getauth.c revision 266e564d
1266e564dSmrg/* $Xorg: getauth.c,v 1.4 2001/02/09 02:03:26 xorgcvs Exp $ */ 2266e564dSmrg/****************************************************************************** 3266e564dSmrg 4266e564dSmrg 5266e564dSmrgCopyright 1993, 1998 The Open Group 6266e564dSmrg 7266e564dSmrgPermission to use, copy, modify, distribute, and sell this software and its 8266e564dSmrgdocumentation for any purpose is hereby granted without fee, provided that 9266e564dSmrgthe above copyright notice appear in all copies and that both that 10266e564dSmrgcopyright notice and this permission notice appear in supporting 11266e564dSmrgdocumentation. 12266e564dSmrg 13266e564dSmrgThe above copyright notice and this permission notice shall be included in 14266e564dSmrgall copies or substantial portions of the Software. 15266e564dSmrg 16266e564dSmrgTHE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17266e564dSmrgIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18266e564dSmrgFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19266e564dSmrgOPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN 20266e564dSmrgAN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21266e564dSmrgCONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 22266e564dSmrg 23266e564dSmrgExcept as contained in this notice, the name of The Open Group shall not be 24266e564dSmrgused in advertising or otherwise to promote the sale, use or other dealings 25266e564dSmrgin this Software without prior written authorization from The Open Group. 26266e564dSmrg 27266e564dSmrgAuthor: Ralph Mor, X Consortium 28266e564dSmrg******************************************************************************/ 29266e564dSmrg/* $XFree86: xc/lib/ICE/getauth.c,v 1.2 2001/10/28 03:32:28 tsi Exp $ */ 30266e564dSmrg 31266e564dSmrg#ifdef HAVE_CONFIG_H 32266e564dSmrg#include <config.h> 33266e564dSmrg#endif 34266e564dSmrg#include <X11/ICE/ICElib.h> 35266e564dSmrg#include "ICElibint.h" 36266e564dSmrg#include <X11/ICE/ICEutil.h> 37266e564dSmrg 38266e564dSmrgstatic Bool auth_valid (const char *auth_name, int num_auth_names, 39266e564dSmrg char **auth_names, int *index_ret); 40266e564dSmrg 41266e564dSmrgextern int _IcePaAuthDataEntryCount; 42266e564dSmrgextern IceAuthDataEntry _IcePaAuthDataEntries[]; 43266e564dSmrg 44266e564dSmrg 45266e564dSmrg/* 46266e564dSmrg * The functions in this file are not a standard part of ICElib. 47266e564dSmrg * 48266e564dSmrg * The sample implementation uses an .ICEauthority to manipulate 49266e564dSmrg * authentication data. 50266e564dSmrg * 51266e564dSmrg * For the client that initiates a Protocol Setup, we look in the 52266e564dSmrg * .ICEauthority file to get the data. 53266e564dSmrg * 54266e564dSmrg * For the client accepting the Protocol Setup, we get the data 55266e564dSmrg * from an in-memory database of authentication data (set by the 56266e564dSmrg * application calling IceSetPaAuthData). We have to get the data 57266e564dSmrg * from memory because getting it directly from the .ICEauthority 58266e564dSmrg * file is not secure - someone can just modify the contents of the 59266e564dSmrg * .ICEauthority file behind our back. 60266e564dSmrg */ 61266e564dSmrg 62266e564dSmrgvoid 63266e564dSmrg_IceGetPoAuthData (protocolName, networkId, authName, 64266e564dSmrg authDataLenRet, authDataRet) 65266e564dSmrg 66266e564dSmrgchar *protocolName; 67266e564dSmrgchar *networkId; 68266e564dSmrgchar *authName; 69266e564dSmrgunsigned short *authDataLenRet; 70266e564dSmrgchar **authDataRet; 71266e564dSmrg 72266e564dSmrg{ 73266e564dSmrg IceAuthFileEntry *entry; 74266e564dSmrg 75266e564dSmrg entry = IceGetAuthFileEntry (protocolName, networkId, authName); 76266e564dSmrg 77266e564dSmrg if (entry) 78266e564dSmrg { 79266e564dSmrg *authDataLenRet = entry->auth_data_length; 80266e564dSmrg 81266e564dSmrg if ((*authDataRet = (char *) malloc (entry->auth_data_length)) != NULL) 82266e564dSmrg memcpy (*authDataRet, entry->auth_data, entry->auth_data_length); 83266e564dSmrg } 84266e564dSmrg else 85266e564dSmrg { 86266e564dSmrg *authDataLenRet = 0; 87266e564dSmrg *authDataRet = NULL; 88266e564dSmrg } 89266e564dSmrg 90266e564dSmrg IceFreeAuthFileEntry (entry); 91266e564dSmrg} 92266e564dSmrg 93266e564dSmrg 94266e564dSmrg 95266e564dSmrgvoid 96266e564dSmrg_IceGetPaAuthData (protocolName, networkId, authName, 97266e564dSmrg authDataLenRet, authDataRet) 98266e564dSmrg 99266e564dSmrgchar *protocolName; 100266e564dSmrgchar *networkId; 101266e564dSmrgchar *authName; 102266e564dSmrgunsigned short *authDataLenRet; 103266e564dSmrgchar **authDataRet; 104266e564dSmrg 105266e564dSmrg{ 106266e564dSmrg IceAuthDataEntry *entry = NULL; 107266e564dSmrg int found = 0; 108266e564dSmrg int i; 109266e564dSmrg 110266e564dSmrg for (i = 0; i < _IcePaAuthDataEntryCount && !found; i++) 111266e564dSmrg { 112266e564dSmrg entry = &_IcePaAuthDataEntries[i]; 113266e564dSmrg 114266e564dSmrg found = 115266e564dSmrg strcmp (protocolName, entry->protocol_name) == 0 && 116266e564dSmrg strcmp (networkId, entry->network_id) == 0 && 117266e564dSmrg strcmp (authName, entry->auth_name) == 0; 118266e564dSmrg } 119266e564dSmrg 120266e564dSmrg if (found) 121266e564dSmrg { 122266e564dSmrg *authDataLenRet = entry->auth_data_length; 123266e564dSmrg 124266e564dSmrg if ((*authDataRet = (char *) malloc (entry->auth_data_length)) != NULL) 125266e564dSmrg memcpy (*authDataRet, entry->auth_data, entry->auth_data_length); 126266e564dSmrg } 127266e564dSmrg else 128266e564dSmrg { 129266e564dSmrg *authDataLenRet = 0; 130266e564dSmrg *authDataRet = NULL; 131266e564dSmrg } 132266e564dSmrg} 133266e564dSmrg 134266e564dSmrg 135266e564dSmrg 136266e564dSmrgvoid 137266e564dSmrg_IceGetPoValidAuthIndices (protocol_name, network_id, 138266e564dSmrg num_auth_names, auth_names, num_indices_ret, indices_ret) 139266e564dSmrg 140266e564dSmrgchar *protocol_name; 141266e564dSmrgchar *network_id; 142266e564dSmrgint num_auth_names; 143266e564dSmrgchar **auth_names; 144266e564dSmrgint *num_indices_ret; 145266e564dSmrgint *indices_ret; /* in/out arg */ 146266e564dSmrg 147266e564dSmrg{ 148266e564dSmrg FILE *auth_file; 149266e564dSmrg char *filename; 150266e564dSmrg IceAuthFileEntry *entry; 151266e564dSmrg int index_ret, i; 152266e564dSmrg 153266e564dSmrg *num_indices_ret = 0; 154266e564dSmrg 155266e564dSmrg if (!(filename = IceAuthFileName ())) 156266e564dSmrg return; 157266e564dSmrg 158266e564dSmrg if (access (filename, R_OK) != 0) /* checks REAL id */ 159266e564dSmrg return; 160266e564dSmrg 161266e564dSmrg if (!(auth_file = fopen (filename, "rb"))) 162266e564dSmrg return; 163266e564dSmrg 164266e564dSmrg for (;;) 165266e564dSmrg { 166266e564dSmrg if (!(entry = IceReadAuthFileEntry (auth_file))) 167266e564dSmrg break; 168266e564dSmrg 169266e564dSmrg if (strcmp (protocol_name, entry->protocol_name) == 0 && 170266e564dSmrg strcmp (network_id, entry->network_id) == 0 && 171266e564dSmrg auth_valid (entry->auth_name, num_auth_names, 172266e564dSmrg auth_names, &index_ret)) 173266e564dSmrg { 174266e564dSmrg /* 175266e564dSmrg * Make sure we didn't store this index already. 176266e564dSmrg */ 177266e564dSmrg 178266e564dSmrg for (i = 0; i < *num_indices_ret; i++) 179266e564dSmrg if (index_ret == indices_ret[i]) 180266e564dSmrg break; 181266e564dSmrg 182266e564dSmrg if (i >= *num_indices_ret) 183266e564dSmrg { 184266e564dSmrg indices_ret[*num_indices_ret] = index_ret; 185266e564dSmrg *num_indices_ret += 1; 186266e564dSmrg } 187266e564dSmrg } 188266e564dSmrg 189266e564dSmrg IceFreeAuthFileEntry (entry); 190266e564dSmrg } 191266e564dSmrg 192266e564dSmrg fclose (auth_file); 193266e564dSmrg} 194266e564dSmrg 195266e564dSmrg 196266e564dSmrg 197266e564dSmrgvoid 198266e564dSmrg_IceGetPaValidAuthIndices (protocol_name, network_id, 199266e564dSmrg num_auth_names, auth_names, num_indices_ret, indices_ret) 200266e564dSmrg 201266e564dSmrgchar *protocol_name; 202266e564dSmrgchar *network_id; 203266e564dSmrgint num_auth_names; 204266e564dSmrgchar **auth_names; 205266e564dSmrgint *num_indices_ret; 206266e564dSmrgint *indices_ret; /* in/out arg */ 207266e564dSmrg 208266e564dSmrg{ 209266e564dSmrg int index_ret; 210266e564dSmrg int i, j; 211266e564dSmrg IceAuthDataEntry *entry; 212266e564dSmrg 213266e564dSmrg *num_indices_ret = 0; 214266e564dSmrg 215266e564dSmrg for (i = 0; i < _IcePaAuthDataEntryCount; i++) 216266e564dSmrg { 217266e564dSmrg entry = &_IcePaAuthDataEntries[i]; 218266e564dSmrg 219266e564dSmrg if (strcmp (protocol_name, entry->protocol_name) == 0 && 220266e564dSmrg strcmp (network_id, entry->network_id) == 0 && 221266e564dSmrg auth_valid (entry->auth_name, num_auth_names, 222266e564dSmrg auth_names, &index_ret)) 223266e564dSmrg { 224266e564dSmrg /* 225266e564dSmrg * Make sure we didn't store this index already. 226266e564dSmrg */ 227266e564dSmrg 228266e564dSmrg for (j = 0; j < *num_indices_ret; j++) 229266e564dSmrg if (index_ret == indices_ret[j]) 230266e564dSmrg break; 231266e564dSmrg 232266e564dSmrg if (j >= *num_indices_ret) 233266e564dSmrg { 234266e564dSmrg indices_ret[*num_indices_ret] = index_ret; 235266e564dSmrg *num_indices_ret += 1; 236266e564dSmrg } 237266e564dSmrg } 238266e564dSmrg } 239266e564dSmrg} 240266e564dSmrg 241266e564dSmrg 242266e564dSmrg 243266e564dSmrg/* 244266e564dSmrg * local routines 245266e564dSmrg */ 246266e564dSmrg 247266e564dSmrgstatic Bool 248266e564dSmrgauth_valid (const char *auth_name, int num_auth_names, 249266e564dSmrg char **auth_names, int *index_ret) 250266e564dSmrg 251266e564dSmrg{ 252266e564dSmrg /* 253266e564dSmrg * Check if auth_name is in auth_names. Return index. 254266e564dSmrg */ 255266e564dSmrg 256266e564dSmrg int i; 257266e564dSmrg 258266e564dSmrg for (i = 0; i < num_auth_names; i++) 259266e564dSmrg if (strcmp (auth_name, auth_names[i]) == 0) 260266e564dSmrg { 261266e564dSmrg break; 262266e564dSmrg } 263266e564dSmrg 264266e564dSmrg if (i < num_auth_names) 265266e564dSmrg { 266266e564dSmrg *index_ret = i; 267266e564dSmrg return (1); 268266e564dSmrg } 269266e564dSmrg else 270266e564dSmrg return (0); 271266e564dSmrg} 272