- move function related to xauth in own file
- use of g_bytes_to_hexstr() - correct typos and coding syntax - don't create auth file, xauth can do that if needed
This commit is contained in:
parent
e72957b7c9
commit
b2f4f68ab8
@ -54,6 +54,8 @@ xrdp_sesman_SOURCES = \
|
||||
session.h \
|
||||
sig.c \
|
||||
sig.h \
|
||||
xauth.c \
|
||||
xauth.h \
|
||||
$(AUTH_C)
|
||||
|
||||
xrdp_sesman_LDADD = \
|
||||
|
42
sesman/env.c
42
sesman/env.c
@ -201,45 +201,3 @@ env_set_user(const char *username, char **passwd_file, int display,
|
||||
|
||||
return error;
|
||||
}
|
||||
|
||||
|
||||
/******************************************************************************/
|
||||
int DEFAULT_CC
|
||||
env_add_xauth_user(int display, char *cookie, char *file)
|
||||
{
|
||||
FILE *dp;
|
||||
char xauth_str[256];
|
||||
int fd;
|
||||
|
||||
if ( file == NULL )
|
||||
{
|
||||
if (!g_file_exist(".Xauthority"))
|
||||
{
|
||||
fd = g_file_open(".Xauthority");
|
||||
g_file_close(fd);
|
||||
}
|
||||
|
||||
g_sprintf(xauth_str, "xauth -q add :%d . %s", display, cookie);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!g_file_exist(file))
|
||||
{
|
||||
fd = g_file_open(file);
|
||||
g_file_close(fd);
|
||||
}
|
||||
|
||||
g_sprintf(xauth_str, "xauth -q -f %s add :%d . %s",
|
||||
file, display, cookie);
|
||||
}
|
||||
log_message(LOG_LEVEL_DEBUG, "xauth command: %s", xauth_str);
|
||||
|
||||
if ((dp = popen(xauth_str, "r")) == NULL) {
|
||||
log_message(LOG_LEVEL_INFO, "xauth failed, no X security");
|
||||
return 1;
|
||||
}
|
||||
|
||||
pclose(dp);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
13
sesman/env.h
13
sesman/env.h
@ -53,17 +53,4 @@ int DEFAULT_CC
|
||||
env_set_user(const char *username, char **passwd_file, int display,
|
||||
const struct list *env_names, const struct list *env_values);
|
||||
|
||||
/**
|
||||
*
|
||||
* @brief create the XAUTORITY file for the user according to the display and the cookie
|
||||
* xauth uses XAUTORITY if defined, ~/.Xauthority otherwise
|
||||
* @param display The session display
|
||||
* @param cookie The cookie
|
||||
* @param file If not NULL, write the autorization in the file instead of default location
|
||||
* @return 0 if adding the cookie is ok
|
||||
*/
|
||||
|
||||
int DEFAULT_CC
|
||||
env_add_xauth_user(int display, char *cookie, char * file);
|
||||
|
||||
#endif
|
||||
|
@ -30,7 +30,6 @@
|
||||
#if defined(HAVE_CONFIG_H)
|
||||
#include "config_ac.h"
|
||||
#endif
|
||||
#include <stdio.h>
|
||||
#include "arch.h"
|
||||
#include "parse.h"
|
||||
#include "os_calls.h"
|
||||
|
@ -39,6 +39,7 @@
|
||||
|
||||
#include "sesman.h"
|
||||
#include "libscp_types.h"
|
||||
#include "xauth.h"
|
||||
|
||||
#ifndef PR_SET_NO_NEW_PRIVS
|
||||
#define PR_SET_NO_NEW_PRIVS 38
|
||||
@ -441,8 +442,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||
struct list *xserver_params = (struct list *)NULL;
|
||||
struct tm stime;
|
||||
time_t ltime;
|
||||
char cookie[33]; /* the cookie which will be used for xauth */
|
||||
char cookie_tmpval; /* Used to fill the cookie with random values */
|
||||
char authfile[256]; /* The filename for storing xauth informations */
|
||||
|
||||
/* initialize (zero out) local variables: */
|
||||
@ -686,19 +685,11 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||
}
|
||||
else
|
||||
{
|
||||
g_snprintf(authfile, 12, "%s", ".Xauthority");
|
||||
g_snprintf(authfile, 255, "%s", ".Xauthority");
|
||||
}
|
||||
|
||||
/* Create the cookie */
|
||||
for (i = 0; i < 32; i++)
|
||||
{
|
||||
g_random((char *) &cookie_tmpval, 1);
|
||||
sprintf(&cookie[i], "%02X", cookie_tmpval & 0xff);
|
||||
}
|
||||
cookie[32] = '\0';
|
||||
|
||||
/* Add the entry in XAUTORITY file */
|
||||
env_add_xauth_user(display, cookie, authfile);
|
||||
/* Add the entry in XAUTHORITY file */
|
||||
add_xauth_cookie(display, authfile);
|
||||
|
||||
if (type == SESMAN_SESSION_TYPE_XORG)
|
||||
{
|
||||
|
73
sesman/xauth.c
Normal file
73
sesman/xauth.c
Normal file
@ -0,0 +1,73 @@
|
||||
/**
|
||||
* xrdp: A Remote Desktop Protocol server.
|
||||
*
|
||||
* Copyright (C) Jay Sorg 2004-2013
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
*
|
||||
* @file xauth.c
|
||||
* @brief XAUTHORITY handling code
|
||||
* @author Emmaunel Blindauer
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "sesman.h"
|
||||
// #include "grp.h"
|
||||
// #include "ssl_calls.h"
|
||||
#include "os_calls.h"
|
||||
|
||||
|
||||
/******************************************************************************/
|
||||
int DEFAULT_CC
|
||||
add_xauth_cookie(int display, const char *file)
|
||||
{
|
||||
FILE *dp;
|
||||
char cookie[33];
|
||||
char char_cookie[16];
|
||||
char xauth_str[256];
|
||||
int ret;
|
||||
|
||||
g_random(char_cookie, 16);
|
||||
g_bytes_to_hexstr(char_cookie, 16, cookie, 33);
|
||||
cookie[32] = '\0';
|
||||
|
||||
if (file == NULL)
|
||||
{
|
||||
g_sprintf(xauth_str, "xauth -q add :%d . %s", display, cookie);
|
||||
}
|
||||
else
|
||||
{
|
||||
g_sprintf(xauth_str, "xauth -q -f %s add :%d . %s",
|
||||
file, display, cookie);
|
||||
}
|
||||
|
||||
dp = popen(xauth_str, "r");
|
||||
if (dp == NULL)
|
||||
{
|
||||
log_message(LOG_LEVEL_ERROR, "Unable to launch xauth");
|
||||
return 1;
|
||||
}
|
||||
|
||||
ret = pclose(dp);
|
||||
if (ret < 0)
|
||||
{
|
||||
log_message(LOG_LEVEL_ERROR, "An error occured while running xauth");
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
42
sesman/xauth.h
Normal file
42
sesman/xauth.h
Normal file
@ -0,0 +1,42 @@
|
||||
/**
|
||||
* xrdp: A Remote Desktop Protocol server.
|
||||
*
|
||||
* Copyright (C) Jay Sorg 2004-2013
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
*
|
||||
* @file xauth.c
|
||||
* @brief XAUTHORITY handling code
|
||||
* @author Emmaunel Blindauer
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef XAUTH_H
|
||||
#define XAUTH_H
|
||||
|
||||
/**
|
||||
*
|
||||
* @brief create the XAUTHORITY file for the user according to the display and the cookie
|
||||
* xauth uses XAUTHORITY if defined, ~/.Xauthority otherwise
|
||||
* @param display The session display
|
||||
* @param file If not NULL, write the authorization in the file instead of default location
|
||||
* @return 0 if adding the cookie is ok
|
||||
*/
|
||||
|
||||
int DEFAULT_CC
|
||||
add_xauth_cookie(int display, const char *file);
|
||||
|
||||
#endif
|
Loading…
Reference in New Issue
Block a user