Xnamespace: add support for multiple auth tokens per namespace
Support having more than one auth token per namespace, so separate tokens can be handed out to clients that are still landing in the same namespace. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This commit is contained in:
Enrico Weigelt, metux IT consult
parent
c9ac021203
commit
b7155bf86d
|
|
@ -105,21 +105,27 @@ static void parseLine(char *line, struct Xnamespace **walk_ns)
|
||||||
if (token == NULL)
|
if (token == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
curr->authProto = strdup(token);
|
struct auth_token *new_token = calloc(1, sizeof(struct auth_token));
|
||||||
|
if (new_token == NULL)
|
||||||
|
FatalError("Xnamespace: failed allocating token\n");
|
||||||
|
|
||||||
|
new_token->authProto = strdup(token);
|
||||||
token = strtok(NULL, " ");
|
token = strtok(NULL, " ");
|
||||||
|
|
||||||
curr->authTokenLen = strlen(token)/2;
|
new_token->authTokenLen = strlen(token)/2;
|
||||||
curr->authTokenData = calloc(1, curr->authTokenLen);
|
new_token->authTokenData = calloc(1, new_token->authTokenLen);
|
||||||
if (!curr->authTokenData) {
|
if (!new_token->authTokenData) {
|
||||||
curr->authTokenLen = 0;
|
free(new_token);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
hex2bin(token, curr->authTokenData);
|
hex2bin(token, new_token->authTokenData);
|
||||||
|
|
||||||
AddAuthorization(strlen(curr->authProto),
|
new_token->authId = AddAuthorization(strlen(new_token->authProto),
|
||||||
curr->authProto,
|
new_token->authProto,
|
||||||
curr->authTokenLen,
|
new_token->authTokenLen,
|
||||||
curr->authTokenData);
|
new_token->authTokenData);
|
||||||
|
|
||||||
|
xorg_list_append(&new_token->entry, &curr->auth_tokens);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -179,13 +185,15 @@ Bool XnsLoadConfig(void)
|
||||||
|
|
||||||
struct Xnamespace *ns;
|
struct Xnamespace *ns;
|
||||||
xorg_list_for_each_entry(ns, &ns_list, entry) {
|
xorg_list_for_each_entry(ns, &ns_list, entry) {
|
||||||
XNS_LOG("namespace: \"%s\" \"%s\" \"",
|
XNS_LOG("namespace: \"%s\" \n", ns->name);
|
||||||
ns->name,
|
struct auth_token *at;
|
||||||
ns->authProto);
|
xorg_list_for_each_entry(at, &ns->auth_tokens, entry) {
|
||||||
for (int i=0; i<ns->authTokenLen; i++)
|
XNS_LOG(" auth: \"%s\" \"", at->authProto);
|
||||||
printf("%02X", (unsigned char)ns->authTokenData[i]);
|
for (int i=0; i<at->authTokenLen; i++)
|
||||||
|
printf("%02X", (unsigned char)at->authTokenData[i]);
|
||||||
printf("\"\n");
|
printf("\"\n");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -76,13 +76,16 @@ struct Xnamespace* XnsFindByAuth(size_t szAuthProto, const char* authProto, size
|
||||||
{
|
{
|
||||||
struct Xnamespace *walk;
|
struct Xnamespace *walk;
|
||||||
xorg_list_for_each_entry(walk, &ns_list, entry) {
|
xorg_list_for_each_entry(walk, &ns_list, entry) {
|
||||||
int protoLen = walk->authProto ? strlen(walk->authProto) : 0;
|
struct auth_token *at;
|
||||||
|
xorg_list_for_each_entry(at, &walk->auth_tokens, entry) {
|
||||||
|
int protoLen = at->authProto ? strlen(at->authProto) : 0;
|
||||||
if ((protoLen == szAuthProto) &&
|
if ((protoLen == szAuthProto) &&
|
||||||
(walk->authTokenLen == szAuthToken) &&
|
(at->authTokenLen == szAuthToken) &&
|
||||||
(memcmp(walk->authTokenData, authToken, szAuthToken)==0) &&
|
(memcmp(at->authTokenData, authToken, szAuthToken)==0) &&
|
||||||
(memcmp(walk->authProto, authProto, szAuthProto)==0))
|
(memcmp(at->authProto, authProto, szAuthProto)==0))
|
||||||
return walk;
|
return walk;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// default to anonymous if credentials aren't assigned to specific NS
|
// default to anonymous if credentials aren't assigned to specific NS
|
||||||
return &ns_anon;
|
return &ns_anon;
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,14 @@
|
||||||
#include "include/window.h"
|
#include "include/window.h"
|
||||||
#include "include/windowstr.h"
|
#include "include/windowstr.h"
|
||||||
|
|
||||||
|
struct auth_token {
|
||||||
|
struct xorg_list entry;
|
||||||
|
const char *authProto;
|
||||||
|
char *authTokenData;
|
||||||
|
size_t authTokenLen;
|
||||||
|
XID authId;
|
||||||
|
};
|
||||||
|
|
||||||
struct Xnamespace {
|
struct Xnamespace {
|
||||||
struct xorg_list entry;
|
struct xorg_list entry;
|
||||||
const char *name;
|
const char *name;
|
||||||
|
|
@ -20,9 +28,7 @@ struct Xnamespace {
|
||||||
Bool allowXInput;
|
Bool allowXInput;
|
||||||
Bool allowXKeyboard;
|
Bool allowXKeyboard;
|
||||||
Bool superPower;
|
Bool superPower;
|
||||||
const char *authProto;
|
struct xorg_list auth_tokens;
|
||||||
char *authTokenData;
|
|
||||||
size_t authTokenLen;
|
|
||||||
size_t refcnt;
|
size_t refcnt;
|
||||||
WindowPtr rootWindow;
|
WindowPtr rootWindow;
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,18 @@
|
||||||
|
|
||||||
# auth <proto> <hex-key>
|
# auth <proto> <hex-key>
|
||||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b0
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b0
|
||||||
|
auth MIT-MAGIC-COOKIE-1 56f8e62b78e58962de0ceefc05ad90b0
|
||||||
|
|
||||||
# container <name> <parent_name>
|
# container <name> <parent_name>
|
||||||
container xeyes root
|
container xeyes root
|
||||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b8
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b8
|
||||||
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90a8
|
||||||
allow mouse-motion
|
allow mouse-motion
|
||||||
allow shape
|
allow shape
|
||||||
allow xinput
|
allow xinput
|
||||||
|
|
||||||
container xclock root
|
container xclock root
|
||||||
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b7
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad90b7
|
||||||
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad91b7
|
||||||
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad92b7
|
||||||
|
auth MIT-MAGIC-COOKIE-1 46f8e62b78e58962de0ceefc05ad93b7
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue