++], NULL, 10);
- if ((hopcount < 1) || (hopcount > 255)) {
- FatalError("Xserver: multicast hop count out of range: %d\n",
- hopcount);
- }
- }
- }
-
- if (xdm_udp_port > 0 && xdm_udp_port < 65535) {
- sprintf(portstr, "%d", xdm_udp_port);
- } else {
- FatalError("Xserver: port out of range: %d\n", xdm_udp_port);
- }
- bzero(&hints, sizeof(hints));
- hints.ai_socktype = SOCK_DGRAM;
-
- if ((gaierr = getaddrinfo(address, portstr, &hints, &firstai)) == 0) {
- for (ai = firstai; ai != NULL; ai = ai->ai_next) {
- if (((ai->ai_family == AF_INET) &&
- IN_MULTICAST(((struct sockaddr_in *) ai->ai_addr)
- ->sin_addr.s_addr))
- || ((ai->ai_family == AF_INET6) &&
- IN6_IS_ADDR_MULTICAST(&((struct sockaddr_in6 *) ai->ai_addr)
- ->sin6_addr)))
- break;
- }
- if (ai == NULL) {
- FatalError ("Xserver: address not supported multicast type %s\n",
- address);
- } else {
- struct multicastinfo *mcastinfo, *mcl;
-
- mcastinfo = malloc(sizeof(struct multicastinfo));
- mcastinfo->next = NULL;
- mcastinfo->ai = firstai;
- mcastinfo->hops = hopcount;
-
- if (mcastlist == NULL) {
- mcastlist = mcastinfo;
- } else {
- for (mcl = mcastlist; mcl->next != NULL; mcl = mcl->next) {
- /* Do nothing - just find end of list */
- }
- mcl->next = mcastinfo;
- }
- }
- } else {
- FatalError("Xserver: %s: %s\n", gai_strerror(gaierr), address);
- }
- return i;
-}
-#endif
-
-#else
-static int xdmcp_non_empty; /* avoid complaint by ranlib */
-#endif /* XDMCP */
+/*
+ * Copyright 1989 Network Computing Devices, Inc., Mountain View, California.
+ *
+ * Permission to use, copy, modify, and distribute this software and its
+ * documentation for any purpose and without fee is hereby granted, provided
+ * that the above copyright notice appear in all copies and that both that
+ * copyright notice and this permission notice appear in supporting
+ * documentation, and that the name of N.C.D. not be used in advertising or
+ * publicity pertaining to distribution of the software without specific,
+ * written prior permission. N.C.D. makes no representations about the
+ * suitability of this software for any purpose. It is provided "as is"
+ * without express or implied warranty.
+ *
+ */
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#ifdef WIN32
+#include <X11/Xwinsock.h>
+#endif
+
+#include <X11/Xos.h>
+
+#if !defined(WIN32)
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <X11/X.h>
+#include <X11/Xmd.h>
+#include "misc.h"
+#include <X11/Xpoll.h>
+#include "osdep.h"
+#include "input.h"
+#include "dixstruct.h"
+#include "opaque.h"
+#include "site.h"
+
+#ifdef STREAMSCONN
+#include <tiuser.h>
+#include <netconfig.h>
+#include <netdir.h>
+#endif
+
+#ifdef XDMCP
+#undef REQUEST
+
+#ifdef XDMCP_NO_IPV6
+#undef IPv6
+#endif
+
+#include <X11/Xdmcp.h>
+
+#define X_INCLUDE_NETDB_H
+#include <X11/Xos_r.h>
+
+static char *defaultDisplayClass = COMPILEDDISPLAYCLASS;
+
+static int xdmcpSocket, sessionSocket;
+static xdmcp_states state;
+#if defined(IPv6) && defined(AF_INET6)
+static int xdmcpSocket6;
+static struct sockaddr_storage req_sockaddr;
+#else
+static struct sockaddr_in req_sockaddr;
+#endif
+static int req_socklen;
+static CARD32 SessionID;
+static CARD32 timeOutTime;
+static int timeOutRtx;
+static CARD32 defaultKeepaliveDormancy = XDM_DEF_DORMANCY;
+static CARD32 keepaliveDormancy = XDM_DEF_DORMANCY;
+static CARD16 DisplayNumber;
+static xdmcp_states XDM_INIT_STATE = XDM_OFF;
+#ifdef HASXDMAUTH
+static char *xdmAuthCookie;
+#endif
+
+static XdmcpBuffer buffer;
+
+#if defined(IPv6) && defined(AF_INET6)
+
+static struct addrinfo *mgrAddr;
+static struct addrinfo *mgrAddrFirst;
+
+#define SOCKADDR_TYPE struct sockaddr_storage
+#define SOCKADDR_FAMILY(s) ((struct sockaddr *)&(s))->sa_family
+
+#ifdef BSD44SOCKETS
+#define SOCKLEN_FIELD(s) ((struct sockaddr *)&(s))->sa_len
+#define SOCKLEN_TYPE unsigned char
+#else
+#define SOCKLEN_TYPE unsigned int
+#endif
+
+#else
+
+#define SOCKADDR_TYPE struct sockaddr_in
+#define SOCKADDR_FAMILY(s) (s).sin_family
+
+#ifdef BSD44SOCKETS
+#define SOCKLEN_FIELD(s) (s).sin_len
+#define SOCKLEN_TYPE unsigned char
+#else
+#define SOCKLEN_TYPE size_t
+#endif
+
+#endif
+
+static SOCKADDR_TYPE ManagerAddress;
+static SOCKADDR_TYPE FromAddress;
+
+#ifdef SOCKLEN_FIELD
+#define ManagerAddressLen SOCKLEN_FIELD(ManagerAddress)
+#define FromAddressLen SOCKLEN_FIELD(FromAddress)
+#else
+static SOCKLEN_TYPE ManagerAddressLen, FromAddressLen;
+#endif
+
+#if defined(IPv6) && defined(AF_INET6)
+static struct multicastinfo {
+ struct multicastinfo *next;
+ struct addrinfo *ai;
+ int hops;
+} *mcastlist;
+#endif
+
+static void XdmcpAddHost(
+ const struct sockaddr *from,
+ int fromlen,
+ ARRAY8Ptr AuthenticationName,
+ ARRAY8Ptr hostname,
+ ARRAY8Ptr status);
+
+static void XdmcpSelectHost(
+ const struct sockaddr *host_sockaddr,
+ int host_len,
+ ARRAY8Ptr AuthenticationName);
+
+static void get_xdmcp_sock(void);
+
+static void send_query_msg(void);
+
+static void recv_willing_msg(
+ struct sockaddr * /*from*/,
+ int /*fromlen*/,
+ unsigned /*length*/);
+
+static void send_request_msg(void);
+
+static void recv_accept_msg(unsigned /*length*/);
+
+static void recv_decline_msg(unsigned /*length*/);
+
+static void send_manage_msg(void);
+
+static void recv_refuse_msg(unsigned /*length*/);
+
+static void recv_failed_msg(unsigned /*length*/);
+
+static void send_keepalive_msg(void);
+
+static void recv_alive_msg(unsigned /*length*/);
+
+static void XdmcpFatal(
+ const char * /*type*/,
+ ARRAY8Ptr /*status*/);
+
+static void XdmcpWarning(const char * /*str*/);
+
+static void get_manager_by_name(
+ int /*argc*/,
+ char ** /*argv*/,
+ int /*i*/);
+
+static void get_fromaddr_by_name(int /*argc*/, char ** /*argv*/, int /*i*/);
+
+#if defined(IPv6) && defined(AF_INET6)
+static int get_mcast_options(int /*argc*/, char ** /*argv*/, int /*i*/);
+#endif
+
+static void receive_packet(int /*socketfd*/);
+
+static void send_packet(void);
+
+static void timeout(void);
+
+static void restart(void);
+
+static void XdmcpBlockHandler(
+ pointer /*data*/,
+ struct timeval ** /*wt*/,
+ pointer /*LastSelectMask*/);
+
+static void XdmcpWakeupHandler(
+ pointer /*data*/,
+ int /*i*/,
+ pointer /*LastSelectMask*/);
+
+#define XSERV_t
+#define TRANS_SERVER
+#define TRANS_REOPEN
+#include <X11/Xtrans/Xtrans.h>
+
+/*
+ * Register the Manufacturer display ID
+ */
+
+static ARRAY8 ManufacturerDisplayID;
+
+static void
+XdmcpRegisterManufacturerDisplayID (const char *name, int length)
+{
+ int i;
+
+ XdmcpDisposeARRAY8 (&ManufacturerDisplayID);
+ if (!XdmcpAllocARRAY8 (&ManufacturerDisplayID, length))
+ return;
+ for (i = 0; i < length; i++)
+ ManufacturerDisplayID.data[i] = (CARD8) name[i];
+}
+
+static unsigned short xdm_udp_port = XDM_UDP_PORT;
+static Bool OneSession = FALSE;
+static const char *xdm_from = NULL;
+
+void
+XdmcpUseMsg (void)
+{
+ ErrorF("-query host-name contact named host for XDMCP\n");
+ ErrorF("-broadcast broadcast for XDMCP\n");
+#if defined(IPv6) && defined(AF_INET6)
+ ErrorF("-multicast [addr [hops]] IPv6 multicast for XDMCP\n");
+#endif
+ ErrorF("-indirect host-name contact named host for indirect XDMCP\n");
+ ErrorF("-port port-num UDP port number to send messages to\n");
+ ErrorF("-from local-address specify the local address to connect from\n");
+ ErrorF("-once Terminate server after one session\n");
+ ErrorF("-class display-class specify display class to send in manage\n");
+#ifdef HASXDMAUTH
+ ErrorF("-cookie xdm-auth-bits specify the magic cookie for XDMCP\n");
+#endif
+ ErrorF("-displayID display-id manufacturer display ID for request\n");
+}
+
+int
+XdmcpOptions(int argc, char **argv, int i)
+{
+ if (strcmp(argv[i], "-query") == 0) {
+ get_manager_by_name(argc, argv, i++);
+ XDM_INIT_STATE = XDM_QUERY;
+ AccessUsingXdmcp ();
+ return (i + 1);
+ }
+ if (strcmp(argv[i], "-broadcast") == 0) {
+ XDM_INIT_STATE = XDM_BROADCAST;
+ AccessUsingXdmcp ();
+ return (i + 1);
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ if (strcmp(argv[i], "-multicast") == 0) {
+ i = get_mcast_options(argc, argv, ++i);
+ XDM_INIT_STATE = XDM_MULTICAST;
+ AccessUsingXdmcp ();
+ return (i + 1);
+ }
+#endif
+ if (strcmp(argv[i], "-indirect") == 0) {
+ get_manager_by_name(argc, argv, i++);
+ XDM_INIT_STATE = XDM_INDIRECT;
+ AccessUsingXdmcp ();
+ return (i + 1);
+ }
+ if (strcmp(argv[i], "-port") == 0) {
+ if (++i == argc) {
+ FatalError("Xserver: missing port number in command line\n");
+ }
+ xdm_udp_port = (unsigned short) atoi(argv[i]);
+ return (i + 1);
+ }
+ if (strcmp(argv[i], "-from") == 0) {
+ get_fromaddr_by_name(argc, argv, ++i);
+ return (i + 1);
+ }
+ if (strcmp(argv[i], "-once") == 0) {
+ OneSession = TRUE;
+ return (i + 1);
+ }
+ if (strcmp(argv[i], "-class") == 0) {
+ if (++i == argc) {
+ FatalError("Xserver: missing class name in command line\n");
+ }
+ defaultDisplayClass = argv[i];
+ return (i + 1);
+ }
+#ifdef HASXDMAUTH
+ if (strcmp(argv[i], "-cookie") == 0) {
+ if (++i == argc) {
+ FatalError("Xserver: missing cookie data in command line\n");
+ }
+ xdmAuthCookie = argv[i];
+ return (i + 1);
+ }
+#endif
+ if (strcmp(argv[i], "-displayID") == 0) {
+ if (++i == argc) {
+ FatalError("Xserver: missing displayID in command line\n");
+ }
+ XdmcpRegisterManufacturerDisplayID (argv[i], strlen (argv[i]));
+ return (i + 1);
+ }
+ return (i);
+}
+
+/*
+ * This section is a collection of routines for
+ * registering server-specific data with the XDMCP
+ * state machine.
+ */
+
+
+/*
+ * Save all broadcast addresses away so BroadcastQuery
+ * packets get sent everywhere
+ */
+
+#define MAX_BROADCAST 10
+
+/* This stays sockaddr_in since IPv6 doesn't support broadcast */
+static struct sockaddr_in BroadcastAddresses[MAX_BROADCAST];
+static int NumBroadcastAddresses;
+
+void
+XdmcpRegisterBroadcastAddress (const struct sockaddr_in *addr)
+{
+ struct sockaddr_in *bcast;
+ if (NumBroadcastAddresses >= MAX_BROADCAST)
+ return;
+ bcast = &BroadcastAddresses[NumBroadcastAddresses++];
+ bzero (bcast, sizeof (struct sockaddr_in));
+#ifdef BSD44SOCKETS
+ bcast->sin_len = addr->sin_len;
+#endif
+ bcast->sin_family = addr->sin_family;
+ bcast->sin_port = htons (xdm_udp_port);
+ bcast->sin_addr = addr->sin_addr;
+}
+
+/*
+ * Each authentication type is registered here; Validator
+ * will be called to check all access attempts using
+ * the specified authentication type
+ */
+
+static ARRAYofARRAY8 AuthenticationNames, AuthenticationDatas;
+typedef struct _AuthenticationFuncs {
+ ValidatorFunc Validator;
+ GeneratorFunc Generator;
+ AddAuthorFunc AddAuth;
+} AuthenticationFuncsRec, *AuthenticationFuncsPtr;
+
+static AuthenticationFuncsPtr AuthenticationFuncsList;
+
+void
+XdmcpRegisterAuthentication (
+ const char *name,
+ int namelen,
+ const char *data,
+ int datalen,
+ ValidatorFunc Validator,
+ GeneratorFunc Generator,
+ AddAuthorFunc AddAuth)
+{
+ int i;
+ ARRAY8 AuthenticationName, AuthenticationData;
+ static AuthenticationFuncsPtr newFuncs;
+
+ if (!XdmcpAllocARRAY8 (&AuthenticationName, namelen))
+ return;
+ if (!XdmcpAllocARRAY8 (&AuthenticationData, datalen))
+ {
+ XdmcpDisposeARRAY8 (&AuthenticationName);
+ return;
+ }
+ for (i = 0; i < namelen; i++)
+ AuthenticationName.data[i] = name[i];
+ for (i = 0; i < datalen; i++)
+ AuthenticationData.data[i] = data[i];
+ if (!(XdmcpReallocARRAYofARRAY8 (&AuthenticationNames,
+ AuthenticationNames.length + 1) &&
+ XdmcpReallocARRAYofARRAY8 (&AuthenticationDatas,
+ AuthenticationDatas.length + 1) &&
+ (newFuncs = xalloc ((AuthenticationNames.length + 1) * sizeof (AuthenticationFuncsRec)))))
+ {
+ XdmcpDisposeARRAY8 (&AuthenticationName);
+ XdmcpDisposeARRAY8 (&AuthenticationData);
+ return;
+ }
+ for (i = 0; i < AuthenticationNames.length - 1; i++)
+ newFuncs[i] = AuthenticationFuncsList[i];
+ newFuncs[AuthenticationNames.length-1].Validator = Validator;
+ newFuncs[AuthenticationNames.length-1].Generator = Generator;
+ newFuncs[AuthenticationNames.length-1].AddAuth = AddAuth;
+ xfree (AuthenticationFuncsList);
+ AuthenticationFuncsList = newFuncs;
+ AuthenticationNames.data[AuthenticationNames.length-1] = AuthenticationName;
+ AuthenticationDatas.data[AuthenticationDatas.length-1] = AuthenticationData;
+}
+
+/*
+ * Select the authentication type to be used; this is
+ * set by the manager of the host to be connected to.
+ */
+
+static ARRAY8 noAuthenticationName = {(CARD16) 0, (CARD8Ptr) 0};
+static ARRAY8 noAuthenticationData = {(CARD16) 0, (CARD8Ptr) 0};
+static ARRAY8Ptr AuthenticationName = &noAuthenticationName;
+static ARRAY8Ptr AuthenticationData = &noAuthenticationData;
+static AuthenticationFuncsPtr AuthenticationFuncs;
+
+static void
+XdmcpSetAuthentication (const ARRAY8Ptr name)
+{
+ int i;
+
+ for (i = 0; i < AuthenticationNames.length; i++)
+ if (XdmcpARRAY8Equal (&AuthenticationNames.data[i], name))
+ {
+ AuthenticationName = &AuthenticationNames.data[i];
+ AuthenticationData = &AuthenticationDatas.data[i];
+ AuthenticationFuncs = &AuthenticationFuncsList[i];
+ break;
+ }
+}
+
+/*
+ * Register the host address for the display
+ */
+
+static ARRAY16 ConnectionTypes;
+static ARRAYofARRAY8 ConnectionAddresses;
+static long xdmcpGeneration;
+
+void
+XdmcpRegisterConnection (
+ int type,
+ const char *address,
+ int addrlen)
+{
+ int i;
+ CARD8 *newAddress;
+
+ if (xdmcpGeneration != serverGeneration)
+ {
+ XdmcpDisposeARRAY16 (&ConnectionTypes);
+ XdmcpDisposeARRAYofARRAY8 (&ConnectionAddresses);
+ xdmcpGeneration = serverGeneration;
+ }
+ if (xdm_from != NULL) { /* Only register the requested address */
+ const void *regAddr = address;
+ const void *fromAddr = NULL;
+ int regAddrlen = addrlen;
+
+ if (addrlen == sizeof(struct in_addr)) {
+ if (SOCKADDR_FAMILY(FromAddress) == AF_INET) {
+ fromAddr = &((struct sockaddr_in *)&FromAddress)->sin_addr;
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ else if ((SOCKADDR_FAMILY(FromAddress) == AF_INET6) &&
+ IN6_IS_ADDR_V4MAPPED(
+ &((struct sockaddr_in6 *)&FromAddress)->sin6_addr)) {
+ fromAddr = &((struct sockaddr_in6 *)&FromAddress)->sin6_addr.s6_addr[12];
+ }
+#endif
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ else if (addrlen == sizeof(struct in6_addr)) {
+ if (SOCKADDR_FAMILY(FromAddress) == AF_INET6) {
+ fromAddr = &((struct sockaddr_in6 *)&FromAddress)->sin6_addr;
+ } else if ((SOCKADDR_FAMILY(FromAddress) == AF_INET) &&
+ IN6_IS_ADDR_V4MAPPED((struct in6_addr *) address)) {
+ fromAddr = &((struct sockaddr_in *)&FromAddress)->sin_addr;
+ regAddr = &((struct sockaddr_in6 *)&address)->sin6_addr.s6_addr[12];
+ regAddrlen = sizeof(struct in_addr);
+ }
+ }
+#endif
+ if (fromAddr && memcmp(regAddr, fromAddr, regAddrlen) != 0) {
+ return;
+ }
+ }
+ if (ConnectionAddresses.length + 1 == 256)
+ return;
+ newAddress = xalloc (addrlen * sizeof (CARD8));
+ if (!newAddress)
+ return;
+ if (!XdmcpReallocARRAY16 (&ConnectionTypes, ConnectionTypes.length + 1))
+ {
+ xfree (newAddress);
+ return;
+ }
+ if (!XdmcpReallocARRAYofARRAY8 (&ConnectionAddresses,
+ ConnectionAddresses.length + 1))
+ {
+ xfree (newAddress);
+ return;
+ }
+ ConnectionTypes.data[ConnectionTypes.length - 1] = (CARD16) type;
+ for (i = 0; i < addrlen; i++)
+ newAddress[i] = address[i];
+ ConnectionAddresses.data[ConnectionAddresses.length-1].data = newAddress;
+ ConnectionAddresses.data[ConnectionAddresses.length-1].length = addrlen;
+}
+
+/*
+ * Register an Authorization Name. XDMCP advertises this list
+ * to the manager.
+ */
+
+static ARRAYofARRAY8 AuthorizationNames;
+
+void
+XdmcpRegisterAuthorizations (void)
+{
+ XdmcpDisposeARRAYofARRAY8 (&AuthorizationNames);
+ RegisterAuthorizations ();
+}
+
+void
+XdmcpRegisterAuthorization (const char *name, int namelen)
+{
+ ARRAY8 authName;
+ int i;
+
+ authName.data = xalloc (namelen * sizeof (CARD8));
+ if (!authName.data)
+ return;
+ if (!XdmcpReallocARRAYofARRAY8 (&AuthorizationNames, AuthorizationNames.length +1))
+ {
+ xfree (authName.data);
+ return;
+ }
+ for (i = 0; i < namelen; i++)
+ authName.data[i] = (CARD8) name[i];
+ authName.length = namelen;
+ AuthorizationNames.data[AuthorizationNames.length-1] = authName;
+}
+
+/*
+ * Register the DisplayClass string
+ */
+
+static ARRAY8 DisplayClass;
+
+static void
+XdmcpRegisterDisplayClass (const char *name, int length)
+{
+ int i;
+
+ XdmcpDisposeARRAY8 (&DisplayClass);
+ if (!XdmcpAllocARRAY8 (&DisplayClass, length))
+ return;
+ for (i = 0; i < length; i++)
+ DisplayClass.data[i] = (CARD8) name[i];
+}
+
+/*
+ * initialize XDMCP; create the socket, compute the display
+ * number, set up the state machine
+ */
+
+void
+XdmcpInit(void)
+{
+ state = XDM_INIT_STATE;
+#ifdef HASXDMAUTH
+ if (xdmAuthCookie)
+ XdmAuthenticationInit (xdmAuthCookie, strlen (xdmAuthCookie));
+#endif
+ if (state != XDM_OFF)
+ {
+ XdmcpRegisterAuthorizations();
+ XdmcpRegisterDisplayClass (defaultDisplayClass, strlen (defaultDisplayClass));
+ AccessUsingXdmcp();
+ RegisterBlockAndWakeupHandlers (XdmcpBlockHandler, XdmcpWakeupHandler,
+ (pointer) 0);
+ timeOutRtx = 0;
+ DisplayNumber = (CARD16) atoi(display);
+ get_xdmcp_sock();
+ send_packet();
+ }
+}
+
+void
+XdmcpReset (void)
+{
+ state = XDM_INIT_STATE;
+ if (state != XDM_OFF)
+ {
+ RegisterBlockAndWakeupHandlers (XdmcpBlockHandler, XdmcpWakeupHandler,
+ (pointer) 0);
+ timeOutRtx = 0;
+ send_packet();
+ }
+}
+
+/*
+ * Called whenever a new connection is created; notices the
+ * first connection and saves it to terminate the session
+ * when it is closed
+ */
+
+void
+XdmcpOpenDisplay(int sock)
+{
+ if (state != XDM_AWAIT_MANAGE_RESPONSE)
+ return;
+ state = XDM_RUN_SESSION;
+ sessionSocket = sock;
+}
+
+void
+XdmcpCloseDisplay(int sock)
+{
+ if ((state != XDM_RUN_SESSION && state != XDM_AWAIT_ALIVE_RESPONSE)
+ || sessionSocket != sock)
+ return;
+ state = XDM_INIT_STATE;
+ if (OneSession)
+ dispatchException |= DE_TERMINATE;
+ else
+ dispatchException |= DE_RESET;
+ isItTimeToYield = TRUE;
+}
+
+/*
+ * called before going to sleep, this routine
+ * may modify the timeout value about to be sent
+ * to select; in this way XDMCP can do appropriate things
+ * dynamically while starting up
+ */
+
+/*ARGSUSED*/
+static void
+XdmcpBlockHandler(
+ pointer data, /* unused */
+ struct timeval **wt,
+ pointer pReadmask)
+{
+ fd_set *LastSelectMask = (fd_set*)pReadmask;
+ CARD32 millisToGo;
+
+ if (state == XDM_OFF)
+ return;
+ FD_SET(xdmcpSocket, LastSelectMask);
+#if defined(IPv6) && defined(AF_INET6)
+ if (xdmcpSocket6 >= 0)
+ FD_SET(xdmcpSocket6, LastSelectMask);
+#endif
+ if (timeOutTime == 0)
+ return;
+ millisToGo = timeOutTime - GetTimeInMillis();
+ if ((int) millisToGo < 0)
+ millisToGo = 0;
+ AdjustWaitForDelay (wt, millisToGo);
+}
+
+/*
+ * called after select returns; this routine will
+ * recognise when XDMCP packets await and
+ * process them appropriately
+ */
+
+/*ARGSUSED*/
+static void
+XdmcpWakeupHandler(
+ pointer data, /* unused */
+ int i,
+ pointer pReadmask)
+{
+ fd_set* LastSelectMask = (fd_set*)pReadmask;
+ fd_set devicesReadable;
+
+ if (state == XDM_OFF)
+ return;
+ if (i > 0)
+ {
+ if (FD_ISSET(xdmcpSocket, LastSelectMask))
+ {
+ receive_packet(xdmcpSocket);
+ FD_CLR(xdmcpSocket, LastSelectMask);
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ if (xdmcpSocket6 >= 0 && FD_ISSET(xdmcpSocket6, LastSelectMask))
+ {
+ receive_packet(xdmcpSocket6);
+ FD_CLR(xdmcpSocket6, LastSelectMask);
+ }
+#endif
+ XFD_ANDSET(&devicesReadable, LastSelectMask, &EnabledDevices);
+ if (XFD_ANYSET(&devicesReadable))
+ {
+ if (state == XDM_AWAIT_USER_INPUT)
+ restart();
+ else if (state == XDM_RUN_SESSION)
+ keepaliveDormancy = defaultKeepaliveDormancy;
+ }
+ if (XFD_ANYSET(&AllClients) && state == XDM_RUN_SESSION)
+ timeOutTime = GetTimeInMillis() + keepaliveDormancy * 1000;
+ }
+ else if (timeOutTime && (int) (GetTimeInMillis() - timeOutTime) >= 0)
+ {
+ if (state == XDM_RUN_SESSION)
+ {
+ state = XDM_KEEPALIVE;
+ send_packet();
+ }
+ else
+ timeout();
+ }
+}
+
+/*
+ * This routine should be called from the routine that drives the
+ * user's host menu when the user selects a host
+ */
+
+static void
+XdmcpSelectHost(
+ const struct sockaddr *host_sockaddr,
+ int host_len,
+ ARRAY8Ptr AuthenticationName)
+{
+ state = XDM_START_CONNECTION;
+ memmove(&req_sockaddr, host_sockaddr, host_len);
+ req_socklen = host_len;
+ XdmcpSetAuthentication (AuthenticationName);
+ send_packet();
+}
+
+/*
+ * !!! this routine should be replaced by a routine that adds
+ * the host to the user's host menu. the current version just
+ * selects the first host to respond with willing message.
+ */
+
+/*ARGSUSED*/
+static void
+XdmcpAddHost(
+ const struct sockaddr *from,
+ int fromlen,
+ ARRAY8Ptr AuthenticationName,
+ ARRAY8Ptr hostname,
+ ARRAY8Ptr status)
+{
+ XdmcpSelectHost(from, fromlen, AuthenticationName);
+}
+
+/*
+ * A message is queued on the socket; read it and
+ * do the appropriate thing
+ */
+
+static ARRAY8 UnwillingMessage = { (CARD8) 14, (CARD8 *) "Host unwilling" };
+
+static void
+receive_packet(int socketfd)
+{
+#if defined(IPv6) && defined(AF_INET6)
+ struct sockaddr_storage from;
+#else
+ struct sockaddr_in from;
+#endif
+ int fromlen = sizeof(from);
+ XdmcpHeader header;
+
+ /* read message off socket */
+ if (!XdmcpFill (socketfd, &buffer, (XdmcpNetaddr) &from, &fromlen))
+ return;
+
+ /* reset retransmission backoff */
+ timeOutRtx = 0;
+
+ if (!XdmcpReadHeader (&buffer, &header))
+ return;
+
+ if (header.version != XDM_PROTOCOL_VERSION)
+ return;
+
+ switch (header.opcode) {
+ case WILLING:
+ recv_willing_msg((struct sockaddr *) &from, fromlen, header.length);
+ break;
+ case UNWILLING:
+ XdmcpFatal("Manager unwilling", &UnwillingMessage);
+ break;
+ case ACCEPT:
+ recv_accept_msg(header.length);
+ break;
+ case DECLINE:
+ recv_decline_msg(header.length);
+ break;
+ case REFUSE:
+ recv_refuse_msg(header.length);
+ break;
+ case FAILED:
+ recv_failed_msg(header.length);
+ break;
+ case ALIVE:
+ recv_alive_msg(header.length);
+ break;
+ }
+}
+
+/*
+ * send the appropriate message given the current state
+ */
+
+static void
+send_packet(void)
+{
+ int rtx;
+ switch (state) {
+ case XDM_QUERY:
+ case XDM_BROADCAST:
+ case XDM_INDIRECT:
+#if defined(IPv6) && defined(AF_INET6)
+ case XDM_MULTICAST:
+#endif
+ send_query_msg();
+ break;
+ case XDM_START_CONNECTION:
+ send_request_msg();
+ break;
+ case XDM_MANAGE:
+ send_manage_msg();
+ break;
+ case XDM_KEEPALIVE:
+ send_keepalive_msg();
+ break;
+ default:
+ break;
+ }
+ rtx = (XDM_MIN_RTX << timeOutRtx);
+ if (rtx > XDM_MAX_RTX)
+ rtx = XDM_MAX_RTX;
+ timeOutTime = GetTimeInMillis() + rtx * 1000;
+}
+
+/*
+ * The session is declared dead for some reason; too many
+ * timeouts, or Keepalive failure.
+ */
+
+static void
+XdmcpDeadSession (const char *reason)
+{
+ ErrorF ("XDM: %s, declaring session dead\n", reason);
+ state = XDM_INIT_STATE;
+ isItTimeToYield = TRUE;
+ dispatchException |= DE_RESET;
+ timeOutTime = 0;
+ timeOutRtx = 0;
+ send_packet();
+}
+
+/*
+ * Timeout waiting for an XDMCP response.
+ */
+
+static void
+timeout(void)
+{
+ timeOutRtx++;
+ if (state == XDM_AWAIT_ALIVE_RESPONSE && timeOutRtx >= XDM_KA_RTX_LIMIT )
+ {
+ XdmcpDeadSession ("too many keepalive retransmissions");
+ return;
+ }
+ else if (timeOutRtx >= XDM_RTX_LIMIT)
+ {
+ /* Quit if "-once" specified, otherwise reset and try again. */
+ if (OneSession) {
+ dispatchException |= DE_TERMINATE;
+ ErrorF("XDM: too many retransmissions\n");
+ } else {
+ XdmcpDeadSession("too many retransmissions");
+ }
+ return;
+ }
+
+#if defined(IPv6) && defined(AF_INET6)
+ if (state == XDM_COLLECT_QUERY || state == XDM_COLLECT_INDIRECT_QUERY) {
+ /* Try next address */
+ for (mgrAddr = mgrAddr->ai_next; ; mgrAddr = mgrAddr->ai_next) {
+ if (mgrAddr == NULL) {
+ mgrAddr = mgrAddrFirst;
+ }
+ if (mgrAddr->ai_family == AF_INET
+ || mgrAddr->ai_family == AF_INET6)
+ break;
+ }
+#ifndef SIN6_LEN
+ ManagerAddressLen = mgrAddr->ai_addrlen;
+#endif
+ memcpy(&ManagerAddress, mgrAddr->ai_addr, mgrAddr->ai_addrlen);
+ }
+#endif
+
+ switch (state) {
+ case XDM_COLLECT_QUERY:
+ state = XDM_QUERY;
+ break;
+ case XDM_COLLECT_BROADCAST_QUERY:
+ state = XDM_BROADCAST;
+ break;
+#if defined(IPv6) && defined(AF_INET6)
+ case XDM_COLLECT_MULTICAST_QUERY:
+ state = XDM_MULTICAST;
+ break;
+#endif
+ case XDM_COLLECT_INDIRECT_QUERY:
+ state = XDM_INDIRECT;
+ break;
+ case XDM_AWAIT_REQUEST_RESPONSE:
+ state = XDM_START_CONNECTION;
+ break;
+ case XDM_AWAIT_MANAGE_RESPONSE:
+ state = XDM_MANAGE;
+ break;
+ case XDM_AWAIT_ALIVE_RESPONSE:
+ state = XDM_KEEPALIVE;
+ break;
+ default:
+ break;
+ }
+ send_packet();
+}
+
+static void
+restart(void)
+{
+ state = XDM_INIT_STATE;
+ timeOutRtx = 0;
+ send_packet();
+}
+
+static int
+XdmcpCheckAuthentication (ARRAY8Ptr Name, ARRAY8Ptr Data, int packet_type)
+{
+ return (XdmcpARRAY8Equal (Name, AuthenticationName) &&
+ (AuthenticationName->length == 0 ||
+ (*AuthenticationFuncs->Validator) (AuthenticationData, Data, packet_type)));
+}
+
+static int
+XdmcpAddAuthorization (ARRAY8Ptr name, ARRAY8Ptr data)
+{
+ AddAuthorFunc AddAuth;
+
+ if (AuthenticationFuncs && AuthenticationFuncs->AddAuth)
+ AddAuth = AuthenticationFuncs->AddAuth;
+ else
+ AddAuth = AddAuthorization;
+ return (*AddAuth) ((unsigned short)name->length,
+ (char *)name->data,
+ (unsigned short)data->length,
+ (char *)data->data);
+}
+
+/*
+ * from here to the end of this file are routines private
+ * to the state machine.
+ */
+
+static void
+get_xdmcp_sock(void)
+{
+#ifdef STREAMSCONN
+ struct netconfig *nconf;
+
+ if ((xdmcpSocket = t_open("/dev/udp", O_RDWR, 0)) < 0) {
+ XdmcpWarning("t_open() of /dev/udp failed");
+ return;
+ }
+
+ if( t_bind(xdmcpSocket,NULL,NULL) < 0 ) {
+ XdmcpWarning("UDP socket creation failed");
+ t_error("t_bind(xdmcpSocket) failed" );
+ t_close(xdmcpSocket);
+ return;
+ }
+
+ /*
+ * This part of the code looks contrived. It will actually fit in nicely
+ * when the CLTS part of Xtrans is implemented.
+ */
+
+ if( (nconf=getnetconfigent("udp")) == NULL ) {
+ XdmcpWarning("UDP socket creation failed: getnetconfigent()");
+ t_unbind(xdmcpSocket);
+ t_close(xdmcpSocket);
+ return;
+ }
+
+ if( netdir_options(nconf, ND_SET_BROADCAST, xdmcpSocket, NULL) ) {
+ XdmcpWarning("UDP set broadcast option failed: netdir_options()");
+ freenetconfigent(nconf);
+ t_unbind(xdmcpSocket);
+ t_close(xdmcpSocket);
+ return;
+ }
+
+ freenetconfigent(nconf);
+#else
+ int soopts = 1;
+
+#if defined(IPv6) && defined(AF_INET6)
+ if ((xdmcpSocket6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
+ XdmcpWarning("INET6 UDP socket creation failed");
+#endif
+ if ((xdmcpSocket = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+ XdmcpWarning("UDP socket creation failed");
+#ifdef SO_BROADCAST
+ else if (setsockopt(xdmcpSocket, SOL_SOCKET, SO_BROADCAST, (char *)&soopts,
+ sizeof(soopts)) < 0)
+ XdmcpWarning("UDP set broadcast socket-option failed");
+#endif /* SO_BROADCAST */
+ if (xdmcpSocket >= 0 && xdm_from != NULL) {
+ if (bind(xdmcpSocket, (struct sockaddr *)&FromAddress,
+ FromAddressLen) < 0) {
+ FatalError("Xserver: failed to bind to -from address: %s\n", xdm_from);
+ }
+ }
+#endif /* STREAMSCONN */
+}
+
+static void
+send_query_msg(void)
+{
+ XdmcpHeader header;
+ Bool broadcast = FALSE;
+#if defined(IPv6) && defined(AF_INET6)
+ Bool multicast = FALSE;
+#endif
+ int i;
+ int socketfd = xdmcpSocket;
+
+ header.version = XDM_PROTOCOL_VERSION;
+ switch(state){
+ case XDM_QUERY:
+ header.opcode = (CARD16) QUERY;
+ state = XDM_COLLECT_QUERY;
+ break;
+ case XDM_BROADCAST:
+ header.opcode = (CARD16) BROADCAST_QUERY;
+ state = XDM_COLLECT_BROADCAST_QUERY;
+ broadcast = TRUE;
+ break;
+#if defined(IPv6) && defined(AF_INET6)
+ case XDM_MULTICAST:
+ header.opcode = (CARD16) BROADCAST_QUERY;
+ state = XDM_COLLECT_MULTICAST_QUERY;
+ multicast = TRUE;
+ break;
+#endif
+ case XDM_INDIRECT:
+ header.opcode = (CARD16) INDIRECT_QUERY;
+ state = XDM_COLLECT_INDIRECT_QUERY;
+ break;
+ default:
+ break;
+ }
+ header.length = 1;
+ for (i = 0; i < AuthenticationNames.length; i++)
+ header.length += 2 + AuthenticationNames.data[i].length;
+
+ XdmcpWriteHeader (&buffer, &header);
+ XdmcpWriteARRAYofARRAY8 (&buffer, &AuthenticationNames);
+ if (broadcast)
+ {
+ int i;
+
+ for (i = 0; i < NumBroadcastAddresses; i++)
+ XdmcpFlush (xdmcpSocket, &buffer, (XdmcpNetaddr) &BroadcastAddresses[i],
+ sizeof (struct sockaddr_in));
+ }
+#if defined(IPv6) && defined(AF_INET6)
+ else if (multicast)
+ {
+ struct multicastinfo *mcl;
+ struct addrinfo *ai;
+
+ for (mcl = mcastlist; mcl != NULL; mcl = mcl->next) {
+ for (ai = mcl->ai ; ai != NULL; ai = ai->ai_next) {
+ if (ai->ai_family == AF_INET) {
+ unsigned char hopflag = (unsigned char) mcl->hops;
+ socketfd = xdmcpSocket;
+ setsockopt(socketfd, IPPROTO_IP, IP_MULTICAST_TTL,
+ &hopflag, sizeof(hopflag));
+ } else if (ai->ai_family == AF_INET6) {
+ int hopflag6 = mcl->hops;
+ socketfd = xdmcpSocket6;
+ setsockopt(socketfd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
+ &hopflag6, sizeof(hopflag6));
+ } else {
+ continue;
+ }
+ XdmcpFlush (socketfd, &buffer,
+ (XdmcpNetaddr) ai->ai_addr, ai->ai_addrlen);
+ break;
+ }
+ }
+ }
+#endif
+ else
+ {
+#if defined(IPv6) && defined(AF_INET6)
+ if (SOCKADDR_FAMILY(ManagerAddress) == AF_INET6)
+ socketfd = xdmcpSocket6;
+#endif
+ XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &ManagerAddress,
+ ManagerAddressLen);
+ }
+}
+
+static void
+recv_willing_msg(
+ struct sockaddr *from,
+ int fromlen,
+ unsigned length)
+{
+ ARRAY8 authenticationName;
+ ARRAY8 hostname;
+ ARRAY8 status;
+
+ authenticationName.data = 0;
+ hostname.data = 0;
+ status.data = 0;
+ if (XdmcpReadARRAY8 (&buffer, &authenticationName) &&
+ XdmcpReadARRAY8 (&buffer, &hostname) &&
+ XdmcpReadARRAY8 (&buffer, &status))
+ {
+ if (length == 6 + authenticationName.length +
+ hostname.length + status.length)
+ {
+ switch (state)
+ {
+ case XDM_COLLECT_QUERY:
+ XdmcpSelectHost(from, fromlen, &authenticationName);
+ break;
+ case XDM_COLLECT_BROADCAST_QUERY:
+#if defined(IPv6) && defined(AF_INET6)
+ case XDM_COLLECT_MULTICAST_QUERY:
+#endif
+ case XDM_COLLECT_INDIRECT_QUERY:
+ XdmcpAddHost(from, fromlen, &authenticationName, &hostname, &status);
+ break;
+ default:
+ break;
+ }
+ }
+ }
+ XdmcpDisposeARRAY8 (&authenticationName);
+ XdmcpDisposeARRAY8 (&hostname);
+ XdmcpDisposeARRAY8 (&status);
+}
+
+static void
+send_request_msg(void)
+{
+ XdmcpHeader header;
+ int length;
+ int i;
+ CARD16 XdmcpConnectionType;
+ ARRAY8 authenticationData;
+ int socketfd = xdmcpSocket;
+
+ switch (SOCKADDR_FAMILY(ManagerAddress))
+ {
+ case AF_INET: XdmcpConnectionType=FamilyInternet; break;
+#if defined(IPv6) && defined(AF_INET6)
+ case AF_INET6: XdmcpConnectionType=FamilyInternet6; break;
+#endif
+ default: XdmcpConnectionType=0xffff; break;
+ }
+
+ header.version = XDM_PROTOCOL_VERSION;
+ header.opcode = (CARD16) REQUEST;
+
+ length = 2; /* display number */
+ length += 1 + 2 * ConnectionTypes.length; /* connection types */
+ length += 1; /* connection addresses */
+ for (i = 0; i < ConnectionAddresses.length; i++)
+ length += 2 + ConnectionAddresses.data[i].length;
+ authenticationData.length = 0;
+ authenticationData.data = 0;
+ if (AuthenticationFuncs)
+ {
+ (*AuthenticationFuncs->Generator) (AuthenticationData,
+ &authenticationData,
+ REQUEST);
+ }
+ length += 2 + AuthenticationName->length; /* authentication name */
+ length += 2 + authenticationData.length; /* authentication data */
+ length += 1; /* authorization names */
+ for (i = 0; i < AuthorizationNames.length; i++)
+ length += 2 + AuthorizationNames.data[i].length;
+ length += 2 + ManufacturerDisplayID.length; /* display ID */
+ header.length = length;
+
+ if (!XdmcpWriteHeader (&buffer, &header))
+ {
+ XdmcpDisposeARRAY8 (&authenticationData);
+ return;
+ }
+ XdmcpWriteCARD16 (&buffer, DisplayNumber);
+ XdmcpWriteCARD8 (&buffer, ConnectionTypes.length);
+
+ /* The connection array is send reordered, so that connections of */
+ /* the same address type as the XDMCP manager connection are send */
+ /* first. This works around a bug in xdm. mario@klebsch.de */
+ for (i = 0; i < (int)ConnectionTypes.length; i++)
+ if (ConnectionTypes.data[i]==XdmcpConnectionType)
+ XdmcpWriteCARD16 (&buffer, ConnectionTypes.data[i]);
+ for (i = 0; i < (int)ConnectionTypes.length; i++)
+ if (ConnectionTypes.data[i]!=XdmcpConnectionType)
+ XdmcpWriteCARD16 (&buffer, ConnectionTypes.data[i]);
+
+ XdmcpWriteCARD8 (&buffer, ConnectionAddresses.length);
+ for (i = 0; i < (int)ConnectionAddresses.length; i++)
+ if ( (i<ConnectionTypes.length) &&
+ (ConnectionTypes.data[i]==XdmcpConnectionType) )
+ XdmcpWriteARRAY8 (&buffer, &ConnectionAddresses.data[i]);
+ for (i = 0; i < (int)ConnectionAddresses.length; i++)
+ if ( (i>=ConnectionTypes.length) ||
+ (ConnectionTypes.data[i]!=XdmcpConnectionType) )
+ XdmcpWriteARRAY8 (&buffer, &ConnectionAddresses.data[i]);
+
+ XdmcpWriteARRAY8 (&buffer, AuthenticationName);
+ XdmcpWriteARRAY8 (&buffer, &authenticationData);
+ XdmcpDisposeARRAY8 (&authenticationData);
+ XdmcpWriteARRAYofARRAY8 (&buffer, &AuthorizationNames);
+ XdmcpWriteARRAY8 (&buffer, &ManufacturerDisplayID);
+#if defined(IPv6) && defined(AF_INET6)
+ if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
+ socketfd = xdmcpSocket6;
+#endif
+ if (XdmcpFlush (socketfd, &buffer,
+ (XdmcpNetaddr) &req_sockaddr, req_socklen))
+ state = XDM_AWAIT_REQUEST_RESPONSE;
+}
+
+static void
+recv_accept_msg(unsigned length)
+{
+ CARD32 AcceptSessionID;
+ ARRAY8 AcceptAuthenticationName, AcceptAuthenticationData;
+ ARRAY8 AcceptAuthorizationName, AcceptAuthorizationData;
+
+ if (state != XDM_AWAIT_REQUEST_RESPONSE)
+ return;
+ AcceptAuthenticationName.data = 0;
+ AcceptAuthenticationData.data = 0;
+ AcceptAuthorizationName.data = 0;
+ AcceptAuthorizationData.data = 0;
+ if (XdmcpReadCARD32 (&buffer, &AcceptSessionID) &&
+ XdmcpReadARRAY8 (&buffer, &AcceptAuthenticationName) &&
+ XdmcpReadARRAY8 (&buffer, &AcceptAuthenticationData) &&
+ XdmcpReadARRAY8 (&buffer, &AcceptAuthorizationName) &&
+ XdmcpReadARRAY8 (&buffer, &AcceptAuthorizationData))
+ {
+ if (length == 12 + AcceptAuthenticationName.length +
+ AcceptAuthenticationData.length +
+ AcceptAuthorizationName.length +
+ AcceptAuthorizationData.length)
+ {
+ if (!XdmcpCheckAuthentication (&AcceptAuthenticationName,
+ &AcceptAuthenticationData, ACCEPT))
+ {
+ XdmcpFatal ("Authentication Failure", &AcceptAuthenticationName);
+ }
+ /* permit access control manipulations from this host */
+ AugmentSelf (&req_sockaddr, req_socklen);
+ /* if the authorization specified in the packet fails
+ * to be acceptable, enable the local addresses
+ */
+ if (!XdmcpAddAuthorization (&AcceptAuthorizationName,
+ &AcceptAuthorizationData))
+ {
+ AddLocalHosts ();
+ }
+ SessionID = AcceptSessionID;
+ state = XDM_MANAGE;
+ send_packet();
+ }
+ }
+ XdmcpDisposeARRAY8 (&AcceptAuthenticationName);
+ XdmcpDisposeARRAY8 (&AcceptAuthenticationData);
+ XdmcpDisposeARRAY8 (&AcceptAuthorizationName);
+ XdmcpDisposeARRAY8 (&AcceptAuthorizationData);
+}
+
+static void
+recv_decline_msg(unsigned length)
+{
+ ARRAY8 status, DeclineAuthenticationName, DeclineAuthenticationData;
+
+ status.data = 0;
+ DeclineAuthenticationName.data = 0;
+ DeclineAuthenticationData.data = 0;
+ if (XdmcpReadARRAY8 (&buffer, &status) &&
+ XdmcpReadARRAY8 (&buffer, &DeclineAuthenticationName) &&
+ XdmcpReadARRAY8 (&buffer, &DeclineAuthenticationData))
+ {
+ if (length == 6 + status.length +
+ DeclineAuthenticationName.length +
+ DeclineAuthenticationData.length &&
+ XdmcpCheckAuthentication (&DeclineAuthenticationName,
+ &DeclineAuthenticationData, DECLINE))
+ {
+ XdmcpFatal ("Session declined", &status);
+ }
+ }
+ XdmcpDisposeARRAY8 (&status);
+ XdmcpDisposeARRAY8 (&DeclineAuthenticationName);
+ XdmcpDisposeARRAY8 (&DeclineAuthenticationData);
+}
+
+static void
+send_manage_msg(void)
+{
+ XdmcpHeader header;
+ int socketfd = xdmcpSocket;
+
+ header.version = XDM_PROTOCOL_VERSION;
+ header.opcode = (CARD16) MANAGE;
+ header.length = 8 + DisplayClass.length;
+
+ if (!XdmcpWriteHeader (&buffer, &header))
+ return;
+ XdmcpWriteCARD32 (&buffer, SessionID);
+ XdmcpWriteCARD16 (&buffer, DisplayNumber);
+ XdmcpWriteARRAY8 (&buffer, &DisplayClass);
+ state = XDM_AWAIT_MANAGE_RESPONSE;
+#if defined(IPv6) && defined(AF_INET6)
+ if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
+ socketfd = xdmcpSocket6;
+#endif
+ XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &req_sockaddr, req_socklen);
+}
+
+static void
+recv_refuse_msg(unsigned length)
+{
+ CARD32 RefusedSessionID;
+
+ if (state != XDM_AWAIT_MANAGE_RESPONSE)
+ return;
+ if (length != 4)
+ return;
+ if (XdmcpReadCARD32 (&buffer, &RefusedSessionID))
+ {
+ if (RefusedSessionID == SessionID)
+ {
+ state = XDM_START_CONNECTION;
+ send_packet();
+ }
+ }
+}
+
+static void
+recv_failed_msg(unsigned length)
+{
+ CARD32 FailedSessionID;
+ ARRAY8 status;
+
+ if (state != XDM_AWAIT_MANAGE_RESPONSE)
+ return;
+ status.data = 0;
+ if (XdmcpReadCARD32 (&buffer, &FailedSessionID) &&
+ XdmcpReadARRAY8 (&buffer, &status))
+ {
+ if (length == 6 + status.length &&
+ SessionID == FailedSessionID)
+ {
+ XdmcpFatal ("Session failed", &status);
+ }
+ }
+ XdmcpDisposeARRAY8 (&status);
+}
+
+static void
+send_keepalive_msg(void)
+{
+ XdmcpHeader header;
+ int socketfd = xdmcpSocket;
+
+ header.version = XDM_PROTOCOL_VERSION;
+ header.opcode = (CARD16) KEEPALIVE;
+ header.length = 6;
+
+ XdmcpWriteHeader (&buffer, &header);
+ XdmcpWriteCARD16 (&buffer, DisplayNumber);
+ XdmcpWriteCARD32 (&buffer, SessionID);
+
+ state = XDM_AWAIT_ALIVE_RESPONSE;
+#if defined(IPv6) && defined(AF_INET6)
+ if (SOCKADDR_FAMILY(req_sockaddr) == AF_INET6)
+ socketfd = xdmcpSocket6;
+#endif
+ XdmcpFlush (socketfd, &buffer, (XdmcpNetaddr) &req_sockaddr, req_socklen);
+}
+
+static void
+recv_alive_msg (unsigned length)
+{
+ CARD8 SessionRunning;
+ CARD32 AliveSessionID;
+
+ if (state != XDM_AWAIT_ALIVE_RESPONSE)
+ return;
+ if (length != 5)
+ return;
+ if (XdmcpReadCARD8 (&buffer, &SessionRunning) &&
+ XdmcpReadCARD32 (&buffer, &AliveSessionID))
+ {
+ if (SessionRunning && AliveSessionID == SessionID)
+ {
+ /* backoff dormancy period */
+ state = XDM_RUN_SESSION;
+ if ((GetTimeInMillis() - lastDeviceEventTime.milliseconds) >
+ keepaliveDormancy * 1000)
+ {
+ keepaliveDormancy <<= 1;
+ if (keepaliveDormancy > XDM_MAX_DORMANCY)
+ keepaliveDormancy = XDM_MAX_DORMANCY;
+ }
+ timeOutTime = GetTimeInMillis() + keepaliveDormancy * 1000;
+ }
+ else
+ {
+ XdmcpDeadSession ("Alive response indicates session dead");
+ }
+ }
+}
+
+static void
+XdmcpFatal (
+ const char *type,
+ ARRAY8Ptr status)
+{
+ FatalError ("XDMCP fatal error: %s %*.*s\n", type,
+ status->length, status->length, status->data);
+}
+
+static void
+XdmcpWarning(const char *str)
+{
+ ErrorF("XDMCP warning: %s\n", str);
+}
+
+static void
+get_addr_by_name(
+ const char *argtype,
+ const char *namestr,
+ int port,
+ int socktype,
+ SOCKADDR_TYPE *addr,
+ SOCKLEN_TYPE *addrlen
+#if defined(IPv6) && defined(AF_INET6)
+ ,
+ struct addrinfo **aip,
+ struct addrinfo **aifirstp
+#endif
+ )
+{
+#if defined(IPv6) && defined(AF_INET6)
+ struct addrinfo *ai;
+ struct addrinfo hints;
+ char portstr[6];
+ char *pport = portstr;
+ int gaierr;
+
+ bzero(&hints, sizeof(hints));
+ hints.ai_socktype = socktype;
+
+ if (port == 0) {
+ pport = NULL;
+ } else if (port > 0 && port < 65535) {
+ sprintf(portstr, "%d", port);
+ } else {
+ FatalError("Xserver: port out of range: %d\n", port);
+ }
+
+ if (*aifirstp != NULL) {
+ freeaddrinfo(*aifirstp);
+ *aifirstp = NULL;
+ }
+
+ if ((gaierr = getaddrinfo(namestr, pport, &hints, aifirstp)) == 0) {
+ for (ai = *aifirstp; ai != NULL; ai = ai->ai_next) {
+ if (ai->ai_family == AF_INET || ai->ai_family == AF_INET6)
+ break;
+ }
+ if ((ai == NULL) || (ai->ai_addrlen > sizeof(SOCKADDR_TYPE))) {
+ FatalError ("Xserver: %s host %s not on supported network type\n",
+ argtype, namestr);
+ } else {
+ *aip = ai;
+ *addrlen = ai->ai_addrlen;
+ memcpy(addr, ai->ai_addr, ai->ai_addrlen);
+ }
+ } else {
+ FatalError("Xserver: %s: %s %s\n", gai_strerror(gaierr), argtype, namestr);
+ }
+#else
+ struct hostent *hep;
+#ifdef XTHREADS_NEEDS_BYNAMEPARAMS
+ _Xgethostbynameparams hparams;
+#endif
+#if defined(WIN32) && (defined(TCPCONN) || defined(DNETCONN))
+ _XSERVTransWSAStartup();
+#endif
+ if (!(hep = _XGethostbyname(namestr, hparams)))
+ {
+ FatalError("Xserver: %s unknown host: %s\n", argtype, namestr);
+ }
+ if (hep->h_length == sizeof (struct in_addr))
+ {
+ memmove(&addr->sin_addr, hep->h_addr, hep->h_length);
+ *addrlen = sizeof(struct sockaddr_in);
+ addr->sin_family = AF_INET;
+ addr->sin_port = htons (port);
+ }
+ else
+ {
+ FatalError("Xserver: %s host on strange network %s\n", argtype, namestr);
+ }
+#endif
+}
+
+static void
+get_manager_by_name(
+ int argc,
+ char **argv,
+ int i)
+{
+
+ if ((i + 1) == argc)
+ {
+ FatalError("Xserver: missing %s host name in command line\n", argv[i]);
+ }
+
+ get_addr_by_name(argv[i], argv[i+1], xdm_udp_port, SOCK_DGRAM,
+ &ManagerAddress, &ManagerAddressLen
+#if defined(IPv6) && defined(AF_INET6)
+ , &mgrAddr, &mgrAddrFirst
+#endif
+ );
+}
+
+
+static void
+get_fromaddr_by_name(
+ int argc,
+ char **argv,
+ int i)
+{
+#if defined(IPv6) && defined(AF_INET6)
+ struct addrinfo *ai = NULL;
+ struct addrinfo *aifirst = NULL;
+#endif
+ if (i == argc)
+ {
+ FatalError("Xserver: missing -from host name in command line\n");
+ }
+ get_addr_by_name("-from", argv[i], 0, 0, &FromAddress, &FromAddressLen
+#if defined(IPv6) && defined(AF_INET6)
+ , &ai, &aifirst
+#endif
+ );
+#if defined(IPv6) && defined(AF_INET6)
+ if (aifirst != NULL)
+ freeaddrinfo(aifirst);
+#endif
+ xdm_from = argv[i];
+}
+
+
+#if defined(IPv6) && defined(AF_INET6)
+static int
+get_mcast_options(int argc, char **argv, int i)
+{
+ char *address = XDM_DEFAULT_MCAST_ADDR6;
+ int hopcount = 1;
+ struct addrinfo hints;
+ char portstr[6];
+ int gaierr;
+ struct addrinfo *ai, *firstai;
+
+ if ((i < argc) && (argv[i][0] != '-') && (argv[i][0] != '+')) {
+ address = argv[i++];
+ if ((i < argc) && (argv[i][0] != '-') && (argv[i][0] != '+')) {
+ hopcount = strtol(argv[i++], NULL, 10);
+ if ((hopcount < 1) || (hopcount > 255)) {
+ FatalError("Xserver: multicast hop count out of range: %d\n",
+ hopcount);
+ }
+ }
+ }
+
+ if (xdm_udp_port > 0 && xdm_udp_port < 65535) {
+ sprintf(portstr, "%d", xdm_udp_port);
+ } else {
+ FatalError("Xserver: port out of range: %d\n", xdm_udp_port);
+ }
+ bzero(&hints, sizeof(hints));
+ hints.ai_socktype = SOCK_DGRAM;
+
+ if ((gaierr = getaddrinfo(address, portstr, &hints, &firstai)) == 0) {
+ for (ai = firstai; ai != NULL; ai = ai->ai_next) {
+ if (((ai->ai_family == AF_INET) &&
+ IN_MULTICAST(((struct sockaddr_in *) ai->ai_addr)
+ ->sin_addr.s_addr))
+ || ((ai->ai_family == AF_INET6) &&
+ IN6_IS_ADDR_MULTICAST(&((struct sockaddr_in6 *) ai->ai_addr)
+ ->sin6_addr)))
+ break;
+ }
+ if (ai == NULL) {
+ FatalError ("Xserver: address not supported multicast type %s\n",
+ address);
+ } else {
+ struct multicastinfo *mcastinfo, *mcl;
+
+ mcastinfo = malloc(sizeof(struct multicastinfo));
+ mcastinfo->next = NULL;
+ mcastinfo->ai = firstai;
+ mcastinfo->hops = hopcount;
+
+ if (mcastlist == NULL) {
+ mcastlist = mcastinfo;
+ } else {
+ for (mcl = mcastlist; mcl->next != NULL; mcl = mcl->next) {
+ /* Do nothing - just find end of list */
+ }
+ mcl->next = mcastinfo;
+ }
+ }
+ } else {
+ FatalError("Xserver: %s: %s\n", gai_strerror(gaierr), address);
+ }
+ return i;
+}
+#endif
+
+#else
+static int xdmcp_non_empty; /* avoid complaint by ranlib */
+#endif /* XDMCP */