static void SecurityClientState(CallbackListPtr *pcbl, pointer unused, pointer calldata) { NewClientInfoRec *pci = calldata; SecurityStateRec *state; SecurityAuthorizationPtr pAuth; int rc; state = dixLookupPrivate(&pci->client->devPrivates, stateKey); switch (pci->client->clientState) { case ClientStateInitial: state->trustLevel = XSecurityClientTrusted; state->authId = None; state->haveState = TRUE; break; case ClientStateRunning: state->authId = AuthorizationIDOfClient(pci->client); rc = dixLookupResourceByType((pointer *)&pAuth, state->authId, SecurityAuthorizationResType, serverClient, DixGetAttrAccess); if (rc == Success) { /* it is a generated authorization */ pAuth->refcnt++; if (pAuth->refcnt == 1 && pAuth->timer) TimerCancel(pAuth->timer); state->trustLevel = pAuth->trustLevel; } break; case ClientStateGone: case ClientStateRetained: rc = dixLookupResourceByType((pointer *)&pAuth, state->authId, SecurityAuthorizationResType, serverClient, DixGetAttrAccess); if (rc == Success) { /* it is a generated authorization */ pAuth->refcnt--; if (pAuth->refcnt == 0) SecurityStartAuthorizationTimer(pAuth); } break; default: break; } }
/* static */ void XagClientStateChange( CallbackListPtr* pcbl, pointer nulldata, pointer calldata) { SecurityAuthorizationPtr pAuth; NewClientInfoRec* pci = (NewClientInfoRec*) calldata; ClientPtr pClient = pci->client; AppGroupPtr pAppGrp; XID authId = 0; if (!pClient->appgroup) { switch (pClient->clientState) { case ClientStateAuthenticating: case ClientStateRunning: case ClientStateCheckingSecurity: return; case ClientStateInitial: case ClientStateCheckedSecurity: /* * If the client is connecting via a firewall proxy (which * uses XC-QUERY-SECURITY-1, then the authId is available * during ClientStateCheckedSecurity, otherwise it's * available during ClientStateInitial. * * Don't get it from pClient because can't guarantee the order * of the callbacks and the security extension might not have * plugged it in yet. */ authId = AuthorizationIDOfClient(pClient); break; case ClientStateGone: case ClientStateRetained: /* * Don't get if from AuthorizationIDOfClient because can't * guarantee the order of the callbacks and the security * extension may have torn down the client's private data */ authId = pClient->authId; break; } if (authId == None) return; pAuth = (SecurityAuthorizationPtr)SecurityLookupIDByType(pClient, authId, SecurityAuthorizationResType, SecurityReadAccess); if (pAuth == NULL) return; for (pAppGrp = appGrpList; pAppGrp != NULL; pAppGrp = pAppGrp->next) if (pAppGrp->appgroupId == pAuth->group) break; } else { pAppGrp = pClient->appgroup; } if (!pAppGrp) return; switch (pClient->clientState) { case ClientStateAuthenticating: case ClientStateRunning: case ClientStateCheckingSecurity: break; case ClientStateInitial: case ClientStateCheckedSecurity: /* see the comment above about Initial vs. CheckedSecurity */ { /* if this client already in AppGroup, don't add it again */ int i; for (i = 0; i < pAppGrp->nclients; i++) if (pClient == pAppGrp->clients[i]) return; } pAppGrp->clients = (ClientPtr*) xrealloc (pAppGrp->clients, ++pAppGrp->nclients * sizeof (ClientPtr)); pAppGrp->clients[pAppGrp->nclients - 1] = pClient; pClient->appgroup = pAppGrp; break; case ClientStateGone: case ClientStateRetained: /* client disconnected, dump it */ { int i; for (i = 0; i < pAppGrp->nclients; i++) if (pAppGrp->clients[i] == pClient) { pAppGrp->clients[i] = NULL; break; } for (i = 0; i < pAppGrp->nclients; i++) if (pAppGrp->clients[i] == NULL && i + 1 < pAppGrp->nclients) pAppGrp->clients[i] = pAppGrp->clients[i + 1]; pAppGrp->nclients--; } pClient->appgroup = NULL; /* redundant, pClient will be freed */ break; } }