XFree86 4.3.0.1xf86-4_3_0_1 PRE_xf86-4_3_0_1

author: Kaleb Keithley <kaleb@freedesktop.org> 2003-11-14 16:49:22 +0000
committer: Kaleb Keithley <kaleb@freedesktop.org> 2003-11-14 16:49:22 +0000
commit: d568221710959cf7d783e6ff0fb80fb43a231124 (patch)
tree: 8d6f039393294c6ffac8533639afdebe5d68bfc1 /os/auth.c
parent: 9508a382f8a9f241dab097d921b6d290c1c3a776 (diff)
1 files changed, 95 insertions, 94 deletions
diff --git a/os/auth.c b/os/auth.c
index 7b914bb28..b596aed44 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -26,6 +26,7 @@ other dealings in this Software without prior written authorization
 from The Open Group.
 
 */
+/* $XFree86: xc/programs/Xserver/os/auth.c,v 1.12 2002/12/09 02:56:03 dawes Exp $ */
 
 /*
  * authorization hooks for the server
@@ -35,9 +36,10 @@ from The Open Group.
 #ifdef K5AUTH
 # include   <krb5/krb5.h>
 #endif
-# include   "X.h"
-# include   "Xauth.h"
+# include   <X11/X.h>
+# include   <X11/Xauth.h>
 # include   "misc.h"
+# include   "osdep.h"
 # include   "dixstruct.h"
 # include   <sys/types.h>
 # include   <sys/stat.h>
@@ -52,50 +54,17 @@ from The Open Group.
 struct protocol {
     unsigned short   name_length;
     char    *name;
-    int     (*Add)();	    /* new authorization data */
-    XID	    (*Check)();	    /* verify client authorization data */
-    int     (*Reset)();	    /* delete all authorization data entries */
-    XID	    (*ToID)();	    /* convert cookie to ID */
-    int	    (*FromID)();    /* convert ID to cookie */
-    int	    (*Remove)();    /* remove a specific cookie */
+    AuthAddCFunc	Add;	/* new authorization data */
+    AuthCheckFunc	Check;	/* verify client authorization data */
+    AuthRstCFunc	Reset;	/* delete all authorization data entries */
+    AuthToIDFunc	ToID;	/* convert cookie to ID */
+    AuthFromIDFunc	FromID;	/* convert ID to cookie */
+    AuthRemCFunc	Remove;	/* remove a specific cookie */
 #ifdef XCSECURITY
-    XID     (*Generate)();
+    AuthGenCFunc	Generate;
 #endif
 };
 
-extern int  MitAddCookie ();
-extern XID  MitCheckCookie ();
-extern int  MitResetCookie ();
-extern XID  MitToID ();
-extern int  MitFromID (), MitRemoveCookie ();
-extern XID  MitGenerateCookie();
-
-#ifdef HASXDMAUTH
-extern int  XdmAddCookie ();
-extern XID  XdmCheckCookie ();
-extern int  XdmResetCookie ();
-extern XID  XdmToID ();
-extern int  XdmFromID (), XdmRemoveCookie ();
-#endif
-
-#ifdef SECURE_RPC
-extern int  SecureRPCAdd();
-extern XID  SecureRPCCheck();
-extern int  SecureRPCReset();
-extern XID  SecureRPCToID();
-extern int  SecureRPCFromID(), SecureRPCRemove();
-#endif
-
-#ifdef K5AUTH
-extern int K5Add();
-extern XID K5Check();
-extern int K5Reset();
-extern XID K5ToID();
-extern int K5FromID(), K5Remove();
-#endif
-
-extern XID AuthSecurityCheck();
-
 static struct protocol   protocols[] = {
 {   (unsigned short) 18,    "MIT-MAGIC-COOKIE-1",
 		MitAddCookie,	MitCheckCookie,	MitResetCookie,
@@ -154,27 +123,39 @@ static char *authorization_file = (char *)NULL;
 static Bool ShouldLoadAuth = TRUE;
 
 void
-InitAuthorization (file_name)
-char	*file_name;
+InitAuthorization (char *file_name)
 {
     authorization_file = file_name;
 }
 
 int
-LoadAuthorization ()
+LoadAuthorization (void)
 {
     FILE    *f;
     Xauth   *auth;
     int	    i;
     int	    count = 0;
+#if !defined(WIN32) && !defined(__UNIXOS2__)
+    char    *buf;
+#endif
 
     ShouldLoadAuth = FALSE;
     if (!authorization_file)
 	return 0;
+#if !defined(WIN32) && !defined(__UNIXOS2__)
+    buf = xalloc (strlen(authorization_file) + 5);
+    if (!buf)
+	return -1;
+    sprintf (buf, "cat %s", authorization_file);
+    f = Popen (buf, "r");
+    xfree (buf);
+#else
     f = fopen (authorization_file, "r");
+#endif
     if (!f)
-	return 0;
-    while (auth = XauReadAuth (f)) {
+	return -1;
+
+    while ((auth = XauReadAuth (f)) != 0) {
 	for (i = 0; i < NUM_AUTHORIZATION; i++) {
 	    if (protocols[i].name_length == auth->name_length &&
 		memcmp (protocols[i].name, auth->name, (int) auth->name_length) == 0 &&
@@ -187,7 +168,13 @@ LoadAuthorization ()
 	}
 	XauDisposeAuth (auth);
     }
+
+#if !defined(WIN32) && !defined(__UNIXOS2__)
+    if (Pclose (f) != 0)
+	return -1;
+#else
     fclose (f);
+#endif
     return count;
 }
 
@@ -197,7 +184,7 @@ LoadAuthorization ()
  * schemes supported by the display
  */
 void
-RegisterAuthorizations ()
+RegisterAuthorizations (void)
 {
     int	    i;
 
@@ -208,17 +195,18 @@ RegisterAuthorizations ()
 #endif
 
 XID
-CheckAuthorization (name_length, name, data_length, data, client, reason)
-    unsigned int name_length;
-    char	*name;
-    unsigned int data_length;
-    char	*data;
-    ClientPtr client;
-    char	**reason;	/* failure message.  NULL for default msg */
+CheckAuthorization (
+    unsigned int name_length,
+    char	*name,
+    unsigned int data_length,
+    char	*data,
+    ClientPtr client,
+    char	**reason)	/* failure message.  NULL for default msg */
 {
     int	i;
     struct stat buf;
     static time_t lastmod = 0;
+    static Bool loaded = FALSE;
 
     if (!authorization_file || stat(authorization_file, &buf))
     {
@@ -234,24 +222,45 @@ CheckAuthorization (name_length, name, data_length, data, client, reason)
     }
     if (ShouldLoadAuth)
     {
-	if (LoadAuthorization())
+	int loadauth = LoadAuthorization();
+
+	/*
+	 * If the authorization file has at least one entry for this server,
+	 * disable local host access. (loadauth > 0)
+	 *
+	 * If there are zero entries (either initially or when the
+	 * authorization file is later reloaded), or if a valid
+	 * authorization file was never loaded, enable local host access.
+	 * (loadauth == 0 || !loaded)
+	 *
+	 * If the authorization file was loaded initially (with valid
+	 * entries for this server), and reloading it later fails, don't
+	 * change anything. (loadauth == -1 && loaded)
+	 */
+	
+	if (loadauth > 0)
+	{
 	    DisableLocalHost(); /* got at least one */
-	else
+	    loaded = TRUE;
+	}
+	else if (loadauth == 0 || !loaded)
 	    EnableLocalHost ();
     }
-    if (name_length)
+    if (name_length) {
 	for (i = 0; i < NUM_AUTHORIZATION; i++) {
 	    if (protocols[i].name_length == name_length &&
 		memcmp (protocols[i].name, name, (int) name_length) == 0)
 	    {
 		return (*protocols[i].Check) (data_length, data, client, reason);
 	    }
+	    *reason = "Protocol not supported by server\n";
 	}
+    } else *reason = "No protocol specified\n";
     return (XID) ~0L;
 }
 
 void
-ResetAuthorization ()
+ResetAuthorization (void)
 {
     int	i;
 
@@ -262,11 +271,11 @@ ResetAuthorization ()
 }
 
 XID
-AuthorizationToID (name_length, name, data_length, data)
-unsigned short	name_length;
-char	*name;
-unsigned short	data_length;
-char	*data;
+AuthorizationToID (
+	unsigned short	name_length,
+	char		*name,
+	unsigned short	data_length,
+	char		*data)
 {
     int	i;
 
@@ -282,12 +291,12 @@ char	*data;
 }
 
 int
-AuthorizationFromID (id, name_lenp, namep, data_lenp, datap)
-XID id;
-unsigned short	*name_lenp;
-char	**namep;
-unsigned short	*data_lenp;
-char	**datap;
+AuthorizationFromID (
+	XID 		id,
+	unsigned short	*name_lenp,
+	char		**namep,
+	unsigned short	*data_lenp,
+	char		**datap)
 {
     int	i;
 
@@ -303,11 +312,11 @@ char	**datap;
 }
 
 int
-RemoveAuthorization (name_length, name, data_length, data)
-unsigned short	name_length;
-char	*name;
-unsigned short	data_length;
-char	*data;
+RemoveAuthorization (
+	unsigned short	name_length,
+	char		*name,
+	unsigned short	data_length,
+	char		*data)
 {
     int	i;
 
@@ -323,11 +332,7 @@ char	*data;
 }
 
 int
-AddAuthorization (name_length, name, data_length, data)
-unsigned int name_length;
-char	*name;
-unsigned int data_length;
-char	*data;
+AddAuthorization (unsigned name_length, char *name, unsigned data_length, char *data)
 {
     int	i;
 
@@ -345,14 +350,13 @@ char	*data;
 #ifdef XCSECURITY
 
 XID
-GenerateAuthorization(name_length, name, data_length, data,
-		      data_length_return, data_return)
-unsigned int name_length;
-char	*name;
-unsigned int data_length;
-char	*data;
-unsigned int *data_length_return;
-char	**data_return;
+GenerateAuthorization(
+	unsigned name_length,
+	char	*name,
+	unsigned data_length,
+	char	*data,
+	unsigned *data_length_return,
+	char	**data_return)
 {
     int	i;
 
@@ -375,23 +379,20 @@ char	**data_return;
 static unsigned long int next = 1;
 
 static int
-xdm_rand()
+xdm_rand(void)
 {
     next = next * 1103515245 + 12345;
     return (unsigned int)(next/65536) % 32768;
 }
 
 static void
-xdm_srand(seed)
-    unsigned int seed;
+xdm_srand(unsigned int seed)
 {
     next = seed;
 }
 
 void
-GenerateRandomData (len, buf)
-int	len;
-char	*buf;
+GenerateRandomData (int len, char *buf)
 {
     static int seed;
     int value;
author	Kaleb Keithley <kaleb@freedesktop.org>	2003-11-14 16:49:22 +0000
committer	Kaleb Keithley <kaleb@freedesktop.org>	2003-11-14 16:49:22 +0000
commit	d568221710959cf7d783e6ff0fb80fb43a231124 (patch)
tree	8d6f039393294c6ffac8533639afdebe5d68bfc1 /os/auth.c
parent	9508a382f8a9f241dab097d921b6d290c1c3a776 (diff)