341N/A# Copyright (c) 2006, 2011, Oracle
and/or its affiliates. All rights reserved.
341N/A# Permission is hereby granted, free of charge, to any person obtaining a
341N/A# copy of this software and associated documentation files (the "Software"),
943N/A# to deal in the Software without restriction, including without limitation
341N/A# the rights to use, copy, modify, merge, publish, distribute, sublicense,
341N/A#
and/or sell copies of the Software, and to permit persons to whom the
919N/A# Software is furnished to do so, subject to the following conditions:
919N/A# The above copyright notice and this permission notice (including the next
919N/A# paragraph) shall be included in all copies or substantial portions of the
919N/A# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
919N/A# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
919N/A# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
919N/A# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
919N/A# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
919N/A# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
919N/A# DEALINGS IN THE SOFTWARE.
341N/A@@ -17,6 +17,10 @@ if RECORD
341N/A@@ -37,6 +41,7 @@ SUBDIRS = \
index 8673880..14bb5cd 100644
@@ -1144,3 +1144,27 @@ SecurityExtensionInit(INITARGS)
/* Label objects that were created before we could register ourself */
+/* API needed for Xtsol module to
get/set client trustLevel */
+getClientTrustLevel(ClientPtr client)
+ SecurityStateRec *state;
+ state = dixLookupPrivate(&client->devPrivates, stateKey);
+ return state->trustLevel;
+setClientTrustLevel(ClientPtr client, unsigned int newLevel)
+ SecurityStateRec *state;
+ state = dixLookupPrivate(&client->devPrivates, stateKey);
+ oldLevel = state->trustLevel;
+ state->trustLevel = newLevel;
index 3d3894a..8b7317f 100644
@@ -80,4 +80,8 @@ typedef struct {
/* Give this value or higher to the -audit option to get security messages */
#define SECURITY_AUDIT_LEVEL 4
+/* API needed for Xtsol module to
get/set client trustLevel */
+extern _X_EXPORT unsigned int getClientTrustLevel(ClientPtr client);
+extern _X_EXPORT unsigned int setClientTrustLevel(ClientPtr client, unsigned int newLevel);
#endif /* _SECURITY_SRV_H */
index f4311c3..69057ec 100644
@@ -227,6 +227,14 @@ dnl Find the math libary
AC_CHECK_LIB(m, cbrt, AC_DEFINE(HAVE_CBRT, 1, [Have the 'cbrt' function]))
+dnl Check for libtsol for Solaris Trusted Extensions module
+AC_CHECK_LIB(tsol, bsllow, [BUILD_TSOL_MODULE=yes], [BUILD_TSOL_MODULE=no])
+AM_CONDITIONAL(BUILD_TSOL_MODULE, [test x$BUILD_TSOL_MODULE = xyes])
+if test "x$BUILD_TSOL_MODULE" = xyes; then
+ TSOL_SYS_LIBS='-ltsol -ltsnet -lsecdb -lbsm'
@@ -1501,6 +1509,8 @@ AM_CONDITIONAL(XVFB, [test "x$XVFB" = xyes])
if test "x$XVFB" = xyes; then
XVFB_LIBS="$FB_LIB $FIXES_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB"
XVFB_SYS_LIBS="$XVFBMODULES_LIBS $GLX_SYS_LIBS"
+ XVFB_LIBS="$XVFB_LIBS $TSOL_LIB"
+ XVFB_SYS_LIBS="$XVFB_SYS_LIBS $TSOL_SYS_LIBS"
AC_SUBST([XVFB_SYS_LIBS])
@@ -1522,6 +1532,8 @@ if test "x$XNEST" = xyes; then
XNEST_LIBS="$FB_LIB $FIXES_LIB $MI_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $DIX_LIB $MAIN_LIB $OS_LIB"
XNEST_SYS_LIBS="$XNESTMODULES_LIBS $GLX_SYS_LIBS"
+ XNEST_LIBS="$XNEST_LIBS $TSOL_LIB"
+ XNEST_SYS_LIBS="$XNEST_SYS_LIBS $TSOL_SYS_LIBS"
AC_SUBST([XNEST_SYS_LIBS])
@@ -2086,6 +2098,7 @@ if test "$KDRIVE" = yes; then
KDRIVE_CFLAGS="$XSERVER_CFLAGS -DHAVE_KDRIVE_CONFIG_H $TSLIB_CFLAGS"
KDRIVE_PURE_LIBS="$FB_LIB $MI_LIB $FIXES_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $OS_LIB"
+ KDRIVE_PURE_LIBS="$KDRIVE_PURE_LIBS $TSOL_LIB"
+# Add Sun Trusted Extensions extension
index 7b2132d..63a2378 100644
@@ -74,8 +74,8 @@ Equipment Corporation.
******************************************************************/
-/* XSERVER_DTRACE additions:
- * Copyright (c) 2005-2006, Oracle
and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2006, Oracle
and/or its affiliates. All rights reserved.
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
@@ -162,6 +162,10 @@ int connBlockScreenStart;
static void KillAllClients(void);
+SecurityHookPtr pSecHook = NULL;
static int nextFreeClientID; /* always MIN free client ID */
static int nClients; /* number of authorized clients */
@@ -896,7 +900,12 @@ ProcCirculateWindow(ClientPtr client)
GetGeometry(ClientPtr client, xGetGeometryReply *rep)
@@ -1990,7 +1999,12 @@ ProcPutImage(ClientPtr client)
DoGetImage(ClientPtr client, int format, Drawable drawable,
int x, int y, int width, int height,
Mask planemask, xGetImageReply **im_return)
index 9be7064..25f1a52 100644
@@ -97,6 +97,33 @@ Equipment Corporation.
******************************************************************/
+/* Copyright (c) 2006, Oracle
and/or its affiliates. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
@@ -175,6 +202,11 @@ static Bool TileScreenSaver(ScreenPtr pScreen, int kind);
#define SubStrSend(pWin,pParent) (StrSend(pWin) || SubSend(pParent))
+extern SecurityHookPtr pSecHook;
@@ -1835,7 +1867,12 @@ IsSiblingAboveMe(
@@ -1865,7 +1902,12 @@ MakeBoundingRegion (
@@ -2065,7 +2107,12 @@ WhereDoIGoInTheStack(
index 21bfe0b..7c548eb 100644
@@ -126,6 +126,7 @@ static ModuleDefault ModuleDefaults[] = {
{.name = "dri2", .toLoad = TRUE, .load_opt=NULL},
{.name = "ia", .toLoad = TRUE, .load_opt=NULL},
+ {.name = "xtsol", .toLoad = TRUE, .load_opt=NULL},
{.name = NULL, .toLoad = FALSE, .load_opt=NULL}
index ea065fa..5e5725e 100644
@@ -74,3 +74,11 @@ libia_la_CPPFLAGS = $(AM_CPPFLAGS) -I$(top_builddir)/IA
libia_la_LDFLAGS = -avoid-version
+# Sun Trusted Extensions extension module additions
+libxtsol_la_LDFLAGS = -avoid-version
index 12e4b59..50c20ed 100644
@@ -172,6 +172,15 @@ extern _X_EXPORT void MarkClientException(
extern _X_HIDDEN Bool CreateConnectionBlock(void);
+extern _X_EXPORT int DoGetImage(ClientPtr client, int format, Drawable drawable,
+ int x, int y, int width, int height,
+ Mask planemask, xGetImageReply **im_return);
+extern _X_EXPORT int GetGeometry(ClientPtr client, xGetGeometryReply *rep);
extern _X_EXPORT int CompareISOLatin1Lowered(
index bb66dfb..3a51180 100644
@@ -45,6 +45,34 @@ SOFTWARE.
******************************************************************/
+/* Copyright (c) 2006, 2007, Oracle
and/or its affiliates. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
#ifndef EXTENSIONSTRUCT_H
#define EXTENSIONSTRUCT_H
@@ -55,6 +83,10 @@ SOFTWARE.
typedef struct _ExtensionEntry {
void (* CloseDown)( /* called at server shutdown */
@@ -108,5 +140,21 @@ extern _X_EXPORT Bool AddExtensionAlias(
extern _X_EXPORT ExtensionEntry *CheckExtension(const char *extname);
extern _X_EXPORT ExtensionEntry *GetExtensionEntry(int major);
+ XID (*CheckAuthorization)(unsigned int, char *, unsigned int,
+ char *, ClientPtr , char **);
+ int (*ChangeWindowProperty)(ClientPtr, WindowPtr, Atom, Atom, int, int,
+ unsigned long, pointer, Bool);
+ int (*DeleteProperty)(ClientPtr, WindowPtr, Atom);
+ void (*DeleteClientFromAnySelections)(ClientPtr);
+ void (*DeleteWindowFromAnySelections)(WindowPtr);
+} SecurityHook, *SecurityHookPtr;
+extern _X_EXPORT SecurityHookPtr pSecHook;
#endif /* EXTENSIONSTRUCT_H */
index f96a0a9..89ab1bf 100644
@@ -403,7 +403,7 @@ extern void NoteLedState(
-extern void MaybeStopHint(
+extern _X_EXPORT void MaybeStopHint(
index 6fb2f8c..29e4364 100644
@@ -266,4 +266,9 @@ extern _X_EXPORT void DisableMapUnmapEvents(
extern _X_EXPORT void EnableMapUnmapEvents(
+# include "
validate.h" /* needed for VTKind enum definition */
+extern _X_EXPORT void ReflectStackChange(WindowPtr pWin, WindowPtr pSib, VTKind kind);
index ee04b05..82a4d2e 100644
@@ -66,6 +66,7 @@ SOFTWARE.
#ifdef HAVE_XNEST_CONFIG_H
@@ -157,6 +158,9 @@ extern Bool noGEExtension;
#ifdef SolarisIAExtension
@@ -192,6 +196,9 @@ typedef void (*InitExtension)(INITARGS);
/* FIXME: this whole block of externs should be from the appropriate headers */
@@ -315,6 +322,9 @@ static ExtensionToggle ExtensionToggleList[] =
#ifdef SolarisIAExtension
{ IANAME /* "SolarisIA" */, &noIAExtension },
+ { TSOLNAME /* "SUN_TSOL" */, &noXTSolExtension },
{ "X-Resource", &noResExtension },
@@ -484,6 +494,11 @@ InitExtensions(int argc, char *argv[])
#ifdef SolarisIAExtension
if (!noIAExtension) IAExtensionInit();
+ if (!noXTSolExtension) {
#else /* XFree86LOADER */
@@ -44,6 +44,33 @@ ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
******************************************************************/
+/* Copyright (c) 2006, Oracle
and/or its affiliates. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
/*****************************************************************
* Stuff to create connections --- OS dependent
@@ -255,6 +282,11 @@ static int ListenTransCount;
static void ErrorConnMax(XtransConnInfo /* trans_conn */);
+extern SecurityHookPtr pSecHook;
lookup_trans_conn (int fd)
@@ -646,6 +678,12 @@ ClientAuthorized(ClientPtr client,
priv = (OsCommPtr)client->osPrivate;
trans_conn = priv->trans_conn;
+ auth_id = (*pSecHook->CheckAuthorization) (proto_n, auth_proto,
+ string_n, auth_string, client, &reason);
/* Allow any client to connect without authorization on a launchd socket,
because it is securely created -- this prevents a race condition on launch */
if(trans_conn->flags & TRANS_NOXAUTH) {