2006-11-26 11:13:41 -07:00
|
|
|
/*
|
|
|
|
|
|
|
|
Copyright 1988, 1998 The Open Group
|
|
|
|
|
|
|
|
Permission to use, copy, modify, distribute, and sell this software and its
|
|
|
|
documentation for any purpose is hereby granted without fee, provided that
|
|
|
|
the above copyright notice appear in all copies and that both that
|
|
|
|
copyright notice and this permission notice appear in supporting
|
|
|
|
documentation.
|
|
|
|
|
|
|
|
The above copyright notice and this permission notice shall be included
|
|
|
|
in all copies or substantial portions of the Software.
|
|
|
|
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|
|
|
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
|
|
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
|
|
IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
|
|
|
|
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
|
|
|
|
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
|
|
|
|
OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
|
|
|
|
Except as contained in this notice, the name of The Open Group shall
|
|
|
|
not be used in advertising or otherwise to promote the sale, use or
|
|
|
|
other dealings in this Software without prior written authorization
|
|
|
|
from The Open Group.
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* MIT-MAGIC-COOKIE-1 authorization scheme
|
|
|
|
* Author: Keith Packard, MIT X Consortium
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef HAVE_DIX_CONFIG_H
|
|
|
|
#include <dix-config.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <X11/X.h>
|
|
|
|
#include "os.h"
|
|
|
|
#include "osdep.h"
|
|
|
|
#include "dixstruct.h"
|
|
|
|
|
|
|
|
static struct auth {
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *next;
|
|
|
|
unsigned short len;
|
|
|
|
char *data;
|
|
|
|
XID id;
|
2006-11-26 11:13:41 -07:00
|
|
|
} *mit_auth;
|
|
|
|
|
|
|
|
int
|
2012-06-10 07:21:05 -06:00
|
|
|
MitAddCookie(unsigned short data_length, const char *data, XID id)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *new;
|
2006-11-26 11:13:41 -07:00
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
new = malloc(sizeof(struct auth));
|
2006-11-26 11:13:41 -07:00
|
|
|
if (!new)
|
2012-06-10 07:21:05 -06:00
|
|
|
return 0;
|
2010-12-05 08:36:02 -07:00
|
|
|
new->data = malloc((unsigned) data_length);
|
2006-11-26 11:13:41 -07:00
|
|
|
if (!new->data) {
|
2012-06-10 07:21:05 -06:00
|
|
|
free(new);
|
|
|
|
return 0;
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
new->next = mit_auth;
|
|
|
|
mit_auth = new;
|
|
|
|
memmove(new->data, data, (int) data_length);
|
|
|
|
new->len = data_length;
|
|
|
|
new->id = id;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
XID
|
2012-06-10 07:21:05 -06:00
|
|
|
MitCheckCookie(unsigned short data_length,
|
|
|
|
const char *data, ClientPtr client, const char **reason)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *auth;
|
2006-11-26 11:13:41 -07:00
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
for (auth = mit_auth; auth; auth = auth->next) {
|
2006-11-26 11:13:41 -07:00
|
|
|
if (data_length == auth->len &&
|
2017-02-28 11:24:48 -07:00
|
|
|
timingsafe_memcmp(data, auth->data, (int) data_length) == 0)
|
2012-06-10 07:21:05 -06:00
|
|
|
return auth->id;
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
*reason = "Invalid MIT-MAGIC-COOKIE-1 key";
|
|
|
|
return (XID) -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2012-06-10 07:21:05 -06:00
|
|
|
MitResetCookie(void)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *auth, *next;
|
2006-11-26 11:13:41 -07:00
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
for (auth = mit_auth; auth; auth = next) {
|
|
|
|
next = auth->next;
|
|
|
|
free(auth->data);
|
|
|
|
free(auth);
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
mit_auth = 0;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2012-06-10 07:21:05 -06:00
|
|
|
MitFromID(XID id, unsigned short *data_lenp, char **datap)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *auth;
|
|
|
|
|
|
|
|
for (auth = mit_auth; auth; auth = auth->next) {
|
|
|
|
if (id == auth->id) {
|
|
|
|
*data_lenp = auth->len;
|
|
|
|
*datap = auth->data;
|
|
|
|
return 1;
|
|
|
|
}
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2012-06-10 07:21:05 -06:00
|
|
|
MitRemoveCookie(unsigned short data_length, const char *data)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
2012-06-10 07:21:05 -06:00
|
|
|
struct auth *auth, *prev;
|
2006-11-26 11:13:41 -07:00
|
|
|
|
|
|
|
prev = 0;
|
2012-06-10 07:21:05 -06:00
|
|
|
for (auth = mit_auth; auth; prev = auth, auth = auth->next) {
|
|
|
|
if (data_length == auth->len &&
|
|
|
|
memcmp(data, auth->data, data_length) == 0) {
|
|
|
|
if (prev)
|
|
|
|
prev->next = auth->next;
|
|
|
|
else
|
|
|
|
mit_auth = auth->next;
|
|
|
|
free(auth->data);
|
|
|
|
free(auth);
|
|
|
|
return 1;
|
|
|
|
}
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef XCSECURITY
|
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
static char cookie[16]; /* 128 bits */
|
2006-11-26 11:13:41 -07:00
|
|
|
|
|
|
|
XID
|
2012-06-10 07:21:05 -06:00
|
|
|
MitGenerateCookie(unsigned data_length,
|
|
|
|
const char *data,
|
|
|
|
XID id, unsigned *data_length_return, char **data_return)
|
2006-11-26 11:13:41 -07:00
|
|
|
{
|
|
|
|
int i = 0;
|
|
|
|
int status;
|
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
while (data_length--) {
|
|
|
|
cookie[i++] += *data++;
|
|
|
|
if (i >= sizeof(cookie))
|
|
|
|
i = 0;
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
2012-06-10 07:21:05 -06:00
|
|
|
GenerateRandomData(sizeof(cookie), cookie);
|
|
|
|
status = MitAddCookie(sizeof(cookie), cookie, id);
|
|
|
|
if (!status) {
|
|
|
|
id = -1;
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
2012-06-10 07:21:05 -06:00
|
|
|
else {
|
|
|
|
*data_return = cookie;
|
|
|
|
*data_length_return = sizeof(cookie);
|
2006-11-26 11:13:41 -07:00
|
|
|
}
|
|
|
|
return id;
|
|
|
|
}
|
|
|
|
|
2012-06-10 07:21:05 -06:00
|
|
|
#endif /* XCSECURITY */
|