/*
 *Copyright (C) 2003-2004 Harold L Hunt II All Rights Reserved.
 *
 *Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the
 *"Software"), to deal in the Software without restriction, including
 *without limitation the rights to use, copy, modify, merge, publish,
 *distribute, sublicense, and/or sell copies of the Software, and to
 *permit persons to whom the Software is furnished to do so, subject to
 *the following conditions:
 *
 *The above copyright notice and this permission notice shall be
 *included in all copies or substantial portions of the Software.
 *
 *THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 *EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 *MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 *NONINFRINGEMENT. IN NO EVENT SHALL HAROLD L HUNT II BE LIABLE FOR
 *ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
 *CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 *WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 *
 *Except as contained in this notice, the name of Harold L Hunt II
 *shall not be used in advertising or otherwise to promote the sale, use
 *or other dealings in this Software without prior written authorization
 *from Harold L Hunt II.
 *
 * Authors:	Harold L Hunt II
 */

#ifdef HAVE_XWIN_CONFIG_H
#include <xwin-config.h>
#endif

#include "win.h"

/* Includes for authorization */
#include "securitysrv.h"

/*
 * Constants
 */

#define AUTH_NAME	"MIT-MAGIC-COOKIE-1"

/*
 * Locals
 */

static XID g_authId = 0;
static unsigned int g_uiAuthDataLen = 0;
static char *g_pAuthData = NULL;

/*
 * Code to generate a MIT-MAGIC-COOKIE-1, copied from under XCSECURITY
 */

#ifndef XCSECURITY
static
    void
GenerateRandomData(int len, char *buf)
{
    int fd;

    fd = open("/dev/urandom", O_RDONLY);
    read(fd, buf, len);
    close(fd);
}

static char cookie[16];         /* 128 bits */

XID
    static
MitGenerateCookie(unsigned data_length,
                  char *data,
                  XID id, unsigned *data_length_return, char **data_return)
{
    int i = 0;
    int status;

    while (data_length--) {
        cookie[i++] += *data++;
        if (i >= sizeof(cookie))
            i = 0;
    }
    GenerateRandomData(sizeof(cookie), cookie);
    status = MitAddCookie(sizeof(cookie), cookie, id);
    if (!status) {
        id = -1;
    }
    else {
        *data_return = cookie;
        *data_length_return = sizeof(cookie);
    }
    return id;
}

static
    XID
GenerateAuthorization(unsigned name_length,
                      char *name,
                      unsigned data_length,
                      char *data,
                      unsigned *data_length_return, char **data_return)
{
    return MitGenerateCookie(data_length, data,
                             FakeClientID(0), data_length_return, data_return);
}
#endif

/*
 * Generate authorization cookie for internal server clients
 */

Bool
winGenerateAuthorization(void)
{
    Bool fFreeAuth = FALSE;
    SecurityAuthorizationPtr pAuth = NULL;

    /* Call OS layer to generate authorization key */
    g_authId = GenerateAuthorization(strlen(AUTH_NAME),
                                     AUTH_NAME,
                                     0, NULL, &g_uiAuthDataLen, &g_pAuthData);
    if ((XID) ~0L == g_authId) {
        ErrorF("winGenerateAuthorization - GenerateAuthorization failed\n");
        goto auth_bailout;
    }

    else {
        winDebug("winGenerateAuthorization - GenerateAuthorization success!\n"
                 "AuthDataLen: %d AuthData: %s\n",
                 g_uiAuthDataLen, g_pAuthData);
    }

#ifdef XCSECURITY
    /* Allocate structure for additional auth information */
    pAuth = (SecurityAuthorizationPtr)
        malloc(sizeof(SecurityAuthorizationRec));
    if (!(pAuth)) {
        ErrorF("winGenerateAuthorization - Failed allocating "
               "SecurityAuthorizationPtr.\n");
        goto auth_bailout;
    }

    /* Fill in the auth fields */
    pAuth->id = g_authId;
    pAuth->timeout = 0;         /* live for x seconds after refcnt == 0 */
    pAuth->group = None;
    pAuth->trustLevel = XSecurityClientTrusted;
    pAuth->refcnt = 1;          /* this auth must stick around */
    pAuth->secondsRemaining = 0;
    pAuth->timer = NULL;
    pAuth->eventClients = NULL;

    /* Add the authorization to the server's auth list */
    if (!AddResource(g_authId, SecurityAuthorizationResType, pAuth)) {
        ErrorF("winGenerateAuthorization - AddResource failed for auth.\n");
        fFreeAuth = TRUE;
        goto auth_bailout;
    }

    /* Don't free the auth data, since it is still used internally */
    pAuth = NULL;
#endif

    return TRUE;

 auth_bailout:
    if (fFreeAuth)
        free(pAuth);

    return FALSE;
}

/* Use our generated cookie for authentication */
void
winSetAuthorization(void)
{
    XSetAuthorization(AUTH_NAME,
                      strlen(AUTH_NAME), g_pAuthData, g_uiAuthDataLen);
}