Add XACE extension source files.

(Copied from XACE-SELINUX branch in Xorg monolith CVS since these were never
 imported to modular cvs or git trees.)

3 files changed, 802 insertions, 0 deletions

diff --git a/Xext/xace.c b/Xext/xace.c
new file mode 100644
index 000000000..75fb8a35b
--- /dev/null
+++ b/Xext/xace.c
@@ -0,0 +1,537 @@
+/************************************************************
+
+Author: Eamon Walsh <ewalsh@epoch.ncsc.mil>
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+this permission notice appear in supporting documentation.  This permission
+notice shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+********************************************************/
+
+#include <stdarg.h>
+#include "windowstr.h"
+#include "scrnintstr.h"
+#include "gcstruct.h"
+#include "xacestr.h"
+#include "modinit.h"
+
+CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
+
+static Bool stateSlotsUsed[XACE_STATE_SLOTS] = {0};
+static char *stateExtNames[XACE_STATE_SLOTS] = {0};
+
+/* Proc vectors for untrusted clients, swapped and unswapped versions.
+ * These are the same as the normal proc vectors except that extensions
+ * that haven't declared themselves secure will have ProcBadRequest plugged
+ * in for their major opcode dispatcher.  This prevents untrusted clients
+ * from guessing extension major opcodes and using the extension even though
+ * the extension can't be listed or queried.
+ */
+int (*UntrustedProcVector[256])(
+    ClientPtr /*client*/
+);
+int (*SwappedUntrustedProcVector[256])(
+    ClientPtr /*client*/
+);
+
+/* Register with the security module, which allows an extension to store
+ * security state.  The return value is the index which should be passed
+ * to the state macros, or -1 if no more slots are available.
+ */
+int XaceRegisterExtension(name)
+    char *name;
+{
+    int i;
+    for (i=0; i<XACE_STATE_SLOTS; i++)
+	if (!stateSlotsUsed[i])
+	{
+	    /* save the extension name */
+	    if (name) {
+		stateExtNames[i] = (char*)xalloc(strlen(name)+1);
+		if (!stateExtNames[i])
+		    return -1;
+		memcpy(stateExtNames[i], name, strlen(name)+1);
+	    }
+	    stateSlotsUsed[i] = TRUE;
+	    return i;
+	}
+    return -1;  /* no slots free */
+}
+
+/* Unregister an extension.  Pass the index returned at registration time.
+ */
+void XaceUnregisterExtension(idx)
+    int idx;  /* state index */
+{
+    /* free the extension name */
+    if (stateExtNames[idx]) {
+	xfree(stateExtNames[idx]);
+	stateExtNames[idx] = NULL;
+    }
+    stateSlotsUsed[idx] = FALSE;
+}
+
+/* Entry point for hook functions.  Called by Xserver.
+ */
+int XaceHook(int hook, ...)
+{
+    pointer calldata;	/* data passed to callback */
+    int *prv = NULL;	/* points to return value from callback */
+    va_list ap;		/* argument list */
+    va_start(ap, hook);
+
+    /* Marshal arguments for passing to callback.
+     * Each callback has its own case, which sets up a structure to hold
+     * the arguments and integer return parameter, or in some cases just
+     * sets calldata directly to a single argument (with no return result)
+     */
+    switch (hook)
+    {
+	case XACE_CORE_DISPATCH: {
+	    XaceCoreDispatchRec rec = {
+		va_arg(ap, ClientPtr),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_RESOURCE_ACCESS: {
+	    XaceResourceAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, XID),
+		va_arg(ap, RESTYPE),
+		va_arg(ap, Mask),
+		va_arg(ap, pointer),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_DEVICE_ACCESS: {
+	    XaceDeviceAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, DeviceIntPtr),
+		va_arg(ap, Bool),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_PROPERTY_ACCESS: {
+	    XacePropertyAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, WindowPtr),
+		va_arg(ap, Atom),
+		va_arg(ap, Mask),
+		SecurityAllowOperation   /* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_DRAWABLE_ACCESS: {
+	    XaceDrawableAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, DrawablePtr),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_MAP_ACCESS:
+	case XACE_BACKGRND_ACCESS: {
+	    XaceMapAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, WindowPtr),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_EXT_DISPATCH:
+	case XACE_EXT_ACCESS: {
+	    XaceExtAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, ExtensionEntry*),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_HOSTLIST_ACCESS: {
+	    XaceHostlistAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, Mask),
+		TRUE	/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_SITE_POLICY: {
+	    XaceSitePolicyRec rec = {
+		va_arg(ap, char*),
+		va_arg(ap, int),
+		FALSE	/* default unrecognized */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_DECLARE_EXT_SECURE: {
+	    XaceDeclareExtSecureRec rec = {
+		va_arg(ap, ExtensionEntry*),
+		va_arg(ap, Bool)
+	    };
+	    calldata = &rec;
+	    break;
+	}
+	case XACE_AUTH_AVAIL: {
+	    XaceAuthAvailRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, XID)
+	    };
+	    calldata = &rec;
+	    break;
+	}
+#ifdef LBX
+	case XACE_LBX_EXT_ACCESS: {
+	    XaceLbxExtAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, LbxExtensionEntry*),
+		TRUE		/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+	case XACE_DECLARE_LBX_EXT_SECURE: {
+	    XaceDeclareLbxExtSecureRec rec = {
+		va_arg(ap, LbxExtensionEntry*),
+		va_arg(ap, Bool)
+	    };
+	    calldata = &rec;
+	    break;
+	}
+	case XACE_LBX_PROXY_ACCESS: {
+	    XaceLbxProxyAccessRec rec = {
+		va_arg(ap, ClientPtr),
+		va_arg(ap, XID),
+		TRUE		/* default allow */
+	    };
+	    calldata = &rec;
+	    prv = &rec.rval;
+	    break;
+	}
+#endif
+	default: {
+	    va_end(ap);
+	    return 0;	/* unimplemented hook number */
+	}
+    }
+    va_end(ap);
+ 
+    /* call callbacks and return result, if any. */
+    CallCallbacks(&XaceHooks[hook], calldata);
+    return prv ? *prv : 0;
+}
+
+static int
+ProcXaceDispatch(ClientPtr client)
+{
+    REQUEST(xReq);
+
+    switch (stuff->data)
+    {
+	default:
+	    return BadRequest;
+    }
+} /* ProcXaceDispatch */
+
+static int
+SProcXaceDispatch(ClientPtr client)
+{
+    REQUEST(xReq);
+
+    switch (stuff->data)
+    {
+	default:
+	    return BadRequest;
+    }
+} /* SProcXaceDispatch */
+
+
+/* XaceResetProc
+ *
+ * Arguments:
+ *	extEntry is the extension information for the XACE extension.
+ *
+ * Returns: nothing.
+ *
+ * Side Effects:
+ *	Performs any cleanup needed by XACE at server shutdown time.
+ */
+static void
+XaceResetProc(ExtensionEntry *extEntry)
+{
+    int i;
+
+    for (i=0; i<XACE_NUM_HOOKS; i++)
+    {
+	DeleteCallbackList(&XaceHooks[i]);
+	XaceHooks[i] = NULL;
+    }
+
+    for (i=0; i<XACE_STATE_SLOTS; i++)
+    {
+	if (stateExtNames[i])
+	    xfree(stateExtNames[i]);
+	stateExtNames[i] = NULL;
+	stateSlotsUsed[i] = FALSE;
+    }
+} /* XaceResetProc */
+
+
+static int
+XaceCatchDispatchProc(ClientPtr client)
+{
+    REQUEST(xReq);
+    int major = stuff->reqType;
+
+    if (!ProcVector[major])
+	return (BadRequest);
+
+    if (!XaceHook(XACE_CORE_DISPATCH, client))
+	return (BadAccess);
+
+    return client->swapped ? 
+	(* SwappedProcVector[major])(client) :
+	(* ProcVector[major])(client);
+}
+
+static int
+XaceCatchExtProc(ClientPtr client)
+{
+    REQUEST(xReq);
+    int major = stuff->reqType;
+    ExtensionEntry *ext = GetExtensionEntry(major);
+
+    if (!ext || !ProcVector[major])
+	return (BadRequest);
+
+    if (!XaceHook(XACE_EXT_DISPATCH, client, ext))
+	return (BadRequest); /* pretend extension doesn't exist */
+
+    return client->swapped ?
+	(* SwappedProcVector[major])(client) :
+	(* ProcVector[major])(client);
+}
+
+	
+/* SecurityClientStateCallback
+ *
+ * Arguments:
+ *	pcbl is &ClientStateCallback.
+ *	nullata is NULL.
+ *	calldata is a pointer to a NewClientInfoRec (include/dixstruct.h)
+ *	which contains information about client state changes.
+ *
+ * Returns: nothing.
+ *
+ * Side Effects:
+ * 
+ * If a new client is connecting, its authorization ID is copied to
+ * client->authID.  If this is a generated authorization, its reference
+ * count is bumped, its timer is cancelled if it was running, and its
+ * trustlevel is copied to TRUSTLEVEL(client).
+ * 
+ * If a client is disconnecting and the client was using a generated
+ * authorization, the authorization's reference count is decremented, and
+ * if it is now zero, the timer for this authorization is started.
+ */
+
+static void
+XaceClientStateCallback(
+    CallbackListPtr *pcbl,
+    pointer nulldata,
+    pointer calldata)
+{
+    NewClientInfoRec *pci = (NewClientInfoRec *)calldata;
+    ClientPtr client = pci->client;
+
+    switch (client->clientState)
+    {
+	case ClientStateRunning:
+	{ 
+	    client->requestVector = client->swapped ?
+		SwappedUntrustedProcVector : UntrustedProcVector;
+	    break;
+	}
+	default: break; 
+    }
+} /* XaceClientStateCallback */
+
+/* XaceExtensionInit
+ *
+ * Initialize the XACE Extension
+ */
+void XaceExtensionInit(INITARGS)
+{
+    ExtensionEntry	*extEntry;
+    int i;
+
+    if (!AddCallback(&ClientStateCallback, XaceClientStateCallback, NULL))
+	return;
+
+    extEntry = AddExtension(XACE_EXTENSION_NAME,
+			    XaceNumberEvents, XaceNumberErrors,
+			    ProcXaceDispatch, SProcXaceDispatch,
+			    XaceResetProc, StandardMinorOpcode);
+
+    /* initialize dispatching intercept functions */
+    for (i = 0; i < 128; i++)
+    {
+	UntrustedProcVector[i] = XaceCatchDispatchProc;
+	SwappedUntrustedProcVector[i] = XaceCatchDispatchProc;
+    }
+    for (i = 128; i < 256; i++)
+    {
+	UntrustedProcVector[i] = XaceCatchExtProc;
+	SwappedUntrustedProcVector[i] = XaceCatchExtProc;
+    }
+}
+
+/* XaceCensorImage
+ *
+ * Called after pScreen->GetImage to prevent pieces or trusted windows from
+ * being returned in image data from an untrusted window.
+ *
+ * Arguments:
+ *	client is the client doing the GetImage.
+ *      pVisibleRegion is the visible region of the window.
+ *	widthBytesLine is the width in bytes of one horizontal line in pBuf.
+ *	pDraw is the source window.
+ *	x, y, w, h is the rectangle of image data from pDraw in pBuf.
+ *	format is the format of the image data in pBuf: ZPixmap or XYPixmap.
+ *	pBuf is the image data.
+ *
+ * Returns: nothing.
+ *
+ * Side Effects:
+ *	Any part of the rectangle (x, y, w, h) that is outside the visible
+ *	region of the window will be destroyed (overwritten) in pBuf.
+ */
+void
+XaceCensorImage(client, pVisibleRegion, widthBytesLine, pDraw, x, y, w, h,
+		format, pBuf)
+    ClientPtr client;
+    RegionPtr pVisibleRegion;
+    long widthBytesLine;
+    DrawablePtr pDraw;
+    int x, y, w, h;
+    unsigned int format;
+    char * pBuf;
+{
+    ScreenPtr pScreen = pDraw->pScreen;
+    RegionRec imageRegion;  /* region representing x,y,w,h */
+    RegionRec censorRegion; /* region to obliterate */
+    BoxRec imageBox;
+    int nRects;
+
+    imageBox.x1 = x;
+    imageBox.y1 = y;
+    imageBox.x2 = x + w;
+    imageBox.y2 = y + h;
+    REGION_INIT(pScreen, &imageRegion, &imageBox, 1);
+    REGION_NULL(pScreen, &censorRegion);
+
+    /* censorRegion = imageRegion - visibleRegion */
+    REGION_SUBTRACT(pScreen, &censorRegion, &imageRegion, pVisibleRegion);
+    nRects = REGION_NUM_RECTS(&censorRegion);
+    if (nRects > 0)
+    { /* we have something to censor */
+	GCPtr pScratchGC = NULL;
+	PixmapPtr pPix = NULL;
+	xRectangle *pRects = NULL;
+	Bool failed = FALSE;
+	int depth = 1;
+	int bitsPerPixel = 1;
+	int i;
+	BoxPtr pBox;
+
+	/* convert region to list-of-rectangles for PolyFillRect */
+
+	pRects = (xRectangle *)ALLOCATE_LOCAL(nRects * sizeof(xRectangle *));
+	if (!pRects)
+	{
+	    failed = TRUE;
+	    goto failSafe;
+	}
+	for (pBox = REGION_RECTS(&censorRegion), i = 0;
+	     i < nRects;
+	     i++, pBox++)
+	{
+	    pRects[i].x = pBox->x1;
+	    pRects[i].y = pBox->y1 - imageBox.y1;
+	    pRects[i].width  = pBox->x2 - pBox->x1;
+	    pRects[i].height = pBox->y2 - pBox->y1;
+	}
+
+	/* use pBuf as a fake pixmap */
+
+	if (format == ZPixmap)
+	{
+	    depth = pDraw->depth;
+	    bitsPerPixel = pDraw->bitsPerPixel;
+	}
+
+	pPix = GetScratchPixmapHeader(pDraw->pScreen, w, h,
+		    depth, bitsPerPixel,
+		    widthBytesLine, (pointer)pBuf);
+	if (!pPix)
+	{
+	    failed = TRUE;
+	    goto failSafe;
+	}
+
+	pScratchGC = GetScratchGC(depth, pPix->drawable.pScreen);
+	if (!pScratchGC)
+	{
+	    failed = TRUE;
+	    goto failSafe;
+	}
+
+	ValidateGC(&pPix->drawable, pScratchGC);
+	(* pScratchGC->ops->PolyFillRect)(&pPix->drawable,
+			    pScratchGC, nRects, pRects);
+
+    failSafe:
+	if (failed)
+	{
+	    /* Censoring was not completed above.  To be safe, wipe out
+	     * all the image data so that nothing trusted gets out.
+	     */
+	    bzero(pBuf, (int)(widthBytesLine * h));
+	}
+	if (pRects)     DEALLOCATE_LOCAL(pRects);
+	if (pScratchGC) FreeScratchGC(pScratchGC);
+	if (pPix)       FreeScratchPixmapHeader(pPix);
+    }
+    REGION_UNINIT(pScreen, &imageRegion);
+    REGION_UNINIT(pScreen, &censorRegion);
+} /* XaceCensorImage */
diff --git a/Xext/xace.h b/Xext/xace.h
new file mode 100644
index 000000000..d7fb0c38d
--- /dev/null
+++ b/Xext/xace.h
@@ -0,0 +1,124 @@
+/************************************************************
+
+Author: Eamon Walsh <ewalsh@epoch.ncsc.mil>
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+this permission notice appear in supporting documentation.  This permission
+notice shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+********************************************************/
+
+#ifndef _XACE_H
+#define _XACE_H
+
+#define XACE_EXTENSION_NAME		"XAccessControlExtension"
+#define XACE_MAJOR_VERSION		1
+#define XACE_MINOR_VERSION		0
+
+#include "pixmap.h"     /* for DrawablePtr */
+#include "regionstr.h"  /* for RegionPtr */
+
+#define XaceNumberEvents		0
+#define XaceNumberErrors		0
+
+/* security state */
+#define XACE_STATE_SLOTS 4
+#define XACE_STATE_INIT(ary) memset(ary, 0, sizeof(ary))
+
+/* security hooks */
+/* Constants used to identify the available security hooks
+ */
+#define XACE_CORE_DISPATCH		0
+#define XACE_EXT_DISPATCH		1
+#define XACE_RESOURCE_ACCESS		2
+#define XACE_DEVICE_ACCESS		3
+#define XACE_PROPERTY_ACCESS		4
+#define XACE_DRAWABLE_ACCESS		5
+#define XACE_MAP_ACCESS			6
+#define XACE_BACKGRND_ACCESS		7
+#define XACE_EXT_ACCESS			8
+#define XACE_HOSTLIST_ACCESS		9
+#define XACE_SITE_POLICY		10
+#define XACE_DECLARE_EXT_SECURE		11
+#define XACE_AUTH_AVAIL			12
+#ifndef LBX
+#define XACE_NUM_HOOKS			13
+#else /* LBX */
+#define XACE_LBX_EXT_ACCESS		13
+#define XACE_DECLARE_LBX_EXT_SECURE	14
+#define XACE_LBX_PROXY_ACCESS		15
+#define XACE_NUM_HOOKS			16
+#endif
+
+extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS];
+
+/* Entry point for hook functions.  Called by Xserver.
+ */
+extern int XaceHook(
+    int /*hook*/,
+    ... /*appropriate args for hook*/
+    ); 
+
+/* Register a callback for a given hook.  Extensions do not
+ * need to register themselves with XACERegisterExtension()
+ * to do this.
+ */
+#define XaceRegisterCallback(hook,callback,data) \
+    AddCallback(XaceHooks+(hook), callback, data)
+
+/* Unregister an existing callback for a given hook.
+ */
+#define XaceDeleteCallback(hook,callback,data) \
+    DeleteCallback(XaceHooks+(hook), callback, data)
+
+
+/* extension registration */
+
+/* Register with the security module, which allows an extension to store
+ * security state.  Pass the name of the calling extension.  Returns the
+ * index number for the state macros or -1 if no more slots are available.
+ */
+extern int XaceRegisterExtension(char *); 
+
+/* Unregister an extension.  Pass the index returned at registration time.
+ */
+extern void XaceUnregisterExtension(int);
+
+/* From the original Security extension...
+ */
+
+/* Hook return codes */
+#define SecurityAllowOperation  0
+#define SecurityIgnoreOperation 1
+#define SecurityErrorOperation  2
+
+/* Proc vectors for untrusted clients, swapped and unswapped versions.
+ * These are the same as the normal proc vectors except that extensions
+ * that haven't declared themselves secure will have ProcBadRequest plugged
+ * in for their major opcode dispatcher.  This prevents untrusted clients
+ * from guessing extension major opcodes and using the extension even though
+ * the extension can't be listed or queried.
+ */
+extern int (*UntrustedProcVector[256])(ClientPtr client);
+extern int (*SwappedUntrustedProcVector[256])(ClientPtr client);
+
+extern void XaceCensorImage(
+    ClientPtr client,
+    RegionPtr pVisibleRegion,
+    long widthBytesLine,
+    DrawablePtr pDraw,
+    int x, int y, int w, int h,
+    unsigned int format,
+    char * pBuf
+    );
+
+#endif /* _XACE_H */
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
new file mode 100644
index 000000000..d460715f9
--- /dev/null
+++ b/Xext/xacestr.h
@@ -0,0 +1,141 @@
+/************************************************************
+
+Author: Eamon Walsh <ewalsh@epoch.ncsc.mil>
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+this permission notice appear in supporting documentation.  This permission
+notice shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+********************************************************/
+
+#ifndef _XACESTR_H
+#define _XACESTR_H
+
+#include <X11/Xdefs.h>
+#include "dixstruct.h"
+#include "resource.h"
+#include "extnsionst.h"
+#include "gcstruct.h"
+#include "windowstr.h"
+#include "inputstr.h"
+#include "xace.h"
+#ifdef LBX
+#include "lbxserve.h"  /* for LbxExtensionEntry */
+#endif
+
+/* XACE_CORE_DISPATCH */
+typedef struct {
+    ClientPtr client;
+    int rval;
+} XaceCoreDispatchRec;
+
+/* XACE_RESOURCE_ACCESS */
+/* XACE_RESOURCE_CREATE */
+typedef struct {
+    ClientPtr client;
+    XID id;
+    RESTYPE rtype;
+    Mask access_mode;
+    pointer res;
+    int rval;
+} XaceResourceAccessRec;
+
+/* XACE_DEVICE_ACCESS */
+typedef struct {
+    ClientPtr client;
+    DeviceIntPtr dev;
+    Bool fromRequest;
+    int rval;
+} XaceDeviceAccessRec;
+
+/* XACE_PROPERTY_ACCESS */
+typedef struct {
+    ClientPtr client;
+    WindowPtr pWin;
+    Atom propertyName;
+    Mask access_mode;
+    int rval;
+} XacePropertyAccessRec;
+
+/* XACE_DRAWABLE_ACCESS */
+typedef struct {
+    ClientPtr client;
+    DrawablePtr pDraw;
+    int rval;
+} XaceDrawableAccessRec;
+
+/* XACE_MAP_ACCESS */
+/* XACE_BACKGRND_ACCESS */
+typedef struct {
+    ClientPtr client;
+    WindowPtr pWin;
+    int rval;
+} XaceMapAccessRec;
+
+/* XACE_EXT_DISPATCH_ACCESS */
+/* XACE_EXT_ACCESS */
+typedef struct {
+    ClientPtr client;
+    ExtensionEntry *ext;
+    int rval;
+} XaceExtAccessRec;
+
+/* XACE_HOSTLIST_ACCESS */
+typedef struct {
+    ClientPtr client;
+    Mask access_mode;
+    int rval;
+} XaceHostlistAccessRec;
+
+/* XACE_SITE_POLICY */
+typedef struct {
+    char *policyString;
+    int len;
+    int rval;
+} XaceSitePolicyRec;
+
+/* XACE_DECLARE_EXT_SECURE */
+typedef struct {
+    ExtensionEntry *ext;
+    Bool secure;
+} XaceDeclareExtSecureRec;
+
+/* XACE_AUTH_AVAIL */
+typedef struct {
+    ClientPtr client;
+    XID authId;
+} XaceAuthAvailRec;
+
+#ifdef LBX
+/* XACE_LBX_EXT_ACCESS */
+typedef struct {
+    ClientPtr client;
+    LbxExtensionEntry *ext;
+    int rval;
+} XaceLbxExtAccessRec;
+
+/* XACE_DECLARE_LBX_EXT_SECURE */
+typedef struct {
+    LbxExtensionEntry *ext;
+    Bool secure;
+} XaceDeclareLbxExtSecureRec;
+
+/* XACE_LBX_PROXY_ACCESS */
+typedef struct {
+    ClientPtr client;
+    XID authId;
+    int rval;
+} XaceLbxProxyAccessRec;
+
+#endif  /* LBX */
+
+#endif /* _XACESTR_H */