diff options
Diffstat (limited to 'os')
| -rw-r--r-- | os/Makefile.am | 7 | ||||
| -rw-r--r-- | os/WaitFor.c | 4 | ||||
| -rw-r--r-- | os/access.c | 32 | ||||
| -rw-r--r-- | os/auth.c | 11 | ||||
| -rw-r--r-- | os/connection.c | 20 | ||||
| -rw-r--r-- | os/osdep.h | 3 | ||||
| -rw-r--r-- | os/secauth.c | 202 | ||||
| -rw-r--r-- | os/utils.c | 12 |
8 files changed, 30 insertions, 261 deletions
diff --git a/os/Makefile.am b/os/Makefile.am index 8ed12e47a..a11982421 100644 --- a/os/Makefile.am +++ b/os/Makefile.am @@ -3,7 +3,6 @@ noinst_LTLIBRARIES = libos.la libcwrapper.la AM_CFLAGS = $(DIX_CFLAGS) SECURERPC_SRCS = rpcauth.c -XCSECURITY_SRCS = secauth.c XDMCP_SRCS = xdmcp.c STRLCAT_SRCS = strlcat.c strlcpy.c XORG_SRCS = log.c @@ -29,10 +28,6 @@ if SECURE_RPC libos_la_SOURCES += $(SECURERPC_SRCS) endif -if XCSECURITY -libos_la_SOURCES += $(XCSECURITY_SRCS) -endif - if XDMCP libos_la_SOURCES += $(XDMCP_SRCS) endif @@ -49,7 +44,7 @@ libcwrapper_la_CFLAGS = \ $(AM_CFLAGS) EXTRA_DIST = $(SECURERPC_SRCS) $(INTERNALMALLOC_SRCS) \ - $(XCSECURITY_SRCS) $(XDMCP_SRCS) $(STRLCAT_SRCS) + $(XDMCP_SRCS) $(STRLCAT_SRCS) if XSERVER_DTRACE # Generate dtrace object code for probes in libos & libdix diff --git a/os/WaitFor.c b/os/WaitFor.c index 7683477e6..cfba251b0 100644 --- a/os/WaitFor.c +++ b/os/WaitFor.c @@ -578,7 +578,7 @@ TimerInit(void) #define DPMS_CHECK_MODE(mode,time)\ if (time > 0 && DPMSPowerLevel < mode && timeout >= time)\ - DPMSSet(mode); + DPMSSet(serverClient, mode); #define DPMS_CHECK_TIMEOUT(time)\ if (time > 0 && (time - timeout) > 0)\ @@ -647,7 +647,7 @@ ScreenSaverTimeoutExpire(OsTimerPtr timer,CARD32 now,pointer arg) } ResetOsBuffers(); /* not ideal, but better than nothing */ - SaveScreens(SCREEN_SAVER_ON, ScreenSaverActive); + dixSaveScreens(serverClient, SCREEN_SAVER_ON, ScreenSaverActive); if (ScreenSaverInterval > 0) { diff --git a/os/access.c b/os/access.c index b0f63edc2..e91dd37e4 100644 --- a/os/access.c +++ b/os/access.c @@ -1521,17 +1521,20 @@ FreeLocalClientCreds(LocalClientCredRec *lcc) } } -static Bool +static int AuthorizedClient(ClientPtr client) { + int rc; + if (!client || defeatAccessControl) - return TRUE; + return Success; /* untrusted clients can't change host access */ - if (!XaceHook(XACE_HOSTLIST_ACCESS, client, DixWriteAccess)) - return FALSE; + rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess); + if (rc != Success) + return rc; - return LocalClient(client); + return LocalClient(client) ? Success : BadAccess; } /* Add a host to the access control list. This is the external interface @@ -1543,10 +1546,11 @@ AddHost (ClientPtr client, unsigned length, /* of bytes in pAddr */ pointer pAddr) { - int len; + int rc, len; - if (!AuthorizedClient(client)) - return(BadAccess); + rc = AuthorizedClient(client); + if (rc != Success) + return rc; switch (family) { case FamilyLocalHost: len = length; @@ -1640,11 +1644,12 @@ RemoveHost ( unsigned length, /* of bytes in pAddr */ pointer pAddr) { - int len; + int rc, len; register HOST *host, **prev; - if (!AuthorizedClient(client)) - return(BadAccess); + rc = AuthorizedClient(client); + if (rc != Success) + return rc; switch (family) { case FamilyLocalHost: len = length; @@ -1901,8 +1906,9 @@ ChangeAccessControl( ClientPtr client, int fEnabled) { - if (!AuthorizedClient(client)) - return BadAccess; + int rc = AuthorizedClient(client); + if (rc != Success) + return rc; AccessEnabled = fEnabled; return Success; } @@ -42,9 +42,6 @@ from The Open Group. # include "dixstruct.h" # include <sys/types.h> # include <sys/stat.h> -#ifdef XCSECURITY -# include "securitysrv.h" -#endif #ifdef WIN32 #include <X11/Xw32defs.h> #endif @@ -89,14 +86,6 @@ static struct protocol protocols[] = { #endif }, #endif -#ifdef XCSECURITY -{ (unsigned short) XSecurityAuthorizationNameLen, - XSecurityAuthorizationName, - NULL, AuthSecurityCheck, NULL, - NULL, NULL, NULL, - NULL -}, -#endif }; # define NUM_AUTHORIZATION (sizeof (protocols) /\ diff --git a/os/connection.c b/os/connection.c index 860404f6c..e0bc18a3c 100644 --- a/os/connection.c +++ b/os/connection.c @@ -143,9 +143,6 @@ SOFTWARE. #include "appgroup.h" #endif #include "xace.h" -#ifdef XCSECURITY -#include "securitysrv.h" -#endif #ifdef X_NOT_POSIX #define Pid_t int @@ -719,13 +716,7 @@ ClientAuthorized(ClientPtr client, if (auth_id == (XID) ~0L) { - if ( -#ifdef XCSECURITY - (proto_n == 0 || - strncmp (auth_proto, XSecurityAuthorizationName, proto_n) != 0) && -#endif - _XSERVTransGetPeerAddr (trans_conn, - &family, &fromlen, &from) != -1) + if (_XSERVTransGetPeerAddr(trans_conn, &family, &fromlen, &from) != -1) { if (InvalidHost ((struct sockaddr *) from, fromlen, client)) AuthAudit(client, FALSE, (struct sockaddr *) from, @@ -1141,11 +1132,15 @@ RemoveEnabledDevice(int fd) * This routine is "undone" by ListenToAllClients() *****************/ -void +int OnlyListenToOneClient(ClientPtr client) { OsCommPtr oc = (OsCommPtr)client->osPrivate; - int connection = oc->fd; + int rc, connection = oc->fd; + + rc = XaceHook(XACE_SERVER_ACCESS, client, DixGrabAccess); + if (rc != Success) + return rc; if (! GrabInProgress) { @@ -1166,6 +1161,7 @@ OnlyListenToOneClient(ClientPtr client) XFD_ORSET(&AllSockets, &AllSockets, &AllClients); GrabInProgress = client->index; } + return rc; } /**************** diff --git a/os/osdep.h b/os/osdep.h index 2d455aa67..b6894c146 100644 --- a/os/osdep.h +++ b/os/osdep.h @@ -257,9 +257,6 @@ extern int SecureRPCRemove (AuthRemCArgs); extern int SecureRPCReset (AuthRstCArgs); #endif -/* in secauth.c */ -extern XID AuthSecurityCheck (AuthCheckArgs); - /* in xdmcp.c */ extern void XdmcpUseMsg (void); extern int XdmcpOptions(int argc, char **argv, int i); diff --git a/os/secauth.c b/os/secauth.c deleted file mode 100644 index d01879bfd..000000000 --- a/os/secauth.c +++ /dev/null @@ -1,202 +0,0 @@ -/* -Copyright 1996, 1998 The Open Group - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -the above copyright notice appear in all copies and that both that -copyright notice and this permission notice appear in supporting -documentation. - -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR -OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of The Open Group shall -not be used in advertising or otherwise to promote the sale, use or -other dealings in this Software without prior written authorization -from The Open Group. -*/ - -#ifdef HAVE_DIX_CONFIG_H -#include <dix-config.h> -#endif - -#include <X11/X.h> -#include "os.h" -#include "osdep.h" -#include "dixstruct.h" -#include "swaprep.h" - -#ifdef XCSECURITY -#include "securitysrv.h" -#endif - -static char InvalidPolicyReason[] = "invalid policy specification"; -static char PolicyViolationReason[] = "policy violation"; - -static Bool -AuthCheckSitePolicy( - unsigned short *data_lengthP, - char **dataP, - ClientPtr client, - char **reason) -{ - CARD8 *policy = *(CARD8 **)dataP; - int length; - Bool permit; - int nPolicies; - char **sitePolicies; - int nSitePolicies; - Bool found = FALSE; - - if ((length = *data_lengthP) < 2) { - *reason = InvalidPolicyReason; - return FALSE; - } - - permit = (*policy++ == 0); - nPolicies = (CARD8) *policy++; - - length -= 2; - - sitePolicies = SecurityGetSitePolicyStrings(&nSitePolicies); - - while (nPolicies) { - int strLen, sitePolicy; - - if (length == 0) { - *reason = InvalidPolicyReason; - return FALSE; - } - - strLen = (CARD8) *policy++; - if (--length < strLen) { - *reason = InvalidPolicyReason; - return FALSE; - } - - if (!found) - { - for (sitePolicy = 0; sitePolicy < nSitePolicies; sitePolicy++) - { - char *testPolicy = sitePolicies[sitePolicy]; - if ((strLen == strlen(testPolicy)) && - (strncmp((char *)policy, testPolicy, strLen) == 0)) - { - found = TRUE; /* need to continue parsing the policy... */ - break; - } - } - } - - policy += strLen; - length -= strLen; - nPolicies--; - } - - if (found != permit) - { - *reason = PolicyViolationReason; - return FALSE; - } - - *data_lengthP = length; - *dataP = (char *)policy; - return TRUE; -} - -XID -AuthSecurityCheck ( - unsigned short data_length, - char *data, - ClientPtr client, - char **reason) -{ -#ifdef XCSECURITY - xConnSetupPrefix csp; - xReq freq; - - if (client->clientState == ClientStateCheckedSecurity) - { - *reason = "repeated security check not permitted"; - return (XID) -1; - } - else if (data_length > 0) - { - char policy_mask = *data++; - - if (--data_length == 1) { - *reason = InvalidPolicyReason; - return (XID) -1; - } - - if (policy_mask & 0x01) /* Extensions policy */ - { - /* AuthCheckExtensionPolicy(&data_length, &data, client, reason) */ - *reason = "security policy not implemented"; - return (XID) -1; - } - - if (policy_mask & 0x02) /* Site policy */ - { - if (!AuthCheckSitePolicy(&data_length, &data, client, reason)) - return (XID) -1; - } - - if (data_length > 0) { /* did we consume the whole policy? */ - *reason = InvalidPolicyReason; - return (XID) -1; - } - - } - else if (!GetAccessControl()) - { - /* - * The client - possibly the X FireWall Proxy - gave - * no auth data and host-based authorization is turned - * off. In this case, the client should be denied - * access to the X server. - */ - *reason = "server host access control is disabled"; - return (XID) -1; - } - - client->clientState = ClientStateCheckingSecurity; - - csp.success = 2 /* Authenticate */; - csp.lengthReason = 0; - csp.length = 0; - csp.majorVersion = X_PROTOCOL; - csp.minorVersion = X_PROTOCOL_REVISION; - if (client->swapped) - WriteSConnSetupPrefix(client, &csp); - else - (void)WriteToClient(client, sz_xConnSetupPrefix, (char *) &csp); - - /* - * Next time the client sends the real auth data, we want - * ProcEstablishConnection to be called. - */ - - freq.reqType = 1; - freq.length = (sz_xReq + sz_xConnClientPrefix) >> 2; - client->swapped = FALSE; - if (!InsertFakeRequest(client, (char *)&freq, sz_xReq)) - { - *reason = "internal error"; - return (XID) -1; - } - - return (XID) 0; -#else - *reason = "method not supported"; - return (XID) -1; -#endif -} diff --git a/os/utils.c b/os/utils.c index d46a756f2..22f9541f5 100644 --- a/os/utils.c +++ b/os/utils.c @@ -123,9 +123,6 @@ OR PERFORMANCE OF THIS SOFTWARE. #ifdef XKB #include <xkbsrv.h> #endif -#ifdef XCSECURITY -#include "securitysrv.h" -#endif #ifdef RENDER #include "picture.h" @@ -621,9 +618,6 @@ void UseMsg(void) ErrorF("-render [default|mono|gray|color] set render color alloc policy\n"); #endif ErrorF("-s # screen-saver timeout (minutes)\n"); -#ifdef XCSECURITY - ErrorF("-sp file security policy file\n"); -#endif #ifdef XPRINT PrinterUseMsg(); #endif @@ -1044,12 +1038,6 @@ ProcessCommandLine(int argc, char *argv[]) i = skip - 1; } #endif -#ifdef XCSECURITY - else if ((skip = XSecurityOptions(argc, argv, i)) != i) - { - i = skip - 1; - } -#endif #ifdef AIXV3 else if ( strcmp( argv[i], "-timeout") == 0) { |