summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Ancell <robert.ancell@canonical.com>2015-11-19 15:45:31 +1300
committerRobert Ancell <robert.ancell@canonical.com>2015-11-19 15:45:31 +1300
commit2178138278219b3b97930bd28295408c570135e6 (patch)
treee207f620ed848bc30a613f3c2593fc81bca482ab
parent09c292be4c9cdecf0e2ab0d3fd169c4fd32dc760 (diff)
downloadlightdm-2178138278219b3b97930bd28295408c570135e6.tar.gz
Refactor XDMCP error handling and add many more XDMCP tests
-rw-r--r--src/xdmcp-server.c135
-rw-r--r--tests/Makefile.am24
-rw-r--r--tests/scripts/xdmcp-client-xorg-1.16.conf5
-rw-r--r--tests/scripts/xdmcp-client.conf5
-rw-r--r--tests/scripts/xdmcp-server-autologin.conf11
-rw-r--r--tests/scripts/xdmcp-server-double-login.conf20
-rw-r--r--tests/scripts/xdmcp-server-guest.conf11
-rw-r--r--tests/scripts/xdmcp-server-invalid-authentication.conf33
-rw-r--r--tests/scripts/xdmcp-server-login.conf11
-rw-r--r--tests/scripts/xdmcp-server-open-file-descriptors.conf11
-rw-r--r--tests/scripts/xdmcp-server-request-invalid-authentication.conf29
-rw-r--r--tests/scripts/xdmcp-server-request-invalid-authorization.conf29
-rw-r--r--tests/scripts/xdmcp-server-request-without-addresses.conf13
-rw-r--r--tests/scripts/xdmcp-server-request-without-authorization.conf29
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf34
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-long-data.conf34
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf34
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf20
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-no-key.conf33
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-required.conf34
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication-short-data.conf34
-rw-r--r--tests/scripts/xdmcp-server-xdm-authentication.conf45
-rw-r--r--tests/src/X.c88
-rw-r--r--tests/src/test-runner.c2
-rw-r--r--tests/src/xdmcp-client.c114
-rw-r--r--tests/src/xdmcp-client.h26
-rwxr-xr-xtests/test-xdmcp-server-invalid-authentication2
-rwxr-xr-xtests/test-xdmcp-server-request-invalid-authentication2
-rwxr-xr-xtests/test-xdmcp-server-request-invalid-authorization2
-rwxr-xr-xtests/test-xdmcp-server-request-without-authorization2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-invalid-authorization2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-long-data2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-missing-data2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-missing-key2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-no-key2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-required2
-rwxr-xr-xtests/test-xdmcp-server-xdm-authentication-short-data2
38 files changed, 707 insertions, 181 deletions
diff --git a/src/xdmcp-server.c b/src/xdmcp-server.c
index 489e6bb3..330990d0 100644
--- a/src/xdmcp-server.c
+++ b/src/xdmcp-server.c
@@ -232,7 +232,7 @@ handle_query (XDMCPServer *server, GSocket *socket, GSocketAddress *address, gch
if (server->priv->key)
response->Unwilling.status = g_strdup_printf ("No matching authentication, server requires %s", get_authentication_name (server));
else
- response->Unwilling.status = g_strdup ("Server does not support authentication");
+ response->Unwilling.status = g_strdup ("No matching authentication");
}
send_packet (socket, address, response);
@@ -390,95 +390,90 @@ choose_connection (XDMCPPacket *packet, GInetAddress *source_address)
return &packet->Request.connections[index];
}
+static gboolean
+has_string (gchar **list, const gchar *text)
+{
+ gchar **i;
+
+ for (i = list; *i; i++)
+ if (strcmp (*i, text) == 0)
+ return TRUE;
+
+ return FALSE;
+}
+
static void
handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, XDMCPPacket *packet)
{
XDMCPPacket *response;
XDMCPSession *session;
- guint8 *authentication_data = NULL;
- gsize authentication_data_length = 0;
- gboolean match_authorization = FALSE;
- gchar *authorization_name;
- guint8 *authorization_data = NULL;
- gsize authorization_data_length = 0;
- guint8 *session_authorization_data = NULL;
- gsize session_authorization_data_length = 0;
- gchar **j;
+ gchar *authentication_name = NULL, *decline_status = NULL, *authorization_name, *display_number;
+ guint8 *authentication_data = NULL, *authorization_data = NULL, *session_authorization_data = NULL;
+ gsize authentication_data_length = 0, authorization_data_length = 0, session_authorization_data_length = 0;
XDMCPConnection *connection;
- gchar *display_number;
XdmAuthKeyRec rho;
- /* Choose an address to connect back on */
- connection = choose_connection (packet, g_inet_socket_address_get_address (G_INET_SOCKET_ADDRESS (address)));
-
- /* Decline if haven't got an address we can connect on */
- if (!connection)
+ /* Check authentication */
+ if (strcmp (packet->Request.authentication_name, "") == 0)
{
- response = xdmcp_packet_alloc (XDMCP_Decline);
- response->Decline.status = g_strdup ("No valid address found");
- response->Decline.authentication_name = g_strdup (packet->Request.authentication_name);
- response->Decline.authentication_data.data = authentication_data;
- response->Decline.authentication_data.length = authentication_data_length;
- send_packet (socket, address, response);
- xdmcp_packet_free (response);
- return;
- }
-
- /* Must be using our authentication scheme */
- if (strcmp (packet->Request.authentication_name, get_authentication_name (server)) != 0)
- {
- response = xdmcp_packet_alloc (XDMCP_Decline);
- if (server->priv->key)
- response->Decline.status = g_strdup_printf ("Server only supports %s authentication", get_authentication_name (server));
+ if (!server->priv->key)
+ {
+ if (!has_string (packet->Request.authorization_names, "MIT-MAGIC-COOKIE-1"))
+ decline_status = g_strdup ("No matching authorization, server requires MIT-MAGIC-COOKIE-1");
+ }
else
- response->Decline.status = g_strdup ("Server does not support authentication");
- response->Decline.authentication_name = g_strdup ("");
- send_packet (socket, address, response);
- xdmcp_packet_free (response);
- return;
+ decline_status = g_strdup ("No matching authentication, server requires XDM-AUTHENTICATION-1");
}
-
- /* Perform requested authentication */
- if (server->priv->key)
+ else if (strcmp (packet->Request.authentication_name, "XDM-AUTHENTICATION-1") == 0 && server->priv->key)
{
- guint8 input[8], key[8];
-
- memset (input, 0, 8);
- memcpy (input, packet->Request.authentication_data.data, packet->Request.authentication_data.length > 8 ? 8 : packet->Request.authentication_data.length);
+ if (packet->Request.authentication_data.length == 8)
+ {
+ guint8 input[8], key[8];
- /* Setup key */
- decode_key (server->priv->key, key);
+ memcpy (input, packet->Request.authentication_data.data, packet->Request.authentication_data.length);
- /* Decode message from server */
- authentication_data = g_malloc (sizeof (guint8) * 8);
- authentication_data_length = 8;
+ /* Setup key */
+ decode_key (server->priv->key, key);
- XdmcpUnwrap (input, key, rho.data, authentication_data_length);
- XdmcpIncrementKey (&rho);
- XdmcpWrap (rho.data, key, authentication_data, authentication_data_length);
+ /* Decode message from server */
+ authentication_name = g_strdup ("XDM-AUTHENTICATION-1");
+ authentication_data = g_malloc (sizeof (guint8) * 8);
+ authentication_data_length = 8;
+
+ XdmcpUnwrap (input, key, rho.data, authentication_data_length);
+ XdmcpIncrementKey (&rho);
+ XdmcpWrap (rho.data, key, authentication_data, authentication_data_length);
- authorization_name = g_strdup ("XDM-AUTHORIZATION-1");
+ if (!has_string (packet->Request.authorization_names, "XDM-AUTHORIZATION-1"))
+ decline_status = g_strdup ("No matching authorization, server requires XDM-AUTHORIZATION-1");
+ }
+ else
+ decline_status = g_strdup ("Invalid XDM-AUTHENTICATION-1 data provided");
}
else
- authorization_name = g_strdup ("MIT-MAGIC-COOKIE-1");
-
- /* Check if they support our authorization */
- for (j = packet->Request.authorization_names; *j; j++)
{
- if (strcmp (*j, authorization_name) == 0)
- {
- match_authorization = TRUE;
- break;
- }
+ if (strcmp (packet->Request.authentication_name, "") == 0)
+ decline_status = g_strdup_printf ("No matching authentication, server does not support unauthenticated connections");
+ else if (server->priv->key)
+ decline_status = g_strdup ("No matching authentication, server requires XDM-AUTHENTICATION-1");
+ else
+ decline_status = g_strdup ("No matching authentication, server only supports unauthenticated connections");
}
- /* Decline if don't support out authorization */
- if (!match_authorization)
+ /* Choose an address to connect back on */
+ connection = choose_connection (packet, g_inet_socket_address_get_address (G_INET_SOCKET_ADDRESS (address)));
+ if (!connection && !decline_status)
+ decline_status = g_strdup ("No valid address found");
+
+ if (!authentication_name)
+ authentication_name = g_strdup ("");
+
+ /* Decline if request was not valid */
+ if (decline_status)
{
response = xdmcp_packet_alloc (XDMCP_Decline);
- response->Decline.status = g_strdup_printf ("Server requires %s authorization", authorization_name);
- g_free (authorization_name);
- response->Decline.authentication_name = g_strdup (packet->Request.authentication_name);
+ response->Decline.status = decline_status;
+ response->Decline.authentication_name = authentication_name;
response->Decline.authentication_data.data = authentication_data;
response->Decline.authentication_data.length = authentication_data_length;
send_packet (socket, address, response);
@@ -486,7 +481,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X
return;
}
- /* Perform requested authorization */
+ /* Generate authorization data */
if (server->priv->key)
{
gint i;
@@ -507,6 +502,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X
XdmcpWrap (session_key, key, authorization_data, authorization_data_length);
/* Authorization data is the number received from the client followed by the private session key */
+ authorization_name = g_strdup ("XDM-AUTHORIZATION-1");
session_authorization_data = g_malloc (16);
session_authorization_data_length = 16;
XdmcpDecrementKey (&rho);
@@ -521,6 +517,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X
auth = x_authority_new_cookie (XAUTH_FAMILY_WILD, NULL, 0, "");
authorization_data = x_authority_copy_authorization_data (auth);
authorization_data_length = x_authority_get_authorization_data_length (auth);
+ authorization_name = g_strdup ("MIT-MAGIC-COOKIE-1");
session_authorization_data = x_authority_copy_authorization_data (auth);
session_authorization_data_length = x_authority_get_authorization_data_length (auth);
@@ -560,7 +557,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X
response = xdmcp_packet_alloc (XDMCP_Accept);
response->Accept.session_id = xdmcp_session_get_id (session);
- response->Accept.authentication_name = g_strdup (packet->Request.authentication_name);
+ response->Accept.authentication_name = authentication_name;
response->Accept.authentication_data.data = authentication_data;
response->Accept.authentication_data.length = authentication_data_length;
response->Accept.authorization_name = authorization_name;
diff --git a/tests/Makefile.am b/tests/Makefile.am
index ebb88b60..a73046f0 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -179,7 +179,19 @@ TESTS = \
test-xdmcp-server-login \
test-xdmcp-server-double-login \
test-xdmcp-server-guest \
+ test-xdmcp-server-xdm-authentication \
+ test-xdmcp-server-xdm-authentication-missing-data \
+ test-xdmcp-server-xdm-authentication-short-data \
+ test-xdmcp-server-xdm-authentication-long-data \
+ test-xdmcp-server-xdm-authentication-required \
+ test-xdmcp-server-xdm-authentication-missing-key \
+ test-xdmcp-server-xdm-authentication-no-key \
+ test-xdmcp-server-xdm-authentication-invalid-authorization \
+ test-xdmcp-server-invalid-authentication \
test-xdmcp-server-request-without-addresses \
+ test-xdmcp-server-request-without-authorization \
+ test-xdmcp-server-request-invalid-authentication \
+ test-xdmcp-server-request-invalid-authorization \
test-utmp-login \
test-utmp-autologin \
test-utmp-wrong-password \
@@ -598,9 +610,21 @@ EXTRA_DIST = \
scripts/xdmcp-server-autologin.conf \
scripts/xdmcp-server-double-login.conf \
scripts/xdmcp-server-guest.conf \
+ scripts/xdmcp-server-invalid-authentication.conf \
scripts/xdmcp-server-login.conf \
scripts/xdmcp-server-open-file-descriptors.conf \
+ scripts/xdmcp-server-request-invalid-authentication.conf \
+ scripts/xdmcp-server-request-invalid-authorization.conf \
scripts/xdmcp-server-request-without-addresses.conf \
+ scripts/xdmcp-server-request-without-authorization.conf \
+ scripts/xdmcp-server-xdm-authentication.conf \
+ scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf \
+ scripts/xdmcp-server-xdm-authentication-long-data.conf \
+ scripts/xdmcp-server-xdm-authentication-missing-key.conf \
+ scripts/xdmcp-server-xdm-authentication-missing-data.conf \
+ scripts/xdmcp-server-xdm-authentication-no-key.conf \
+ scripts/xdmcp-server-xdm-authentication-required.conf \
+ scripts/xdmcp-server-xdm-authentication-short-data.conf \
scripts/xremote-autologin.conf \
scripts/xremote-login.conf \
scripts/xserver-config.conf \
diff --git a/tests/scripts/xdmcp-client-xorg-1.16.conf b/tests/scripts/xdmcp-client-xorg-1.16.conf
index c41cb13e..c1a50db1 100644
--- a/tests/scripts/xdmcp-client-xorg-1.16.conf
+++ b/tests/scripts/xdmcp-client-xorg-1.16.conf
@@ -17,9 +17,8 @@ xdmcp-manager=127.0.0.1
#?XSERVER-0 INDICATE-READY
#?XSERVER-0 ACCEPT-CONNECT
-# Starts sending XDMCP queries
-#?*XSERVER-0 START-XDMCP
-#?XSERVER-0 SEND-QUERY
+# Send an XDMCP queriy
+#?*XSERVER-0 SEND-QUERY
# Wait to check a greeter is not started
#?*WAIT
diff --git a/tests/scripts/xdmcp-client.conf b/tests/scripts/xdmcp-client.conf
index f29bb41c..5e76317b 100644
--- a/tests/scripts/xdmcp-client.conf
+++ b/tests/scripts/xdmcp-client.conf
@@ -14,9 +14,8 @@ xdmcp-manager=127.0.0.1
#?XSERVER-0 INDICATE-READY
#?XSERVER-0 ACCEPT-CONNECT
-# Starts sending XDMCP queries
-#?*XSERVER-0 START-XDMCP
-#?XSERVER-0 SEND-QUERY
+# Send an XDMCP query
+#?*XSERVER-0 SEND-QUERY
# Wait to check a greeter is not started
#?*WAIT
diff --git a/tests/scripts/xdmcp-server-autologin.conf b/tests/scripts/xdmcp-server-autologin.conf
index 414ab0fe..2bfa5623 100644
--- a/tests/scripts/xdmcp-server-autologin.conf
+++ b/tests/scripts/xdmcp-server-autologin.conf
@@ -20,13 +20,12 @@ autologin-user=have-password1
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-98 SEND-MANAGE
diff --git a/tests/scripts/xdmcp-server-double-login.conf b/tests/scripts/xdmcp-server-double-login.conf
index 94efd55b..6acc2052 100644
--- a/tests/scripts/xdmcp-server-double-login.conf
+++ b/tests/scripts/xdmcp-server-double-login.conf
@@ -19,13 +19,12 @@ user-session=default
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-98 SEND-MANAGE
@@ -58,12 +57,11 @@ user-session=default
#?*START-XSERVER ARGS=":99 -query 127.0.0.1 -nolisten unix"
#?XSERVER-99 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-99 START-XDMCP
-#?XSERVER-99 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-99 SEND-QUERY
#?XSERVER-99 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
+
+# Connect - daemon says OK
#?*XSERVER-99 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
#?XSERVER-99 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-99 SEND-MANAGE
diff --git a/tests/scripts/xdmcp-server-guest.conf b/tests/scripts/xdmcp-server-guest.conf
index c180026b..3dfea24e 100644
--- a/tests/scripts/xdmcp-server-guest.conf
+++ b/tests/scripts/xdmcp-server-guest.conf
@@ -19,13 +19,12 @@ user-session=default
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-98 SEND-MANAGE
diff --git a/tests/scripts/xdmcp-server-invalid-authentication.conf b/tests/scripts/xdmcp-server-invalid-authentication.conf
new file mode 100644
index 00000000..e852f64c
--- /dev/null
+++ b/tests/scripts/xdmcp-server-invalid-authentication.conf
@@ -0,0 +1,33 @@
+#
+# Check that a remote X server can't login if not using required authentication
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Connect with an invalid authentication name - daemon says no
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="NO-SUCH-AUTHENTICATION"
+#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication"
+
+# Try anyway - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="NO-SUCH-AUTHENTICATION" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-login.conf b/tests/scripts/xdmcp-server-login.conf
index 79cf8edd..3ca44b52 100644
--- a/tests/scripts/xdmcp-server-login.conf
+++ b/tests/scripts/xdmcp-server-login.conf
@@ -19,13 +19,12 @@ user-session=default
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-98 SEND-MANAGE
diff --git a/tests/scripts/xdmcp-server-open-file-descriptors.conf b/tests/scripts/xdmcp-server-open-file-descriptors.conf
index b7fa3f5d..8cb7a902 100644
--- a/tests/scripts/xdmcp-server-open-file-descriptors.conf
+++ b/tests/scripts/xdmcp-server-open-file-descriptors.conf
@@ -19,13 +19,12 @@ user-session=default
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1"
#?*XSERVER-98 SEND-MANAGE
diff --git a/tests/scripts/xdmcp-server-request-invalid-authentication.conf b/tests/scripts/xdmcp-server-request-invalid-authentication.conf
new file mode 100644
index 00000000..3b3a2aa2
--- /dev/null
+++ b/tests/scripts/xdmcp-server-request-invalid-authentication.conf
@@ -0,0 +1,29 @@
+#
+# Check remote X server sending a request with an invalid authentication is declined
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
+
+# Connect with an invalid authentication - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="NO-SUCH-AUTHENTICATION" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-request-invalid-authorization.conf b/tests/scripts/xdmcp-server-request-invalid-authorization.conf
new file mode 100644
index 00000000..a577a01f
--- /dev/null
+++ b/tests/scripts/xdmcp-server-request-invalid-authorization.conf
@@ -0,0 +1,29 @@
+#
+# Check remote X server sending a request with an invalid authorization is declined
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
+
+# Connect with an invalid authorization - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="NO-SUCH-AUTHORIZATION"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires MIT-MAGIC-COOKIE-1" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-request-without-addresses.conf b/tests/scripts/xdmcp-server-request-without-addresses.conf
index 35405a29..31b358e1 100644
--- a/tests/scripts/xdmcp-server-request-without-addresses.conf
+++ b/tests/scripts/xdmcp-server-request-without-addresses.conf
@@ -1,5 +1,5 @@
#
-# Check remote X server sending a request without connections is ignored
+# Check remote X server sending a request without connections is declined
#
[LightDM]
@@ -16,13 +16,12 @@ enabled=true
#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
-# Start sending XDMCP queries
-#?*XSERVER-98 START-XDMCP
-#?XSERVER-98 SEND-QUERY
-
-# Negotiate with daemon
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
-#?*XSERVER-98 SEND-REQUEST ADDRESSES="" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER"
+
+# Connect without providing an address - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
#?XSERVER-98 GOT-DECLINE STATUS="No valid address found" AUTHENTICATION-NAME=""
# Clean up
diff --git a/tests/scripts/xdmcp-server-request-without-authorization.conf b/tests/scripts/xdmcp-server-request-without-authorization.conf
new file mode 100644
index 00000000..2cb1a13f
--- /dev/null
+++ b/tests/scripts/xdmcp-server-request-without-authorization.conf
@@ -0,0 +1,29 @@
+#
+# Check remote X server sending a request without an authorization is declined
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect - daemon says OK
+#?*XSERVER-98 SEND-QUERY
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS=""
+
+# Connect without authorization - daemon says no
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES=""
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires MIT-MAGIC-COOKIE-1" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf b/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf
new file mode 100644
index 00000000..efac51bc
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf
@@ -0,0 +1,34 @@
+#
+# Check that a remote X server needs both XDM authentication and authorization
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says OK
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS=""
+
+# Connect with wrong authorization - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="0123456789ABCDEF" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires XDM-AUTHORIZATION-1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1"
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf
new file mode 100644
index 00000000..71dcd211
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf
@@ -0,0 +1,34 @@
+#
+# Check that a remote X server needs both XDM authentication and correct length authentication data
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says OK
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS=""
+
+# Connect without any authentication data - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf
new file mode 100644
index 00000000..1ed1724f
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf
@@ -0,0 +1,34 @@
+#
+# Check that a remote X server needs both XDM authentication and authentication data
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says OK
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS=""
+
+# Connect without any authentication data - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf b/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf
new file mode 100644
index 00000000..aba90d35
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf
@@ -0,0 +1,20 @@
+#
+# Check that a remote X server can't login if requires XDM authentication and we're not configured for it
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=no-such-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+
+# Daemon stops with error
+#?RUNNER DAEMON-EXIT STATUS=1
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf b/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf
new file mode 100644
index 00000000..567be1e7
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf
@@ -0,0 +1,33 @@
+#
+# Check that a remote X server can't login if requires XDM authentication and we're not configured for it
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says we don't do that
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication"
+
+# Try anyway - daemon rejects
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHORIZATION-NAME="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-required.conf b/tests/scripts/xdmcp-server-xdm-authentication-required.conf
new file mode 100644
index 00000000..d87b668c
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-required.conf
@@ -0,0 +1,34 @@
+#
+# Check that a remote X server can't login if not using required authentication
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connection without authentication - daemon says we don't do that
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES=""
+#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication, server requires XDM-AUTHENTICATION-1"
+
+# Try anyway - daemon rejects
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server requires XDM-AUTHENTICATION-1" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf
new file mode 100644
index 00000000..3f3d442f
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf
@@ -0,0 +1,34 @@
+#
+# Check that a remote X server needs both XDM authentication and correct length authentication data
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says OK
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS=""
+
+# Connect without any authentication data - daemon declines
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="00" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME=""
+
+# Clean up
+#?*STOP-DAEMON
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/scripts/xdmcp-server-xdm-authentication.conf b/tests/scripts/xdmcp-server-xdm-authentication.conf
new file mode 100644
index 00000000..aae66e44
--- /dev/null
+++ b/tests/scripts/xdmcp-server-xdm-authentication.conf
@@ -0,0 +1,45 @@
+#
+# Check that a remote X server can autologin via XDMCP using XDM authentication
+#
+
+[LightDM]
+start-default-seat=false
+
+[XDMCPServer]
+enabled=true
+key=test-key
+
+[Seat:*]
+user-session=default
+autologin-user=have-password1
+
+#?*START-DAEMON
+#?RUNNER DAEMON-START
+#?*WAIT
+
+# Start a remote X server to log in with XDMCP
+#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix"
+#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX
+
+# Request to connect with XDM authentication - daemon says OK
+#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1"
+#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS=""
+
+# Connect - daemon says OK
+#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="0123456789ABCDEF" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1"
+#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHORIZATION-NAME="XDM-AUTHORIZATION-1"
+#?*XSERVER-98 SEND-MANAGE
+
+# LightDM connects to X server
+#?XSERVER-98 ACCEPT-CONNECT
+
+# Session starts
+#?SESSION-X-127.0.0.1:98 START XDG_SESSION_TYPE=x11 XDG_SESSION_DESKTOP=default USER=have-password1
+#?LOGIN1 ACTIVATE-SESSION SESSION=c0
+#?XSERVER-98 ACCEPT-CONNECT
+#?SESSION-X-127.0.0.1:98 CONNECT-XSERVER
+
+# Clean up
+#?*STOP-DAEMON
+#?SESSION-X-127.0.0.1:98 TERMINATE SIGNAL=15
+#?RUNNER DAEMON-EXIT STATUS=0
diff --git a/tests/src/X.c b/tests/src/X.c
index d62510b4..210781f7 100644
--- a/tests/src/X.c
+++ b/tests/src/X.c
@@ -104,21 +104,15 @@ sigterm_cb (gpointer user_data)
}
static void
-xdmcp_query_cb (XDMCPClient *client)
+xdmcp_willing_cb (XDMCPClient *client, XDMCPWilling *message)
{
- static gboolean notified_query = FALSE;
-
- if (!notified_query)
- {
- status_notify ("%s SEND-QUERY", id);
- notified_query = TRUE;
- }
+ status_notify ("%s GOT-WILLING AUTHENTICATION-NAME=\"%s\" HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->authentication_name, message->hostname, message->status);
}
static void
-xdmcp_willing_cb (XDMCPClient *client, XDMCPWilling *message)
+xdmcp_unwilling_cb (XDMCPClient *client, XDMCPUnwilling *message)
{
- status_notify ("%s GOT-WILLING AUTHENTICATION-NAME=\"%s\" HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->authentication_name, message->hostname, message->status);
+ status_notify ("%s GOT-UNWILLING HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->hostname, message->status);
}
static void
@@ -159,6 +153,19 @@ client_disconnected_cb (XServer *server, XClient *client)
g_signal_handlers_disconnect_matched (client, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, NULL);
}
+static guint8
+get_nibble (char c)
+{
+ if (c >= '0' && c <= '9')
+ return c - '0';
+ else if (c >= 'a' && c <= 'f')
+ return c - 'a' + 10;
+ else if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+ else
+ return 0;
+}
+
static void
request_cb (const gchar *name, GHashTable *params)
{
@@ -187,23 +194,45 @@ request_cb (const gchar *name, GHashTable *params)
signal (SIGUSR1, handler);
}
- else if (strcmp (name, "START-XDMCP") == 0)
+ else if (strcmp (name, "SEND-QUERY") == 0)
{
+ const gchar *authentication_names_list;
+ gchar **authentication_names;
+
if (!xdmcp_client_start (xdmcp_client))
quit (EXIT_FAILURE);
+
+ authentication_names_list = g_hash_table_lookup (params, "AUTHENTICATION-NAMES");
+ if (!authentication_names_list)
+ authentication_names_list = "";
+ authentication_names = g_strsplit (authentication_names_list, " ", -1);
+
+ xdmcp_client_send_query (xdmcp_client, authentication_names);
+ g_strfreev (authentication_names);
}
else if (strcmp (name, "SEND-REQUEST") == 0)
{
- const gchar *addresses_list, *authorization_names_list, *mfid;
+ const gchar *text, *addresses_list, *authentication_name, *authentication_data_text, *authorization_names_list, *mfid;
+ int request_display_number = display_number;
gchar **list, **authorization_names;
- gsize list_length;
+ guint8 *authentication_data;
+ gsize authentication_data_length, list_length;
gint i;
GInetAddress **addresses;
+ text = g_hash_table_lookup (params, "DISPLAY-NUMBER");
+ if (text)
+ request_display_number = atoi (text);
addresses_list = g_hash_table_lookup (params, "ADDRESSES");
if (!addresses_list)
addresses_list = "";
+ authentication_name = g_hash_table_lookup (params, "AUTHENTICATION-NAME");
+ if (!authentication_name)
+ authentication_name = "";
+ authentication_data_text = g_hash_table_lookup (params, "AUTHENTICATION-DATA");
+ if (!authentication_data_text)
+ authentication_data_text = "";
authorization_names_list = g_hash_table_lookup (params, "AUTHORIZATION-NAMES");
if (!authorization_names_list)
authorization_names_list = "";
@@ -219,18 +248,43 @@ request_cb (const gchar *name, GHashTable *params)
addresses[i] = NULL;
g_strfreev (list);
+ authentication_data_length = strlen (authentication_data_text) / 2;
+ authentication_data = malloc (authentication_data_length);
+ for (i = 0; i < authentication_data_length; i++)
+ authentication_data[i] = get_nibble (authentication_data_text[i*2]) << 4 | get_nibble (authentication_data_text[i*2+1]);
+
authorization_names = g_strsplit (authorization_names_list, " ", -1);
- xdmcp_client_send_request (xdmcp_client, display_number,
+ xdmcp_client_send_request (xdmcp_client,
+ request_display_number,
addresses,
- "", NULL, 0,
+ authentication_name,
+ authentication_data, authentication_data_length,
authorization_names, mfid);
+ g_free (authentication_data);
g_strfreev (authorization_names);
}
else if (strcmp (name, "SEND-MANAGE") == 0)
{
- xdmcp_client_send_manage (xdmcp_client, xdmcp_session_id, display_number, "DISPLAY CLASS");
+ const char *text, *display_class;
+ guint32 session_id = xdmcp_session_id;
+ guint16 manage_display_number = display_number;
+
+ text = g_hash_table_lookup (params, "SESSION-ID");
+ if (text)
+ session_id = atoi (text);
+ text = g_hash_table_lookup (params, "DISPLAY-NUMBER");
+ if (text)
+ manage_display_number = atoi (text);
+ display_class = g_hash_table_lookup (params, "DISPLAY-CLASS");
+
+ if (!display_class)
+ display_class = "";
+ xdmcp_client_send_manage (xdmcp_client,
+ session_id,
+ manage_display_number,
+ display_class);
}
}
@@ -506,8 +560,8 @@ main (int argc, char **argv)
xdmcp_client_set_hostname (xdmcp_client, xdmcp_host);
if (xdmcp_port > 0)
xdmcp_client_set_port (xdmcp_client, xdmcp_port);
- g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_QUERY, G_CALLBACK (xdmcp_query_cb), NULL);
g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_WILLING, G_CALLBACK (xdmcp_willing_cb), NULL);
+ g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_UNWILLING, G_CALLBACK (xdmcp_unwilling_cb), NULL);
g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_ACCEPT, G_CALLBACK (xdmcp_accept_cb), NULL);
g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_DECLINE, G_CALLBACK (xdmcp_decline_cb), NULL);
g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_FAILED, G_CALLBACK (xdmcp_failed_cb), NULL);
diff --git a/tests/src/test-runner.c b/tests/src/test-runner.c
index 8497f66b..479a2ffa 100644
--- a/tests/src/test-runner.c
+++ b/tests/src/test-runner.c
@@ -2616,6 +2616,8 @@ main (int argc, char **argv)
if (!g_key_file_has_key (config, "test-runner-config", "have-config", NULL) || g_key_file_get_boolean (config, "test-runner-config", "have-config", NULL))
if (system (g_strdup_printf ("cp %s %s/etc/lightdm/lightdm.conf", config_path, temp_dir)))
perror ("Failed to copy configuration");
+ if (system (g_strdup_printf ("cp %s/tests/data/keys.conf %s/etc/lightdm/", SRCDIR, temp_dir)))
+ perror ("Failed to copy key configuration");
additional_system_config = g_key_file_get_string (config, "test-runner-config", "additional-system-config", NULL);
if (additional_system_config)
diff --git a/tests/src/xdmcp-client.c b/tests/src/xdmcp-client.c
index eda3c766..75e01c34 100644
--- a/tests/src/xdmcp-client.c
+++ b/tests/src/xdmcp-client.c
@@ -36,15 +36,15 @@ struct XDMCPClientPrivate
gchar *host;
gint port;
GSocket *socket;
- guint query_timer;
+ gchar *authentication_names;
gchar *authorization_name;
gint authorization_data_length;
guint8 *authorization_data;
};
enum {
- XDMCP_CLIENT_QUERY,
XDMCP_CLIENT_WILLING,
+ XDMCP_CLIENT_UNWILLING,
XDMCP_CLIENT_ACCEPT,
XDMCP_CLIENT_DECLINE,
XDMCP_CLIENT_FAILED,
@@ -73,16 +73,6 @@ decode_willing (XDMCPClient *client, const guint8 *buffer, gssize buffer_length)
gsize offset = 0;
guint16 length;
- if (client->priv->query_timer == 0)
- {
- g_debug ("Ignoring XDMCP unrequested/duplicate Willing");
- return;
- }
-
- /* Stop sending queries */
- g_source_remove (client->priv->query_timer);
- client->priv->query_timer = 0;
-
message = g_malloc0 (sizeof (XDMCPWilling));
length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset);
@@ -101,6 +91,27 @@ decode_willing (XDMCPClient *client, const guint8 *buffer, gssize buffer_length)
}
static void
+decode_unwilling (XDMCPClient *client, const guint8 *buffer, gssize buffer_length)
+{
+ XDMCPUnwilling *message;
+ gsize offset = 0;
+ guint16 length;
+
+ message = g_malloc0 (sizeof (XDMCPUnwilling));
+
+ length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset);
+ message->hostname = read_string (buffer, buffer_length, length, &offset);
+ length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset);
+ message->status = read_string (buffer, buffer_length, length, &offset);
+
+ g_signal_emit (client, xdmcp_client_signals[XDMCP_CLIENT_UNWILLING], 0, message);
+
+ g_free (message->hostname);
+ g_free (message->status);
+ g_free (message);
+}
+
+static void
decode_accept (XDMCPClient *client, const guint8 *buffer, gssize buffer_length)
{
XDMCPAccept *message;
@@ -209,6 +220,10 @@ xdmcp_data_cb (GIOChannel *channel, GIOCondition condition, gpointer data)
decode_willing (client, buffer + offset, n_read - offset);
break;
+ case XDMCP_Unwilling:
+ decode_unwilling (client, buffer + offset, n_read - offset);
+ break;
+
case XDMCP_Accept:
decode_accept (client, buffer + offset, n_read - offset);
break;
@@ -230,15 +245,6 @@ xdmcp_data_cb (GIOChannel *channel, GIOCondition condition, gpointer data)
return TRUE;
}
-static gboolean
-xdmcp_query_cb (gpointer data)
-{
- XDMCPClient *client = data;
- g_signal_emit (client, xdmcp_client_signals[XDMCP_CLIENT_QUERY], 0);
- xdmcp_client_send_query (client);
- return TRUE;
-}
-
XDMCPClient *
xdmcp_client_new (void)
{
@@ -266,6 +272,9 @@ xdmcp_client_start (XDMCPClient *client)
gboolean result;
GError *error = NULL;
+ if (client->priv->socket)
+ return TRUE;
+
client->priv->socket = g_socket_new (G_SOCKET_FAMILY_IPV4, G_SOCKET_TYPE_DATAGRAM, G_SOCKET_PROTOCOL_UDP, &error);
if (error)
g_warning ("Error creating XDMCP socket: %s", error->message);
@@ -303,9 +312,6 @@ xdmcp_client_start (XDMCPClient *client)
g_io_add_watch (g_io_channel_unix_new (g_socket_get_fd (client->priv->socket)), G_IO_IN, xdmcp_data_cb, client);
- client->priv->query_timer = g_timeout_add (2000, xdmcp_query_cb, client);
- xdmcp_query_cb (client);
-
return TRUE;
}
@@ -328,21 +334,51 @@ xdmcp_client_init (XDMCPClient *client)
client->priv->port = XDMCP_PORT;
}
-void
-xdmcp_client_send_query (XDMCPClient *client)
+static void
+send_query (XDMCPClient *client, guint16 opcode, gchar **authentication_names)
{
guint8 buffer[MAXIMUM_REQUEST_LENGTH];
- gsize offset = 0;
+ gsize length, offset = 0, n_names = 0;
+ gchar **name;
- write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_VERSION, &offset);
- write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_Query, &offset);
- write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, 1, &offset);
- write_card8 (buffer, MAXIMUM_REQUEST_LENGTH, 0, &offset);
+ length = 1;
+ for (name = authentication_names; authentication_names && *name; name++)
+ {
+ length += 2 + strlen (*name);
+ n_names++;
+ }
+ write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_VERSION, &offset);
+ write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, opcode, &offset);
+ write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, length, &offset);
+ write_card8 (buffer, MAXIMUM_REQUEST_LENGTH, n_names, &offset);
+ for (name = authentication_names; authentication_names && *name; name++)
+ {
+ write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, strlen (*name), &offset);
+ write_string (buffer, MAXIMUM_REQUEST_LENGTH, *name, &offset);
+ }
xdmcp_write (client, buffer, offset);
}
void
+xdmcp_client_send_query (XDMCPClient *client, gchar **authentication_names)
+{
+ send_query (client, XDMCP_Query, authentication_names);
+}
+
+void
+xdmcp_client_send_broadcast_query (XDMCPClient *client, gchar **authentication_names)
+{
+ send_query (client, XDMCP_BroadcastQuery, authentication_names);
+}
+
+void
+xdmcp_client_send_indirect_query (XDMCPClient *client, gchar **authentication_names)
+{
+ send_query (client, XDMCP_IndirectQuery, authentication_names);
+}
+
+void
xdmcp_client_send_request (XDMCPClient *client,
guint16 display_number,
GInetAddress **addresses,
@@ -404,7 +440,7 @@ xdmcp_client_send_request (XDMCPClient *client,
}
void
-xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, gchar *display_class)
+xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, const gchar *display_class)
{
guint8 buffer[MAXIMUM_REQUEST_LENGTH];
gsize offset = 0;
@@ -438,19 +474,19 @@ xdmcp_client_class_init (XDMCPClientClass *klass)
GObjectClass *object_class = G_OBJECT_CLASS (klass);
object_class->finalize = xdmcp_client_finalize;
g_type_class_add_private (klass, sizeof (XDMCPClientPrivate));
- xdmcp_client_signals[XDMCP_CLIENT_QUERY] =
- g_signal_new (XDMCP_CLIENT_SIGNAL_QUERY,
+ xdmcp_client_signals[XDMCP_CLIENT_WILLING] =
+ g_signal_new (XDMCP_CLIENT_SIGNAL_WILLING,
G_TYPE_FROM_CLASS (klass),
G_SIGNAL_RUN_LAST,
- G_STRUCT_OFFSET (XDMCPClientClass, query),
+ G_STRUCT_OFFSET (XDMCPClientClass, willing),
NULL, NULL,
NULL,
- G_TYPE_NONE, 0);
- xdmcp_client_signals[XDMCP_CLIENT_WILLING] =
- g_signal_new (XDMCP_CLIENT_SIGNAL_WILLING,
+ G_TYPE_NONE, 1, G_TYPE_POINTER);
+ xdmcp_client_signals[XDMCP_CLIENT_UNWILLING] =
+ g_signal_new (XDMCP_CLIENT_SIGNAL_UNWILLING,
G_TYPE_FROM_CLASS (klass),
G_SIGNAL_RUN_LAST,
- G_STRUCT_OFFSET (XDMCPClientClass, willing),
+ G_STRUCT_OFFSET (XDMCPClientClass, unwilling),
NULL, NULL,
NULL,
G_TYPE_NONE, 1, G_TYPE_POINTER);
diff --git a/tests/src/xdmcp-client.h b/tests/src/xdmcp-client.h
index 7b865abd..66814f32 100644
--- a/tests/src/xdmcp-client.h
+++ b/tests/src/xdmcp-client.h
@@ -7,11 +7,11 @@
#define XDMCP_VERSION 1
#define XDMCP_PORT 177
-#define XDMCP_CLIENT_SIGNAL_QUERY "query"
-#define XDMCP_CLIENT_SIGNAL_WILLING "willing"
-#define XDMCP_CLIENT_SIGNAL_ACCEPT "accept"
-#define XDMCP_CLIENT_SIGNAL_DECLINE "decline"
-#define XDMCP_CLIENT_SIGNAL_FAILED "failed"
+#define XDMCP_CLIENT_SIGNAL_WILLING "willing"
+#define XDMCP_CLIENT_SIGNAL_UNWILLING "unwilling"
+#define XDMCP_CLIENT_SIGNAL_ACCEPT "accept"
+#define XDMCP_CLIENT_SIGNAL_DECLINE "decline"
+#define XDMCP_CLIENT_SIGNAL_FAILED "failed"
typedef struct
{
@@ -22,6 +22,12 @@ typedef struct
typedef struct
{
+ gchar *hostname;
+ gchar *status;
+} XDMCPUnwilling;
+
+typedef struct
+{
guint32 session_id;
gchar *authentication_name;
gchar *authorization_name;
@@ -52,8 +58,8 @@ typedef struct
typedef struct
{
GObjectClass parent_class;
- void (*query)(XDMCPClient *client);
void (*willing)(XDMCPClient *client, XDMCPWilling *message);
+ void (*unwilling)(XDMCPClient *client, XDMCPUnwilling *message);
void (*accept)(XDMCPClient *client, XDMCPAccept *message);
void (*decline)(XDMCPClient *client, XDMCPDecline *message);
void (*failed)(XDMCPClient *client, XDMCPFailed *message);
@@ -71,7 +77,11 @@ gboolean xdmcp_client_start (XDMCPClient *client);
GInetAddress *xdmcp_client_get_local_address (XDMCPClient *client);
-void xdmcp_client_send_query (XDMCPClient *client);
+void xdmcp_client_send_query (XDMCPClient *client, gchar **authentication_names);
+
+void xdmcp_client_send_broadcast_query (XDMCPClient *client, gchar **authentication_names);
+
+void xdmcp_client_send_indirect_query (XDMCPClient *client, gchar **authentication_names);
void xdmcp_client_send_request (XDMCPClient *client,
guint16 display_number,
@@ -80,7 +90,7 @@ void xdmcp_client_send_request (XDMCPClient *client,
const guint8 *authentication_data, guint16 authentication_data_length,
gchar **authorization_names, const gchar *mfid);
-void xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, gchar *display_class);
+void xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, const gchar *display_class);
G_END_DECLS
diff --git a/tests/test-xdmcp-server-invalid-authentication b/tests/test-xdmcp-server-invalid-authentication
new file mode 100755
index 00000000..c918e053
--- /dev/null
+++ b/tests/test-xdmcp-server-invalid-authentication
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-invalid-authentication test-gobject-greeter
diff --git a/tests/test-xdmcp-server-request-invalid-authentication b/tests/test-xdmcp-server-request-invalid-authentication
new file mode 100755
index 00000000..f36894ba
--- /dev/null
+++ b/tests/test-xdmcp-server-request-invalid-authentication
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-request-invalid-authentication test-gobject-greeter
diff --git a/tests/test-xdmcp-server-request-invalid-authorization b/tests/test-xdmcp-server-request-invalid-authorization
new file mode 100755
index 00000000..eb71dd1c
--- /dev/null
+++ b/tests/test-xdmcp-server-request-invalid-authorization
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-request-invalid-authorization test-gobject-greeter
diff --git a/tests/test-xdmcp-server-request-without-authorization b/tests/test-xdmcp-server-request-without-authorization
new file mode 100755
index 00000000..c07cad6d
--- /dev/null
+++ b/tests/test-xdmcp-server-request-without-authorization
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-request-without-authorization test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication b/tests/test-xdmcp-server-xdm-authentication
new file mode 100755
index 00000000..21fbf992
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-invalid-authorization b/tests/test-xdmcp-server-xdm-authentication-invalid-authorization
new file mode 100755
index 00000000..10e87ea9
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-invalid-authorization
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-invalid-authorization test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-long-data b/tests/test-xdmcp-server-xdm-authentication-long-data
new file mode 100755
index 00000000..9d203f2e
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-long-data
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-long-data test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-missing-data b/tests/test-xdmcp-server-xdm-authentication-missing-data
new file mode 100755
index 00000000..6c153273
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-missing-data
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-missing-data test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-missing-key b/tests/test-xdmcp-server-xdm-authentication-missing-key
new file mode 100755
index 00000000..5f94e062
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-missing-key
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-missing-key test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-no-key b/tests/test-xdmcp-server-xdm-authentication-no-key
new file mode 100755
index 00000000..003f0045
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-no-key
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-no-key test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-required b/tests/test-xdmcp-server-xdm-authentication-required
new file mode 100755
index 00000000..f2d3624f
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-required
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-required test-gobject-greeter
diff --git a/tests/test-xdmcp-server-xdm-authentication-short-data b/tests/test-xdmcp-server-xdm-authentication-short-data
new file mode 100755
index 00000000..31e2026d
--- /dev/null
+++ b/tests/test-xdmcp-server-xdm-authentication-short-data
@@ -0,0 +1,2 @@
+#!/bin/sh
+./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-short-data test-gobject-greeter