tsolutils.c revision 851
830N/A/* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
830N/A *
830N/A * Permission is hereby granted, free of charge, to any person obtaining a
830N/A * copy of this software and associated documentation files (the
830N/A * "Software"), to deal in the Software without restriction, including
830N/A * without limitation the rights to use, copy, modify, merge, publish,
830N/A * distribute, and/or sell copies of the Software, and to permit persons
830N/A * to whom the Software is furnished to do so, provided that the above
830N/A * copyright notice(s) and this permission notice appear in all copies of
830N/A * the Software and that both the above copyright notice(s) and this
830N/A * permission notice appear in supporting documentation.
830N/A *
830N/A * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
830N/A * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
830N/A * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
830N/A * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
830N/A * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
830N/A * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
830N/A * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
830N/A * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
830N/A * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
830N/A *
830N/A * Except as contained in this notice, the name of a copyright holder
830N/A * shall not be used in advertising or otherwise to promote the sale, use
830N/A * or other dealings in this Software without prior written authorization
830N/A * of the copyright holder.
830N/A */
830N/A
830N/A#pragma ident "@(#)tsolutils.c 1.25 09/12/05 SMI"
830N/A
830N/A#ifdef HAVE_DIX_CONFIG_H
830N/A#include <dix-config.h>
830N/A#endif
830N/A
830N/A#define NEED_EVENTS
830N/A#include <stdio.h>
830N/A#include <X11/X.h>
830N/A#include <X11/Xproto.h>
830N/A#include <X11/Xprotostr.h>
830N/A#include "auditwrite.h"
830N/A#include <bsm/audit_uevents.h>
830N/A#include <regex.h>
830N/A#include <priv.h>
830N/A#include <X11/Xproto.h>
830N/A#include "windowstr.h"
830N/A#include "scrnintstr.h"
830N/A#include "xkbstr.h"
830N/A#include "xkbsrv.h"
830N/A#include "tsol.h"
830N/A#include "tsolinfo.h"
830N/A#include "tsolpolicy.h"
830N/A#include <X11/keysym.h>
830N/A#include "misc.h"
830N/A#include "inputstr.h"
830N/A#include "propertyst.h"
830N/A#include "panoramiXsrv.h"
830N/A#include "registry.h"
830N/A
830N/A#define MAX_SL_ENTRY 256
830N/A#define MAX_UID_ENTRY 64
830N/A#define ALLOCATED 1
830N/A#define EMPTIED 0
830N/A#define FamilyTSOL 5
830N/A#define TSOLUIDlength 4
830N/A
830N/A#define BOXES_OVERLAP(b1, b2) \
830N/A (!( ((b1)->x2 <= (b2)->x1) || \
830N/A ( ((b1)->x1 >= (b2)->x2)) || \
830N/A ( ((b1)->y2 <= (b2)->y1)) || \
830N/A ( ((b1)->y1 >= (b2)->y2)) ) )
830N/A
830N/ABool system_audit_on = FALSE;
830N/ABool priv_win_colormap = FALSE;
830N/ABool priv_win_config = FALSE;
830N/ABool priv_win_devices = FALSE;
830N/ABool priv_win_dga = FALSE;
830N/ABool priv_win_fontpath = FALSE;
830N/A
830N/A
830N/A/*
830N/A * The following need to be moved to tsolextension.c
830N/A * after all references in Xsun is pulled out
830N/A */
830N/AWindowPtr tpwin = NULL; /* only one trusted path window at a time */
830N/ATsolPolyInstInfoRec tsolpolyinstinfo;
830N/A#define TsolMaxPolyNameSize 80
830N/A/*
830N/A * Use the NodeRec struct in tsolinfo.h. This is referenced
830N/A * in policy routines. So we had to move it there
830N/A */
830N/Astatic TsolPolyAtomRec tsolpolyprop = {FALSE, 0, 0, NULL};
830N/Astatic TsolPolyAtomRec tsolpolyseln = {TRUE, 0, 0, NULL};
830N/A
830N/A
830N/A/*
830N/A * Key to lookup devPrivate data in various structures
830N/A */
830N/Astatic int tsolPrivateKeyIndex;
830N/ADevPrivateKey tsolPrivateKey = &tsolPrivateKeyIndex;
830N/A
830N/Abclear_t SessionHI; /* HI Clearance */
830N/Abclear_t SessionLO; /* LO Clearance */
830N/Aunsigned int StripeHeight = 0;
830N/Auid_t OwnerUID = (uid_t)(-1);
830N/Abslabel_t PublicObjSL;
830N/A
830N/AAtom tsol_lastAtom = None;
830N/Aint tsol_nodelength = 0;
830N/ATsolNodePtr tsol_node = NULL;
830N/A
830N/A/* This structure is used for protocol request ListHosts */
830N/Astruct xUIDreply
830N/A{
830N/A unsigned char family;
830N/A unsigned char pad;
830N/A unsigned short length;
830N/A int uid; /* uid type */
830N/A};
830N/A
830N/Astruct slentry
830N/A{
830N/A bslabel_t senlabel;
830N/A char allocated;
830N/A};
830N/A
830N/Astatic struct slentry sltable[MAX_SL_ENTRY];
830N/A
830N/A/* This table contains list of users who can connect to the server */
830N/Astruct uidentry
830N/A{
830N/A int userid; /* uid type */
830N/A char allocated;
830N/A};
830N/A
830N/Astatic struct uidentry uidtable[MAX_UID_ENTRY];
830N/A
830N/A/* Index must match with keywords */
830N/Astatic char *tsolconfig_keywords[] = {"atom", "property", "selection",
830N/A "extension", "privilege"};
830N/A
830N/A#define KEYWORDCOUNT sizeof(tsolconfig_keywords)/sizeof(char *)
830N/A
830N/Atypedef struct _TsolConfig
830N/A{
830N/A int count;
830N/A char **list;
830N/A} TsolConfigRec;
830N/A
830N/Astatic TsolConfigRec tsolconfig[KEYWORDCOUNT] = {
830N/A {0, NULL},
830N/A {0, NULL},
830N/A {0, NULL},
830N/A {0, NULL},
830N/A {0, NULL}
830N/A};
830N/A
830N/A#define TSOL_ATOMCOUNT 4
830N/Astatic const char *tsolatomnames[TSOL_ATOMCOUNT] = {
830N/A "_TSOL_CMWLABEL_CHANGE",
830N/A "_TSOL_GRABNOTIFY",
830N/A "_TSOL_CLIENT_TERM",
830N/A "_TSOL_SEL_AGNT"
830N/A};
830N/A
830N/Astatic void
830N/Ainit_TSOL_cached_SL(void)
830N/A{
830N/A sltable[0].allocated = ALLOCATED;
830N/A bsllow (&(sltable[0].senlabel));
830N/A
830N/A sltable[1].allocated = ALLOCATED;
830N/A bslhigh(&(sltable[1].senlabel));
830N/A
830N/A}
830N/A
830N/A/* Initialize UID table, this table should at least contains owner UID */
830N/Astatic void
830N/Ainit_TSOL_uid_table(void)
830N/A{
830N/A uidtable[0].allocated = ALLOCATED;
830N/A uidtable[0].userid = 0;
830N/A}
830N/A
830N/A#if UNUSED
830N/A/* Count how many valid entried in the uid table */
830N/Aint
830N/Acount_uid_table(void)
830N/A{
830N/A int i, count = 0;
830N/A
830N/A /* Search entire table */
830N/A for (i = 0; i < MAX_UID_ENTRY; i++)
830N/A {
830N/A if (uidtable[i].allocated == ALLOCATED)
830N/A count++;
830N/A }
830N/A return (count);
830N/A}
830N/A
830N/A/* return (1); if userid is in the table */
830N/Aint
830N/AlookupUID(int userid)
830N/A{
830N/A int i;
830N/A for (i = 0; i < MAX_UID_ENTRY; i++)
830N/A {
830N/A if (uidtable[i].allocated == ALLOCATED &&
830N/A uidtable[i].userid == userid)
830N/A {
830N/A return (1); /* yes, found it */
830N/A }
830N/A }
830N/A return (0); /* not found */
830N/A}
830N/A
830N/A/* Passed into a pointer to a storage which is used to store UID */
830N/A/* and nUid represents how many UID in the table(returned by count_uid_table) */
830N/Aint
830N/AListUID(
830N/A struct xUIDreply * uidaddr,
830N/A int nUid)
830N/A{
830N/A int i, j = 0;
830N/A
830N/A for (i = 0; i < MAX_UID_ENTRY; i++)
830N/A {
830N/A if (uidtable[i].allocated == ALLOCATED)
830N/A {
830N/A uidaddr[j].family = FamilyTSOL;
830N/A uidaddr[j].length = TSOLUIDlength;
830N/A uidaddr[j].uid = uidtable[i].userid;
830N/A j++;
830N/A }
830N/A }
830N/A if (nUid != j)
830N/A {
830N/A ErrorF("Invalid no. of uid entries? \n");
830N/A return (0);
830N/A }
830N/A
830N/A return (1);
830N/A}
830N/A#endif /* UNUSED */
830N/A
830N/A/* add userid into UIDtable */
830N/Aint
830N/AAddUID(int *userid)
830N/A{
830N/A
830N/A int i = 0;
830N/A
830N/A /*
830N/A * Search entire uidtable, to prevent duplicate uid
830N/A * entry in the table
830N/A */
830N/A while (i < MAX_UID_ENTRY)
830N/A {
830N/A if ((uidtable[i].allocated == ALLOCATED) &&
830N/A (uidtable[i].userid == *userid))
830N/A {
830N/A /* this uid entry is already in the table; no-op */
830N/A return (1); /* Success, uid in the table */
830N/A }
830N/A i++;
830N/A }
830N/A
830N/A i = 0;
830N/A /*
830N/A * If we can find an empty entry, then add this uid
830N/A * into the table
830N/A */
830N/A while (i < MAX_UID_ENTRY)
830N/A {
830N/A if (uidtable[i].allocated != ALLOCATED)
830N/A {
830N/A uidtable[i].allocated = ALLOCATED;
830N/A uidtable[i].userid = *userid;
830N/A return (1); /* Success, uid in the table */
830N/A }
830N/A i++;
830N/A }
830N/A
830N/A /* uidtable overflow */
830N/A ErrorF("Server problem: Please enlarge the table size of uidtable \n");
830N/A return (0);
830N/A}
830N/A
830N/A#if UNUSED
830N/A/* remove userid from UIDtable */
830N/Aint
830N/ARemoveUID(int *userid)
830N/A{
830N/A int i = 0;
830N/A
830N/A if (*userid == 0)
830N/A {
830N/A ErrorF("\n UID 0 can not be removed from server UID list");
830N/A return (0);
830N/A }
830N/A
830N/A while (i < MAX_UID_ENTRY)
830N/A {
830N/A if ((uidtable[i].allocated == ALLOCATED) &&
830N/A (uidtable[i].userid == *userid))
830N/A {
830N/A /* delete this entry in the table */
830N/A uidtable[i].allocated = EMPTIED;
830N/A return (1); /* Success, uid in the table */
830N/A
830N/A }
830N/A i++;
830N/A }
830N/A
830N/A /* no such entry in the table, why delete it? no-op */
830N/A return (0);
830N/A}
830N/A#endif
830N/A
830N/A
830N/A
830N/A
830N/Abslabel_t *
830N/AlookupSL_low(void)
830N/A{
830N/A return (&(sltable[0].senlabel));
830N/A}
830N/A
830N/A
830N/Abslabel_t *
830N/AlookupSL(bslabel_t *slptr)
830N/A{
830N/A int i = 0;
830N/A
830N/A if (slptr == NULL)
830N/A return (slptr);
830N/A
830N/A while ((i < MAX_SL_ENTRY) && sltable[i].allocated == ALLOCATED)
830N/A {
830N/A if (blequal(slptr, &(sltable[i].senlabel)))
830N/A {
830N/A /* found a matching sensitivity label in sltable */
830N/A return (&(sltable[i].senlabel));
830N/A }
830N/A i++;
830N/A }
830N/A
830N/A if (i < MAX_SL_ENTRY)
830N/A {
830N/A /*
830N/A * can't find a matching entry in sltable,
830N/A * however, we have empty entry to store this
830N/A * new sensitivity label; store it.
830N/A */
830N/A sltable[i].allocated = ALLOCATED;
830N/A memcpy (&(sltable[i].senlabel), slptr, sizeof (bslabel_t));
830N/A return (&(sltable[i].senlabel));
830N/A }
830N/A
830N/A /*
830N/A * no matching entry in sltable, and no room to
830N/A * store this new sensitivity label,
830N/A * the server needs to recomplie with a larger slabel
830N/A */
830N/A
830N/A ErrorF("Server problem: Please enlarge the table size of sltable \n");
830N/A return (NULL);
830N/A}
830N/A
830N/Astatic const int padlength[4] = {0, 3, 2, 1};
830N/A
830N/A/* Updated version based roughly on RREditConnectionInfo in randr/rrscreen.c */
830N/Aint
830N/ADoScreenStripeHeight(int screen_num)
830N/A{
830N/A int i, j;
830N/A xConnSetup *connSetup;
830N/A char *vendor;
830N/A xPixmapFormat *formats;
830N/A xWindowRoot *root;
830N/A xDepth *depth;
830N/A xVisualType *visual;
830N/A ScreenPtr pScreen;
830N/A int old_height;
830N/A float height_mult;
830N/A
830N/A connSetup = (xConnSetup *) ConnectionInfo;
830N/A vendor = (char *) connSetup + sizeof (xConnSetup);
830N/A formats = (xPixmapFormat *) ((char *) vendor +
830N/A connSetup->nbytesVendor +
830N/A padlength[connSetup->nbytesVendor & 3]);
830N/A root = (xWindowRoot *) ((char *) formats +
830N/A sizeof (xPixmapFormat) *
830N/A screenInfo.numPixmapFormats);
830N/A for (i = 0; i < screen_num; i++)
830N/A {
830N/A depth = (xDepth *) ((char *) root +
830N/A sizeof (xWindowRoot));
830N/A for (j = 0; j < (int)root->nDepths; j++)
830N/A {
830N/A visual = (xVisualType *) ((char *) depth +
830N/A sizeof (xDepth));
830N/A depth = (xDepth *) ((char *) visual +
830N/A depth->nVisuals *
830N/A sizeof (xVisualType));
830N/A
830N/A }
830N/A root = (xWindowRoot *) ((char *) depth);
830N/A }
830N/A old_height = root->pixHeight;
830N/A
830N/A if (noPanoramiXExtension)
830N/A {
830N/A pScreen = screenInfo.screens[screen_num];
830N/A root->pixHeight = pScreen->height - StripeHeight;
830N/A } else
830N/A {
830N/A root->pixHeight = PanoramiXPixHeight - StripeHeight;
830N/A }
830N/A
830N/A /* compute new millimeter height */
830N/A height_mult = (1.0 * root->pixHeight) / old_height;
830N/A root->mmHeight *= height_mult;
830N/A
830N/A return (0);
830N/A}
830N/A
830N/Aextern int cannot_audit(int); /* bsm function */
830N/A
830N/Avoid
830N/Ainit_xtsol(void)
830N/A{
830N/A bclearhigh(&SessionHI);
830N/A bclearlow(&SessionLO);
830N/A bsllow(&PublicObjSL);
830N/A init_TSOL_cached_SL();
830N/A init_TSOL_uid_table();
830N/A
830N/A if (cannot_audit(TRUE))
830N/A system_audit_on = FALSE;
830N/A else
830N/A system_audit_on = TRUE;
830N/A
830N/A auditwrite(AW_QUEUE, XAUDIT_Q_SIZE, AW_END);
830N/A}
830N/A
830N/A/*
830N/A * Converts keycode to keysym, helper function.
830N/A * Modelled after Xlib code
830N/A */
830N/Astatic KeySym
830N/AKeycodetoKeysym(KeyCode keycode, int col, KeySymsPtr curKeySyms)
830N/A{
830N/A int per = curKeySyms->mapWidth;
830N/A KeySym *syms = curKeySyms->map;
830N/A KeySym lsym = 0, usym = 0;
830N/A
830N/A if ((col < 0) || ((col >= per) && (col > 3)) ||
830N/A ((int)keycode < curKeySyms->minKeyCode) ||
830N/A ((int)keycode > curKeySyms->maxKeyCode))
830N/A return NoSymbol;
830N/A
830N/A syms = &curKeySyms->map[(keycode - curKeySyms->minKeyCode) * per];
830N/A if (col < 4) {
830N/A if (col > 1) {
830N/A while ((per > 2) && (syms[per - 1] == NoSymbol))
830N/A per--;
830N/A if (per < 3)
830N/A col -= 2;
830N/A }
830N/A if ((per <= (col|1)) || (syms[col|1] == NoSymbol)) {
830N/A if (!(col & 1))
830N/A return lsym;
830N/A else if (usym == lsym)
830N/A return NoSymbol;
830N/A else
830N/A return usym;
830N/A }
830N/A }
830N/A return syms[col];
830N/A}
830N/A
830N/A/*
830N/A * Converts keysym to a keycode
830N/A * Modelled after Xlib code
830N/A */
830N/Astatic KeyCode
830N/AKeysymToKeycode(KeySym ks, KeySymsPtr curKeySyms)
830N/A{
830N/A int i, j;
830N/A
830N/A for (j = 0; j < curKeySyms->mapWidth; j++) {
830N/A for (i = curKeySyms->minKeyCode; i <= curKeySyms->maxKeyCode; i++) {
830N/A if (KeycodetoKeysym((KeyCode) i, j, curKeySyms) == ks)
830N/A return i;
830N/A }
830N/A }
830N/A return 0;
830N/A}
830N/A
830N/A/*
830N/A * converts a keysym to modifier equivalent mask
830N/A * Modelled after Xlib
830N/A */
830N/Astatic unsigned
830N/AKeysymToModifier(KeySym ks, KeySymsPtr keysyms,
830N/A KeyCode *modifierKeyMap, int maxKeysPerModifier)
830N/A{
830N/A CARD8 code, mods;
830N/A KeySym *kmax;
830N/A KeySym *k;
830N/A
830N/A kmax = keysyms->map + (keysyms->maxKeyCode - keysyms->minKeyCode + 1) *
830N/A keysyms->mapWidth;
830N/A k = keysyms->map;
830N/A mods = 0;
830N/A while (k < kmax) {
830N/A if (*k == ks ) {
830N/A int j = maxKeysPerModifier << 3;
830N/A
830N/A code = (((k - keysyms->map) / keysyms->mapWidth) + keysyms->minKeyCode);
830N/A
830N/A while (--j >= 0) {
830N/A if (code == modifierKeyMap[j])
830N/A mods |= (1 << (j / maxKeysPerModifier));
830N/A }
830N/A }
830N/A k++;
830N/A }
830N/A return mods;
830N/A}
830N/A
830N/A/*
830N/A * Initialize Hot Key keys. On A Sun type 5/6 keyboard
830N/A * It's Meta(Diamond) + Stop. On a non-Sun keyboard, it's
830N/A * Alt + Break(Pause) key. Hold down the meta or alt key
830N/A * press stop or break key.
830N/A *
830N/A * NOTE:
830N/A * Both Left & Right keys for (Meta or Alt) return the
* same modifier mask
*/
void
InitHotKey(DeviceIntPtr keybd)
{
HotKeyPtr hk = TsolKeyboardPrivate(keybd);
KeySymsPtr curKeySyms = XkbGetCoreMap(keybd);
int rc;
int max_keys_per_mod = 0;
KeyCode *modkeymap = NULL;
rc = generate_modkeymap(serverClient, keybd,
&modkeymap, &max_keys_per_mod);
/* Meta + Stop */
hk->shift = KeysymToModifier(XK_Meta_L, curKeySyms,
modkeymap, max_keys_per_mod);
hk->key = KeysymToKeycode(XK_L1, curKeySyms);
/* Alt + Break/Pause */
hk->altshift = KeysymToModifier(XK_Alt_L, curKeySyms,
modkeymap, max_keys_per_mod);
hk->altkey = KeysymToKeycode(XK_Pause, curKeySyms);
hk->initialized = TRUE;
}
static void
UpdateTsolConfig(char *keyword, char *value)
{
int i;
int count;
char **newlist;
if (keyword == NULL || value == NULL)
return; /* ignore incomplete entries */
/* find a matching keyword */
for (i = 0; i < KEYWORDCOUNT; i++) {
if (strcmp(keyword, tsolconfig_keywords[i]) == 0) {
break;
}
}
/* Invalid keyword */
if (i >= KEYWORDCOUNT) {
ErrorF("Invalid keyword : %s\n", keyword);
return;
}
count = tsolconfig[i].count;
newlist = (char **)Xrealloc(tsolconfig[i].list, (count + 1) * sizeof(char **));
if (newlist == NULL) {
ErrorF("Not enough memory for %s %s\n", keyword, value);
return;
}
newlist[count] = strdup(value);
tsolconfig[i].list = newlist;
tsolconfig[i].count++;
}
static void
InitPrivileges(void)
{
int i;
int count;
char **list;
count = tsolconfig[TSOL_PRIVILEGE].count;
list = tsolconfig[TSOL_PRIVILEGE].list;
for (i = 0; i < count; i++) {
if (strcmp(list[i], PRIV_WIN_COLORMAP) == 0)
priv_win_colormap = TRUE;
else if (strcmp(list[i], PRIV_WIN_CONFIG) == 0)
priv_win_config = TRUE;
else if (strcmp(list[i], PRIV_WIN_DEVICES) == 0)
priv_win_devices = TRUE;
else if (strcmp(list[i], PRIV_WIN_FONTPATH) == 0)
priv_win_fontpath = TRUE;
else if (strcmp(list[i], PRIV_WIN_DGA) == 0)
priv_win_dga = TRUE;
}
}
/*
* Load Trusted Solaris configuration file
*/
void
LoadTsolConfig(void)
{
FILE *fp;
char buf[BUFSIZ];
char *keyword;
char *value;
/* open the file from /etc first followed by /usr */
if ((fp = fopen(TSOLPOLICYFILE, "r")) == NULL) {
ErrorF("Cannot load %s. Some desktop applications may not\n"
"work correctly\n", TSOLPOLICYFILE);
return;
}
/* Read and parse the config file */
while (fgets(buf, sizeof (buf), fp) != NULL) {
/* ignore all comments, lines starting with white space */
if (buf[0] == '#' || isspace((int)buf[0]))
continue;
keyword = strtok(buf, " \t");
value = strtok(NULL, " \t\n");
UpdateTsolConfig(keyword, value);
}
InitPrivileges();
}
/*
* It does not really tell if this atom is to be polyinstantiated
* or not. Further check should be done to determine this.
*/
int
SpecialName(const char *string, int len)
{
return (MatchTsolConfig(string, len));
}
void
MakeTSOLAtoms(void)
{
int i;
char *atomname;
/* Create new TSOL atoms */
for (i = 0; i < TSOL_ATOMCOUNT; i++) {
if (MakeAtom(tsolatomnames[i], strlen(tsolatomnames[i]), TRUE) == None)
AtomError();
}
/* Create atoms defined in config file */
for (i = 0; i < tsolconfig[TSOL_ATOM].count; i++) {
atomname = tsolconfig[TSOL_ATOM].list[i];
if (MakeAtom(atomname, strlen(atomname), TRUE) == None) {
AtomError();
}
}
}
/*
* Names starting with a slash in selection.atoms and property.atoms
* are treated as regular expressions to be matched against the
* selection and property names. They may optionally end with a slash.
*/
static int
regexcompare(const char *string, int len, char *regexp)
{
int status;
regex_t compiledregexp;
char *regexpstrp;
int regexpstrlen;
char buffer[BUFSIZ];
if (regexp[0] == '/' && len < BUFSIZ) {
/* Extract regular expression from between slashes */
regexpstrp = regexp + 1;
regexpstrlen = strlen(regexpstrp);
if (regexpstrp[regexpstrlen - 1] == '/')
regexpstrp[regexpstrlen - 1] = '\0';
/* Compile the regular expression */
status = regcomp(&compiledregexp, regexpstrp,
REG_EXTENDED | REG_NOSUB);
if (status == 0) {
/* Make null-terminated copy of string */
memcpy(buffer, string, len);
buffer[len] = '\0';
/* Compare string to regular expression */
status = regexec(&compiledregexp,
buffer, (size_t) 0, NULL, 0);
regfree(&compiledregexp);
if (status == 0)
return (TRUE);
else
return (FALSE);
}
} else if (strncmp(string, regexp, len) == 0) {
return (TRUE);
}
return (FALSE);
}
int
MatchTsolConfig(const char *name, int len)
{
int i;
int count;
char **list;
unsigned int flags = 0;
count = tsolconfig[TSOL_PROPERTY].count;
list = tsolconfig[TSOL_PROPERTY].list;
for (i = 0; i < count; i++) {
if (regexcompare(name, len, list[i])) {
flags |= TSOLM_PROPERTY;
break;
}
}
count = tsolconfig[TSOL_SELECTION].count;
list = tsolconfig[TSOL_SELECTION].list;
for (i = 0; i < count; i++) {
if (regexcompare(name, len, list[i])) {
flags |= TSOLM_SELECTION;
break;
}
}
return (flags);
}
TsolInfoPtr
GetClientTsolInfo(ClientPtr client)
{
return TsolClientPrivate(client);
}
/* Property is polyinstantiated only on root window */
int
PolyProperty(Atom atom, WindowPtr pWin)
{
if (WindowIsRoot(pWin) &&
((!tsolpolyprop.polyinst && !(tsol_node[atom].IsSpecial & TSOLM_PROPERTY)) ||
(tsolpolyprop.polyinst && (tsol_node[atom].IsSpecial & TSOLM_PROPERTY))))
return TRUE;
return FALSE;
}
int
PolySelection(Atom atom)
{
if ((tsolpolyseln.polyinst && (tsol_node[atom].IsSpecial & TSOLM_SELECTION)) ||
(!tsolpolyseln.polyinst && !(tsol_node[atom].IsSpecial & TSOLM_SELECTION)))
return TRUE;
return FALSE;
}
/*
* client_private returns true if xid is owned/created by
* client or is a default server xid
*/
int
client_private (ClientPtr client, XID xid)
{
if (same_client(client, xid) || (xid & SERVER_BIT))
return TRUE;
else
return FALSE;
}
/*
* Same as TopClientWin()
* except that it returns a Window ID
* and not a ptr
*/
Window
RootOfClient(WindowPtr pWin)
{
if (pWin)
{
return (TopClientWin(pWin)->drawable.id);
}
return (NULL);
}
#ifdef UNUSED
/*
* Return root window of pWin
*/
WindowPtr
RootWin(WindowPtr pWin)
{
if (pWin)
{
while (pWin->parent)
pWin = pWin->parent;
}
return (pWin);
}
#endif
Window
RootOf(WindowPtr pWin)
{
if (pWin)
{
while (pWin->parent)
pWin = pWin->parent;
return (pWin->drawable.id);
}
return (NULL);
}
/*
* same_client returns true if xid is owned/created by
* client
*/
int
same_client (ClientPtr client, XID xid)
{
TsolInfoPtr tsolinfo_client;
TsolInfoPtr tsolinfo_xid;
ClientPtr xid_client;
if (CLIENT_ID(xid) == 0 || (clients[CLIENT_ID(xid)] == NULL))
return FALSE;
if((SERVER_BIT & xid) == 0)
{
if (client->index == CLIENT_ID(xid))
return TRUE;
xid_client = clients[CLIENT_ID(xid)];
tsolinfo_client = GetClientTsolInfo(client);
tsolinfo_xid = GetClientTsolInfo(xid_client);
if (tsolinfo_client && tsolinfo_xid && tsolinfo_client->pid > 0)
{
if (tsolinfo_client->pid == tsolinfo_xid->pid)
return TRUE;
}
}
return FALSE;
}
WindowPtr
AnyWindowOverlapsJustMe(
WindowPtr pWin,
WindowPtr pHead,
register BoxPtr box)
{
register WindowPtr pSib;
BoxRec sboxrec;
register BoxPtr sbox;
TsolResPtr win_res = TsolResourcePrivate(pWin);
for (pSib = pWin->prevSib; (pSib != NULL && pSib != pHead); pSib = pSib->prevSib)
{
TsolResPtr sib_res = TsolResourcePrivate(pSib);
if (pSib->mapped && !bldominates(win_res->sl, sib_res->sl))
{
sbox = WindowExtents(pSib, &sboxrec);
if (BOXES_OVERLAP(sbox, box)
#ifdef SHAPE
&& ShapeOverlap (pWin, box, pSib, sbox)
#endif
)
return(pSib);
}
}
return((WindowPtr)NULL);
}
/*
* Return Top level client window of pWin
*/
WindowPtr
TopClientWin(WindowPtr pWin)
{
ClientPtr client;
if (pWin)
{
client = wClient(pWin);
while (pWin->parent)
{
if (client != wClient(pWin->parent))
break;
pWin = pWin->parent;
}
}
return (pWin);
}
/*
* Matches in the list of disabled extensions via
* the policy file (TrustedExtensionsPolicy)
* Returns
* TRUE - if a match is found
* FALSE - otherwise
*/
int
TsolDisabledExtension(const char *extname)
{
int i;
for (i = 0; i < tsolconfig[TSOL_EXTENSION].count; i++) {
if (strcmp(extname, tsolconfig[TSOL_EXTENSION].list[i]) == 0) {
return TRUE;
}
}
return FALSE;
}
/*****************************************************************************/
/* Debug/error message utility functions */
/* Returns a string representation of the access mode for debugging messages */
_X_HIDDEN const char *
TsolDixAccessModeNameString(Mask access_mode) {
static char access_mode_str[1024];
int l = 0;
access_mode_str[0] = '\0';
#define APPEND_MODENAME_IF_SET(mode) \
if (access_mode & (mode)) \
l = strlcat(access_mode_str, #mode " | ", sizeof(access_mode_str))
APPEND_MODENAME_IF_SET(DixUnknownAccess);
APPEND_MODENAME_IF_SET(DixReadAccess);
APPEND_MODENAME_IF_SET(DixWriteAccess);
APPEND_MODENAME_IF_SET(DixDestroyAccess);
APPEND_MODENAME_IF_SET(DixCreateAccess);
APPEND_MODENAME_IF_SET(DixGetAttrAccess);
APPEND_MODENAME_IF_SET(DixSetAttrAccess);
APPEND_MODENAME_IF_SET(DixListPropAccess);
APPEND_MODENAME_IF_SET(DixGetPropAccess);
APPEND_MODENAME_IF_SET(DixSetPropAccess);
APPEND_MODENAME_IF_SET(DixGetFocusAccess);
APPEND_MODENAME_IF_SET(DixSetFocusAccess);
APPEND_MODENAME_IF_SET(DixListAccess);
APPEND_MODENAME_IF_SET(DixAddAccess);
APPEND_MODENAME_IF_SET(DixRemoveAccess);
APPEND_MODENAME_IF_SET(DixHideAccess);
APPEND_MODENAME_IF_SET(DixShowAccess);
APPEND_MODENAME_IF_SET(DixBlendAccess);
APPEND_MODENAME_IF_SET(DixGrabAccess);
APPEND_MODENAME_IF_SET(DixFreezeAccess);
APPEND_MODENAME_IF_SET(DixForceAccess);
APPEND_MODENAME_IF_SET(DixInstallAccess);
APPEND_MODENAME_IF_SET(DixUninstallAccess);
APPEND_MODENAME_IF_SET(DixSendAccess);
APPEND_MODENAME_IF_SET(DixReceiveAccess);
APPEND_MODENAME_IF_SET(DixUseAccess);
APPEND_MODENAME_IF_SET(DixManageAccess);
APPEND_MODENAME_IF_SET(DixDebugAccess);
APPEND_MODENAME_IF_SET(DixBellAccess);
if ( (l > 3) && (l < sizeof(access_mode_str)) ) {
/* strip off trailing " | " */
access_mode_str[l - 3] = '\0';
}
return access_mode_str;
}
/* Returns a string representation of the tsol policy for debugging messages */
_X_HIDDEN const char *
TsolPolicyReturnString(int pr)
{
if (pr == XTSOL_FAIL) {
return "FAIL";
} else if (pr == XTSOL_ALLOW) {
return "ALLOW";
} else if (pr == XTSOL_IGNORE) {
return "IGNORE";
} else {
static char str[32];
snprintf(str, sizeof(str), "<unknown value %d>", pr);
return str;
}
}
_X_HIDDEN const char *
TsolErrorNameString(int errcode)
{
const char *regentry = LookupErrorName(errcode);
if (strcmp(regentry, XREGISTRY_UNKNOWN) == 0) {
static char unknown_string[32];
snprintf(unknown_string, sizeof(unknown_string),
"error code #%d", errcode);
return unknown_string;
}
return regentry;
}
_X_HIDDEN const char *
TsolResourceTypeString(RESTYPE resource)
{
const char *regentry = LookupResourceName(resource);
if (strcmp(regentry, XREGISTRY_UNKNOWN) == 0) {
static char unknown_string[32];
snprintf(unknown_string, sizeof(unknown_string),
"resource type #%d", (uint_t) resource);
return unknown_string;
}
return regentry;
}
_X_HIDDEN const char *
TsolRequestNameString(int req)
{
const char *regentry;
if (req < 0) {
return "<no request>";
}
regentry = LookupMajorName(req);
if (strcmp(regentry, XREGISTRY_UNKNOWN) == 0) {
static char unknown_string[32];
snprintf(unknown_string, sizeof(unknown_string),
"request type #%d", req);
return unknown_string;
}
return regentry;
}