Status SetAuthentication (int count, IceListenObj *listenObjs,
IceAuthDataEntry **authDataEntries)
{
KTemporaryFile addTempFile;
remTempFile = new KTemporaryFile;
if (!addTempFile.open() || !remTempFile->open())
return 0;
if ((*authDataEntries = (IceAuthDataEntry *) malloc (
count * 2 * sizeof (IceAuthDataEntry))) == NULL)
return 0;
FILE *addAuthFile = fopen(QFile::encodeName(addTempFile.fileName()), "r+");
FILE *remAuthFile = fopen(QFile::encodeName(remTempFile->fileName()), "r+");
for (int i = 0; i < numTransports * 2; i += 2) {
(*authDataEntries)[i].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i].protocol_name = (char *) "ICE";
(*authDataEntries)[i].auth_name = (char *) "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN;
(*authDataEntries)[i+1].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i+1].protocol_name = (char *) "XSMP";
(*authDataEntries)[i+1].auth_name = (char *) "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i+1].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN;
write_iceauth (addAuthFile, remAuthFile, &(*authDataEntries)[i]);
write_iceauth (addAuthFile, remAuthFile, &(*authDataEntries)[i+1]);
IceSetPaAuthData (2, &(*authDataEntries)[i]);
IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc);
}
fclose(addAuthFile);
fclose(remAuthFile);
QString iceAuth = KGlobal::dirs()->findExe("iceauth");
if (iceAuth.isEmpty())
{
qWarning("KSMServer: could not find iceauth");
return 0;
}
KProcess p;
p << iceAuth << "source" << addTempFile.fileName();
p.execute();
return (1);
}
static void
ice_auth_add (FILE *setup_fp,
FILE *cleanup_fp,
char *protocol,
IceListenObj ice_listener)
{
IceAuthDataEntry entry;
entry.protocol_name = protocol;
entry.network_id = IceGetListenConnectionString (ice_listener);
entry.auth_name = "MIT-MAGIC-COOKIE-1";
entry.auth_data = IceGenerateMagicCookie (16);
entry.auth_data_length = 16;
IceSetPaAuthData (1, &entry);
fprintf (setup_fp,
"add %s \"\" %s MIT-MAGIC-COOKIE-1 ",
protocol,
entry.network_id);
fprintfhex (setup_fp, 16, entry.auth_data);
fprintf (setup_fp, "\n");
fprintf (cleanup_fp,
"remove protoname=%s protodata=\"\" netid=%s authname=MIT-MAGIC-COOKIE-1\n",
protocol,
entry.network_id);
free (entry.network_id);
free (entry.auth_data);
}
/*
* Provide authentication data to clients that wish to connect
*/
Status
SetAuthentication (
int count,
IceListenObj *listenObjs,
IceAuthDataEntry **authDataEntries)
{
int i;
int nEntries = count * 2;
if ((*authDataEntries = (IceAuthDataEntry *) XtMalloc (
nEntries * sizeof (IceAuthDataEntry))) == NULL)
return 0;
for (i = 0; i < nEntries; i += 2)
{
(*authDataEntries)[i].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i].protocol_name = "ICE";
(*authDataEntries)[i].auth_name = "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN;
(*authDataEntries)[i+1].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i+1].protocol_name = "XSMP";
(*authDataEntries)[i+1].auth_name = "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i+1].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN;
IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc);
}
/* Merge new entries into auth file. */
if (!writeIceauth(nEntries, *authDataEntries, 0))
return 0;
IceSetPaAuthData(nEntries, *authDataEntries);
return 1;
}
Status
SetAuthentication(int count, IceListenObj *listenObjs,
IceAuthDataEntry **authDataEntries)
{
FILE *addfp = NULL;
FILE *removefp = NULL;
const char *path;
mode_t original_umask;
char command[256];
int i;
#ifdef HAVE_MKSTEMP
int fd;
#endif
original_umask = umask (0077); /* disallow non-owner access */
path = getenv ("SM_SAVE_DIR");
if (!path)
{
path = getenv ("HOME");
if (!path)
path = ".";
}
#ifndef HAVE_MKSTEMP
if ((addAuthFile = unique_filename (path, ".xsm")) == NULL)
goto bad;
if (!(addfp = fopen (addAuthFile, "w")))
goto bad;
fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC);
if ((remAuthFile = unique_filename (path, ".xsm")) == NULL)
goto bad;
if (!(removefp = fopen (remAuthFile, "w")))
goto bad;
fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC);
#else
if ((addAuthFile = unique_filename (path, ".xsm", &fd)) == NULL)
goto bad;
if (!(addfp = fdopen(fd, "wb")))
goto bad;
fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC);
if ((remAuthFile = unique_filename (path, ".xsm", &fd)) == NULL)
goto bad;
if (!(removefp = fdopen(fd, "wb")))
goto bad;
fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC);
#endif
if ((*authDataEntries = (IceAuthDataEntry *) XtMalloc (
count * 2 * sizeof (IceAuthDataEntry))) == NULL)
goto bad;
for (i = 0; i < count * 2; i += 2)
{
(*authDataEntries)[i].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i].protocol_name = "ICE";
(*authDataEntries)[i].auth_name = "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN;
(*authDataEntries)[i+1].network_id =
IceGetListenConnectionString (listenObjs[i/2]);
(*authDataEntries)[i+1].protocol_name = "XSMP";
(*authDataEntries)[i+1].auth_name = "MIT-MAGIC-COOKIE-1";
(*authDataEntries)[i+1].auth_data =
IceGenerateMagicCookie (MAGIC_COOKIE_LEN);
(*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN;
write_iceauth (addfp, removefp, &(*authDataEntries)[i]);
write_iceauth (addfp, removefp, &(*authDataEntries)[i+1]);
IceSetPaAuthData (2, &(*authDataEntries)[i]);
IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc);
}
fclose (addfp);
fclose (removefp);
umask (original_umask);
snprintf (command, sizeof(command), "iceauth source %s", addAuthFile);
execute_system_command (command);
remove (addAuthFile);
return (1);
bad:
if (addfp)
fclose (addfp);
if (removefp)
fclose (removefp);
if (addAuthFile)
{
remove (addAuthFile);
free (addAuthFile);
}
if (remAuthFile)
{
remove (remAuthFile);
free (remAuthFile);
}
return (0);
}
