tsolextension.c revision 196
98N/A/* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
0N/A *
0N/A * Permission is hereby granted, free of charge, to any person obtaining a
0N/A * copy of this software and associated documentation files (the
0N/A * "Software"), to deal in the Software without restriction, including
0N/A * without limitation the rights to use, copy, modify, merge, publish,
0N/A * distribute, and/or sell copies of the Software, and to permit persons
0N/A * to whom the Software is furnished to do so, provided that the above
0N/A * copyright notice(s) and this permission notice appear in all copies of
0N/A * the Software and that both the above copyright notice(s) and this
0N/A * permission notice appear in supporting documentation.
0N/A *
0N/A * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
0N/A * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
0N/A * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
0N/A * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
0N/A * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
0N/A * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
0N/A * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
0N/A * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
0N/A * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0N/A *
0N/A * Except as contained in this notice, the name of a copyright holder
0N/A * shall not be used in advertising or otherwise to promote the sale, use
0N/A * or other dealings in this Software without prior written authorization
0N/A * of the copyright holder.
0N/A */
0N/A
196N/A#pragma ident "@(#)tsolextension.c 1.21 07/04/03 SMI"
0N/A
0N/A#include <stdio.h>
196N/A#include "auditwrite.h"
0N/A#include <bsm/libbsm.h>
0N/A#include <bsm/audit_uevents.h>
0N/A#include <sys/param.h>
0N/A#include <sys/types.h>
0N/A#include <sys/socket.h>
0N/A#include <sys/wait.h>
0N/A#include <ucred.h>
0N/A#include <netinet/in.h>
36N/A#include <netdb.h>
0N/A#include <arpa/inet.h>
0N/A#include <sys/tsol/tndb.h>
0N/A#include <strings.h>
0N/A#include <string.h>
0N/A#include <pwd.h>
0N/A#include <unistd.h>
0N/A#include <sys/stat.h>
0N/A#include <rpc/rpc.h>
0N/A#include <zone.h>
0N/A
0N/A
0N/A#define NEED_REPLIES
0N/A
98N/A#ifdef HAVE_DIX_CONFIG_H
98N/A#include <dix-config.h>
98N/A#endif
0N/A
0N/A#include "misc.h"
0N/A#include "osdep.h"
98N/A#include <X11/Xauth.h>
0N/A#include "tsol.h"
0N/A#include "inputstr.h"
0N/A#include "extnsionst.h"
0N/A#ifdef XCSECURITY
0N/A#define _SECURITY_SERVER
0N/A#include "security.h"
0N/A#endif
0N/A#include "tsolpolicy.h"
0N/A
0N/A#define BadCmapCookie 0
0N/A#define Tsolextension 0x0080 /* Tsol extensions begin at 128 */
0N/A#define MAX_SCREENS 3 /* screens allowed */
0N/A#define EXTNSIZE 128
0N/A
36N/A#define SECURE_RPC_AUTH "SUN-DES-1"
36N/A#define SECURE_RPC_LEN 9
0N/A
0N/Aextern bslabel_t *lookupSL();
0N/Aextern void (*ReplySwapVector[]) ();
0N/Aextern TsolInfoPtr GetClientTsolInfo();
0N/Aextern char *NameForAtom(Atom atom);
0N/A
0N/Astatic int ProcTsolDispatch(ClientPtr);
0N/Astatic int ProcSetPolyInstInfo(ClientPtr);
0N/Astatic int ProcSetPropLabel(ClientPtr);
0N/Astatic int ProcSetPropUID(ClientPtr);
0N/Astatic int ProcSetResLabel(ClientPtr);
0N/Astatic int ProcSetResUID(ClientPtr);
0N/Astatic int ProcGetClientAttributes(ClientPtr);
0N/Astatic int ProcGetClientLabel(ClientPtr);
0N/Astatic int ProcGetPropAttributes(ClientPtr);
0N/Astatic int ProcGetResAttributes(ClientPtr);
0N/Astatic int ProcMakeTPWindow(ClientPtr);
0N/Astatic int ProcMakeTrustedWindow(ClientPtr);
0N/Astatic int ProcMakeUntrustedWindow(ClientPtr);
0N/A
0N/Astatic int SProcTsolDispatch(ClientPtr);
0N/Astatic int SProcSetPolyInstInfo(ClientPtr);
0N/Astatic int SProcSetPropLabel(ClientPtr);
0N/Astatic int SProcSetPropUID(ClientPtr);
0N/Astatic int SProcSetResLabel(ClientPtr);
0N/Astatic int SProcSetResUID(ClientPtr);
0N/Astatic int SProcGetClientAttributes(ClientPtr);
0N/Astatic int SProcGetClientLabel(ClientPtr);
0N/Astatic int SProcGetPropAttributes(ClientPtr);
0N/Astatic int SProcGetResAttributes(ClientPtr);
0N/Astatic int SProcMakeTPWindow(ClientPtr);
0N/Astatic int SProcMakeTrustedWindow(ClientPtr);
0N/Astatic int SProcMakeUntrustedWindow(ClientPtr);
0N/A
0N/Astatic void TsolReset();
0N/Astatic void BreakAllGrabs(ClientPtr client);
0N/A
0N/Aextern void init_xtsol();
36N/Aextern void init_win_privsets();
36N/Aextern void free_win_privsets();
0N/Aextern int DoScreenStripeHeight(int screen_num);
0N/Aextern int AddUID(int *userid);
0N/A
0N/Astatic unsigned char TsolReqCode = 0;
0N/Astatic int tsolEventBase = -1;
0N/Aextern unsigned int StripeHeight;
0N/Aint ScreenStripeHeight[MAX_SCREENS - 1] = {0, 0};
0N/A
0N/Aextern int tsolClientPrivateIndex;
0N/Aextern int tsolWindowPrivateIndex;
0N/Aextern int tsolPixmapPrivateIndex;
0N/A
0N/Astatic HotKeyRec hotkey = {FALSE, 0, 0, 0, 0};
73N/A
73N/Aint tsolMultiLevel = TRUE;
0N/A
0N/Aint OwnerUIDint;
0N/Aextern uid_t OwnerUID;
0N/Auid_t PublicObjUID = 0;
0N/Aextern WindowPtr tpwin;
0N/Aextern bclear_t SessionHI; /* HI Clearance */
0N/Aextern bclear_t SessionLO; /* LO Clearance */
0N/Aextern TsolPolyInstInfoRec tsolpolyinstinfo;
0N/A
0N/Aextern void LoadTsolConfig();
0N/Aextern void MakeTSOLAtoms();
0N/Aextern void UpdateTsolNode();
0N/A/*
0N/A * Protocol handling vectors
0N/A */
0N/Aextern int (*ProcVector[])();
0N/Aextern int (*SwappedProcVector[])();
0N/A
0N/Aint (*TsolSavedProcVector[PROCVECTORSIZE])(ClientPtr client);
0N/Aint (*TsolSavedSwappedProcVector[PROCVECTORSIZE])(ClientPtr client);
0N/A
0N/Aextern SecurityHookPtr pSecHook;
0N/ASecurityHook tsolSecHook;
0N/A
0N/AXID TsolCheckAuthorization (unsigned int name_length,
0N/A char *name, unsigned int data_length,
0N/A char *data, ClientPtr client, char **reason);
0N/Avoid TsolDeleteClientFromAnySelections(ClientPtr);
0N/Avoid TsolDeleteWindowFromAnySelections(WindowPtr);
0N/A
0N/Aextern int TsolChangeWindowProperty(ClientPtr, WindowPtr, Atom, Atom, int, int,
0N/A unsigned long, pointer, Bool);
0N/Aextern int TsolDeleteProperty(ClientPtr, WindowPtr, Atom);
0N/Aextern int TsolInitWindow(ClientPtr, WindowPtr);
0N/Aextern void TsolAuditStart(ClientPtr);
0N/Aextern void TsolAuditEnd(ClientPtr, int);
0N/A
0N/Astatic void TsolClientStateCallback(CallbackListPtr *pcbl,
0N/A pointer nulldata, pointer calldata);
0N/Astatic void TsolSetClientInfo(ClientPtr client);
0N/Astatic void TsolProcessKeyboard(xEvent *, KeyClassPtr);
0N/Astatic char TsolCheckPropertyAccess(ClientPtr client, WindowPtr pWin, ATOM propertyName,
0N/A Mask access_mode);
0N/A
0N/Aextern int ProcTsolInternAtom(ClientPtr client);
0N/Aextern int ProcTsolSetSelectionOwner(ClientPtr client);
0N/Aextern int ProcTsolGetSelectionOwner(ClientPtr client);
0N/Aextern int ProcTsolConvertSelection(ClientPtr client);
0N/Aextern int ProcTsolGetProperty(ClientPtr client);
0N/Aextern int ProcTsolListProperties(ClientPtr client);
0N/Aextern int ProcTsolChangeKeyboardMapping(ClientPtr client);
0N/Aextern int ProcTsolSetPointerMapping(ClientPtr client);
0N/Aextern int ProcTsolChangeKeyboardControl(ClientPtr client);
0N/Aextern int ProcTsolBell(ClientPtr client);
0N/Aextern int ProcTsolChangePointerControl(ClientPtr client);
0N/Aextern int ProcTsolSetModifierMapping(ClientPtr client);
0N/A
0N/Aextern int ProcTsolCreateWindow(ClientPtr client);
0N/Aextern int ProcTsolChangeWindowAttributes(ClientPtr client);
0N/Aextern int ProcTsolConfigureWindow(ClientPtr client);
0N/Aextern int ProcTsolCirculateWindow(ClientPtr client);
0N/Aextern int ProcTsolReparentWindow(ClientPtr client);
0N/Aextern int ProcTsolSetInputFocus(ClientPtr client);
0N/Aextern int ProcTsolGetInputFocus(ClientPtr client);
0N/Aextern int ProcTsolSendEvent(ClientPtr client);
0N/Aextern int ProcTsolSetInputFocus(ClientPtr client);
0N/Aextern int ProcTsolGetInputFocus(ClientPtr client);
0N/Aextern int ProcTsolGetGeometry(ClientPtr client);
0N/Aextern int ProcTsolGrabServer(ClientPtr client);
0N/Aextern int ProcTsolUngrabServer(ClientPtr client);
0N/Aextern int ProcTsolCreatePixmap(ClientPtr client);
0N/Aextern int ProcTsolSetScreenSaver(ClientPtr client);
0N/Aextern int ProcTsolChangeHosts(ClientPtr client);
0N/Aextern int ProcTsolChangeAccessControl(ClientPtr client);
0N/Aextern int ProcTsolKillClient(ClientPtr client);
0N/Aextern int ProcTsolSetFontPath(ClientPtr client);
0N/Aextern int ProcTsolChangeCloseDownMode(ClientPtr client);
0N/Aextern int ProcTsolListInstalledColormaps(ClientPtr client);
0N/Aextern int ProcTsolGetImage(ClientPtr client);
0N/Aextern int ProcTsolQueryTree(ClientPtr client);
0N/Aextern int ProcTsolQueryPointer(ClientPtr client);
36N/Aextern int ProcTsolQueryExtension(ClientPtr client);
36N/Aextern int ProcTsolListExtensions(ClientPtr client);
36N/Aextern int ProcTsolMapWindow(ClientPtr client);
36N/Aextern int ProcTsolMapSubwindows(ClientPtr client);
64N/Aextern int ProcTsolCopyArea(ClientPtr client);
64N/Aextern int ProcTsolCopyPlane(ClientPtr client);
64N/Aextern int ProcTsolPolySegment(ClientPtr client);
64N/Aextern int ProcTsolPolyRectangle(ClientPtr client);
0N/A
196N/Aextern int TsolPanoramiXGetGeometry(ClientPtr client);
196N/A
0N/A/*
0N/A * Initialize the extension. Main entry point for this loadable
0N/A * module.
0N/A */
0N/A
0N/Avoid
0N/ATsolExtensionInit()
0N/A{
0N/A ExtensionEntry *extEntry;
0N/A ScreenPtr pScreen;
0N/A int i;
0N/A priv_set_t *pset;
0N/A
0N/A /* sleep(20); */
0N/A
0N/A /* Extension can be loaded on a Trusted Solaris system only */
0N/A if (!is_system_labeled()) {
0N/A ErrorF("TsolExtensionInit: cannot load X Trusted Extensions\n");
0N/A ErrorF("Trusted Extensions is not enabled/installed on your system\n");
0N/A return;
0N/A }
0N/A
36N/A tsolMultiLevel = TRUE;
0N/A (void) setpflags(PRIV_AWARE, 1);
0N/A
0N/A init_xtsol();
36N/A init_win_privsets();
0N/A
0N/A extEntry = AddExtension(TSOLNAME, TSOL_NUM_EVENTS, TSOL_NUM_ERRORS,
0N/A ProcTsolDispatch, SProcTsolDispatch, TsolReset,
0N/A StandardMinorOpcode);
0N/A
0N/A if (extEntry == NULL) {
0N/A ErrorF("TsolExtensionInit: AddExtension failed for X Trusted Extensions\n");
0N/A return;
0N/A }
0N/A
36N/A extEntry->secure = TRUE;
0N/A TsolReqCode = (unsigned char) extEntry->base;
0N/A tsolEventBase = extEntry->eventBase;
0N/A
0N/A if (!AddCallback(&ClientStateCallback, TsolClientStateCallback, NULL))
0N/A return;
0N/A
0N/A /* Allocate the client private index */
0N/A tsolClientPrivateIndex = AllocateClientPrivateIndex();
0N/A if (!AllocateClientPrivate(tsolClientPrivateIndex,
0N/A sizeof (TsolInfoRec))) {
0N/A ErrorF("TsolExtensionInit: Cannot allocate client private.\n");
0N/A return;
0N/A }
0N/A
0N/A /* Allocate per screen window/pixmap private index */
0N/A tsolWindowPrivateIndex = AllocateWindowPrivateIndex();
0N/A tsolPixmapPrivateIndex = AllocatePixmapPrivateIndex();
0N/A
0N/A for (i = 0; i < screenInfo.numScreens; i++) {
0N/A pScreen = screenInfo.screens[i];
0N/A if (!AllocateWindowPrivate(pScreen, tsolWindowPrivateIndex,
0N/A sizeof (TsolResRec))) {
0N/A ErrorF("TsolExtensionInit: Cannot allocate window private.\n");
0N/A return;
0N/A }
0N/A
0N/A if (!AllocatePixmapPrivate(pScreen, tsolPixmapPrivateIndex,
0N/A sizeof (TsolResRec))) {
0N/A ErrorF("TsolExtensionInit: Cannot allocate pixmap private.\n");
0N/A return;
0N/A }
0N/A }
0N/A
0N/A LoadTsolConfig();
0N/A
0N/A MakeTSOLAtoms();
0N/A UpdateTsolNode();
0N/A
0N/A /* Save original Proc vectors */
0N/A for (i = 0; i < PROCVECTORSIZE; i++) {
0N/A TsolSavedProcVector[i] = ProcVector[i];
0N/A TsolSavedSwappedProcVector[i] = SwappedProcVector[i];
0N/A }
0N/A
0N/A /* Initialize security hooks */
0N/A tsolSecHook.CheckAuthorization = TsolCheckAuthorization;
0N/A tsolSecHook.ChangeWindowProperty = TsolChangeWindowProperty;
0N/A tsolSecHook.CheckPropertyAccess = TsolCheckPropertyAccess;
0N/A tsolSecHook.DeleteProperty = TsolDeleteProperty;
0N/A tsolSecHook.InitWindow = TsolInitWindow;
0N/A tsolSecHook.ProcessKeyboard = TsolProcessKeyboard;
0N/A tsolSecHook.DeleteClientFromAnySelections = TsolDeleteClientFromAnySelections;
0N/A tsolSecHook.DeleteWindowFromAnySelections = TsolDeleteWindowFromAnySelections;
0N/A tsolSecHook.AuditStart = TsolAuditStart;
0N/A tsolSecHook.AuditEnd = TsolAuditEnd;
0N/A pSecHook = &tsolSecHook;
0N/A
0N/A /* Replace some of the original Proc vectors with our own TBD */
0N/A ProcVector[X_InternAtom] = ProcTsolInternAtom;
0N/A ProcVector[X_SetSelectionOwner] = ProcTsolSetSelectionOwner;
0N/A ProcVector[X_GetSelectionOwner] = ProcTsolGetSelectionOwner;
0N/A ProcVector[X_ConvertSelection] = ProcTsolConvertSelection;
0N/A ProcVector[X_GetProperty] = ProcTsolGetProperty;
0N/A ProcVector[X_ListProperties] = ProcTsolListProperties;
0N/A ProcVector[X_ChangeKeyboardMapping] = ProcTsolChangeKeyboardMapping;
0N/A ProcVector[X_SetPointerMapping] = ProcTsolSetPointerMapping;
0N/A ProcVector[X_ChangeKeyboardControl] = ProcTsolChangeKeyboardControl;
0N/A ProcVector[X_Bell] = ProcTsolBell;
0N/A ProcVector[X_ChangePointerControl] = ProcTsolChangePointerControl;
0N/A ProcVector[X_SetModifierMapping] = ProcTsolSetModifierMapping;
0N/A
0N/A ProcVector[X_CreateWindow] = ProcTsolCreateWindow;
0N/A ProcVector[X_ChangeWindowAttributes] = ProcTsolChangeWindowAttributes;
0N/A ProcVector[X_ConfigureWindow] = ProcTsolConfigureWindow;
0N/A ProcVector[X_CirculateWindow] = ProcTsolCirculateWindow;
0N/A ProcVector[X_ReparentWindow] = ProcTsolReparentWindow;
0N/A ProcVector[X_SetInputFocus] = ProcTsolSetInputFocus;
0N/A ProcVector[X_GetInputFocus] = ProcTsolGetInputFocus;
0N/A ProcVector[X_SendEvent] = ProcTsolSendEvent;
0N/A ProcVector[X_SetInputFocus] = ProcTsolSetInputFocus;
0N/A ProcVector[X_GetInputFocus] = ProcTsolGetInputFocus;
0N/A ProcVector[X_GetGeometry] = ProcTsolGetGeometry;
0N/A ProcVector[X_GrabServer] = ProcTsolGrabServer;
0N/A ProcVector[X_UngrabServer] = ProcTsolUngrabServer;
0N/A ProcVector[X_CreatePixmap] = ProcTsolCreatePixmap;
0N/A ProcVector[X_SetScreenSaver] = ProcTsolSetScreenSaver;
0N/A ProcVector[X_ChangeHosts] = ProcTsolChangeHosts;
0N/A ProcVector[X_SetAccessControl] = ProcTsolChangeAccessControl;
0N/A ProcVector[X_KillClient] = ProcTsolKillClient;
0N/A ProcVector[X_SetFontPath] = ProcTsolSetFontPath;
0N/A ProcVector[X_SetCloseDownMode] = ProcTsolChangeCloseDownMode;
0N/A ProcVector[X_ListInstalledColormaps] = ProcTsolListInstalledColormaps;
0N/A ProcVector[X_GetImage] = ProcTsolGetImage;
0N/A ProcVector[X_QueryTree] = ProcTsolQueryTree;
0N/A ProcVector[X_QueryPointer] = ProcTsolQueryPointer;
36N/A ProcVector[X_QueryExtension] = ProcTsolQueryExtension;
36N/A ProcVector[X_ListExtensions] = ProcTsolListExtensions;
36N/A ProcVector[X_MapWindow] = ProcTsolMapWindow;
36N/A ProcVector[X_MapSubwindows] = ProcTsolMapSubwindows;
64N/A ProcVector[X_CopyArea] = ProcTsolCopyArea;
64N/A ProcVector[X_CopyPlane] = ProcTsolCopyPlane;
64N/A ProcVector[X_PolySegment] = ProcTsolPolySegment;
64N/A ProcVector[X_PolyRectangle] = ProcTsolPolyRectangle;
196N/A
0N/A}
0N/A
0N/Astatic pointer
0N/ATsolCheckResourceIDAccess(
0N/A ClientPtr client,
0N/A XID id,
0N/A RESTYPE rtype,
0N/A Mask access_mode,
0N/A pointer rval)
0N/A{
0N/A int cid = CLIENT_ID(id);
0N/A int reqtype = ((xReq *)client->requestBuffer)->reqType; /* protocol */
0N/A pointer retval;
0N/A char msgbuf[1024];
0N/A
0N/A
0N/A retval = rval;
0N/A
0N/A switch (rtype) {
0N/A case RT_GC:
0N/A switch (access_mode) {
0N/A case SecurityReadAccess:
0N/A if (xtsol_policy(TSOL_RES_GC, TSOL_READ, (void *)id,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A
0N/A case SecurityWriteAccess:
0N/A if (xtsol_policy(TSOL_RES_GC, TSOL_MODIFY, (void *)id,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A
0N/A case SecurityDestroyAccess:
0N/A if (xtsol_policy(TSOL_RES_GC, TSOL_DESTROY, (void *)id,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A }
0N/A break;
0N/A
0N/A case RT_WINDOW: /* Drawables */
0N/A case RT_PIXMAP:
0N/A /* Drawing operations use pixel access policy */
0N/A switch (reqtype) {
0N/A case X_PolyPoint:
0N/A case X_PolyLine:
0N/A case X_PolyArc:
0N/A case X_FillPoly:
0N/A case X_PolyFillRectangle:
0N/A case X_PolyFillArc:
0N/A case X_PutImage:
0N/A case X_PolyText8:
0N/A case X_PolyText16:
0N/A case X_ImageText8:
0N/A case X_ImageText16:
0N/A switch (access_mode) {
0N/A case SecurityReadAccess:
0N/A if (xtsol_policy(TSOL_RES_PIXEL, TSOL_READ, (void *)rval,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A
0N/A case SecurityWriteAccess:
0N/A if (xtsol_policy(TSOL_RES_PIXEL, TSOL_MODIFY, (void *)rval,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A }
0N/A break;
0N/A
0N/A /* Property protocols */
0N/A case X_ChangeProperty:
0N/A case X_DeleteProperty:
0N/A case X_GetProperty:
0N/A case X_ListProperties:
0N/A case X_RotateProperties:
0N/A switch (access_mode) {
0N/A case SecurityReadAccess:
0N/A if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_READ, (void *)rval,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A
0N/A case SecurityWriteAccess:
0N/A if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_MODIFY, (void *)rval,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A retval = NULL;
0N/A break;
0N/A }
0N/A break;
0N/A }
0N/A break;
0N/A }
0N/A
0N/A if (retval == NULL) {
0N/A TsolInfoPtr tsolinfo, res_tsolinfo;
0N/A tsolinfo = GetClientTsolInfo(client);
0N/A
0N/A snprintf(msgbuf, sizeof (msgbuf),
0N/A "Access failed: cid = %d, rtype=%X, access=%d, xid=%X, proto = %d, pid = %d\n",
0N/A cid, rtype, access_mode, id, reqtype, tsolinfo->pid);
0N/A ErrorF(msgbuf);
0N/A }
0N/A
0N/A return retval;
0N/A}
0N/A
0N/Astatic void
0N/ATsolClientStateCallback(CallbackListPtr *pcbl,
0N/A pointer nulldata,
0N/A pointer calldata)
0N/A{
0N/A NewClientInfoRec *pci = (NewClientInfoRec *)calldata;
0N/A ClientPtr client = pci->client;
0N/A TsolInfoPtr tsolinfo = (TsolInfoPtr)
0N/A (client->devPrivates[tsolClientPrivateIndex].ptr);
0N/A
0N/A switch (client->clientState) {
0N/A
0N/A case ClientStateInitial:
0N/A /* Got a new connection */
0N/A TsolSetClientInfo(client);
0N/A client->CheckAccess = TsolCheckResourceIDAccess;
0N/A break;
0N/A
0N/A case ClientStateRunning:
0N/A break;
0N/A
0N/A case ClientStateRetained: /* client disconnected */
0N/A break;
0N/A case ClientStateGone:
0N/A if (tpwin && wClient(tpwin) == client)
0N/A tpwin = NULL; /* reset tpwin */
0N/A
0N/A if (tsolinfo != NULL && tsolinfo->privs != NULL) {
0N/A priv_freeset(tsolinfo->privs);
0N/A }
36N/A /* Audit disconnect */
36N/A if (system_audit_on && (au_preselect(AUE_ClientDisconnect, &(tsolinfo->amask),
36N/A AU_PRS_BOTH, AU_PRS_USECACHE) == 1)) {
36N/A auditwrite(AW_PRESELECT, &(tsolinfo->amask),AW_END);
36N/A auditwrite(AW_EVENTNUM, AUE_ClientDisconnect,
36N/A AW_XCLIENT, client->index,
36N/A AW_SLABEL, tsolinfo->sl,
36N/A AW_RETURN, 0, 0, AW_WRITE, AW_END);
36N/A
36N/A tsolinfo->flags &= ~TSOL_DOXAUDIT;
36N/A tsolinfo->flags &= ~TSOL_AUDITEVENT;
36N/A auditwrite(AW_FLUSH, AW_END);
36N/A auditwrite(AW_DISCARDRD, tsolinfo->asaverd, AW_END);
36N/A auditwrite(AW_NOPRESELECT, AW_END);
36N/A }
0N/A break;
36N/A
0N/A default:
0N/A break;
0N/A }
0N/A
0N/A}
0N/A
0N/Astatic void
0N/ATsolReset()
0N/A{
36N/A free_win_privsets();
0N/A}
0N/A
0N/A/*
0N/A * Dispatch routine
0N/A *
0N/A */
0N/Astatic int
0N/AProcTsolDispatch(client)
0N/Aregister ClientPtr client;
0N/A{
0N/A int retval;
0N/A
0N/A REQUEST(xReq);
0N/A
0N/A switch (stuff->data)
0N/A {
0N/A case X_SetPolyInstInfo:
0N/A retval = ProcSetPolyInstInfo(client);
0N/A break;
0N/A case X_SetPropLabel:
0N/A retval = ProcSetPropLabel(client);
0N/A break;
0N/A case X_SetPropUID:
0N/A retval = ProcSetPropUID(client);
0N/A break;
0N/A case X_SetResLabel:
0N/A retval = ProcSetResLabel(client);
0N/A break;
0N/A case X_SetResUID:
0N/A retval = ProcSetResUID(client);
0N/A break;
0N/A case X_GetClientAttributes:
0N/A retval = ProcGetClientAttributes(client);
0N/A break;
0N/A case X_GetClientLabel:
0N/A retval = ProcGetClientLabel(client);
0N/A break;
0N/A case X_GetPropAttributes:
0N/A retval = ProcGetPropAttributes(client);
0N/A break;
0N/A case X_GetResAttributes:
0N/A retval = ProcGetResAttributes(client);
0N/A break;
0N/A case X_MakeTPWindow:
0N/A retval = ProcMakeTPWindow(client);
0N/A break;
0N/A case X_MakeTrustedWindow:
0N/A retval = ProcMakeTrustedWindow(client);
0N/A break;
0N/A case X_MakeUntrustedWindow:
0N/A retval = ProcMakeUntrustedWindow(client);
0N/A break;
0N/A default:
0N/A SendErrorToClient(client, TsolReqCode, stuff->data, 0, BadRequest);
0N/A retval = BadRequest;
0N/A }
0N/A return (retval);
0N/A}
0N/A
0N/A
0N/Astatic int
0N/ASProcTsolDispatch(client)
0N/Aregister ClientPtr client;
0N/A{
0N/A int n;
0N/A int retval;
0N/A
0N/A REQUEST(xReq);
0N/A
0N/A swaps(&stuff->length, n);
0N/A switch (stuff->data)
0N/A {
0N/A case X_SetPolyInstInfo:
0N/A retval = SProcSetPolyInstInfo(client);
0N/A break;
0N/A case X_SetPropLabel:
0N/A retval = SProcSetPropLabel(client);
0N/A break;
0N/A case X_SetPropUID:
0N/A retval = SProcSetPropUID(client);
0N/A break;
0N/A case X_SetResLabel:
0N/A retval = SProcSetResLabel(client);
0N/A break;
0N/A case X_SetResUID:
0N/A retval = SProcSetResUID(client);
0N/A break;
0N/A case X_GetClientAttributes:
0N/A retval = SProcGetClientAttributes(client);
0N/A break;
0N/A case X_GetClientLabel:
0N/A retval = SProcGetClientLabel(client);
0N/A break;
0N/A case X_GetPropAttributes:
0N/A retval = SProcGetPropAttributes(client);
0N/A break;
0N/A case X_GetResAttributes:
0N/A retval = SProcGetResAttributes(client);
0N/A break;
0N/A case X_MakeTPWindow:
0N/A retval = SProcMakeTPWindow(client);
0N/A break;
0N/A case X_MakeTrustedWindow:
0N/A retval = SProcMakeTrustedWindow(client);
0N/A break;
0N/A case X_MakeUntrustedWindow:
0N/A retval = SProcMakeUntrustedWindow(client);
0N/A break;
0N/A default:
0N/A SendErrorToClient(client, TsolReqCode, stuff->data, 0, BadRequest);
0N/A retval = BadRequest;
0N/A }
0N/A return (retval);
0N/A}
0N/A
0N/A
0N/A/*
0N/A * Individual routines
0N/A */
0N/A
0N/Astatic int
0N/ASProcSetPolyInstInfo(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xSetPolyInstInfoReq);
0N/A swapl(&stuff->uid, n);
0N/A swapl(&stuff->enabled, n);
0N/A swaps(&stuff->sllength, n);
0N/A
0N/A return (ProcSetPolyInstInfo(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcSetPropLabel(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xSetPropLabelReq);
0N/A swapl(&stuff->id, n);
0N/A swapl(&stuff->atom, n);
0N/A swaps(&stuff->labelType, n);
0N/A swaps(&stuff->sllength, n);
0N/A swaps(&stuff->illength, n);
0N/A
0N/A return (ProcSetPropLabel(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcSetPropUID(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xSetPropUIDReq);
0N/A swapl(&stuff->id, n);
0N/A swapl(&stuff->atom, n);
0N/A swapl(&stuff->uid, n);
0N/A
0N/A return (ProcSetPropUID(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcSetResLabel(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xSetResLabelReq);
0N/A swapl(&stuff->id, n);
0N/A swaps(&stuff->resourceType, n);
0N/A swaps(&stuff->labelType, n);
0N/A swaps(&stuff->sllength, n);
0N/A swaps(&stuff->illength, n);
0N/A
0N/A return (ProcSetResLabel(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcSetResUID(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xSetResUIDReq);
0N/A swapl(&stuff->id, n);
0N/A swaps(&stuff->resourceType, n);
0N/A swapl(&stuff->uid, n);
0N/A
0N/A return (ProcSetResUID(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcGetClientAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xGetClientAttributesReq);
0N/A swapl(&stuff->id, n);
0N/A
0N/A return (ProcGetClientAttributes(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcGetClientLabel(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xGetClientLabelReq);
0N/A swapl(&stuff->id, n);
0N/A swaps(&stuff->mask, n);
0N/A
0N/A return (ProcGetClientLabel(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcGetPropAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xGetPropAttributesReq);
0N/A swapl(&stuff->id, n);
0N/A swapl(&stuff->atom, n);
0N/A swaps(&stuff->mask, n);
0N/A
0N/A return (ProcGetPropAttributes(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcGetResAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xGetResAttributesReq);
0N/A swapl(&stuff->id, n);
0N/A swaps(&stuff->resourceType, n);
0N/A swaps(&stuff->mask, n);
0N/A
0N/A return (ProcGetResAttributes(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcMakeTPWindow(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xMakeTPWindowReq);
0N/A swapl(&stuff->id, n);
0N/A
0N/A return (ProcMakeTPWindow(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcMakeTrustedWindow(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xMakeTrustedWindowReq);
0N/A swapl(&stuff->id, n);
0N/A
0N/A return (ProcMakeTrustedWindow(client));
0N/A}
0N/A
0N/Astatic int
0N/ASProcMakeUntrustedWindow(ClientPtr client)
0N/A{
0N/A int n;
0N/A
0N/A REQUEST(xMakeUntrustedWindowReq);
0N/A swapl(&stuff->id, n);
0N/A
0N/A return (ProcMakeUntrustedWindow(client));
0N/A}
0N/A
0N/A/*
0N/A * Set PolyInstantiation Info.
0N/A * Normally a get(prop) will
0N/A * get the prop. that has match sl, uid of the client. Setting
0N/A * enabled to true will get only the prop. corresponding to
0N/A * sl, uid specified instead of that of client. This is used
0N/A * by dtwm/dtfile in special motif lib.
0N/A */
0N/Astatic int
0N/AProcSetPolyInstInfo(ClientPtr client)
0N/A{
0N/A bslabel_t *sl;
0N/A int err_code;
0N/A
0N/A REQUEST(xSetPolyInstInfoReq);
0N/A REQUEST_AT_LEAST_SIZE(xSetPolyInstInfoReq);
0N/A
0N/A /*
0N/A * Check for policy here
0N/A */
0N/A if (err_code = xtsol_policy(TSOL_RES_POLYINFO, TSOL_MODIFY, NULL,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A sl = (bslabel_t *)(stuff + 1);
0N/A
0N/A tsolpolyinstinfo.enabled = stuff->enabled;
0N/A tsolpolyinstinfo.uid = (uid_t) stuff->uid;
0N/A tsolpolyinstinfo.sl = lookupSL(sl);
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcSetPropLabel(ClientPtr client)
0N/A{
0N/A bslabel_t *sl;
0N/A WindowPtr pWin;
0N/A TsolPropPtr tsolprop;
0N/A PropertyPtr pProp;
0N/A int err_code;
0N/A
0N/A REQUEST(xSetPropLabelReq);
0N/A
0N/A REQUEST_AT_LEAST_SIZE(xSetPropLabelReq);
0N/A
0N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (!pWin)
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A if (!ValidAtom(stuff->atom))
0N/A {
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
0N/A
0N/A /* first see if property already exists */
0N/A pProp = wUserProps (pWin);
0N/A while (pProp)
0N/A {
0N/A if (pProp->propertyName == stuff->atom)
0N/A break;
0N/A pProp = pProp->next;
0N/A }
0N/A
0N/A if (!pProp)
0N/A {
0N/A /* property does not exist */
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
168N/A
168N/A /* Initialize property created internally by server */
168N/A if (pProp->secPrivate == NULL)
168N/A {
168N/A pProp->secPrivate = (pointer)AllocServerTsolProp();
168N/A if (pProp->secPrivate == NULL)
168N/A return(BadAlloc);
168N/A }
168N/A
0N/A tsolprop = (TsolPropPtr)(pProp->secPrivate);
0N/A
0N/A sl = (bslabel_t *)(stuff + 1);
0N/A
0N/A if (!blequal(tsolprop->sl, sl))
0N/A {
0N/A if (err_code = xtsol_policy(TSOL_RES_SL, TSOL_MODIFY, sl,
0N/A client, TSOL_ALL, tsolprop->sl))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolprop->sl = lookupSL(sl);
0N/A }
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcSetPropUID(ClientPtr client)
0N/A{
0N/A WindowPtr pWin;
0N/A TsolPropPtr tsolprop;
0N/A PropertyPtr pProp;
0N/A int err_code;
0N/A
0N/A REQUEST(xSetPropUIDReq);
0N/A
0N/A REQUEST_SIZE_MATCH(xSetPropUIDReq);
0N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (!pWin)
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A if (!ValidAtom(stuff->atom))
0N/A {
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
0N/A
0N/A /* first see if property already exists */
0N/A pProp = wUserProps (pWin);
0N/A while (pProp)
0N/A {
0N/A if (pProp->propertyName == stuff->atom)
0N/A break;
0N/A pProp = pProp->next;
0N/A }
0N/A
0N/A if (!pProp)
0N/A {
0N/A /* property does not exist */
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_UID, TSOL_MODIFY, NULL,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
168N/A /* Initialize property created internally by server */
168N/A if (pProp->secPrivate == NULL)
168N/A {
168N/A pProp->secPrivate = (pointer)AllocServerTsolProp();
168N/A if (pProp->secPrivate == NULL)
168N/A return(BadAlloc);
168N/A }
168N/A
0N/A tsolprop = (TsolPropPtr)(pProp->secPrivate);
0N/A tsolprop->uid = stuff->uid;
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcSetResLabel(ClientPtr client)
0N/A{
0N/A bslabel_t *sl;
0N/A PixmapPtr pMap;
0N/A WindowPtr pWin;
0N/A xEvent message;
0N/A TsolResPtr tsolres;
0N/A DrawablePtr pDraw;
0N/A int err_code;
0N/A
0N/A REQUEST(xSetResLabelReq);
0N/A
0N/A REQUEST_AT_LEAST_SIZE(xSetResLabelReq);
0N/A
0N/A sl = (bslabel_t *)(stuff + 1);
0N/A switch (stuff->resourceType)
0N/A {
0N/A case SESSIONHI: /* set server session HI */
0N/A if (err_code = xtsol_policy(TSOL_RES_SL, TSOL_MODIFY, sl,
0N/A client, TSOL_ALL, (void *)NULL))
0N/A {
0N/A return (err_code);
0N/A }
0N/A memcpy(&SessionHI, sl, SL_SIZE);
0N/A return (client->noClientException);
0N/A case SESSIONLO: /* set server session LO */
0N/A if (err_code = xtsol_policy(TSOL_RES_SL, TSOL_MODIFY, sl,
0N/A client, TSOL_ALL, (void *)NULL))
0N/A {
0N/A return (err_code);
0N/A }
0N/A memcpy(&SessionLO, sl, SL_SIZE);
0N/A return (client->noClientException);
0N/A case IsWindow:
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (pWin)
0N/A {
0N/A tsolres =
0N/A (TsolResPtr)(pWin->devPrivates[tsolWindowPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A break;
0N/A case IsPixmap:
0N/A pMap = (PixmapPtr)LookupIDByType(stuff->id, RT_PIXMAP);
0N/A if (pMap)
0N/A {
0N/A tsolres =
0N/A (TsolResPtr)(pMap->devPrivates[tsolPixmapPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadPixmap);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_PIXMAP, TSOL_MODIFY, pMap,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A break;
0N/A }
0N/A
0N/A if (!blequal(tsolres->sl, sl))
0N/A {
0N/A if (err_code = xtsol_policy(TSOL_RES_SL, TSOL_MODIFY, sl,
0N/A client, TSOL_ALL, tsolres->sl))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolres->sl = lookupSL(sl);
0N/A }
0N/A
0N/A /* generate the notify event for windows */
0N/A
0N/A if (stuff->resourceType == IsWindow)
0N/A {
0N/A pWin = LookupWindow(stuff->id, client);
0N/A message.u.u.type = ClientMessage; /* 33 */
0N/A message.u.u.detail = 32;
0N/A message.u.clientMessage.window = RootOf(pWin);
0N/A message.u.clientMessage.u.l.type =
0N/A MakeAtom("_TSOL_CMWLABEL_CHANGE", 21, 1);
0N/A message.u.clientMessage.u.l.longs0 = RootOfClient(pWin);
0N/A message.u.clientMessage.u.l.longs1 = stuff->id;
0N/A DeliverEventsToWindow(pWin, &message, 1,
0N/A SubstructureRedirectMask, NullGrab, 0);
0N/A
0N/A }
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcSetResUID(ClientPtr client)
0N/A{
0N/A int ScreenNumber;
0N/A PixmapPtr pMap;
0N/A WindowPtr pWin;
0N/A TsolResPtr tsolres;
0N/A int err_code;
0N/A
0N/A REQUEST(xSetResUIDReq);
0N/A
0N/A REQUEST_SIZE_MATCH(xSetResUIDReq);
0N/A
0N/A switch (stuff->resourceType)
0N/A {
0N/A case STRIPEHEIGHT:
0N/A if (err_code = xtsol_policy(TSOL_RES_STRIPE, TSOL_MODIFY, NULL,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A StripeHeight = stuff->uid;
0N/A ScreenNumber = stuff->id;
0N/A
0N/A /* set Screen Stripe Size */
0N/A DoScreenStripeHeight(ScreenNumber);
0N/A ScreenStripeHeight [ScreenNumber] = StripeHeight;
0N/A
0N/A return (client->noClientException);
0N/A case RES_OUID:
0N/A if (err_code = xtsol_policy(TSOL_RES_WOWNER, TSOL_MODIFY, NULL,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A OwnerUID = stuff->uid;
0N/A OwnerUIDint = OwnerUID;
0N/A AddUID(&OwnerUIDint);
0N/A return (client->noClientException);
0N/A case IsWindow:
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (pWin)
0N/A {
0N/A tsolres =
0N/A (TsolResPtr)(pWin->devPrivates[tsolWindowPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A break;
0N/A case IsPixmap:
0N/A pMap = (PixmapPtr)LookupIDByType(stuff->id, RT_PIXMAP);
0N/A if (pMap)
0N/A {
0N/A tsolres =
0N/A (TsolResPtr)(pMap->devPrivates[tsolPixmapPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadPixmap);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_PIXMAP, TSOL_MODIFY, pMap,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A break;
0N/A default:
0N/A return (BadValue);
0N/A }
0N/A
0N/A if (err_code = xtsol_policy(TSOL_RES_UID, TSOL_MODIFY, NULL,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolres->uid = stuff->uid;
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcGetClientAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A int err_code;
0N/A ClientPtr res_client; /* resource owner client */
0N/A TsolInfoPtr tsolinfo, res_tsolinfo;
0N/A WindowPtr pWin;
0N/A
0N/A xGetClientAttributesReply rep;
0N/A
0N/A REQUEST(xGetClientAttributesReq);
0N/A REQUEST_SIZE_MATCH(xGetClientAttributesReq);
0N/A
0N/A /* Valid window check */
0N/A /* Valid window check */
0N/A if ((pWin = LookupWindow(stuff->id, client)) == NULL)
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A
0N/A if (!(res_client = clients[CLIENT_ID(stuff->id)]))
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_CLIENT, TSOL_READ, (void *)stuff->id,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolinfo = GetClientTsolInfo(client);
0N/A res_tsolinfo = GetClientTsolInfo(res_client);
0N/A
0N/A /* Transfer the client info to reply rec */
0N/A rep.type = X_Reply;
0N/A rep.sequenceNumber = client->sequence;
0N/A rep.trustflag = (res_tsolinfo->forced_trust == 1
0N/A || res_tsolinfo->trusted_path) ? (BYTE)1 : (BYTE)0;
0N/A rep.uid = (CARD32) res_tsolinfo->uid;
0N/A rep.pid = (CARD32) res_tsolinfo->pid;
0N/A rep.gid = (CARD32) res_tsolinfo->gid;
0N/A rep.auditid = (CARD32) res_tsolinfo->auid;
36N/A rep.sessionid = (CARD32) res_tsolinfo->asid;
0N/A rep.iaddr = (CARD32) res_tsolinfo->iaddr;
0N/A rep.length = (CARD32) 0;
0N/A
0N/A if (client->swapped)
0N/A {
0N/A swaps(&rep.sequenceNumber, n);
0N/A swapl(&rep.length, n);
0N/A swapl(&rep.uid, n);
0N/A swapl(&rep.pid, n);
0N/A swapl(&rep.gid, n);
0N/A swapl(&rep.auditid, n);
0N/A swapl(&rep.sessionid, n);
0N/A swapl(&rep.iaddr, n);
0N/A }
0N/A
0N/A WriteToClient(client, sizeof(xGetClientAttributesReply), (char *)&rep);
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcGetClientLabel(ClientPtr client)
0N/A{
0N/A int n;
0N/A int reply_length;
0N/A int err_code;
0N/A Bool write_to_client = 0;
0N/A bslabel_t *sl;
0N/A ClientPtr res_client; /* resource owner client */
0N/A TsolInfoPtr tsolinfo, res_tsolinfo;
0N/A WindowPtr pWin;
0N/A
0N/A xGenericReply rep;
0N/A
0N/A REQUEST(xGetClientLabelReq);
0N/A REQUEST_SIZE_MATCH(xGetClientLabelReq);
0N/A
0N/A /* Valid window check */
0N/A if ((pWin = LookupWindow(stuff->id, client)) == NULL)
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A
0N/A if (!(res_client = clients[CLIENT_ID(stuff->id)]))
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_CLIENT, TSOL_READ, (void *)stuff->id,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolinfo = GetClientTsolInfo(client);
0N/A res_tsolinfo = GetClientTsolInfo(res_client);
0N/A
0N/A /* Transfer the client info to reply rec */
0N/A rep.type = X_Reply;
0N/A rep.sequenceNumber = client->sequence;
0N/A
0N/A /* allocate temp storage for labels */
0N/A sl = (bslabel_t *)(ALLOCATE_LOCAL(SL_SIZE));
0N/A rep.data00 = rep.data01 = 0;
0N/A if (sl == NULL)
0N/A return (BadAlloc);
0N/A
0N/A /* fill the fields as per request mask */
0N/A if (stuff->mask & RES_SL)
0N/A {
0N/A memcpy(sl, res_tsolinfo->sl, SL_SIZE);
0N/A rep.data00 = SL_SIZE;
0N/A }
0N/A
0N/A rep.length = (CARD32)(rep.data00)/4;
0N/A
0N/A if (rep.length > 0)
0N/A {
0N/A reply_length = rep.length*4;
0N/A write_to_client = 1;
0N/A }
0N/A if (client->swapped)
0N/A {
0N/A swaps(&rep.sequenceNumber, n);
0N/A swapl(&rep.length, n);
0N/A swapl(&rep.data00, n);
0N/A swapl(&rep.data01, n);
0N/A }
0N/A
0N/A WriteToClient(client, sizeof(xGenericReply), (char *)&rep);
0N/A
0N/A if (write_to_client == 1)
0N/A {
0N/A WriteToClient(client, reply_length, (char *)sl);
0N/A }
0N/A DEALLOCATE_LOCAL(sl);
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcGetPropAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A int reply_length;
0N/A int extralen;
0N/A int err_code;
0N/A Bool write_to_client = 0;
0N/A PropertyPtr pProp;
0N/A bslabel_t *sl;
0N/A WindowPtr pWin;
0N/A TsolPropPtr tsolprop, tmp_prop;
0N/A TsolInfoPtr tsolinfo = GetClientTsolInfo(client);
0N/A
0N/A xGetPropAttributesReply rep;
0N/A
0N/A REQUEST(xGetPropAttributesReq);
0N/A
0N/A REQUEST_SIZE_MATCH(xGetPropAttributesReq);
0N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (pWin)
0N/A {
0N/A tsolprop = (TsolPropPtr)(pWin->devPrivates[tsolWindowPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_READ, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A if (!ValidAtom(stuff->atom))
0N/A {
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
0N/A
0N/A /* first see if property already exists */
0N/A pProp = wUserProps (pWin);
0N/A while (pProp)
0N/A {
0N/A if (pProp->propertyName == stuff->atom)
0N/A break;
0N/A pProp = pProp->next;
0N/A }
0N/A
0N/A if (!pProp)
0N/A {
0N/A /* property does not exist */
0N/A client->errorValue = stuff->atom;
0N/A return (BadAtom);
0N/A }
0N/A tsolprop = (TsolPropPtr)(pProp->secPrivate);
0N/A tmp_prop = tsolprop;
0N/A while (tmp_prop)
0N/A {
0N/A if (tsolpolyinstinfo.enabled)
0N/A {
0N/A if (tmp_prop->uid == tsolpolyinstinfo.uid &&
0N/A tmp_prop->sl == tsolpolyinstinfo.sl)
0N/A {
0N/A tsolprop = tmp_prop;
0N/A break;
0N/A }
0N/A }
0N/A else
0N/A {
0N/A if (tmp_prop->uid == tsolinfo->uid &&
0N/A tmp_prop->sl == tsolinfo->sl)
0N/A {
0N/A tsolprop = tmp_prop;
0N/A break;
0N/A }
0N/A }
0N/A tmp_prop = tmp_prop->next;
0N/A }
0N/A if (!tsolprop)
0N/A {
0N/A return (client->noClientException);
0N/A }
0N/A if (stuff->mask & RES_UID)
0N/A {
0N/A rep.uid = tsolprop->uid;
0N/A }
0N/A
0N/A /* allocate temp storage for labels */
0N/A sl = (bslabel_t *)(ALLOCATE_LOCAL(SL_SIZE));
0N/A rep.sllength = rep.illength = 0;
0N/A if (sl == NULL)
0N/A return (BadAlloc);
0N/A
0N/A /* fill the fields as per request mask */
0N/A if (stuff->mask & RES_SL)
0N/A {
0N/A memcpy(sl, tsolprop->sl, SL_SIZE);
0N/A rep.sllength = SL_SIZE;
0N/A }
0N/A
0N/A rep.type = X_Reply;
0N/A rep.sequenceNumber = client->sequence;
0N/A rep.length = (CARD32) (rep.sllength)/4;
0N/A
0N/A if (rep.length > 0)
0N/A {
0N/A reply_length = rep.length*4;
0N/A write_to_client = 1;
0N/A }
0N/A if (client->swapped)
0N/A {
0N/A swaps(&rep.sequenceNumber, n);
0N/A swapl(&rep.length, n);
0N/A swapl(&rep.uid, n);
0N/A swaps(&rep.sllength, n);
0N/A swaps(&rep.illength, n);
0N/A }
0N/A
0N/A WriteToClient(client, sizeof(xGetPropAttributesReply), (char *)&rep);
0N/A
0N/A if (write_to_client == 1)
0N/A {
0N/A WriteToClient(client, reply_length, (char *)sl);
0N/A }
0N/A DEALLOCATE_LOCAL(sl);
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Astatic int
0N/AProcGetResAttributes(ClientPtr client)
0N/A{
0N/A int n;
0N/A int reply_length;
0N/A int extralen;
0N/A int err_code;
0N/A Bool write_to_client = 0;
0N/A bslabel_t *sl;
0N/A PixmapPtr pMap;
0N/A WindowPtr pWin;
0N/A TsolResPtr tsolres;
0N/A
0N/A xGetResAttributesReply rep;
0N/A
0N/A REQUEST(xGetResAttributesReq);
0N/A
0N/A REQUEST_SIZE_MATCH(xGetResAttributesReq);
0N/A
0N/A if (stuff->mask & RES_STRIPE)
0N/A {
0N/A rep.uid = ScreenStripeHeight[stuff->id];
0N/A }
0N/A if (stuff->mask & RES_OUID)
0N/A {
0N/A rep.owneruid = OwnerUID;
0N/A }
0N/A if (stuff->resourceType == IsWindow &&
0N/A (stuff->mask & (RES_UID | RES_SL )))
0N/A {
0N/A pWin = LookupWindow(stuff->id, client);
0N/A if (pWin)
0N/A {
0N/A tsolres = (TsolResPtr)
0N/A (pWin->devPrivates[tsolWindowPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_WINDOW, TSOL_READ, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A }
0N/A if (stuff->resourceType == IsPixmap &&
0N/A (stuff->mask & (RES_UID | RES_SL )))
0N/A {
0N/A pMap = (PixmapPtr)LookupIDByType(stuff->id, RT_PIXMAP);
0N/A if (pMap)
0N/A {
0N/A tsolres = (TsolResPtr)
0N/A (pMap->devPrivates[tsolPixmapPrivateIndex].ptr);
0N/A }
0N/A else
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadPixmap);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_PIXMAP, TSOL_READ, pMap,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A }
0N/A
0N/A if (stuff->mask & RES_UID)
0N/A {
0N/A rep.uid = tsolres->uid;
0N/A }
0N/A
0N/A /* allocate temp storage for labels */
0N/A sl = (bslabel_t *)(ALLOCATE_LOCAL(SL_SIZE));
0N/A rep.sllength = rep.illength = rep.iillength = 0;
0N/A if (sl == NULL)
0N/A return (BadAlloc);
0N/A
0N/A /* fill the fields as per request mask */
0N/A if (stuff->mask & RES_SL)
0N/A {
0N/A memcpy(sl, tsolres->sl, SL_SIZE);
0N/A rep.sllength = SL_SIZE;
0N/A }
0N/A
0N/A rep.type = X_Reply;
0N/A rep.sequenceNumber = client->sequence;
0N/A rep.length = (CARD32) (rep.sllength)/4;
0N/A
0N/A if (rep.length > 0)
0N/A {
0N/A reply_length = rep.length*4;
0N/A write_to_client = 1;
0N/A }
0N/A if (client->swapped)
0N/A {
0N/A swaps(&rep.sequenceNumber, n);
0N/A swapl(&rep.length, n);
0N/A swapl(&rep.uid, n);
0N/A swapl(&rep.owneruid, n);
0N/A swaps(&rep.sllength, n);
0N/A swaps(&rep.illength, n);
0N/A swaps(&rep.iillength, n);
0N/A }
0N/A
0N/A WriteToClient(client, sizeof(xGetResAttributesReply), (char *)&rep);
0N/A
0N/A if (write_to_client == 1)
0N/A {
0N/A WriteToClient(client, reply_length, (char *)sl);
0N/A }
0N/A DEALLOCATE_LOCAL(sl);
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/Aint
0N/AProcMakeTPWindow(ClientPtr client)
0N/A{
0N/A WindowPtr pWin, pParent;
0N/A int err_code;
36N/A TsolInfoPtr tsolinfo;
0N/A extern void ReflectStackChange(WindowPtr, WindowPtr, VTKind);
0N/A
0N/A
0N/A REQUEST(xMakeTPWindowReq);
0N/A REQUEST_SIZE_MATCH(xMakeTPWindowReq);
0N/A
36N/A /*
36N/A * Session type single-level? This is set by the
36N/A * label builder
36N/A */
36N/A tsolinfo = GetClientTsolInfo(client);
36N/A if (tsolinfo && HasTrustedPath(tsolinfo) &&
36N/A blequal(&SessionLO, &SessionHI) && stuff->id == 0) {
36N/A tsolMultiLevel = FALSE;
36N/A return (client->noClientException);
36N/A }
36N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A
0N/A /* window should not be root but child of root */
0N/A if (!pWin || (!pWin->parent))
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_TPWIN, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A
0N/A pParent = pWin->parent;
0N/A if (pParent->firstChild != pWin)
0N/A {
0N/A tpwin = (WindowPtr)NULL;
0N/A ReflectStackChange(pWin, pParent->firstChild, VTStack);
0N/A }
0N/A tpwin = pWin;
0N/A
0N/A /*
0N/A * Force kbd & ptr ungrab. This will cause
0N/A * screen to lock even when kbd/ptr grabbed by
0N/A * a client
0N/A */
0N/A BreakAllGrabs(client);
0N/A return (client->noClientException);
0N/A}
0N/A
0N/A/*
0N/A * Turn on window's Trusted bit
0N/A */
0N/Astatic int
0N/AProcMakeTrustedWindow(ClientPtr client)
0N/A{
0N/A WindowPtr pWin;
0N/A int err_code;
0N/A TsolInfoPtr tsolinfo;
0N/A
0N/A REQUEST(xMakeTrustedWindowReq);
0N/A REQUEST_SIZE_MATCH(xMakeTrustedWindowReq);
0N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A
0N/A /* window should not be root but child of root */
0N/A if (!pWin || (!pWin->parent))
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_TPWIN, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolinfo = GetClientTsolInfo(client);
0N/A /* Turn on Trusted bit of the window */
0N/A tsolinfo->forced_trust = 1;
0N/A return (client->noClientException);
0N/A}
0N/A
0N/A/*
0N/A * Turn off window's Trusted bit
0N/A */
0N/Astatic int
0N/AProcMakeUntrustedWindow(ClientPtr client)
0N/A{
0N/A WindowPtr pWin;
0N/A int err_code;
0N/A TsolInfoPtr tsolinfo;
0N/A
0N/A REQUEST(xMakeUntrustedWindowReq);
0N/A REQUEST_SIZE_MATCH(xMakeUntrustedWindowReq);
0N/A
0N/A pWin = LookupWindow(stuff->id, client);
0N/A
0N/A /* window should not be root but child of root */
0N/A if (!pWin || (!pWin->parent))
0N/A {
0N/A client->errorValue = stuff->id;
0N/A return (BadWindow);
0N/A }
0N/A if (err_code = xtsol_policy(TSOL_RES_TPWIN, TSOL_MODIFY, pWin,
0N/A client, TSOL_ALL, (void *)MAJOROP))
0N/A {
0N/A return (err_code);
0N/A }
0N/A tsolinfo = GetClientTsolInfo(client);
0N/A tsolinfo->forced_trust = 0;
0N/A tsolinfo->trusted_path = FALSE;
0N/A
0N/A return (client->noClientException);
0N/A}
0N/A
0N/A/*
0N/A * Break keyboard & ptr grabs of clients other than
0N/A * the requesting client.
0N/A * Called from ProcMakeTPWindow.
0N/A */
0N/Astatic void
0N/ABreakAllGrabs(ClientPtr client)
0N/A{
0N/A ClientPtr grabclient;
0N/A DeviceIntPtr keybd = inputInfo.keyboard;
0N/A GrabPtr kbdgrab = keybd->grab;
0N/A DeviceIntPtr mouse = inputInfo.pointer;
0N/A GrabPtr ptrgrab = mouse->grab;
0N/A
0N/A if (kbdgrab) {
0N/A grabclient = clients[CLIENT_ID(kbdgrab->resource)];
0N/A if (client->index != grabclient->index)
0N/A (*keybd->DeactivateGrab)(keybd);
0N/A }
0N/A
0N/A if (ptrgrab) {
0N/A grabclient = clients[CLIENT_ID(ptrgrab->resource)];
0N/A if (client->index != grabclient->index)
0N/A (*mouse->DeactivateGrab)(mouse);
0N/A }
0N/A}
0N/A
0N/A/*
0N/A * Trusted Network interface module. Uses tsix API
0N/A */
0N/A
0N/Astatic void
0N/ATsolSetClientInfo(ClientPtr client)
0N/A{
0N/A bslabel_t *sl;
0N/A bslabel_t admin_low;
0N/A priv_set_t *privs;
0N/A const au_tid64_addr_t *tid64;
0N/A const au_mask_t *amask;
36N/A au_mask_t mask; /* user audit mask */
36N/A socklen_t namelen;
36N/A struct passwd *pw;
36N/A struct auditinfo auinfo;
36N/A struct auditinfo *pauinfo;
0N/A OsCommPtr oc = (OsCommPtr)client->osPrivate;
0N/A register ConnectionInputPtr oci = oc->input;
0N/A int fd = oc->fd;
0N/A ucred_t *uc = NULL;
0N/A extern au_id_t ucred_getauid(const ucred_t *uc);
0N/A extern au_asid_t ucred_getasid(const ucred_t *uc);
0N/A extern const au_mask_t *ucred_getamask(const ucred_t *uc);
0N/A
0N/A TsolInfoPtr tsolinfo = (TsolInfoPtr)
0N/A (client->devPrivates[tsolClientPrivateIndex].ptr);
0N/A
0N/A /* Get client attributes from the socket */
0N/A if (getpeerucred(fd, &uc) == -1) {
0N/A tsolinfo->uid = (uid_t)(-1);
0N/A tsolinfo->sl = NULL;
0N/A perror("getpeerucred failed\n");
0N/A ErrorF("SUN_TSOL: Cannot get client attributes\n");
0N/A return;
0N/A }
0N/A
0N/A /* Extract individual fields from the cred structure */
0N/A tsolinfo->zid = ucred_getzoneid(uc);
0N/A tsolinfo->uid = ucred_getruid(uc);
0N/A tsolinfo->euid = ucred_geteuid(uc);
0N/A tsolinfo->gid = ucred_getrgid(uc);
0N/A tsolinfo->egid = ucred_getegid(uc);
0N/A tsolinfo->pid = ucred_getpid(uc);
0N/A sl = ucred_getlabel(uc);
0N/A tsolinfo->sl = (bslabel_t *)lookupSL(sl);
0N/A
0N/A /* Set privileges */
0N/A if ((tsolinfo->privs = priv_allocset()) != NULL) {
36N/A if (tsolMultiLevel) {
36N/A privs = (priv_set_t *)ucred_getprivset(uc, PRIV_EFFECTIVE);
36N/A if (privs == NULL) {
36N/A priv_emptyset(tsolinfo->privs);
36N/A } else {
36N/A priv_copyset(privs, tsolinfo->privs);
36N/A }
0N/A } else {
36N/A priv_fillset(tsolinfo->privs);
0N/A }
0N/A }
0N/A
0N/A tsolinfo->priv_debug = FALSE;
0N/A
0N/A
0N/A /*
0N/A * For remote hosts, the uid is determined during access control
0N/A * using Secure RPC
0N/A */
0N/A if (tsolinfo->zid == (zoneid_t)-1) {
0N/A tsolinfo->client_type = CLIENT_REMOTE;
0N/A } else {
0N/A tsolinfo->client_type = CLIENT_LOCAL;
0N/A }
0N/A
0N/A
0N/A /* Set Trusted Path for local clients */
0N/A if (tsolinfo->zid == GLOBAL_ZONEID) {
0N/A tsolinfo->trusted_path = TRUE;
0N/A }else {
0N/A tsolinfo->trusted_path = FALSE;
36N/A }
36N/A
36N/A if (tsolinfo->trusted_path || !tsolMultiLevel)
36N/A client->trustLevel = XSecurityClientTrusted;
36N/A else
0N/A client->trustLevel = XSecurityClientUntrusted;
0N/A
0N/A tsolinfo->forced_trust = 0;
0N/A tsolinfo->iaddr = 0;
0N/A
0N/A bsllow(&admin_low);
36N/A
36N/A namelen = sizeof (tsolinfo->saddr);
36N/A if (getpeername(fd, (struct sockaddr *)&tsolinfo->saddr, &namelen) != 0) {
36N/A return;
36N/A }
36N/A
0N/A /* Set reasonable defaults for remote clients */
0N/A if (tsolinfo->client_type == CLIENT_REMOTE) {
36N/A int errcode;
36N/A char hostbuf[NI_MAXHOST];
36N/A tsol_host_type_t host_type;
0N/A struct sockaddr sname;
0N/A extern tsol_host_type_t tsol_getrhtype(char *);
0N/A
36N/A /* Use NI_NUMERICHOST to avoid DNS lookup */
36N/A errcode = getnameinfo((struct sockaddr *)&(tsolinfo->saddr), namelen,
36N/A hostbuf, sizeof(hostbuf), NULL, 0, NI_NUMERICHOST);
36N/A
36N/A if (errcode) {
36N/A perror(gai_strerror(errcode));
36N/A } else {
36N/A host_type = tsol_getrhtype(hostbuf);
0N/A if ((host_type == SUN_CIPSO) &&
36N/A blequal(tsolinfo->sl, &admin_low)) {
0N/A tsolinfo->trusted_path = TRUE;
0N/A client->trustLevel = XSecurityClientTrusted;
0N/A priv_fillset(tsolinfo->privs);
0N/A }
0N/A }
0N/A }
36N/A
36N/A /* setup audit context */
36N/A if (getaudit(&auinfo) == 0) {
36N/A pauinfo = &auinfo;
36N/A } else {
36N/A pauinfo = NULL;
36N/A }
36N/A
36N/A /* Audit id */
36N/A tsolinfo->auid = ucred_getauid(uc);
36N/A if (tsolinfo->auid == AU_NOAUDITID) {
36N/A tsolinfo->auid = UID_NOBODY;
0N/A }
36N/A
36N/A /* session id */
36N/A tsolinfo->asid = ucred_getasid(uc);
36N/A
36N/A /* Audit mask */
36N/A if ((amask = ucred_getamask(uc)) != NULL) {
36N/A tsolinfo->amask = *amask;
36N/A } else {
36N/A if (pauinfo != NULL) {
36N/A tsolinfo->amask = pauinfo->ai_mask;
36N/A } else {
36N/A tsolinfo->amask.am_failure = 0; /* clear the masks */
36N/A tsolinfo->amask.am_success = 0;
36N/A }
36N/A }
36N/A
36N/A tsolinfo->asaverd = 0;
36N/A
36N/A ucred_free(uc);
0N/A}
0N/A
36N/Astatic enum auth_stat tsol_why;
36N/A
36N/Astatic char *
36N/Atsol_authdes_decode(inmsg, len)
36N/Achar *inmsg;
36N/Aint len;
36N/A{
36N/A struct rpc_msg msg;
36N/A char cred_area[MAX_AUTH_BYTES];
36N/A char verf_area[MAX_AUTH_BYTES];
36N/A char *temp_inmsg;
36N/A struct svc_req r;
36N/A bool_t res0, res1, auth_ret;
36N/A XDR xdr;
36N/A SVCXPRT xprt;
36N/A extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
36N/A
36N/A temp_inmsg = (char *) xalloc(len);
36N/A memmove(temp_inmsg, inmsg, len);
36N/A
36N/A memset((char *)&msg, 0, sizeof(msg));
36N/A memset((char *)&r, 0, sizeof(r));
36N/A memset(cred_area, 0, sizeof(cred_area));
36N/A memset(verf_area, 0, sizeof(verf_area));
36N/A
36N/A msg.rm_call.cb_cred.oa_base = cred_area;
36N/A msg.rm_call.cb_verf.oa_base = verf_area;
36N/A tsol_why = AUTH_FAILED;
36N/A xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE);
36N/A
36N/A if ((r.rq_clntcred = (caddr_t) xalloc(MAX_AUTH_BYTES)) == NULL)
36N/A goto bad1;
36N/A r.rq_xprt = &xprt;
36N/A
36N/A /* decode into msg */
36N/A res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred));
36N/A res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf));
36N/A if ( ! (res0 && res1) )
36N/A goto bad2;
36N/A
36N/A /* do the authentication */
36N/A
36N/A r.rq_cred = msg.rm_call.cb_cred; /* read by opaque stuff */
36N/A if (r.rq_cred.oa_flavor != AUTH_DES) {
36N/A tsol_why = AUTH_TOOWEAK;
36N/A goto bad2;
36N/A }
36N/A#ifdef SVR4
36N/A if ((tsol_why = __authenticate(&r, &msg)) != AUTH_OK) {
36N/A#else
36N/A if ((tsol_why = _authenticate(&r, &msg)) != AUTH_OK) {
36N/A#endif
36N/A goto bad2;
36N/A }
36N/A return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name);
36N/A
36N/Abad2:
36N/A Xfree(r.rq_clntcred);
36N/Abad1:
36N/A return ((char *)0); /* ((struct authdes_cred *) NULL); */
36N/A}
0N/Astatic Bool
36N/ATsolCheckNetName (unsigned char *addr, short len, pointer closure)
0N/A{
36N/A return (len == (short) strlen ((char *) closure) &&
0N/A strncmp ((char *) addr, (char *) closure, len) == 0);
0N/A}
0N/A
0N/A
0N/AXID
0N/ATsolCheckAuthorization(unsigned int name_length, char *name, unsigned int data_length,
0N/A char *data, ClientPtr client, char **reason)
0N/A{
0N/A char domainname[128];
0N/A char netname[128];
36N/A char audit_ret;
36N/A u_int audit_val;
36N/A uid_t client_uid;
36N/A gid_t client_gid;
36N/A int client_gidlen;
36N/A char *fullname;
36N/A gid_t client_gidlist;
36N/A XID auth_token = (XID)(-1);
36N/A TsolInfoPtr tsolinfo = GetClientTsolInfo(client);
36N/A extern int getdomainname(char *, int);
0N/A
36N/A if (tsolinfo->uid == -1) {
36N/A /* Retrieve uid from SecureRPC */
36N/A if (strncmp(name, SECURE_RPC_AUTH, (size_t)name_length) == 0) {
36N/A fullname = tsol_authdes_decode(data, data_length);
36N/A if (fullname == NULL) {
36N/A ErrorF("Unable to authenticate Secure RPC client");
36N/A } else {
36N/A if (netname2user(fullname,
36N/A &client_uid, &client_gid,
36N/A &client_gidlen, &client_gidlist)) {
36N/A tsolinfo->uid = client_uid;
36N/A } else {
36N/A ErrorF("netname2user failed");
36N/A }
36N/A }
36N/A }
36N/A }
0N/A
36N/A if (tsolinfo->uid == (uid_t)-1) {
36N/A tsolinfo->uid = UID_NOBODY; /* uid not available */
36N/A }
36N/A
196N/A /*
196N/A * For multilevel desktop, limit connections to the trusted path
196N/A * i.e. global zone until a user logs in and the trusted stripe
196N/A * is in place. Unlabeled connections are rejected.
196N/A */
196N/A if ((OwnerUID == (uid_t )(-1)) || (tsolMultiLevel && tpwin == NULL)) {
0N/A if (HasTrustedPath(tsolinfo)) {
36N/A auth_token = CheckAuthorization(name_length, name, data_length,
36N/A data, client, reason);
0N/A }
0N/A } else {
0N/A /*
0N/A * Workstation Owner set, client must be within label
0N/A * range or have trusted path
0N/A */
0N/A if (tsolinfo->uid == OwnerUID) {
36N/A if (tsolinfo->sl != NULL &&
36N/A (bldominates(tsolinfo->sl, &SessionLO) &&
36N/A bldominates(&SessionHI, tsolinfo->sl)) ||
36N/A (HasTrustedPath(tsolinfo))) {
36N/A auth_token = (XID)(tsolinfo->uid);
0N/A }
0N/A } else {
0N/A if (tsolinfo->uid != 0) {
0N/A /* Access check based on uid */
0N/A getdomainname(domainname, sizeof(domainname));
0N/A if (!user2netname(netname, tsolinfo->uid, domainname)) {
0N/A return ((XID)-1);
0N/A }
36N/A if (ForEachHostInFamily (FamilyNetname, TsolCheckNetName,
0N/A (pointer) netname)) {
0N/A return ((XID)(tsolinfo->uid));
0N/A } else {
0N/A return (CheckAuthorization(name_length, name, data_length,
0N/A data, client, reason));
0N/A }
0N/A } else
0N/A /* Allow all connections from global zones for now */
0N/A if (HasTrustedPath(tsolinfo)) {
36N/A auth_token = (XID)(tsolinfo->uid);
0N/A }
0N/A }
0N/A }
36N/A
36N/A /* Audit the connection */
36N/A if (auth_token == (XID)(-1)) {
36N/A audit_ret = (char )-1; /* failure */
36N/A audit_val = 1;
36N/A } else {
36N/A audit_ret = 0; /* success */
36N/A audit_val = 0;
36N/A }
36N/A
36N/A if (system_audit_on &&
36N/A (au_preselect(AUE_ClientConnect, &(tsolinfo->amask),
36N/A AU_PRS_BOTH, AU_PRS_USECACHE) == 1)) {
36N/A int status;
36N/A u_short connect_port = 0;
36N/A struct in_addr *connect_addr = NULL;
36N/A struct sockaddr_in *sin;
36N/A struct sockaddr_in6 *sin6;
36N/A
36N/A switch (tsolinfo->saddr.ss_family) {
36N/A case AF_INET:
36N/A sin = (struct sockaddr_in *)&(tsolinfo->saddr);
36N/A connect_addr = &(sin->sin_addr);
36N/A connect_port = sin->sin_port;
36N/A break;
36N/A case AF_INET6:
36N/A sin6 = (struct sockaddr_in6 *)&(tsolinfo->saddr);
36N/A connect_addr = (struct in_addr *)&(sin6->sin6_addr);
36N/A connect_port = sin6->sin6_port;
36N/A break;
36N/A }
36N/A
36N/A if (connect_addr == NULL || connect_port == 0) {
36N/A status = auditwrite(AW_EVENTNUM, AUE_ClientConnect,
36N/A AW_XCLIENT, client->index,
36N/A AW_SLABEL, tsolinfo->sl,
36N/A AW_RETURN, audit_ret, audit_val,
36N/A AW_WRITE, AW_END);
36N/A } else {
36N/A status = auditwrite(AW_EVENTNUM, AUE_ClientConnect,
36N/A AW_XCLIENT, client->index,
36N/A AW_SLABEL, tsolinfo->sl,
36N/A AW_INADDR, connect_addr,
36N/A AW_IPORT, connect_port,
36N/A AW_RETURN, audit_ret, audit_val,
36N/A AW_WRITE, AW_END);
36N/A }
36N/A
36N/A if (!status)
36N/A (void) auditwrite(AW_FLUSH, AW_END);
36N/A tsolinfo->flags &= ~TSOL_DOXAUDIT;
36N/A tsolinfo->flags &= ~TSOL_AUDITEVENT;
36N/A }
196N/A
196N/A return (auth_token);
0N/A}
0N/A
0N/Astatic void
0N/ATsolProcessKeyboard(xEvent *xE, KeyClassPtr keyc)
0N/A{
0N/A extern void InitHotKey(HotKeyPtr hk);
0N/A extern void HandleHotKey();
0N/A
0N/A if (xE->u.u.type == KeyPress)
0N/A {
0N/A if (!hotkey.initialized)
0N/A InitHotKey(&hotkey);
0N/A
0N/A if (((xE->u.u.detail == hotkey.key) &&
0N/A (keyc->state != 0 && keyc->state == hotkey.shift)) ||
0N/A ((xE->u.u.detail == hotkey.altkey) &&
0N/A (keyc->state != 0 && keyc->state == hotkey.altshift)))
0N/A HandleHotKey();
0N/A }
0N/A}
0N/A
0N/Astatic char
0N/ATsolCheckPropertyAccess(ClientPtr client, WindowPtr pWin, ATOM propertyName,
0N/A Mask access_mode)
0N/A{
0N/A char action;
0N/A PropertyPtr pProp;
0N/A
0N/A pProp = wUserProps (pWin);
0N/A while (pProp)
0N/A {
0N/A if (pProp->propertyName == propertyName)
0N/A break;
0N/A pProp = pProp->next;
0N/A }
0N/A
0N/A if (pProp == NULL)
0N/A return SecurityAllowOperation;
0N/A
0N/A if (access_mode & SecurityReadAccess) {
0N/A if (!PolyProperty(propertyName, pWin) &&
0N/A xtsol_policy(TSOL_RES_PROPERTY, TSOL_READ,
0N/A pProp, client, TSOL_ALL, (void *)MAJOROP))
0N/A return SecurityIgnoreOperation;
0N/A else
0N/A return SecurityAllowOperation;
0N/A }
0N/A
0N/A if (access_mode & SecurityWriteAccess) {
0N/A if (!PolyProperty(propertyName, pWin) &&
0N/A xtsol_policy(TSOL_RES_PROPERTY, TSOL_MODIFY,
0N/A pProp, client, TSOL_ALL, (void *)MAJOROP))
0N/A return SecurityIgnoreOperation;
0N/A else
0N/A return SecurityAllowOperation;
0N/A }
0N/A
0N/A if (access_mode & SecurityDestroyAccess) {
0N/A if (!PolyProperty(propertyName, pWin) &&
0N/A xtsol_policy(TSOL_RES_PROPERTY, TSOL_DESTROY,
0N/A pProp, client, TSOL_ALL, (void *)MAJOROP))
0N/A return SecurityIgnoreOperation;
0N/A else
0N/A return SecurityAllowOperation;
0N/A }
0N/A
0N/A return SecurityAllowOperation;
0N/A}
0N/A
0N/A/*
0N/A * Return TRUE if host is cipso
0N/A */
0N/Aint
0N/Ahost_is_cipso(int fd)
0N/A{
0N/A struct sockaddr sname;
0N/A socklen_t namelen;
0N/A char *rhost;
0N/A tsol_host_type_t host_type;
0N/A struct sockaddr_in *so = (struct sockaddr_in *)&sname;
0N/A extern tsol_host_type_t tsol_getrhtype(char *);
0N/A
0N/A namelen = sizeof (sname);
0N/A if (getpeername(fd, &sname, &namelen) == -1) {
0N/A perror("getsockname: failed\n");
0N/A return FALSE;
0N/A }
0N/A
0N/A rhost = inet_ntoa(so->sin_addr);
0N/A host_type = tsol_getrhtype(rhost);
0N/A if (host_type == SUN_CIPSO) {
0N/A return TRUE;
0N/A }
0N/A
0N/A return FALSE;
0N/A}