static void ice_auth_add (FILE *setup_fp, FILE *cleanup_fp, char *protocol, IceListenObj ice_listener) { IceAuthDataEntry entry; entry.protocol_name = protocol; entry.network_id = IceGetListenConnectionString (ice_listener); entry.auth_name = "MIT-MAGIC-COOKIE-1"; entry.auth_data = IceGenerateMagicCookie (16); entry.auth_data_length = 16; IceSetPaAuthData (1, &entry); fprintf (setup_fp, "add %s \"\" %s MIT-MAGIC-COOKIE-1 ", protocol, entry.network_id); fprintfhex (setup_fp, 16, entry.auth_data); fprintf (setup_fp, "\n"); fprintf (cleanup_fp, "remove protoname=%s protodata=\"\" netid=%s authname=MIT-MAGIC-COOKIE-1\n", protocol, entry.network_id); free (entry.network_id); free (entry.auth_data); }
Status SetAuthentication (int count, IceListenObj *listenObjs, IceAuthDataEntry **authDataEntries) { KTemporaryFile addTempFile; remTempFile = new KTemporaryFile; if (!addTempFile.open() || !remTempFile->open()) return 0; if ((*authDataEntries = (IceAuthDataEntry *) malloc ( count * 2 * sizeof (IceAuthDataEntry))) == NULL) return 0; FILE *addAuthFile = fopen(QFile::encodeName(addTempFile.fileName()), "r+"); FILE *remAuthFile = fopen(QFile::encodeName(remTempFile->fileName()), "r+"); for (int i = 0; i < numTransports * 2; i += 2) { (*authDataEntries)[i].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i].protocol_name = (char *) "ICE"; (*authDataEntries)[i].auth_name = (char *) "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN; (*authDataEntries)[i+1].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i+1].protocol_name = (char *) "XSMP"; (*authDataEntries)[i+1].auth_name = (char *) "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i+1].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN; write_iceauth (addAuthFile, remAuthFile, &(*authDataEntries)[i]); write_iceauth (addAuthFile, remAuthFile, &(*authDataEntries)[i+1]); IceSetPaAuthData (2, &(*authDataEntries)[i]); IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc); } fclose(addAuthFile); fclose(remAuthFile); QString iceAuth = KGlobal::dirs()->findExe("iceauth"); if (iceAuth.isEmpty()) { qWarning("KSMServer: could not find iceauth"); return 0; } KProcess p; p << iceAuth << "source" << addTempFile.fileName(); p.execute(); return (1); }
/* * Provide authentication data to clients that wish to connect */ Status SetAuthentication ( int count, IceListenObj *listenObjs, IceAuthDataEntry **authDataEntries) { int i; int nEntries = count * 2; if ((*authDataEntries = (IceAuthDataEntry *) XtMalloc ( nEntries * sizeof (IceAuthDataEntry))) == NULL) return 0; for (i = 0; i < nEntries; i += 2) { (*authDataEntries)[i].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i].protocol_name = "ICE"; (*authDataEntries)[i].auth_name = "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN; (*authDataEntries)[i+1].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i+1].protocol_name = "XSMP"; (*authDataEntries)[i+1].auth_name = "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i+1].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN; IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc); } /* Merge new entries into auth file. */ if (!writeIceauth(nEntries, *authDataEntries, 0)) return 0; IceSetPaAuthData(nEntries, *authDataEntries); return 1; }
Status SetAuthentication(int count, IceListenObj *listenObjs, IceAuthDataEntry **authDataEntries) { FILE *addfp = NULL; FILE *removefp = NULL; const char *path; mode_t original_umask; char command[256]; int i; #ifdef HAVE_MKSTEMP int fd; #endif original_umask = umask (0077); /* disallow non-owner access */ path = getenv ("SM_SAVE_DIR"); if (!path) { path = getenv ("HOME"); if (!path) path = "."; } #ifndef HAVE_MKSTEMP if ((addAuthFile = unique_filename (path, ".xsm")) == NULL) goto bad; if (!(addfp = fopen (addAuthFile, "w"))) goto bad; fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC); if ((remAuthFile = unique_filename (path, ".xsm")) == NULL) goto bad; if (!(removefp = fopen (remAuthFile, "w"))) goto bad; fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC); #else if ((addAuthFile = unique_filename (path, ".xsm", &fd)) == NULL) goto bad; if (!(addfp = fdopen(fd, "wb"))) goto bad; fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC); if ((remAuthFile = unique_filename (path, ".xsm", &fd)) == NULL) goto bad; if (!(removefp = fdopen(fd, "wb"))) goto bad; fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC); #endif if ((*authDataEntries = (IceAuthDataEntry *) XtMalloc ( count * 2 * sizeof (IceAuthDataEntry))) == NULL) goto bad; for (i = 0; i < count * 2; i += 2) { (*authDataEntries)[i].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i].protocol_name = "ICE"; (*authDataEntries)[i].auth_name = "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i].auth_data_length = MAGIC_COOKIE_LEN; (*authDataEntries)[i+1].network_id = IceGetListenConnectionString (listenObjs[i/2]); (*authDataEntries)[i+1].protocol_name = "XSMP"; (*authDataEntries)[i+1].auth_name = "MIT-MAGIC-COOKIE-1"; (*authDataEntries)[i+1].auth_data = IceGenerateMagicCookie (MAGIC_COOKIE_LEN); (*authDataEntries)[i+1].auth_data_length = MAGIC_COOKIE_LEN; write_iceauth (addfp, removefp, &(*authDataEntries)[i]); write_iceauth (addfp, removefp, &(*authDataEntries)[i+1]); IceSetPaAuthData (2, &(*authDataEntries)[i]); IceSetHostBasedAuthProc (listenObjs[i/2], HostBasedAuthProc); } fclose (addfp); fclose (removefp); umask (original_umask); snprintf (command, sizeof(command), "iceauth source %s", addAuthFile); execute_system_command (command); remove (addAuthFile); return (1); bad: if (addfp) fclose (addfp); if (removefp) fclose (removefp); if (addAuthFile) { remove (addAuthFile); free (addAuthFile); } if (remAuthFile) { remove (remAuthFile); free (remAuthFile); } return (0); }