From dea5d7da969d01461d2e3b700a4bf3c05f048194 Mon Sep 17 00:00:00 2001
From: Kean Johnson <kean@armory.com>
Date: Fri, 10 Jun 2005 06:54:09 +0000
Subject: SCO port update for SCO OpenServer 5 and UnixWare 7. A few general
 cleanups     and bugs not specifically related to the port fixed along the
 way.

---
 auth.c              | 59 ++++++++++----------------------
 chooser.c           |  2 +-
 config/Xsession.cpp | 60 ++++++++++++++++++++++++++++++++
 dm.c                |  9 ++++-
 dm.h                |  2 +-
 greeter/verify.c    | 98 +++++++++++++++++++++++++++++++++++++++++++++++++++--
 resource.c          |  4 +++
 session.c           | 44 ++++++++++++++++++++++--
 util.c              |  2 +-
 9 files changed, 230 insertions(+), 50 deletions(-)
 create mode 100644 config/Xsession.cpp

diff --git a/auth.c b/auth.c
index 22a7ba1..be8f5de 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $XdotOrg: xc/programs/xdm/auth.c,v 1.1.4.4 2003/12/06 13:24:29 kaleb Exp $ */
+/* $XdotOrg: xc/programs/xdm/auth.c,v 1.2 2004/04/23 19:54:42 eich Exp $ */
 /* $Xorg: auth.c,v 1.5 2001/02/09 02:05:40 xorgcvs Exp $ */
 /*
 
@@ -39,6 +39,7 @@ from The Open Group.
  */
 
 #include <X11/X.h>
+#include <X11/Xlibint.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 
@@ -58,8 +59,7 @@ from The Open Group.
 # include <netdnet/dnetdb.h>
 #endif
 
-#if (defined(_POSIX_SOURCE) && !defined(AIXV3) && !defined(__QNX__)) || defined(hpux) || defined(USG) || defined(SVR4) || (defined(SYSV) && defined(i386))
-#define NEED_UTSNAME
+#if defined(hpux)
 #include <sys/utsname.h>
 #endif
 
@@ -73,9 +73,7 @@ from The Open Group.
 
 #ifdef SVR4
 # include <netdb.h>
-# ifndef SCO325
 # include <sys/sockio.h>
-# endif
 # include <sys/stropts.h>
 #endif
 #ifdef __convex__
@@ -681,11 +679,7 @@ static void
 DefineLocal (FILE *file, Xauth *auth)
 {
 	char	displayname[100];
-	char	tmp_displayname[100];
-
-	strcpy(tmp_displayname, "");
-
-	/* stolen from xinit.c */
+	int	len = _XGetHostname (displayname, sizeof(displayname));
 
 /* Make sure this produces the same string as _XGetHostname in lib/X/XlibInt.c.
  * Otherwise, Xau will not be able to find your cookies in the Xauthority file.
@@ -695,46 +689,29 @@ DefineLocal (FILE *file, Xauth *auth)
  *       and so, you may be better off using gethostname (if it exists).
  */
 
-#ifdef NEED_UTSNAME
-
-	/* hpux:
-	 * Why not use gethostname()?  Well, at least on my system, I've had to
-	 * make an ugly kernel patch to get a name longer than 8 characters, and
-	 * uname() lets me access to the whole string (it smashes release, you
-	 * see), whereas gethostname() kindly truncates it for me.
-	 */
-	{
-	struct utsname name;
-
-	uname(&name);
-	snprintf(displayname, sizeof(displayname), "%s", name.nodename);
-	}
-	writeAddr (FamilyLocal, strlen (displayname), displayname, file, auth);
-
-	snprintf(tmp_displayname, sizeof(tmp_displayname), "%s", displayname);
-#endif
-
-#if (!defined(NEED_UTSNAME) || defined (hpux))
-        /* AIXV3:
-	 * In AIXV3, _POSIX_SOURCE is defined, but uname gives only first
-	 * field of hostname. Thus, we use gethostname instead.
-	 */
-
+#if defined(hpux)
 	/*
 	 * For HP-UX, HP's Xlib expects a fully-qualified domain name, which
 	 * is achieved by using gethostname().  For compatability, we must
-	 * also still create the entry using uname() above.
+	 * also still create the entry using uname().
 	 */
-	gethostname(displayname, sizeof(displayname));
+	char	tmp_displayname[100];
+	struct utsname name;
 
+	tmp_displayname[0] = 0;
+	uname(&name);
+	snprintf(tmp_displayname, sizeof(tmp_displayname), "%s", name.nodename);
+	writeAddr (FamilyLocal, strlen (tmp_displayname), tmp_displayname,
+       		   file, auth);
+ 
 	/*
-	 * If gethostname and uname both returned the same name,
-	 * do not write a duplicate entry.
+	 * If _XGetHostname() returned the same value as uname(), don't 
+	 * write a duplicate entry.
 	 */
 	if (strcmp (displayname, tmp_displayname))
-	    writeAddr (FamilyLocal, strlen (displayname), displayname, 
-		       file, auth);
 #endif
+
+	writeAddr (FamilyLocal, len, displayname, file, auth);
 }
 
 #ifdef HAS_GETIFADDRS
diff --git a/chooser.c b/chooser.c
index 7d30e10..8d5916f 100644
--- a/chooser.c
+++ b/chooser.c
@@ -75,7 +75,7 @@ in this Software without prior written authorization from The Open Group.
 #include    <X11/extensions/Xinerama.h>
 #endif
 
-#if defined(SVR4) && !defined(SCO325)
+#if defined(SVR4)
 #include    <sys/sockio.h>
 #endif
 #if defined(SVR4) && defined(PowerMAX_OS)
diff --git a/config/Xsession.cpp b/config/Xsession.cpp
new file mode 100644
index 0000000..6d4fabd
--- /dev/null
+++ b/config/Xsession.cpp
@@ -0,0 +1,60 @@
+XCOMM!SHELL_CMD
+XCOMM
+XCOMM $Xorg: Xsession,v 1.4 2000/08/17 19:54:17 cpqbld Exp $
+XCOMM $XFree86: xc/programs/xdm/config/Xsession,v 1.2 1998/01/11 03:48:32 dawes Exp $
+
+XCOMM redirect errors to a file in user's home directory if we can
+for errfile in "$HOME/.xsession-errors" "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER"
+do
+	if ( cp /dev/null "$errfile" 2> /dev/null )
+	then
+		chmod 600 "$errfile"
+		exec > "$errfile" 2>&1
+		break
+	fi
+done
+
+case $# in
+1)
+	case $1 in
+	failsafe)
+		exec BINDIR/xterm -geometry 80x24-0-0
+		;;
+	esac
+esac
+
+XCOMM The startup script is not intended to have arguments.
+
+startup=$HOME/.xsession
+resources=$HOME/.Xresources
+
+if [ -s "$startup" ]; then
+	if [ -x "$startup" ]; then
+		exec "$startup"
+	else
+		exec /bin/sh "$startup"
+	fi
+else
+	if [ -r "$resources" ]; then
+		BINDIR/xrdb -load "$resources"
+	fi
+#if defined(__SCO__) || defined(__UNIXWARE__)
+        [ -r /etc/default/xdesktops ] && {
+                . /etc/default/xdesktops
+        }
+
+        [ -r /etc/default/xdm ] && {
+                . /etc/default/xdm
+        }
+
+        XCOMM Allow the user to over-ride the system default desktop
+        [ -r $HOME/.xdmdesktop ] && {
+                . $HOME/.xdmdesktop
+        }
+
+        [ -n "$XDESKTOP" ] && {
+                exec `eval $XDESKTOP`
+        }
+#endif
+	exec BINDIR/xsm
+fi
diff --git a/dm.c b/dm.c
index 6f41dc4..61e212d 100644
--- a/dm.c
+++ b/dm.c
@@ -56,6 +56,9 @@ from The Open Group.
 #ifdef __NetBSD__
 #include <sys/param.h>
 #endif
+#ifdef USESECUREWARE
+#include <prot.h>
+#endif
 
 #ifndef sigmask
 #define sigmask(m)  (1 << ((m - 1)))
@@ -73,7 +76,7 @@ from The Open Group.
 #endif
 
 
-#if defined(SVR4) && !defined(SCO) && !defined(sun)
+#if defined(SVR4) && !defined(sun)
 extern FILE    *fdopen();
 #endif
 
@@ -118,6 +121,10 @@ main (int argc, char **argv)
     TitleLen = (argv[argc - 1] + strlen(argv[argc - 1])) - Title;
 #endif
 
+#ifdef USESECUREWARE
+    set_auth_parameters (argc, argv);
+#endif
+
     /*
      * Step 1 - load configuration parameters
      */
diff --git a/dm.h b/dm.h
index 4c12494..0000d33 100644
--- a/dm.h
+++ b/dm.h
@@ -76,7 +76,7 @@ from The Open Group.
 #include <sys/wait.h>
 #else
 #define _POSIX_SOURCE
-#ifdef SCO325
+#ifdef __SCO__
 #include <sys/procset.h>
 #include <sys/siginfo.h>
 #endif
diff --git a/greeter/verify.c b/greeter/verify.c
index b866c88..713dd3b 100644
--- a/greeter/verify.c
+++ b/greeter/verify.c
@@ -53,6 +53,9 @@ from The Open Group.
 # include	<login_cap.h>
 # include	<varargs.h>
 # include	<bsd_auth.h>
+#elif defined(USESECUREWARE)
+# include       <sys/types.h>
+# include       <prot.h>
 #endif
 
 # include	"greet.h"
@@ -291,7 +294,98 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
 			break;
 		}
 	} 
-#else /* !USE_BSDAUTH */
+#elif defined(USESECUREWARE) /* !USE_BSDAUTH */
+/*
+ * This is a global variable and will be referenced in at least session.c
+ */
+struct smp_user_info *userp = 0;
+
+int
+Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
+{
+  int ret, pwtries = 0, nis, delay;
+  char *reason = 0;
+  struct passwd	*p;
+  char *shell, *home, **argv;
+
+  Debug ("Verify %s ...\n", greet->name);
+
+  p = getpwnam (greet->name);
+  endpwent();
+
+  if (!p || strlen (greet->name) == 0) {
+    LogError ("getpwnam() failed.\n");
+    bzero(greet->password, strlen(greet->password));
+    return 0;
+  }
+
+  ret = smp_check_user (SMP_LOGIN, greet->name, 0, 0, &userp, &pwtries,
+    &reason, &nis, &delay);
+  if (ret != SMP_RETIRED && userp->retired)
+    ret = userp->result = SMP_RETIRED;
+  Debug ("smp_check_user returns %d\n", ret);
+
+  switch (ret) {
+    case SMP_FAIL:
+      Debug ("Out of memory in smp_check_user\n");
+      goto smp_fail;
+    case SMP_EXTFAIL:
+      Debug ("SMP_EXTFAIL: %s", reason);
+      goto smp_fail;
+    case SMP_NOTAUTH:
+      Debug ("Not authorized\n");
+      goto smp_fail;
+    case SMP_TERMLOCK:
+      Debug ("Terminal is locked!\n");
+      goto smp_fail;
+    case SMP_ACCTLOCK:
+      Debug ("Account is locked\n");
+      goto smp_fail;
+    case SMP_RETIRED:
+      Debug ("Account is retired\n");
+      goto smp_fail;
+    case SMP_OVERRIDE:
+      Debug ("On override device ... proceeding\n");
+      break;
+    case SMP_NULLPW:
+      Debug ("NULL password entry\n");
+      if (!greet->allow_null_passwd) {
+        goto smp_fail;
+      }
+      break;
+    case SMP_BADUSER:
+      Debug ("User not found in protected password database\n");
+      goto smp_fail;
+    case SMP_PWREQ:
+      Debug ("Password change required\n");
+      goto smp_fail;
+    case SMP_HASPW:
+      break;
+    default:
+      Debug ("Unhandled smp_check_user return %d\n", ret);
+smp_fail:
+      sleep(delay);
+      smp_audit_fail (userp, 0);
+      bzero(greet->password, strlen(greet->password));
+      return 0;
+      break;
+  }
+
+  if (ret != SMP_NULLPW) {
+    /*
+     * If we require a password, check it.
+     */
+    ret = smp_check_pw (greet->password, userp, &reason);
+    switch (ret) {
+      case SMP_CANCHANGE:
+      case SMP_CANTCHANGE:
+      case SMP_OVERRIDE:
+        break;
+      default:
+        goto smp_fail;
+    }
+  }
+#else /* !USE_BSDAUTH && !USESECUREWARE */
 int
 Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
 {
@@ -524,7 +618,7 @@ done:
 	}
 #undef PAM_BAIL
 #endif /* USE_PAM */
-#endif /* USE_BSDAUTH */
+#endif /* !USE_BSDAUTH && !USESECUREWARE */
 
 	Debug ("verify succeeded\n");
 	/* The password is passed to StartClient() for use by user-based
diff --git a/resource.c b/resource.c
index cd84f03..3bdf608 100644
--- a/resource.c
+++ b/resource.c
@@ -134,8 +134,12 @@ int	choiceTimeout;	/* chooser choice timeout */
 #define DEF_RANDOM_FILE "/dev/mem"
 #endif
 #ifndef DEF_PRNGD_SOCKET 
+#ifdef __SCO__
+#define DEF_PRNGD_SOCKET "/etc/egd-pool"
+#else
 #define DEF_PRNGD_SOCKET "/tmp/entropy"
 #endif
+#endif
 #ifndef DEF_PRNGD_PORT
 #define DEF_PRNGD_PORT "0"
 #endif
diff --git a/session.c b/session.c
index 66d7696..05aa1dc 100644
--- a/session.c
+++ b/session.c
@@ -61,6 +61,10 @@ extern int key_setnet(struct key_netstarg *arg);
 # include <krb5/krb5.h>
 #endif
 
+#ifdef __SCO__
+#include <prot.h>
+#endif
+
 #ifndef GREET_USER_STATIC
 # include <dlfcn.h>
 # ifndef RTLD_NOW
@@ -70,7 +74,7 @@ extern int key_setnet(struct key_netstarg *arg);
 
 static	int	runAndWait (char **args, char **environ);
 
-#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun) || defined(__GLIBC__)
+#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) || defined(__QNXNTO__) || defined(sun) || defined(__GLIBC__) || defined(__SCO__)
 # include <sys/types.h>
 # include <grp.h>
 #else
@@ -88,7 +92,7 @@ extern	struct spwd	*getspnam(GETSPNAM_ARGS);
 extern	void	endspent(void);
 # endif
 #endif
-#if defined(CSRG_BASED) || defined(__GLIBC__) || defined(USL)
+#if defined(CSRG_BASED) || defined(__GLIBC__) || defined(__UNIXWARE__) || defined(__SCO__)
 # include <pwd.h>
 # include <unistd.h>
 #else
@@ -534,6 +538,11 @@ StartClient (
     pam_handle_t *pamh = thepamh ();
     int	pam_error;
 #endif
+#ifdef USESECUREWARE
+    char *reason, **smpenv, *smpshell;
+    int ret;
+    extern struct smp_user_info *userp;
+#endif
 
     if (verify->argv) {
 	Debug ("StartSession %s: ", verify->argv[0]);
@@ -570,6 +579,35 @@ StartClient (
 	}
 #endif
 
+#ifdef USESECUREWARE
+        Debug ("set_identity: uid=%d\n", userp->pw.pw_uid);
+        ret = smp_set_identity (userp, &reason, &smpenv, &smpshell);
+        Debug ("smp_set_identity returns %d luid=%d\n", ret, getluid());
+        switch (ret) {
+          case SMP_FAIL:
+            LogError ("Unable to set identity\n");
+            smp_audit_fail (userp, 0);
+            return 0;
+          case SMP_EXTFAIL:
+            LogError ("Unable to set identity: %s\n", reason);
+            smp_audit_fail (userp, 0);
+            return 0;
+          case SMP_NOTAUTH:
+            LogError ("Authorization failed\n");
+            smp_audit_fail (userp, 0);
+            return 0;
+          case SMP_ACCTLOCK:
+            LogError ("Account is locked\n");
+            smp_audit_fail (userp, 0);
+            return 0;
+          case SMP_COMPLETE:
+            break;
+          default:
+            LogError ("Unhandled identity error %d\n", ret);
+            smp_audit_fail (userp, 0);
+            return 0;
+        }
+#endif
 
 #ifndef AIXV3
 #ifndef HAS_SETUSERCONTEXT
@@ -911,7 +949,7 @@ systemEnv (struct display *d, char *user, char *home)
     return env;
 }
 
-#if (defined(Lynx) && !defined(HAS_CRYPT)) || defined(SCO) && !defined(SCO_USA) && !defined(_SCO_DS)
+#if (defined(Lynx) && !defined(HAS_CRYPT))
 char *crypt(char *s1, char *s2)
 {
 	return(s2);
diff --git a/util.c b/util.c
index cea100c..442c7ee 100644
--- a/util.c
+++ b/util.c
@@ -245,7 +245,7 @@ CleanUpChild (void)
 	setsid();
 #else
 #if defined(SYSV) || defined(SVR4) || defined(__CYGWIN__)
-#if !(defined(SVR4) && defined(i386)) || defined(SCO325)
+#if !(defined(SVR4) && defined(i386))
 	setpgrp ();
 #endif
 #else
-- 
cgit v1.2.3