diff --git a/Xext/appgroup.c b/Xext/appgroup.c index 86bd36ecd..61c1aa0d5 100644 --- a/Xext/appgroup.c +++ b/Xext/appgroup.c @@ -44,8 +44,7 @@ from The Open Group. #define _XAG_SERVER_ #include #include -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #include #define XSERV_t @@ -77,10 +76,6 @@ static int ProcXagDispatch(ClientPtr client); static int SProcXagDispatch(ClientPtr client); static void XagResetProc(ExtensionEntry* extEntry); -#if 0 -static unsigned char XagReqCode = 0; -static int XagErrorBase; -#endif static int XagCallbackRefCount = 0; static RESTYPE RT_APPGROUP; @@ -233,19 +228,6 @@ void XagClientStateChange( void XagExtensionInit(INITARGS) { -#if 0 - ExtensionEntry* extEntry; - - if ((extEntry = AddExtension (XAGNAME, - 0, - XagNumberErrors, - ProcXagDispatch, - SProcXagDispatch, - XagResetProc, - StandardMinorOpcode))) { - XagReqCode = (unsigned char)extEntry->base; - XagErrorBase = extEntry->errorBase; -#else if (AddExtension (XAGNAME, 0, XagNumberErrors, @@ -253,7 +235,6 @@ XagExtensionInit(INITARGS) SProcXagDispatch, XagResetProc, StandardMinorOpcode)) { -#endif RT_APPGROUP = CreateNewResourceType (XagAppGroupFree); } } diff --git a/Xext/security.c b/Xext/security.c index 48a45d0a2..31f2b928b 100644 --- a/Xext/security.c +++ b/Xext/security.c @@ -39,7 +39,7 @@ in this Software without prior written authorization from The Open Group. #include "gcstruct.h" #include "colormapst.h" #include "propertyst.h" -#define _SECURITY_SERVER +#include "securitysrv.h" #include #include #include diff --git a/Xext/securitysrv.h b/Xext/securitysrv.h new file mode 100644 index 000000000..596eead0d --- /dev/null +++ b/Xext/securitysrv.h @@ -0,0 +1,133 @@ +/* +Copyright 1996, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall +not be used in advertising or otherwise to promote the sale, use or +other dealings in this Software without prior written authorization +from The Open Group. +*/ + +/* Xserver internals for Security extension - moved here from + _SECURITY_SERVER section of */ + +#ifndef _SECURITY_SRV_H +#define _SECURITY_SRV_H + +/* Allow client side portions of to compile */ +#ifndef Status +# define Status int +# define NEED_UNDEF_Status +#endif +#ifndef Display +# define Display void +# define NEED_UNDEF_Display +#endif + +#include + +#ifdef NEED_UNDEF_Status +# undef Status +# undef NEED_UNDEF_Status +#endif +#ifdef NEED_UNDEF_Display +# undef Display +# undef NEED_UNDEF_Display +#endif + + +#include "input.h" /* for DeviceIntPtr */ +#include "property.h" /* for PropertyPtr */ +#include "pixmap.h" /* for DrawablePtr */ +#include "resource.h" /* for RESTYPE */ + +/* resource type to pass in LookupIDByType for authorizations */ +extern RESTYPE SecurityAuthorizationResType; + +/* this is what we store for an authorization */ +typedef struct { + XID id; /* resource ID */ + CARD32 timeout; /* how long to live in seconds after refcnt == 0 */ + unsigned int trustLevel; /* trusted/untrusted */ + XID group; /* see embedding extension */ + unsigned int refcnt; /* how many clients connected with this auth */ + unsigned int secondsRemaining; /* overflow time amount for >49 days */ + OsTimerPtr timer; /* timer for this auth */ + struct _OtherClients *eventClients; /* clients wanting events */ +} SecurityAuthorizationRec, *SecurityAuthorizationPtr; + +/* The following callback is called when a GenerateAuthorization request + * is processed to sanity check the group argument. The call data will + * be a pointer to a SecurityValidateGroupInfoRec (below). + * Functions registered on this callback are expected to examine the + * group and set the valid field to TRUE if they recognize the group as a + * legitimate group. If they don't recognize it, they should not change the + * valid field. + */ +extern CallbackListPtr SecurityValidateGroupCallback; +typedef struct { + XID group; /* the group that was sent in GenerateAuthorization */ + Bool valid; /* did anyone recognize it? if so, set to TRUE */ +} SecurityValidateGroupInfoRec; + +/* Proc vectors for untrusted clients, swapped and unswapped versions. + * These are the same as the normal proc vectors except that extensions + * that haven't declared themselves secure will have ProcBadRequest plugged + * in for their major opcode dispatcher. This prevents untrusted clients + * from guessing extension major opcodes and using the extension even though + * the extension can't be listed or queried. + */ +extern int (*UntrustedProcVector[256])(ClientPtr client); +extern int (*SwappedUntrustedProcVector[256])(ClientPtr client); + +extern Bool SecurityCheckDeviceAccess(ClientPtr client, DeviceIntPtr dev, + Bool fromRequest); + +extern void SecurityAudit(char *format, ...); + +extern int XSecurityOptions(int argc, char **argv, int i); + +/* Give this value or higher to the -audit option to get security messages */ +#define SECURITY_AUDIT_LEVEL 4 + +extern void SecurityCensorImage( + ClientPtr client, + RegionPtr pVisibleRegion, + long widthBytesLine, + DrawablePtr pDraw, + int x, int y, int w, int h, + unsigned int format, + char * pBuf); + +#define SecurityAllowOperation 0 +#define SecurityIgnoreOperation 1 +#define SecurityErrorOperation 2 + +extern char +SecurityCheckPropertyAccess( + ClientPtr client, + WindowPtr pWin, + ATOM propertyName, + Mask access_mode); + +#define SECURITY_POLICY_FILE_VERSION "version-1" + +extern char **SecurityGetSitePolicyStrings(int *n); + +#endif /* _SECURITY_SRV_H */ diff --git a/configure.ac b/configure.ac index fa1647cc3..3be0448b0 100644 --- a/configure.ac +++ b/configure.ac @@ -1030,7 +1030,10 @@ if test "x$XORG" = xyes -o "x$XGL" = xyes; then XORG_CFLAGS="$XORGSERVER_CFLAGS -DHAVE_XORG_CONFIG_H" XORG_LIBS="$COMPOSITE_LIB $MI_LIB $FIXES_LIB $XEXTXORG_LIB $GLX_LIBS $RENDER_LIB $RANDR_LIB $DAMAGE_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XPSTUBS_LIB $OS_LIB" - AC_CHECK_LIB([dl], [dlopen], XORG_LIBS="$XORG_LIBS -ldl") +dnl Check to see if dlopen is in default libraries (like Solaris, which +dnl has it in libc), or if libdl is needed to get it. + AC_CHECK_FUNC([dlopen], [], + AC_CHECK_LIB([dl], [dlopen], XORG_LIBS="$XORG_LIBS -ldl")) PKG_CHECK_MODULES([PCIACCESS], [pciaccess >= 0.3.0]) XORG_LIBS="$XORG_LIBS $PCIACCESS_LIBS" diff --git a/dix/devices.c b/dix/devices.c index c7d3494e8..40afac96f 100644 --- a/dix/devices.c +++ b/dix/devices.c @@ -73,8 +73,7 @@ SOFTWARE. #include #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #include "dispatch.h" diff --git a/dix/dispatch.c b/dix/dispatch.c index 04e2ba11f..4b4eb2bc5 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -108,8 +108,7 @@ int ProcInitialConnection(); #include "panoramiXsrv.h" #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #ifdef XAPPGROUP #include diff --git a/dix/dixutils.c b/dix/dixutils.c index 91796eade..8cf9daa67 100644 --- a/dix/dixutils.c +++ b/dix/dixutils.c @@ -98,8 +98,7 @@ Author: Adobe Systems Incorporated #define XK_LATIN1 #include #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif /* diff --git a/dix/events.c b/dix/events.c index b014fdbb7..c67cf8ce4 100644 --- a/dix/events.c +++ b/dix/events.c @@ -139,8 +139,7 @@ extern Bool XkbFilterEvents(ClientPtr, int, xEvent *); #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #ifdef XEVIE diff --git a/dix/extension.c b/dix/extension.c index f6f38fcf3..fd8727069 100644 --- a/dix/extension.c +++ b/dix/extension.c @@ -62,8 +62,7 @@ SOFTWARE. #include "scrnintstr.h" #include "dispatch.h" #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #define EXTENSION_BASE 128 diff --git a/dix/property.c b/dix/property.c index e074c68dd..35799f836 100644 --- a/dix/property.c +++ b/dix/property.c @@ -61,8 +61,7 @@ SOFTWARE. #include "dispatch.h" #include "swaprep.h" #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif /***************************************************************** diff --git a/dix/window.c b/dix/window.c index 9fba5f832..2be01df45 100644 --- a/dix/window.c +++ b/dix/window.c @@ -130,8 +130,7 @@ Equipment Corporation. #include #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif /****** diff --git a/dix/xpstubs.c b/dix/xpstubs.c index 5135cc398..c06a524fa 100644 --- a/dix/xpstubs.c +++ b/dix/xpstubs.c @@ -35,6 +35,9 @@ from The Open Group. #include #ifdef XPRINT #include "DiPrint.h" +#else +extern Bool XpClientIsBitmapClient(ClientPtr client); +extern Bool XpClientIsPrintClient(ClientPtr client, FontPathElementPtr fpe); #endif Bool diff --git a/fb/fbcompose.c b/fb/fbcompose.c index 6f7e3e6ec..03adab456 100644 --- a/fb/fbcompose.c +++ b/fb/fbcompose.c @@ -2726,8 +2726,9 @@ static void fbFetchSourcePict(PicturePtr pict, int x, int y, int width, CARD32 * xFixed_32_32 l; xFixed_48_16 dx, dy, a, b, off; - v.vector[0] = IntToxFixed(x); - v.vector[1] = IntToxFixed(y); + /* reference point is the center of the pixel */ + v.vector[0] = IntToxFixed(x) + xFixed1/2; + v.vector[1] = IntToxFixed(y) + xFixed1/2; v.vector[2] = xFixed1; if (pict->transform) { if (!PictureTransformPoint3d (pict->transform, &v)) @@ -2793,8 +2794,9 @@ static void fbFetchSourcePict(PicturePtr pict, int x, int y, int width, CARD32 * if (pict->transform) { PictVector v; - v.vector[0] = IntToxFixed(x); - v.vector[1] = IntToxFixed(y); + /* reference point is the center of the pixel */ + v.vector[0] = IntToxFixed(x) + xFixed1/2; + v.vector[1] = IntToxFixed(y) + xFixed1/2; v.vector[2] = xFixed1; if (!PictureTransformPoint3d (pict->transform, &v)) return; @@ -2914,8 +2916,9 @@ static void fbFetchTransformed(PicturePtr pict, int x, int y, int width, CARD32 dx = pict->pDrawable->x; dy = pict->pDrawable->y; - v.vector[0] = IntToxFixed(x - dx); - v.vector[1] = IntToxFixed(y - dy); + /* reference point is the center of the pixel */ + v.vector[0] = IntToxFixed(x - dx) + xFixed1 / 2; + v.vector[1] = IntToxFixed(y - dy) + xFixed1 / 2; v.vector[2] = xFixed1; /* when using convolution filters one might get here without a transform */ @@ -3020,6 +3023,12 @@ static void fbFetchTransformed(PicturePtr pict, int x, int y, int width, CARD32 } } } else if (pict->filter == PictFilterBilinear) { + /* adjust vector for maximum contribution at 0.5, 0.5 of each texel. */ + v.vector[0] -= v.vector[2] / 2; + v.vector[1] -= v.vector[2] / 2; + unit.vector[0] -= unit.vector[2] / 2; + unit.vector[1] -= unit.vector[2] / 2; + if (pict->repeatType == RepeatNormal) { if (REGION_NUM_RECTS(pict->pCompositeClip) == 1) { for (i = 0; i < width; ++i) { diff --git a/hw/xfree86/xaa/xaaPict.c b/hw/xfree86/xaa/xaaPict.c index f7c1f3dd0..a1ff51087 100644 --- a/hw/xfree86/xaa/xaaPict.c +++ b/hw/xfree86/xaa/xaaPict.c @@ -516,7 +516,10 @@ XAAComposite (CARD8 op, (!pSrc->repeat || (xSrc >= 0 && ySrc >= 0 && xSrc+width<=pSrc->pDrawable->width && ySrc+height<=pSrc->pDrawable->height)) && - ((op == PictOpSrc && pSrc->format == pDst->format) || + ((op == PictOpSrc && + ((pSrc->format==pDst->format) || + (pSrc->format==PICT_a8r8g8b8 && pDst->format==PICT_x8r8g8b8) || + (pSrc->format==PICT_a8b8g8r8 && pDst->format==PICT_x8b8g8r8))) || (op == PictOpOver && !pSrc->alphaMap && !pDst->alphaMap && pSrc->format==pDst->format && (pSrc->format==PICT_x8r8g8b8 || pSrc->format==PICT_x8b8g8r8)))) diff --git a/hw/xprint/DiPrint.h b/hw/xprint/DiPrint.h index a26477971..6801ce046 100644 --- a/hw/xprint/DiPrint.h +++ b/hw/xprint/DiPrint.h @@ -41,6 +41,7 @@ copyright holders. #ifdef HAVE_DIX_CONFIG_H #include #endif +#include #ifndef _XpDiPrint_H_ #define _XpDiPrint_H_ 1 @@ -74,6 +75,10 @@ extern void PrinterInitGlobals(void); extern void PrinterInitOutput(ScreenInfo *pScreenInfo, int argc, char **argv); +extern Bool XpClientIsPrintClient(ClientPtr client, FontPathElementPtr fpe); + +extern Bool XpClientIsBitmapClient(ClientPtr client); + extern void _XpVoidNoop(void); extern Bool _XpBoolNoop(void); diff --git a/hw/xwin/winauth.c b/hw/xwin/winauth.c index 3d24ef426..b57a35abf 100644 --- a/hw/xwin/winauth.c +++ b/hw/xwin/winauth.c @@ -35,9 +35,8 @@ #include "win.h" /* Includes for authorization */ -#include "X11/Xauth.h" -#define _SECURITY_SERVER -#include +#include +#include "securitysrv.h" #include diff --git a/mi/miinitext.c b/mi/miinitext.c index 091ac6b26..51faac935 100644 --- a/mi/miinitext.c +++ b/mi/miinitext.c @@ -244,7 +244,7 @@ typedef void (*InitExtension)(INITARGS); #include #endif #ifdef XCSECURITY -#define _SECURITY_SERVER +#include "securitysrv.h" #include #endif #ifdef PANORAMIX diff --git a/os/access.c b/os/access.c index 62af2f91f..db52aa038 100644 --- a/os/access.c +++ b/os/access.c @@ -203,8 +203,7 @@ SOFTWARE. #include "osdep.h" #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #ifndef PATH_MAX diff --git a/os/auth.c b/os/auth.c index 19c5534d3..d170ef8d8 100644 --- a/os/auth.c +++ b/os/auth.c @@ -48,8 +48,7 @@ from The Open Group. # include # include #ifdef XCSECURITY -#define _SECURITY_SERVER -# include +# include "securitysrv.h" #endif #ifdef WIN32 #include diff --git a/os/connection.c b/os/connection.c index 21c1ea641..697ff4e74 100644 --- a/os/connection.c +++ b/os/connection.c @@ -151,8 +151,7 @@ extern __const__ int _nfiles; #include #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #ifdef X_NOT_POSIX diff --git a/os/secauth.c b/os/secauth.c index 1000b4e79..8c8700812 100644 --- a/os/secauth.c +++ b/os/secauth.c @@ -37,8 +37,7 @@ from The Open Group. #include "swaprep.h" #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif static char InvalidPolicyReason[] = "invalid policy specification"; diff --git a/os/utils.c b/os/utils.c index 617d20119..f977b837c 100644 --- a/os/utils.c +++ b/os/utils.c @@ -120,8 +120,7 @@ OR PERFORMANCE OF THIS SOFTWARE. #include #endif #ifdef XCSECURITY -#define _SECURITY_SERVER -#include +#include "securitysrv.h" #endif #ifdef RENDER