lib/libxtrans/tsol-unix-domain.patch

	tsol-unix-domain.patch revision 548
98N/A/*
98N/A * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
98N/A *
98N/A * Permission is hereby granted, free of charge, to any person obtaining a
98N/A * copy of this software and associated documentation files (the
98N/A * "Software"), to deal in the Software without restriction, including
98N/A * without limitation the rights to use, copy, modify, merge, publish,
98N/A * distribute, and/or sell copies of the Software, and to permit persons
98N/A * to whom the Software is furnished to do so, provided that the above
98N/A * copyright notice(s) and this permission notice appear in all copies of
98N/A * the Software and that both the above copyright notice(s) and this
98N/A * permission notice appear in supporting documentation.
98N/A *
98N/A * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
98N/A * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
98N/A * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
98N/A * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
98N/A * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
98N/A * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
98N/A * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
98N/A * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
98N/A * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
98N/A *
98N/A * Except as contained in this notice, the name of a copyright holder
98N/A * shall not be used in advertising or otherwise to promote the sale, use
98N/A * or other dealings in this Software without prior written authorization
98N/A * of the copyright holder.
98N/A *
98N/A */
98N/A
98N/AUnix domain rendezvous created under /var/tsol/doors/ for Trusted
98N/AExtensions. This directory is loopback mounted into all labeled
156N/Azones from the global zone. A link is created from /tmp/.X11-unix
98N/Ato the above loopback mounted dir.
98N/A(See LSARC/2008/506)
98N/A
98N/Adiff -urp -x '*~' Xtranssock.c Xtranssock.c
98N/A--- Xtranssock.c    2008-09-18 14:32:55
156N/A+++ Xtransock.c     2008-09-18 14:35:26
156N/A@@ -83,6 +83,10 @@
156N/A #include <sys/stat.h>
156N/A #endif
98N/A
98N/A+#if defined(X11_t)
98N/A+#include <tsol/label.h>
98N/A+#endif /* X11_t */
98N/A+
98N/A #if defined(hpux) || (defined(MOTOROLA) && defined(SYSV))
98N/A #define NO_TCP_H
98N/A #endif
98N/A@@ -252,6 +256,7 @@
156N/A #if defined(X11_t)
98N/A #define UNIX_PATH "/tmp/.X11-unix/X"
98N/A #define UNIX_DIR "/tmp/.X11-unix"
98N/A+#define TSOL_UNIX_DIR  "/var/tsol/doors/.X11-unix"
98N/A #endif /* X11_t */
101N/A #if defined(XIM_t)
117N/A #define UNIX_PATH "/tmp/.XIM-unix/XIM"
98N/A@@ -1094,6 +1099,29 @@
98N/A #else
122N/A     mode = 0777;
127N/A #endif
131N/A+
145N/A+#ifdef X11_t
98N/A+    if (is_system_labeled()) {
98N/A+   struct stat sbuf;
98N/A+
98N/A+        if (trans_mkdir(TSOL_UNIX_DIR, mode) == -1) {
98N/A+       PRMSG (1, "SocketUNIXCreateListener: mkdir(%s) failed, errno = %d\n",
98N/A+          TSOL_UNIX_DIR, errno, 0);
98N/A+       (void) umask (oldUmask);
98N/A+       return TRANS_CREATE_LISTENER_FAILED;
98N/A+        }
98N/A+
98N/A+        /* Create a symlink for UNIX_DIR to TSOL_UNIX_DIR */
98N/A+        if (stat(UNIX_DIR, &sbuf) != 0 && symlink(TSOL_UNIX_DIR, UNIX_DIR) != 0) {
98N/A+       PRMSG (1,
98N/A+           "SocketUNIXCreateListener: symlink to %s failed, errno = %d\n",
98N/A+               TSOL_UNIX_DIR, errno, 0);
98N/A+       (void) umask (oldUmask);
98N/A+       return TRANS_CREATE_LISTENER_FAILED;
98N/A+        }
98N/A+
98N/A+    } else
98N/A+#endif /* X11_t */
98N/A     if (trans_mkdir(UNIX_DIR, mode) == -1) {
98N/A    PRMSG (1, "SocketUNIXCreateListener: mkdir(%s) failed, errno = %d\n",
98N/A           UNIX_DIR, errno, 0);
98N/A@@ -1992,10 +2020,28 @@
98N/A    return TRANS_CONNECT_FAILED;
98N/A     }
98N/A
98N/A+#if defined(X11_t)
98N/A+    /*
98N/A+     * Create a symlink for UNIX_DIR to TSOL_UNIX_DIR
98N/A+     * This link is created in the labeled (non-global) zones.
98N/A+     * The rendezvous created by the X server resides in the global zone
140N/A+     * and is mounted read-only to other zones.
154N/A+     */
154N/A+    if (is_system_labeled()) {
98N/A+   struct stat sbuf;
98N/A+
98N/A+        if (stat(UNIX_DIR, &sbuf) != 0 && symlink(TSOL_UNIX_DIR, UNIX_DIR) != 0) {
98N/A+       PRMSG (1, "SocketUNIXConnect:: symlink to %s failed, errno = %d\n",
98N/A+       TSOL_UNIX_DIR, errno, 0);
98N/A+       return TRANS_CONNECT_FAILED;
98N/A+         }
98N/A+     }
98N/A+#endif /* X11_t */
98N/A+
98N/A     /*
98N/A      * Build the socket name.
98N/A      */
98N/A-
98N/A+
98N/A     sockname.sun_family = AF_UNIX;
98N/A
98N/A     if (set_sun_path(port, UNIX_PATH, sockname.sun_path) != 0) {
98N/A