1 /******************************************************************************
2 
3 
4 Copyright 1993, 1998  The Open Group
5 
6 Permission to use, copy, modify, distribute, and sell this software and its
7 documentation for any purpose is hereby granted without fee, provided that
8 the above copyright notice appear in all copies and that both that
9 copyright notice and this permission notice appear in supporting
10 documentation.
11 
12 The above copyright notice and this permission notice shall be included in
13 all copies or substantial portions of the Software.
14 
15 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
18 OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
19 AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 
22 Except as contained in this notice, the name of The Open Group shall not be
23 used in advertising or otherwise to promote the sale, use or other dealings
24 in this Software without prior written authorization from The Open Group.
25 
26 Author: Ralph Mor, X Consortium
27 ******************************************************************************/
28 
29 #ifdef HAVE_CONFIG_H
30 #include <config.h>
31 #endif
32 #include <X11/ICE/ICElib.h>
33 #include "ICElibint.h"
34 
35 static Bool auth_valid (const char *auth_name, int num_auth_names,
36 			const char **auth_names, int *index_ret);
37 
38 
39 /*
40  * The functions in this file are not a standard part of ICElib.
41  *
42  * The sample implementation uses an .ICEauthority to manipulate
43  * authentication data.
44  *
45  * For the client that initiates a Protocol Setup, we look in the
46  * .ICEauthority file to get the data.
47  *
48  * For the client accepting the Protocol Setup, we get the data
49  * from an in-memory database of authentication data (set by the
50  * application calling IceSetPaAuthData).  We have to get the data
51  * from memory because getting it directly from the .ICEauthority
52  * file is not secure - someone can just modify the contents of the
53  * .ICEauthority file behind our back.
54  */
55 
56 void
_IceGetPoAuthData(const char * protocolName,const char * networkId,const char * authName,unsigned short * authDataLenRet,char ** authDataRet)57 _IceGetPoAuthData (
58 	const char	*protocolName,
59 	const char	*networkId,
60 	const char	*authName,
61 	unsigned short	*authDataLenRet,
62 	char		**authDataRet
63 )
64 {
65     IceAuthFileEntry    *entry;
66 
67     entry = IceGetAuthFileEntry (protocolName, networkId, authName);
68 
69     if (entry)
70     {
71 	*authDataLenRet = entry->auth_data_length;
72 
73 	if ((*authDataRet = malloc (entry->auth_data_length)) != NULL)
74 	    memcpy (*authDataRet, entry->auth_data, entry->auth_data_length);
75     }
76     else
77     {
78 	*authDataLenRet = 0;
79 	*authDataRet = NULL;
80     }
81 
82     IceFreeAuthFileEntry (entry);
83 }
84 
85 
86 
87 void
_IceGetPaAuthData(const char * protocolName,const char * networkId,const char * authName,unsigned short * authDataLenRet,char ** authDataRet)88 _IceGetPaAuthData (
89 	const char	*protocolName,
90 	const char	*networkId,
91 	const char	*authName,
92 	unsigned short	*authDataLenRet,
93 	char		**authDataRet
94 )
95 {
96     IceAuthDataEntry	*entry = NULL;
97     int			found = 0;
98     int			i;
99 
100     for (i = 0; i < _IcePaAuthDataEntryCount && !found; i++)
101     {
102 	entry = &_IcePaAuthDataEntries[i];
103 
104 	found =
105 	    strcmp (protocolName, entry->protocol_name) == 0 &&
106             strcmp (networkId, entry->network_id) == 0 &&
107             strcmp (authName, entry->auth_name) == 0;
108     }
109 
110     if (found)
111     {
112 	*authDataLenRet = entry->auth_data_length;
113 
114 	if ((*authDataRet = malloc (entry->auth_data_length)) != NULL)
115 	    memcpy (*authDataRet, entry->auth_data, entry->auth_data_length);
116     }
117     else
118     {
119 	*authDataLenRet = 0;
120 	*authDataRet = NULL;
121     }
122 }
123 
124 
125 
126 void
_IceGetPoValidAuthIndices(const char * protocol_name,const char * network_id,int num_auth_names,const char ** auth_names,int * num_indices_ret,int * indices_ret)127 _IceGetPoValidAuthIndices (
128 	const char	*protocol_name,
129 	const char	*network_id,
130 	int		num_auth_names,
131 	const char	**auth_names,
132 	int		*num_indices_ret,
133 	int		*indices_ret		/* in/out arg */
134 )
135 {
136     FILE    		*auth_file;
137     char    		*filename;
138     IceAuthFileEntry    *entry;
139     int			index_ret, i;
140 
141     *num_indices_ret = 0;
142 
143     if (!(filename = IceAuthFileName ()))
144 	return;
145 
146     if (access (filename, R_OK) != 0)		/* checks REAL id */
147 	return;
148 
149     if (!(auth_file = fopen (filename, "rb")))
150 	return;
151 
152     for (;;)
153     {
154 	if (!(entry = IceReadAuthFileEntry (auth_file)))
155 	    break;
156 
157 	if (strcmp (protocol_name, entry->protocol_name) == 0 &&
158 	    strcmp (network_id, entry->network_id) == 0 &&
159 	    auth_valid (entry->auth_name, num_auth_names,
160 	    auth_names, &index_ret))
161 	{
162 	    /*
163 	     * Make sure we didn't store this index already.
164 	     */
165 
166 	    for (i = 0; i < *num_indices_ret; i++)
167 		if (index_ret == indices_ret[i])
168 		    break;
169 
170 	    if (i >= *num_indices_ret)
171 	    {
172 		indices_ret[*num_indices_ret] = index_ret;
173 		*num_indices_ret += 1;
174 	    }
175 	}
176 
177 	IceFreeAuthFileEntry (entry);
178     }
179 
180     fclose (auth_file);
181 }
182 
183 
184 
185 void
_IceGetPaValidAuthIndices(const char * protocol_name,const char * network_id,int num_auth_names,const char ** auth_names,int * num_indices_ret,int * indices_ret)186 _IceGetPaValidAuthIndices (
187 	const char	*protocol_name,
188 	const char	*network_id,
189 	int		num_auth_names,
190 	const char	**auth_names,
191 	int		*num_indices_ret,
192 	int		*indices_ret		/* in/out arg */
193 )
194 {
195     int			index_ret;
196     int			i, j;
197     IceAuthDataEntry	*entry;
198 
199     *num_indices_ret = 0;
200 
201     for (i = 0;	i < _IcePaAuthDataEntryCount; i++)
202     {
203 	entry = &_IcePaAuthDataEntries[i];
204 
205 	if (strcmp (protocol_name, entry->protocol_name) == 0 &&
206             strcmp (network_id, entry->network_id) == 0 &&
207 	    auth_valid (entry->auth_name, num_auth_names,
208 	    auth_names, &index_ret))
209 	{
210 	    /*
211 	     * Make sure we didn't store this index already.
212 	     */
213 
214 	    for (j = 0; j < *num_indices_ret; j++)
215 		if (index_ret == indices_ret[j])
216 		    break;
217 
218 	    if (j >= *num_indices_ret)
219 	    {
220 		indices_ret[*num_indices_ret] = index_ret;
221 		*num_indices_ret += 1;
222 	    }
223 	}
224     }
225 }
226 
227 
228 
229 /*
230  * local routines
231  */
232 
233 static Bool
auth_valid(const char * auth_name,int num_auth_names,const char ** auth_names,int * index_ret)234 auth_valid (const char *auth_name, int num_auth_names,
235 	    const char **auth_names, int *index_ret)
236 
237 {
238     /*
239      * Check if auth_name is in auth_names.  Return index.
240      */
241 
242     int i;
243 
244     for (i = 0; i < num_auth_names; i++)
245 	if (strcmp (auth_name, auth_names[i]) == 0)
246 	{
247 	    break;
248 	}
249 
250     if (i < num_auth_names)
251     {
252 	*index_ret = i;
253 	return (1);
254     }
255     else
256 	return (0);
257 }
258