diff options
Diffstat (limited to 'daemon')
| -rw-r--r-- | daemon/Makefile.am | 4 | ||||
| -rw-r--r-- | daemon/auth.c | 55 | ||||
| -rw-r--r-- | daemon/auth.h | 4 | ||||
| -rw-r--r-- | daemon/cookie.c | 272 | ||||
| -rw-r--r-- | daemon/cookie.h | 29 | ||||
| -rw-r--r-- | daemon/gdm-display.c | 107 | ||||
| -rw-r--r-- | daemon/gdm-display.h | 11 | ||||
| -rw-r--r-- | daemon/gdm-display.xml | 6 | ||||
| -rw-r--r-- | daemon/gdm-greeter.c | 58 | ||||
| -rw-r--r-- | daemon/gdm-manager.c | 13 | ||||
| -rw-r--r-- | daemon/gdm-slave.c | 190 | ||||
| -rw-r--r-- | daemon/gdm-xdmcp-display.c | 32 | ||||
| -rw-r--r-- | daemon/gdm-xdmcp-manager.c | 71 | ||||
| -rw-r--r-- | daemon/md5.c | 267 | ||||
| -rw-r--r-- | daemon/md5.h | 41 |
15 files changed, 361 insertions, 799 deletions
diff --git a/daemon/Makefile.am b/daemon/Makefile.am index 02fcef7d..8879ee2b 100644 --- a/daemon/Makefile.am +++ b/daemon/Makefile.am @@ -114,14 +114,10 @@ gdm_binary_SOURCES = \ auth.h \ fstype.c \ server.h \ - cookie.c \ - cookie.h \ choose.c \ choose.h \ filecheck.c \ filecheck.h \ - md5.c \ - md5.h \ $(NULL) XDMCP_SOURCES = \ diff --git a/daemon/auth.c b/daemon/auth.c index 4b3e889f..f0730138 100644 --- a/daemon/auth.c +++ b/daemon/auth.c @@ -38,7 +38,6 @@ #include <glib.h> #include <glib/gi18n.h> -#include "cookie.h" #include "filecheck.h" #include "auth.h" @@ -59,7 +58,7 @@ static FILE *gdm_auth_purge (GdmDisplay *d, FILE *af, gboolean remove_when_empty gboolean gdm_auth_add_entry (int display_num, - const char *bcookie, + GString *binary_cookie, GSList **authlist, FILE *af, unsigned short family, @@ -105,8 +104,8 @@ gdm_auth_add_entry (int display_num, return FALSE; } - memcpy (xa->data, bcookie, 16); - xa->data_length = 16; + memcpy (xa->data, binary_cookie->str, binary_cookie->len); + xa->data_length = binary_cookie->len; if (af != NULL) { errno = 0; @@ -136,18 +135,35 @@ gdm_auth_add_entry (int display_num, } gboolean -gdm_auth_add_entry_for_display (int display_num, - const char *bcookie, - GSList **authlist, - FILE *af) +gdm_auth_add_entry_for_display (int display_num, + GString *cookie, + GSList **authlist, + FILE *af) { - gdm_auth_add_entry (display_num, - bcookie, - authlist, - af, - FamilyWild, - NULL, - 0); + GString *binary_cookie; + gboolean ret; + + binary_cookie = g_string_new (NULL); + + if (! gdm_string_hex_decode (cookie, + 0, + NULL, + binary_cookie, + 0)) { + ret = FALSE; + goto out; + } + + ret = gdm_auth_add_entry (display_num, + binary_cookie, + authlist, + af, + FamilyWild, + NULL, + 0); + out: + g_string_free (binary_cookie, TRUE); + return ret; } #if 0 @@ -828,15 +844,6 @@ gdm_auth_purge (GdmDisplay *d, FILE *af, gboolean remove_when_empty) } void -gdm_auth_set_local_auth (GdmDisplay *d) -{ - XSetAuthorization ((char *)"MIT-MAGIC-COOKIE-1", - (int) strlen ("MIT-MAGIC-COOKIE-1"), - (char *)d->bcookie, - (int) 16); -} - -void gdm_auth_free_auth_list (GSList *list) { GSList *li; diff --git a/daemon/auth.h b/daemon/auth.h index 0f84dde5..a6453dec 100644 --- a/daemon/auth.h +++ b/daemon/auth.h @@ -24,11 +24,11 @@ G_BEGIN_DECLS gboolean gdm_auth_add_entry_for_display (int display_num, - const char *bcookie, + GString *cookie, GSList **authlist, FILE *af); gboolean gdm_auth_add_entry (int display_num, - const char *bcookie, + GString *binary_cookie, GSList **authlist, FILE *af, unsigned short family, diff --git a/daemon/cookie.c b/daemon/cookie.c deleted file mode 100644 index 35016fb0..00000000 --- a/daemon/cookie.c +++ /dev/null @@ -1,272 +0,0 @@ -/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- - * - * GDM - The GNOME Display Manager - * Copyright (C) 2003 Red Hat, Inc. - * Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net> - * Copyright (C) Rik Faith <faith@precisioninsight.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* - * Functions for generating MIT-MAGIC-COOKIEs. - * - * This code was derived (i.e. stolen) from mcookie.c written by Rik Faith - * - * Note that this code goes to much greater lengths to be as random as possible. - * Thus being more secure on systems without /dev/random and friends. - */ - -#include "config.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <fcntl.h> -#include <sys/time.h> -#include <unistd.h> -#include <errno.h> - -#include "gdm.h" -#include "md5.h" -#include "cookie.h" - -#include "gdm-common.h" -#include "gdm-master-config.h" - -#define MAXBUFFERSIZE 1024 - -static struct rngs { - const char *path; /* null is the authfile name */ - int length; - off_t seek; -} rngs[] = { - { "/dev/random", 16, 0 }, -#ifdef __OpenBSD__ - { "/dev/srandom", 16, 0 }, -#endif - { "/dev/urandom", 128, 0 }, - { "/proc/stat", MAXBUFFERSIZE, 0 }, - { "/proc/interrupts", MAXBUFFERSIZE, 0 }, - { "/proc/loadavg", MAXBUFFERSIZE, 0 }, - { "/proc/meminfo", MAXBUFFERSIZE, 0 }, -#if defined (__i386__) || defined (__386__) || defined (_M_IX86) - /* On i386, we should not read the first 16megs */ - { "/dev/mem", MAXBUFFERSIZE, 0x100000 }, -#else - { "/dev/mem", MAXBUFFERSIZE, 0 }, -#endif - /* this will load the old authfile for the display */ - { NULL /* null means the authfile */, MAXBUFFERSIZE, 0 }, - { "/proc/net/dev", MAXBUFFERSIZE, 0 }, - { "/dev/audio", MAXBUFFERSIZE, 0 }, - { "/etc/shadow", MAXBUFFERSIZE, 0 }, - { "/var/log/messages", MAXBUFFERSIZE, 0 }, -}; - -/* Some semi random spinners to spin, - * this is 20 bytes of semi random data */ -#define RANDNUMS 5 -static guint32 randnums[RANDNUMS]; - -/* stolen from XDM which in turn stole this - from the C standard */ -static guint32 -next_rand_15 (guint32 num) -{ - num = num * 1103515245 + 12345; - return (unsigned int)(num/65536) % 32768; -} - -/* really quite apparently only 31 bits of entropy result (from tests), - but oh well */ -static guint32 -next_rand_32 (guint32 num) -{ - int i; - guint32 ret; - guint8 *p = (guint8 *)&ret; - - for (i = 0; i < 4; i++) { - num = next_rand_15 (num); - p[i] = (num & 0xff00) >> 8; - } - return ret; -} - -/* This adds a little bit of entropy to our buffer, - just in case /dev/random doesn't work out for us - really since that normally adds enough bytes of nice - randomness already */ -void -gdm_random_tick (void) -{ - struct timeval tv; - struct timezone tz; - - gettimeofday (&tv, &tz); - - /* the higher order bits of the seconds - are quite uninteresting */ - randnums[0] ^= next_rand_32 ((tv.tv_sec << 20) ^ tv.tv_usec); - - /* different method of combining */ - randnums[1] ^= next_rand_32 (tv.tv_sec) ^ next_rand_32 (tv.tv_usec); - - /* probably unneeded, but just being anal */ - randnums[2] ^= (tv.tv_sec << 20) ^ tv.tv_usec; - - /* probably unneeded, to guess above - the number of invocation is likely needed - anyway */ - randnums[3]++; - - /* also hope that other places call - g_random_int. Note that on systems - without /dev/urandom, this will yet again - measure time the first time it's called and - we'll add entropy based on the speed of the - computer. Yay */ - randnums[4] ^= g_random_int (); -} - -/* check a few values and if we get the same - value, it's not really random. Likely - we got perhaps a string of zeros or some - such. */ -static gboolean -data_seems_random (const char buf[], int size) -{ - int i, lastval = 0; - if (size < 16) - return FALSE; - for (i = 0; i < 10; i++) { - int idx = g_random_int_range (0, size); - if G_LIKELY (i > 0 && - lastval != buf[idx]) - return TRUE; - lastval = buf[idx]; - } - return FALSE; -} - -static unsigned char old_cookie[16]; - -void -gdm_cookie_generate (char **cookiep, - char **bcookiep) -{ - int i; - struct GdmMD5Context ctx; - unsigned char digest[16]; - unsigned char buf[MAXBUFFERSIZE]; - int fd; - pid_t pid; - int r; - char cookie[40]; /* 2*16 == 32, so 40 is enough */ - - cookie[0] = '\0'; - - gdm_md5_init (&ctx); - - /* spin the spinners according to current time */ - gdm_random_tick (); - - gdm_md5_update (&ctx, (unsigned char *) randnums, sizeof (int) * RANDNUMS); - - /* use the last cookie */ - gdm_md5_update (&ctx, old_cookie, 16); - - /* use some uninitialized stack space */ - gdm_md5_update (&ctx, (unsigned char *) cookie, sizeof (cookie)); - - pid = getppid (); - gdm_md5_update (&ctx, (unsigned char *) &pid, sizeof (pid)); - pid = getpid (); - gdm_md5_update (&ctx, (unsigned char *) &pid, sizeof (pid)); - - for (i = 0; i < G_N_ELEMENTS (rngs); i++) { - const char *file = rngs[i].path; - - if G_UNLIKELY (file == NULL) - continue; - do { - int flags; - - flags = O_RDONLY | O_NONBLOCK; -#ifdef O_NOCTTY - flags |= O_NOCTTY; -#endif -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif - - errno = 0; - fd = open (file, flags); - - } while G_UNLIKELY (errno == EINTR); - - if G_LIKELY (fd >= 0) { - /* Apparently this can sometimes block anyway even if it is O_NONBLOCK, - so use select to figure out if there is something available */ - fd_set rfds; - struct timeval tv; - - FD_ZERO (&rfds); - FD_SET (fd, &rfds); - - tv.tv_sec = 0; - tv.tv_usec = 10*1000 /* 10 ms */; - r = 0; - - if G_UNLIKELY (rngs[i].seek > 0) - lseek (fd, rngs[i].seek, SEEK_SET); - - if G_LIKELY (select (fd+1, &rfds, NULL, NULL, &tv) > 0) { - VE_IGNORE_EINTR (r = read (fd, buf, MIN (sizeof (buf), rngs[i].length))); - } - - if G_LIKELY (r > 0) - gdm_md5_update (&ctx, buf, r); - else - r = 0; - - VE_IGNORE_EINTR (close (fd)); - - if G_LIKELY (r >= rngs[i].length && - data_seems_random ((char *) buf, r)) - break; - } - } - - gdm_md5_final (digest, &ctx); - - for (i = 0; i < 16; i++) { - char sub[3]; - g_snprintf (sub, sizeof (sub), "%02x", (guint)digest[i]); - strcat (cookie, sub); - } - - if (cookiep != NULL) { - *cookiep = g_strdup (cookie); - } - - if (bcookiep != NULL) { - *bcookiep = g_new (char, 16); - memcpy (*bcookiep, digest, 16); - } - - memcpy (old_cookie, digest, 16); -} diff --git a/daemon/cookie.h b/daemon/cookie.h deleted file mode 100644 index cdede2b8..00000000 --- a/daemon/cookie.h +++ /dev/null @@ -1,29 +0,0 @@ -/* GDM - The GNOME Display Manager - * Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#ifndef GDM_COOKIE_H -#define GDM_COOKIE_H - -void gdm_cookie_generate (char **cookie, - char **bcookie); - -/* Add some more time based randomness, should be done - * at less predictable events */ -void gdm_random_tick (void); - -#endif /* GDM_COOKIE_H */ diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c index 5855f0bb..390e0de6 100644 --- a/daemon/gdm-display.c +++ b/daemon/gdm-display.c @@ -52,9 +52,8 @@ struct GdmDisplayPrivate char *x11_display; int status; time_t creation_time; - char *cookie; - char *binary_cookie; - char *authority_file; + char *x11_cookie; + char *x11_authority_file; gboolean is_local; @@ -68,9 +67,8 @@ enum { PROP_REMOTE_HOSTNAME, PROP_NUMBER, PROP_X11_DISPLAY, - PROP_COOKIE, - PROP_BINARY_COOKIE, - PROP_AUTHORITY_FILE, + PROP_X11_COOKIE, + PROP_X11_AUTHORITY_FILE, PROP_IS_LOCAL, }; @@ -105,14 +103,6 @@ get_next_display_serial (void) return serial; } -char * -gdm_display_get_binary_cookie (GdmDisplay *display) -{ - g_return_val_if_fail (GDM_IS_DISPLAY (display), NULL); - - return g_strdup (display->priv->binary_cookie); -} - time_t gdm_display_get_creation_time (GdmDisplay *display) { @@ -152,6 +142,34 @@ gdm_display_create_authority (GdmDisplay *display) } gboolean +gdm_display_get_x11_cookie (GdmDisplay *display, + char **x11_cookie, + GError **error) +{ + g_return_val_if_fail (GDM_IS_DISPLAY (display), FALSE); + + if (x11_cookie != NULL) { + *x11_cookie = g_strdup (display->priv->x11_cookie); + } + + return TRUE; +} + +gboolean +gdm_display_get_x11_authority_file (GdmDisplay *display, + char **filename, + GError **error) +{ + g_return_val_if_fail (GDM_IS_DISPLAY (display), FALSE); + + if (filename != NULL) { + *filename = g_strdup (display->priv->x11_authority_file); + } + + return TRUE; +} + +gboolean gdm_display_get_remote_hostname (GdmDisplay *display, char **hostname, GError **error) @@ -321,27 +339,19 @@ _gdm_display_set_x11_display (GdmDisplay *display, } static void -_gdm_display_set_cookie (GdmDisplay *display, - const char *cookie) +_gdm_display_set_x11_cookie (GdmDisplay *display, + const char *x11_cookie) { - g_free (display->priv->cookie); - display->priv->cookie = g_strdup (cookie); + g_free (display->priv->x11_cookie); + display->priv->x11_cookie = g_strdup (x11_cookie); } static void -_gdm_display_set_binary_cookie (GdmDisplay *display, - const char *cookie) +_gdm_display_set_x11_authority_file (GdmDisplay *display, + const char *file) { - g_free (display->priv->binary_cookie); - display->priv->binary_cookie = g_strdup (cookie); -} - -static void -_gdm_display_set_authority_file (GdmDisplay *display, - const char *file) -{ - g_free (display->priv->authority_file); - display->priv->authority_file = g_strdup (file); + g_free (display->priv->x11_authority_file); + display->priv->x11_authority_file = g_strdup (file); } static void @@ -374,14 +384,11 @@ gdm_display_set_property (GObject *object, case PROP_X11_DISPLAY: _gdm_display_set_x11_display (self, g_value_get_string (value)); break; - case PROP_COOKIE: - _gdm_display_set_cookie (self, g_value_get_string (value)); + case PROP_X11_COOKIE: + _gdm_display_set_x11_cookie (self, g_value_get_string (value)); break; - case PROP_BINARY_COOKIE: - _gdm_display_set_binary_cookie (self, g_value_get_string (value)); - break; - case PROP_AUTHORITY_FILE: - _gdm_display_set_authority_file (self, g_value_get_string (value)); + case PROP_X11_AUTHORITY_FILE: + _gdm_display_set_x11_authority_file (self, g_value_get_string (value)); break; case PROP_IS_LOCAL: _gdm_display_set_is_local (self, g_value_get_boolean (value)); @@ -415,14 +422,11 @@ gdm_display_get_property (GObject *object, case PROP_X11_DISPLAY: g_value_set_string (value, self->priv->x11_display); break; - case PROP_COOKIE: - g_value_set_string (value, self->priv->cookie); - break; - case PROP_BINARY_COOKIE: - g_value_set_string (value, self->priv->binary_cookie); + case PROP_X11_COOKIE: + g_value_set_string (value, self->priv->x11_cookie); break; - case PROP_AUTHORITY_FILE: - g_value_set_string (value, self->priv->authority_file); + case PROP_X11_AUTHORITY_FILE: + g_value_set_string (value, self->priv->x11_authority_file); break; case PROP_IS_LOCAL: g_value_set_boolean (value, self->priv->is_local); @@ -541,22 +545,15 @@ gdm_display_class_init (GdmDisplayClass *klass) NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, - PROP_COOKIE, - g_param_spec_string ("cookie", + PROP_X11_COOKIE, + g_param_spec_string ("x11-cookie", "cookie", "cookie", NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); g_object_class_install_property (object_class, - PROP_BINARY_COOKIE, - g_param_spec_string ("binary-cookie", - "binary-cookie", - "binary-cookie", - NULL, - G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); - g_object_class_install_property (object_class, - PROP_AUTHORITY_FILE, - g_param_spec_string ("authority-file", + PROP_X11_AUTHORITY_FILE, + g_param_spec_string ("x11-authority-file", "authority file", "authority file", NULL, diff --git a/daemon/gdm-display.h b/daemon/gdm-display.h index 55806705..fbf4aab4 100644 --- a/daemon/gdm-display.h +++ b/daemon/gdm-display.h @@ -70,8 +70,6 @@ GType gdm_display_get_type (void); int gdm_display_get_status (GdmDisplay *display); time_t gdm_display_get_creation_time (GdmDisplay *display); -char * gdm_display_get_cookie (GdmDisplay *display); -char * gdm_display_get_binary_cookie (GdmDisplay *display); char * gdm_display_get_user_auth (GdmDisplay *display); gboolean gdm_display_create_authority (GdmDisplay *display); @@ -96,6 +94,15 @@ gboolean gdm_display_is_local (GdmDisplay *disp gboolean *local, GError **error); +/* exported but protected */ +gboolean gdm_display_get_x11_cookie (GdmDisplay *display, + char **x11_cookie, + GError **error); +gboolean gdm_display_get_x11_authority_file (GdmDisplay *display, + char **file, + GError **error); + + G_END_DECLS #endif /* __GDM_DISPLAY_H */ diff --git a/daemon/gdm-display.xml b/daemon/gdm-display.xml index 80037db6..1a99d4d3 100644 --- a/daemon/gdm-display.xml +++ b/daemon/gdm-display.xml @@ -7,6 +7,12 @@ <method name="GetX11Display"> <arg name="name" direction="out" type="s"/> </method> + <method name="GetX11Cookie"> + <arg name="x11_cookie" direction="out" type="s"/> + </method> + <method name="GetX11AuthorityFile"> + <arg name="filename" direction="out" type="s"/> + </method> <method name="IsLocal"> <arg name="local" direction="out" type="b"/> </method> diff --git a/daemon/gdm-greeter.c b/daemon/gdm-greeter.c index 7c572857..7d6b8a06 100644 --- a/daemon/gdm-greeter.c +++ b/daemon/gdm-greeter.c @@ -66,8 +66,8 @@ struct GdmGreeterPrivate int greeter_fd_in; int greeter_fd_out; - char *display_name; - char *display_auth_file; + char *x11_display_name; + char *x11_authority_file; int user_max_filesize; @@ -79,7 +79,8 @@ struct GdmGreeterPrivate enum { PROP_0, - PROP_DISPLAY_NAME, + PROP_X11_DISPLAY_NAME, + PROP_X11_AUTHORITY_FILE, PROP_USER_NAME, PROP_GROUP_NAME, }; @@ -193,15 +194,17 @@ get_greeter_environment (GdmGreeter *greeter) /* create a hash table of current environment, then update keys has necessary */ hash = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + +#if 0 for (l = environ; *l != NULL; l++) { char **str; str = g_strsplit (*l, "=", 2); g_hash_table_insert (hash, str[0], str[1]); } +#endif - - g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (greeter->priv->display_auth_file)); - g_hash_table_insert (hash, g_strdup ("DISPLAY"), g_strdup (greeter->priv->display_name)); + g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (greeter->priv->x11_authority_file)); + g_hash_table_insert (hash, g_strdup ("DISPLAY"), g_strdup (greeter->priv->x11_display_name)); #if 0 /* hackish ain't it */ @@ -1137,11 +1140,19 @@ gdm_greeter_stop (GdmGreeter *greeter) static void -_gdm_greeter_set_display_name (GdmGreeter *greeter, - const char *name) +_gdm_greeter_set_x11_display_name (GdmGreeter *greeter, + const char *name) { - g_free (greeter->priv->display_name); - greeter->priv->display_name = g_strdup (name); + g_free (greeter->priv->x11_display_name); + greeter->priv->x11_display_name = g_strdup (name); +} + +static void +_gdm_greeter_set_x11_authority_file (GdmGreeter *greeter, + const char *file) +{ + g_free (greeter->priv->x11_authority_file); + greeter->priv->x11_authority_file = g_strdup (file); } static void @@ -1171,8 +1182,11 @@ gdm_greeter_set_property (GObject *object, self = GDM_GREETER (object); switch (prop_id) { - case PROP_DISPLAY_NAME: - _gdm_greeter_set_display_name (self, g_value_get_string (value)); + case PROP_X11_DISPLAY_NAME: + _gdm_greeter_set_x11_display_name (self, g_value_get_string (value)); + break; + case PROP_X11_AUTHORITY_FILE: + _gdm_greeter_set_x11_authority_file (self, g_value_get_string (value)); break; case PROP_USER_NAME: _gdm_greeter_set_user_name (self, g_value_get_string (value)); @@ -1197,8 +1211,11 @@ gdm_greeter_get_property (GObject *object, self = GDM_GREETER (object); switch (prop_id) { - case PROP_DISPLAY_NAME: - g_value_set_string (value, self->priv->display_name); + case PROP_X11_DISPLAY_NAME: + g_value_set_string (value, self->priv->x11_display_name); + break; + case PROP_X11_AUTHORITY_FILE: + g_value_set_string (value, self->priv->x11_authority_file); break; case PROP_USER_NAME: g_value_set_string (value, self->priv->user_name); @@ -1242,13 +1259,20 @@ gdm_greeter_class_init (GdmGreeterClass *klass) g_type_class_add_private (klass, sizeof (GdmGreeterPrivate)); g_object_class_install_property (object_class, - PROP_DISPLAY_NAME, - g_param_spec_string ("display-name", + PROP_X11_DISPLAY_NAME, + g_param_spec_string ("x11-display-name", "name", "name", NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, + PROP_X11_AUTHORITY_FILE, + g_param_spec_string ("x11-authority-file", + "authority file", + "authority file", + NULL, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); + g_object_class_install_property (object_class, PROP_USER_NAME, g_param_spec_string ("user-name", "user name", @@ -1299,7 +1323,7 @@ gdm_greeter_new (const char *display_name) GObject *object; object = g_object_new (GDM_TYPE_GREETER, - "display-name", display_name, + "x11-display-name", display_name, NULL); return GDM_GREETER (object); diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c index 443108c5..6863af79 100644 --- a/daemon/gdm-manager.c +++ b/daemon/gdm-manager.c @@ -47,8 +47,6 @@ #include "gdm-master-config.h" #include "gdm-daemon-config-entries.h" -#include "cookie.h" - #define GDM_MANAGER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GDM_TYPE_MANAGER, GdmManagerPrivate)) #define GDM_DBUS_PATH "/org/gnome/DisplayManager" @@ -63,7 +61,7 @@ struct GdmManagerPrivate gboolean xdmcp_enabled; - char *global_cookie; + GString *global_cookie; gboolean wait_for_go; gboolean no_console; @@ -171,8 +169,9 @@ make_global_cookie (GdmManager *manager) { FILE *fp; char *file; + GString *cookie; - gdm_cookie_generate ((char **)&manager->priv->global_cookie, NULL); + gdm_generate_cookie (manager->priv->global_cookie); file = g_build_filename (AUTHDIR, ".cookie", NULL); VE_IGNORE_EINTR (g_unlink (file)); @@ -184,7 +183,7 @@ make_global_cookie (GdmManager *manager) return; } - VE_IGNORE_EINTR (fprintf (fp, "%s\n", manager->priv->global_cookie)); + VE_IGNORE_EINTR (fprintf (fp, "%s\n", manager->priv->global_cookie->str)); /* FIXME: What about out of disk space errors? */ errno = 0; @@ -403,6 +402,8 @@ gdm_manager_init (GdmManager *manager) manager->priv->daemon_config = gdm_daemon_config_new (); + manager->priv->global_cookie = g_string_new (NULL); + make_global_cookie (manager); gdm_daemon_config_get_bool_for_id (manager->priv->daemon_config, @@ -439,6 +440,8 @@ gdm_manager_finalize (GObject *object) g_object_unref (manager->priv->daemon_config); } + g_string_free (manager->priv->global_cookie, TRUE); + G_OBJECT_CLASS (gdm_manager_parent_class)->finalize (object); } diff --git a/daemon/gdm-slave.c b/daemon/gdm-slave.c index 797de0d6..a9752583 100644 --- a/daemon/gdm-slave.c +++ b/daemon/gdm-slave.c @@ -60,6 +60,8 @@ extern char **environ; #define GDM_DBUS_NAME "org.gnome.DisplayManager" #define GDM_DBUS_DISPLAY_INTERFACE "org.gnome.DisplayManager.Display" +#define MAX_CONNECT_ATTEMPTS 10 + struct GdmSlavePrivate { char *id; @@ -71,6 +73,7 @@ struct GdmSlavePrivate GPid server_pid; Display *server_display; + guint connection_attempts; /* cached display values */ char *display_id; @@ -79,9 +82,10 @@ struct GdmSlavePrivate char *display_hostname; gboolean display_is_local; gboolean display_is_parented; - char *display_auth_file; + char *display_x11_authority_file; + char *display_x11_cookie; char *parent_display_name; - char *parent_display_auth_file; + char *parent_display_x11_authority_file; GdmServer *server; @@ -420,6 +424,7 @@ listify_hash (const char *key, { char *str; str = g_strdup_printf ("%s=%s", key, value); + g_debug ("environment: %s", str); g_ptr_array_add (env, str); } @@ -437,11 +442,14 @@ get_script_environment (GdmSlave *slave, /* create a hash table of current environment, then update keys has necessary */ hash = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + +#if 0 for (l = environ; *l != NULL; l++) { char **str; str = g_strsplit (*l, "=", 2); g_hash_table_insert (hash, str[0], str[1]); } +#endif /* modify environment here */ g_hash_table_insert (hash, g_strdup ("HOME"), g_strdup ("/")); @@ -479,7 +487,7 @@ get_script_environment (GdmSlave *slave, } /* Runs as root */ - g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (slave->priv->display_auth_file)); + g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (slave->priv->display_x11_authority_file)); g_hash_table_insert (hash, g_strdup ("DISPLAY"), g_strdup (slave->priv->display_name)); /*g_setenv ("PATH", gdm_daemon_config_get_value_string (GDM_KEY_ROOT_PATH), TRUE);*/ @@ -604,30 +612,12 @@ gdm_slave_exec_script (GdmSlave *slave, } static void -server_ready_cb (GdmServer *server, - GdmSlave *slave) +run_greeter (GdmSlave *slave) { - /* We keep our own (windowless) connection (dsp) open to avoid the - * X server resetting due to lack of active connections. */ - - g_debug ("Server is ready - opening display %s", slave->priv->display_name); - - gdm_sigchld_block_push (); - slave->priv->server_display = XOpenDisplay (slave->priv->display_name); - gdm_sigchld_block_pop (); - - if (slave->priv->server_display == NULL) { - return FALSE; - } - - - /* FIXME: handle wait for go */ - /* Set the busy cursor */ set_busy_cursor (slave); - /* FIXME: send a signal back to the master */ #if 0 @@ -658,6 +648,9 @@ server_ready_cb (GdmServer *server, "gdm"); slave->priv->greeter = gdm_greeter_new (slave->priv->display_name); + g_object_set (slave->priv->greeter, + "x11-authority-file", slave->priv->display_x11_authority_file, + NULL); gdm_greeter_start (slave->priv->greeter); /* If XDMCP stop pinging */ @@ -666,6 +659,102 @@ server_ready_cb (GdmServer *server, } } +static void +set_local_auth (GdmSlave *slave) +{ + GString *binary_cookie; + GString *cookie; + + g_debug ("Setting authorization key for display %s", slave->priv->display_x11_cookie); + + cookie = g_string_new (slave->priv->display_x11_cookie); + binary_cookie = g_string_new (NULL); + if (! gdm_string_hex_decode (cookie, + 0, + NULL, + binary_cookie, + 0)) { + g_warning ("Unable to decode hex cookie"); + goto out; + } + + g_debug ("Decoded cookie len %d", binary_cookie->len); + + XSetAuthorization ("MIT-MAGIC-COOKIE-1", + (int) strlen ("MIT-MAGIC-COOKIE-1"), + (char *)binary_cookie->str, + binary_cookie->len); + + out: + g_string_free (binary_cookie, TRUE); + g_string_free (cookie, TRUE); +} + +static gboolean +connect_to_display (GdmSlave *slave) +{ + /* We keep our own (windowless) connection (dsp) open to avoid the + * X server resetting due to lack of active connections. */ + + g_debug ("Server is ready - opening display %s", slave->priv->display_name); + + g_setenv ("DISPLAY", slave->priv->display_name, TRUE); + g_unsetenv ("XAUTHORITY"); /* just in case it's set */ + + + + set_local_auth (slave); + +#if 0 + /* X error handlers to avoid the default one (i.e. exit (1)) */ + do_xfailed_on_xio_error = TRUE; + XSetErrorHandler (gdm_slave_xerror_handler); + XSetIOErrorHandler (gdm_slave_xioerror_handler); +#endif + + gdm_sigchld_block_push (); + slave->priv->server_display = XOpenDisplay (slave->priv->display_name); + gdm_sigchld_block_pop (); + + if (slave->priv->server_display == NULL) { + g_warning ("Unable to connect to display %s", slave->priv->display_name); + return FALSE; + } else { + g_debug ("Connected to display %s", slave->priv->display_name); + } + + return TRUE; +} + +static gboolean +idle_connect_to_display (GdmSlave *slave) +{ + gboolean res; + + slave->priv->connection_attempts++; + + res = connect_to_display (slave); + if (res) { + /* FIXME: handle wait-for-go */ + + run_greeter (slave); + } else { + if (slave->priv->connection_attempts >= MAX_CONNECT_ATTEMPTS) { + g_warning ("Unable to connect to display after %d tries - bailing out", slave->priv->connection_attempts); + exit (1); + } + } + + return FALSE; +} + +static void +server_ready_cb (GdmServer *server, + GdmSlave *slave) +{ + g_timeout_add (500, (GSourceFunc)idle_connect_to_display, slave); +} + static gboolean gdm_slave_run (GdmSlave *slave) { @@ -695,27 +784,10 @@ gdm_slave_run (GdmSlave *slave) } g_debug ("Started X server"); + } else { + g_timeout_add (500, (GSourceFunc)idle_connect_to_display, slave); } - /* We can use d->handled from now on on this display, - * since the lookup was done in server start */ - - g_setenv ("DISPLAY", slave->priv->display_name, TRUE); - g_unsetenv ("XAUTHORITY"); /* just in case it's set */ - -#if 0 - gdm_auth_set_local_auth (d); -#endif - -#if 0 - /* X error handlers to avoid the default one (i.e. exit (1)) */ - do_xfailed_on_xio_error = TRUE; - XSetErrorHandler (gdm_slave_xerror_handler); - XSetIOErrorHandler (gdm_slave_xioerror_handler); -#endif - - /* now we wait for ready signal */ - return TRUE; } @@ -803,6 +875,42 @@ gdm_slave_start (GdmSlave *slave) return FALSE; } + error = NULL; + res = dbus_g_proxy_call (slave->priv->display_proxy, + "GetX11Cookie", + &error, + G_TYPE_INVALID, + G_TYPE_STRING, &slave->priv->display_x11_cookie, + G_TYPE_INVALID); + if (! res) { + if (error != NULL) { + g_warning ("Failed to get value: %s", error->message); + g_error_free (error); + } else { + g_warning ("Failed to get value"); + } + + return FALSE; + } + + error = NULL; + res = dbus_g_proxy_call (slave->priv->display_proxy, + "GetX11AuthorityFile", + &error, + G_TYPE_INVALID, + G_TYPE_STRING, &slave->priv->display_x11_authority_file, + G_TYPE_INVALID); + if (! res) { + if (error != NULL) { + g_warning ("Failed to get value: %s", error->message); + g_error_free (error); + } else { + g_warning ("Failed to get value"); + } + + return FALSE; + } + gdm_slave_run (slave); return TRUE; diff --git a/daemon/gdm-xdmcp-display.c b/daemon/gdm-xdmcp-display.c index 2201698f..18ed9019 100644 --- a/daemon/gdm-xdmcp-display.c +++ b/daemon/gdm-xdmcp-display.c @@ -42,7 +42,6 @@ #include "gdm-common.h" #include "gdm-address.h" -#include "cookie.h" #include "auth.h" #define GDM_XDMCP_DISPLAY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GDM_TYPE_XDMCP_DISPLAY, GdmXdmcpDisplayPrivate)) @@ -89,24 +88,27 @@ gdm_xdmcp_display_create_authority (GdmDisplay *display) gboolean ret; char *authfile; int display_num; - char *name; - char *cookie; - char *bcookie; + char *x11_display; + GString *cookie; GSList *authlist; char *basename; ret = FALSE; - name = NULL; + x11_display = NULL; g_object_get (display, - "name", &name, + "x11-display", &x11_display, "number", &display_num, NULL); - g_debug ("Setting up access for %s", name); + /* Create new random cookie */ + cookie = g_string_new (NULL); + gdm_generate_cookie (cookie); + + g_debug ("Setting up access for %s", x11_display); /* gdm and xserver authfile can be the same, server will run as root */ - basename = g_strconcat (name, ".Xauth", NULL); + basename = g_strconcat (x11_display, ".Xauth", NULL); authfile = g_build_filename (AUTHDIR, basename, NULL); g_free (basename); @@ -117,10 +119,8 @@ gdm_xdmcp_display_create_authority (GdmDisplay *display) goto out; } - /* Create new random cookie */ - gdm_cookie_generate (&cookie, &bcookie); authlist = NULL; - if (! gdm_auth_add_entry_for_display (display_num, bcookie, &authlist, af)) { + if (! gdm_auth_add_entry_for_display (display_num, cookie, &authlist, af)) { goto out; } @@ -134,21 +134,21 @@ gdm_xdmcp_display_create_authority (GdmDisplay *display) } g_debug ("Set up access for %s - %d entries", - name, + x11_display, g_slist_length (authlist)); /* FIXME: save authlist */ g_object_set (display, - "authority-file", authfile, - "cookie", cookie, - "binary-cookie", bcookie, + "x11-authority-file", authfile, + "x11-cookie", cookie->str, NULL); ret = TRUE; out: - g_free (name); + g_free (x11_display); + g_string_free (cookie, TRUE); return ret; } diff --git a/daemon/gdm-xdmcp-manager.c b/daemon/gdm-xdmcp-manager.c index 50278fff..822db905 100644 --- a/daemon/gdm-xdmcp-manager.c +++ b/daemon/gdm-xdmcp-manager.c @@ -56,7 +56,6 @@ #include "gdm-display-store.h" #include "auth.h" -#include "cookie.h" #include "choose.h" #include "gdm-master-config.h" #include "gdm-daemon-config-entries.h" @@ -1674,9 +1673,9 @@ remove_host (const char *id, } static void -gdm_xdmcp_display_dispose_check (GdmXdmcpManager *manager, - const char *hostname, - int display_num) +display_dispose_check (GdmXdmcpManager *manager, + const char *hostname, + int display_num) { RemoveHostData *data; @@ -1684,7 +1683,7 @@ gdm_xdmcp_display_dispose_check (GdmXdmcpManager *manager, return; } - g_debug ("gdm_xdmcp_display_dispose_check (%s:%d)", hostname, display_num); + g_debug ("display_dispose_check (%s:%d)", hostname, display_num); data = g_new0 (RemoveHostData, 1); data->hostname = hostname; @@ -1826,7 +1825,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, ARRAYofARRAY8 clnt_addr; ARRAY8 clnt_authname; ARRAY8 clnt_authdata; - ARRAYofARRAY8 clnt_authorization; + ARRAYofARRAY8 clnt_authorization_names; ARRAY8 clnt_manufacturer; int explen; int i; @@ -1893,7 +1892,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, } /* Read and select from supported authorization list */ - if G_UNLIKELY (! XdmcpReadARRAYofARRAY8 (&manager->priv->buf, &clnt_authorization)) { + if G_UNLIKELY (! XdmcpReadARRAYofARRAY8 (&manager->priv->buf, &clnt_authorization_names)) { g_warning (_("%s: Could not read Authorization List"), "gdm_xdmcp_handle_request"); XdmcpDisposeARRAY8 (&clnt_authdata); @@ -1904,11 +1903,12 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, } /* libXdmcp doesn't terminate strings properly so we cheat and use strncmp () */ - for (i = 0 ; i < clnt_authorization.length ; i++) - if (clnt_authorization.data[i].length == 18 && - strncmp ((char *) clnt_authorization.data[i].data, - "MIT-MAGIC-COOKIE-1", 18) == 0) + for (i = 0 ; i < clnt_authorization_names.length ; i++) { + if (clnt_authorization_names.data[i].length == 18 && + strncmp ((char *) clnt_authorization_names.data[i].data, "MIT-MAGIC-COOKIE-1", 18) == 0) { mitauth = TRUE; + } + } /* Manufacturer ID */ if G_UNLIKELY (! XdmcpReadARRAY8 (&manager->priv->buf, &clnt_manufacturer)) { @@ -1917,7 +1917,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, XdmcpDisposeARRAY8 (&clnt_authname); XdmcpDisposeARRAY8 (&clnt_authdata); XdmcpDisposeARRAYofARRAY8 (&clnt_addr); - XdmcpDisposeARRAYofARRAY8 (&clnt_authorization); + XdmcpDisposeARRAYofARRAY8 (&clnt_authorization_names); XdmcpDisposeARRAY16 (&clnt_conntyp); goto out; } @@ -1926,13 +1926,16 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, explen = 2; /* Display Number */ explen += 1 + 2 * clnt_conntyp.length; /* Connection Type */ explen += 1; /* Connection Address */ - for (i = 0 ; i < clnt_addr.length ; i++) + for (i = 0 ; i < clnt_addr.length ; i++) { explen += 2 + clnt_addr.data[i].length; + } explen += 2 + clnt_authname.length; /* Authentication Name */ explen += 2 + clnt_authdata.length; /* Authentication Data */ explen += 1; /* Authorization Names */ - for (i = 0 ; i < clnt_authorization.length ; i++) - explen += 2 + clnt_authorization.data[i].length; + for (i = 0 ; i < clnt_authorization_names.length ; i++) { + explen += 2 + clnt_authorization_names.data[i].length; + } + explen += 2 + clnt_manufacturer.length; if G_UNLIKELY (explen != len) { @@ -1944,7 +1947,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, XdmcpDisposeARRAY8 (&clnt_authdata); XdmcpDisposeARRAY8 (&clnt_manufacturer); XdmcpDisposeARRAYofARRAY8 (&clnt_addr); - XdmcpDisposeARRAYofARRAY8 (&clnt_authorization); + XdmcpDisposeARRAYofARRAY8 (&clnt_authorization_names); XdmcpDisposeARRAY16 (&clnt_conntyp); goto out; } @@ -1971,7 +1974,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, if (entered) { /* Check if we are already talking to this host */ - gdm_xdmcp_display_dispose_check (manager, hostname, clnt_dspnum); + display_dispose_check (manager, hostname, clnt_dspnum); if (manager->priv->num_pending_sessions >= manager->priv->max_pending_displays) { g_debug ("gdm_xdmcp_handle_request: maximum pending"); @@ -1991,10 +1994,29 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, ARRAY8 authentication_data; ARRAY8 authorization_name; ARRAY8 authorization_data; - char *binary_cookie; gint32 session_number; + char *x11_cookie; + GString *cookie; + GString *binary_cookie; + + gdm_display_get_x11_cookie (display, &x11_cookie, NULL); + cookie = g_string_new (x11_cookie); + g_free (x11_cookie); + + binary_cookie = g_string_new (NULL); + + if (! gdm_string_hex_decode (cookie, + 0, + NULL, + binary_cookie, + 0)) { + g_warning ("Unable to decode hex cookie"); + /* FIXME: handle error */ + } + + g_debug ("Sending authorization key for display %s", cookie->str); + g_debug ("Decoded cookie len %d", binary_cookie->len); - binary_cookie = gdm_display_get_binary_cookie (display); session_number = gdm_xdmcp_display_get_session_number (GDM_XDMCP_DISPLAY (display)); /* the send accept will fail if cookie is null */ @@ -2008,10 +2030,8 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, authorization_name.data = (CARD8 *) "MIT-MAGIC-COOKIE-1"; authorization_name.length = strlen ((char *) authorization_name.data); - authorization_data.data = (CARD8 *) binary_cookie; - authorization_data.length = 16; - - g_free (binary_cookie); + authorization_data.data = (CARD8 *) binary_cookie->str; + authorization_data.length = binary_cookie->len; /* the addrs are NOT copied */ gdm_xdmcp_send_accept (manager, @@ -2021,6 +2041,9 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, &authentication_data, &authorization_name, &authorization_data); + + g_string_free (binary_cookie, TRUE); + g_string_free (cookie, TRUE); } } } else { @@ -2048,7 +2071,7 @@ gdm_xdmcp_handle_request (GdmXdmcpManager *manager, XdmcpDisposeARRAY8 (&clnt_authdata); XdmcpDisposeARRAY8 (&clnt_manufacturer); XdmcpDisposeARRAYofARRAY8 (&clnt_addr); - XdmcpDisposeARRAYofARRAY8 (&clnt_authorization); + XdmcpDisposeARRAYofARRAY8 (&clnt_authorization_names); XdmcpDisposeARRAY16 (&clnt_conntyp); out: g_free (hostname); diff --git a/daemon/md5.c b/daemon/md5.c deleted file mode 100644 index 3faf29a0..00000000 --- a/daemon/md5.c +++ /dev/null @@ -1,267 +0,0 @@ -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * GdmMD5Context structure, pass it to gdm_md5_init, call - * gdm_md5_update as needed on buffers full of bytes, and then call - * gdm_md5_final, which will fill a supplied 16-byte array with the - * digest. - * - * Changed all names to avoid glibc namespace pollution -- mkp - * - */ - -#include "config.h" -#include <string.h> /* for memcpy () */ -#include <glib.h> - -#ifdef __LINUX__ -#include <endian.h> -#endif - -#include "md5.h" - -#if BYTE_ORDER == LITTLE_ENDIAN -#define byteReverse(buf, len) /* Nothing */ -#else - -/* - * Note: this code is harmless on little-endian machines. - */ -static void -byteReverse(unsigned char *buf, unsigned longs) -{ - guint32 t; - do { - t = (guint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | - ((unsigned) buf[1] << 8 | buf[0]); - *(guint32 *) buf = t; - buf += 4; - } while (--longs); -} - -#endif - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void -gdm_md5_init (struct GdmMD5Context *ctx) -{ - ctx->buf[0] = 0x67452301; - ctx->buf[1] = 0xefcdab89; - ctx->buf[2] = 0x98badcfe; - ctx->buf[3] = 0x10325476; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void -gdm_md5_update (struct GdmMD5Context *ctx, unsigned char const *buf, unsigned len) -{ - guint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = t + ((guint32) len << 3)) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - unsigned char *p = (unsigned char *) ctx->in + t; - - t = 64 - t; - if (len < t) { - memcpy (p, buf, len); - return; - } - memcpy (p, buf, t); - byteReverse(ctx->in, 16); - gdm_md5_transform (ctx->buf, (guint32 *) ctx->in); - buf += t; - len -= t; - } - - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy (ctx->in, buf, 64); - byteReverse(ctx->in, 16); - gdm_md5_transform (ctx->buf, (guint32 *) ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy (ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void -gdm_md5_final (unsigned char digest[16], struct GdmMD5Context *ctx) -{ - unsigned count; - unsigned char *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset (p, 0, count); - byteReverse(ctx->in, 16); - gdm_md5_transform (ctx->buf, (guint32 *) ctx->in); - - /* Now fill the next block with 56 bytes */ - memset (ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset (p, 0, count - 8); - } - byteReverse(ctx->in, 14); - - /* Append length in bits and transform */ - ((guint32 *) ctx->in)[14] = ctx->bits[0]; - ((guint32 *) ctx->in)[15] = ctx->bits[1]; - - gdm_md5_transform (ctx->buf, (guint32 *) ctx->in); - byteReverse((unsigned char *) ctx->buf, 4); - memcpy (digest, ctx->buf, 16); - memset (ctx, 0, sizeof (ctx)); /* In case it's sensitive */ -} - - -/* The four core functions - F1 is optimized somewhat */ - -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1 (z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define gdm_md5_step(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. GdmMD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -void -gdm_md5_transform (guint32 buf[4], guint32 const in[16]) -{ - register guint32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - gdm_md5_step(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - gdm_md5_step(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - gdm_md5_step(F1, c, d, a, b, in[2] + 0x242070db, 17); - gdm_md5_step(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - gdm_md5_step(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - gdm_md5_step(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - gdm_md5_step(F1, c, d, a, b, in[6] + 0xa8304613, 17); - gdm_md5_step(F1, b, c, d, a, in[7] + 0xfd469501, 22); - gdm_md5_step(F1, a, b, c, d, in[8] + 0x698098d8, 7); - gdm_md5_step(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - gdm_md5_step(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - gdm_md5_step(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - gdm_md5_step(F1, a, b, c, d, in[12] + 0x6b901122, 7); - gdm_md5_step(F1, d, a, b, c, in[13] + 0xfd987193, 12); - gdm_md5_step(F1, c, d, a, b, in[14] + 0xa679438e, 17); - gdm_md5_step(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - gdm_md5_step(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - gdm_md5_step(F2, d, a, b, c, in[6] + 0xc040b340, 9); - gdm_md5_step(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - gdm_md5_step(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - gdm_md5_step(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - gdm_md5_step(F2, d, a, b, c, in[10] + 0x02441453, 9); - gdm_md5_step(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - gdm_md5_step(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - gdm_md5_step(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - gdm_md5_step(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - gdm_md5_step(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - gdm_md5_step(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - gdm_md5_step(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - gdm_md5_step(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - gdm_md5_step(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - gdm_md5_step(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - gdm_md5_step(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - gdm_md5_step(F3, d, a, b, c, in[8] + 0x8771f681, 11); - gdm_md5_step(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - gdm_md5_step(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - gdm_md5_step(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - gdm_md5_step(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - gdm_md5_step(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - gdm_md5_step(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - gdm_md5_step(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - gdm_md5_step(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - gdm_md5_step(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - gdm_md5_step(F3, b, c, d, a, in[6] + 0x04881d05, 23); - gdm_md5_step(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - gdm_md5_step(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - gdm_md5_step(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - gdm_md5_step(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - gdm_md5_step(F4, a, b, c, d, in[0] + 0xf4292244, 6); - gdm_md5_step(F4, d, a, b, c, in[7] + 0x432aff97, 10); - gdm_md5_step(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - gdm_md5_step(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - gdm_md5_step(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - gdm_md5_step(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - gdm_md5_step(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - gdm_md5_step(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - gdm_md5_step(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - gdm_md5_step(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - gdm_md5_step(F4, c, d, a, b, in[6] + 0xa3014314, 15); - gdm_md5_step(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - gdm_md5_step(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - gdm_md5_step(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - gdm_md5_step(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - gdm_md5_step(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} - - - diff --git a/daemon/md5.h b/daemon/md5.h deleted file mode 100644 index 38b992b0..00000000 --- a/daemon/md5.h +++ /dev/null @@ -1,41 +0,0 @@ -/* GDM - The GNOME Display Manager - * Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#ifndef GdmMD5_H -#define GdmMD5_H - -#include <glib.h> - -struct GdmMD5Context { - guint32 buf[4]; - guint32 bits[2]; - unsigned char in[64]; -}; - -void gdm_md5_init (struct GdmMD5Context *context); -void gdm_md5_update (struct GdmMD5Context *context, unsigned char const *buf, - unsigned len); -void gdm_md5_final (unsigned char digest[16], struct GdmMD5Context *context); -void gdm_md5_transform (guint32 buf[4], guint32 const in[16]); - -/* - * This is needed to make RSAREF happy on some MS-DOS compilers. - */ -/* typedef struct gdm_md5_Context gdm_md5__CTX; */ - -#endif /* !GdmMD5_H */ |