frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: rewrite to use new devPrivates support.

This commit is contained in:
Eamon Walsh 2007-04-03 15:31:16 -04:00 committed by Eamon Walsh
parent 14aea12cad
commit 1cb84768f3
1 changed files with 38 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
Xext/security.c
View File

@ -30,6 +30,7 @@ in this Software without prior written authorization from The Open Group.
#include "scrnintstr.h" #include "scrnintstr.h"
#include "colormapst.h" #include "colormapst.h"
#include "privates.h"
#include "xacestr.h" #include "xacestr.h"
#include "securitysrv.h" #include "securitysrv.h"
#include <X11/extensions/securstr.h> #include <X11/extensions/securstr.h>
@ -53,23 +54,23 @@ in this Software without prior written authorization from The Open Group.
static int SecurityErrorBase; /* first Security error number */ static int SecurityErrorBase; /* first Security error number */
static int SecurityEventBase; /* first Security event number */ static int SecurityEventBase; /* first Security event number */
static int securityClientPrivateIndex; static devprivate_key_t stateKey;
static int securityExtnsnPrivateIndex;
/* this is what we store as client security state */ /* this is what we store as client security state */
typedef struct { typedef struct {
int haveState;
unsigned int trustLevel; unsigned int trustLevel;
XID authId; XID authId;
} SecurityClientStateRec; } SecurityClientStateRec;
#define STATEVAL(extnsn) \ #define EXTLEVEL(extnsn) ((Bool) \
((extnsn)->devPrivates[securityExtnsnPrivateIndex].val) dixLookupPrivate(DEVPRIV_PTR(extnsn), &stateKey))
#define STATEPTR(client) \ #define HAVESTATE(client) (((SecurityClientStateRec *) \
((client)->devPrivates[securityClientPrivateIndex].ptr) dixLookupPrivate(DEVPRIV_PTR(client), &stateKey))->haveState)
#define TRUSTLEVEL(client) \ #define TRUSTLEVEL(client) (((SecurityClientStateRec *) \
(((SecurityClientStateRec*)STATEPTR(client))->trustLevel) dixLookupPrivate(DEVPRIV_PTR(client), &stateKey))->trustLevel)
#define AUTHID(client) \ #define AUTHID(client)(((SecurityClientStateRec *) \
(((SecurityClientStateRec*)STATEPTR(client))->authId) dixLookupPrivate(DEVPRIV_PTR(client), &stateKey))->authId)
static CallbackListPtr SecurityValidateGroupCallback = NULL; static CallbackListPtr SecurityValidateGroupCallback = NULL;
@ -1149,7 +1150,7 @@ SecurityClientStateCallback(CallbackListPtr *pcbl, pointer unused,
SecurityAuthorizationPtr pAuth; SecurityAuthorizationPtr pAuth;
/* client may not have any state (bad authorization) */ /* client may not have any state (bad authorization) */
if (!STATEPTR(client)) if (!HAVESTATE(client))
break; break;
pAuth = (SecurityAuthorizationPtr)LookupIDByType(AUTHID(client), pAuth = (SecurityAuthorizationPtr)LookupIDByType(AUTHID(client),
@ -1185,7 +1186,7 @@ SecurityCheckMapAccess(CallbackListPtr *pcbl, pointer unused,
XaceMapAccessRec *rec = (XaceMapAccessRec*)calldata; XaceMapAccessRec *rec = (XaceMapAccessRec*)calldata;
WindowPtr pWin = rec->pWin; WindowPtr pWin = rec->pWin;
if (STATEPTR(rec->client) && if (HAVESTATE(rec->client) &&
(TRUSTLEVEL(rec->client) != XSecurityClientTrusted) && (TRUSTLEVEL(rec->client) != XSecurityClientTrusted) &&
(pWin->drawable.class == InputOnly) && (pWin->drawable.class == InputOnly) &&
pWin->parent && pWin->parent->parent && pWin->parent && pWin->parent->parent &&
@ -1211,7 +1212,7 @@ SecurityCheckExtAccess(CallbackListPtr *pcbl, pointer unused,
XaceExtAccessRec *rec = (XaceExtAccessRec*)calldata; XaceExtAccessRec *rec = (XaceExtAccessRec*)calldata;
if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) && if ((TRUSTLEVEL(rec->client) != XSecurityClientTrusted) &&
!STATEVAL(rec->ext)) !EXTLEVEL(rec->ext))
rec->rval = FALSE; rec->rval = FALSE;
} }
@ -1241,7 +1242,7 @@ SecurityDeclareExtSecure(CallbackListPtr *pcbl, pointer unused,
XaceDeclareExtSecureRec *rec = (XaceDeclareExtSecureRec*)calldata; XaceDeclareExtSecureRec *rec = (XaceDeclareExtSecureRec*)calldata;
/* security state for extensions is simply a boolean trust value */ /* security state for extensions is simply a boolean trust value */
STATEVAL(rec->ext) = rec->secure; dixSetPrivate(DEVPRIV_PTR(rec->ext), &stateKey, (pointer)rec->secure);
} }
/**********************************************************************/ /**********************************************************************/
@ -1887,29 +1888,14 @@ XSecurityOptions(argc, argv, i)
void void
SecurityExtensionSetup(INITARGS) SecurityExtensionSetup(INITARGS)
{ {
/* Allocate the client private index */ /* FIXME: this is here so it is registered before other extensions
securityClientPrivateIndex = AllocateClientPrivateIndex(); * init themselves. This also required commit 5e946dd853a4ebc... to
if (!AllocateClientPrivate(securityClientPrivateIndex, * call the setup functions on each server reset.
sizeof (SecurityClientStateRec))) *
FatalError("SecurityExtensionSetup: Can't allocate client private.\n"); * The extension security bit should be delivered in some other way,
* either in a symbol or in the module data.
/* Allocate the extension private index */ */
securityExtnsnPrivateIndex = AllocateExtensionPrivateIndex(); XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, SecurityDeclareExtSecure, 0);
if (!AllocateExtensionPrivate(securityExtnsnPrivateIndex, 0))
FatalError("SecurityExtensionSetup: Can't allocate extnsn private.\n");
/* register callbacks */
#define XaceRC XaceRegisterCallback
XaceRC(XACE_RESOURCE_ACCESS, SecurityCheckResourceIDAccess, NULL);
XaceRC(XACE_DEVICE_ACCESS, SecurityCheckDeviceAccess, NULL);
XaceRC(XACE_PROPERTY_ACCESS, SecurityCheckPropertyAccess, NULL);
XaceRC(XACE_DRAWABLE_ACCESS, SecurityCheckDrawableAccess, NULL);
XaceRC(XACE_MAP_ACCESS, SecurityCheckMapAccess, NULL);
XaceRC(XACE_BACKGRND_ACCESS, SecurityCheckBackgrndAccess, NULL);
XaceRC(XACE_EXT_DISPATCH, SecurityCheckExtAccess, NULL);
XaceRC(XACE_EXT_ACCESS, SecurityCheckExtAccess, NULL);
XaceRC(XACE_HOSTLIST_ACCESS, SecurityCheckHostlistAccess, NULL);
XaceRC(XACE_DECLARE_EXT_SECURE, SecurityDeclareExtSecure, NULL);
} /* SecurityExtensionSetup */ } /* SecurityExtensionSetup */
@ -1939,6 +1925,10 @@ SecurityExtensionInit(INITARGS)
RTEventClient |= RC_NEVERRETAIN; RTEventClient |= RC_NEVERRETAIN;
/* Allocate the private storage */
if (!dixRequestPrivate(&stateKey, sizeof(SecurityClientStateRec)))
FatalError("SecurityExtensionSetup: Can't allocate client private.\n");
if (!AddCallback(&ClientStateCallback, SecurityClientStateCallback, NULL)) if (!AddCallback(&ClientStateCallback, SecurityClientStateCallback, NULL))
return; return;
@ -1955,4 +1945,15 @@ SecurityExtensionInit(INITARGS)
SecurityLoadPropertyAccessList(); SecurityLoadPropertyAccessList();
/* register callbacks */
#define XaceRC XaceRegisterCallback
XaceRC(XACE_RESOURCE_ACCESS, SecurityCheckResourceIDAccess, NULL);
XaceRC(XACE_DEVICE_ACCESS, SecurityCheckDeviceAccess, NULL);
XaceRC(XACE_PROPERTY_ACCESS, SecurityCheckPropertyAccess, NULL);
XaceRC(XACE_DRAWABLE_ACCESS, SecurityCheckDrawableAccess, NULL);
XaceRC(XACE_MAP_ACCESS, SecurityCheckMapAccess, NULL);
XaceRC(XACE_BACKGRND_ACCESS, SecurityCheckBackgrndAccess, NULL);
XaceRC(XACE_EXT_DISPATCH, SecurityCheckExtAccess, NULL);
XaceRC(XACE_EXT_ACCESS, SecurityCheckExtAccess, NULL);
XaceRC(XACE_HOSTLIST_ACCESS, SecurityCheckHostlistAccess, NULL);
} /* SecurityExtensionInit */ } /* SecurityExtensionInit */