diff options
Diffstat (limited to 'os')
| -rw-r--r-- | os/auth.c | 14 | ||||
| -rw-r--r-- | os/inputthread.c | 8 | ||||
| -rw-r--r-- | os/io.c | 3 | ||||
| -rw-r--r-- | os/mitauth.c | 15 | ||||
| -rw-r--r-- | os/osdep.h | 6 | ||||
| -rw-r--r-- | os/rpcauth.c | 6 | ||||
| -rw-r--r-- | os/timingsafe_memcmp.c | 48 | ||||
| -rw-r--r-- | os/xdmauth.c | 27 |
8 files changed, 70 insertions, 57 deletions
@@ -45,6 +45,9 @@ from The Open Group. #ifdef WIN32 #include <X11/Xw32defs.h> #endif +#ifdef HAVE_LIBBSD +#include <bsd/stdlib.h> /* for arc4random_buf() */ +#endif struct protocol { unsigned short name_length; @@ -52,7 +55,6 @@ struct protocol { AuthAddCFunc Add; /* new authorization data */ AuthCheckFunc Check; /* verify client authorization data */ AuthRstCFunc Reset; /* delete all authorization data entries */ - AuthToIDFunc ToID; /* convert cookie to ID */ AuthFromIDFunc FromID; /* convert ID to cookie */ AuthRemCFunc Remove; /* remove a specific cookie */ #ifdef XCSECURITY @@ -63,7 +65,7 @@ struct protocol { static struct protocol protocols[] = { {(unsigned short) 18, "MIT-MAGIC-COOKIE-1", MitAddCookie, MitCheckCookie, MitResetCookie, - MitToID, MitFromID, MitRemoveCookie, + MitFromID, MitRemoveCookie, #ifdef XCSECURITY MitGenerateCookie #endif @@ -71,7 +73,7 @@ static struct protocol protocols[] = { #ifdef HASXDMAUTH {(unsigned short) 19, "XDM-AUTHORIZATION-1", XdmAddCookie, XdmCheckCookie, XdmResetCookie, - XdmToID, XdmFromID, XdmRemoveCookie, + XdmFromID, XdmRemoveCookie, #ifdef XCSECURITY NULL #endif @@ -80,7 +82,7 @@ static struct protocol protocols[] = { #ifdef SECURE_RPC {(unsigned short) 9, "SUN-DES-1", SecureRPCAdd, SecureRPCCheck, SecureRPCReset, - SecureRPCToID, SecureRPCFromID, SecureRPCRemove, + SecureRPCFromID, SecureRPCRemove, #ifdef XCSECURITY NULL #endif @@ -303,11 +305,15 @@ GenerateAuthorization(unsigned name_length, void GenerateRandomData(int len, char *buf) { +#ifdef HAVE_ARC4RANDOM_BUF + arc4random_buf(buf, len); +#else int fd; fd = open("/dev/urandom", O_RDONLY); read(fd, buf, len); close(fd); +#endif } #endif /* XCSECURITY */ diff --git a/os/inputthread.c b/os/inputthread.c index 8e7f2edb9..721e86312 100644 --- a/os/inputthread.c +++ b/os/inputthread.c @@ -90,6 +90,13 @@ static pthread_mutex_t input_mutex; static Bool input_mutex_initialized; #endif +int +in_input_thread(void) +{ + return inputThreadInfo && + pthread_equal(pthread_self(), inputThreadInfo->thread); +} + void input_lock(void) { @@ -529,6 +536,7 @@ void input_force_unlock(void) {} void InputThreadPreInit(void) {} void InputThreadInit(void) {} void InputThreadFini(void) {} +int in_input_thread(void) { return 0; } int InputThreadRegisterDev(int fd, NotifyFdProcPtr readInputProc, @@ -652,6 +652,9 @@ WriteToClient(ClientPtr who, int count, const void *__buf) int padBytes; const char *buf = __buf; + BUG_RETURN_VAL_MSG(in_input_thread(), 0, + "******** %s called from input thread *********\n", __func__); + #ifdef DEBUG_COMMUNICATION Bool multicount = FALSE; #endif diff --git a/os/mitauth.c b/os/mitauth.c index 768a52a22..e75d700e1 100644 --- a/os/mitauth.c +++ b/os/mitauth.c @@ -76,7 +76,7 @@ MitCheckCookie(unsigned short data_length, for (auth = mit_auth; auth; auth = auth->next) { if (data_length == auth->len && - memcmp(data, auth->data, (int) data_length) == 0) + timingsafe_memcmp(data, auth->data, (int) data_length) == 0) return auth->id; } *reason = "Invalid MIT-MAGIC-COOKIE-1 key"; @@ -97,19 +97,6 @@ MitResetCookie(void) return 0; } -XID -MitToID(unsigned short data_length, char *data) -{ - struct auth *auth; - - for (auth = mit_auth; auth; auth = auth->next) { - if (data_length == auth->len && - memcmp(data, auth->data, data_length) == 0) - return auth->id; - } - return (XID) -1; -} - int MitFromID(XID id, unsigned short *data_lenp, char **datap) { diff --git a/os/osdep.h b/os/osdep.h index 90a247fab..a0d57b8db 100644 --- a/os/osdep.h +++ b/os/osdep.h @@ -113,9 +113,6 @@ typedef int (*AuthRemCFunc) (AuthRemCArgs); #define AuthRstCArgs void typedef int (*AuthRstCFunc) (AuthRstCArgs); -#define AuthToIDArgs unsigned short data_length, char *data -typedef XID (*AuthToIDFunc) (AuthToIDArgs); - typedef void (*OsCloseFunc) (ClientPtr); typedef int (*OsFlushFunc) (ClientPtr who, struct _osComm * oc, char *extraBuf, @@ -185,7 +182,6 @@ extern void GenerateRandomData(int len, char *buf); /* in mitauth.c */ extern XID MitCheckCookie(AuthCheckArgs); extern XID MitGenerateCookie(AuthGenCArgs); -extern XID MitToID(AuthToIDArgs); extern int MitAddCookie(AuthAddCArgs); extern int MitFromID(AuthFromIDArgs); extern int MitRemoveCookie(AuthRemCArgs); @@ -194,7 +190,6 @@ extern int MitResetCookie(AuthRstCArgs); /* in xdmauth.c */ #ifdef HASXDMAUTH extern XID XdmCheckCookie(AuthCheckArgs); -extern XID XdmToID(AuthToIDArgs); extern int XdmAddCookie(AuthAddCArgs); extern int XdmFromID(AuthFromIDArgs); extern int XdmRemoveCookie(AuthRemCArgs); @@ -205,7 +200,6 @@ extern int XdmResetCookie(AuthRstCArgs); #ifdef SECURE_RPC extern void SecureRPCInit(AuthInitArgs); extern XID SecureRPCCheck(AuthCheckArgs); -extern XID SecureRPCToID(AuthToIDArgs); extern int SecureRPCAdd(AuthAddCArgs); extern int SecureRPCFromID(AuthFromIDArgs); extern int SecureRPCRemove(AuthRemCArgs); diff --git a/os/rpcauth.c b/os/rpcauth.c index 5680489f7..33260db72 100644 --- a/os/rpcauth.c +++ b/os/rpcauth.c @@ -175,12 +175,6 @@ SecureRPCReset(void) return 1; } -_X_HIDDEN XID -SecureRPCToID(unsigned short data_length, char *data) -{ - return rpc_id; -} - _X_HIDDEN int SecureRPCFromID(XID id, unsigned short *data_lenp, char **datap) { diff --git a/os/timingsafe_memcmp.c b/os/timingsafe_memcmp.c new file mode 100644 index 000000000..65679c87a --- /dev/null +++ b/os/timingsafe_memcmp.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2014 Google Inc. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <limits.h> +#include <string.h> +#include <X11/Xfuncproto.h> +#include <dix-config.h> +#include "os.h" + +int +timingsafe_memcmp(const void *b1, const void *b2, size_t len) +{ + const unsigned char *p1 = b1, *p2 = b2; + size_t i; + int res = 0, done = 0; + + for (i = 0; i < len; i++) { + /* lt is -1 if p1[i] < p2[i]; else 0. */ + int lt = (p1[i] - p2[i]) >> CHAR_BIT; + + /* gt is -1 if p1[i] > p2[i]; else 0. */ + int gt = (p2[i] - p1[i]) >> CHAR_BIT; + + /* cmp is 1 if p1[i] > p2[i]; -1 if p1[i] < p2[i]; else 0. */ + int cmp = lt - gt; + + /* set res = cmp if !done. */ + res |= cmp & ~done; + + /* set done if p1[i] != p2[i]. */ + done |= lt | gt; + } + + return (res); +} diff --git a/os/xdmauth.c b/os/xdmauth.c index cb2e39e12..c35cade5b 100644 --- a/os/xdmauth.c +++ b/os/xdmauth.c @@ -411,33 +411,6 @@ XdmResetCookie(void) return 1; } -XID -XdmToID(unsigned short cookie_length, char *cookie) -{ - XdmAuthorizationPtr auth; - XdmClientAuthPtr client; - unsigned char *plain; - - plain = malloc(cookie_length); - if (!plain) - return (XID) -1; - for (auth = xdmAuth; auth; auth = auth->next) { - XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key, - plain, cookie_length); - if ((client = - XdmAuthorizationValidate(plain, cookie_length, &auth->rho, NULL, - NULL)) != NULL) { - free(client); - free(cookie); - free(plain); - return auth->id; - } - } - free(cookie); - free(plain); - return (XID) -1; -} - int XdmFromID(XID id, unsigned short *data_lenp, char **datap) { |