diff options
| author | William Jon McCann <mccann@jhu.edu> | 2007-11-09 15:25:57 +0000 |
|---|---|---|
| committer | William Jon McCann <mccann@src.gnome.org> | 2007-11-09 15:25:57 +0000 |
| commit | e3962077f95f4a7a438e1be8c997c64db7c4ff05 (patch) | |
| tree | 37493b5bd063e8b825f8a97441bf81574ba1ff03 /common | |
| parent | 040df92ba6ee0b5b32872552d36b77896ba12686 (diff) | |
| download | gdm-e3962077f95f4a7a438e1be8c997c64db7c4ff05.tar.gz | |
With this patch we now invoke the X server with the -auth argument and
2007-11-09 William Jon McCann <mccann@jhu.edu>
* common/gdm-common.c: (gdm_string_hex_decode):
* common/gdm-common.h:
* daemon/Makefile.am:
* daemon/auth.c:
* daemon/auth.h:
* daemon/gdm-display.c: (_create_access_file_for_user),
(gdm_display_real_create_authority),
(gdm_display_real_add_user_authorization),
(gdm_display_real_remove_user_authorization),
(gdm_display_get_x11_cookie), (gdm_display_get_x11_authority_file),
(gdm_display_real_unmanage), (gdm_display_set_property),
(gdm_display_get_property), (gdm_display_class_init),
(gdm_display_finalize):
* daemon/gdm-display.h:
* daemon/gdm-factory-slave.c: (gdm_factory_slave_run):
* daemon/gdm-local-display-factory.c: (create_display_for_device):
* daemon/gdm-manager.c: (gdm_manager_init), (gdm_manager_finalize):
* daemon/gdm-product-slave.c: (gdm_product_slave_create_server):
* daemon/gdm-server.c: (_gdm_server_set_auth_file),
(gdm_server_set_property), (gdm_server_get_property),
(gdm_server_class_init), (gdm_server_new):
* daemon/gdm-server.h:
* daemon/gdm-simple-slave.c: (gdm_simple_slave_run):
* daemon/gdm-slave.c: (gdm_slave_connect_to_x11_display),
(gdm_slave_real_start), (gdm_slave_set_property),
(gdm_slave_get_property), (gdm_slave_class_init):
* daemon/gdm-static-display.c:
(gdm_static_display_add_user_authorization),
(gdm_static_display_remove_user_authorization):
* daemon/gdm-xdmcp-display-factory.c: (gdm_xdmcp_handle_request):
* daemon/gdm-xdmcp-display.c: (gdm_xdmcp_display_create_authority),
(gdm_xdmcp_display_add_user_authorization),
(gdm_xdmcp_display_remove_user_authorization),
(gdm_xdmcp_display_unmanage):
* daemon/gdm-display-access-file.c:
* daemon/gdm-display-access-file.h:
With this patch we now invoke the X server with the -auth argument
and disable machine wide access to the X server. This patch also
drops the md5 hashing of random bytes to create cookies and
instead just creates cookies directly (like the X server would if
we asked the X server to generate the cookies for us).
Patch from: Ray Strode <rstrode@redhat.com>
svn path=/trunk/; revision=5499
Diffstat (limited to 'common')
| -rw-r--r-- | common/gdm-common.c | 201 | ||||
| -rw-r--r-- | common/gdm-common.h | 4 |
2 files changed, 0 insertions, 205 deletions
diff --git a/common/gdm-common.c b/common/gdm-common.c index 59545039..f6075f37 100644 --- a/common/gdm-common.c +++ b/common/gdm-common.c @@ -32,7 +32,6 @@ #include <glib/gstdio.h> #include "gdm-common.h" -#include "gdm-md5.h" void gdm_set_fatal_warnings_if_unstable (void) @@ -273,203 +272,3 @@ gdm_string_hex_decode (const GString *source, return retval; } - -static void -_gdm_generate_pseudorandom_bytes_buffer (char *buffer, - int n_bytes) -{ - int i; - - /* fall back to pseudorandom */ - g_debug ("Falling back to pseudorandom for %d bytes\n", - n_bytes); - - i = 0; - while (i < n_bytes) { - int b; - - b = g_random_int_range (0, 255); - - buffer[i] = b; - - ++i; - } -} - -static gboolean -_gdm_generate_pseudorandom_bytes (GString *str, - int n_bytes) -{ - int old_len; - char *p; - - old_len = str->len; - - str = g_string_set_size (str, old_len + n_bytes); - - p = str->str + old_len; - - _gdm_generate_pseudorandom_bytes_buffer (p, n_bytes); - - return TRUE; -} - - -static int -_gdm_fdread (int fd, - GString *buffer, - int count) -{ - int bytes_read; - int start; - char *data; - - g_assert (count >= 0); - - start = buffer->len; - - buffer = g_string_set_size (buffer, start + count); - - data = buffer->str + start; - - again: - bytes_read = read (fd, data, count); - - if (bytes_read < 0) { - if (errno == EINTR) { - goto again; - } else { - /* put length back (note that this doesn't actually realloc anything) */ - buffer = g_string_set_size (buffer, start); - return -1; - } - } else { - /* put length back (doesn't actually realloc) */ - buffer = g_string_set_size (buffer, start + bytes_read); - - return bytes_read; - } -} - -/** - * Closes a file descriptor. - * - * @param fd the file descriptor - * @param error error object - * @returns #FALSE if error set - */ -static gboolean -_gdm_fdclose (int fd) -{ - again: - if (close (fd) < 0) { - if (errno == EINTR) - goto again; - - g_warning ("Could not close fd %d: %s", - fd, - g_strerror (errno)); - return FALSE; - } - - return TRUE; -} - -/** - * Generates the given number of random bytes, - * using the best mechanism we can come up with. - * - * @param str the string - * @param n_bytes the number of random bytes to append to string - */ -gboolean -gdm_generate_random_bytes (GString *str, - int n_bytes) -{ - int old_len; - int fd; - - /* FALSE return means "no memory", if it could - * mean something else then we'd need to return - * a DBusError. So we always fall back to pseudorandom - * if the I/O fails. - */ - - old_len = str->len; - fd = -1; - - /* note, urandom on linux will fall back to pseudorandom */ - fd = g_open ("/dev/urandom", O_RDONLY, 0); - if (fd < 0) { - return _gdm_generate_pseudorandom_bytes (str, n_bytes); - } - - if (_gdm_fdread (fd, str, n_bytes) != n_bytes) { - _gdm_fdclose (fd); - str = g_string_set_size (str, old_len); - return _gdm_generate_pseudorandom_bytes (str, n_bytes); - } - - g_debug ("Read %d bytes from /dev/urandom\n", n_bytes); - - _gdm_fdclose (fd); - - return TRUE; -} - -/** - * Computes the ASCII hex-encoded md5sum of the given data and - * appends it to the output string. - * - * @param data input data to be hashed - * @param ascii_output string to append ASCII md5sum to - * @returns #FALSE if not enough memory - */ -static gboolean -gdm_md5_compute (const GString *data, - GString *ascii_output) -{ - GdmMD5Context context; - GString *digest; - - gdm_md5_init (&context); - - gdm_md5_update (&context, data); - - digest = g_string_new (NULL); - if (digest == NULL) - return FALSE; - - if (! gdm_md5_final (&context, digest)) - goto error; - - if (! gdm_string_hex_encode (digest, - 0, - ascii_output, - ascii_output->len)) - goto error; - - g_string_free (digest, TRUE); - - return TRUE; - - error: - g_string_free (digest, TRUE); - - return FALSE; -} - -gboolean -gdm_generate_cookie (GString *result) -{ - gboolean ret; - GString *data; - - data = g_string_new (NULL); - gdm_generate_random_bytes (data, 16); - - ret = gdm_md5_compute (data, result); - g_string_free (data, TRUE); - - return ret; -} diff --git a/common/gdm-common.h b/common/gdm-common.h index 36d2407e..d281b9ab 100644 --- a/common/gdm-common.h +++ b/common/gdm-common.h @@ -32,9 +32,6 @@ void gdm_set_fatal_warnings_if_unstable (void); int gdm_signal_pid (int pid, int signal); -gboolean gdm_generate_random_bytes (GString *str, - int n_bytes); - gboolean gdm_string_hex_encode (const GString *source, int start, GString *dest, @@ -44,7 +41,6 @@ gboolean gdm_string_hex_decode (const GString *source, int *end_return, GString *dest, int insert_at); -gboolean gdm_generate_cookie (GString *result); G_END_DECLS |