diff options
author | Robert Ancell <robert.ancell@canonical.com> | 2015-11-19 15:45:31 +1300 |
---|---|---|
committer | Robert Ancell <robert.ancell@canonical.com> | 2015-11-19 15:45:31 +1300 |
commit | 2178138278219b3b97930bd28295408c570135e6 (patch) | |
tree | e207f620ed848bc30a613f3c2593fc81bca482ab | |
parent | 09c292be4c9cdecf0e2ab0d3fd169c4fd32dc760 (diff) | |
download | lightdm-2178138278219b3b97930bd28295408c570135e6.tar.gz |
Refactor XDMCP error handling and add many more XDMCP tests
38 files changed, 707 insertions, 181 deletions
diff --git a/src/xdmcp-server.c b/src/xdmcp-server.c index 489e6bb3..330990d0 100644 --- a/src/xdmcp-server.c +++ b/src/xdmcp-server.c @@ -232,7 +232,7 @@ handle_query (XDMCPServer *server, GSocket *socket, GSocketAddress *address, gch if (server->priv->key) response->Unwilling.status = g_strdup_printf ("No matching authentication, server requires %s", get_authentication_name (server)); else - response->Unwilling.status = g_strdup ("Server does not support authentication"); + response->Unwilling.status = g_strdup ("No matching authentication"); } send_packet (socket, address, response); @@ -390,95 +390,90 @@ choose_connection (XDMCPPacket *packet, GInetAddress *source_address) return &packet->Request.connections[index]; } +static gboolean +has_string (gchar **list, const gchar *text) +{ + gchar **i; + + for (i = list; *i; i++) + if (strcmp (*i, text) == 0) + return TRUE; + + return FALSE; +} + static void handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, XDMCPPacket *packet) { XDMCPPacket *response; XDMCPSession *session; - guint8 *authentication_data = NULL; - gsize authentication_data_length = 0; - gboolean match_authorization = FALSE; - gchar *authorization_name; - guint8 *authorization_data = NULL; - gsize authorization_data_length = 0; - guint8 *session_authorization_data = NULL; - gsize session_authorization_data_length = 0; - gchar **j; + gchar *authentication_name = NULL, *decline_status = NULL, *authorization_name, *display_number; + guint8 *authentication_data = NULL, *authorization_data = NULL, *session_authorization_data = NULL; + gsize authentication_data_length = 0, authorization_data_length = 0, session_authorization_data_length = 0; XDMCPConnection *connection; - gchar *display_number; XdmAuthKeyRec rho; - /* Choose an address to connect back on */ - connection = choose_connection (packet, g_inet_socket_address_get_address (G_INET_SOCKET_ADDRESS (address))); - - /* Decline if haven't got an address we can connect on */ - if (!connection) + /* Check authentication */ + if (strcmp (packet->Request.authentication_name, "") == 0) { - response = xdmcp_packet_alloc (XDMCP_Decline); - response->Decline.status = g_strdup ("No valid address found"); - response->Decline.authentication_name = g_strdup (packet->Request.authentication_name); - response->Decline.authentication_data.data = authentication_data; - response->Decline.authentication_data.length = authentication_data_length; - send_packet (socket, address, response); - xdmcp_packet_free (response); - return; - } - - /* Must be using our authentication scheme */ - if (strcmp (packet->Request.authentication_name, get_authentication_name (server)) != 0) - { - response = xdmcp_packet_alloc (XDMCP_Decline); - if (server->priv->key) - response->Decline.status = g_strdup_printf ("Server only supports %s authentication", get_authentication_name (server)); + if (!server->priv->key) + { + if (!has_string (packet->Request.authorization_names, "MIT-MAGIC-COOKIE-1")) + decline_status = g_strdup ("No matching authorization, server requires MIT-MAGIC-COOKIE-1"); + } else - response->Decline.status = g_strdup ("Server does not support authentication"); - response->Decline.authentication_name = g_strdup (""); - send_packet (socket, address, response); - xdmcp_packet_free (response); - return; + decline_status = g_strdup ("No matching authentication, server requires XDM-AUTHENTICATION-1"); } - - /* Perform requested authentication */ - if (server->priv->key) + else if (strcmp (packet->Request.authentication_name, "XDM-AUTHENTICATION-1") == 0 && server->priv->key) { - guint8 input[8], key[8]; - - memset (input, 0, 8); - memcpy (input, packet->Request.authentication_data.data, packet->Request.authentication_data.length > 8 ? 8 : packet->Request.authentication_data.length); + if (packet->Request.authentication_data.length == 8) + { + guint8 input[8], key[8]; - /* Setup key */ - decode_key (server->priv->key, key); + memcpy (input, packet->Request.authentication_data.data, packet->Request.authentication_data.length); - /* Decode message from server */ - authentication_data = g_malloc (sizeof (guint8) * 8); - authentication_data_length = 8; + /* Setup key */ + decode_key (server->priv->key, key); - XdmcpUnwrap (input, key, rho.data, authentication_data_length); - XdmcpIncrementKey (&rho); - XdmcpWrap (rho.data, key, authentication_data, authentication_data_length); + /* Decode message from server */ + authentication_name = g_strdup ("XDM-AUTHENTICATION-1"); + authentication_data = g_malloc (sizeof (guint8) * 8); + authentication_data_length = 8; + + XdmcpUnwrap (input, key, rho.data, authentication_data_length); + XdmcpIncrementKey (&rho); + XdmcpWrap (rho.data, key, authentication_data, authentication_data_length); - authorization_name = g_strdup ("XDM-AUTHORIZATION-1"); + if (!has_string (packet->Request.authorization_names, "XDM-AUTHORIZATION-1")) + decline_status = g_strdup ("No matching authorization, server requires XDM-AUTHORIZATION-1"); + } + else + decline_status = g_strdup ("Invalid XDM-AUTHENTICATION-1 data provided"); } else - authorization_name = g_strdup ("MIT-MAGIC-COOKIE-1"); - - /* Check if they support our authorization */ - for (j = packet->Request.authorization_names; *j; j++) { - if (strcmp (*j, authorization_name) == 0) - { - match_authorization = TRUE; - break; - } + if (strcmp (packet->Request.authentication_name, "") == 0) + decline_status = g_strdup_printf ("No matching authentication, server does not support unauthenticated connections"); + else if (server->priv->key) + decline_status = g_strdup ("No matching authentication, server requires XDM-AUTHENTICATION-1"); + else + decline_status = g_strdup ("No matching authentication, server only supports unauthenticated connections"); } - /* Decline if don't support out authorization */ - if (!match_authorization) + /* Choose an address to connect back on */ + connection = choose_connection (packet, g_inet_socket_address_get_address (G_INET_SOCKET_ADDRESS (address))); + if (!connection && !decline_status) + decline_status = g_strdup ("No valid address found"); + + if (!authentication_name) + authentication_name = g_strdup (""); + + /* Decline if request was not valid */ + if (decline_status) { response = xdmcp_packet_alloc (XDMCP_Decline); - response->Decline.status = g_strdup_printf ("Server requires %s authorization", authorization_name); - g_free (authorization_name); - response->Decline.authentication_name = g_strdup (packet->Request.authentication_name); + response->Decline.status = decline_status; + response->Decline.authentication_name = authentication_name; response->Decline.authentication_data.data = authentication_data; response->Decline.authentication_data.length = authentication_data_length; send_packet (socket, address, response); @@ -486,7 +481,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X return; } - /* Perform requested authorization */ + /* Generate authorization data */ if (server->priv->key) { gint i; @@ -507,6 +502,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X XdmcpWrap (session_key, key, authorization_data, authorization_data_length); /* Authorization data is the number received from the client followed by the private session key */ + authorization_name = g_strdup ("XDM-AUTHORIZATION-1"); session_authorization_data = g_malloc (16); session_authorization_data_length = 16; XdmcpDecrementKey (&rho); @@ -521,6 +517,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X auth = x_authority_new_cookie (XAUTH_FAMILY_WILD, NULL, 0, ""); authorization_data = x_authority_copy_authorization_data (auth); authorization_data_length = x_authority_get_authorization_data_length (auth); + authorization_name = g_strdup ("MIT-MAGIC-COOKIE-1"); session_authorization_data = x_authority_copy_authorization_data (auth); session_authorization_data_length = x_authority_get_authorization_data_length (auth); @@ -560,7 +557,7 @@ handle_request (XDMCPServer *server, GSocket *socket, GSocketAddress *address, X response = xdmcp_packet_alloc (XDMCP_Accept); response->Accept.session_id = xdmcp_session_get_id (session); - response->Accept.authentication_name = g_strdup (packet->Request.authentication_name); + response->Accept.authentication_name = authentication_name; response->Accept.authentication_data.data = authentication_data; response->Accept.authentication_data.length = authentication_data_length; response->Accept.authorization_name = authorization_name; diff --git a/tests/Makefile.am b/tests/Makefile.am index ebb88b60..a73046f0 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -179,7 +179,19 @@ TESTS = \ test-xdmcp-server-login \ test-xdmcp-server-double-login \ test-xdmcp-server-guest \ + test-xdmcp-server-xdm-authentication \ + test-xdmcp-server-xdm-authentication-missing-data \ + test-xdmcp-server-xdm-authentication-short-data \ + test-xdmcp-server-xdm-authentication-long-data \ + test-xdmcp-server-xdm-authentication-required \ + test-xdmcp-server-xdm-authentication-missing-key \ + test-xdmcp-server-xdm-authentication-no-key \ + test-xdmcp-server-xdm-authentication-invalid-authorization \ + test-xdmcp-server-invalid-authentication \ test-xdmcp-server-request-without-addresses \ + test-xdmcp-server-request-without-authorization \ + test-xdmcp-server-request-invalid-authentication \ + test-xdmcp-server-request-invalid-authorization \ test-utmp-login \ test-utmp-autologin \ test-utmp-wrong-password \ @@ -598,9 +610,21 @@ EXTRA_DIST = \ scripts/xdmcp-server-autologin.conf \ scripts/xdmcp-server-double-login.conf \ scripts/xdmcp-server-guest.conf \ + scripts/xdmcp-server-invalid-authentication.conf \ scripts/xdmcp-server-login.conf \ scripts/xdmcp-server-open-file-descriptors.conf \ + scripts/xdmcp-server-request-invalid-authentication.conf \ + scripts/xdmcp-server-request-invalid-authorization.conf \ scripts/xdmcp-server-request-without-addresses.conf \ + scripts/xdmcp-server-request-without-authorization.conf \ + scripts/xdmcp-server-xdm-authentication.conf \ + scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf \ + scripts/xdmcp-server-xdm-authentication-long-data.conf \ + scripts/xdmcp-server-xdm-authentication-missing-key.conf \ + scripts/xdmcp-server-xdm-authentication-missing-data.conf \ + scripts/xdmcp-server-xdm-authentication-no-key.conf \ + scripts/xdmcp-server-xdm-authentication-required.conf \ + scripts/xdmcp-server-xdm-authentication-short-data.conf \ scripts/xremote-autologin.conf \ scripts/xremote-login.conf \ scripts/xserver-config.conf \ diff --git a/tests/scripts/xdmcp-client-xorg-1.16.conf b/tests/scripts/xdmcp-client-xorg-1.16.conf index c41cb13e..c1a50db1 100644 --- a/tests/scripts/xdmcp-client-xorg-1.16.conf +++ b/tests/scripts/xdmcp-client-xorg-1.16.conf @@ -17,9 +17,8 @@ xdmcp-manager=127.0.0.1 #?XSERVER-0 INDICATE-READY #?XSERVER-0 ACCEPT-CONNECT -# Starts sending XDMCP queries -#?*XSERVER-0 START-XDMCP -#?XSERVER-0 SEND-QUERY +# Send an XDMCP queriy +#?*XSERVER-0 SEND-QUERY # Wait to check a greeter is not started #?*WAIT diff --git a/tests/scripts/xdmcp-client.conf b/tests/scripts/xdmcp-client.conf index f29bb41c..5e76317b 100644 --- a/tests/scripts/xdmcp-client.conf +++ b/tests/scripts/xdmcp-client.conf @@ -14,9 +14,8 @@ xdmcp-manager=127.0.0.1 #?XSERVER-0 INDICATE-READY #?XSERVER-0 ACCEPT-CONNECT -# Starts sending XDMCP queries -#?*XSERVER-0 START-XDMCP -#?XSERVER-0 SEND-QUERY +# Send an XDMCP query +#?*XSERVER-0 SEND-QUERY # Wait to check a greeter is not started #?*WAIT diff --git a/tests/scripts/xdmcp-server-autologin.conf b/tests/scripts/xdmcp-server-autologin.conf index 414ab0fe..2bfa5623 100644 --- a/tests/scripts/xdmcp-server-autologin.conf +++ b/tests/scripts/xdmcp-server-autologin.conf @@ -20,13 +20,12 @@ autologin-user=have-password1 #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-98 SEND-MANAGE diff --git a/tests/scripts/xdmcp-server-double-login.conf b/tests/scripts/xdmcp-server-double-login.conf index 94efd55b..6acc2052 100644 --- a/tests/scripts/xdmcp-server-double-login.conf +++ b/tests/scripts/xdmcp-server-double-login.conf @@ -19,13 +19,12 @@ user-session=default #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-98 SEND-MANAGE @@ -58,12 +57,11 @@ user-session=default #?*START-XSERVER ARGS=":99 -query 127.0.0.1 -nolisten unix" #?XSERVER-99 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-99 START-XDMCP -#?XSERVER-99 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-99 SEND-QUERY #?XSERVER-99 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" + +# Connect - daemon says OK #?*XSERVER-99 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" #?XSERVER-99 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-99 SEND-MANAGE diff --git a/tests/scripts/xdmcp-server-guest.conf b/tests/scripts/xdmcp-server-guest.conf index c180026b..3dfea24e 100644 --- a/tests/scripts/xdmcp-server-guest.conf +++ b/tests/scripts/xdmcp-server-guest.conf @@ -19,13 +19,12 @@ user-session=default #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-98 SEND-MANAGE diff --git a/tests/scripts/xdmcp-server-invalid-authentication.conf b/tests/scripts/xdmcp-server-invalid-authentication.conf new file mode 100644 index 00000000..e852f64c --- /dev/null +++ b/tests/scripts/xdmcp-server-invalid-authentication.conf @@ -0,0 +1,33 @@ +# +# Check that a remote X server can't login if not using required authentication +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Connect with an invalid authentication name - daemon says no +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="NO-SUCH-AUTHENTICATION" +#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication" + +# Try anyway - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="NO-SUCH-AUTHENTICATION" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-login.conf b/tests/scripts/xdmcp-server-login.conf index 79cf8edd..3ca44b52 100644 --- a/tests/scripts/xdmcp-server-login.conf +++ b/tests/scripts/xdmcp-server-login.conf @@ -19,13 +19,12 @@ user-session=default #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-98 SEND-MANAGE diff --git a/tests/scripts/xdmcp-server-open-file-descriptors.conf b/tests/scripts/xdmcp-server-open-file-descriptors.conf index b7fa3f5d..8cb7a902 100644 --- a/tests/scripts/xdmcp-server-open-file-descriptors.conf +++ b/tests/scripts/xdmcp-server-open-file-descriptors.conf @@ -19,13 +19,12 @@ user-session=default #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="" AUTHORIZATION-NAME="MIT-MAGIC-COOKIE-1" #?*XSERVER-98 SEND-MANAGE diff --git a/tests/scripts/xdmcp-server-request-invalid-authentication.conf b/tests/scripts/xdmcp-server-request-invalid-authentication.conf new file mode 100644 index 00000000..3b3a2aa2 --- /dev/null +++ b/tests/scripts/xdmcp-server-request-invalid-authentication.conf @@ -0,0 +1,29 @@ +# +# Check remote X server sending a request with an invalid authentication is declined +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" + +# Connect with an invalid authentication - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="NO-SUCH-AUTHENTICATION" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-request-invalid-authorization.conf b/tests/scripts/xdmcp-server-request-invalid-authorization.conf new file mode 100644 index 00000000..a577a01f --- /dev/null +++ b/tests/scripts/xdmcp-server-request-invalid-authorization.conf @@ -0,0 +1,29 @@ +# +# Check remote X server sending a request with an invalid authorization is declined +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" + +# Connect with an invalid authorization - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="NO-SUCH-AUTHORIZATION" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires MIT-MAGIC-COOKIE-1" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-request-without-addresses.conf b/tests/scripts/xdmcp-server-request-without-addresses.conf index 35405a29..31b358e1 100644 --- a/tests/scripts/xdmcp-server-request-without-addresses.conf +++ b/tests/scripts/xdmcp-server-request-without-addresses.conf @@ -1,5 +1,5 @@ # -# Check remote X server sending a request without connections is ignored +# Check remote X server sending a request without connections is declined # [LightDM] @@ -16,13 +16,12 @@ enabled=true #?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" #?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX -# Start sending XDMCP queries -#?*XSERVER-98 START-XDMCP -#?XSERVER-98 SEND-QUERY - -# Negotiate with daemon +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY #?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" -#?*XSERVER-98 SEND-REQUEST ADDRESSES="" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" MFID="TEST XSERVER" + +# Connect without providing an address - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" #?XSERVER-98 GOT-DECLINE STATUS="No valid address found" AUTHENTICATION-NAME="" # Clean up diff --git a/tests/scripts/xdmcp-server-request-without-authorization.conf b/tests/scripts/xdmcp-server-request-without-authorization.conf new file mode 100644 index 00000000..2cb1a13f --- /dev/null +++ b/tests/scripts/xdmcp-server-request-without-authorization.conf @@ -0,0 +1,29 @@ +# +# Check remote X server sending a request without an authorization is declined +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect - daemon says OK +#?*XSERVER-98 SEND-QUERY +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="" HOSTNAME="" STATUS="" + +# Connect without authorization - daemon says no +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHORIZATION-NAMES="" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires MIT-MAGIC-COOKIE-1" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf b/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf new file mode 100644 index 00000000..efac51bc --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-invalid-authorization.conf @@ -0,0 +1,34 @@ +# +# Check that a remote X server needs both XDM authentication and authorization +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says OK +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS="" + +# Connect with wrong authorization - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="0123456789ABCDEF" AUTHORIZATION-NAMES="MIT-MAGIC-COOKIE-1" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authorization, server requires XDM-AUTHORIZATION-1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf new file mode 100644 index 00000000..71dcd211 --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-long-data.conf @@ -0,0 +1,34 @@ +# +# Check that a remote X server needs both XDM authentication and correct length authentication data +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says OK +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS="" + +# Connect without any authentication data - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf new file mode 100644 index 00000000..1ed1724f --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-missing-data.conf @@ -0,0 +1,34 @@ +# +# Check that a remote X server needs both XDM authentication and authentication data +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says OK +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS="" + +# Connect without any authentication data - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf b/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf new file mode 100644 index 00000000..aba90d35 --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-missing-key.conf @@ -0,0 +1,20 @@ +# +# Check that a remote X server can't login if requires XDM authentication and we're not configured for it +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=no-such-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START + +# Daemon stops with error +#?RUNNER DAEMON-EXIT STATUS=1 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf b/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf new file mode 100644 index 00000000..567be1e7 --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-no-key.conf @@ -0,0 +1,33 @@ +# +# Check that a remote X server can't login if requires XDM authentication and we're not configured for it +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says we don't do that +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication" + +# Try anyway - daemon rejects +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHORIZATION-NAME="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server only supports unauthenticated connections" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-required.conf b/tests/scripts/xdmcp-server-xdm-authentication-required.conf new file mode 100644 index 00000000..d87b668c --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-required.conf @@ -0,0 +1,34 @@ +# +# Check that a remote X server can't login if not using required authentication +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connection without authentication - daemon says we don't do that +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="" +#?XSERVER-98 GOT-UNWILLING HOSTNAME="" STATUS="No matching authentication, server requires XDM-AUTHENTICATION-1" + +# Try anyway - daemon rejects +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-DECLINE STATUS="No matching authentication, server requires XDM-AUTHENTICATION-1" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf b/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf new file mode 100644 index 00000000..3f3d442f --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication-short-data.conf @@ -0,0 +1,34 @@ +# +# Check that a remote X server needs both XDM authentication and correct length authentication data +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says OK +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS="" + +# Connect without any authentication data - daemon declines +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="00" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-DECLINE STATUS="Invalid XDM-AUTHENTICATION-1 data provided" AUTHENTICATION-NAME="" + +# Clean up +#?*STOP-DAEMON +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/scripts/xdmcp-server-xdm-authentication.conf b/tests/scripts/xdmcp-server-xdm-authentication.conf new file mode 100644 index 00000000..aae66e44 --- /dev/null +++ b/tests/scripts/xdmcp-server-xdm-authentication.conf @@ -0,0 +1,45 @@ +# +# Check that a remote X server can autologin via XDMCP using XDM authentication +# + +[LightDM] +start-default-seat=false + +[XDMCPServer] +enabled=true +key=test-key + +[Seat:*] +user-session=default +autologin-user=have-password1 + +#?*START-DAEMON +#?RUNNER DAEMON-START +#?*WAIT + +# Start a remote X server to log in with XDMCP +#?*START-XSERVER ARGS=":98 -query 127.0.0.1 -nolisten unix" +#?XSERVER-98 START LISTEN-TCP NO-LISTEN-UNIX + +# Request to connect with XDM authentication - daemon says OK +#?*XSERVER-98 SEND-QUERY AUTHENTICATION-NAMES="XDM-AUTHENTICATION-1" +#?XSERVER-98 GOT-WILLING AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" HOSTNAME="" STATUS="" + +# Connect - daemon says OK +#?*XSERVER-98 SEND-REQUEST ADDRESSES="127.0.0.1" AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHENTICATION-DATA="0123456789ABCDEF" AUTHORIZATION-NAMES="XDM-AUTHORIZATION-1" +#?XSERVER-98 GOT-ACCEPT SESSION-ID=[0-9]* AUTHENTICATION-NAME="XDM-AUTHENTICATION-1" AUTHORIZATION-NAME="XDM-AUTHORIZATION-1" +#?*XSERVER-98 SEND-MANAGE + +# LightDM connects to X server +#?XSERVER-98 ACCEPT-CONNECT + +# Session starts +#?SESSION-X-127.0.0.1:98 START XDG_SESSION_TYPE=x11 XDG_SESSION_DESKTOP=default USER=have-password1 +#?LOGIN1 ACTIVATE-SESSION SESSION=c0 +#?XSERVER-98 ACCEPT-CONNECT +#?SESSION-X-127.0.0.1:98 CONNECT-XSERVER + +# Clean up +#?*STOP-DAEMON +#?SESSION-X-127.0.0.1:98 TERMINATE SIGNAL=15 +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/src/X.c b/tests/src/X.c index d62510b4..210781f7 100644 --- a/tests/src/X.c +++ b/tests/src/X.c @@ -104,21 +104,15 @@ sigterm_cb (gpointer user_data) } static void -xdmcp_query_cb (XDMCPClient *client) +xdmcp_willing_cb (XDMCPClient *client, XDMCPWilling *message) { - static gboolean notified_query = FALSE; - - if (!notified_query) - { - status_notify ("%s SEND-QUERY", id); - notified_query = TRUE; - } + status_notify ("%s GOT-WILLING AUTHENTICATION-NAME=\"%s\" HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->authentication_name, message->hostname, message->status); } static void -xdmcp_willing_cb (XDMCPClient *client, XDMCPWilling *message) +xdmcp_unwilling_cb (XDMCPClient *client, XDMCPUnwilling *message) { - status_notify ("%s GOT-WILLING AUTHENTICATION-NAME=\"%s\" HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->authentication_name, message->hostname, message->status); + status_notify ("%s GOT-UNWILLING HOSTNAME=\"%s\" STATUS=\"%s\"", id, message->hostname, message->status); } static void @@ -159,6 +153,19 @@ client_disconnected_cb (XServer *server, XClient *client) g_signal_handlers_disconnect_matched (client, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, NULL); } +static guint8 +get_nibble (char c) +{ + if (c >= '0' && c <= '9') + return c - '0'; + else if (c >= 'a' && c <= 'f') + return c - 'a' + 10; + else if (c >= 'A' && c <= 'F') + return c - 'A' + 10; + else + return 0; +} + static void request_cb (const gchar *name, GHashTable *params) { @@ -187,23 +194,45 @@ request_cb (const gchar *name, GHashTable *params) signal (SIGUSR1, handler); } - else if (strcmp (name, "START-XDMCP") == 0) + else if (strcmp (name, "SEND-QUERY") == 0) { + const gchar *authentication_names_list; + gchar **authentication_names; + if (!xdmcp_client_start (xdmcp_client)) quit (EXIT_FAILURE); + + authentication_names_list = g_hash_table_lookup (params, "AUTHENTICATION-NAMES"); + if (!authentication_names_list) + authentication_names_list = ""; + authentication_names = g_strsplit (authentication_names_list, " ", -1); + + xdmcp_client_send_query (xdmcp_client, authentication_names); + g_strfreev (authentication_names); } else if (strcmp (name, "SEND-REQUEST") == 0) { - const gchar *addresses_list, *authorization_names_list, *mfid; + const gchar *text, *addresses_list, *authentication_name, *authentication_data_text, *authorization_names_list, *mfid; + int request_display_number = display_number; gchar **list, **authorization_names; - gsize list_length; + guint8 *authentication_data; + gsize authentication_data_length, list_length; gint i; GInetAddress **addresses; + text = g_hash_table_lookup (params, "DISPLAY-NUMBER"); + if (text) + request_display_number = atoi (text); addresses_list = g_hash_table_lookup (params, "ADDRESSES"); if (!addresses_list) addresses_list = ""; + authentication_name = g_hash_table_lookup (params, "AUTHENTICATION-NAME"); + if (!authentication_name) + authentication_name = ""; + authentication_data_text = g_hash_table_lookup (params, "AUTHENTICATION-DATA"); + if (!authentication_data_text) + authentication_data_text = ""; authorization_names_list = g_hash_table_lookup (params, "AUTHORIZATION-NAMES"); if (!authorization_names_list) authorization_names_list = ""; @@ -219,18 +248,43 @@ request_cb (const gchar *name, GHashTable *params) addresses[i] = NULL; g_strfreev (list); + authentication_data_length = strlen (authentication_data_text) / 2; + authentication_data = malloc (authentication_data_length); + for (i = 0; i < authentication_data_length; i++) + authentication_data[i] = get_nibble (authentication_data_text[i*2]) << 4 | get_nibble (authentication_data_text[i*2+1]); + authorization_names = g_strsplit (authorization_names_list, " ", -1); - xdmcp_client_send_request (xdmcp_client, display_number, + xdmcp_client_send_request (xdmcp_client, + request_display_number, addresses, - "", NULL, 0, + authentication_name, + authentication_data, authentication_data_length, authorization_names, mfid); + g_free (authentication_data); g_strfreev (authorization_names); } else if (strcmp (name, "SEND-MANAGE") == 0) { - xdmcp_client_send_manage (xdmcp_client, xdmcp_session_id, display_number, "DISPLAY CLASS"); + const char *text, *display_class; + guint32 session_id = xdmcp_session_id; + guint16 manage_display_number = display_number; + + text = g_hash_table_lookup (params, "SESSION-ID"); + if (text) + session_id = atoi (text); + text = g_hash_table_lookup (params, "DISPLAY-NUMBER"); + if (text) + manage_display_number = atoi (text); + display_class = g_hash_table_lookup (params, "DISPLAY-CLASS"); + + if (!display_class) + display_class = ""; + xdmcp_client_send_manage (xdmcp_client, + session_id, + manage_display_number, + display_class); } } @@ -506,8 +560,8 @@ main (int argc, char **argv) xdmcp_client_set_hostname (xdmcp_client, xdmcp_host); if (xdmcp_port > 0) xdmcp_client_set_port (xdmcp_client, xdmcp_port); - g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_QUERY, G_CALLBACK (xdmcp_query_cb), NULL); g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_WILLING, G_CALLBACK (xdmcp_willing_cb), NULL); + g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_UNWILLING, G_CALLBACK (xdmcp_unwilling_cb), NULL); g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_ACCEPT, G_CALLBACK (xdmcp_accept_cb), NULL); g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_DECLINE, G_CALLBACK (xdmcp_decline_cb), NULL); g_signal_connect (xdmcp_client, XDMCP_CLIENT_SIGNAL_FAILED, G_CALLBACK (xdmcp_failed_cb), NULL); diff --git a/tests/src/test-runner.c b/tests/src/test-runner.c index 8497f66b..479a2ffa 100644 --- a/tests/src/test-runner.c +++ b/tests/src/test-runner.c @@ -2616,6 +2616,8 @@ main (int argc, char **argv) if (!g_key_file_has_key (config, "test-runner-config", "have-config", NULL) || g_key_file_get_boolean (config, "test-runner-config", "have-config", NULL)) if (system (g_strdup_printf ("cp %s %s/etc/lightdm/lightdm.conf", config_path, temp_dir))) perror ("Failed to copy configuration"); + if (system (g_strdup_printf ("cp %s/tests/data/keys.conf %s/etc/lightdm/", SRCDIR, temp_dir))) + perror ("Failed to copy key configuration"); additional_system_config = g_key_file_get_string (config, "test-runner-config", "additional-system-config", NULL); if (additional_system_config) diff --git a/tests/src/xdmcp-client.c b/tests/src/xdmcp-client.c index eda3c766..75e01c34 100644 --- a/tests/src/xdmcp-client.c +++ b/tests/src/xdmcp-client.c @@ -36,15 +36,15 @@ struct XDMCPClientPrivate gchar *host; gint port; GSocket *socket; - guint query_timer; + gchar *authentication_names; gchar *authorization_name; gint authorization_data_length; guint8 *authorization_data; }; enum { - XDMCP_CLIENT_QUERY, XDMCP_CLIENT_WILLING, + XDMCP_CLIENT_UNWILLING, XDMCP_CLIENT_ACCEPT, XDMCP_CLIENT_DECLINE, XDMCP_CLIENT_FAILED, @@ -73,16 +73,6 @@ decode_willing (XDMCPClient *client, const guint8 *buffer, gssize buffer_length) gsize offset = 0; guint16 length; - if (client->priv->query_timer == 0) - { - g_debug ("Ignoring XDMCP unrequested/duplicate Willing"); - return; - } - - /* Stop sending queries */ - g_source_remove (client->priv->query_timer); - client->priv->query_timer = 0; - message = g_malloc0 (sizeof (XDMCPWilling)); length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset); @@ -101,6 +91,27 @@ decode_willing (XDMCPClient *client, const guint8 *buffer, gssize buffer_length) } static void +decode_unwilling (XDMCPClient *client, const guint8 *buffer, gssize buffer_length) +{ + XDMCPUnwilling *message; + gsize offset = 0; + guint16 length; + + message = g_malloc0 (sizeof (XDMCPUnwilling)); + + length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset); + message->hostname = read_string (buffer, buffer_length, length, &offset); + length = read_card16 (buffer, buffer_length, X_BYTE_ORDER_MSB, &offset); + message->status = read_string (buffer, buffer_length, length, &offset); + + g_signal_emit (client, xdmcp_client_signals[XDMCP_CLIENT_UNWILLING], 0, message); + + g_free (message->hostname); + g_free (message->status); + g_free (message); +} + +static void decode_accept (XDMCPClient *client, const guint8 *buffer, gssize buffer_length) { XDMCPAccept *message; @@ -209,6 +220,10 @@ xdmcp_data_cb (GIOChannel *channel, GIOCondition condition, gpointer data) decode_willing (client, buffer + offset, n_read - offset); break; + case XDMCP_Unwilling: + decode_unwilling (client, buffer + offset, n_read - offset); + break; + case XDMCP_Accept: decode_accept (client, buffer + offset, n_read - offset); break; @@ -230,15 +245,6 @@ xdmcp_data_cb (GIOChannel *channel, GIOCondition condition, gpointer data) return TRUE; } -static gboolean -xdmcp_query_cb (gpointer data) -{ - XDMCPClient *client = data; - g_signal_emit (client, xdmcp_client_signals[XDMCP_CLIENT_QUERY], 0); - xdmcp_client_send_query (client); - return TRUE; -} - XDMCPClient * xdmcp_client_new (void) { @@ -266,6 +272,9 @@ xdmcp_client_start (XDMCPClient *client) gboolean result; GError *error = NULL; + if (client->priv->socket) + return TRUE; + client->priv->socket = g_socket_new (G_SOCKET_FAMILY_IPV4, G_SOCKET_TYPE_DATAGRAM, G_SOCKET_PROTOCOL_UDP, &error); if (error) g_warning ("Error creating XDMCP socket: %s", error->message); @@ -303,9 +312,6 @@ xdmcp_client_start (XDMCPClient *client) g_io_add_watch (g_io_channel_unix_new (g_socket_get_fd (client->priv->socket)), G_IO_IN, xdmcp_data_cb, client); - client->priv->query_timer = g_timeout_add (2000, xdmcp_query_cb, client); - xdmcp_query_cb (client); - return TRUE; } @@ -328,21 +334,51 @@ xdmcp_client_init (XDMCPClient *client) client->priv->port = XDMCP_PORT; } -void -xdmcp_client_send_query (XDMCPClient *client) +static void +send_query (XDMCPClient *client, guint16 opcode, gchar **authentication_names) { guint8 buffer[MAXIMUM_REQUEST_LENGTH]; - gsize offset = 0; + gsize length, offset = 0, n_names = 0; + gchar **name; - write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_VERSION, &offset); - write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_Query, &offset); - write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, 1, &offset); - write_card8 (buffer, MAXIMUM_REQUEST_LENGTH, 0, &offset); + length = 1; + for (name = authentication_names; authentication_names && *name; name++) + { + length += 2 + strlen (*name); + n_names++; + } + write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, XDMCP_VERSION, &offset); + write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, opcode, &offset); + write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, length, &offset); + write_card8 (buffer, MAXIMUM_REQUEST_LENGTH, n_names, &offset); + for (name = authentication_names; authentication_names && *name; name++) + { + write_card16 (buffer, MAXIMUM_REQUEST_LENGTH, X_BYTE_ORDER_MSB, strlen (*name), &offset); + write_string (buffer, MAXIMUM_REQUEST_LENGTH, *name, &offset); + } xdmcp_write (client, buffer, offset); } void +xdmcp_client_send_query (XDMCPClient *client, gchar **authentication_names) +{ + send_query (client, XDMCP_Query, authentication_names); +} + +void +xdmcp_client_send_broadcast_query (XDMCPClient *client, gchar **authentication_names) +{ + send_query (client, XDMCP_BroadcastQuery, authentication_names); +} + +void +xdmcp_client_send_indirect_query (XDMCPClient *client, gchar **authentication_names) +{ + send_query (client, XDMCP_IndirectQuery, authentication_names); +} + +void xdmcp_client_send_request (XDMCPClient *client, guint16 display_number, GInetAddress **addresses, @@ -404,7 +440,7 @@ xdmcp_client_send_request (XDMCPClient *client, } void -xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, gchar *display_class) +xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, const gchar *display_class) { guint8 buffer[MAXIMUM_REQUEST_LENGTH]; gsize offset = 0; @@ -438,19 +474,19 @@ xdmcp_client_class_init (XDMCPClientClass *klass) GObjectClass *object_class = G_OBJECT_CLASS (klass); object_class->finalize = xdmcp_client_finalize; g_type_class_add_private (klass, sizeof (XDMCPClientPrivate)); - xdmcp_client_signals[XDMCP_CLIENT_QUERY] = - g_signal_new (XDMCP_CLIENT_SIGNAL_QUERY, + xdmcp_client_signals[XDMCP_CLIENT_WILLING] = + g_signal_new (XDMCP_CLIENT_SIGNAL_WILLING, G_TYPE_FROM_CLASS (klass), G_SIGNAL_RUN_LAST, - G_STRUCT_OFFSET (XDMCPClientClass, query), + G_STRUCT_OFFSET (XDMCPClientClass, willing), NULL, NULL, NULL, - G_TYPE_NONE, 0); - xdmcp_client_signals[XDMCP_CLIENT_WILLING] = - g_signal_new (XDMCP_CLIENT_SIGNAL_WILLING, + G_TYPE_NONE, 1, G_TYPE_POINTER); + xdmcp_client_signals[XDMCP_CLIENT_UNWILLING] = + g_signal_new (XDMCP_CLIENT_SIGNAL_UNWILLING, G_TYPE_FROM_CLASS (klass), G_SIGNAL_RUN_LAST, - G_STRUCT_OFFSET (XDMCPClientClass, willing), + G_STRUCT_OFFSET (XDMCPClientClass, unwilling), NULL, NULL, NULL, G_TYPE_NONE, 1, G_TYPE_POINTER); diff --git a/tests/src/xdmcp-client.h b/tests/src/xdmcp-client.h index 7b865abd..66814f32 100644 --- a/tests/src/xdmcp-client.h +++ b/tests/src/xdmcp-client.h @@ -7,11 +7,11 @@ #define XDMCP_VERSION 1 #define XDMCP_PORT 177 -#define XDMCP_CLIENT_SIGNAL_QUERY "query" -#define XDMCP_CLIENT_SIGNAL_WILLING "willing" -#define XDMCP_CLIENT_SIGNAL_ACCEPT "accept" -#define XDMCP_CLIENT_SIGNAL_DECLINE "decline" -#define XDMCP_CLIENT_SIGNAL_FAILED "failed" +#define XDMCP_CLIENT_SIGNAL_WILLING "willing" +#define XDMCP_CLIENT_SIGNAL_UNWILLING "unwilling" +#define XDMCP_CLIENT_SIGNAL_ACCEPT "accept" +#define XDMCP_CLIENT_SIGNAL_DECLINE "decline" +#define XDMCP_CLIENT_SIGNAL_FAILED "failed" typedef struct { @@ -22,6 +22,12 @@ typedef struct typedef struct { + gchar *hostname; + gchar *status; +} XDMCPUnwilling; + +typedef struct +{ guint32 session_id; gchar *authentication_name; gchar *authorization_name; @@ -52,8 +58,8 @@ typedef struct typedef struct { GObjectClass parent_class; - void (*query)(XDMCPClient *client); void (*willing)(XDMCPClient *client, XDMCPWilling *message); + void (*unwilling)(XDMCPClient *client, XDMCPUnwilling *message); void (*accept)(XDMCPClient *client, XDMCPAccept *message); void (*decline)(XDMCPClient *client, XDMCPDecline *message); void (*failed)(XDMCPClient *client, XDMCPFailed *message); @@ -71,7 +77,11 @@ gboolean xdmcp_client_start (XDMCPClient *client); GInetAddress *xdmcp_client_get_local_address (XDMCPClient *client); -void xdmcp_client_send_query (XDMCPClient *client); +void xdmcp_client_send_query (XDMCPClient *client, gchar **authentication_names); + +void xdmcp_client_send_broadcast_query (XDMCPClient *client, gchar **authentication_names); + +void xdmcp_client_send_indirect_query (XDMCPClient *client, gchar **authentication_names); void xdmcp_client_send_request (XDMCPClient *client, guint16 display_number, @@ -80,7 +90,7 @@ void xdmcp_client_send_request (XDMCPClient *client, const guint8 *authentication_data, guint16 authentication_data_length, gchar **authorization_names, const gchar *mfid); -void xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, gchar *display_class); +void xdmcp_client_send_manage (XDMCPClient *client, guint32 session_id, guint16 display_number, const gchar *display_class); G_END_DECLS diff --git a/tests/test-xdmcp-server-invalid-authentication b/tests/test-xdmcp-server-invalid-authentication new file mode 100755 index 00000000..c918e053 --- /dev/null +++ b/tests/test-xdmcp-server-invalid-authentication @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-invalid-authentication test-gobject-greeter diff --git a/tests/test-xdmcp-server-request-invalid-authentication b/tests/test-xdmcp-server-request-invalid-authentication new file mode 100755 index 00000000..f36894ba --- /dev/null +++ b/tests/test-xdmcp-server-request-invalid-authentication @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-request-invalid-authentication test-gobject-greeter diff --git a/tests/test-xdmcp-server-request-invalid-authorization b/tests/test-xdmcp-server-request-invalid-authorization new file mode 100755 index 00000000..eb71dd1c --- /dev/null +++ b/tests/test-xdmcp-server-request-invalid-authorization @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-request-invalid-authorization test-gobject-greeter diff --git a/tests/test-xdmcp-server-request-without-authorization b/tests/test-xdmcp-server-request-without-authorization new file mode 100755 index 00000000..c07cad6d --- /dev/null +++ b/tests/test-xdmcp-server-request-without-authorization @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-request-without-authorization test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication b/tests/test-xdmcp-server-xdm-authentication new file mode 100755 index 00000000..21fbf992 --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-invalid-authorization b/tests/test-xdmcp-server-xdm-authentication-invalid-authorization new file mode 100755 index 00000000..10e87ea9 --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-invalid-authorization @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-invalid-authorization test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-long-data b/tests/test-xdmcp-server-xdm-authentication-long-data new file mode 100755 index 00000000..9d203f2e --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-long-data @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-long-data test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-missing-data b/tests/test-xdmcp-server-xdm-authentication-missing-data new file mode 100755 index 00000000..6c153273 --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-missing-data @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-missing-data test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-missing-key b/tests/test-xdmcp-server-xdm-authentication-missing-key new file mode 100755 index 00000000..5f94e062 --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-missing-key @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-missing-key test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-no-key b/tests/test-xdmcp-server-xdm-authentication-no-key new file mode 100755 index 00000000..003f0045 --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-no-key @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-no-key test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-required b/tests/test-xdmcp-server-xdm-authentication-required new file mode 100755 index 00000000..f2d3624f --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-required @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-required test-gobject-greeter diff --git a/tests/test-xdmcp-server-xdm-authentication-short-data b/tests/test-xdmcp-server-xdm-authentication-short-data new file mode 100755 index 00000000..31e2026d --- /dev/null +++ b/tests/test-xdmcp-server-xdm-authentication-short-data @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner xdmcp-server-xdm-authentication-short-data test-gobject-greeter |