Xnamespace: add support for multiple auth tokens per namespace
Support having more than one auth token per namespace, so separate tokens can be handed out to clients that are still landing in the same namespace. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This commit is contained in:
Enrico Weigelt, metux IT consult
parent
f790bae8dc
commit
a353ffddd0
|
|
@ -105,21 +105,27 @@ static void parseLine(char *line, struct Xnamespace **walk_ns)
|
|||
if (token == NULL)
|
||||
return;
|
||||
|
||||
curr->authProto = strdup(token);
|
||||
struct auth_token *new_token = calloc(1, sizeof(struct auth_token));
|
||||
if (new_token == NULL)
|
||||
FatalError("Xnamespace: failed allocating token\n");
|
||||
|
||||
new_token->authProto = strdup(token);
|
||||
token = strtok(NULL, " ");
|
||||
|
||||
curr->authTokenLen = strlen(token)/2;
|
||||
curr->authTokenData = calloc(1, curr->authTokenLen);
|
||||
if (!curr->authTokenData) {
|
||||
curr->authTokenLen = 0;
|
||||
new_token->authTokenLen = strlen(token)/2;
|
||||
new_token->authTokenData = calloc(1, new_token->authTokenLen);
|
||||
if (!new_token->authTokenData) {
|
||||
free(new_token);
|
||||
return;
|
||||
}
|
||||
hex2bin(token, curr->authTokenData);
|
||||
hex2bin(token, new_token->authTokenData);
|
||||
|
||||
AddAuthorization(strlen(curr->authProto),
|
||||
curr->authProto,
|
||||
curr->authTokenLen,
|
||||
curr->authTokenData);
|
||||
new_token->authId = AddAuthorization(strlen(new_token->authProto),
|
||||
new_token->authProto,
|
||||
new_token->authTokenLen,
|
||||
new_token->authTokenData);
|
||||
|
||||
xorg_list_append(&new_token->entry, &curr->auth_tokens);
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -179,13 +185,15 @@ Bool XnsLoadConfig(void)
|
|||
|
||||
struct Xnamespace *ns;
|
||||
xorg_list_for_each_entry(ns, &ns_list, entry) {
|
||||
XNS_LOG("namespace: \"%s\" \"%s\" \"",
|
||||
ns->name,
|
||||
ns->authProto);
|
||||
for (int i=0; i<ns->authTokenLen; i++)
|
||||
printf("%02X", (unsigned char)ns->authTokenData[i]);
|
||||
XNS_LOG("namespace: \"%s\" \n", ns->name);
|
||||
struct auth_token *at;
|
||||
xorg_list_for_each_entry(at, &ns->auth_tokens, entry) {
|
||||
XNS_LOG(" auth: \"%s\" \"", at->authProto);
|
||||
for (int i=0; i<at->authTokenLen; i++)
|
||||
printf("%02X", (unsigned char)at->authTokenData[i]);
|
||||
printf("\"\n");
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -76,13 +76,16 @@ struct Xnamespace* XnsFindByAuth(size_t szAuthProto, const char* authProto, size
|
|||
{
|
||||
struct Xnamespace *walk;
|
||||
xorg_list_for_each_entry(walk, &ns_list, entry) {
|
||||
int protoLen = walk->authProto ? strlen(walk->authProto) : 0;
|
||||
struct auth_token *at;
|
||||
xorg_list_for_each_entry(at, &walk->auth_tokens, entry) {
|
||||
int protoLen = at->authProto ? strlen(at->authProto) : 0;
|
||||
if ((protoLen == szAuthProto) &&
|
||||
(walk->authTokenLen == szAuthToken) &&
|
||||
(memcmp(walk->authTokenData, authToken, szAuthToken)==0) &&
|
||||
(memcmp(walk->authProto, authProto, szAuthProto)==0))
|
||||
(at->authTokenLen == szAuthToken) &&
|
||||
(memcmp(at->authTokenData, authToken, szAuthToken)==0) &&
|
||||
(memcmp(at->authProto, authProto, szAuthProto)==0))
|
||||
return walk;
|
||||
}
|
||||
}
|
||||
|
||||
// default to anonymous if credentials aren't assigned to specific NS
|
||||
return &ns_anon;
|
||||
|
|
|
|||
|
|
@ -10,6 +10,14 @@
|
|||
#include "include/window.h"
|
||||
#include "include/windowstr.h"
|
||||
|
||||
struct auth_token {
|
||||
struct xorg_list entry;
|
||||
const char *authProto;
|
||||
char *authTokenData;
|
||||
size_t authTokenLen;
|
||||
XID authId;
|
||||
};
|
||||
|
||||
struct Xnamespace {
|
||||
struct xorg_list entry;
|
||||
const char *name;
|
||||
|
|
@ -20,9 +28,7 @@ struct Xnamespace {
|
|||
Bool allowXInput;
|
||||
Bool allowXKeyboard;
|
||||
Bool superPower;
|
||||
const char *authProto;
|
||||
char *authTokenData;
|
||||
size_t authTokenLen;
|
||||
struct xorg_list auth_tokens;
|
||||
size_t refcnt;
|
||||
WindowPtr rootWindow;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,13 +1,18 @@
|
|||
|
||||
# auth <proto> <hex-key>
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b0
|
||||
auth MIT-MAGIC-COOKIE-1 56f8e62b78e58962de0ceefc05ad90b0
|
||||
|
||||
# container <name> <parent_name>
|
||||
container xeyes root
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b8
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90a8
|
||||
allow mouse-motion
|
||||
allow shape
|
||||
allow xinput
|
||||
|
||||
container xclock root
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b7
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad91b7
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad92b7
|
||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad93b7
|
||||
|
|
|
|||
Loading…
Reference in New Issue