From 9a30a5f1e31477edd3cdc9738024e22bc8ea476e Mon Sep 17 00:00:00 2001 From: "Dr. Tilmann Bubeck" Date: Thu, 1 Dec 2011 17:18:01 +0100 Subject: [PATCH] xauth: improve to handle FamilyWild necessary for GDM/XDMCP/SSH. #43425 xauth is currently unable to handle FamilyWild. This gives problems with GDM receiving XDMCP request which used FamilyWild. More details in the referenced freedesktop bugzilla entry. The patch improves xauth to handle that Family: * allow "dump_entry" to deal with that Family and output such entries correctly. * allow "list $DISPLAY" to match against an entry in XAUTHORITY of type FamilyWild. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=43425 Signed-off-by: Dr. Tilmann Bubeck --- process.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++------- 1 files changed, 48 insertions(+), 7 deletions(-) diff --git a/process.c b/process.c index 283b4a1..651bea0 100644 --- a/process.c +++ b/process.c @@ -462,6 +462,9 @@ read_auth_entries(FILE *fp, Bool numeric, AuthList **headp, AuthList **tailp) return n; } +/** + * Parse the given displayname and build a corresponding AuthList. + */ static Bool get_displayname_auth(const char *displayname, AuthList **authl) { @@ -991,6 +994,9 @@ dump_entry(const char *inputfilename, int lineno, Xauth *auth, char *data) fwrite (auth->address, sizeof (char), auth->address_length, fp); fprintf (fp, "/unix"); break; + case FamilyWild: + fwrite (auth->address, sizeof (char), auth->address_length, fp); + break; case FamilyInternet: #if defined(IPv6) && defined(AF_INET6) case FamilyInternet6: @@ -1073,6 +1079,32 @@ match_auth_dpy(register Xauth *a, register Xauth *b) memcmp(a->number, b->number, a->number_length) == 0) ? 1 : 0); } +static int +match_authwild_dpy(register Xauth *a, const char *displayname) +{ + int family; + char *host = NULL, *rest = NULL; + int dpynum, scrnum; + char dpynumbuf[40]; /* want to hold largest display num */ + + if ( a->family != FamilyWild ) { + return False; + } + + if (!parse_displayname (displayname, + &family, &host, &dpynum, &scrnum, &rest)) { + return False; + } + + dpynumbuf[0] = '\0'; + sprintf (dpynumbuf, "%d", dpynum); + + return ((a->address_length == strlen(host) && + a->number_length == strlen(dpynumbuf) && + memcmp(a->address, host, a->address_length) == 0 && + memcmp(a->number, dpynumbuf, a->number_length) == 0) ? 1 : 0); +} + /* return non-zero iff display and authorization type are the same */ static int @@ -1236,13 +1268,22 @@ iterdpy (const char *inputfilename, int lineno, int start, /* l may be freed by remove_entry below. so save its contents */ next = l->next; tmp_auth = copyAuth(l->auth); - for (proto = proto_head; proto; proto = proto->next) { - if (match_auth_dpy (proto->auth, tmp_auth)) { - matched = True; - if (yfunc) { - status = (*yfunc) (inputfilename, lineno, - tmp_auth, data); - if (status < 0) break; + + if ( match_authwild_dpy(tmp_auth, displayname) ) { + matched = True; + if (yfunc) { + status = (*yfunc) (inputfilename, lineno, + tmp_auth, data); + } + } else { + for (proto = proto_head; proto; proto = proto->next) { + if (match_auth_dpy (proto->auth, tmp_auth)) { + matched = True; + if (yfunc) { + status = (*yfunc) (inputfilename, lineno, + tmp_auth, data); + if (status < 0) break; + } } } } -- 1.7.7.3