1 /* $XConsortium: security.h /main/6 1996/11/12 12:17:11 swick $ */ 2 /* 3 Copyright (c) 1996 X Consortium 4 5 Permission is hereby granted, free of charge, to any person obtaining 6 a copy of this software and associated documentation files (the 7 "Software"), to deal in the Software without restriction, including 8 without limitation the rights to use, copy, modify, merge, publish, 9 distribute, sublicense, and sell copies of the Software, and to 10 permit persons to whom the Software is furnished to do so, subject to 11 the following conditions: 12 13 The above copyright notice and this permission notice shall be included 14 in all copies or substantial portions of the Software. 15 16 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 17 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 19 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR 20 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 21 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 OTHER DEALINGS IN THE SOFTWARE. 23 24 Except as contained in this notice, the name of the X Consortium shall 25 not be used in advertising or otherwise to promote the sale, use or 26 other dealings in this Software without prior written authorization 27 from the X Consortium. 28 */ 29 30 #ifndef _SECURITY_H 31 #define _SECURITY_H 32 33 #define _XAUTH_STRUCT_ONLY 34 #include <X11/Xauth.h> 35 36 /* constants that server, library, and application all need */ 37 38 #define XSecurityNumberEvents 1 39 #define XSecurityNumberErrors 2 40 #define XSecurityBadAuthorization 0 41 #define XSecurityBadAuthorizationProtocol 1 42 43 /* trust levels */ 44 #define XSecurityClientTrusted 0 45 #define XSecurityClientUntrusted 1 46 47 /* authorization attribute masks */ 48 #define XSecurityTimeout (1<<0) 49 #define XSecurityTrustLevel (1<<1) 50 #define XSecurityGroup (1<<2) 51 #define XSecurityEventMask (1<<3) 52 #define XSecurityAllAuthorizationAttributes \ 53 (XSecurityTimeout | XSecurityTrustLevel | XSecurityGroup | XSecurityEventMask) 54 55 /* event masks */ 56 #define XSecurityAuthorizationRevokedMask (1<<0) 57 #define XSecurityAllEventMasks XSecurityAuthorizationRevokedMask 58 59 /* event offsets */ 60 #define XSecurityAuthorizationRevoked 0 61 62 #define XSecurityAuthorizationName "XC-QUERY-SECURITY-1" 63 #define XSecurityAuthorizationNameLen 19 64 65 66 #ifndef _SECURITY_SERVER 67 68 _XFUNCPROTOBEGIN 69 70 Status XSecurityQueryExtension ( 71 Display *dpy, 72 int *major_version_return, 73 int *minor_version_return); 74 75 Xauth *XSecurityAllocXauth(void); 76 77 void XSecurityFreeXauth(Xauth *auth); 78 79 /* type for returned auth ids */ 80 typedef unsigned long XSecurityAuthorization; 81 82 typedef struct { 83 unsigned int timeout; 84 unsigned int trust_level; 85 XID group; 86 long event_mask; 87 } XSecurityAuthorizationAttributes; 88 89 Xauth *XSecurityGenerateAuthorization( 90 Display *dpy, 91 Xauth *auth_in, 92 unsigned long valuemask, 93 XSecurityAuthorizationAttributes *attributes, 94 XSecurityAuthorization *auth_id_return); 95 96 Status XSecurityRevokeAuthorization( 97 Display *dpy, 98 XSecurityAuthorization auth_id); 99 100 _XFUNCPROTOEND 101 102 typedef struct { 103 int type; /* event base + XSecurityAuthorizationRevoked */ 104 unsigned long serial; /* # of last request processed by server */ 105 Bool send_event; /* true if this came from a SendEvent request */ 106 Display *display; /* Display the event was read from */ 107 XSecurityAuthorization auth_id; /* revoked authorization id */ 108 } XSecurityAuthorizationRevokedEvent; 109 110 #else /* _SECURITY_SERVER */ 111 112 #include "input.h" /* for DeviceIntPtr */ 113 #include "property.h" /* for PropertyPtr */ 114 115 /* resource type to pass in LookupIDByType for authorizations */ 116 extern RESTYPE SecurityAuthorizationResType; 117 118 /* this is what we store for an authorization */ 119 typedef struct { 120 XID id; /* resource ID */ 121 CARD32 timeout; /* how long to live in seconds after refcnt == 0 */ 122 unsigned int trustLevel; /* trusted/untrusted */ 123 XID group; /* see embedding extension */ 124 unsigned int refcnt; /* how many clients connected with this auth */ 125 unsigned int secondsRemaining; /* overflow time amount for >49 days */ 126 OsTimerPtr timer; /* timer for this auth */ 127 struct _OtherClients *eventClients; /* clients wanting events */ 128 } SecurityAuthorizationRec, *SecurityAuthorizationPtr; 129 130 /* The following callback is called when a GenerateAuthorization request 131 * is processed to sanity check the group argument. The call data will 132 * be a pointer to a SecurityValidateGroupInfoRec (below). 133 * Functions registered on this callback are expected to examine the 134 * group and set the valid field to TRUE if they recognize the group as a 135 * legitimate group. If they don't recognize it, they should not change the 136 * valid field. 137 */ 138 extern CallbackListPtr SecurityValidateGroupCallback; 139 typedef struct { 140 XID group; /* the group that was sent in GenerateAuthorization */ 141 Bool valid; /* did anyone recognize it? if so, set to TRUE */ 142 } SecurityValidateGroupInfoRec; 143 144 /* Proc vectors for untrusted clients, swapped and unswapped versions. 145 * These are the same as the normal proc vectors except that extensions 146 * that haven't declared themselves secure will have ProcBadRequest plugged 147 * in for their major opcode dispatcher. This prevents untrusted clients 148 * from guessing extension major opcodes and using the extension even though 149 * the extension can't be listed or queried. 150 */ 151 extern int (*UntrustedProcVector[256])(ClientPtr client); 152 extern int (*SwappedUntrustedProcVector[256])(ClientPtr client); 153 154 extern Bool SecurityCheckDeviceAccess(ClientPtr client, DeviceIntPtr dev, 155 Bool fromRequest); 156 157 extern void SecurityAudit(char *format, ...); 158 159 /* Give this value or higher to the -audit option to get security messages */ 160 #define SECURITY_AUDIT_LEVEL 4 161 162 extern void SecurityCensorImage( 163 ClientPtr client, 164 RegionPtr pVisibleRegion, 165 long widthBytesLine, 166 DrawablePtr pDraw, 167 int x, int y, int w, int h, 168 unsigned int format, 169 char * pBuf); 170 171 #define SecurityAllowOperation 0 172 #define SecurityIgnoreOperation 1 173 #define SecurityErrorOperation 2 174 175 char 176 SecurityCheckPropertyAccess( 177 ClientPtr client, 178 WindowPtr pWin, 179 ATOM propertyName, 180 Mask access_mode); 181 182 #define SECURITY_POLICY_FILE_VERSION "version-1" 183 184 char **SecurityGetSitePolicyStrings(int *n); 185 186 #endif /* _SECURITY_SERVER */ 187 188 #endif /* _SECURITY_H */ 189