diff options
| author | Ray Strode <rstrode@redhat.com> | 2012-10-15 18:18:49 -0400 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2012-10-15 18:22:44 -0400 |
| commit | 2bd38e811f7f8194898ab4321eba36737729a493 (patch) | |
| tree | 3d8bcccacf7116a2a2f126944329f46d75ce4312 | |
| parent | 11d4b97bfda92a254d2ef55b4795456367a3cfbb (diff) | |
| download | gdm-2bd38e811f7f8194898ab4321eba36737729a493.tar.gz | |
slave: add host authorizations individually
XAddHosts fails if any of the entries in the list fails.
The gdm-initial-setup user isn't available on most systems,
so XAddHosts fails on most systems.
Upshot is, since commit 189cd818bf1592b5b8607793575bcf4e71ba8008
most people have been relying on xauth cookies for X authorization.
xauth cookies aren't nearly as robust across hostname changes, so
that's not ideal.
This commit calls XAddHost() 3 times instead of one XAddHosts
call to work around the problem. Ideally, we'd only add
gdm-initial-setup when we need it instead of all the time.
That will have to come later.
https://bugzilla.gnome.org/show_bug.cgi?id=686186
| -rw-r--r-- | daemon/gdm-slave.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/daemon/gdm-slave.c b/daemon/gdm-slave.c index 287c7d6f..948406a4 100644 --- a/daemon/gdm-slave.c +++ b/daemon/gdm-slave.c @@ -681,6 +681,7 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave) } else if (slave->priv->display_is_local) { XServerInterpretedAddress si_entries[3]; XHostAddress host_entries[3]; + int i; g_debug ("GdmSlave: Connected to display %s", slave->priv->display_name); ret = TRUE; @@ -691,8 +692,11 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave) gdm_slave_setup_xhost_auth (host_entries, si_entries); gdm_error_trap_push (); - XAddHosts (slave->priv->server_display, host_entries, - G_N_ELEMENTS (host_entries)); + + for (i = 0; i < G_N_ELEMENTS (host_entries); i++) { + XAddHost (slave->priv->server_display, &host_entries[i]); + } + XSync (slave->priv->server_display, False); if (gdm_error_trap_pop ()) { g_warning ("Failed to give slave programs access to the display. Trying to proceed."); @@ -918,6 +922,7 @@ gdm_slave_add_user_authorization (GdmSlave *slave, { XServerInterpretedAddress si_entries[3]; XHostAddress host_entries[3]; + int i; gboolean res; GError *error; char *filename; @@ -954,14 +959,14 @@ gdm_slave_add_user_authorization (GdmSlave *slave, */ gdm_slave_setup_xhost_auth (host_entries, si_entries); gdm_error_trap_push (); - XRemoveHosts (slave->priv->server_display, host_entries, - G_N_ELEMENTS (host_entries)); + for (i = 0; i < G_N_ELEMENTS (host_entries); i++) { + XRemoveHost (slave->priv->server_display, &host_entries[i]); + } XSync (slave->priv->server_display, False); if (gdm_error_trap_pop ()) { g_warning ("Failed to remove slave program access to the display. Trying to proceed."); } - return res; } |