getauth.c revision c5629e66
1266e564dSmrg/* $Xorg: getauth.c,v 1.4 2001/02/09 02:03:26 xorgcvs Exp $ */ 2266e564dSmrg/****************************************************************************** 3266e564dSmrg 4266e564dSmrg 5266e564dSmrgCopyright 1993, 1998 The Open Group 6266e564dSmrg 7266e564dSmrgPermission to use, copy, modify, distribute, and sell this software and its 8266e564dSmrgdocumentation for any purpose is hereby granted without fee, provided that 9266e564dSmrgthe above copyright notice appear in all copies and that both that 10266e564dSmrgcopyright notice and this permission notice appear in supporting 11266e564dSmrgdocumentation. 12266e564dSmrg 13266e564dSmrgThe above copyright notice and this permission notice shall be included in 14266e564dSmrgall copies or substantial portions of the Software. 15266e564dSmrg 16266e564dSmrgTHE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17266e564dSmrgIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18266e564dSmrgFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19266e564dSmrgOPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN 20266e564dSmrgAN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21266e564dSmrgCONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 22266e564dSmrg 23266e564dSmrgExcept as contained in this notice, the name of The Open Group shall not be 24266e564dSmrgused in advertising or otherwise to promote the sale, use or other dealings 25266e564dSmrgin this Software without prior written authorization from The Open Group. 26266e564dSmrg 27266e564dSmrgAuthor: Ralph Mor, X Consortium 28266e564dSmrg******************************************************************************/ 29266e564dSmrg/* $XFree86: xc/lib/ICE/getauth.c,v 1.2 2001/10/28 03:32:28 tsi Exp $ */ 30266e564dSmrg 31266e564dSmrg#ifdef HAVE_CONFIG_H 32266e564dSmrg#include <config.h> 33266e564dSmrg#endif 34266e564dSmrg#include <X11/ICE/ICElib.h> 35266e564dSmrg#include "ICElibint.h" 36266e564dSmrg#include <X11/ICE/ICEutil.h> 37266e564dSmrg 38266e564dSmrgstatic Bool auth_valid (const char *auth_name, int num_auth_names, 39266e564dSmrg char **auth_names, int *index_ret); 40266e564dSmrg 41266e564dSmrgextern int _IcePaAuthDataEntryCount; 42266e564dSmrgextern IceAuthDataEntry _IcePaAuthDataEntries[]; 43266e564dSmrg 44266e564dSmrg 45266e564dSmrg/* 46266e564dSmrg * The functions in this file are not a standard part of ICElib. 47266e564dSmrg * 48266e564dSmrg * The sample implementation uses an .ICEauthority to manipulate 49266e564dSmrg * authentication data. 50266e564dSmrg * 51266e564dSmrg * For the client that initiates a Protocol Setup, we look in the 52266e564dSmrg * .ICEauthority file to get the data. 53266e564dSmrg * 54266e564dSmrg * For the client accepting the Protocol Setup, we get the data 55266e564dSmrg * from an in-memory database of authentication data (set by the 56266e564dSmrg * application calling IceSetPaAuthData). We have to get the data 57266e564dSmrg * from memory because getting it directly from the .ICEauthority 58266e564dSmrg * file is not secure - someone can just modify the contents of the 59266e564dSmrg * .ICEauthority file behind our back. 60266e564dSmrg */ 61266e564dSmrg 62266e564dSmrgvoid 63c5629e66Smrg_IceGetPoAuthData ( 64c5629e66Smrg char *protocolName, 65c5629e66Smrg char *networkId, 66c5629e66Smrg char *authName, 67c5629e66Smrg unsigned short *authDataLenRet, 68c5629e66Smrg char **authDataRet 69c5629e66Smrg) 70266e564dSmrg{ 71266e564dSmrg IceAuthFileEntry *entry; 72266e564dSmrg 73266e564dSmrg entry = IceGetAuthFileEntry (protocolName, networkId, authName); 74266e564dSmrg 75266e564dSmrg if (entry) 76266e564dSmrg { 77266e564dSmrg *authDataLenRet = entry->auth_data_length; 78266e564dSmrg 79266e564dSmrg if ((*authDataRet = (char *) malloc (entry->auth_data_length)) != NULL) 80266e564dSmrg memcpy (*authDataRet, entry->auth_data, entry->auth_data_length); 81266e564dSmrg } 82266e564dSmrg else 83266e564dSmrg { 84266e564dSmrg *authDataLenRet = 0; 85266e564dSmrg *authDataRet = NULL; 86266e564dSmrg } 87266e564dSmrg 88266e564dSmrg IceFreeAuthFileEntry (entry); 89266e564dSmrg} 90266e564dSmrg 91266e564dSmrg 92266e564dSmrg 93266e564dSmrgvoid 94c5629e66Smrg_IceGetPaAuthData ( 95c5629e66Smrg char *protocolName, 96c5629e66Smrg char *networkId, 97c5629e66Smrg char *authName, 98c5629e66Smrg unsigned short *authDataLenRet, 99c5629e66Smrg char **authDataRet 100c5629e66Smrg) 101266e564dSmrg{ 102266e564dSmrg IceAuthDataEntry *entry = NULL; 103266e564dSmrg int found = 0; 104266e564dSmrg int i; 105266e564dSmrg 106266e564dSmrg for (i = 0; i < _IcePaAuthDataEntryCount && !found; i++) 107266e564dSmrg { 108266e564dSmrg entry = &_IcePaAuthDataEntries[i]; 109266e564dSmrg 110266e564dSmrg found = 111266e564dSmrg strcmp (protocolName, entry->protocol_name) == 0 && 112266e564dSmrg strcmp (networkId, entry->network_id) == 0 && 113266e564dSmrg strcmp (authName, entry->auth_name) == 0; 114266e564dSmrg } 115266e564dSmrg 116266e564dSmrg if (found) 117266e564dSmrg { 118266e564dSmrg *authDataLenRet = entry->auth_data_length; 119266e564dSmrg 120266e564dSmrg if ((*authDataRet = (char *) malloc (entry->auth_data_length)) != NULL) 121266e564dSmrg memcpy (*authDataRet, entry->auth_data, entry->auth_data_length); 122266e564dSmrg } 123266e564dSmrg else 124266e564dSmrg { 125266e564dSmrg *authDataLenRet = 0; 126266e564dSmrg *authDataRet = NULL; 127266e564dSmrg } 128266e564dSmrg} 129266e564dSmrg 130266e564dSmrg 131266e564dSmrg 132266e564dSmrgvoid 133c5629e66Smrg_IceGetPoValidAuthIndices ( 134c5629e66Smrg char *protocol_name, 135c5629e66Smrg char *network_id, 136c5629e66Smrg int num_auth_names, 137c5629e66Smrg char **auth_names, 138c5629e66Smrg int *num_indices_ret, 139c5629e66Smrg int *indices_ret /* in/out arg */ 140c5629e66Smrg) 141266e564dSmrg{ 142266e564dSmrg FILE *auth_file; 143266e564dSmrg char *filename; 144266e564dSmrg IceAuthFileEntry *entry; 145266e564dSmrg int index_ret, i; 146266e564dSmrg 147266e564dSmrg *num_indices_ret = 0; 148266e564dSmrg 149266e564dSmrg if (!(filename = IceAuthFileName ())) 150266e564dSmrg return; 151266e564dSmrg 152266e564dSmrg if (access (filename, R_OK) != 0) /* checks REAL id */ 153266e564dSmrg return; 154266e564dSmrg 155266e564dSmrg if (!(auth_file = fopen (filename, "rb"))) 156266e564dSmrg return; 157266e564dSmrg 158266e564dSmrg for (;;) 159266e564dSmrg { 160266e564dSmrg if (!(entry = IceReadAuthFileEntry (auth_file))) 161266e564dSmrg break; 162266e564dSmrg 163266e564dSmrg if (strcmp (protocol_name, entry->protocol_name) == 0 && 164266e564dSmrg strcmp (network_id, entry->network_id) == 0 && 165266e564dSmrg auth_valid (entry->auth_name, num_auth_names, 166266e564dSmrg auth_names, &index_ret)) 167266e564dSmrg { 168266e564dSmrg /* 169266e564dSmrg * Make sure we didn't store this index already. 170266e564dSmrg */ 171266e564dSmrg 172266e564dSmrg for (i = 0; i < *num_indices_ret; i++) 173266e564dSmrg if (index_ret == indices_ret[i]) 174266e564dSmrg break; 175266e564dSmrg 176266e564dSmrg if (i >= *num_indices_ret) 177266e564dSmrg { 178266e564dSmrg indices_ret[*num_indices_ret] = index_ret; 179266e564dSmrg *num_indices_ret += 1; 180266e564dSmrg } 181266e564dSmrg } 182266e564dSmrg 183266e564dSmrg IceFreeAuthFileEntry (entry); 184266e564dSmrg } 185266e564dSmrg 186266e564dSmrg fclose (auth_file); 187266e564dSmrg} 188266e564dSmrg 189266e564dSmrg 190266e564dSmrg 191266e564dSmrgvoid 192c5629e66Smrg_IceGetPaValidAuthIndices ( 193c5629e66Smrg char *protocol_name, 194c5629e66Smrg char *network_id, 195c5629e66Smrg int num_auth_names, 196c5629e66Smrg char **auth_names, 197c5629e66Smrg int *num_indices_ret, 198c5629e66Smrg int *indices_ret /* in/out arg */ 199c5629e66Smrg) 200266e564dSmrg{ 201266e564dSmrg int index_ret; 202266e564dSmrg int i, j; 203266e564dSmrg IceAuthDataEntry *entry; 204266e564dSmrg 205266e564dSmrg *num_indices_ret = 0; 206266e564dSmrg 207266e564dSmrg for (i = 0; i < _IcePaAuthDataEntryCount; i++) 208266e564dSmrg { 209266e564dSmrg entry = &_IcePaAuthDataEntries[i]; 210266e564dSmrg 211266e564dSmrg if (strcmp (protocol_name, entry->protocol_name) == 0 && 212266e564dSmrg strcmp (network_id, entry->network_id) == 0 && 213266e564dSmrg auth_valid (entry->auth_name, num_auth_names, 214266e564dSmrg auth_names, &index_ret)) 215266e564dSmrg { 216266e564dSmrg /* 217266e564dSmrg * Make sure we didn't store this index already. 218266e564dSmrg */ 219266e564dSmrg 220266e564dSmrg for (j = 0; j < *num_indices_ret; j++) 221266e564dSmrg if (index_ret == indices_ret[j]) 222266e564dSmrg break; 223266e564dSmrg 224266e564dSmrg if (j >= *num_indices_ret) 225266e564dSmrg { 226266e564dSmrg indices_ret[*num_indices_ret] = index_ret; 227266e564dSmrg *num_indices_ret += 1; 228266e564dSmrg } 229266e564dSmrg } 230266e564dSmrg } 231266e564dSmrg} 232266e564dSmrg 233266e564dSmrg 234266e564dSmrg 235266e564dSmrg/* 236266e564dSmrg * local routines 237266e564dSmrg */ 238266e564dSmrg 239266e564dSmrgstatic Bool 240266e564dSmrgauth_valid (const char *auth_name, int num_auth_names, 241266e564dSmrg char **auth_names, int *index_ret) 242266e564dSmrg 243266e564dSmrg{ 244266e564dSmrg /* 245266e564dSmrg * Check if auth_name is in auth_names. Return index. 246266e564dSmrg */ 247266e564dSmrg 248266e564dSmrg int i; 249266e564dSmrg 250266e564dSmrg for (i = 0; i < num_auth_names; i++) 251266e564dSmrg if (strcmp (auth_name, auth_names[i]) == 0) 252266e564dSmrg { 253266e564dSmrg break; 254266e564dSmrg } 255266e564dSmrg 256266e564dSmrg if (i < num_auth_names) 257266e564dSmrg { 258266e564dSmrg *index_ret = i; 259266e564dSmrg return (1); 260266e564dSmrg } 261266e564dSmrg else 262266e564dSmrg return (0); 263266e564dSmrg} 264