Hi Matthieu, I hate to be the bearer of bad tidings, but your latest changes to genauth.c on xf-4_3-branch did not build for me. I had to remove function prototypes that were duplicated in dm_auth.h when HASXDMAUTH is defined. I also resynced with your latest PAM handling updates in session.c and continued making the C style consistent. The tree builds fine and xdm appears to work with these patches applied. Diff is attached, and is against xf-4_3-branch. -- G. Branden Robinson | Religion is regarded by the common Debian GNU/Linux | people as true, by the wise as branden@debian.org | false, and by the rulers as useful. http://people.debian.org/~branden/ | -- Lucius Annaeus Seneca
diff -urN xc/programs/xdm~/genauth.c xc/programs/xdm/genauth.c
--- xc/programs/xdm~/genauth.c 2003-10-08 21:42:04.000000000 -0500
+++ xc/programs/xdm/genauth.c 2003-10-08 21:43:33.000000000 -0500
@@ -33,14 +33,16 @@
* Author: Keith Packard, MIT X Consortium
*/
-# include <X11/Xauth.h>
-# include <X11/Xos.h>
+#include <X11/Xauth.h>
+#include <X11/Xos.h>
-# include "dm.h"
-# include "dm_auth.h"
-# include "dm_error.h"
+#include "dm.h"
+#include "dm_auth.h"
+#include "dm_error.h"
#include <errno.h>
+#include <fcntl.h>
+#include <string.h>
#include <time.h>
#define Time_t time_t
@@ -54,16 +56,6 @@
#endif
#ifdef HASXDMAUTH
-
-typedef unsigned char auth_cblock[8]; /* block size */
-
-typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
-
-extern int _XdmcpAuthSetup(unsigned char *, auth_wrapper_schedule);
-extern int _XdmcpAuthDoIt(unsigned char *, unsigned char *,
- auth_wrapper_schedule, int);
-extern void _XdmcpWrapperToOddParity(unsigned char *, unsigned char *);
-
static void
longtochars (long l, unsigned char *c)
{
@@ -72,7 +64,6 @@
c[2] = (l >> 8) & 0xff;
c[3] = l & 0xff;
}
-
#endif
#ifdef POLL_DEV_RANDOM
@@ -339,7 +330,7 @@
if ((offset = sumFile (randomFile, BSIZ, SEEK_SET, 0)) == BSIZ)
return;
}
- LogError("Cannot read randomFile \"%s\"; X cookies may be easily guessable\n", randomFile);
+ LogError("cannot read randomFile \"%s\"; X cookies may be easily guessable\n", randomFile);
}
#endif /* !ARC4_RANDOM && !DEV_RANDOM */
@@ -372,7 +363,7 @@
close(fd);
}
} else {
- LogError("Cannot open randomDevice \"%s\", errno = %d\n",
+ LogError("cannot open randomDevice \"%s\", errno = %d\n",
randomDevice, errno);
}
#endif
@@ -459,10 +450,10 @@
return 1;
}
close(fd);
- LogError("Cannot read randomDevice \"%s\", errno=%d\n",
+ LogError("cannot read randomDevice \"%s\", errno=%d\n",
randomDevice, errno);
} else
- LogError("Cannot open randomDevice \"%s\", errno = %d\n",
+ LogError("cannot open randomDevice \"%s\", errno = %d\n",
randomDevice, errno);
#endif /* DEV_RANDOM */
/* Try some pseudo-random number genrator daemon next */
diff -urN xc/programs/xdm~/session.c xc/programs/xdm/session.c
--- xc/programs/xdm~/session.c 2003-10-07 18:06:53.000000000 -0500
+++ xc/programs/xdm/session.c 2003-10-07 18:24:12.000000000 -0500
@@ -54,7 +54,7 @@
#ifdef SECURE_RPC
# include <rpc/rpc.h>
# include <rpc/key_prot.h>
-extern int key_setnet(struct key_netstarg *arg);
+extern int key_setnet (struct key_netstarg *arg);
#endif
#ifdef K5AUTH
# include <krb5/krb5.h>
@@ -74,44 +74,44 @@
# include <grp.h>
#else
/* should be in <grp.h> */
-extern void setgrent(void);
-extern struct group *getgrent(void);
-extern void endgrent(void);
+extern void setgrent (void);
+extern struct group *getgrent (void);
+extern void endgrent (void);
#endif
#ifdef USESHADOW
# if defined(SVR4)
# include <shadow.h>
# else
-extern struct spwd *getspnam(GETSPNAM_ARGS);
-extern void endspent(void);
+extern struct spwd *getspnam (GETSPNAM_ARGS);
+extern void endspent (void);
# endif
#endif
#if defined(CSRG_BASED) || defined(__GLIBC__)
# include <pwd.h>
# include <unistd.h>
#else
-extern struct passwd *getpwnam(GETPWNAM_ARGS);
+extern struct passwd *getpwnam (GETPWNAM_ARGS);
# ifdef linux
-extern void endpwent(void);
+extern void endpwent (void);
# endif
-extern char *crypt(CRYPT_ARGS);
+extern char *crypt (CRYPT_ARGS);
#endif
#ifdef USE_PAM
pam_handle_t **
-thepamhp(void)
+thepamhp (void)
{
static pam_handle_t *pamh = NULL;
return &pamh;
}
pam_handle_t *
-thepamh(void)
+thepamh (void)
{
pam_handle_t **pamhp;
- pamhp = thepamhp();
+ pamhp = thepamhp ();
if (pamhp)
return *pamhp;
else
@@ -158,7 +158,7 @@
#endif
};
-static Bool StartClient(
+static Bool StartClient (
struct verify_info *verify,
struct display *d,
int *pidp,
@@ -253,18 +253,18 @@
static int
IOErrorHandler (Display *dpy)
{
- LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg(errno));
- exit(RESERVER_DISPLAY);
+ LogError ("fatal IO error %d (%s)\n", errno, _SysErrorMsg (errno));
+ exit (RESERVER_DISPLAY);
/*NOTREACHED*/
return 0;
}
static int
-ErrorHandler(Display *dpy, XErrorEvent *event)
+ErrorHandler (Display *dpy, XErrorEvent *event)
{
LogError ("X error\n");
if (XmuPrintDefaultErrorMessage (dpy, event, stderr) == 0) return 0;
- exit(UNMANAGE_DISPLAY);
+ exit (UNMANAGE_DISPLAY);
/*NOTREACHED*/
}
@@ -280,12 +280,12 @@
#endif
Debug ("ManageSession %s\n", d->name);
- (void)XSetIOErrorHandler(IOErrorHandler);
- (void)XSetErrorHandler(ErrorHandler);
+ (void) XSetIOErrorHandler (IOErrorHandler);
+ (void) XSetErrorHandler (ErrorHandler);
#ifndef HAS_SETPROCTITLE
- SetTitle(d->name, (char *) 0);
+ SetTitle (d->name, (char *) 0);
#else
- setproctitle("%s", d->name);
+ setproctitle ("%s", d->name);
#endif
/*
* Load system default Resources
@@ -296,12 +296,12 @@
greet_user_proc = GreetUser;
#else
Debug ("ManageSession: loading greeter library %s\n", greeterLib);
- greet_lib_handle = dlopen(greeterLib, RTLD_NOW);
+ greet_lib_handle = dlopen (greeterLib, RTLD_NOW);
if (greet_lib_handle != NULL)
- greet_user_proc = (GreetUserProc)dlsym(greet_lib_handle, "GreetUser");
+ greet_user_proc = (GreetUserProc) dlsym (greet_lib_handle, "GreetUser");
if (greet_user_proc == NULL) {
- LogError ("%s while loading %s\n", dlerror(), greeterLib);
- exit(UNMANAGE_DISPLAY);
+ LogError ("%s while loading %s\n", dlerror (), greeterLib);
+ exit (UNMANAGE_DISPLAY);
}
#endif
@@ -321,11 +321,11 @@
* setting up environment and running the session
*/
if (StartClient (&verify, d, &clientPid, greet.name, greet.password)) {
- Debug ("Client Started\n");
+ Debug ("client started\n");
#ifndef GREET_USER_STATIC
/* Save memory; close library */
- dlclose(greet_lib_handle);
+ dlclose (greet_lib_handle);
#endif
/*
@@ -363,7 +363,7 @@
/*
* run system-wide reset file
*/
- Debug ("Source reset program %s\n", d->reset);
+ Debug ("source reset program %s\n", d->reset);
source (verify.systemEnviron, d->reset);
SessionExit (d, OBEYSESS_DISPLAY, TRUE);
}
@@ -378,7 +378,7 @@
env = systemEnv (d, (char *) 0, (char *) 0);
args = parseArgs ((char **) 0, d->xrdb);
args = parseArgs (args, d->resources);
- Debug ("Loading resource file: %s\n", d->resources);
+ Debug ("loading resource file: %s\n", d->resources);
(void) runAndWait (args, env);
freeArgs (args);
freeEnv (env);
@@ -402,12 +402,12 @@
DeleteXloginResources (struct display *d, Display *dpy)
{
int i;
- Atom prop = XInternAtom(dpy, "SCREEN_RESOURCES", True);
+ Atom prop = XInternAtom (dpy, "SCREEN_RESOURCES", True);
- XDeleteProperty(dpy, RootWindow (dpy, 0), XA_RESOURCE_MANAGER);
+ XDeleteProperty (dpy, RootWindow (dpy, 0), XA_RESOURCE_MANAGER);
if (prop) {
- for (i = ScreenCount(dpy); --i >= 0; )
- XDeleteProperty(dpy, RootWindow (dpy, i), prop);
+ for (i = ScreenCount (dpy); --i >= 0; )
+ XDeleteProperty (dpy, RootWindow (dpy, i), prop);
}
}
@@ -431,7 +431,7 @@
SessionExit (d, RESERVER_DISPLAY, FALSE);
}
(void) alarm ((unsigned) d->grabTimeout);
- Debug ("Before XGrabServer %s\n", d->name);
+ Debug ("before XGrabServer %s\n", d->name);
XGrabServer (dpy);
if (XGrabKeyboard (dpy, DefaultRootWindow (dpy), True, GrabModeAsync,
GrabModeAsync, CurrentTime) != GrabSuccess) {
@@ -466,13 +466,13 @@
SessionExit (struct display *d, int status, int removeAuth)
{
#ifdef USE_PAM
- pam_handle_t *pamh = thepamh();
+ pam_handle_t *pamh = thepamh ();
#endif
#ifdef USE_PAM
if (pamh) {
/* shutdown PAM session */
- pam_close_session(pamh, 0);
- pam_end(pamh, PAM_SUCCESS);
+ pam_close_session (pamh, 0);
+ pam_end (pamh, PAM_SUCCESS);
pamh = NULL;
}
#endif
@@ -492,26 +492,26 @@
krb5_error_code code;
krb5_ccache ccache;
- code = Krb5DisplayCCache(d->name, &ccache);
+ code = Krb5DisplayCCache (d->name, &ccache);
if (code)
LogError ("%s while getting Krb5 ccache to destroy\n",
- error_message(code));
+ error_message (code));
else {
- code = krb5_cc_destroy(ccache);
+ code = krb5_cc_destroy (ccache);
if (code) {
if (code == KRB5_FCC_NOFILE) {
- Debug ("No Kerberos ccache file found to destroy\n");
+ Debug ("no Kerberos ccache file found to destroy\n");
} else
LogError ("%s while destroying Krb5 credentials cache\n",
- error_message(code));
+ error_message (code));
} else
Debug ("Kerberos ccache destroyed\n");
- krb5_cc_close(ccache);
+ krb5_cc_close (ccache);
}
}
#endif /* K5AUTH */
}
- Debug ("Display %s exiting with status %d\n", d->name, status);
+ Debug ("display %s exiting with status %d\n", d->name, status);
exit (status);
}
@@ -546,14 +546,14 @@
Debug ("\n");
}
#ifdef USE_PAM
- if (pamh) pam_open_session(pamh, 0);
+ if (pamh) pam_open_session (pamh, 0);
#endif
switch (pid = fork ()) {
case 0:
CleanUpChild ();
#ifdef XDMCP
/* The chooser socket is not closed by CleanUpChild() */
- DestroyWellKnownSockets();
+ DestroyWellKnownSockets ();
#endif
/* Do system-dependent login setup here */
@@ -562,9 +562,9 @@
/* pass in environment variables set by libpam and modules it called */
if (pamh) {
long i;
- char **pam_env = pam_getenvlist(pamh);
- for(i = 0; pam_env && pam_env[i]; i++) {
- verify->userEnviron = putEnv(pam_env[i], verify->userEnviron);
+ char **pam_env = pam_getenvlist (pamh);
+ for (i = 0; pam_env && pam_env[i]; i++) {
+ verify->userEnviron = putEnv (pam_env[i], verify->userEnviron);
}
}
#endif
@@ -572,36 +572,38 @@
#ifndef AIXV3
#ifndef HAS_SETUSERCONTEXT
- if (setgid(verify->gid) < 0) {
- LogError ("setgid %d (user \"%s\") failed, errno=%d\n",
- verify->gid, name, errno);
+ if (setgid (verify->gid) < 0) {
+ LogError ("setgid %d (user \"%s\") failed: %s\n",
+ verify->gid, name, _SysErrorMsg (errno));
return (0);
}
#if defined(BSD) && (BSD >= 199103)
- if (setlogin(name) < 0) {
- LogError ("setlogin for \"%s\" failed, errno=%d", name, errno);
- return(0);
+ if (setlogin (name) < 0) {
+ LogError ("setlogin for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
+ return (0);
}
#endif
#ifndef QNX4
- if (initgroups(name, verify->gid) < 0) {
- LogError ("initgroups for \"%s\" failed, errno=%d\n", name, errno);
+ if (initgroups (name, verify->gid) < 0) {
+ LogError ("initgroups for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
#endif /* QNX4 doesn't support multi-groups, no initgroups() */
#ifdef USE_PAM
- if (pamh) {
- pam_error = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+ if (thepamh ()) {
+ pam_error = pam_setcred (thepamh (), PAM_ESTABLISH_CRED);
if (pam_error != PAM_SUCCESS) {
- LogError ("pam_setcred for \"%s\" failed: %s\n",
- name, pam_strerror(pamh, pam_error));
- return(0);
+ LogError ("pam_setcred for \"%s\" failed: %s\n", name,
+ pam_strerror (pamh, pam_error));
+ return (0);
}
}
#endif
- if (setuid(verify->uid) < 0) {
- LogError ("setuid %d (user \"%s\") failed, errno=%d\n",
- verify->uid, name, errno);
+ if (setuid (verify->uid) < 0) {
+ LogError ("setuid %d (user \"%s\") failed: %s\n",
+ verify->uid, name, _SysErrorMsg (errno));
return (0);
}
#else /* HAS_SETUSERCONTEXT */
@@ -609,16 +611,17 @@
* Set the user's credentials: uid, gid, groups,
* environment variables, resource limits, and umask.
*/
- pwd = getpwnam(name);
+ pwd = getpwnam (name);
if (pwd) {
- if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
- LogError ("setusercontext for \"%s\" failed, errno=%d\n", name,
- errno);
+ if (setusercontext (NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
+ LogError ("setusercontext for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
- endpwent();
+ endpwent ();
} else {
- LogError ("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
+ LogError ("getpwnam for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
#endif /* HAS_SETUSERCONTEXT */
@@ -627,8 +630,9 @@
* Set the user's credentials: uid, gid, groups,
* audit classes, user limits, and umask.
*/
- if (setpcred(name, NULL) == -1) {
- LogError ("setpcred for \"%s\" failed, errno=%d\n", name, errno);
+ if (setpcred (name, NULL) == -1) {
+ LogError ("setpcred for \"%s\" failed: %s\n", name,
+ _SysErrorMsg (errno));
return (0);
}
#endif /* AIXV3 */
@@ -647,24 +651,24 @@
int key_set_ok = 0;
nameret = getnetname (netname);
- Debug ("User netname: %s\n", netname);
+ Debug ("user netname: %s\n", netname);
len = strlen (passwd);
if (len > 8)
bzero (passwd + 8, len - 8);
- keyret = getsecretkey(netname,secretkey,passwd);
+ keyret = getsecretkey (netname,secretkey,passwd);
Debug ("getsecretkey returns %d, key length %d\n",
keyret, strlen (secretkey));
- memcpy(&(netst.st_priv_key), secretkey, HEXKEYBYTES);
- netst.st_netname = strdup(netname);
- memset(netst.st_pub_key, 0, HEXKEYBYTES);
- if (key_setnet(&netst) < 0) {
- Debug ("Could not set secret key.\n");
+ memcpy (&(netst.st_priv_key), secretkey, HEXKEYBYTES);
+ netst.st_netname = strdup (netname);
+ memset (netst.st_pub_key, 0, HEXKEYBYTES);
+ if (key_setnet (&netst) < 0) {
+ Debug ("could not set secret key.\n");
}
- free(netst.st_netname);
+ free (netst.st_netname);
/* is there a key, and do we have the right password? */
if (keyret == 1) {
if (*secretkey) {
- keyret = key_setsecret(secretkey);
+ keyret = key_setsecret (secretkey);
Debug ("key_setsecret returns %d\n", keyret);
if (keyret == -1)
LogError ("failed to set NIS secret key\n");
@@ -681,7 +685,7 @@
int i, j;
for (i = 0; i < d->authNum; i++) {
if (d->authorizations[i]->name_length == 9 &&
- memcmp(d->authorizations[i]->name, "SUN-DES-1", 9) == 0) {
+ memcmp (d->authorizations[i]->name, "SUN-DES-1", 9) == 0) {
for (j = i+1; j < d->authNum; j++)
d->authorizations[j-1] = d->authorizations[j];
d->authNum--;
@@ -689,7 +693,7 @@
}
}
}
- bzero(secretkey, strlen(secretkey));
+ bzero (secretkey, strlen (secretkey));
}
#endif
#ifdef K5AUTH
@@ -697,18 +701,18 @@
{
int i, j;
int result;
- extern char *Krb5CCacheName();
+ extern char *Krb5CCacheName ();
- result = Krb5Init(name, passwd, d);
+ result = Krb5Init (name, passwd, d);
if (result == 0) {
/* point session clients at the Kerberos credentials cache */
verify->userEnviron =
- setEnv(verify->userEnviron,
- "KRB5CCNAME", Krb5CCacheName(d->name));
+ setEnv (verify->userEnviron,
+ "KRB5CCNAME", Krb5CCacheName (d->name));
} else {
for (i = 0; i < d->authNum; i++) {
if (d->authorizations[i]->name_length == 14 &&
- memcmp(d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0) {
+ memcmp (d->authorizations[i]->name, "MIT-KERBEROS-5", 14) == 0) {
/* remove Kerberos from authorizations list */
for (j = i+1; j < d->authNum; j++)
d->authorizations[j-1] = d->authorizations[j];
@@ -719,7 +723,7 @@
}
}
#endif /* K5AUTH */
- bzero(passwd, strlen(passwd));
+ bzero (passwd, strlen (passwd));
SetUserAuthorization (d, verify);
home = getEnv (verify->userEnviron, "HOME");
if (home)
@@ -727,27 +731,27 @@
LogError ("user \"%s\": cannot chdir to home \"%s\" (err %d), using \"/\"\n",
getEnv (verify->userEnviron, "USER"), home, errno);
chdir ("/");
- verify->userEnviron = setEnv(verify->userEnviron, "HOME", "/");
+ verify->userEnviron = setEnv (verify->userEnviron, "HOME", "/");
}
if (verify->argv) {
Debug ("executing session %s\n", verify->argv[0]);
execute (verify->argv, verify->userEnviron);
- LogError ("Session \"%s\" execution failed (err %d)\n", verify->argv[0], errno);
+ LogError ("session \"%s\" execution failed (err %d)\n", verify->argv[0], errno);
} else {
- LogError ("Session has no command/arguments\n");
+ LogError ("session has no command/arguments\n");
}
failsafeArgv[0] = d->failsafeClient;
failsafeArgv[1] = 0;
execute (failsafeArgv, verify->userEnviron);
exit (1);
case -1:
- bzero(passwd, strlen(passwd));
+ bzero (passwd, strlen (passwd));
Debug ("StartSession, fork failed\n");
- LogError ("can't start session on \"%s\", fork failed, errno=%d\n",
- d->name, errno);
+ LogError ("can't start session on \"%s\", fork failed: %s\n",
+ d->name, _SysErrorMsg (errno));
return 0;
default:
- bzero(passwd, strlen(passwd));
+ bzero (passwd, strlen (passwd));
Debug ("StartSession, fork succeeded %d\n", pid);
*pidp = pid;
return 1;
@@ -856,7 +860,7 @@
p = "/bin/sh";
optarg = 0;
}
- Debug ("Shell script execution: %s (optarg %s)\n",
+ Debug ("shell script execution: %s (optarg %s)\n",
p, optarg ? optarg : "(null)");
for (av = argv, argc = 0; *av; av++, argc++)
/* SUPPRESS 530 */
@@ -910,9 +914,10 @@
return env;
}
-#if (defined(Lynx) && !defined(HAS_CRYPT)) || defined(SCO) && !defined(SCO_USA) && !defined(_SCO_DS)
-char *crypt(char *s1, char *s2)
+#if (defined(Lynx) && !defined(HAS_CRYPT)) || (defined(SCO) && !defined(SCO_USA) && !defined(_SCO_DS))
+char *
+crypt (char *s1, char *s2)
{
- return(s2);
+ return (s2);
}
#endif
Attachment:
signature.asc
Description: Digital signature