1706f2543Smrg/* 2706f2543Smrg 3706f2543SmrgCopyright 1988, 1998 The Open Group 4706f2543Smrg 5706f2543SmrgPermission to use, copy, modify, distribute, and sell this software and its 6706f2543Smrgdocumentation for any purpose is hereby granted without fee, provided that 7706f2543Smrgthe above copyright notice appear in all copies and that both that 8706f2543Smrgcopyright notice and this permission notice appear in supporting 9706f2543Smrgdocumentation. 10706f2543Smrg 11706f2543SmrgThe above copyright notice and this permission notice shall be included 12706f2543Smrgin all copies or substantial portions of the Software. 13706f2543Smrg 14706f2543SmrgTHE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15706f2543SmrgOR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16706f2543SmrgMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 17706f2543SmrgIN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR 18706f2543SmrgOTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 19706f2543SmrgARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 20706f2543SmrgOTHER DEALINGS IN THE SOFTWARE. 21706f2543Smrg 22706f2543SmrgExcept as contained in this notice, the name of The Open Group shall 23706f2543Smrgnot be used in advertising or otherwise to promote the sale, use or 24706f2543Smrgother dealings in this Software without prior written authorization 25706f2543Smrgfrom The Open Group. 26706f2543Smrg 27706f2543Smrg*/ 28706f2543Smrg 29706f2543Smrg/* 30706f2543Smrg * MIT-MAGIC-COOKIE-1 authorization scheme 31706f2543Smrg * Author: Keith Packard, MIT X Consortium 32706f2543Smrg */ 33706f2543Smrg 34706f2543Smrg#ifdef HAVE_DIX_CONFIG_H 35706f2543Smrg#include <dix-config.h> 36706f2543Smrg#endif 37706f2543Smrg 38706f2543Smrg#include <X11/X.h> 39706f2543Smrg#include "os.h" 40706f2543Smrg#include "osdep.h" 41706f2543Smrg#include "dixstruct.h" 42706f2543Smrg 43706f2543Smrgstatic struct auth { 44706f2543Smrg struct auth *next; 45706f2543Smrg unsigned short len; 46706f2543Smrg char *data; 47706f2543Smrg XID id; 48706f2543Smrg} *mit_auth; 49706f2543Smrg 50706f2543Smrgint 51706f2543SmrgMitAddCookie ( 52706f2543Smrg unsigned short data_length, 53706f2543Smrg const char *data, 54706f2543Smrg XID id) 55706f2543Smrg{ 56706f2543Smrg struct auth *new; 57706f2543Smrg 58706f2543Smrg new = malloc(sizeof (struct auth)); 59706f2543Smrg if (!new) 60706f2543Smrg return 0; 61706f2543Smrg new->data = malloc((unsigned) data_length); 62706f2543Smrg if (!new->data) { 63706f2543Smrg free(new); 64706f2543Smrg return 0; 65706f2543Smrg } 66706f2543Smrg new->next = mit_auth; 67706f2543Smrg mit_auth = new; 68706f2543Smrg memmove(new->data, data, (int) data_length); 69706f2543Smrg new->len = data_length; 70706f2543Smrg new->id = id; 71706f2543Smrg return 1; 72706f2543Smrg} 73706f2543Smrg 74706f2543SmrgXID 75706f2543SmrgMitCheckCookie ( 76706f2543Smrg unsigned short data_length, 77706f2543Smrg const char *data, 78706f2543Smrg ClientPtr client, 79706f2543Smrg char **reason) 80706f2543Smrg{ 81706f2543Smrg struct auth *auth; 82706f2543Smrg 83706f2543Smrg for (auth = mit_auth; auth; auth=auth->next) { 84706f2543Smrg if (data_length == auth->len && 85030cabe0Smrg timingsafe_memcmp(data, auth->data, (int) data_length) == 0) 86706f2543Smrg return auth->id; 87706f2543Smrg } 88706f2543Smrg *reason = "Invalid MIT-MAGIC-COOKIE-1 key"; 89706f2543Smrg return (XID) -1; 90706f2543Smrg} 91706f2543Smrg 92706f2543Smrgint 93706f2543SmrgMitResetCookie (void) 94706f2543Smrg{ 95706f2543Smrg struct auth *auth, *next; 96706f2543Smrg 97706f2543Smrg for (auth = mit_auth; auth; auth=next) { 98706f2543Smrg next = auth->next; 99706f2543Smrg free(auth->data); 100706f2543Smrg free(auth); 101706f2543Smrg } 102706f2543Smrg mit_auth = 0; 103706f2543Smrg return 0; 104706f2543Smrg} 105706f2543Smrg 106706f2543Smrgint 107706f2543SmrgMitFromID ( 108706f2543Smrg XID id, 109706f2543Smrg unsigned short *data_lenp, 110706f2543Smrg char **datap) 111706f2543Smrg{ 112706f2543Smrg struct auth *auth; 113706f2543Smrg 114706f2543Smrg for (auth = mit_auth; auth; auth=auth->next) { 115706f2543Smrg if (id == auth->id) { 116706f2543Smrg *data_lenp = auth->len; 117706f2543Smrg *datap = auth->data; 118706f2543Smrg return 1; 119706f2543Smrg } 120706f2543Smrg } 121706f2543Smrg return 0; 122706f2543Smrg} 123706f2543Smrg 124706f2543Smrgint 125706f2543SmrgMitRemoveCookie ( 126706f2543Smrg unsigned short data_length, 127706f2543Smrg const char *data) 128706f2543Smrg{ 129706f2543Smrg struct auth *auth, *prev; 130706f2543Smrg 131706f2543Smrg prev = 0; 132706f2543Smrg for (auth = mit_auth; auth; prev = auth, auth=auth->next) { 133706f2543Smrg if (data_length == auth->len && 134706f2543Smrg memcmp (data, auth->data, data_length) == 0) 135706f2543Smrg { 136706f2543Smrg if (prev) 137706f2543Smrg prev->next = auth->next; 138706f2543Smrg else 139706f2543Smrg mit_auth = auth->next; 140706f2543Smrg free(auth->data); 141706f2543Smrg free(auth); 142706f2543Smrg return 1; 143706f2543Smrg } 144706f2543Smrg } 145706f2543Smrg return 0; 146706f2543Smrg} 147706f2543Smrg 148706f2543Smrg#ifdef XCSECURITY 149706f2543Smrg 150706f2543Smrgstatic char cookie[16]; /* 128 bits */ 151706f2543Smrg 152706f2543SmrgXID 153706f2543SmrgMitGenerateCookie ( 154706f2543Smrg unsigned data_length, 155706f2543Smrg const char *data, 156706f2543Smrg XID id, 157706f2543Smrg unsigned *data_length_return, 158706f2543Smrg char **data_return) 159706f2543Smrg{ 160706f2543Smrg int i = 0; 161706f2543Smrg int status; 162706f2543Smrg 163706f2543Smrg while (data_length--) 164706f2543Smrg { 165706f2543Smrg cookie[i++] += *data++; 166706f2543Smrg if (i >= sizeof (cookie)) i = 0; 167706f2543Smrg } 168706f2543Smrg GenerateRandomData(sizeof (cookie), cookie); 169706f2543Smrg status = MitAddCookie(sizeof (cookie), cookie, id); 170706f2543Smrg if (!status) 171706f2543Smrg { 172706f2543Smrg id = -1; 173706f2543Smrg } 174706f2543Smrg else 175706f2543Smrg { 176706f2543Smrg *data_return = cookie; 177706f2543Smrg *data_length_return = sizeof (cookie); 178706f2543Smrg } 179706f2543Smrg return id; 180706f2543Smrg} 181706f2543Smrg 182706f2543Smrg#endif /* XCSECURITY */ 183