diff --git a/Xext/namespace/config.c b/Xext/namespace/config.c index dfdce9a76..e706f6f7d 100644 --- a/Xext/namespace/config.c +++ b/Xext/namespace/config.c @@ -8,11 +8,11 @@ #include "namespace.h" struct Xnamespace ns_root = { - .allowMouseMotion = TRUE, - .allowShape = TRUE, - .allowTransparency = TRUE, - .allowXInput = TRUE, - .allowXKeyboard = TRUE, + .allowMouseMotion = ALLOW, + .allowShape = ALLOW, + .allowTransparency = ALLOW, + .allowXInput = ALLOW, + .allowXKeyboard = ALLOW, .builtin = TRUE, .name = NS_NAME_ROOT, .refcnt = 1, @@ -21,6 +21,11 @@ struct Xnamespace ns_root = { struct Xnamespace ns_anon = { .builtin = TRUE, + .allowMouseMotion = ASK, + .allowShape = ASK, + .allowTransparency = ASK, + .allowXInput = ASK, + .allowXKeyboard = ASK, .name = NS_NAME_ANONYMOUS, .refcnt = 1, }; @@ -134,15 +139,55 @@ static void parseLine(char *line, struct Xnamespace **walk_ns) while ((token = strtok(NULL, " ")) != NULL) { if (strcmp(token, "mouse-motion") == 0) - curr->allowMouseMotion = TRUE; + curr->allowMouseMotion = ALLOW; else if (strcmp(token, "shape") == 0) - curr->allowShape = TRUE; + curr->allowShape = ALLOW; else if (strcmp(token, "transparency") == 0) - curr->allowTransparency = TRUE; + curr->allowTransparency = ALLOW; else if (strcmp(token, "xinput") == 0) - curr->allowXInput = TRUE; + curr->allowXInput = ALLOW; else if (strcmp(token, "xkeyboard") == 0) - curr->allowXKeyboard = TRUE; + curr->allowXKeyboard = ALLOW; + else + XNS_LOG("unknown allow: %s\n", token); + } + return; + } + + if (strcmp(token, "ask") == 0) + { + while ((token = strtok(NULL, " ")) != NULL) + { + if (strcmp(token, "mouse-motion") == 0) + curr->allowMouseMotion = ASK; + else if (strcmp(token, "shape") == 0) + curr->allowShape = ASK; + else if (strcmp(token, "transparency") == 0) + curr->allowTransparency = ASK; + else if (strcmp(token, "xinput") == 0) + curr->allowXInput = ASK; + else if (strcmp(token, "xkeyboard") == 0) + curr->allowXKeyboard = ASK; + else + XNS_LOG("unknown allow: %s\n", token); + } + return; + } + + if (strcmp(token, "deny") == 0) + { + while ((token = strtok(NULL, " ")) != NULL) + { + if (strcmp(token, "mouse-motion") == 0) + curr->allowMouseMotion = DENY; + else if (strcmp(token, "shape") == 0) + curr->allowShape = DENY; + else if (strcmp(token, "transparency") == 0) + curr->allowTransparency = DENY; + else if (strcmp(token, "xinput") == 0) + curr->allowXInput = DENY; + else if (strcmp(token, "xkeyboard") == 0) + curr->allowXKeyboard = DENY; else XNS_LOG("unknown allow: %s\n", token); } diff --git a/Xext/namespace/hook-ext-access.c b/Xext/namespace/hook-ext-access.c index 0f86dc47f..725c9a432 100644 --- a/Xext/namespace/hook-ext-access.c +++ b/Xext/namespace/hook-ext-access.c @@ -43,13 +43,13 @@ void hookExtAccess(CallbackListPtr *pcbl, void *unused, void *calldata) /* only allowed if namespace has flag set */ case EXTENSION_MAJOR_SHAPE: - if (subj->ns->allowShape) + if (subj->ns->allowShape == ALLOW) goto pass; goto reject; /* only allowed if namespace has flag set */ case EXTENSION_MAJOR_XINPUT: - if (subj->ns->allowXInput) + if (subj->ns->allowXInput == ALLOW) goto pass; goto reject; } diff --git a/Xext/namespace/hook-ext-dispatch.c b/Xext/namespace/hook-ext-dispatch.c index 1c13dae4e..0d1a38583 100644 --- a/Xext/namespace/hook-ext-dispatch.c +++ b/Xext/namespace/hook-ext-dispatch.c @@ -39,7 +39,7 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata) /* allow several operations */ case EXTENSION_MAJOR_XKEYBOARD: - if (subj->ns->allowXKeyboard) + if (subj->ns->allowXKeyboard == ALLOW) goto pass; switch (client->minorOp) { case X_kbUseExtension: @@ -56,11 +56,11 @@ void hookExtDispatch(CallbackListPtr *pcbl, void *unused, void *calldata) /* allow if namespace has flag set */ case EXTENSION_MAJOR_SHAPE: - if (subj->ns->allowShape) + if (subj->ns->allowShape == ALLOW) goto pass; break; case EXTENSION_MAJOR_XINPUT: - if (subj->ns->allowXInput) + if (subj->ns->allowXInput == ALLOW) goto pass; switch (client->minorOp) { case X_ListInputDevices: diff --git a/Xext/namespace/hook-receive.c b/Xext/namespace/hook-receive.c index fb5d36729..7f850c31a 100644 --- a/Xext/namespace/hook-receive.c +++ b/Xext/namespace/hook-receive.c @@ -35,7 +35,7 @@ hookReceive(CallbackListPtr *pcbl, void *unused, void *calldata) if (gev->extension == EXTENSION_MAJOR_XINPUT) { switch (gev->evtype) { case XI_RawMotion: - if ((!subj->ns->allowMouseMotion) || !isRootWin(param->pWin)) + if ((!(subj->ns->allowMouseMotion == ALLOW)) || !isRootWin(param->pWin)) goto reject; continue; case XI_RawKeyPress: diff --git a/Xext/namespace/hook-resource.c b/Xext/namespace/hook-resource.c index 837e5fff0..5c2ca3493 100644 --- a/Xext/namespace/hook-resource.c +++ b/Xext/namespace/hook-resource.c @@ -31,7 +31,7 @@ void hookResourceAccess(CallbackListPtr *pcbl, void *unused, void *calldata) if (param->rtype == X11_RESTYPE_WINDOW) { WindowPtr pWindow = (WindowPtr) param->res; if (param->access_mode & DixCreateAccess) { - if (!subj->ns->allowTransparency) { + if (!(subj->ns->allowTransparency == ALLOW)) { pWindow->forcedBG = TRUE; } } diff --git a/Xext/namespace/namespace.h b/Xext/namespace/namespace.h index 36331df19..048a30a70 100644 --- a/Xext/namespace/namespace.h +++ b/Xext/namespace/namespace.h @@ -10,6 +10,12 @@ #include "include/window.h" #include "include/windowstr.h" +enum Authlevel { + DENY, + ASK, + ALLOW, +}; + struct auth_token { struct xorg_list entry; const char *authProto; @@ -22,11 +28,11 @@ struct Xnamespace { struct xorg_list entry; const char *name; Bool builtin; - Bool allowMouseMotion; - Bool allowShape; - Bool allowTransparency; - Bool allowXInput; - Bool allowXKeyboard; + enum Authlevel allowMouseMotion; + enum Authlevel allowShape; + enum Authlevel allowTransparency; + enum Authlevel allowXInput; + enum Authlevel allowXKeyboard; Bool superPower; struct xorg_list auth_tokens; size_t refcnt;