frederik
/
libxcb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix XDM-AUTHORIZATION-1 (bug #14202) 

With this patch, we know use correctly the socket address or peer
address for authentication purpose.

Signed-off-by: Julien Danjou <julien@danjou.info>
This commit is contained in:
Bart Massey 2009-04-21 08:39:52 +02:00 committed by Julien Danjou
parent ca978a9dae
commit 010e566126
1 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/xcb_auth.c
View File

@ -250,17 +250,21 @@ int _xcb_get_auth_info(int fd, xcb_auth_info_t *info, int display)
char sockbuf[sizeof(struct sockaddr) + MAXPATHLEN]; char sockbuf[sizeof(struct sockaddr) + MAXPATHLEN];
unsigned int socknamelen = sizeof(sockbuf); /* need extra space */ unsigned int socknamelen = sizeof(sockbuf); /* need extra space */
struct sockaddr *sockname = (struct sockaddr *) &sockbuf; struct sockaddr *sockname = (struct sockaddr *) &sockbuf;
int gotsockname = 0;
Xauth *authptr = 0; Xauth *authptr = 0;
int ret = 1; int ret = 1;
/* Some systems like hpux or Hurd do not expose peer names
* for UNIX Domain Sockets, but this is irrelevant,
* since compute_auth() ignores the peer name in this
* case anyway.*/
if (getpeername(fd, sockname, &socknamelen) == -1) if (getpeername(fd, sockname, &socknamelen) == -1)
{ {
if (getsockname(fd, sockname, &socknamelen) == -1)
return 0; /* can only authenticate sockets */
if (sockname->sa_family != AF_UNIX) if (sockname->sa_family != AF_UNIX)
return 0; return 0; /* except for AF_UNIX, sockets should have peernames */
/* Some systems like hpux or Hurd do not expose peer names if (getsockname(fd, sockname, &socknamelen) == -1)
* for UNIX Domain Sockets. We do not need it anyway. */ return 0; /* can only authenticate sockets */
gotsockname = 1;
} }
authptr = get_authptr(sockname, socknamelen, display); authptr = get_authptr(sockname, socknamelen, display);
@ -268,14 +272,28 @@ int _xcb_get_auth_info(int fd, xcb_auth_info_t *info, int display)
return 0; /* cannot find good auth data */ return 0; /* cannot find good auth data */
info->namelen = memdup(&info->name, authptr->name, authptr->name_length); info->namelen = memdup(&info->name, authptr->name, authptr->name_length);
if(info->namelen) if (!info->namelen)
ret = compute_auth(info, authptr, sockname); goto no_auth; /* out of memory */
if (!gotsockname && getsockname(fd, sockname, &socknamelen) == -1)
{
free(info->name);
goto no_auth; /* can only authenticate sockets */
}
ret = compute_auth(info, authptr, sockname);
if(!ret) if(!ret)
{ {
free(info->name); free(info->name);
info->name = 0; goto no_auth; /* cannot build auth record */
info->namelen = 0;
} }
XauDisposeAuth(authptr); XauDisposeAuth(authptr);
return ret; return ret;
no_auth:
info->name = 0;
info->namelen = 0;
XauDisposeAuth(authptr);
return 0;
} }