1/*
2 *Copyright (C) 2003-2004 Harold L Hunt II All Rights Reserved.
3 *
4 *Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 *"Software"), to deal in the Software without restriction, including
7 *without limitation the rights to use, copy, modify, merge, publish,
8 *distribute, sublicense, and/or sell copies of the Software, and to
9 *permit persons to whom the Software is furnished to do so, subject to
10 *the following conditions:
11 *
12 *The above copyright notice and this permission notice shall be
13 *included in all copies or substantial portions of the Software.
14 *
15 *THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 *EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 *MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 *NONINFRINGEMENT. IN NO EVENT SHALL HAROLD L HUNT II BE LIABLE FOR
19 *ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
20 *CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
21 *WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
22 *
23 *Except as contained in this notice, the name of Harold L Hunt II
24 *shall not be used in advertising or otherwise to promote the sale, use
25 *or other dealings in this Software without prior written authorization
26 *from Harold L Hunt II.
27 *
28 * Authors:	Harold L Hunt II
29 */
30
31#ifdef HAVE_XWIN_CONFIG_H
32#include <xwin-config.h>
33#endif
34
35#include "win.h"
36
37/* Includes for authorization */
38#include "securitysrv.h"
39
40
41/*
42 * Constants
43 */
44
45#define AUTH_NAME	"MIT-MAGIC-COOKIE-1"
46
47
48/*
49 * Locals
50 */
51
52static XID g_authId = 0;
53static unsigned int g_uiAuthDataLen = 0;
54static char *g_pAuthData = NULL;
55
56/*
57 * Code to generate a MIT-MAGIC-COOKIE-1, copied from under XCSECURITY
58 */
59
60#ifndef XCSECURITY
61static
62void
63GenerateRandomData (int len, char *buf)
64{
65    int fd;
66
67    fd = open("/dev/urandom", O_RDONLY);
68    read(fd, buf, len);
69    close(fd);
70}
71
72
73static char cookie[16]; /* 128 bits */
74
75XID
76static MitGenerateCookie (
77    unsigned	data_length,
78    char	*data,
79    XID		id,
80    unsigned	*data_length_return,
81    char	**data_return)
82{
83    int i = 0;
84    int status;
85
86    while (data_length--)
87    {
88	cookie[i++] += *data++;
89	if (i >= sizeof (cookie)) i = 0;
90    }
91    GenerateRandomData(sizeof (cookie), cookie);
92    status = MitAddCookie(sizeof (cookie), cookie, id);
93    if (!status)
94    {
95	id = -1;
96    }
97    else
98    {
99	*data_return = cookie;
100	*data_length_return = sizeof (cookie);
101    }
102    return id;
103}
104
105static
106XID
107GenerateAuthorization(
108	unsigned name_length,
109	char	*name,
110	unsigned data_length,
111	char	*data,
112	unsigned *data_length_return,
113	char	**data_return)
114{
115    return MitGenerateCookie(data_length, data,
116                             FakeClientID(0), data_length_return, data_return);
117}
118#endif
119
120/*
121 * Generate authorization cookie for internal server clients
122 */
123
124Bool
125winGenerateAuthorization (void)
126{
127  Bool				fFreeAuth = FALSE;
128  SecurityAuthorizationPtr	pAuth = NULL;
129
130  /* Call OS layer to generate authorization key */
131  g_authId = GenerateAuthorization (strlen (AUTH_NAME),
132				    AUTH_NAME,
133				    0,
134				    NULL,
135				    &g_uiAuthDataLen,
136				    &g_pAuthData);
137  if ((XID) ~0L == g_authId)
138    {
139      ErrorF ("winGenerateAuthorization - GenerateAuthorization failed\n");
140      goto auth_bailout;
141    }
142
143  else
144    {
145      winDebug("winGenerateAuthorization - GenerateAuthorization success!\n"
146	      "AuthDataLen: %d AuthData: %s\n",
147	      g_uiAuthDataLen, g_pAuthData);
148    }
149
150#ifdef XCSECURITY
151  /* Allocate structure for additional auth information */
152  pAuth = (SecurityAuthorizationPtr)
153    malloc(sizeof (SecurityAuthorizationRec));
154  if (!(pAuth))
155    {
156      ErrorF ("winGenerateAuthorization - Failed allocating "
157	      "SecurityAuthorizationPtr.\n");
158      goto auth_bailout;
159    }
160
161  /* Fill in the auth fields */
162  pAuth->id = g_authId;
163  pAuth->timeout = 0; /* live for x seconds after refcnt == 0 */
164  pAuth->group = None;
165  pAuth->trustLevel = XSecurityClientTrusted;
166  pAuth->refcnt = 1; /* this auth must stick around */
167  pAuth->secondsRemaining = 0;
168  pAuth->timer = NULL;
169  pAuth->eventClients = NULL;
170
171  /* Add the authorization to the server's auth list */
172  if (!AddResource (g_authId,
173		    SecurityAuthorizationResType,
174		    pAuth))
175    {
176      ErrorF ("winGenerateAuthorization - AddResource failed for auth.\n");
177      fFreeAuth = TRUE;
178      goto auth_bailout;
179    }
180
181  /* Don't free the auth data, since it is still used internally */
182  pAuth = NULL;
183#endif
184
185  return TRUE;
186
187 auth_bailout:
188  if (fFreeAuth)
189    free(pAuth);
190
191  return FALSE;
192}
193
194/* Use our generated cookie for authentication */
195void
196winSetAuthorization(void)
197{
198  XSetAuthorization (AUTH_NAME,
199		     strlen (AUTH_NAME),
200		     g_pAuthData,
201		     g_uiAuthDataLen);
202}
203