Commit | Line | Data |
---|---|---|
a09e091a JB |
1 | /* |
2 | *Copyright (C) 2003-2004 Harold L Hunt II All Rights Reserved. | |
3 | * | |
4 | *Permission is hereby granted, free of charge, to any person obtaining | |
5 | * a copy of this software and associated documentation files (the | |
6 | *"Software"), to deal in the Software without restriction, including | |
7 | *without limitation the rights to use, copy, modify, merge, publish, | |
8 | *distribute, sublicense, and/or sell copies of the Software, and to | |
9 | *permit persons to whom the Software is furnished to do so, subject to | |
10 | *the following conditions: | |
11 | * | |
12 | *The above copyright notice and this permission notice shall be | |
13 | *included in all copies or substantial portions of the Software. | |
14 | * | |
15 | *THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | |
16 | *EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | |
17 | *MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | |
18 | *NONINFRINGEMENT. IN NO EVENT SHALL HAROLD L HUNT II BE LIABLE FOR | |
19 | *ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF | |
20 | *CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | |
21 | *WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | |
22 | * | |
23 | *Except as contained in this notice, the name of Harold L Hunt II | |
24 | *shall not be used in advertising or otherwise to promote the sale, use | |
25 | *or other dealings in this Software without prior written authorization | |
26 | *from Harold L Hunt II. | |
27 | * | |
28 | * Authors: Harold L Hunt II | |
29 | */ | |
30 | ||
31 | #ifdef HAVE_XWIN_CONFIG_H | |
32 | #include <xwin-config.h> | |
33 | #endif | |
34 | ||
35 | #include "win.h" | |
36 | ||
37 | /* Includes for authorization */ | |
38 | #include "securitysrv.h" | |
39 | #include "os/osdep.h" | |
40 | ||
41 | /* | |
42 | * Constants | |
43 | */ | |
44 | ||
45 | #define AUTH_NAME "MIT-MAGIC-COOKIE-1" | |
46 | ||
47 | /* | |
48 | * Locals | |
49 | */ | |
50 | ||
51 | static XID g_authId = 0; | |
52 | static unsigned int g_uiAuthDataLen = 0; | |
53 | static char *g_pAuthData = NULL; | |
54 | ||
55 | /* | |
56 | * Code to generate a MIT-MAGIC-COOKIE-1, copied from under XCSECURITY | |
57 | */ | |
58 | ||
59 | #ifndef XCSECURITY | |
60 | void | |
61 | GenerateRandomData(int len, char *buf) | |
62 | { | |
63 | int fd; | |
64 | ||
65 | fd = open("/dev/urandom", O_RDONLY); | |
66 | read(fd, buf, len); | |
67 | close(fd); | |
68 | } | |
69 | ||
70 | static char cookie[16]; /* 128 bits */ | |
71 | ||
72 | XID | |
73 | MitGenerateCookie(unsigned data_length, | |
74 | const char *data, | |
75 | XID id, unsigned *data_length_return, char **data_return) | |
76 | { | |
77 | int i = 0; | |
78 | int status; | |
79 | ||
80 | while (data_length--) { | |
81 | cookie[i++] += *data++; | |
82 | if (i >= sizeof(cookie)) | |
83 | i = 0; | |
84 | } | |
85 | GenerateRandomData(sizeof(cookie), cookie); | |
86 | status = MitAddCookie(sizeof(cookie), cookie, id); | |
87 | if (!status) { | |
88 | id = -1; | |
89 | } | |
90 | else { | |
91 | *data_return = cookie; | |
92 | *data_length_return = sizeof(cookie); | |
93 | } | |
94 | return id; | |
95 | } | |
96 | ||
97 | static | |
98 | XID | |
99 | GenerateAuthorization(unsigned name_length, | |
100 | char *name, | |
101 | unsigned data_length, | |
102 | char *data, | |
103 | unsigned *data_length_return, char **data_return) | |
104 | { | |
105 | return MitGenerateCookie(data_length, data, | |
106 | FakeClientID(0), data_length_return, data_return); | |
107 | } | |
108 | #endif | |
109 | ||
110 | /* | |
111 | * Generate authorization cookie for internal server clients | |
112 | */ | |
113 | ||
114 | Bool | |
115 | winGenerateAuthorization(void) | |
116 | { | |
117 | Bool fFreeAuth = FALSE; | |
118 | SecurityAuthorizationPtr pAuth = NULL; | |
119 | ||
120 | /* Call OS layer to generate authorization key */ | |
121 | g_authId = GenerateAuthorization(strlen(AUTH_NAME), | |
122 | AUTH_NAME, | |
123 | 0, NULL, &g_uiAuthDataLen, &g_pAuthData); | |
124 | if ((XID) ~0L == g_authId) { | |
125 | ErrorF("winGenerateAuthorization - GenerateAuthorization failed\n"); | |
126 | goto auth_bailout; | |
127 | } | |
128 | ||
129 | else { | |
130 | winDebug("winGenerateAuthorization - GenerateAuthorization success!\n" | |
131 | "AuthDataLen: %d AuthData: %s\n", | |
132 | g_uiAuthDataLen, g_pAuthData); | |
133 | } | |
134 | ||
135 | #ifdef XCSECURITY | |
136 | /* Allocate structure for additional auth information */ | |
137 | pAuth = (SecurityAuthorizationPtr) | |
138 | malloc(sizeof(SecurityAuthorizationRec)); | |
139 | if (!(pAuth)) { | |
140 | ErrorF("winGenerateAuthorization - Failed allocating " | |
141 | "SecurityAuthorizationPtr.\n"); | |
142 | goto auth_bailout; | |
143 | } | |
144 | ||
145 | /* Fill in the auth fields */ | |
146 | pAuth->id = g_authId; | |
147 | pAuth->timeout = 0; /* live for x seconds after refcnt == 0 */ | |
148 | pAuth->group = None; | |
149 | pAuth->trustLevel = XSecurityClientTrusted; | |
150 | pAuth->refcnt = 1; /* this auth must stick around */ | |
151 | pAuth->secondsRemaining = 0; | |
152 | pAuth->timer = NULL; | |
153 | pAuth->eventClients = NULL; | |
154 | ||
155 | /* Add the authorization to the server's auth list */ | |
156 | if (!AddResource(g_authId, SecurityAuthorizationResType, pAuth)) { | |
157 | ErrorF("winGenerateAuthorization - AddResource failed for auth.\n"); | |
158 | fFreeAuth = TRUE; | |
159 | goto auth_bailout; | |
160 | } | |
161 | ||
162 | /* Don't free the auth data, since it is still used internally */ | |
163 | pAuth = NULL; | |
164 | #endif | |
165 | ||
166 | return TRUE; | |
167 | ||
168 | auth_bailout: | |
169 | if (fFreeAuth) | |
170 | free(pAuth); | |
171 | ||
172 | return FALSE; | |
173 | } | |
174 | ||
175 | /* Use our generated cookie for authentication */ | |
176 | void | |
177 | winSetAuthorization(void) | |
178 | { | |
179 | XSetAuthorization(AUTH_NAME, | |
180 | strlen(AUTH_NAME), g_pAuthData, g_uiAuthDataLen); | |
181 | } |