Skip to content

N
nx-libs
Unverified Commit 2f19f2f6 authored by Mike Gabriel's avatar Mike Gabriel
Browse files
Options

Merge branch 'sunweaver-pr/libXau-cleanup' into 3.6.x

Attributes GH PR #152: https://github.com/ArcticaProject/nx-libs/pull/152 Reviewed by: Vadim Troshchinskiy <vadim@qindel.com> -- Fri, 01 Jul 2016 14:55:00 +0200
parents a3a29528 20454528
Hide whitespace changes
Inline Side-by-side
Showing with 33 additions and 5515 deletions
Makefile
View file @ 2f19f2f6
......@@ -103,7 +103,7 @@ install-lite:
gzip $(DESTDIR)$(PREFIX)/share/man/man1/*.1
install-full:
for f in nxagent nxauth; do \
for f in nxagent; do \
$(INSTALL_PROGRAM) bin/$$f $(DESTDIR)$(BINDIR); done
for d in nxcompext nxcompshad; do \
$(MAKE) -C $$d install; done
......@@ -115,13 +115,10 @@ install-full:
$(INSTALL_FILE) nx-X11/programs/Xserver/Xext/SecurityPolicy $(DESTDIR)$(PREFIX)/share/nx
$(INSTALL_DIR) $(DESTDIR)$(NXLIBDIR)/bin
$(INSTALL_PROGRAM) nx-X11/programs/nxauth/nxauth $(DESTDIR)$(NXLIBDIR)/bin
$(INSTALL_PROGRAM) nx-X11/programs/Xserver/nxagent $(DESTDIR)$(NXLIBDIR)/bin
$(INSTALL_DIR) $(DESTDIR)$(PREFIX)/share/man/man1/
$(INSTALL_FILE) nx-X11/programs/Xserver/hw/nxagent/man/nxagent.1 $(DESTDIR)$(PREFIX)/share/man/man1/
$(INSTALL_FILE) nx-X11/programs/nxauth/nxauth.man $(DESTDIR)$(PREFIX)/share/man/man1/
mv -f $(DESTDIR)$(PREFIX)/share/man/man1/nxauth.man $(DESTDIR)$(PREFIX)/share/man/man1/nxauth.1
gzip $(DESTDIR)$(PREFIX)/share/man/man1/*.1
# create a clean nx-X11/.build-exports space
......@@ -180,7 +177,7 @@ uninstall-lite:
$(RM_DIR) $(DESTDIR)$(NXLIBDIR)/share/nx/
uninstall-full:
for f in nxagent nxauth; do \
for f in nxagent; do \
$(RM_FILE) $(DESTDIR)$(BINDIR)/$$f; done
$(RM_FILE) $(DESTDIR)$(PREFIX)/share/nx/VERSION.nxagent
......
debian/README.source
View file @ 2f19f2f6
......@@ -10,7 +10,7 @@ This package originally pulled in 7 source tarballs from NoMachine:
nx-X11
nxagent
nxauth
nxauth (discontinued in nx-libs)
nxcomp
nxcompshad
nxcompext
......
debian/control
View file @ 2f19f2f6
......@@ -75,6 +75,7 @@ Depends:
nx-x11-common (>= ${source:Version}), nx-x11-common (<< ${source:Version}.1),
Breaks: nxlibs (<= 3.5.1),
libnx-x11 (<< 2:3.5.0.29-1~),
libnx-xau6 (<< 2:3.6.0.0),
libnx-xcomposite1 (<< 2:3.6.0.0),
libnx-xdamage1 (<< 2:3.6.0.0),
libnx-xdmcp6 (<< 2:3.6.0.0),
......@@ -85,6 +86,7 @@ Breaks: nxlibs (<= 3.5.1),
libnx-xrender1 (<< 2:3.6.0.0),
libnx-xtst6 (<< 2:3.6.0.0),
Replaces: nxlibs,
libnx-xau6,
libnx-xcomposite1,
libnx-xdamage1,
libnx-xdmcp6,
......@@ -107,6 +109,7 @@ Provides: libnx-x11-6-dev
Section: libdevel
Architecture: any
Breaks: nxlibs-dev (<=3.5.1),
libnx-xau-dev (<< 2:3.6.0.0),
libnx-xcomposite-dev (<< 2:3.6.0.0),
libnx-xdamage-dev (<< 2:3.6.0.0),
libnx-xdmcp-dev (<< 2:3.6.0.0),
......@@ -117,6 +120,7 @@ Breaks: nxlibs-dev (<=3.5.1),
libnx-xrender-dev (<< 2:3.6.0.0),
libnx-xtst-dev (<< 2:3.6.0.0),
Replaces: nxlibs-dev,
libnx-xau-dev,
libnx-xcomposite-dev,
libnx-xdamage-dev,
libnx-xdmcp-dev,
......@@ -145,6 +149,7 @@ Depends:
${misc:Depends},
Section: debug
Breaks: nx-x11-dbg (<< 2:3.5.0.29-1~),
libnx-xau6-dbg (<< 2:3.6.0.0),
libnx-xcomposite1-dbg (<< 2:3.6.0.0),
libnx-xdamage1-dbg (<< 2:3.6.0.0),
libnx-xdmcp6-dbg (<< 2:3.6.0.0),
......@@ -155,6 +160,7 @@ Breaks: nx-x11-dbg (<< 2:3.5.0.29-1~),
libnx-xrender1-dbg (<< 2:3.6.0.0),
libnx-xtst6-dbg (<< 2:3.6.0.0),
Replaces: nx-x11-dbg,
libnx-xau6-dbg,
libnx-xcomposite1-dbg,
libnx-xdamage1-dbg,
libnx-xdmcp6-dbg,
......@@ -172,63 +178,6 @@ Description: nx-X11 client-side library (debug package)
This package contains debug symbols for the core nx-X11 libraries
customized for nxagent.
Package: libnx-xau6
Architecture: any
Multi-Arch: same
Depends:
${shlibs:Depends},
${misc:Depends},
Breaks: nxlibs (<= 3.5.1),
libnx-x11 (<< 2:3.5.0.29-1~),
Description: nx-X11 authorisation library
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
using X applications over a network, especially a slow one.
.
This package provides the main interface to the nx-X11 authorisation handling,
which controls authorisation for X connections, both client-side and
server-side.
Package: libnx-xau-dev
Provides: libnx-xau6-dev
Section: libdevel
Architecture: any
Multi-Arch: same
Depends:
libnx-xau6 (= ${binary:Version}),
${misc:Depends},
Breaks: nxlibs (<= 3.5.1),
libnx-x11-dev (<< 2:3.5.0.29-1~),
Description: nx-X11 authorisation library (development headers)
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
using X applications over a network, especially a slow one.
.
This package provides the main interface to the nx-X11 authorisation handling,
which controls authorisation for X connections, both client-side and
server-side.
.
This package contains the development headers for this library.
Package: libnx-xau6-dbg
Architecture: any
Multi-Arch: same
Depends:
libnx-xau6 (= ${binary:Version}),
${misc:Depends},
Section: debug
Breaks: nx-x11-dbg (<< 2:3.5.0.29-1~),
Description: nx-X11 authorisation library (debug package)
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
using X applications over a network, especially a slow one.
.
This package provides the main interface to the nx-X11 authorisation handling,
which controls authorisation for X connections, both client-side and
server-side.
.
This package contains debug symbols for this library.
Package: nx-x11proto-composite-dev
Section: libdevel
Architecture: any
......@@ -430,6 +379,10 @@ Depends:
Recommends:
xfonts-base,
xkb-data,
Breaks:
nxauth,
Replaces:
nxauth,
Description: NX agent
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
......@@ -473,12 +426,16 @@ Description: NX agent (debug package)
Package: nxproxy
Architecture: any
Breaks: qvd-nxproxy
Replaces: qvd-nxproxy
Multi-Arch: foreign
Depends:
${shlibs:Depends},
${misc:Depends},
Breaks:
qvd-nxproxy,
nxauth,
Replaces:
qvd-nxproxy,
nxauth,
Description: NX proxy
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
......@@ -507,38 +464,6 @@ Description: NX proxy (debug package)
helpful backtraces. You can safely remove it if you do not intend to
debug NX packages on this system.
Package: nxauth
Architecture: any
Multi-Arch: foreign
Depends:
${shlibs:Depends},
${misc:Depends},
Description: NX xauth
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
using X applications over a network, especially a slow one.
.
This package provides the NX xauth binary.
Package: nxauth-dbg
Section: debug
Architecture: any
Multi-Arch: foreign
Depends:
nxauth (= ${binary:Version}),
${misc:Depends},
Breaks: nx-x11-dbg (<< 2:3.5.0.29-1~),
Description: NX auth (debug package)
NX is a software suite which implements very efficient
compression of the X11 protocol. This increases performance when
using X applications over a network, especially a slow one.
.
This package provides the NX auth binary.
.
This package contains detached debug symbols that help generating more
helpful backtraces. You can safely remove it if you do not intend to
debug NX packages on this system.
Package: libxcomp3
Architecture: any
Multi-Arch: same
......
debian/libnx-x11-dev.install
View file @ 2f19f2f6
usr/lib/*/libNX_X11.so
usr/include/*/nx-X11/ImUtil.h
usr/include/*/nx-X11/Xauth.h
usr/include/*/nx-X11/XKBlib.h
usr/include/*/nx-X11/Xcms.h
usr/include/*/nx-X11/Xlib.h
......
debian/libnx-xau-dev.install deleted 100644 → 0
View file @ a3a29528
usr/lib/*/libNX_Xau.so
usr/include/*/nx-X11/Xauth.h
debian/libnx-xau6.install deleted 100644 → 0
View file @ a3a29528
usr/lib/*/libNX_Xau.so.*
debian/libnx-xau6.symbols deleted 100644 → 0
View file @ a3a29528
libNX_Xau.so.6 libnx-xau6 #MINVER#
XauDisposeAuth@Base 3.5.0.29
XauFileName@Base 3.5.0.29
XauGetAuthByAddr@Base 3.5.0.29
XauGetBestAuthByAddr@Base 3.5.0.29
XauLockAuth@Base 3.5.0.29
XauReadAuth@Base 3.5.0.29
XauUnlockAuth@Base 3.5.0.29
XauWriteAuth@Base 3.5.0.29
debian/nxauth.dirs deleted 100644 → 0
View file @ a3a29528
usr/bin
usr/lib/nx/bin
debian/nxauth.install deleted 100644 → 0
View file @ a3a29528
usr/lib/nx/bin/nxauth
usr/bin/nxauth
usr/share/man/man1/nxauth.1*
debian/rules
View file @ 2f19f2f6
......@@ -56,12 +56,9 @@ override_dh_auto_build:
override_dh_strip:
dh_strip -plibnx-x11-6 --dbg-package=libnx-x11-6-dbg
dh_strip -plibnx-xau6 --dbg-package=libnx-xau6-dbg
dh_strip -plibnx-xext6 --dbg-package=libnx-xext6-dbg
dh_strip -plibxcomp3 --dbg-package=libxcomp3-dbg
dh_strip -plibxcompshad3 --dbg-package=libxcompshad3-dbg
dh_strip -plibxcompext3 --dbg-package=libxcompext3-dbg
dh_strip -pnxagent --dbg-package=nxagent-dbg
dh_strip -pnxproxy --dbg-package=nxproxy-dbg
dh_strip -pnxauth --dbg-package=nxauth-dbg
nx-X11/config/cf/Imake.tmpl
View file @ 2f19f2f6
......@@ -566,12 +566,6 @@ X_BYTE_ORDER = ByteOrder
#ifndef HasSecureRPC
#define HasSecureRPC NO /* if you have Secure RPC */
#endif
#ifndef HasKrbIV
#define HasKrbIV NO /* if you have Kerberos IV */
#endif
#ifndef HasKrb5
#define HasKrb5 NO /* if you have Kerberos V5 */
#endif
#ifndef HasLatex
#define HasLatex NO
#endif
......@@ -591,27 +585,6 @@ X_BYTE_ORDER = ByteOrder
#ifndef GzipLibrary /* if OS config didn't define it, assume it's -lz */
#define GzipLibrary -lz
#endif
#if HasKrbIV
#ifndef KrbIVIncludes
#define KrbIVIncludes /**/
#endif
#ifndef KrbIVLibraries
#define KrbIVLibraries -lkrb -ldes
#endif
#endif
#if HasKrb5
#ifndef Krb5Includes
#define Krb5Includes -I/krb5/include
#endif
#ifndef Krb5Libraries
#define Krb5Libraries -L/krb5/lib -L/usr/isode/lib -lkrb5 -lcrypto -lisode -lcom_err -ldbm
#endif
#else
#undef Krb5Includes
#define Krb5Includes /**/
#undef Krb5Libraries
#define Krb5Libraries /**/
#endif
#ifndef UseGnuMalloc
#define UseGnuMalloc NO
#endif
......@@ -1878,7 +1851,7 @@ MODLDCOMBINEFLAGS = ModuleLdCombineFlags
STD_DEFINES = StandardDefines $(PROJECT_DEFINES)
EXTRA_LOAD_FLAGS = ExtraLoadFlags
EXTRA_LDOPTIONS = ExtraLoadOptions
EXTRA_LIBRARIES = MallocLibraries ExtraLibraries Krb5Libraries
EXTRA_LIBRARIES = MallocLibraries ExtraLibraries
TAGS = TagsCmd
#if ConstructMFLAGS
MFLAGS = -$(MAKEFLAGS)
......
nx-X11/config/cf/README
View file @ 2f19f2f6
......@@ -68,8 +68,6 @@ Imake.tmpl provides defaults for the following variables:
HasGnuMake use the GNU make program?
HasGhostPCL boolean for system has GhostPCL
HasGhostScript boolean for system has GhostScript
HasKrbIV system has Kerberos version IV support?
HasKrb5 system has Kerberos version 5 support?
HasLargeTmp boolean for system has /tmp space
HasLatex system has LaTeX document preparation software
HasLibCrypt boolean for system has libcrypt
......@@ -105,10 +103,6 @@ Imake.tmpl provides defaults for the following variables:
InstPgmFlags install flags for normal programs
InstUidFlags install flags for xterm to chown /dev/ptys
InstallCmd command to install files
KrbIVIncludes where to include KerberosIV header files from
KrbIVLibraries where to load KerberosIV libraries from
Krb5Includes where to include Kerberos header files from
Krb5Libraries where to load Kerberos libraries from
LdCmd command to run loader
LdCombineFlags flags for incremental loading
LexCmd command to run lex
......@@ -189,7 +183,6 @@ X11.tmpl provides defaults for the following variables:
ConnectionFlags -D's for supported transports
ContribDir location of user-contributed sources
DebugLibX11 build libX11_d.a
DebugLibXau build libXau_d.a
DebugLibXext build libXext_d.a
DefaultCursorTheme name of default cursor theme
DefaultFontPath default server font path
......@@ -208,7 +201,6 @@ X11.tmpl provides defaults for the following variables:
needs Wraphelp.c, see Release Notes
InstallLibManPages boolean for installing library man pages
InstallSecurityConfig install server security policy file over old?
KrbIVDefines defines for use with KerberosIV
LibDir directory in which to install X11 support files
LibManSuffix man suffix for library pages
LibmanDir directory in which to install library man pages
......@@ -223,12 +215,10 @@ X11.tmpl provides defaults for the following variables:
NeedDefaultDepLibs boolean for enabling default DEPLIBS
NlsDir directory in which to install nls files
NormalLibX11 build libX11.a
NormalLibXau build libXau.a
NormalLibXext build libXext.a
OsNameDefines If uname(2) unavailable, set to -DOS_NAME=OSName
PrimaryScreenResolution resolution of default server screen
ProfileLibX11 build libX11_p.a
ProfileLibXau build libXau_p.a
ProfileLibXext build libXext_p.a
ProjectX version indicating this is the X Window System
RemoveTargetProgramByMoving boolean for rm -f that doesn't
......@@ -239,7 +229,6 @@ X11.tmpl provides defaults for the following variables:
ServerOSDefines OS -D's for server
ServerAssertDefines -DNDEBUG for no assertions, /**/ for assertions
SharedLibX11 boolean for making sharable libX11.so
SharedLibXau boolean for making sharable libXau.so
SharedLibXext boolean for making sharable libXext.so
ShmDefines MIT-SHM define
TwmDir directory in which to install twm config files
......@@ -311,8 +300,6 @@ An <os>Lib.tmpl file provides defaults for the following variables:
SharedX11Reqs required libs for libX11.so
SharedX11Rev version number for libX11.so
SharedXauReqs required libs for libXau.so
SharedXauRev version number for libXau.so
SharedXextReqs required libs for libXext.so
SharedXextRev version number for libXext.so
......
nx-X11/config/cf/X11.tmpl
View file @ 2f19f2f6
......@@ -153,10 +153,6 @@ XORGRELSTRING = XorgManVersionString
#ifndef BuildXextLib
#define BuildXextLib BuildLibraries
#endif
#ifndef BuildXauLib
#define BuildXauLib (BuildLibraries || BuildLibrariesForXServers)
#endif
#define UseInstalledXauLib (defined(UseInstalled) || !BuildXauLib)
#ifndef BuildTestExt
#define BuildTestExt YES
#endif
......@@ -743,20 +739,6 @@ FCHOWN_DEFINES = -DHAS_FCHOWN
#ifndef ServerOSDefines
#define ServerOSDefines /**/
#endif
#if HasKrbIV
#ifndef KrbIVDefines
#define KrbIVDefines -DKERBEROS
#endif
#else
#define KrbIVDefines /**/
#endif
#if HasKrb5
#ifndef Krb5Defines
#define Krb5Defines -DK5AUTH
#endif
#else
#define Krb5Defines /**/
#endif
#ifndef ServerExtraDefines
#define ServerExtraDefines /* -DPIXPRIV */
#endif
......@@ -1237,31 +1219,6 @@ LINTEXTENSIONLIB = $(LINTEXTENSION)
DEPXLIB = $(DEPEXTENSIONLIB) $(DEPXONLYLIB)
XLIB = $(EXTENSIONLIB) $(XONLYLIB)
LINTXLIB = $(LINTXONLYLIB)
#ifndef SharedLibXau
#define SharedLibXau YES
#endif
#ifndef NormalLibXau
#define NormalLibXau (!SharedLibXau | ForceNormalLib)
#endif
#ifndef DebugLibXau
#define DebugLibXau NO /* debugged auth library */
#endif
#ifndef ProfileLibXau
#define ProfileLibXau NO /* profiled auth library */
#endif
XAUTHSRC = $(LIBSRC)/Xau
#if SharedLibXau
#ifndef SharedXauRev
#define SharedXauRev 6.0
#endif
SharedLibReferences(XAUTH,NX_Xau,$(XAUTHSRC),SOXAUTHREV,SharedXauRev)
#else
#if !UseInstalledXauLib
ProjectUnsharedLibReferences(XAUTH,NX_Xau,$(XAUTHSRC),XBuildLibDir)
#else
ProjectUnsharedLibReferences(XAUTH,NX_Xau,$(XAUTHSRC),$(USRLIBDIR))
#endif
#endif
#if HasMotif
......
nx-X11/config/cf/host.def
View file @ 2f19f2f6
......@@ -411,8 +411,6 @@ XCOMM $XFree86: xc/config/cf/xf86site.def,v 3.186 2003/06/25 18:06:22 eich Exp $
#define BuildXKB YES
#define BuildXKBlib YES
#define SharedLibXau YES
/*
* If you are running NetBSD 0.9C or later, and have the aperture driver
* installed, uncomment this.
......@@ -563,7 +561,5 @@ XCOMM $XFree86: xc/config/cf/xf86site.def,v 3.186 2003/06/25 18:06:22 eich Exp $
#define X86EMU_LIBPATH /usr/local/lib
*/
#define SharedLibXau YES
#define BuildRman NO
#define BuildLoadableXlibI18n NO
nx-X11/config/cf/linux.cf
View file @ 2f19f2f6
......@@ -609,7 +609,6 @@ XCOMM binutils: (LinuxBinUtilsMajorVersion)
# define AsCmd CcCmd -c -x assembler
# define LdCmd CcCmd -nostdlib
# define AsmDefines -D__ELF__
# define SharedLibXau YES
# endif /* HPArchitecture */
# ifdef i386Architecture
# define CcCmd gcc -b i486-linux
......
nx-X11/include/Imakefile
View file @ 2f19f2f6
......@@ -16,6 +16,8 @@ GLXDIR = GL
SUBDIRS = extensions $(GLXDIR)
AU_HEADERS = Xauth.h
#ifdef Win32Architecture
EXTRA_HEADERS = Xw32defs.h Xwinsock.h Xwindows.h
#elif defined(cygwinArchitecture)
......@@ -46,6 +48,7 @@ HEADERS = \
ap_keysym.h \
keysym.h \
keysymdef.h \
$(AU_HEADERS) \
$(EXTRA_HEADERS) \
$(NULL)
......
nx-X11/lib/Xau/Xauth.h nx-X11/include/Xauth.h
View file @ 2f19f2f6
......@@ -53,7 +53,6 @@ typedef struct xauth {
# define FamilyLocal (256) /* not part of X standard (i.e. X.h) */
# define FamilyWild (65535)
# define FamilyNetname (254) /* not part of X standard */
# define FamilyKrb5Principal (253) /* Kerberos 5 principal name */
# define FamilyLocalHost (252) /* for local non-net authentication */
......@@ -65,22 +64,6 @@ Xauth *XauReadAuth(
FILE* /* auth_file */
);
int XauLockAuth(
_Xconst char* /* file_name */,
int /* retries */,
int /* timeout */,
long /* dead */
);
int XauUnlockAuth(
_Xconst char* /* file_name */
);
int XauWriteAuth(
FILE* /* auth_file */,
Xauth* /* auth */
);
Xauth *XauGetAuthByName(
_Xconst char* /* display_name */
);
......@@ -132,31 +115,8 @@ void XauDisposeAuth(
Xauth* /* auth */
);
#ifdef K5AUTH
#include <krb5/krb5.h>
/* 9/93: krb5.h leaks some symbols */
#undef BITS32
#undef xfree
int XauKrb5Encode(
krb5_principal /* princ */,
krb5_data * /* outbuf */
);
int XauKrb5Decode(
krb5_data /* inbuf */,
krb5_principal * /* princ */
);
#endif /* K5AUTH */
_XFUNCPROTOEND
/* Return values from XauLockAuth */
# define LOCK_SUCCESS 0 /* lock succeeded */
# define LOCK_ERROR 1 /* lock unexpectely failed, check errno */
# define LOCK_TIMEOUT 2 /* lock failed, timeouts expired */
#endif /* _XAUTH_STRUCT_ONLY */
#endif /* _Xauth_h */
nx-X11/lib/Imakefile
View file @ 2f19f2f6
......@@ -15,10 +15,6 @@ NULL =
XKBLIBDIR = xkbfile
#endif
#if BuildXauLib
XAULIBDIR = Xau
#endif
#if BuildX11Lib
X11LIBDIR = X11
#endif
......@@ -29,7 +25,6 @@ XEXTLIBDIR = Xext
LINTSUBDIRS = \
$(XAULIBDIR) \
$(X11LIBDIR) \
$(XEXTLIBDIR) \
$(XKBLIBDIR) \
......
nx-X11/lib/Xau/AuGetBest.c nx-X11/lib/X11/AuGetBest.c
View file @ 2f19f2f6
......@@ -132,7 +132,7 @@ XauGetBestAuthByAddr (
if ((family == FamilyWild || entry->family == FamilyWild ||
(entry->family == family &&
((address_length == entry->address_length &&
binaryEqual (entry->address, address, (int)address_length))
binaryEqual (entry->address, address, (int)address_length))
#ifdef hpux
|| (family == FamilyLocal &&
fully_qual_address_length == entry->address_length &&
......
nx-X11/lib/X11/Imakefile
View file @ 2f19f2f6
......@@ -172,12 +172,6 @@ EXTRA_LIBRARIES = /**/
SETID_DEFINES = -DHASGETRESUID
#endif
XLC_DEFINES = -DXLOCALEDIR=\"$(XLOCALEDIR)\"
#if HasKrb5
K5OBJS = k5encode.o
K5SRCS = k5encode.c
K5INCL = Krb5Includes
K5DEFS = Krb5Defines
#endif
#if (defined(FreeBSDArchitecture) && OSRelVersion < 500016) || \
defined(OpenBSDArchitecture)
THRSTUBSRCS = UIThrStubs.c
......@@ -1082,9 +1076,6 @@ SpecialCLibObjectRule(KeyBind,$(ICONFIGFILES),$(XKB_DEFINES))
SpecialCLibObjectRule(XKBBind,$(ICONFIGFILES),$(XKB_DEFINES))
SpecialCLibObjectRule(imConv,$(ICONFIGFILES),$(XKB_DEFINES))
#endif
#if HasKrb5
SpecialCLibObjectRule(k5encode,$(_NOOP_),$(K5INCL))
#endif
#if BuildLoadableXlibI18n
SpecialCLibObjectRuleSeparateOpts(lcInit,$(ICONFIGFILES),$(_NOOP_),$(LC_DYNDEFINES))
SpecialCLibObjectRuleSeparateOpts(lcGeneric,$(ICONFIGFILES),$(_NOOP_),$(LC_DYNDEFINES))
......@@ -1104,15 +1095,6 @@ InstallNonExecFile(XErrorDB,$(LIBDIR))
InstallNonExecFile(XKeysymDB,$(LIBDIR))
InstallLintLibrary(X11,$(LINTLIBDIR))
LinkSourceFile(AuDispose.c,$(XAUTHSRC))
LinkSourceFile(AuGetBest.c,$(XAUTHSRC))
LinkSourceFile(AuFileName.c,$(XAUTHSRC))
LinkSourceFile(AuRead.c,$(XAUTHSRC))
#if HasKrb5
LinkSourceFile(k5encode.c,$(XAUTHSRC))
#endif
#ifdef QNX4Architecture
LOCAL_LDFLAGS=-F
#endif
......
nx-X11/lib/Xau/AuGetAddr.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: AuGetAddr.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1988, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/lib/Xau/AuGetAddr.c,v 1.5 2001/12/14 19:54:36 dawes Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <nx-X11/Xauth.h>
#include <nx-X11/Xos.h>
static int
binaryEqual (_Xconst char *a, _Xconst char *b, int len)
{
while (len--)
if (*a++ != *b++)
return 0;
return 1;
}
Xauth *
XauGetAuthByAddr (
#if NeedWidePrototypes
unsigned int family,
unsigned int address_length,
#else
unsigned short family,
unsigned short address_length,
#endif
_Xconst char* address,
#if NeedWidePrototypes
unsigned int number_length,
#else
unsigned short number_length,
#endif
_Xconst char* number,
#if NeedWidePrototypes
unsigned int name_length,
#else
unsigned short name_length,
#endif
_Xconst char* name)
{
FILE *auth_file;
char *auth_name;
Xauth *entry;
auth_name = XauFileName ();
if (!auth_name)
return 0;
if (access (auth_name, R_OK) != 0) /* checks REAL id */
return 0;
auth_file = fopen (auth_name, "rb");
if (!auth_file)
return 0;
for (;;) {
entry = XauReadAuth (auth_file);
if (!entry)
break;
/*
* Match when:
* either family or entry->family are FamilyWild or
* family and entry->family are the same and
* address and entry->address are the same
* and
* either number or entry->number are empty or
* number and entry->number are the same
* and
* either name or entry->name are empty or
* name and entry->name are the same
*/
if ((family == FamilyWild || entry->family == FamilyWild ||
(entry->family == family &&
address_length == entry->address_length &&
binaryEqual (entry->address, address, (int)address_length))) &&
(number_length == 0 || entry->number_length == 0 ||
(number_length == entry->number_length &&
binaryEqual (entry->number, number, (int)number_length))) &&
(name_length == 0 || entry->name_length == 0 ||
(entry->name_length == name_length &&
binaryEqual (entry->name, name, (int)name_length))))
break;
XauDisposeAuth (entry);
}
(void) fclose (auth_file);
return entry;
}
nx-X11/lib/Xau/AuLock.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: AuLock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1988, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/lib/Xau/AuLock.c,v 3.6 2002/05/31 18:45:43 dawes Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <nx-X11/Xauth.h>
#include <nx-X11/Xos.h>
#include <sys/stat.h>
#include <errno.h>
#include <time.h>
#define Time_t time_t
#ifndef X_NOT_POSIX
#include <unistd.h>
#else
#ifndef WIN32
extern unsigned sleep ();
#else
#include <nx-X11/Xwindows.h>
#define link rename
#endif
#endif
#ifdef __UNIXOS2__
#define link rename
#endif
int
XauLockAuth (
_Xconst char *file_name,
int retries,
int timeout,
long dead)
{
char creat_name[1025], link_name[1025];
struct stat statb;
Time_t now;
int creat_fd = -1;
if (strlen (file_name) > 1022)
return LOCK_ERROR;
(void) strcpy (creat_name, file_name);
(void) strcat (creat_name, "-c");
(void) strcpy (link_name, file_name);
(void) strcat (link_name, "-l");
if (stat (creat_name, &statb) != -1) {
now = time ((Time_t *) 0);
/*
* NFS may cause ctime to be before now, special
* case a 0 deadtime to force lock removal
*/
if (dead == 0 || now - statb.st_ctime > dead) {
(void) unlink (creat_name);
(void) unlink (link_name);
}
}
while (retries > 0) {
if (creat_fd == -1) {
creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (creat_fd == -1) {
if (errno != EACCES)
return LOCK_ERROR;
} else
(void) close (creat_fd);
}
if (creat_fd != -1) {
if (link (creat_name, link_name) != -1)
return LOCK_SUCCESS;
if (errno == ENOENT) {
creat_fd = -1; /* force re-creat next time around */
continue;
}
if (errno != EEXIST)
return LOCK_ERROR;
}
(void) sleep ((unsigned) timeout);
--retries;
}
return LOCK_TIMEOUT;
}
nx-X11/lib/Xau/AuUnlock.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: AuUnlock.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1988, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/lib/Xau/AuUnlock.c,v 1.4 2001/12/14 19:54:36 dawes Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <nx-X11/Xauth.h>
#include <nx-X11/Xos.h>
int
XauUnlockAuth (
_Xconst char *file_name)
{
#ifndef WIN32
char creat_name[1025];
#endif
char link_name[1025];
if (strlen (file_name) > 1022)
return 0;
#ifndef WIN32
(void) strcpy (creat_name, file_name);
(void) strcat (creat_name, "-c");
#endif
(void) strcpy (link_name, file_name);
(void) strcat (link_name, "-l");
/*
* I think this is the correct order
*/
#ifndef WIN32
(void) unlink (creat_name);
#endif
(void) unlink (link_name);
return 1;
}
nx-X11/lib/Xau/AuWrite.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: AuWrite.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1988, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/lib/Xau/AuWrite.c,v 1.3 2001/01/17 19:42:24 dawes Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <nx-X11/Xauth.h>
static int
write_short (unsigned short s, FILE *file)
{
unsigned char file_short[2];
file_short[0] = (s & (unsigned)0xff00) >> 8;
file_short[1] = s & 0xff;
if (fwrite ((char *) file_short, (int) sizeof (file_short), 1, file) != 1)
return 0;
return 1;
}
static int
write_counted_string (unsigned short count, char *string, FILE *file)
{
if (write_short (count, file) == 0)
return 0;
if (fwrite (string, (int) sizeof (char), (int) count, file) != count)
return 0;
return 1;
}
int
XauWriteAuth (auth_file, auth)
FILE *auth_file;
Xauth *auth;
{
if (write_short (auth->family, auth_file) == 0)
return 0;
if (write_counted_string (auth->address_length, auth->address, auth_file) == 0)
return 0;
if (write_counted_string (auth->number_length, auth->number, auth_file) == 0)
return 0;
if (write_counted_string (auth->name_length, auth->name, auth_file) == 0)
return 0;
if (write_counted_string (auth->data_length, auth->data, auth_file) == 0)
return 0;
return 1;
}
nx-X11/lib/Xau/Autest.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: Autest.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1988, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <nx-X11/Xauth.h>
main (argc, argv)
char **argv;
{
Xauth test_data;
char *name, *data, *file;
int state = 0;
FILE *output;
while (*++argv) {
if (!strcmp (*argv, "-file"))
file = *++argv;
else if (state == 0) {
name = *argv;
++state;
} else if (state == 1) {
data = *argv;
++state;
}
}
if(!file) {
fprintf (stderr, "No file\n");
exit (1);
}
test_data.family = 0;
test_data.address_length = 0;
test_data.address = "";
test_data.number_length = 0;
test_data.number = "";
test_data.name_length = strlen (name);
test_data.name = name;
test_data.data_length = strlen (data);
test_data.data = data;
output = fopen (file, "w");
if (output) {
XauWriteAuth (output, &test_data);
fclose (output);
}
}
nx-X11/lib/Xau/Imakefile deleted 100644 → 0
View file @ a3a29528
XCOMM $Xorg: Imakefile,v 1.3 2000/08/17 19:45:29 cpqbld Exp $
XCOMM $XdotOrg: xc/lib/Xau/Imakefile,v 1.4 2005/09/22 23:54:18 alanc Exp $
XCOMM $XFree86: xc/lib/Xau/Imakefile,v 3.5 1999/04/17 09:08:11 dawes Exp $
#define DoNormalLib NormalLibXau
#define DoSharedLib SharedLibXau
#define DoExtraLib SharedLibXau
#define DoDebugLib DebugLibXau
#define DoProfileLib ProfileLibXau
#define LibName NX_Xau
#define SoRev SOXAUTHREV
#define IncSubdir nx-X11
#include <Threads.tmpl>
#ifdef SharedXauReqs
REQUIREDLIBS = SharedXauReqs
#endif
LINTLIBS = $(LINTXLIB)
#if HasKrb5
K5ENCSRC = k5encode.c
K5ENCOBJ = k5encode.o
INCLUDES = Krb5Includes
#else
K5ENCSRC =
K5ENCOBJ =
INCLUDES =
#endif
HEADERS = \
Xauth.h
SRCS = AuDispose.c AuFileName.c AuGetAddr.c AuGetBest.c AuLock.c \
AuRead.c AuUnlock.c AuWrite.c $(K5ENCSRC)
OBJS = AuDispose.o AuFileName.o AuGetAddr.o AuGetBest.o AuLock.o \
AuRead.o AuUnlock.o AuWrite.o $(K5ENCOBJ)
#define IncludeSharedObjectInNormalLib
#define UnsharedLibObjCompile(options) LibObjCompile(unshared,$(CDEBUGFLAGS) $(CLIBDEBUGFLAGS) options $(PICFLAGS))
#include <Library.tmpl>
DependTarget()
nx-X11/lib/Xau/README deleted 100644 → 0
View file @ a3a29528
A Sample Authorization Protocol for X
Overview
The following note describes a very simple mechanism for providing individual
access to an X Window System display. It uses existing core protocol and
library hooks for specifying authorization data in the connection setup block
to restrict use of the display to only those clients that show that they
know a server-specific key called a "magic cookie". This mechanism is *not*
being proposed as an addition to the Xlib standard; among other reasons, a
protocol extension is needed to support more flexible mechanisms. We have
implemented this mechanism already; if you have comments, please send them
to us.
This scheme involves changes to the following parts of the sample release:
o xdm
- generate random magic cookie and store in protected file
- pass name of magic cookie file to server
- when user logs in, add magic cookie to user's auth file
- when user logs out, generate a new cookie for server
o server
- a new command line option to specify cookie file
- check client authorization data against magic cookie
- read in cookie whenever the server resets
- do not add local machine to host list if magic cookie given
o Xlib
- read in authorization data from file
- find data for appropriate server
- send authorization data if found
o xauth [new program to manage user auth file]
- add entries to user's auth file
- remove entries from user's auth file
This mechanism assumes that the superuser and the transport layer between
the client and the server is secure. Organizations that desire stricter
security are encouraged to look at systems such as Kerberos (at Project
Athena).
Description
The sample implementation will use the xdm Display Manager to set up and
control the server's authorization file. Sites that do not run xdm will
need to build their own mechanisms.
Xdm uses a random key (seeded by the system time and check sum of /dev/kmem)
to generate a unique sequence of characters at 16 bytes long. This sequence
will be written to a file which is made readable only by the server. The
server will then be started with a command line option instructing it to use
the contents of the file as the magic cookie for connections that include
authorization data. This will also disable the server from adding the local
machine's address to the initial host list. Note that the actual cookie must
not be stored on the command line or in an environment variable, to prevent
it from being publicly obtainable by the "ps" command.
If a client presents an authorization name of "MIT-MAGIC-COOKIE-1" and
authorization data that matches the magic cookie, that client is allowed
access. If the name or data does not match and the host list is empty,
that client will be denied access. Otherwise, the existing host-based access
control will be used. Since any client that is making a connection from a
machine on the host list will be granted access even if their authorization
data is incorrect, sites are strongly urged not to set up any default hosts
using the /etc/X*.hosts files. Granting access to other machines should be
done by the user's session manager instead.
Assuming the server is configured with an empty host list, the existence of the
cookie is sufficient to ensure there will be no unauthorized access to the
display. However, xdm will (continue to) work to minimize the chances of
spoofing on servers that do not support this authorization mechanism. This
will be done by grabbing the server and the keyboard after opening the display.
This action will be surrounded by a timer which will kill the server if the
grabs cannot be done within several seconds. [This level of security is now
implemented in patches already sent out.]
After the user logs in, xdm will add authorization entries for each of the
server machine's network addresses to the user's authorization file (the format
of which is described below). This file will usually be named .Xauthority in
the users's home directory; will be owned by the user (as specified by the
pw_uid and pw_gid fields in the user's password entry), and will be accessible
only to the user (no group access). This file will contain authorization data
for all of the displays opened by the user.
When the session terminates, xdm will generate and store a new magic cookie
for the server. Then, xdm will shutdown its own connection and send a
SIGHUP to the server process, which should cause the server to reset. The
server will then read in the new magic cookie.
To support accesses (both read and write) from multiple machines (for use in
environments that use distributed file systems), file locking is done using
hard links. This is done by creat'ing (sic) a lock file and then linking it
to another name in the same directory. If the link-target already exists,
the link will fail, indicating failure to obtain the lock. Linking is used
instead of just creating the file read-only since link will fail even for
the superuser.
Problems and Solutions
There are a few problems with .Xauthority as described. If no home directory
exists, or if xdm cannot create a file there (disk full), xdm stores the
cookie in a file in a resource-specified back-up directory, and sets an
environment variable in the user's session (called XAUTHORITY) naming this
file. There is also the problem that the locking attempts will need to be
timed out, due to a leftover lock. Xdm, again, creates a file and set an
environment variable. Finally, the back-up directory might be full. Xdm,
as a last resort, provides a function key binding that allows a user to log
in without having the authorization data stored, and with host-based access
control disabled.
Xlib
XOpenDisplay in Xlib was enhanced to allow specification of authorization
information. As implied above, Xlib looks for the data in the
.Xauthority file of the home directory, or in the file pointed at by the
XAUTHORITY environment variable instead if that is defined. This required
no programmatic interface change to Xlib. In addition, a new Xlib routine
is provided to explicitly specify authorization.
XSetAuthorization(name, namelen, data, datalen)
int namelen, datalen;
char *name, *data;
There are three types of input:
name NULL, data don't care - use default authorization mechanism.
name non-NULL, data NULL - use the named authorization; get
data from that mechanism's default.
name non-NULL, data non-NULL - use the given authorization and data.
This interface is used by xdm and might also be used by any other
applications that wish to explicitly set the authorization information.
Authorization File
The .Xauthority file is a binary file consisting of a sequence of entries
in the following format:
2 bytes Family value (second byte is as in protocol HOST)
2 bytes address length (always MSB first)
A bytes host address (as in protocol HOST)
2 bytes display "number" length (always MSB first)
S bytes display "number" string
2 bytes name length (always MSB first)
N bytes authorization name string
2 bytes data length (always MSB first)
D bytes authorization data string
The format is binary for easy processing, since authorization information
usually consists of arbitrary data. Host addresses are used instead of
names to eliminate potentially time-consuming name resolutions in
XOpenDisplay. Programs, such as xdm, that initialize the user's
authorization file will have to do the same work as the server in finding
addresses for all network interfaces. If more than one entry matches the
desired address, the entry that is chosen is implementation-dependent. In
our implementation, it is always the first in the file.
The Family is specified in two bytes to allow out-of-band values
(i.e. values not in the Protocol) to be used. In particular,
two new values "FamilyLocal" and "FamilyWild" are defined. FamilyLocal
refers to any connections using a non-network method of connetion from the
local machine (Unix domain sockets, shared memory, loopback serial line).
In this case the host address is specified by the data returned from
gethostname() and better be unique in a collection of machines
which share NFS directories. FamilyWild is currently used only
by xdm to communicate authorization data to the server. It matches
any family/host address pair.
For FamilyInternet, the host address is the 4 byte internet address, for
FamilyDecnet, the host address is the byte decnet address, for FamilyChaos
the address is also two bytes.
The Display Number is the ascii representation of the display number
portion of the display name. It is in ascii to allow future expansion
to PseudoRoots or anything else that might happen.
A utility called "xauth" will be provided for editing and viewing the
contents of authorization files. Note that the user's authorization file is
not the same as the server's magic cookie file.
nx-X11/lib/Xau/k5encode.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: k5encode.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
/*
Copyright 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/*
* functions to encode/decode Kerberos V5 principals
* into something that can be reasonable spewed over
* the wire
*
* Author: Tom Yu <tlyu@MIT.EDU>
*
* Still needs to be fixed up wrt signed/unsigned lengths, but we'll worry
* about that later.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <krb5/krb5.h>
/* 9/93: krb5.h leaks some symbols */
#undef BITS32
#undef xfree
#include <nx-X11/X.h>
#include <nx-X11/Xos.h>
#include <nx-X11/Xmd.h>
#include <nx-X11/Xfuncs.h>
/*
* XauKrb5Encode
*
* this function encodes the principal passed to it in a format that can
* easily be dealt with by stuffing it into an X packet. Encoding is as
* follows:
* length count of the realm name
* realm
* component count
* length of component
* actual principal component
* etc....
*
* Note that this function allocates a hunk of memory, which must be
* freed to avoid nasty memory leak type things. All counts are
* byte-swapped if needed. (except for the total length returned)
*
* nevermind.... stuffing the encoded packet in net byte order just to
* always do the right thing. Don't have to frob with alignment that way.
*/
int
XauKrb5Encode(princ, outbuf)
krb5_principal princ; /* principal to encode */
krb5_data *outbuf; /* output buffer */
{
CARD16 i, numparts, totlen = 0, plen, rlen;
char *cp, *pdata;
rlen = krb5_princ_realm(princ)->length;
numparts = krb5_princ_size(princ);
totlen = 2 + rlen + 2; /* include room for realm length
and component count */
for (i = 0; i < numparts; i++)
totlen += krb5_princ_component(princ, i)->length + 2;
/* add 2 bytes each time for length */
if ((outbuf->data = (char *)malloc(totlen)) == NULL)
return -1;
cp = outbuf->data;
*cp++ = (char)((int)(0xff00 & rlen) >> 8);
*cp++ = (char)(0x00ff & rlen);
memcpy(cp, krb5_princ_realm(princ)->data, rlen);
cp += rlen;
*cp++ = (char)((int)(0xff00 & numparts) >> 8);
*cp++ = (char)(0x00ff & numparts);
for (i = 0; i < numparts; i++)
{
plen = krb5_princ_component(princ, i)->length;
pdata = krb5_princ_component(princ, i)->data;
*cp++ = (char)((int)(0xff00 & plen) >> 8);
*cp++ = (char)(0x00ff & plen);
memcpy(cp, pdata, plen);
cp += plen;
}
outbuf->length = totlen;
return 0;
}
/*
* XauKrb5Decode
*
* This function essentially reverses what XauKrb5Encode does.
* return value: 0 if okay, -1 if malloc fails, -2 if inbuf format bad
*/
int
XauKrb5Decode(inbuf, princ)
krb5_data inbuf;
krb5_principal *princ;
{
CARD16 i, numparts, plen, rlen;
CARD8 *cp, *pdata;
if (inbuf.length < 4)
{
return -2;
}
*princ = (krb5_principal)malloc(sizeof (krb5_principal_data));
if (*princ == NULL)
return -1;
bzero(*princ, sizeof (krb5_principal_data));
cp = (CARD8 *)inbuf.data;
rlen = *cp++ << 8;
rlen |= *cp++;
if (inbuf.length < 4 + (int)rlen + 2)
{
krb5_free_principal(*princ);
return -2;
}
krb5_princ_realm(*princ)->data = (char *)malloc(rlen);
if (krb5_princ_realm(*princ)->data == NULL)
{
krb5_free_principal(*princ);
return -1;
}
krb5_princ_realm(*princ)->length = rlen;
memcpy(krb5_princ_realm(*princ)->data, cp, rlen);
cp += rlen;
numparts = *cp++ << 8;
numparts |= *cp++;
krb5_princ_name(*princ) =
(krb5_data *)malloc(numparts * sizeof (krb5_data));
if (krb5_princ_name(*princ) == NULL)
{
krb5_free_principal(*princ);
return -1;
}
krb5_princ_size(*princ) = 0;
for (i = 0; i < numparts; i++)
{
if (cp + 2 > (CARD8 *)inbuf.data + inbuf.length)
{
krb5_free_principal(*princ);
return -2;
}
plen = *cp++ << 8;
plen |= *cp++;
if (cp + plen > (CARD8 *)inbuf.data + inbuf.length)
{
krb5_free_principal(*princ);
return -2;
}
pdata = (CARD8 *)malloc(plen);
if (pdata == NULL)
{
krb5_free_principal(*princ);
return -1;
}
krb5_princ_component(*princ, i)->data = (char *)pdata;
krb5_princ_component(*princ, i)->length = plen;
memcpy(pdata, cp, plen);
cp += plen;
krb5_princ_size(*princ)++;
}
return 0;
}
nx-X11/programs/Imakefile
View file @ 2f19f2f6
......@@ -22,11 +22,7 @@
XSSRCDIR = Xserver
#endif
#if defined(NXEmbeddedXServer)
SUBDIRS = $(XSSRCDIR)
#else
SUBDIRS = $(XSSRCDIR) nxauth
#endif
MakeSubdirs($(SUBDIRS))
DependSubdirs($(SUBDIRS))
nx-X11/programs/Xserver/Imakefile
View file @ 2f19f2f6
......@@ -163,7 +163,7 @@ INSTPGMFLAGS =
$(DBEDIR) $(RECORDDIR) $(SITEEXTDIRS) \
$(RANDRDIR) $(RENDERDIR) $(XPCONFIGDIR) \
$(FIXESDIR) $(DAMAGEDIR) $(CWDIR) $(COMPOSITEDIR)
OS = os/LibraryTargetName(os) $(DEPXAUTHLIB)
OS = os/LibraryTargetName(os)
BSDEMUL = $(DEPXBSDLIB)
#if DoLoadableServer
MFB = mfb/ModuleLibraryTargetName(mfb)
......@@ -246,7 +246,7 @@ INSTPGMFLAGS =
#if !(SystemV4 || defined(SGIArchitecture) || UseRgbTxt)
DBMLIBS = DBMLibrary
#endif
SYSLIBS = $(ZLIB) MathLibrary Krb5Libraries $(DBMLIBS) $(USB) \
SYSLIBS = $(ZLIB) MathLibrary $(DBMLIBS) $(USB) \
$(PAMLIBS) $(EXTRASYSLIBS)
#if !HasCbrt
CBRT = mi/LibraryTargetName(cbrt)
......
nx-X11/programs/Xserver/dix/Imakefile
View file @ 2f19f2f6
......@@ -126,10 +126,6 @@ VENDORRELEASE = XVendorRelease
VENDOR_RELEASE = -DVENDOR_RELEASE="$(VENDORRELEASE)"
#endif
#if HasKrb5
K5DEFS = Krb5Defines
#endif
#ifdef DarwinArchitecture
#if DarwinQuartzSupport
QUARTZ_DEFINES = -DDARWIN_WITH_QUARTZ
......@@ -146,8 +142,6 @@ LintLibraryTarget(dix,$(SRCS) $(XPSRC))
NormalLintTarget($(SRCS) $(XPSRC))
SpecialCObjectRule(globals,$(ICONFIGFILES),$(SITE_DEFINES))
SpecialCObjectRule(tables,$(ICONFIGFILES),$(K5DEFS))
SpecialCObjectRule(dispatch,$(ICONFIGFILES),$(K5DEFS))
SpecialCObjectRule(main,$(ICONFIGFILES),$(VENDOR_DEFINES))
SpecialCObjectRule(pixmap,$(ICONFIGFILES),$(_NOOP_))
SpecialCObjectRule(privates,$(ICONFIGFILES),$(_NOOP_))
......
nx-X11/programs/Xserver/dix/dispatch.c
View file @ 2f19f2f6
......@@ -955,10 +955,6 @@ ProcGetAtomName(register ClientPtr client)
}
}
#ifdef K5AUTH
extern int k5_bad();
#endif
#ifndef NXAGENT_SERVER
int
ProcSetSelectionOwner(register ClientPtr client)
......@@ -3506,12 +3502,6 @@ InitProcVectors(void)
ProcVector[i] = SwappedProcVector[i] = ProcBadRequest;
ReplySwapVector[i] = ReplyNotSwappd;
}
#ifdef K5AUTH
if (!k5_Vector[i])
{
k5_Vector[i] = k5_bad;
}
#endif
}
for(i = LASTEvent; i < 128; i++)
{
......
nx-X11/programs/Xserver/dix/tables.c
View file @ 2f19f2f6
......@@ -63,11 +63,6 @@ SOFTWARE.
#include "swaprep.h"
#include "swapreq.h"
#ifdef K5AUTH
extern int
k5_stage1(), k5_stage2(), k5_stage3(), k5_bad();
#endif
int (* InitialVector[3]) (
ClientPtr /* client */
) =
......@@ -517,13 +512,3 @@ ReplySwapPtr ReplySwapVector[256] =
ReplyNotSwappd, /* NoOperation */
ReplyNotSwappd
};
#ifdef K5AUTH
int (*k5_Vector[256])() =
{
k5_bad,
k5_stage1,
k5_bad,
k5_stage3
};
#endif
nx-X11/programs/Xserver/include/dixstruct.h
View file @ 2f19f2f6
......@@ -219,10 +219,6 @@ extern int (* ProcVector[256]) (ClientPtr /*client*/);
extern int (* SwappedProcVector[256]) (ClientPtr /*client*/);
#ifdef K5AUTH
extern int (*k5_Vector[256])(ClientPtr /*client*/);
#endif
extern ReplySwapPtr ReplySwapVector[256];
extern int ProcBadRequest(ClientPtr /*client*/);
......
nx-X11/programs/Xserver/os/Imakefile
View file @ 2f19f2f6
......@@ -78,11 +78,6 @@ RPCOBJS =
RPCSRCS =
#endif
#if HasKrb5
KRB5OBJS = k5auth.o k5encode.o
KRB5SRCS = k5auth.c k5encode.c
#endif
#if HasBSD44Sockets
SOCK_DEFINES = -DBSD44SOCKETS
#endif
......@@ -122,12 +117,12 @@ GETPEER_DEFINES = -DHAS_GETPEEREID
BOOTSTRAPCFLAGS =
SRCS = WaitFor.c access.c connection.c io.c $(COLOR_SRCS) \
osinit.c utils.c log.c auth.c mitauth.c secauth.c \
$(XDMAUTHSRCS) $(RPCSRCS) $(KRB5SRCS) xdmcp.c OtherSources \
$(XDMAUTHSRCS) $(RPCSRCS) xdmcp.c OtherSources \
transport.c $(SNPRINTF_SRCS) $(STRLCAT_SRCS) \
$(MALLOC_SRCS) xprintf.c
OBJS = WaitFor.o access.o connection.o io.o $(COLOR_OBJS) \
osinit.o utils.o log.o auth.o mitauth.o secauth.o \
$(XDMAUTHOBJS) $(RPCOBJS) $(KRB5OBJS) xdmcp.o OtherObjects \
$(XDMAUTHOBJS) $(RPCOBJS) xdmcp.o OtherObjects \
transport.o $(SNPRINTF_OBJS) $(STRLCAT_OBJS) \
$(MALLOC_OBJS) xprintf.o
......@@ -146,7 +141,6 @@ BOOTSTRAPCFLAGS =
DBM_DEFINES = NdbmDefines
ADM_DEFINES = -DADMPATH=\"$(ADMDIR)/X\%smsgs\"
XDMCP_DEFINES = ServerXdmcpDefines
KRB5_DEFINES = Krb5Defines
XALLOC_DEFINES = XallocDefines
ERROR_DEFINES = ServerErrorDefines
#if HasPam && HasPamMisc
......@@ -154,11 +148,11 @@ BOOTSTRAPCFLAGS =
#endif
DEFINES = -DXSERV_t -DTRANS_SERVER $(CONNECTION_FLAGS) $(MEM_DEFINES) \
$(XDMAUTHDEFS) $(RPCDEFS) $(SIGNAL_DEFINES) $(OS_DEFINES) \
$(KRB5_DEFINES) $(RGB_DEFINES) $(GETPEER_DEFINES) \
$(RGB_DEFINES) $(GETPEER_DEFINES) \
$(RANDOM_DEFINES) $(BUGMSG) $(XTRANS_FAILDEFINES) $(NX_DEFINES)
INCLUDES = -I. -I../include -I$(XINCLUDESRC) -I$(EXTINCSRC) \
-I$(SERVERSRC)/Xext -I$(SERVERSRC)/render \
-I$(TOP)/lib/Xau Krb5Includes $(NX_INCLUDES) \
-I$(TOP)/lib/Xau $(NX_INCLUDES) \
`pkg-config --cflags-only-I pixman-1`
DEPEND_DEFINES = $(DBM_DEFINES) $(XDMCP_DEFINES) $(EXT_DEFINES) \
$(TRANS_INCLUDES) $(CONNECTION_FLAGS) $(GETPEER_DEFINES) \
......@@ -204,10 +198,6 @@ oscolor.o: oscolor.c $(ICONFIGFILES)
SpecialCObjectRule(oscolor,$(ICONFIGFILES),$(DBM_DEFINES))
#endif
#if HasKrb5
LinkSourceFile(k5encode.c,$(XAUTHSRC))
#endif
#if !HasSnprintf
LinkSourceFile(snprintf.c,$(LIBSRC)/misc)
#endif
......
nx-X11/programs/Xserver/os/access.c
View file @ 2f19f2f6
......@@ -1170,10 +1170,6 @@ ResetHosts (char *display)
struct nodeent *np;
struct dn_naddr dnaddr, *dnaddrp, *dnet_addr();
#endif
#ifdef K5AUTH
krb5_principal princ;
krb5_data kbuf;
#endif
int family = 0;
void *addr;
int len;
......@@ -1249,13 +1245,6 @@ ResetHosts (char *display)
hostname = ohostname + 4;
}
#endif
#ifdef K5AUTH
else if (!strncmp("krb:", lhostname, 4))
{
family = FamilyKrb5Principal;
hostname = ohostname + 4;
}
#endif
else if (!strncmp("si:", lhostname, 3))
{
family = FamilyServerInterpreted;
......@@ -1298,16 +1287,6 @@ ResetHosts (char *display)
}
else
#endif /* DNETCONN */
#ifdef K5AUTH
if (family == FamilyKrb5Principal)
{
krb5_parse_name(hostname, &princ);
XauKrb5Encode(princ, &kbuf);
(void) NewHost(FamilyKrb5Principal, kbuf.data, kbuf.length, FALSE);
krb5_free_principal(princ);
}
else
#endif
#ifdef SECURE_RPC
if ((family == FamilyNetname) || (strchr(hostname, '@')))
{
......@@ -1553,11 +1532,6 @@ AddHost (ClientPtr client,
len = length;
LocalHostEnabled = TRUE;
break;
#ifdef K5AUTH
case FamilyKrb5Principal:
len = length;
break;
#endif
#ifdef SECURE_RPC
case FamilyNetname:
len = length;
......@@ -1656,11 +1630,6 @@ RemoveHost (
len = length;
LocalHostEnabled = FALSE;
break;
#ifdef K5AUTH
case FamilyKrb5Principal:
len = length;
break;
#endif
#ifdef SECURE_RPC
case FamilyNetname:
len = length;
......
nx-X11/programs/Xserver/os/auth.c
View file @ 2f19f2f6
......@@ -54,9 +54,6 @@ from The Open Group.
#include <dix-config.h>
#endif
#ifdef K5AUTH
# include <krb5/krb5.h>
#endif
# include <nx-X11/X.h>
# include <nx-X11/Xauth.h>
# include "misc.h"
......@@ -112,15 +109,6 @@ static struct protocol protocols[] = {
#endif
},
#endif
#ifdef K5AUTH
{ (unsigned short) 14, "MIT-KERBEROS-5",
K5Add, K5Check, K5Reset,
K5ToID, K5FromID, K5Remove,
#ifdef XCSECURITY
NULL
#endif
},
#endif
#ifdef XCSECURITY
{ (unsigned short) XSecurityAuthorizationNameLen,
XSecurityAuthorizationName,
......
nx-X11/programs/Xserver/os/k5auth.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: k5auth.c,v 1.4 2001/02/09 02:05:23 xorgcvs Exp $ */
/*
Copyright 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall
not be used in advertising or otherwise to promote the sale, use or
other dealings in this Software without prior written authorization
from The Open Group.
*/
/* $XFree86: xc/programs/Xserver/os/k5auth.c,v 3.4 2001/01/17 22:37:10 dawes Exp $ */
/*
* Kerberos V5 authentication scheme
* Author: Tom Yu <tlyu@MIT.EDU>
*
* Mostly snarfed wholesale from the user_user demo in the
* krb5 distribution. (At least the checking part)
*/
#ifdef HAVE_DIX_CONFIG_H
#include <dix-config.h>
#endif
#include <sys/types.h>
#include <sys/socket.h>
#ifdef TCPCONN
#include <netinet/in.h>
#endif
#ifdef DNETCONN
#include <netdnet/dn.h>
#endif
#include <arpa/inet.h>
#include <krb5/krb5.h>
/* 9/93: krb5.h leaks some symbols */
#undef BITS32
#undef xfree
#include <krb5/los-proto.h>
#include <nx-X11/X.h>
#include "os.h"
#include "osdep.h"
#include <nx-X11/Xproto.h>
#include <nx-X11/Xfuncs.h>
#include "dixstruct.h"
#include <com_err.h>
#include "Xauth.h"
extern int (*k5_Vector[256])();
extern int SendConnSetup();
extern char *display; /* need this to generate rcache name */
static XID krb5_id = ~0L;
static krb5_principal srvname = NULL; /* service name */
static char *ccname = NULL;
static char *ktname = NULL; /* key table name */
static char kerror[256];
/*
* tgt_keyproc:
*
* extract session key from a credentials struct
*/
krb5_error_code tgt_keyproc(keyprocarg, principal, vno, key)
krb5_void * keyprocarg;
krb5_principal principal;
krb5_kvno vno;
krb5_keyblock **key;
{
krb5_creds *creds = (krb5_creds *)keyprocarg;
return krb5_copy_keyblock(&creds->keyblock, key);
}
/*
* k5_cmpenc:
*
* compare "encoded" principals
*/
Bool k5_cmpenc(pname, plen, buf)
unsigned char *pname;
short plen;
krb5_data *buf;
{
return (plen == buf->length &&
memcmp(pname, buf->data, plen) == 0);
}
/*
* K5Check:
*
* This is stage 0 of the krb5 authentication protocol. It
* goes through the current credentials cache and extracts the
* primary principal and tgt to send to the client, or as
* appropriate, extracts from a keytab.
*
* The packet sent to the client has the following format:
*
* CARD8 reqType = 2
* CARD8 data = 0
* CARD16 length = total length of packet (in 32 bit units)
* CARD16 plen = length of encoded principal following
* STRING8 princ = encoded principal
* STRING8 ticket = server tgt
*
* For client-server authentication, the packet is as follows:
*
* CARD8 reqType = 3
* CARD8 data = 0
* CARD16 length = total length
* STRING8 princ = encoded principal of server
*/
XID K5Check(data_length, data, client, reason)
unsigned short data_length;
char *data;
ClientPtr client;
char **reason;
{
krb5_error_code retval;
CARD16 tlen;
krb5_principal sprinc, cprinc;
krb5_ccache cc;
krb5_creds *creds;
char *outbuf, *cp;
krb5_data princ;
register char n;
xReq prefix;
if (krb5_id == ~0L)
return ~0L;
if (!ccname && !srvname)
return ~0L;
if (ccname)
{
if ((creds = (krb5_creds *)malloc(sizeof(krb5_creds))) == NULL)
return ~0L;
if (retval = krb5_cc_resolve(ccname, &cc))
return ~0L;
bzero((char*)creds, sizeof (krb5_creds));
if (retval = krb5_cc_get_principal(cc, &cprinc))
{
krb5_free_creds(creds);
krb5_cc_close(cc);
return ~0L;
}
creds->client = cprinc;
if (retval =
krb5_build_principal_ext(&sprinc,
krb5_princ_realm(creds->client)->length,
krb5_princ_realm(creds->client)->data,
6, "krbtgt",
krb5_princ_realm(creds->client)->length,
krb5_princ_realm(creds->client)->data,
0))
{
krb5_free_creds(creds);
krb5_cc_close(cc);
return ~0L;
}
creds->server = sprinc;
retval = krb5_get_credentials(KRB5_GC_CACHED, cc, creds);
krb5_cc_close(cc);
if (retval)
{
krb5_free_creds(creds);
return ~0L;
}
if (retval = XauKrb5Encode(cprinc, &princ))
{
krb5_free_creds(creds);
return ~0L;
}
tlen = sz_xReq + 2 + princ.length + creds->ticket.length;
prefix.reqType = 2; /* opcode = authenticate user-to-user */
}
else if (srvname)
{
if (retval = XauKrb5Encode(srvname, &princ))
{
return ~0L;
}
tlen = sz_xReq + princ.length;
prefix.reqType = 3; /* opcode = authenticate client-server */
}
prefix.data = 0; /* stage = 0 */
prefix.length = (tlen + 3) >> 2; /* round up to nearest multiple
of 4 bytes */
if (client->swapped)
{
swaps(&prefix.length, n);
}
if ((cp = outbuf = (char *)malloc(tlen)) == NULL)
{
if (ccname)
{
krb5_free_creds(creds);
}
free(princ.data);
return ~0L;
}
memcpy(cp, &prefix, sz_xReq);
cp += sz_xReq;
if (ccname)
{
memcpy(cp, &princ.length, 2);
if (client->swapped)
{
swaps((CARD16 *)cp, n);
}
cp += 2;
}
memcpy(cp, princ.data, princ.length);
cp += princ.length;
free(princ.data); /* we don't need that anymore */
if (ccname)
memcpy(cp, creds->ticket.data, creds->ticket.length);
WriteToClient(client, tlen, outbuf);
free(outbuf);
client->requestVector = k5_Vector; /* hack in our dispatch vector */
client->clientState = ClientStateAuthenticating;
if (ccname)
{
((OsCommPtr)client->osPrivate)->authstate.srvcreds = (void *)creds; /* save tgt creds */
((OsCommPtr)client->osPrivate)->authstate.ktname = NULL;
((OsCommPtr)client->osPrivate)->authstate.srvname = NULL;
}
if (srvname)
{
((OsCommPtr)client->osPrivate)->authstate.srvcreds = NULL;
((OsCommPtr)client->osPrivate)->authstate.ktname = (void *)ktname;
((OsCommPtr)client->osPrivate)->authstate.srvname = (void *)srvname;
}
((OsCommPtr)client->osPrivate)->authstate.stageno = 1; /* next stage is 1 */
return krb5_id;
}
/*
* k5_stage1:
*
* This gets called out of the dispatcher after K5Check frobs with the
* client->requestVector. It accepts the ap_req from the client and verifies
* it. In addition, if the client has set AP_OPTS_MUTUAL_REQUIRED, it then
* sends an ap_rep to the client to achieve mutual authentication.
*
* client stage1 packet format is as follows:
*
* CARD8 reqType = 1
* CARD8 data = ignored
* CARD16 length = total length
* STRING8 data = the actual ap_req
*
* stage2 packet sent back to client for mutual authentication:
*
* CARD8 reqType = 2
* CARD8 data = 2
* CARD16 length = total length
* STRING8 data = the ap_rep
*/
int k5_stage1(client)
register ClientPtr client;
{
long addrlen;
krb5_error_code retval, retval2;
register char n;
struct sockaddr cli_net_addr;
xReq prefix;
krb5_principal cprinc;
krb5_data buf;
krb5_creds *creds = (krb5_creds *)((OsCommPtr)client->osPrivate)->authstate.srvcreds;
krb5_keyblock *skey;
krb5_address cli_addr, **localaddrs = NULL;
krb5_tkt_authent *authdat;
krb5_ap_rep_enc_part rep;
krb5_int32 ctime, cusec;
krb5_rcache rcache = NULL;
char *cachename = NULL, *rc_type = NULL, *rc_base = "rcX", *kt = NULL;
REQUEST(xReq);
if (((OsCommPtr)client->osPrivate)->authstate.stageno != 1)
{
if (creds)
krb5_free_creds(creds);
return(SendConnSetup(client, "expected Krb5 stage1 packet"));
}
addrlen = sizeof (cli_net_addr);
if (getpeername(((OsCommPtr)client->osPrivate)->fd,
&cli_net_addr, &addrlen) == -1)
{
if (creds)
krb5_free_creds(creds);
return(SendConnSetup(client, "Krb5 stage1: getpeername failed"));
}
if (cli_net_addr.sa_family == AF_UNSPEC
#if defined(UNIXCONN) || defined(LOCALCONN) || defined(OS2PIPECONN)
|| cli_net_addr.sa_family == AF_UNIX
#endif
) /* assume local host */
{
krb5_os_localaddr(&localaddrs);
if (!localaddrs || !localaddrs[0])
{
if (creds)
krb5_free_creds(creds);
return(SendConnSetup(client, "Krb5 failed to get localaddrs"));
}
cli_addr.addrtype = localaddrs[0]->addrtype;
cli_addr.length = localaddrs[0]->length;
cli_addr.contents = localaddrs[0]->contents;
}
else
{
cli_addr.addrtype = cli_net_addr.sa_family; /* the values
are compatible */
switch (cli_net_addr.sa_family)
{
#ifdef TCPCONN
case AF_INET:
cli_addr.length = sizeof (struct in_addr);
cli_addr.contents =
(krb5_octet *)&((struct sockaddr_in *)&cli_net_addr)->sin_addr;
break;
#endif
#ifdef DNETCONN
case AF_DECnet:
cli_addr.length = sizeof (struct dn_naddr);
cli_addr.contents =
(krb5_octet *)&((struct sockaddr_dn *)&cli_net_addr)->sdn_add;
break;
#endif
default:
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
sprintf(kerror, "Krb5 stage1: unknown address family %d from getpeername",
cli_net_addr.sa_family);
return(SendConnSetup(client, kerror));
}
}
if ((rcache = (krb5_rcache)malloc(sizeof(*rcache))) == NULL)
{
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
return(SendConnSetup(client, "malloc bombed for krb5_rcache"));
}
if ((rc_type = krb5_rc_default_type()) == NULL)
rc_type = "dfl";
if (retval = krb5_rc_resolve_type(&rcache, rc_type))
{
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
free(rcache);
strcpy(kerror, "krb5_rc_resolve_type failed: ");
strncat(kerror, error_message(retval), 231);
return(SendConnSetup(client, kerror));
}
if ((cachename = (char *)malloc(strlen(rc_base) + strlen(display) + 1))
== NULL)
{
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
free(rcache);
return(SendConnSetup(client, "Krb5: malloc bombed for cachename"));
}
strcpy(cachename, rc_base);
strcat(cachename, display);
if (retval = krb5_rc_resolve(rcache, cachename))
{
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
free(rcache);
free(cachename);
strcpy(kerror, "krb5_rc_resolve failed: ");
strncat(kerror, error_message(retval), 236);
return(SendConnSetup(client, kerror));
}
free(cachename);
if (krb5_rc_recover(rcache))
{
extern krb5_deltat krb5_clockskew;
if (retval = krb5_rc_initialize(rcache, krb5_clockskew))
{
if (localaddrs)
krb5_free_addresses(localaddrs);
if (creds)
krb5_free_creds(creds);
if (retval2 = krb5_rc_close(rcache))
{
strcpy(kerror, "krb5_rc_close failed: ");
strncat(kerror, error_message(retval2), 238);
return(SendConnSetup(client, kerror));
}
free(rcache);
strcpy(kerror, "krb5_rc_initialize failed: ");
strncat(kerror, error_message(retval), 233);
return(SendConnSetup(client, kerror));
}
}
buf.length = (stuff->length << 2) - sz_xReq;
buf.data = (char *)stuff + sz_xReq;
if (creds)
{
retval = krb5_rd_req(&buf,
NULL, /* don't bother with server name */
&cli_addr,
NULL, /* no fetchfrom */
tgt_keyproc,
creds, /* credentials as arg to
keyproc */
rcache,
&authdat);
krb5_free_creds(creds);
}
else if (kt = (char *)((OsCommPtr)client->osPrivate)->authstate.ktname)
{
retval = krb5_rd_req(&buf, srvname, &cli_addr, kt, NULL, NULL,
rcache, &authdat);
((OsCommPtr)client->osPrivate)->authstate.ktname = NULL;
}
else
{
if (localaddrs)
krb5_free_addresses(localaddrs);
return(SendConnSetup(client, "Krb5: neither srvcreds nor ktname set"));
}
if (localaddrs)
krb5_free_addresses(localaddrs);
if (rcache)
{
if (retval2 = krb5_rc_close(rcache))
{
strcpy(kerror, "krb5_rc_close failed (2): ");
strncat(kerror, error_message(retval2), 230);
return(SendConnSetup(client, kerror));
}
free(rcache);
}
if (retval)
{
strcpy(kerror, "Krb5: Bad application request: ");
strncat(kerror, error_message(retval), 224);
return(SendConnSetup(client, kerror));
}
cprinc = authdat->ticket->enc_part2->client;
skey = authdat->ticket->enc_part2->session;
if (XauKrb5Encode(cprinc, &buf))
{
krb5_free_tkt_authent(authdat);
return(SendConnSetup(client, "XauKrb5Encode bombed"));
}
/*
* Now check to see if the principal we got is one that we want to let in
*/
if (ForEachHostInFamily(FamilyKrb5Principal, k5_cmpenc, (void *)&buf))
{
free(buf.data);
/*
* The following deals with sending an ap_rep to the client to
* achieve mutual authentication. The client sends back a stage 3
* packet if all is ok.
*/
if (authdat->ap_options | AP_OPTS_MUTUAL_REQUIRED)
{
/*
* stage 2: send ap_rep to client
*/
if (retval = krb5_us_timeofday(&ctime, &cusec))
{
krb5_free_tkt_authent(authdat);
strcpy(kerror, "error in krb5_us_timeofday: ");
strncat(kerror, error_message(retval), 234);
return(SendConnSetup(client, kerror));
}
rep.ctime = ctime;
rep.cusec = cusec;
rep.subkey = NULL;
rep.seq_number = 0;
if (retval = krb5_mk_rep(&rep, skey, &buf))
{
krb5_free_tkt_authent(authdat);
strcpy(kerror, "error in krb5_mk_rep: ");
strncat(kerror, error_message(retval), 238);
return(SendConnSetup(client, kerror));
}
prefix.reqType = 2; /* opcode = authenticate */
prefix.data = 2; /* stage = 2 */
prefix.length = (buf.length + sz_xReq + 3) >> 2;
if (client->swapped)
{
swaps(&prefix.length, n);
}
WriteToClient(client, sz_xReq, (char *)&prefix);
WriteToClient(client, buf.length, buf.data);
free(buf.data);
krb5_free_tkt_authent(authdat);
((OsCommPtr)client->osPrivate)->authstate.stageno = 3; /* expect stage3 packet */
return(Success);
}
else
{
free(buf.data);
krb5_free_tkt_authent(authdat);
return(SendConnSetup(client, NULL)); /* success! */
}
}
else
{
char *kname;
krb5_free_tkt_authent(authdat);
free(buf.data);
retval = krb5_unparse_name(cprinc, &kname);
if (retval == 0)
{
sprintf(kerror, "Principal \"%s\" is not authorized to connect",
kname);
if (kname)
free(kname);
return(SendConnSetup(client, kerror));
}
else
return(SendConnSetup(client,"Principal is not authorized to connect to Server"));
}
}
/*
* k5_stage3:
*
* Get the short ack packet from the client. This packet can conceivably
* be expanded to allow for switching on end-to-end encryption.
*
* stage3 packet format:
*
* CARD8 reqType = 3
* CARD8 data = ignored (for now)
* CARD16 length = should be zero
*/
int k5_stage3(client)
register ClientPtr client;
{
REQUEST(xReq);
if (((OsCommPtr)client->osPrivate)->authstate.stageno != 3)
{
return(SendConnSetup(client, "expected Krb5 stage3 packet"));
}
else
return(SendConnSetup(client, NULL)); /* success! */
}
k5_bad(client)
register ClientPtr client;
{
if (((OsCommPtr)client->osPrivate)->authstate.srvcreds)
krb5_free_creds((krb5_creds *)((OsCommPtr)client->osPrivate)->authstate.srvcreds);
sprintf(kerror, "unrecognized Krb5 auth packet %d, expecting %d",
((xReq *)client->requestBuffer)->reqType,
((OsCommPtr)client->osPrivate)->authstate.stageno);
return(SendConnSetup(client, kerror));
}
/*
* K5Add:
*
* Takes the name of a credentials cache and resolves it. Also adds the
* primary principal of the ccache to the acl.
*
* Now will also take a service name.
*/
int K5Add(data_length, data, id)
unsigned short data_length;
char *data;
XID id;
{
krb5_principal princ;
krb5_error_code retval;
krb5_keytab_entry tmp_entry;
krb5_keytab keytab;
krb5_kvno kvno = 0;
krb5_ccache cc;
char *nbuf, *cp;
krb5_data kbuf;
int i, ktlen;
krb5_init_ets(); /* can't think of a better place to put it */
krb5_id = ~0L;
if (data_length < 3)
return 0;
if ((nbuf = (char *)malloc(data_length - 2)) == NULL)
return 0;
memcpy(nbuf, data + 3, data_length - 3);
nbuf[data_length - 3] = '\0';
if (ccname)
{
free(ccname);
ccname = NULL;
}
if (srvname)
{
krb5_free_principal(srvname);
srvname = NULL;
}
if (ktname)
{
free(ktname);
ktname = NULL;
}
if (!strncmp(data, "UU:", 3))
{
if (retval = krb5_cc_resolve(nbuf, &cc))
{
ErrorF("K5Add: krb5_cc_resolve of \"%s\" failed: %s\n",
nbuf, error_message(retval));
free(nbuf);
return 0;
}
if (cc && !(retval = krb5_cc_get_principal(cc, &princ)))
{
if (XauKrb5Encode(princ, &kbuf))
{
free(nbuf);
krb5_free_principal(princ);
krb5_cc_close(cc);
return 0;
}
if (krb5_cc_close(cc))
return 0;
AddHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data);
krb5_free_principal(princ);
free(kbuf.data);
ccname = nbuf;
krb5_id = id;
return 1;
}
else
{
ErrorF("K5Add: getting principal from cache \"%s\" failed: %s\n",
nbuf, error_message(retval));
}
}
else if (!strncmp(data, "CS:", 3))
{
if ((cp = strchr(nbuf, ',')) == NULL)
{
free(nbuf);
return 0;
}
*cp = '\0'; /* gross but it works :-) */
ktlen = strlen(cp + 1);
if ((ktname = (char *)malloc(ktlen + 1)) == NULL)
{
free(nbuf);
return 0;
}
strcpy(ktname, cp + 1);
retval = krb5_sname_to_principal(NULL, /* NULL for hostname uses
local host name*/
nbuf, KRB5_NT_SRV_HST,
&srvname);
free(nbuf);
if (retval)
{
free(ktname);
ktname = NULL;
return 0;
}
if (retval = krb5_kt_resolve(ktname, &keytab))
{
free(ktname);
ktname = NULL;
krb5_free_principal(srvname);
srvname = NULL;
return 0;
}
retval = krb5_kt_get_entry(keytab, srvname, kvno, &tmp_entry);
krb5_kt_free_entry(&tmp_entry);
if (retval)
{
free(ktname);
ktname = NULL;
krb5_free_principal(srvname);
srvname = NULL;
return 0;
}
if (XauKrb5Encode(srvname, &kbuf))
{
free(ktname);
ktname = NULL;
krb5_free_principal(srvname);
srvname = NULL;
return 0;
}
AddHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data);
krb5_id = id;
return 1;
}
else
{
ErrorF("K5Add: credentials cache name \"%.*s\" in auth file: unknown type\n",
data_length, data);
}
return 0;
}
/*
* K5Reset:
*
* Reset krb5_id, also nuke the current principal from the acl.
*/
int K5Reset()
{
krb5_principal princ;
krb5_error_code retval;
krb5_ccache cc;
krb5_data kbuf;
int i;
if (ccname)
{
if (retval = krb5_cc_resolve(ccname, &cc))
{
free(ccname);
ccname = NULL;
}
if (cc && !(retval = krb5_cc_get_principal(cc, &princ)))
{
if (XauKrb5Encode(princ, &kbuf))
return 1;
RemoveHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data);
krb5_free_principal(princ);
free(kbuf.data);
if (krb5_cc_close(cc))
return 1;
free(ccname);
ccname = NULL;
}
}
if (srvname)
{
if (XauKrb5Encode(srvname, &kbuf))
return 1;
RemoveHost(NULL, FamilyKrb5Principal, kbuf.length, kbuf.data);
krb5_free_principal(srvname);
free(kbuf.data);
srvname = NULL;
}
if (ktname)
{
free(ktname);
ktname = NULL;
}
krb5_id = ~0L;
return 0;
}
XID K5ToID(data_length, data)
unsigned short data_length;
char *data;
{
return krb5_id;
}
int K5FromID(id, data_lenp, datap)
XID id;
unsigned short *data_lenp;
char **datap;
{
return 0;
}
int K5Remove(data_length, data)
unsigned short data_length;
char *data;
{
return 0;
}
nx-X11/programs/Xserver/os/osdep.h
View file @ 2f19f2f6
......@@ -145,16 +145,6 @@ typedef struct _connectionOutput {
int count;
} ConnectionOutput, *ConnectionOutputPtr;
#ifdef K5AUTH
typedef struct _k5_state {
int stageno; /* current stage of auth protocol */
void *srvcreds; /* server credentials */
void *srvname; /* server principal name */
void *ktname; /* key table: principal-key pairs */
void *skey; /* session key */
} k5_state;
#endif
struct _osComm;
#define AuthInitArgs void
......@@ -190,9 +180,6 @@ typedef struct _osComm {
ConnectionInputPtr input;
ConnectionOutputPtr output;
XID auth_id; /* authorization id */
#ifdef K5AUTH
k5_state authstate; /* state of setup auth conversation */
#endif
CARD32 conn_time; /* timestamp if not established, else 0 */
struct _XtransConnInfo *trans_conn; /* transport connection object */
} OsCommRec, *OsCommPtr;
......@@ -283,16 +270,6 @@ extern int SecureRPCRemove (AuthRemCArgs);
extern int SecureRPCReset (AuthRstCArgs);
#endif
/* in k5auth.c */
#ifdef K5AUTH
extern XID K5Check (AuthCheckArgs);
extern XID K5ToID (AuthToIDArgs);
extern int K5Add (AuthAddCArgs);
extern int K5FromID (AuthFromIDArgs);
extern int K5Remove (AuthRemCArgs);
extern int K5Reset (AuthRstCArgs);
#endif
/* in secauth.c */
extern XID AuthSecurityCheck (AuthCheckArgs);
......
nx-X11/programs/Xserver/os/rpcauth.c
View file @ 2f19f2f6
......@@ -41,7 +41,7 @@ from The Open Group.
#ifdef SECURE_RPC
#include <nx-X11/X.h>
#include "Xauth.h"
#include <nx-X11/Xauth.h>
#include "misc.h"
#include "os.h"
#include "dixstruct.h"
......
nx-X11/programs/nxauth/CHANGELOG deleted 100644 → 0
View file @ a3a29528
ChangeLog:
nxauth-3.5.0-1
- Opened the 3.5.0 branch based on nxauth-3.4.0-3.
- Updated copyright to year 2011.
nxauth-3.4.0-3
- Updated the launchd socket detection to support OSX versions relea-
sed so far.
nxauth-3.4.0-2
- Updated copyright to year 2010.
nxauth-3.4.0-1
- Opened the 3.4.0 branch based on nxauth-3.3.0-1.
- Updated copyright to year 2009.
nxauth-3.3.0-1
- Opened the 3.3.0 branch based on nxauth-3.2.0-1.
nxauth-3.2.0-1
- Opened the 3.2.0 branch based on nxauth-3.1.0-2.
nxauth-3.1.0-2
- Added support for launchd socket.
nxauth-3.1.0-1
- Opened the 3.1.0 branch based on nxauth-3.0.0-6.
nxauth-3.0.0-6
- Updated the NoMachine copyright notice.
nxauth-3.0.0-5
- Changed the copyright attribution from Medialogic to NoMachine.
nxauth-3.0.0-4
- Changed the LICENSE file to state that the software is only made
available under the version 2 of the GPL.
- Added file COPYING.
nxauth-3.0.0-3
- Updated copyright notices to year 2007.
nxauth-3.0.0-2
- Imported changes up to nxauth-2.1.0-1.
- Ignoring lock on '.Xauthority' file.
- Using '__CYGWIN__' definition in process.c. 'WIN32' is not defined
during compilation under nx-X11 and wrong code block is used to
rename xauth temporary file.
nxauth-3.0.0-1
- Opened the 3.0.0 branch based on nxauth-2.0.0-2.
nxauth-2.0.0-2
- Updated the NoMachine copyright notices.
nxauth-2.0.0-1
- Opened the 2.0.0 branch based on the 1.6.0-1.
nxauth-1.6.0-1
- Opened the 1.6.0 branch based on nxauth-1.5.0-1.
nxauth-1.5.0-1
- Opened the 1.5.0 branch.
nxauth-1.4.1-1
- Opened the 1.4.1 branch.
nxauth-1.4.0-2
- Removed debug message 'host name is'.
nxauth-1.4.0-1
- Opened the 1.4.0 branch based on nxauth-1.3.2-1.
nxauth-1.3.2-1
- Opened the 1.3.2 branch.
nxauth-1.3.1-2
- Fixed problem with compilation on systems without
X11 includes instaled.
nx-X11/programs/nxauth/COPYING deleted 100644 → 0
View file @ a3a29528
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
nx-X11/programs/nxauth/Imakefile deleted 100644 → 0
View file @ a3a29528
XCOMM $Xorg: Imakefile,v 1.3 2000/08/17 19:54:11 cpqbld Exp $
XCOMM $XFree86: xc/programs/xauth/Imakefile,v 3.5 2001/03/30 02:15:23 keithp Exp $
/**************************************************************************/
/* */
/* Copyright (c) 2001, 2010 NoMachine, http://www.nomachine.com/. */
/* */
/* NXAUTH, NX protocol compression and NX extensions to this software */
/* are copyright of NoMachine. Redistribution and use of the present */
/* software is allowed according to terms specified in the file LICENSE */
/* which comes in the source distribution. */
/* */
/* Check http://www.nomachine.com/licensing.html for applicability. */
/* */
/* NX and NoMachine are trademarks of Medialogic S.p.A. */
/* */
/* All rights reserved. */
/* */
/**************************************************************************/
/* LOCAL_LIBRARIES = $(DESTDIR)$(SHLIBDIR)/libXau.a */
INCLUDES=-I../../lib
DEPLIBS = $(DEPXAUTHLIB)
LOCAL_LIBRARIES = $(XAUTHLIB)
SRCS = xauth.c gethost.c process.c parsedpy.c
OBJS = xauth.o gethost.o process.o parsedpy.o
CONN_DEFINES = $(CONNECTION_FLAGS)
ComplexProgramTarget(nxauth)
SpecialCObjectRule(gethost,$(ICONFIGFILES),$(CONN_DEFINES) $(SIGNAL_DEFINES))
SpecialCObjectRule(process,$(ICONFIGFILES),$(SIGNAL_DEFINES))
SpecialCObjectRule(parsedpy,$(ICONFIGFILES),$(CONN_DEFINES))
nx-X11/programs/nxauth/LICENSE deleted 100644 → 0
View file @ a3a29528
Copyright (c) 2001, 2010 NoMachine - http://www.nomachine.com/.
NXAUTH and NX extensions to X are copyright of NoMachine.
Redistribution and use of this software is allowed according to the
following terms:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License Version 2, and
not any other version, as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTA-
BILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, you can request a copy to NoMachine
or write to the Free Software Foundation, Inc., 59 Temple Place,
Suite 330, Boston, MA 02111-1307 USA
Parts of this software are derived from XFree86 project. Other copy-
rights and the MIT/X11 license applies to different sources. Please
check the applicable copyrights in each file or subdirectory.
All rights reserved.
nx-X11/programs/nxauth/gethost.c deleted 100644 → 0
View file @ a3a29528
/*
* $Xorg: gethost.c,v 1.5 2001/02/09 02:05:38 xorgcvs Exp $
*
*
Copyright 1989, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
* *
* Author: Jim Fulton, MIT X Consortium
*/
/* $XFree86: xc/programs/xauth/gethost.c,v 3.16 2001/12/14 20:01:14 dawes Exp $ */
/* sorry, streams support does not really work yet */
#if defined(STREAMSCONN) && defined(SVR4)
#undef STREAMSCONN
#define TCPCONN
#endif
#ifdef WIN32
#include <nx-X11/Xwinsock.h>
#define EPROTOTYPE WSAEPROTOTYPE
#endif
#include <nx-X11/X.h>
#include <signal.h>
#include <setjmp.h>
#include <ctype.h>
#ifndef __TYPES__
#include <sys/types.h>
#define __TYPES__
#endif
#ifndef WIN32
#ifndef STREAMSCONN
#ifndef Lynx
#include <sys/socket.h>
#else
#include <socket.h>
#endif
#include <netdb.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#ifdef SYSV
#ifdef i386
#ifndef sco
#include <net/errno.h>
#endif /* !sco */
#endif /* i386 */
#endif /* SYSV */
#endif /* !STREAMSCONN */
#endif /* !WIN32 */
#include <errno.h>
#include "xauth.h"
#ifdef DNETCONN
#include <netdnet/dn.h>
#include <netdnet/dnetdb.h>
#endif
#ifdef SIGALRM
Bool nameserver_timedout = False;
/*
* get_hostname - Given an internet address, return a name (CHARON.MIT.EDU)
* or a string representing the address (18.58.0.13) if the name cannot
* be found. Stolen from xhost.
*/
static jmp_buf env;
static
#ifdef SIGNALRETURNSINT
int
#else
void
#endif
nameserver_lost(int sig)
{
nameserver_timedout = True;
longjmp (env, -1);
/* NOTREACHED */
#ifdef SIGNALRETURNSINT
return -1; /* for picky compilers */
#endif
}
#endif
char *
get_hostname (auth)
Xauth *auth;
{
static struct hostent *hp = NULL;
#ifdef DNETCONN
struct nodeent *np;
static char nodeaddr[4 + 2 * DN_MAXADDL];
#endif /* DNETCONN */
if (auth->address_length == 0)
return "Illegal Address";
#ifdef TCPCONN
if (auth->family == FamilyInternet) {
#ifdef SIGALRM
/* gethostbyaddr can take a LONG time if the host does not exist.
Assume that if it does not respond in NAMESERVER_TIMEOUT seconds
that something is wrong and do not make the user wait.
gethostbyaddr will continue after a signal, so we have to
jump out of it.
*/
nameserver_timedout = False;
signal (SIGALRM, nameserver_lost);
alarm (4);
if (setjmp(env) == 0) {
#endif
hp = gethostbyaddr (auth->address, auth->address_length, AF_INET);
#ifdef SIGALRM
}
alarm (0);
#endif
if (hp)
return (hp->h_name);
else
return (inet_ntoa(*((struct in_addr *)(auth->address))));
}
#endif
#ifdef DNETCONN
if (auth->family == FamilyDECnet) {
struct dn_naddr *addr_ptr = (struct dn_naddr *) auth->address;
if (np = getnodebyaddr(addr_ptr->a_addr, addr_ptr->a_len, AF_DECnet)) {
sprintf(nodeaddr, "%s:", np->n_name);
} else {
sprintf(nodeaddr, "%s:", dnet_htoa(auth->address));
}
return(nodeaddr);
}
#endif
return (NULL);
}
#ifdef TCPCONN
/*
* cribbed from lib/X/XConnDis.c
*/
static Bool
get_inet_address(char *name, unsigned int *resultp)
{
unsigned int hostinetaddr = inet_addr (name);
struct hostent *host_ptr;
struct sockaddr_in inaddr; /* dummy variable for size calcs */
#ifndef INADDR_NONE
#define INADDR_NONE -1
#endif
if (hostinetaddr == INADDR_NONE) {
if ((host_ptr = gethostbyname (name)) == NULL) {
/* No such host! */
errno = EINVAL;
return False;
}
/* Check the address type for an internet host. */
if (host_ptr->h_addrtype != AF_INET) {
/* Not an Internet host! */
errno = EPROTOTYPE;
return False;
}
memmove( (char *)&hostinetaddr, (char *)host_ptr->h_addr,
sizeof(inaddr.sin_addr));
}
*resultp = hostinetaddr;
return True;
}
#endif
#ifdef DNETCONN
static Bool get_dnet_address (name, resultp)
char *name;
struct dn_naddr *resultp;
{
struct dn_naddr *dnaddrp, dnaddr;
struct nodeent *np;
if (dnaddrp = dnet_addr (name)) { /* stolen from xhost */
dnaddr = *dnaddrp;
} else {
if ((np = getnodebyname (name)) == NULL) return False;
dnaddr.a_len = np->n_length;
memmove( dnaddr.a_addr, np->n_addr, np->n_length);
}
*resultp = dnaddr;
return True;
}
#endif
char *get_address_info (family, fulldpyname, prefix, host, lenp)
int family;
char *fulldpyname;
int prefix;
char *host;
int *lenp;
{
char *retval = NULL;
int len = 0;
char *src = NULL;
#ifdef TCPCONN
unsigned int hostinetaddr;
#endif
#ifdef DNETCONN
struct dn_naddr dnaddr;
#endif
char buf[255];
/*
* based on the family, set the pointer src to the start of the address
* information to be copied and set len to the number of bytes.
*/
switch (family) {
case FamilyLocal: /* hostname/unix:0 */
/* handle unix:0 and :0 specially */
if (prefix == 0 && (strncmp (fulldpyname, "unix:", 5) == 0 ||
fulldpyname[0] == ':')) {
if (!get_local_hostname (buf, sizeof buf)) {
len = 0;
} else {
src = buf;
len = strlen (buf);
}
} else {
src = fulldpyname;
len = prefix;
}
break;
case FamilyInternet: /* host:0 */
#ifdef TCPCONN
if (!get_inet_address (host, &hostinetaddr)) return NULL;
src = (char *) &hostinetaddr;
len = 4; /* sizeof inaddr.sin_addr, would fail on Cray */
break;
#else
return NULL;
#endif
case FamilyDECnet: /* host::0 */
#ifdef DNETCONN
if (!get_dnet_address (host, &dnaddr)) return NULL;
src = (char *) &dnaddr;
len = (sizeof dnaddr);
break;
#else
/* fall through since we don't have code for it */
#endif
default:
src = NULL;
len = 0;
}
/*
* if source was provided, allocate space and copy it
*/
if (len == 0 || !src) return NULL;
retval = malloc (len);
if (retval) {
memmove( retval, src, len);
*lenp = len;
}
return retval;
}
nx-X11/programs/nxauth/nxauth.man deleted 100644 → 0
View file @ a3a29528
.\" $Xorg: xauth.man,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $
.\" Copyright 1993, 1998 The Open Group
.\"
.\" Permission to use, copy, modify, distribute, and sell this software and its
.\" documentation for any purpose is hereby granted without fee, provided that
.\" the above copyright notice appear in all copies and that both that
.\" copyright notice and this permission notice appear in supporting
.\" documentation.
.\"
.\" The above copyright notice and this permission notice shall be included
.\" in all copies or substantial portions of the Software.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
.\" OTHER DEALINGS IN THE SOFTWARE.
.\"
.\" Except as contained in this notice, the name of The Open Group shall
.\" not be used in advertising or otherwise to promote the sale, use or
.\" other dealings in this Software without prior written authorization
.\" from The Open Group.
.\"
.\" $XFree86: xc/programs/xauth/xauth.man,v 1.7 2001/12/14 20:01:15 dawes Exp $
.\"
.TH XAUTH 1 __xorgversion__
.SH NAME
nxauth \- NoMachine X authority file utility
.SH SYNOPSIS
.B nxauth
[ \fB\-f\fP \fIauthfile\fP ] [ \fB\-vqib\fP ] [ \fIcommand arg ...\fP ]
.SH DESCRIPTION
.PP
The \fInxauth\fP program is used to edit and display the authorization
information used in connecting to the X server. This program is usually
used to extract authorization records from one machine and merge them in on
another (as is the case when using remote logins or granting access to
other users). Commands (described below) may be entered interactively,
on the \fInxauth\fP command line, or in scripts. Note that this program
does \fBnot\fP contact the X server except when the generate command is used.
Normally \fInxauth\fP is not used to create the authority file entry in
the first place; \fIxdm\fP does that.
.SH OPTIONS
The following options may be used with \fInxauth\fP. They may be given
individually (e.g., \fI\-q \-i\|\fP) or may combined (e.g., \fI\-qi\|\fP).
.TP 8
.B "\-f \fIauthfile\fP"
This option specifies the name of the authority file to use. By default,
\fInxauth\fP will use the file specified by the nxauthORITY environment variable
or \fI\.Xauthority\fP in the user's home directory.
.TP 8
.B \-q
This option indicates that \fInxauth\fP should operate quietly and not print
unsolicited status messages. This is the default if an \fInxauth\fP command is
is given on the command line or if the standard output is not directed to a
terminal.
.TP 8
.B \-v
This option indicates that \fInxauth\fP should operate verbosely and print
status messages indicating the results of various operations (e.g., how many
records have been read in or written out). This is the default if \fInxauth\fP
is reading commands from its standard input and its standard output is
directed to a terminal.
.TP 8
.B \-i
This option indicates that \fInxauth\fP should ignore any authority file
locks. Normally, \fInxauth\fP will refuse to read or edit any authority files
that have been locked by other programs (usually \fIxdm\fP or another
\fInxauth\fP).
.TP 8
.B \-b
This option indicates that \fInxauth\fP should attempt to break any authority
file locks before proceeding. Use this option only to clean up stale locks.
.SH COMMANDS
The following commands may be used to manipulate authority files:
.TP 8
.B "add \fIdisplayname protocolname hexkey"
An authorization entry for the indicated display using the given protocol
and key data is added to the authorization file. The data is specified as
an even-lengthed string of hexadecimal digits, each pair representing
one octet. The first digit of each pair gives the most significant 4 bits
of the octet, and the second digit of the pair gives the least significant 4
bits. For example, a 32 character hexkey would represent a 128-bit value.
A protocol name consisting of just a
single period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP.
.TP 8
.B "generate \fIdisplayname protocolname\fP \fR[\fPtrusted|untrusted\fR]\fP"
.B \fR[\fPtimeout \fIseconds\fP\fR]\fP \fR[\fPgroup \fIgroup-id\fP\fR]\fP \fR[\fBdata \fIhexdata\fR]
This command is similar to add. The main difference is that instead
of requiring the user to supply the key data, it connects to the
server specified in \fIdisplayname\fP and uses the SECURITY extension
in order to get the key data to store in the authorization file. If
the server cannot be contacted or if it does not support the SECURITY
extension, the command fails. Otherwise, an authorization entry for
the indicated display using the given protocol is added to the
authorization file. A protocol name consisting of just a single
period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP.
If the \fBtrusted\fP option is used, clients that connect using this
authorization will have full run of the display, as usual. If
\fBuntrusted\fP is used, clients that connect using this authorization
will be considered untrusted and prevented from stealing or tampering
with data belonging to trusted clients. See the SECURITY extension
specification for full details on the restrictions imposed on
untrusted clients. The default is \fBuntrusted\fP.
The \fBtimeout\fP option specifies how long in seconds this
authorization will be valid. If the authorization remains unused (no
clients are connected with it) for longer than this time period, the
server purges the authorization, and future attempts to connect using
it will fail. Note that the purging done by the server does \fBnot\fP
delete the authorization entry from the authorization file. The
default timeout is 60 seconds.
The \fBgroup\fP option specifies the application group that clients
connecting with this authorization should belong to. See the
application group extension specification for more details. The
default is to not belong to an application group.
The \fBdata\fP option specifies data that the server should use to
generate the authorization. Note that this is \fBnot\fP the same data
that gets written to the authorization file. The interpretation of
this data depends on the authorization protocol. The \fIhexdata\fP is
in the same format as the \fIhexkey\fP described in the add command.
The default is to send no data.
.TP 8
.B "[n]extract \fIfilename displayname..."
Authorization entries for each of the specified displays are written to the
indicated file. If the \fInextract\fP command is used, the entries are written
in a numeric format suitable for non-binary transmission (such as secure
electronic mail). The extracted entries can be read back in using the
\fImerge\fP and \fInmerge\fP commands. If the filename consists of
just a single dash, the entries will be written to the standard output.
.TP 8
.B "[n]list \fR[\fIdisplayname\fP...]"
Authorization entries for each of the specified displays (or all if no
displays are named) are printed on the standard output. If the \fInlist\fP
command is used, entries will be shown in the numeric format used by
the \fInextract\fP command; otherwise, they are shown in a textual format.
Key data is always displayed in the hexadecimal format given in the
description of the \fIadd\fP command.
.TP 8
.B "[n]merge \fR[\fIfilename\fP...]"
Authorization entries are read from the specified files and are merged into
the authorization database, superceding any matching existing entries. If
the \fInmerge\fP command is used, the numeric format given in the description
of the \fIextract\fP command is used. If a filename consists of just a single
dash, the standard input will be read if it hasn't been read before.
.TP 8
.B "remove \fIdisplayname\fR..."
Authorization entries matching the specified displays are removed from the
authority file.
.TP 8
.B "source \fIfilename"
The specified file is treated as a script containing \fInxauth\fP commands
to execute. Blank lines and lines beginning with a sharp sign (#) are
ignored. A single dash may be used to indicate the standard input, if it
hasn't already been read.
.TP 8
.B "info"
Information describing the authorization file, whether or not any changes
have been made, and from where \fInxauth\fP commands are being read
is printed on the standard output.
.TP 8
.B "exit"
If any modifications have been made, the authority file is written out (if
allowed), and the program exits. An end of file is treated as an implicit
\fIexit\fP command.
.TP 8
.B "quit"
The program exits, ignoring any modifications. This may also be accomplished
by pressing the interrupt character.
.TP 8
.B "help [\fIstring\fP]"
A description of all commands that begin with the given string (or all
commands if no string is given) is printed on the standard output.
.TP 8
.B "?"
A short list of the valid commands is printed on the standard output.
.SH "DISPLAY NAMES"
Display names for the \fIadd\fP, \fI[n]extract\fP, \fI[n]list\fP,
\fI[n]merge\fP, and \fIremove\fP commands use the same format as the
DISPLAY environment variable and the common \fI\-display\fP command line
argument. Display-specific information (such as the screen number)
is unnecessary and will be ignored.
Same-machine connections (such as local-host sockets,
shared memory, and the Internet Protocol hostname \fIlocalhost\fP) are
referred to as \fIhostname\fP/unix:\fIdisplaynumber\fP so that
local entries for different machines may be stored in one authority file.
.SH EXAMPLE
.PP
The most common use for \fInxauth\fP is to extract the entry for the
current display, copy it to another machine, and merge it into the
user's authority file on the remote machine:
.sp
.nf
% nxauth extract \- $DISPLAY | rsh otherhost nxauth merge \-
.fi
.PP
.sp
The following command contacts the server :0 to create an
authorization using the MIT-MAGIC-COOKIE-1 protocol. Clients that
connect with this authorization will be untrusted.
.nf
% nxauth generate :0 .
.fi
.SH ENVIRONMENT
This \fInxauth\fP program uses the following environment variables:
.TP 8
.B XAUTHORITY
to get the name of the authority file to use if the \fI\-f\fP option isn't
used.
.TP 8
.B HOME
to get the user's home directory if XAUTHORITY isn't defined.
.SH FILES
.TP 8
.I $HOME/.Xauthority
default authority file if XAUTHORITY isn't defined.
.SH BUGS
.PP
Users that have unsecure networks should take care to use encrypted
file transfer mechanisms to copy authorization entries between machines.
Similarly, the \fIMIT-MAGIC-COOKIE-1\fP protocol is not very useful in
unsecure environments. Sites that are interested in additional security
may need to use encrypted authorization mechanisms such as Kerberos.
.PP
Spaces are currently not allowed in the protocol name. Quoting could be
added for the truly perverse.
.SH AUTHOR
Jim Fulton, MIT X Consortium
nx-X11/programs/nxauth/parsedpy.c deleted 100644 → 0
View file @ a3a29528
/*
* $Xorg: parsedpy.c,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $
*
* parse_displayname - utility routine for splitting up display name strings
*
*
Copyright 1989, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
* *
* Author: Jim Fulton, MIT X Consortium
*/
/* $XFree86: xc/programs/xauth/parsedpy.c,v 3.6 2001/12/14 20:01:15 dawes Exp $ */
/**************************************************************************/
/* */
/* Copyright (c) 2001, 2010 NoMachine, http://www.nomachine.com/. */
/* */
/* NXAUTH, NX protocol compression and NX extensions to this software */
/* are copyright of NoMachine. Redistribution and use of the present */
/* software is allowed according to terms specified in the file LICENSE */
/* which comes in the source distribution. */
/* */
/* Check http://www.nomachine.com/licensing.html for applicability. */
/* */
/* NX and NoMachine are trademarks of Medialogic S.p.A. */
/* */
/* All rights reserved. */
/* */
/**************************************************************************/
#include <stdio.h> /* for NULL */
#include <ctype.h> /* for isascii() and isdigit() */
#include <nx-X11/Xos.h> /* for strchr() and string routines */
#include <nx-X11/Xlib.h> /* for Family contants */
#ifdef hpux
#include <sys/utsname.h> /* for struct utsname */
#endif
#include <nx-X11/Xauth.h> /* for FamilyLocal */
#if defined(UNIXCONN) || defined(LOCALCONN)
#define UNIX_CONNECTION "unix"
#define UNIX_CONNECTION_LENGTH 4
#endif
#include <stdlib.h>
#include "xauth.h"
#define PANIC
#define WARNING
#undef TEST
#undef DEBUG
/*
* private utility routines
*/
char *
copystring (char *src, int len)
{
char *cp;
if (!src && len != 0) return NULL;
cp = malloc (len + 1);
if (cp) {
if (src) strncpy (cp, src, len);
cp[len] = '\0';
}
return cp;
}
char *
get_local_hostname (char *buf, int maxlen)
{
buf[0] = '\0';
/*
(void) XmuGetHostname (buf, maxlen);
*/
/*FIXME*/
(void) gethostname (buf, maxlen);
buf [maxlen - 1] = '\0';
#ifdef TEST
printf("get_local_hostname: Host name is %s", buf);
#endif
return (buf[0] ? buf : NULL);
}
#ifndef UNIXCONN
static char *
copyhostname (void)
{
char buf[256];
return (get_local_hostname (buf, sizeof buf) ?
copystring (buf, strlen (buf)) : NULL);
}
#endif
/*
* parse_displayname - display a display string up into its component parts
*/
Bool
parse_displayname (char *displayname,
int *familyp, /* return */
char **hostp, /* return */
int *dpynump, /* return */
int *scrnump, /* return */
char **restp) /* return */
{
char *ptr; /* work variables */
int len; /* work variable */
int family = -1; /* value to be returned */
char *host = NULL; /* must free if set and error return */
int dpynum = -1; /* value to be returned */
int scrnum = 0; /* value to be returned */
char *rest = NULL; /* must free if set and error return */
Bool dnet = False; /* if true then using DECnet */
/* check the name */
if (!displayname || !displayname[0]) return False;
/* must have at least :number */
ptr = strchr(displayname, ':');
if (!ptr || !ptr[1]) return False;
if (ptr[1] == ':') {
if (ptr[2] == '\0') return False;
dnet = True;
}
/*
* get the host string; if none is given, use the most effiecient path
*/
len = (ptr - displayname); /* length of host name */
if (len == 0) { /* choose most efficient path */
#if defined(UNIXCONN) || defined(LOCALCONN)
host = copystring (UNIX_CONNECTION, UNIX_CONNECTION_LENGTH);
family = FamilyLocal;
#else
if (dnet) {
host = copystring ("0", 1);
family = FamilyDECnet;
} else {
host = copyhostname ();
family = FamilyInternet;
}
#endif
} else {
host = copystring (displayname, len);
if (dnet) {
family = dnet;
} else {
#if defined(UNIXCONN) || defined(LOCALCONN)
if (host && strcmp (host, UNIX_CONNECTION) == 0)
family = FamilyLocal;
else
#endif
family = FamilyInternet;
}
}
if (!host) return False;
/*
* get the display number; we know that there is something after the
* colon (or colons) from above. note that host is now set and must
* be freed if there is an error.
*/
if (dnet) ptr++; /* skip the extra DECnet colon */
ptr++; /* move to start of display num */
{
register char *cp;
for (cp = ptr; *cp && isascii(*cp) && isdigit(*cp); cp++) ;
len = (cp - ptr);
/* check present and valid follow */
if (len == 0 || (*cp && *cp != '.')) {
free (host);
return False;
}
dpynum = atoi (ptr); /* it will handle num. as well */
ptr = cp;
}
/*
* now get screen number if given; ptr may point to nul at this point
*/
if (ptr[0] == '.') {
register char *cp;
ptr++;
for (cp = ptr; *cp && isascii(*cp) && isdigit(*cp); cp++) ;
len = (cp - ptr);
if (len == 0 || (*cp && *cp != '.')) { /* all prop name */
free (host);
return False;
}
scrnum = atoi (ptr); /* it will handle num. as well */
ptr = cp;
}
/*
* and finally, get any additional stuff that might be following the
* the screen number; ptr must point to a period if there is anything
*/
if (ptr[0] == '.') {
ptr++;
len = strlen (ptr);
if (len > 0) {
rest = copystring (ptr, len);
if (!rest) {
free (host);
return False;
}
}
}
/*
* and we are done!
*/
*familyp = family;
*hostp = host;
*dpynump = dpynum;
*scrnump = scrnum;
*restp = rest;
return True;
}
nx-X11/programs/nxauth/process.c deleted 100644 → 0
View file @ a3a29528
/* $Xorg: process.c,v 1.6 2001/02/09 02:05:38 xorgcvs Exp $ */
/*
Copyright 1989, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall
not be used in advertising or otherwise to promote the sale, use or
other dealings in this Software without prior written authorization
from The Open Group.
*/
/* $XFree86: xc/programs/xauth/process.c,v 3.18 2003/02/13 02:50:22 dawes Exp $ */
/**************************************************************************/
/* */
/* Copyright (c) 2001, 2010 NoMachine, http://www.nomachine.com/. */
/* */
/* NXAUTH, NX protocol compression and NX extensions to this software */
/* are copyright of NoMachine. Redistribution and use of the present */
/* software is allowed according to terms specified in the file LICENSE */
/* which comes in the source distribution. */
/* */
/* Check http://www.nomachine.com/licensing.html for applicability. */
/* */
/* NX and NoMachine are trademarks of Medialogic S.p.A. */
/* */
/* All rights reserved. */
/* */
/**************************************************************************/
/*
* Author: Jim Fulton, MIT X Consortium
*/
#include "xauth.h"
#include <ctype.h>
#include <errno.h>
#include <sys/stat.h>
#include <signal.h>
/*#include <nx-X11/X.h>*/ /* for Family constants */
/*
#include <nx-X11/Xlib.h>
#include <nx-X11/extensions/security.h>
*/
/*FIXME*/
#define FamilyInternet 0
#define FamilyDECnet 1
extern Bool naneserver_timedout;
#ifndef DEFAULT_PROTOCOL_ABBREV /* to make add command easier */
#define DEFAULT_PROTOCOL_ABBREV "."
#endif
#ifndef DEFAULT_PROTOCOL /* for protocol abbreviation */
#define DEFAULT_PROTOCOL "MIT-MAGIC-COOKIE-1"
#endif
#define SECURERPC "SUN-DES-1"
#define K5AUTH "MIT-KERBEROS-5"
#define XAUTH_DEFAULT_RETRIES 10 /* number of competitors we expect */
#define XAUTH_DEFAULT_TIMEOUT 2 /* in seconds, be quick */
#define XAUTH_DEFAULT_DEADTIME 600L /* 10 minutes in seconds */
typedef struct _AuthList { /* linked list of entries */
struct _AuthList *next;
Xauth *auth;
} AuthList;
typedef int (*ProcessFunc)(char *, int, int, char**);
#define add_to_list(h,t,e) {if (t) (t)->next = (e); else (h) = (e); (t) = (e);}
typedef struct _CommandTable { /* commands that are understood */
char *name; /* full name */
int minlen; /* unique prefix */
int maxlen; /* strlen(name) */
ProcessFunc processfunc; /* handler */
char *helptext; /* what to print for help */
} CommandTable;
struct _extract_data { /* for iterating */
FILE *fp; /* input source */
char *filename; /* name of input */
Bool used_stdout; /* whether or not need to close */
Bool numeric; /* format in which to write */
int nwritten; /* number of entries written */
char *cmd; /* for error messages */
};
struct _list_data { /* for iterating */
FILE *fp; /* output file */
Bool numeric; /* format in which to write */
};
/*
* private data
*/
static char *stdin_filename = "(stdin)"; /* for messages */
static char *stdout_filename = "(stdout)"; /* for messages */
static char *Yes = "yes"; /* for messages */
static char *No = "no"; /* for messages */
static int do_help ( char *inputfilename, int lineno, int argc, char **argv );
static int do_questionmark ( char *inputfilename, int lineno, int argc, char **argv );
static int do_list ( char *inputfilename, int lineno, int argc, char **argv );
static int do_merge ( char *inputfilename, int lineno, int argc, char **argv );
static int do_extract ( char *inputfilename, int lineno, int argc, char **argv );
static int do_add ( char *inputfilename, int lineno, int argc, char **argv );
static int do_remove ( char *inputfilename, int lineno, int argc, char **argv );
static int do_info ( char *inputfilename, int lineno, int argc, char **argv );
static int do_exit ( char *inputfilename, int lineno, int argc, char **argv );
static int do_quit ( char *inputfilename, int lineno, int argc, char **argv );
static int do_source ( char *inputfilename, int lineno, int argc, char **argv );
/*
static int do_generate ( char *inputfilename, int lineno, int argc, char **argv );
*/
static CommandTable command_table[] = { /* table of known commands */
{ "add", 2, 3, do_add,
"add dpyname protoname hexkey add entry" },
{ "exit", 3, 4, do_exit,
"exit save changes and exit program" },
{ "extract", 3, 7, do_extract,
"extract filename dpyname... extract entries into file" },
{ "help", 1, 4, do_help,
"help [topic] print help" },
{ "info", 1, 4, do_info,
"info print information about entries" },
{ "list", 1, 4, do_list,
"list [dpyname...] list entries" },
{ "merge", 1, 5, do_merge,
"merge filename... merge entries from files" },
{ "nextract", 2, 8, do_extract,
"nextract filename dpyname... numerically extract entries" },
{ "nlist", 2, 5, do_list,
"nlist [dpyname...] numerically list entries" },
{ "nmerge", 2, 6, do_merge,
"nmerge filename... numerically merge entries" },
{ "quit", 1, 4, do_quit,
"quit abort changes and exit program" },
{ "remove", 1, 6, do_remove,
"remove dpyname... remove entries" },
{ "source", 1, 6, do_source,
"source filename read commands from file" },
{ "?", 1, 1, do_questionmark,
"? list available commands" },
/* { "generate", 1, 8, do_generate,
"generate dpyname protoname [options] use server to generate entry\n"
" options are:\n"
" timeout n authorization expiration time in seconds\n"
" trusted clients using this entry are trusted\n"
" untrusted clients using this entry are untrusted\n"
" group n clients using this entry belong to application group n\n"
" data hexkey auth protocol specific data needed to generate the entry\n"
}, */
{ NULL, 0, 0, NULL, NULL },
};
#define COMMAND_NAMES_PADDED_WIDTH 10 /* wider than anything above */
static Bool okay_to_use_stdin = True; /* set to false after using */
static char *hex_table[] = { /* for printing hex digits */
"00", "01", "02", "03", "04", "05", "06", "07",
"08", "09", "0a", "0b", "0c", "0d", "0e", "0f",
"10", "11", "12", "13", "14", "15", "16", "17",
"18", "19", "1a", "1b", "1c", "1d", "1e", "1f",
"20", "21", "22", "23", "24", "25", "26", "27",
"28", "29", "2a", "2b", "2c", "2d", "2e", "2f",
"30", "31", "32", "33", "34", "35", "36", "37",
"38", "39", "3a", "3b", "3c", "3d", "3e", "3f",
"40", "41", "42", "43", "44", "45", "46", "47",
"48", "49", "4a", "4b", "4c", "4d", "4e", "4f",
"50", "51", "52", "53", "54", "55", "56", "57",
"58", "59", "5a", "5b", "5c", "5d", "5e", "5f",
"60", "61", "62", "63", "64", "65", "66", "67",
"68", "69", "6a", "6b", "6c", "6d", "6e", "6f",
"70", "71", "72", "73", "74", "75", "76", "77",
"78", "79", "7a", "7b", "7c", "7d", "7e", "7f",
"80", "81", "82", "83", "84", "85", "86", "87",
"88", "89", "8a", "8b", "8c", "8d", "8e", "8f",
"90", "91", "92", "93", "94", "95", "96", "97",
"98", "99", "9a", "9b", "9c", "9d", "9e", "9f",
"a0", "a1", "a2", "a3", "a4", "a5", "a6", "a7",
"a8", "a9", "aa", "ab", "ac", "ad", "ae", "af",
"b0", "b1", "b2", "b3", "b4", "b5", "b6", "b7",
"b8", "b9", "ba", "bb", "bc", "bd", "be", "bf",
"c0", "c1", "c2", "c3", "c4", "c5", "c6", "c7",
"c8", "c9", "ca", "cb", "cc", "cd", "ce", "cf",
"d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7",
"d8", "d9", "da", "db", "dc", "dd", "de", "df",
"e0", "e1", "e2", "e3", "e4", "e5", "e6", "e7",
"e8", "e9", "ea", "eb", "ec", "ed", "ee", "ef",
"f0", "f1", "f2", "f3", "f4", "f5", "f6", "f7",
"f8", "f9", "fa", "fb", "fc", "fd", "fe", "ff",
};
static unsigned int hexvalues[256]; /* for parsing hex input */
static int original_umask = 0; /* for restoring */
/*
* private utility procedures
*/
static void
prefix(char *fn, int n)
{
fprintf (stderr, "%s: %s:%d: ", ProgramName, fn, n);
}
static void
baddisplayname(char *dpy, char *cmd)
{
fprintf (stderr, "bad display name \"%s\" in \"%s\" command\n",
dpy, cmd);
}
static void
badcommandline(char *cmd)
{
fprintf (stderr, "bad \"%s\" command line\n", cmd);
}
static char *
skip_space(register char *s)
{
if (!s) return NULL;
for ( ; *s && isascii(*s) && isspace(*s); s++)
;
return s;
}
static char *
skip_nonspace(register char *s)
{
if (!s) return NULL;
/* put quoting into loop if need be */
for ( ; *s && isascii(*s) && !isspace(*s); s++)
;
return s;
}
static char **
split_into_words(char *src, int *argcp) /* argvify string */
{
char *jword;
char savec;
char **argv;
int cur, total;
*argcp = 0;
#define WORDSTOALLOC 4 /* most lines are short */
argv = (char **) malloc (WORDSTOALLOC * sizeof (char *));
if (!argv) return NULL;
cur = 0;
total = WORDSTOALLOC;
/*
* split the line up into separate, nul-terminated tokens; the last
* "token" will point to the empty string so that it can be bashed into
* a null pointer.
*/
do {
jword = skip_space (src);
src = skip_nonspace (jword);
savec = *src;
*src = '\0';
if (cur == total) {
total += WORDSTOALLOC;
argv = (char **) realloc (argv, total * sizeof (char *));
if (!argv) return NULL;
}
argv[cur++] = jword;
if (savec) src++; /* if not last on line advance */
} while (jword != src);
argv[--cur] = NULL; /* smash empty token to end list */
*argcp = cur;
return argv;
}
static FILE *
open_file(char **filenamep,
char *mode,
Bool *usedstdp,
char *srcfn,
int srcln,
char *cmd)
{
FILE *fp;
if (strcmp (*filenamep, "-") == 0) {
*usedstdp = True;
/* select std descriptor to use */
if (mode[0] == 'r') {
if (okay_to_use_stdin) {
okay_to_use_stdin = False;
*filenamep = stdin_filename;
return stdin;
} else {
prefix (srcfn, srcln);
fprintf (stderr, "%s: stdin already in use\n", cmd);
return NULL;
}
} else {
*filenamep = stdout_filename;
return stdout; /* always okay to use stdout */
}
}
fp = fopen (*filenamep, mode);
if (!fp) {
prefix (srcfn, srcln);
fprintf (stderr, "%s: unable to open file %s\n", cmd, *filenamep);
}
return fp;
}
static int
getinput(FILE *fp)
{
register int c;
while ((c = getc (fp)) != EOF && isascii(c) && c != '\n' && isspace(c)) ;
return c;
}
static int
get_short(FILE *fp, unsigned short *sp) /* for reading numeric input */
{
int c;
int i;
unsigned short us = 0;
/*
* read family: written with %04x
*/
for (i = 0; i < 4; i++) {
switch (c = getinput (fp)) {
case EOF:
case '\n':
return 0;
}
if (c < 0 || c > 255) return 0;
us = (us * 16) + hexvalues[c]; /* since msb */
}
*sp = us;
return 1;
}
static int
get_bytes(FILE *fp, unsigned int n, char **ptr) /* for reading numeric input */
{
char *s;
register char *cp;
int c1, c2;
cp = s = malloc (n);
if (!cp) return 0;
while (n > 0) {
if ((c1 = getinput (fp)) == EOF || c1 == '\n' ||
(c2 = getinput (fp)) == EOF || c2 == '\n') {
free (s);
return 0;
}
*cp = (char) ((hexvalues[c1] * 16) + hexvalues[c2]);
cp++;
n--;
}
*ptr = s;
return 1;
}
static Xauth *
read_numeric(FILE *fp)
{
Xauth *auth;
auth = (Xauth *) malloc (sizeof (Xauth));
if (!auth) goto bad;
auth->family = 0;
auth->address = NULL;
auth->address_length = 0;
auth->number = NULL;
auth->number_length = 0;
auth->name = NULL;
auth->name_length = 0;
auth->data = NULL;
auth->data_length = 0;
if (!get_short (fp, (unsigned short *) &auth->family))
goto bad;
if (!get_short (fp, (unsigned short *) &auth->address_length))
goto bad;
if (!get_bytes (fp, (unsigned int) auth->address_length, &auth->address))
goto bad;
if (!get_short (fp, (unsigned short *) &auth->number_length))
goto bad;
if (!get_bytes (fp, (unsigned int) auth->number_length, &auth->number))
goto bad;
if (!get_short (fp, (unsigned short *) &auth->name_length))
goto bad;
if (!get_bytes (fp, (unsigned int) auth->name_length, &auth->name))
goto bad;
if (!get_short (fp, (unsigned short *) &auth->data_length))
goto bad;
if (!get_bytes (fp, (unsigned int) auth->data_length, &auth->data))
goto bad;
switch (getinput (fp)) { /* get end of line */
case EOF:
case '\n':
return auth;
}
bad:
if (auth) XauDisposeAuth (auth); /* won't free null pointers */
return NULL;
}
typedef Xauth *(*ReadFunc)(FILE *);
static int
read_auth_entries(FILE *fp, Bool numeric, AuthList **headp, AuthList **tailp)
{
ReadFunc readfunc = (numeric ? read_numeric : XauReadAuth);
Xauth *auth;
AuthList *head, *tail;
int n;
head = tail = NULL;
n = 0;
/* put all records into linked list */
while ((auth = ((*readfunc) (fp))) != NULL) {
AuthList *l = (AuthList *) malloc (sizeof (AuthList));
if (!l) {
fprintf (stderr,
"%s: unable to alloc entry reading auth file\n",
ProgramName);
exit (1);
}
l->next = NULL;
l->auth = auth;
if (tail) /* if not first time through append */
tail->next = l;
else
head = l; /* first time through, so assign */
tail = l;
n++;
}
*headp = head;
*tailp = tail;
return n;
}
static Bool
get_displayname_auth(char *displayname, Xauth *auth)
{
int family;
char *host = NULL, *rest = NULL;
int dpynum, scrnum;
char *cp;
int len;
Xauth proto;
int prelen = 0;
/*
* check to see if the display name is of the form "host/unix:"
* which is how the list routine prints out local connections
*/
cp = strchr(displayname, '/');
if (cp && strncmp (cp, "/unix:", 6) == 0)
prelen = (cp - displayname);
#ifdef __APPLE__
/*
* FIXME: This is an attempt to get the right
* cookie, because no one can grant that the
* X server is running on the display number
* reported in the launchd display name.
*/
if (strncmp (displayname, "/tmp/launch", 11) == 0)
displayname = strrchr(displayname, ':');
#endif
if (!parse_displayname (displayname + ((prelen > 0) ? prelen + 1 : 0),
&family, &host, &dpynum, &scrnum, &rest)) {
return False;
}
proto.family = family;
proto.address = get_address_info (family, displayname, prelen, host, &len);
if (proto.address) {
char buf[40]; /* want to hold largest display num */
proto.address_length = len;
buf[0] = '\0';
sprintf (buf, "%d", dpynum);
proto.number_length = strlen (buf);
if (proto.number_length <= 0) {
free (proto.address);
proto.address = NULL;
} else {
proto.number = copystring (buf, proto.number_length);
}
}
if (host) free (host);
if (rest) free (rest);
if (proto.address) {
auth->family = proto.family;
auth->address = proto.address;
auth->address_length = proto.address_length;
auth->number = proto.number;
auth->number_length = proto.number_length;
auth->name = NULL;
auth->name_length = 0;
auth->data = NULL;
auth->data_length = 0;
return True;
} else {
return False;
}
}
static int
cvthexkey(char *hexstr, char **ptrp) /* turn hex key string into octets */
{
int i;
int len = 0;
char *retval, *s;
unsigned char *us;
char c;
char savec = '\0';
/* count */
for (s = hexstr; *s; s++) {
if (!isascii(*s)) return -1;
if (isspace(*s)) continue;
if (!isxdigit(*s)) return -1;
len++;
}
/* if odd then there was an error */
if ((len & 1) == 1) return -1;
/* now we know that the input is good */
len >>= 1;
retval = malloc (len);
if (!retval) {
fprintf (stderr, "%s: unable to allocate %d bytes for hexkey\n",
ProgramName, len);
return -1;
}
for (us = (unsigned char *) retval, i = len; i > 0; hexstr++) {
c = *hexstr;
if (isspace(c)) continue; /* already know it is ascii */
if (isupper(c))
c = tolower(c);
if (savec) {
#define atoh(c) ((c) - (((c) >= '0' && (c) <= '9') ? '0' : ('a'-10)))
*us = (unsigned char)((atoh(savec) << 4) + atoh(c));
#undef atoh
savec = 0; /* ready for next character */
us++;
i--;
} else {
savec = c;
}
}
*ptrp = retval;
return len;
}
static int
dispatch_command(char *inputfilename,
int lineno,
int argc,
char **argv,
CommandTable *tab,
int *statusp)
{
CommandTable *ct;
char *cmd;
int n;
/* scan table for command */
cmd = argv[0];
n = strlen (cmd);
for (ct = tab; ct->name; ct++) {
/* look for unique prefix */
if (n >= ct->minlen && n <= ct->maxlen &&
strncmp (cmd, ct->name, n) == 0) {
*statusp = (*(ct->processfunc))(inputfilename, lineno, argc, argv);
return 1;
}
}
*statusp = 1;
return 0;
}
static AuthList *xauth_head = NULL; /* list of auth entries */
static Bool xauth_existed = False; /* if was present at initialize */
static Bool xauth_modified = False; /* if added, removed, or merged */
static Bool xauth_allowed = True; /* if allowed to write auth file */
static Bool xauth_locked = False; /* if has been locked */
static char *xauth_filename = NULL;
static Bool dieing = False;
#ifdef SIGNALRETURNSINT
#define _signal_t int
#else
#define _signal_t void
#endif
/* poor man's puts(), for under signal handlers */
#define WRITES(fd, S) (void)write((fd), (S), strlen((S)))
/* ARGSUSED */
static _signal_t
die(int sig)
{
dieing = True;
_exit (auth_finalize ());
/* NOTREACHED */
#ifdef SIGNALRETURNSINT
return -1; /* for picky compilers */
#endif
}
static _signal_t
catchsig(int sig)
{
#ifdef SYSV
if (sig > 0) signal (sig, die); /* re-establish signal handler */
#endif
/*
* fileno() might not be reentrant, avoid it if possible, and use
* stderr instead of stdout
*/
#ifdef STDERR_FILENO
if (verbose && xauth_modified) WRITES(STDERR_FILENO, "\r\n");
#else
if (verbose && xauth_modified) WRITES(fileno(stderr), "\r\n");
#endif
die (sig);
/* NOTREACHED */
#ifdef SIGNALRETURNSINT
return -1; /* for picky compilers */
#endif
}
static void
register_signals(void)
{
signal (SIGINT, catchsig);
signal (SIGTERM, catchsig);
#ifdef SIGHUP
signal (SIGHUP, catchsig);
#endif
return;
}
/*
* public procedures for parsing lines of input
*/
int
auth_initialize(char *authfilename)
{
int n;
AuthList *head, *tail;
FILE *authfp;
Bool exists;
xauth_filename = authfilename; /* used in cleanup, prevent race with
signals */
register_signals ();
bzero ((char *) hexvalues, sizeof hexvalues);
hexvalues['0'] = 0;
hexvalues['1'] = 1;
hexvalues['2'] = 2;
hexvalues['3'] = 3;
hexvalues['4'] = 4;
hexvalues['5'] = 5;
hexvalues['6'] = 6;
hexvalues['7'] = 7;
hexvalues['8'] = 8;
hexvalues['9'] = 9;
hexvalues['a'] = hexvalues['A'] = 0xa;
hexvalues['b'] = hexvalues['B'] = 0xb;
hexvalues['c'] = hexvalues['C'] = 0xc;
hexvalues['d'] = hexvalues['D'] = 0xd;
hexvalues['e'] = hexvalues['E'] = 0xe;
hexvalues['f'] = hexvalues['F'] = 0xf;
if (break_locks && verbose) {
printf ("Attempting to break locks on authority file %s\n",
authfilename);
}
if (ignore_locks) {
if (break_locks) XauUnlockAuth (authfilename);
} else {
n = XauLockAuth (authfilename, XAUTH_DEFAULT_RETRIES,
XAUTH_DEFAULT_TIMEOUT,
(break_locks ? 0L : XAUTH_DEFAULT_DEADTIME));
if (n != LOCK_SUCCESS) {
char *reason = "unknown error";
switch (n) {
case LOCK_ERROR:
reason = "error";
break;
case LOCK_TIMEOUT:
reason = "timeout";
break;
}
fprintf (stderr, "%s: %s in locking authority file %s\n",
ProgramName, reason, authfilename);
return -1;
} else
xauth_locked = True;
}
/* these checks can only be done reliably after the file is locked */
exists = (access (authfilename, F_OK) == 0);
if (exists && access (authfilename, W_OK) != 0) {
fprintf (stderr,
"%s: %s not writable, changes will be ignored\n",
ProgramName, authfilename);
xauth_allowed = False;
}
original_umask = umask (0077); /* disallow non-owner access */
authfp = fopen (authfilename, "rb");
if (!authfp) {
int olderrno = errno;
/* if file there then error */
if (access (authfilename, F_OK) == 0) { /* then file does exist! */
errno = olderrno;
return -1;
} /* else ignore it */
fprintf (stderr,
"%s: creating new authority file %s\n",
ProgramName, authfilename);
} else {
xauth_existed = True;
n = read_auth_entries (authfp, False, &head, &tail);
(void) fclose (authfp);
if (n < 0) {
fprintf (stderr,
"%s: unable to read auth entries from file \"%s\"\n",
ProgramName, authfilename);
return -1;
}
xauth_head = head;
}
n = strlen (authfilename);
xauth_filename = malloc (n + 1);
if (xauth_filename) strcpy (xauth_filename, authfilename);
else {
fprintf(stderr,"cannot allocate memory\n");
return -1;
}
xauth_modified = False;
if (verbose) {
printf ("%s authority file %s\n",
ignore_locks ? "Ignoring locks on" : "Using", authfilename);
}
return 0;
}
static int
write_auth_file(char *tmp_nam)
{
FILE *fp = NULL;
int fd;
AuthList *list;
/*
* xdm and auth spec assumes auth file is 12 or fewer characters
*/
strcpy (tmp_nam, xauth_filename);
strcat (tmp_nam, "-n"); /* for new */
(void) unlink (tmp_nam);
/* CPhipps 2000/02/12 - fix file unlink/fopen race */
fd = open(tmp_nam, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd != -1) fp = fdopen (fd, "wb");
if (!fp) {
if (fd != -1) close(fd);
fprintf (stderr, "%s: unable to open tmp file \"%s\"\n",
ProgramName, tmp_nam);
return -1;
}
/*
* Write MIT-MAGIC-COOKIE-1 first, because R4 Xlib knows
* only that and uses the first authorization it finds.
*/
for (list = xauth_head; list; list = list->next) {
if (list->auth->name_length == 18
&& strncmp(list->auth->name, "MIT-MAGIC-COOKIE-1", 18) == 0) {
if (!XauWriteAuth(fp, list->auth)) {
(void) fclose(fp);
return -1;
}
}
}
for (list = xauth_head; list; list = list->next) {
if (list->auth->name_length != 18
|| strncmp(list->auth->name, "MIT-MAGIC-COOKIE-1", 18) != 0) {
if (!XauWriteAuth(fp, list->auth)) {
(void) fclose(fp);
return -1;
}
}
}
(void) fclose (fp);
return 0;
}
int
auth_finalize(void)
{
char temp_name[1024]; /* large filename size */
if (xauth_modified) {
if (dieing) {
if (verbose) {
/*
* called from a signal handler -- printf is *not* reentrant; also
* fileno() might not be reentrant, avoid it if possible, and use
* stderr instead of stdout
*/
#ifdef STDERR_FILENO
WRITES(STDERR_FILENO, "\nAborting changes to authority file ");
WRITES(STDERR_FILENO, xauth_filename);
WRITES(STDERR_FILENO, "\n");
#else
WRITES(fileno(stderr), "\nAborting changes to authority file ");
WRITES(fileno(stderr), xauth_filename);
WRITES(fileno(stderr), "\n");
#endif
}
} else if (!xauth_allowed) {
fprintf (stderr,
"%s: %s not writable, changes ignored\n",
ProgramName, xauth_filename);
} else {
if (verbose) {
printf ("%s authority file %s\n",
ignore_locks ? "Ignoring locks and writing" :
"Writing", xauth_filename);
}
temp_name[0] = '\0';
if (write_auth_file (temp_name) == -1) {
fprintf (stderr,
"%s: unable to write authority file %s\n",
ProgramName, temp_name);
} else {
(void) unlink (xauth_filename);
#if defined(WIN32) || defined(__UNIXOS2__)|| defined(__CYGWIN__)
if (rename(temp_name, xauth_filename) == -1)
#else
if (link (temp_name, xauth_filename) == -1)
#endif
{
fprintf (stderr,
"%s: unable to link authority file %s, use %s\n",
ProgramName, xauth_filename, temp_name);
} else {
(void) unlink (temp_name);
}
}
}
}
if (xauth_locked) {
XauUnlockAuth (xauth_filename);
}
(void) umask (original_umask);
return 0;
}
int
process_command(char *inputfilename, int lineno, int argc, char **argv)
{
int status;
if (argc < 1 || !argv || !argv[0]) return 1;
if (dispatch_command (inputfilename, lineno, argc, argv,
command_table, &status))
return status;
prefix (inputfilename, lineno);
fprintf (stderr, "unknown command \"%s\"\n", argv[0]);
return 1;
}
/*
* utility routines
*/
static char *
bintohex(unsigned int len, char *bindata)
{
char *hexdata, *starthex;
/* two chars per byte, plus null termination */
starthex = hexdata = (char *)malloc(2*len + 1);
if (!hexdata)
return NULL;
for (; len > 0; len--, bindata++) {
register char *s = hex_table[(unsigned char)*bindata];
*hexdata++ = s[0];
*hexdata++ = s[1];
}
*hexdata = '\0';
return starthex;
}
static void
fprintfhex(register FILE *fp, int len, char *cp)
{
char *hex;
hex = bintohex(len, cp);
fprintf(fp, "%s", hex);
free(hex);
}
int
dump_numeric(register FILE *fp, register Xauth *auth)
{
fprintf (fp, "%04x", auth->family); /* unsigned short */
fprintf (fp, " %04x ", auth->address_length); /* short */
fprintfhex (fp, auth->address_length, auth->address);
fprintf (fp, " %04x ", auth->number_length); /* short */
fprintfhex (fp, auth->number_length, auth->number);
fprintf (fp, " %04x ", auth->name_length); /* short */
fprintfhex (fp, auth->name_length, auth->name);
fprintf (fp, " %04x ", auth->data_length); /* short */
fprintfhex (fp, auth->data_length, auth->data);
putc ('\n', fp);
return 1;
}
/* ARGSUSED */
static int
dump_entry(char *inputfilename, int lineno, Xauth *auth, char *data)
{
struct _list_data *ld = (struct _list_data *) data;
FILE *fp = ld->fp;
if (ld->numeric) {
dump_numeric (fp, auth);
} else {
char *dpyname = NULL;
switch (auth->family) {
case FamilyLocal:
fwrite (auth->address, sizeof (char), auth->address_length, fp);
fprintf (fp, "/unix");
break;
case FamilyInternet:
case FamilyDECnet:
dpyname = get_hostname (auth);
if (dpyname) {
fprintf (fp, "%s", dpyname);
break;
}
/* else fall through to default */
default:
fprintf (fp, "#%04x#", auth->family);
fprintfhex (fp, auth->address_length, auth->address);
putc ('#', fp);
}
putc (':', fp);
fwrite (auth->number, sizeof (char), auth->number_length, fp);
putc (' ', fp);
putc (' ', fp);
fwrite (auth->name, sizeof (char), auth->name_length, fp);
putc (' ', fp);
putc (' ', fp);
if (!strncmp(auth->name, SECURERPC, auth->name_length) ||
!strncmp(auth->name, K5AUTH, auth->name_length))
fwrite (auth->data, sizeof (char), auth->data_length, fp);
else
fprintfhex (fp, auth->data_length, auth->data);
putc ('\n', fp);
}
return 0;
}
static int
extract_entry(char *inputfilename, int lineno, Xauth *auth, char *data)
{
struct _extract_data *ed = (struct _extract_data *) data;
if (!ed->fp) {
ed->fp = open_file (&ed->filename,
ed->numeric ? "w" : "wb",
&ed->used_stdout,
inputfilename, lineno, ed->cmd);
if (!ed->fp) {
prefix (inputfilename, lineno);
fprintf (stderr,
"unable to open extraction file \"%s\"\n",
ed->filename);
return -1;
}
}
(*(ed->numeric ? dump_numeric : XauWriteAuth)) (ed->fp, auth);
ed->nwritten++;
return 0;
}
static int
match_auth_dpy(register Xauth *a, register Xauth *b)
{
return ((a->family == b->family &&
a->address_length == b->address_length &&
a->number_length == b->number_length &&
memcmp(a->address, b->address, a->address_length) == 0 &&
memcmp(a->number, b->number, a->number_length) == 0) ? 1 : 0);
}
/* return non-zero iff display and authorization type are the same */
static int
match_auth(register Xauth *a, register Xauth *b)
{
return ((match_auth_dpy(a, b)
&& a->name_length == b->name_length
&& memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0);
}
static int
merge_entries(AuthList **firstp, AuthList *second, int *nnewp, int *nreplp)
{
AuthList *a, *b, *first, *tail;
int n = 0, nnew = 0, nrepl = 0;
if (!second) return 0;
if (!*firstp) { /* if nothing to merge into */
*firstp = second;
for (tail = *firstp, n = 1; tail->next; n++, tail = tail->next) ;
*nnewp = n;
*nreplp = 0;
return n;
}
first = *firstp;
/*
* find end of first list and stick second list on it
*/
for (tail = first; tail->next; tail = tail->next) ;
tail->next = second;
/*
* run down list freeing duplicate entries; if an entry is okay, then
* bump the tail up to include it, otherwise, cut the entry out of
* the chain.
*/
for (b = second; b; ) {
AuthList *next = b->next; /* in case we free it */
a = first;
for (;;) {
if (match_auth (a->auth, b->auth)) { /* found a duplicate */
AuthList tmp; /* swap it in for old one */
tmp = *a;
*a = *b;
*b = tmp;
a->next = b->next;
XauDisposeAuth (b->auth);
free ((char *) b);
b = NULL;
tail->next = next;
nrepl++;
nnew--;
break;
}
if (a == tail) break; /* if have looked at left side */
a = a->next;
}
if (b) { /* if we didn't remove it */
tail = b; /* bump end of first list */
}
b = next;
n++;
nnew++;
}
*nnewp = nnew;
*nreplp = nrepl;
return n;
}
typedef int (*YesNoFunc)(char *, int, Xauth *, char *);
static int
iterdpy (char *inputfilename, int lineno, int start,
int argc, char *argv[],
YesNoFunc yfunc, YesNoFunc nfunc, char *data)
{
int i;
int status;
int errors = 0;
Xauth proto;
AuthList *l, *next;
/*
* iterate
*/
for (i = start; i < argc; i++) {
char *displayname = argv[i];
proto.address = proto.number = NULL;
if (!get_displayname_auth (displayname, &proto)) {
prefix (inputfilename, lineno);
baddisplayname (displayname, argv[0]);
errors++;
continue;
}
status = 0;
for (l = xauth_head; l; l = next) {
next = l->next;
if (match_auth_dpy (&proto, l->auth)) {
if (yfunc) {
status = (*yfunc) (inputfilename, lineno,
l->auth, data);
if (status < 0) break;
}
} else {
if (nfunc) {
status = (*nfunc) (inputfilename, lineno,
l->auth, data);
if (status < 0) break;
}
}
}
if (proto.address) free (proto.address);
if (proto.number) free (proto.number);
if (status < 0) {
errors -= status; /* since status is negative */
break;
}
}
return errors;
}
/* ARGSUSED */
static int
remove_entry(char *inputfilename, int lineno, Xauth *auth, char *data)
{
int *nremovedp = (int *) data;
AuthList **listp = &xauth_head;
AuthList *list;
/*
* unlink the auth we were asked to
*/
while ((list = *listp)->auth != auth)
listp = &list->next;
*listp = list->next;
XauDisposeAuth (list->auth); /* free the auth */
free (list); /* free the link */
xauth_modified = True;
(*nremovedp)++;
return 1;
}
/*
* action routines
*/
/*
* help
*/
int
print_help(FILE *fp, char *cmd, char *prefix)
{
CommandTable *ct;
int n = 0;
if (!prefix) prefix = "";
if (!cmd) { /* if no cmd, print all help */
for (ct = command_table; ct->name; ct++) {
fprintf (fp, "%s%s\n", prefix, ct->helptext);
n++;
}
} else {
int len = strlen (cmd);
for (ct = command_table; ct->name; ct++) {
if (strncmp (cmd, ct->name, len) == 0) {
fprintf (fp, "%s%s\n", prefix, ct->helptext);
n++;
}
}
}
return n;
}
static int
do_help(char *inputfilename, int lineno, int argc, char **argv)
{
char *cmd = (argc > 1 ? argv[1] : NULL);
int n;
n = print_help (stdout, cmd, " "); /* a nice amount */
if (n < 0 || (n == 0 && !cmd)) {
prefix (inputfilename, lineno);
fprintf (stderr, "internal error with help");
if (cmd) {
fprintf (stderr, " on command \"%s\"", cmd);
}
fprintf (stderr, "\n");
return 1;
}
if (n == 0) {
prefix (inputfilename, lineno);
/* already know that cmd is set in this case */
fprintf (stderr, "no help for noexistent command \"%s\"\n", cmd);
}
return 0;
}
/*
* questionmark
*/
/* ARGSUSED */
static int
do_questionmark(char *inputfilename, int lineno, int argc, char **argv)
{
CommandTable *ct;
int i;
#define WIDEST_COLUMN 72
int col = WIDEST_COLUMN;
printf ("Commands:\n");
for (ct = command_table; ct->name; ct++) {
if ((col + ct->maxlen) > WIDEST_COLUMN) {
if (ct != command_table) {
putc ('\n', stdout);
}
fputs (" ", stdout);
col = 8; /* length of string above */
}
fputs (ct->name, stdout);
col += ct->maxlen;
for (i = ct->maxlen; i < COMMAND_NAMES_PADDED_WIDTH; i++) {
putc (' ', stdout);
col++;
}
}
if (col != 0) {
putc ('\n', stdout);
}
/* allow bad lines since this is help */
return 0;
}
/*
* list [displayname ...]
*/
static int
do_list (char *inputfilename, int lineno, int argc, char **argv)
{
struct _list_data ld;
ld.fp = stdout;
ld.numeric = (argv[0][0] == 'n');
if (argc == 1) {
register AuthList *l;
if (xauth_head) {
for (l = xauth_head; l; l = l->next) {
dump_entry (inputfilename, lineno, l->auth, (char *) &ld);
}
}
return 0;
}
return iterdpy (inputfilename, lineno, 1, argc, argv,
dump_entry, NULL, (char *) &ld);
return 0;
}
/*
* merge filename [filename ...]
*/
static int
do_merge(char *inputfilename, int lineno, int argc, char **argv)
{
int i;
int errors = 0;
AuthList *head, *tail, *listhead, *listtail;
int nentries, nnew, nrepl;
Bool numeric = False;
if (argc < 2) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
if (argv[0][0] == 'n') numeric = True;
listhead = listtail = NULL;
for (i = 1; i < argc; i++) {
char *filename = argv[i];
FILE *fp;
Bool used_stdin = False;
fp = open_file (&filename,
numeric ? "r" : "rb",
&used_stdin, inputfilename, lineno,
argv[0]);
if (!fp) {
errors++;
continue;
}
head = tail = NULL;
nentries = read_auth_entries (fp, numeric, &head, &tail);
if (nentries == 0) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to read any entries from file \"%s\"\n",
filename);
errors++;
} else { /* link it in */
add_to_list (listhead, listtail, head);
}
if (!used_stdin) (void) fclose (fp);
}
/*
* if we have new entries, merge them in (freeing any duplicates)
*/
if (listhead) {
nentries = merge_entries (&xauth_head, listhead, &nnew, &nrepl);
if (verbose)
printf ("%d entries read in: %d new, %d replacement%s\n",
nentries, nnew, nrepl, nrepl != 1 ? "s" : "");
if (nentries > 0) xauth_modified = True;
}
return 0;
}
/*
* extract filename displayname [displayname ...]
*/
static int
do_extract(char *inputfilename, int lineno, int argc, char **argv)
{
int errors;
struct _extract_data ed;
if (argc < 3) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
ed.fp = NULL;
ed.filename = argv[1];
ed.numeric = (argv[0][0] == 'n');
ed.nwritten = 0;
ed.cmd = argv[0];
errors = iterdpy (inputfilename, lineno, 2, argc, argv,
extract_entry, NULL, (char *) &ed);
if (!ed.fp) {
fprintf (stderr,
"No matches found, authority file \"%s\" not written\n",
ed.filename);
} else {
if (verbose) {
printf ("%d entries written to \"%s\"\n",
ed.nwritten, ed.filename);
}
if (!ed.used_stdout) {
(void) fclose (ed.fp);
}
}
return errors;
}
/*
* add displayname protocolname hexkey
*/
static int
do_add(char *inputfilename, int lineno, int argc, char **argv)
{
int n, nnew, nrepl;
int len;
char *dpyname;
char *protoname;
char *hexkey;
char *key;
Xauth *auth;
AuthList *list;
if (argc != 4 || !argv[1] || !argv[2] || !argv[3]) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
dpyname = argv[1];
protoname = argv[2];
hexkey = argv[3];
len = strlen(hexkey);
if (hexkey[0] == '"' && hexkey[len-1] == '"') {
key = malloc(len-1);
strncpy(key, hexkey+1, len-2);
len -= 2;
} else if (!strcmp(protoname, SECURERPC) ||
!strcmp(protoname, K5AUTH)) {
key = malloc(len+1);
strcpy(key, hexkey);
} else {
len = cvthexkey (hexkey, &key);
if (len < 0) {
prefix (inputfilename, lineno);
fprintf (stderr,
"key contains odd number of or non-hex characters\n");
return 1;
}
}
auth = (Xauth *) malloc (sizeof (Xauth));
if (!auth) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to allocate %ld bytes for Xauth structure\n",
(unsigned long)sizeof (Xauth));
free (key);
return 1;
}
if (!get_displayname_auth (dpyname, auth)) {
prefix (inputfilename, lineno);
baddisplayname (dpyname, argv[0]);
free (auth);
free (key);
return 1;
}
/*
* allow an abbreviation for common protocol names
*/
if (strcmp (protoname, DEFAULT_PROTOCOL_ABBREV) == 0) {
protoname = DEFAULT_PROTOCOL;
}
auth->name_length = strlen (protoname);
auth->name = copystring (protoname, auth->name_length);
if (!auth->name) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to allocate %d character protocol name\n",
auth->name_length);
free (auth);
free (key);
return 1;
}
auth->data_length = len;
auth->data = key;
list = (AuthList *) malloc (sizeof (AuthList));
if (!list) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to allocate %ld bytes for auth list\n",
(unsigned long)sizeof (AuthList));
free (auth);
free (key);
free (auth->name);
return 1;
}
list->next = NULL;
list->auth = auth;
/*
* merge it in; note that merge will deal with allocation
*/
n = merge_entries (&xauth_head, list, &nnew, &nrepl);
if (n <= 0) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to merge in added record\n");
return 1;
}
xauth_modified = True;
return 0;
}
/*
* remove displayname
*/
static int
do_remove(char *inputfilename, int lineno, int argc, char **argv)
{
int nremoved = 0;
int errors;
if (argc < 2) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
errors = iterdpy (inputfilename, lineno, 1, argc, argv,
remove_entry, NULL, (char *) &nremoved);
if (verbose) printf ("%d entries removed\n", nremoved);
return errors;
}
/*
* info
*/
static int
do_info(char *inputfilename, int lineno, int argc, char **argv)
{
int n;
AuthList *l;
if (argc != 1) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
for (l = xauth_head, n = 0; l; l = l->next, n++) ;
printf ("Authority file: %s\n",
xauth_filename ? xauth_filename : "(none)");
printf ("File new: %s\n", xauth_existed ? No : Yes);
printf ("File locked: %s\n", xauth_locked ? No : Yes);
printf ("Number of entries: %d\n", n);
printf ("Changes honored: %s\n", xauth_allowed ? Yes : No);
printf ("Changes made: %s\n", xauth_modified ? Yes : No);
printf ("Current input: %s:%d\n", inputfilename, lineno);
return 0;
}
/*
* exit
*/
static Bool alldone = False;
/* ARGSUSED */
static int
do_exit(char *inputfilename, int lineno, int argc, char **argv)
{
/* allow bogus stuff */
alldone = True;
return 0;
}
/*
* quit
*/
/* ARGSUSED */
static int
do_quit(char *inputfilename, int lineno, int argc, char **argv)
{
/* allow bogus stuff */
die (0);
/* NOTREACHED */
return -1; /* for picky compilers */
}
/*
* source filename
*/
static int
do_source(char *inputfilename, int lineno, int argc, char **argv)
{
char *script;
char buf[BUFSIZ];
FILE *fp;
Bool used_stdin = False;
int len;
int errors = 0, status;
int sublineno = 0;
char **subargv;
int subargc;
Bool prompt = False; /* only true if reading from tty */
if (argc != 2 || !argv[1]) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
script = argv[1];
fp = open_file (&script, "r", &used_stdin, inputfilename, lineno, argv[0]);
if (!fp) {
return 1;
}
if (verbose && used_stdin && isatty (fileno (fp))) prompt = True;
while (!alldone) {
buf[0] = '\0';
if (prompt) {
printf ("xauth> ");
fflush (stdout);
}
if (fgets (buf, sizeof buf, fp) == NULL) break;
sublineno++;
len = strlen (buf);
if (len == 0 || buf[0] == '#') continue;
if (buf[len-1] != '\n') {
prefix (script, sublineno);
fprintf (stderr, "line too long\n");
errors++;
break;
}
buf[--len] = '\0'; /* remove new line */
subargv = split_into_words (buf, &subargc);
if (subargv) {
status = process_command (script, sublineno, subargc, subargv);
free ((char *) subargv);
errors += status;
} else {
prefix (script, sublineno);
fprintf (stderr, "unable to break line into words\n");
errors++;
}
}
if (!used_stdin) {
(void) fclose (fp);
}
return errors;
}
/*static int
static int x_protocol_error;
catch_x_protocol_error(Display *dpy, XErrorEvent *errevent)
{
char buf[80];
XGetErrorText(dpy, errevent->error_code, buf, sizeof (buf));
fprintf(stderr, "%s\n", buf);
x_protocol_error = errevent->error_code;
return 1;
}
*/
/*
* generate
*/
/*static int
do_generate(char *inputfilename, int lineno, int argc, char **argv)
{
char *displayname;
int major_version, minor_version;
XSecurityAuthorization id_return;
Xauth *auth_in, *auth_return;
XSecurityAuthorizationAttributes attributes;
unsigned long attrmask = 0;
Display *dpy;
int status;
char *args[4];
char *protoname = ".";
int i;
int authdatalen = 0;
char *hexdata;
char *authdata = NULL;
if (argc < 2 || !argv[1]) {
prefix (inputfilename, lineno);
badcommandline (argv[0]);
return 1;
}
displayname = argv[1];
if (argc > 2) {
protoname = argv[2];
}
for (i = 3; i < argc; i++) {
if (0 == strcmp(argv[i], "timeout")) {
if (++i == argc) {
prefix (inputfilename, lineno);
badcommandline (argv[i-1]);
return 1;
}
attributes.timeout = atoi(argv[i]);
attrmask |= XSecurityTimeout;
} else if (0 == strcmp(argv[i], "trusted")) {
attributes.trust_level = XSecurityClientTrusted;
attrmask |= XSecurityTrustLevel;
} else if (0 == strcmp(argv[i], "untrusted")) {
attributes.trust_level = XSecurityClientUntrusted;
attrmask |= XSecurityTrustLevel;
} else if (0 == strcmp(argv[i], "group")) {
if (++i == argc) {
prefix (inputfilename, lineno);
badcommandline (argv[i-1]);
return 1;
}
attributes.group = atoi(argv[i]);
attrmask |= XSecurityGroup;
} else if (0 == strcmp(argv[i], "data")) {
if (++i == argc) {
prefix (inputfilename, lineno);
badcommandline (argv[i-1]);
return 1;
}
hexdata = argv[i];
authdatalen = strlen(hexdata);
if (hexdata[0] == '"' && hexdata[authdatalen-1] == '"') {
authdata = malloc(authdatalen-1);
strncpy(authdata, hexdata+1, authdatalen-2);
authdatalen -= 2;
} else {
authdatalen = cvthexkey (hexdata, &authdata);
if (authdatalen < 0) {
prefix (inputfilename, lineno);
fprintf (stderr,
"data contains odd number of or non-hex characters\n");
return 1;
}
}
} else {
prefix (inputfilename, lineno);
badcommandline (argv[i]);
return 1;
}
}
// generate authorization using the Security extension /
dpy = XOpenDisplay (displayname);
if (!dpy) {
prefix (inputfilename, lineno);
fprintf (stderr, "unable to open display \"%s\".\n", displayname);
return 1;
}
status = XSecurityQueryExtension(dpy, &major_version, &minor_version);
if (!status)
{
prefix (inputfilename, lineno);
fprintf (stderr, "couldn't query Security extension on display \"%s\"\n",
displayname);
return 1;
}
// fill in input Xauth struct /
auth_in = XSecurityAllocXauth();
if (strcmp (protoname, DEFAULT_PROTOCOL_ABBREV) == 0) {
auth_in->name = DEFAULT_PROTOCOL;
}
else
auth_in->name = protoname;
auth_in->name_length = strlen(auth_in->name);
auth_in->data = authdata;
auth_in->data_length = authdatalen;
x_protocol_error = 0;
XSetErrorHandler(catch_x_protocol_error);
auth_return = XSecurityGenerateAuthorization(dpy, auth_in, attrmask,
&attributes, &id_return);
XSync(dpy, False);
if (!auth_return || x_protocol_error)
{
prefix (inputfilename, lineno);
fprintf (stderr, "couldn't generate authorization\n");
return 1;
}
if (verbose)
printf("authorization id is %ld\n", id_return);
// create a fake input line to give to do_add /
args[0] = "add";
args[1] = displayname;
args[2] = auth_in->name;
args[3] = bintohex(auth_return->data_length, auth_return->data);
status = do_add(inputfilename, lineno, 4, args);
if (authdata) free(authdata);
XSecurityFreeXauth(auth_in);
XSecurityFreeXauth(auth_return);
free(args[3]); // hex data /
XCloseDisplay(dpy);
return status;
}
*/
nx-X11/programs/nxauth/xauth.c deleted 100644 → 0
View file @ a3a29528
/*
* $Xorg: xauth.c,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $
*
* xauth - manipulate authorization file
*
*
Copyright 1989,1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
* *
* Author: Jim Fulton, MIT X Consortium
*/
/* $XFree86: xc/programs/xauth/xauth.c,v 1.5 2001/12/14 20:01:15 dawes Exp $ */
/**************************************************************************/
/* */
/* Copyright (c) 2001, 2010 NoMachine, http://www.nomachine.com/. */
/* */
/* NXAUTH, NX protocol compression and NX extensions to this software */
/* are copyright of NoMachine. Redistribution and use of the present */
/* software is allowed according to terms specified in the file LICENSE */
/* which comes in the source distribution. */
/* */
/* Check http://www.nomachine.com/licensing.html for applicability. */
/* */
/* NX and NoMachine are trademarks of Medialogic S.p.A. */
/* */
/* All rights reserved. */
/* */
/**************************************************************************/
#include "xauth.h"
/*
* global data
*/
char *ProgramName; /* argv[0], set at top of main() */
int verbose = -1; /* print certain messages */
Bool ignore_locks = True; /* for error recovery */
Bool break_locks = False; /* for error recovery */
/*
* local data
*/
static char *authfilename = NULL; /* filename of cookie file */
static char *defcmds[] = { "source", "-", NULL }; /* default command */
static int ndefcmds = 2;
static char *defsource = "(stdin)";
/*
* utility routines
*/
static void
usage(void)
{
static char *prefixmsg[] = {
"",
"where options include:",
" -f authfilename name of authority file to use",
" -v turn on extra messages",
" -q turn off extra messages",
" -i ignore locks on authority file",
" -b break locks on authority file",
"",
"and commands have the following syntax:",
"",
NULL };
static char *suffixmsg[] = {
"A dash may be used with the \"merge\" and \"source\" to read from the",
"standard input. Commands beginning with \"n\" use numeric format.",
"",
NULL };
char **msg;
fprintf (stderr, "usage: %s [-options ...] [command arg ...]\n",
ProgramName);
for (msg = prefixmsg; *msg; msg++) {
fprintf (stderr, "%s\n", *msg);
}
print_help (stderr, NULL, " "); /* match prefix indentation */
fprintf (stderr, "\n");
for (msg = suffixmsg; *msg; msg++) {
fprintf (stderr, "%s\n", *msg);
}
exit (1);
}
/*
* The main routine - parses command line and calls action procedures
*/
int
main(int argc, char *argv[])
{
int i;
char *sourcename = defsource;
char **arglist = defcmds;
int nargs = ndefcmds;
int status;
ProgramName = argv[0];
for (i = 1; i < argc; i++) {
char *arg = argv[i];
if (arg[0] == '-') {
char *flag;
for (flag = (arg + 1); *flag; flag++) {
switch (*flag) {
case 'f': /* -f authfilename */
if (++i >= argc) usage ();
authfilename = argv[i];
continue;
case 'v': /* -v */
verbose = 1;
continue;
case 'q': /* -q */
verbose = 0;
continue;
case 'b': /* -b */
break_locks = True;
continue;
case 'i': /* -i */
ignore_locks = True;
continue;
default:
usage ();
}
}
} else {
sourcename = "(argv)";
nargs = argc - i;
arglist = argv + i;
if (verbose == -1) verbose = 0;
break;
}
}
if (verbose == -1) { /* set default, don't junk stdout */
verbose = (isatty(fileno(stdout)) != 0);
}
if (!authfilename) {
authfilename = XauFileName (); /* static name, do not free */
if (!authfilename) {
fprintf (stderr,
"%s: unable to generate an authority file name\n",
ProgramName);
exit (1);
}
}
if (auth_initialize (authfilename) != 0) {
/* error message printed in auth_initialize */
exit (1);
}
status = process_command (sourcename, 1, nargs, arglist);
(void) auth_finalize ();
exit ((status != 0) ? 1 : 0);
}
nx-X11/programs/nxauth/xauth.h deleted 100644 → 0
View file @ a3a29528
/*
* $Xorg: xauth.h,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $
*
*
Copyright 1989, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
* *
* Author: Jim Fulton, MIT X Consortium
*/
/* $XFree86: xc/programs/xauth/xauth.h,v 1.6 2001/12/14 20:01:15 dawes Exp $ */
#include <stdio.h>
#include <nx-X11/Xos.h>
#include <nx-X11/Xauth.h>
#include <nx-X11/Xfuncs.h>
#ifndef True
typedef int Bool;
#define False 0
#define True 1
#endif
extern char *ProgramName;
#include <stdlib.h>
extern char *get_hostname ( Xauth *auth );
extern char *get_address_info ( int family, char *fulldpyname, int prefix, char *host, int *lenp );
extern char *copystring ( char *src, int len );
extern char *get_local_hostname ( char *buf, int maxlen );
extern Bool parse_displayname ( char *displayname, int *familyp, char **hostp, int *dpynump, int *scrnump, char **restp );
extern int auth_initialize ( char *authfilename );
extern int auth_finalize ( void );
extern int process_command ( char *inputfilename, int lineno, int argc, char **argv );
extern int dump_numeric ( FILE *fp, Xauth *auth );
extern int print_help ( FILE *fp, char *cmd, char *prefix );
extern int verbose;
extern Bool ignore_locks;
extern Bool break_locks;
nx-libs.spec
View file @ 2f19f2f6
......@@ -155,50 +155,10 @@ This package contains all necessary include files and libraries
needed to develop applications that require these.
%package -n libNX_Xau-devel
Group: Development/Libraries
Summary: Development files for the NX authorization protocol library
Requires: libNX_Xau6%{?_isa} = %{version}-%{release}
Requires: nx-proto-devel%{?_isa} = %{version}-%{release}
%description -n libNX_Xau-devel
NX is a software suite which implements very efficient compression of
the X11 protocol. This increases performance when using X
applications over a network, especially a slow one.
libNX_Xau provides mechanisms for individual access to an nx-X11 Window
System display. It uses existing core protocol and library hooks for
specifying authorization data in the connection setup block to restrict
use of the display to only those clients that show that they know a
server-specific key called a "magic cookie".
This package contains all necessary include files and libraries
needed to develop applications that require these.
%package -n libNX_Xau6
Group: System Environment/Libraries
Summary: NX authorization protocol library
Requires: %{name}%{?_isa} >= 3.5.0.29
Obsoletes: libNX_Xau
%description -n libNX_Xau6
NX is a software suite which implements very efficient compression of
the X11 protocol. This increases performance when using X
applications over a network, especially a slow one.
libNX_Xau provides mechanisms for individual access to an X Window
System display. It uses existing core protocol and library hooks for
specifying authorization data in the connection setup block to
restrict use of the display to only those clients that show that they
know a server-specific key called a "magic cookie".
%package -n libNX_Xext-devel
Group: Development/Libraries
Summary: Development files for the NX Common Extensions library
Requires: libNX_Xext6%{?_isa} = %{version}-%{release}
Requires: libNX_Xau6-devel%{?_isa} = %{version}-%{release}
Requires: nx-proto-devel%{?_isa} = %{version}-%{release}
%description -n libNX_Xext-devel
......@@ -333,7 +293,6 @@ This package provides the session shadowing library.
Group: Development/Libraries
Summary: Include files and libraries for NX development
Requires: libNX_X11-devel%{?_isa} = %{version}-%{release}
Requires: libNX_Xau-devel%{?_isa} = %{version}-%{release}
Requires: libNX_Xext-devel%{?_isa} = %{version}-%{release}
Requires: nx-proto-devel%{?_isa} = %{version}-%{release}
Requires: %{name}%{?_isa} = %{version}-%{release}
......@@ -391,18 +350,6 @@ related requests locally, ensuring that the most common source of
round-trips are nearly reduced to zero.
%package -n nxauth
Group: Applications/System
Summary: NX Auth
%description -n nxauth
NX is a software suite which implements very efficient compression of
the X11 protocol. This increases performance when using X
applications over a network, especially a slow one.
This package provides the NX xauth binary.
%package -n nxproxy
Group: Applications/System
Summary: NX Proxy
......@@ -489,14 +436,12 @@ rm -r %{buildroot}%{_includedir}/nx-X11/Xtrans
%post -p /sbin/ldconfig
%post -n libNX_X11-6 -p /sbin/ldconfig
%post -n libNX_Xau6 -p /sbin/ldconfig
%post -n libNX_Xext6 -p /sbin/ldconfig
%post -n libXcomp3 -p /sbin/ldconfig
%post -n libXcompext3 -p /sbin/ldconfig
%post -n libXcompshad3 -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%postun -n libNX_X11-6 -p /sbin/ldconfig
%postun -n libNX_Xau6 -p /sbin/ldconfig
%postun -n libNX_Xext6 -p /sbin/ldconfig
%postun -n libXcomp3 -p /sbin/ldconfig
%postun -n libXcompext3 -p /sbin/ldconfig
......@@ -531,15 +476,6 @@ rm -r %{buildroot}%{_includedir}/nx-X11/Xtrans
%{_includedir}/nx-X11/Xutil.h
%{_includedir}/nx-X11/cursorfont.h
%files -n libNX_Xau-devel
%defattr(-,root,root)
%{_libdir}/libNX_Xau.so
%{_includedir}/nx-X11/Xauth.h
%files -n libNX_Xau6
%defattr(-,root,root)
%{_libdir}/libNX_Xau.so.6*
%files -n libNX_Xext-devel
%defattr(-,root,root)
%{_libdir}/libNX_Xext.so
......@@ -669,13 +605,6 @@ rm -r %{buildroot}%{_includedir}/nx-X11/Xtrans
%{_datadir}/nx/rgb
%{_datadir}/man/man1/nxagent.1*
%files -n nxauth
%defattr(-,root,root)
%{_bindir}/nxauth
%dir %{_libdir}/nx/bin
%{_libdir}/nx/bin/nxauth
%{_datadir}/man/man1/nxauth.1*
%files -n nxproxy
%defattr(-,root,root)
%{_bindir}/nxproxy
......
roll-tarballs.sh
View file @ 2f19f2f6
......@@ -100,7 +100,7 @@ if [ "x$MODE" = "xfull" ]; then
echo "${file##*/}" >> "doc/applied-patches/series"
done
else
rm -f "bin/"{nxagent,nxauth}
rm -f "bin/nxagent"
rm -Rf "nxcompshad"*
rm -Rf "nxcompext"*
rm -Rf "nx-X11"*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment