Home | History | Annotate | Line # | Download | only in src
      1 /******************************************************************************
      2 
      3 
      4 Copyright 1993, 1998  The Open Group
      5 
      6 Permission to use, copy, modify, distribute, and sell this software and its
      7 documentation for any purpose is hereby granted without fee, provided that
      8 the above copyright notice appear in all copies and that both that
      9 copyright notice and this permission notice appear in supporting
     10 documentation.
     11 
     12 The above copyright notice and this permission notice shall be included in
     13 all copies or substantial portions of the Software.
     14 
     15 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     16 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     17 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
     18 OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
     19 AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
     20 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     21 
     22 Except as contained in this notice, the name of The Open Group shall not be
     23 used in advertising or otherwise to promote the sale, use or other dealings
     24 in this Software without prior written authorization from The Open Group.
     25 
     26 Author: Ralph Mor, X Consortium
     27 ******************************************************************************/
     28 
     29 #ifdef HAVE_CONFIG_H
     30 #include <config.h>
     31 #endif
     32 #include <X11/ICE/ICElib.h>
     33 #include "ICElibint.h"
     34 
     35 static Bool auth_valid (const char *auth_name, int num_auth_names,
     36 			const char **auth_names, int *index_ret);
     37 
     38 
     39 /*
     40  * The functions in this file are not a standard part of ICElib.
     41  *
     42  * The sample implementation uses an .ICEauthority to manipulate
     43  * authentication data.
     44  *
     45  * For the client that initiates a Protocol Setup, we look in the
     46  * .ICEauthority file to get the data.
     47  *
     48  * For the client accepting the Protocol Setup, we get the data
     49  * from an in-memory database of authentication data (set by the
     50  * application calling IceSetPaAuthData).  We have to get the data
     51  * from memory because getting it directly from the .ICEauthority
     52  * file is not secure - someone can just modify the contents of the
     53  * .ICEauthority file behind our back.
     54  */
     55 
     56 void
     57 _IceGetPoAuthData (
     58 	const char	*protocolName,
     59 	const char	*networkId,
     60 	const char	*authName,
     61 	unsigned short	*authDataLenRet,
     62 	char		**authDataRet
     63 )
     64 {
     65     IceAuthFileEntry    *entry;
     66 
     67     entry = IceGetAuthFileEntry (protocolName, networkId, authName);
     68 
     69     if (entry)
     70     {
     71 	*authDataLenRet = entry->auth_data_length;
     72 
     73 	if ((*authDataRet = malloc (entry->auth_data_length)) != NULL)
     74 	    memcpy (*authDataRet, entry->auth_data, entry->auth_data_length);
     75     }
     76     else
     77     {
     78 	*authDataLenRet = 0;
     79 	*authDataRet = NULL;
     80     }
     81 
     82     IceFreeAuthFileEntry (entry);
     83 }
     84 
     85 
     86 
     87 void
     88 _IceGetPaAuthData (
     89 	const char	*protocolName,
     90 	const char	*networkId,
     91 	const char	*authName,
     92 	unsigned short	*authDataLenRet,
     93 	char		**authDataRet
     94 )
     95 {
     96     IceAuthDataEntry	*entry = NULL;
     97     int			found = 0;
     98     int			i;
     99 
    100     for (i = 0; i < _IcePaAuthDataEntryCount && !found; i++)
    101     {
    102 	entry = &_IcePaAuthDataEntries[i];
    103 
    104 	found =
    105 	    strcmp (protocolName, entry->protocol_name) == 0 &&
    106             strcmp (networkId, entry->network_id) == 0 &&
    107             strcmp (authName, entry->auth_name) == 0;
    108     }
    109 
    110     if (found)
    111     {
    112 	*authDataLenRet = entry->auth_data_length;
    113 
    114 	if ((*authDataRet = malloc (entry->auth_data_length)) != NULL)
    115 	    memcpy (*authDataRet, entry->auth_data, entry->auth_data_length);
    116     }
    117     else
    118     {
    119 	*authDataLenRet = 0;
    120 	*authDataRet = NULL;
    121     }
    122 }
    123 
    124 
    125 
    126 void
    127 _IceGetPoValidAuthIndices (
    128 	const char	*protocol_name,
    129 	const char	*network_id,
    130 	int		num_auth_names,
    131 	const char	**auth_names,
    132 	int		*num_indices_ret,
    133 	int		*indices_ret		/* in/out arg */
    134 )
    135 {
    136     FILE    		*auth_file;
    137     char    		*filename;
    138     IceAuthFileEntry    *entry;
    139     int			index_ret, i;
    140 
    141     *num_indices_ret = 0;
    142 
    143     if (!(filename = IceAuthFileName ()))
    144 	return;
    145 
    146     if (access (filename, R_OK) != 0)		/* checks REAL id */
    147 	return;
    148 
    149     if (!(auth_file = fopen (filename, "rb" FOPEN_CLOEXEC)))
    150 	return;
    151 
    152     for (;;)
    153     {
    154 	if (!(entry = IceReadAuthFileEntry (auth_file)))
    155 	    break;
    156 
    157 	if (strcmp (protocol_name, entry->protocol_name) == 0 &&
    158 	    strcmp (network_id, entry->network_id) == 0 &&
    159 	    auth_valid (entry->auth_name, num_auth_names,
    160 	    auth_names, &index_ret))
    161 	{
    162 	    /*
    163 	     * Make sure we didn't store this index already.
    164 	     */
    165 
    166 	    for (i = 0; i < *num_indices_ret; i++)
    167 		if (index_ret == indices_ret[i])
    168 		    break;
    169 
    170 	    if (i >= *num_indices_ret)
    171 	    {
    172 		indices_ret[*num_indices_ret] = index_ret;
    173 		*num_indices_ret += 1;
    174 	    }
    175 	}
    176 
    177 	IceFreeAuthFileEntry (entry);
    178     }
    179 
    180     fclose (auth_file);
    181 }
    182 
    183 
    184 
    185 void
    186 _IceGetPaValidAuthIndices (
    187 	const char	*protocol_name,
    188 	const char	*network_id,
    189 	int		num_auth_names,
    190 	const char	**auth_names,
    191 	int		*num_indices_ret,
    192 	int		*indices_ret		/* in/out arg */
    193 )
    194 {
    195     int			index_ret;
    196     int			i, j;
    197     IceAuthDataEntry	*entry;
    198 
    199     *num_indices_ret = 0;
    200 
    201     for (i = 0;	i < _IcePaAuthDataEntryCount; i++)
    202     {
    203 	entry = &_IcePaAuthDataEntries[i];
    204 
    205 	if (strcmp (protocol_name, entry->protocol_name) == 0 &&
    206             strcmp (network_id, entry->network_id) == 0 &&
    207 	    auth_valid (entry->auth_name, num_auth_names,
    208 	    auth_names, &index_ret))
    209 	{
    210 	    /*
    211 	     * Make sure we didn't store this index already.
    212 	     */
    213 
    214 	    for (j = 0; j < *num_indices_ret; j++)
    215 		if (index_ret == indices_ret[j])
    216 		    break;
    217 
    218 	    if (j >= *num_indices_ret)
    219 	    {
    220 		indices_ret[*num_indices_ret] = index_ret;
    221 		*num_indices_ret += 1;
    222 	    }
    223 	}
    224     }
    225 }
    226 
    227 
    228 
    229 /*
    230  * local routines
    231  */
    232 
    233 static Bool
    234 auth_valid (const char *auth_name, int num_auth_names,
    235 	    const char **auth_names, int *index_ret)
    236 
    237 {
    238     /*
    239      * Check if auth_name is in auth_names.  Return index.
    240      */
    241 
    242     int i;
    243 
    244     for (i = 0; i < num_auth_names; i++)
    245 	if (strcmp (auth_name, auth_names[i]) == 0)
    246 	{
    247 	    break;
    248 	}
    249 
    250     if (i < num_auth_names)
    251     {
    252 	*index_ret = i;
    253 	return (1);
    254     }
    255     else
    256 	return (0);
    257 }
    258