xace: add hooks + new access codes: core protocol server requests
This commit is contained in:
parent
3c9553ac2c
commit
568ae737d1
|
@ -1169,6 +1169,7 @@ ProcConvertSelection(ClientPtr client)
|
|||
int
|
||||
ProcGrabServer(ClientPtr client)
|
||||
{
|
||||
int rc;
|
||||
REQUEST_SIZE_MATCH(xReq);
|
||||
if (grabState != GrabNone && client != grabClient)
|
||||
{
|
||||
|
@ -1178,7 +1179,9 @@ ProcGrabServer(ClientPtr client)
|
|||
IgnoreClient(client);
|
||||
return(client->noClientException);
|
||||
}
|
||||
OnlyListenToOneClient(client);
|
||||
rc = OnlyListenToOneClient(client);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
grabState = GrabKickout;
|
||||
grabClient = client;
|
||||
|
||||
|
@ -3478,12 +3481,14 @@ int
|
|||
ProcGetFontPath(ClientPtr client)
|
||||
{
|
||||
xGetFontPathReply reply;
|
||||
int stringLens, numpaths;
|
||||
int rc, stringLens, numpaths;
|
||||
unsigned char *bufferStart;
|
||||
/* REQUEST (xReq); */
|
||||
|
||||
REQUEST_SIZE_MATCH(xReq);
|
||||
bufferStart = GetFontPath(&numpaths, &stringLens);
|
||||
rc = GetFontPath(client, &numpaths, &stringLens, &bufferStart);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
|
||||
reply.type = X_Reply;
|
||||
reply.sequenceNumber = client->sequence;
|
||||
|
|
|
@ -65,6 +65,7 @@ Equipment Corporation.
|
|||
#include "dixfontstr.h"
|
||||
#include "closestr.h"
|
||||
#include "dixfont.h"
|
||||
#include "xace.h"
|
||||
|
||||
#ifdef DEBUG
|
||||
#include <stdio.h>
|
||||
|
@ -833,6 +834,10 @@ ListFonts(ClientPtr client, unsigned char *pattern, unsigned length,
|
|||
if (length > XLFDMAXFONTNAMELEN)
|
||||
return BadAlloc;
|
||||
|
||||
i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
|
||||
if (i != Success)
|
||||
return i;
|
||||
|
||||
if (!(c = (LFclosurePtr) xalloc(sizeof *c)))
|
||||
return BadAlloc;
|
||||
c->fpe_list = (FontPathElementPtr *)
|
||||
|
@ -1105,6 +1110,10 @@ StartListFontsWithInfo(ClientPtr client, int length, unsigned char *pattern,
|
|||
if (length > XLFDMAXFONTNAMELEN)
|
||||
return BadAlloc;
|
||||
|
||||
i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
|
||||
if (i != Success)
|
||||
return i;
|
||||
|
||||
if (!(c = (LFWIclosurePtr) xalloc(sizeof *c)))
|
||||
goto badAlloc;
|
||||
c->fpe_list = (FontPathElementPtr *)
|
||||
|
@ -1771,7 +1780,9 @@ bail:
|
|||
int
|
||||
SetFontPath(ClientPtr client, int npaths, unsigned char *paths, int *error)
|
||||
{
|
||||
int err = Success;
|
||||
int err = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
|
||||
if (err != Success)
|
||||
return err;
|
||||
|
||||
if (npaths == 0) {
|
||||
if (SetDefaultFontPath(defaultFontPath) != Success)
|
||||
|
@ -1823,14 +1834,18 @@ SetDefaultFontPath(char *path)
|
|||
return err;
|
||||
}
|
||||
|
||||
unsigned char *
|
||||
GetFontPath(int *count, int *length)
|
||||
int
|
||||
GetFontPath(ClientPtr client, int *count, int *length, unsigned char **result)
|
||||
{
|
||||
int i;
|
||||
unsigned char *c;
|
||||
int len;
|
||||
FontPathElementPtr fpe;
|
||||
|
||||
i = XaceHook(XACE_SERVER_ACCESS, client, DixGetAttrAccess);
|
||||
if (i != Success)
|
||||
return i;
|
||||
|
||||
len = 0;
|
||||
for (i = 0; i < num_fpes; i++) {
|
||||
fpe = font_path_elements[i];
|
||||
|
@ -1838,7 +1853,7 @@ GetFontPath(int *count, int *length)
|
|||
}
|
||||
font_path_string = (unsigned char *) xrealloc(font_path_string, len);
|
||||
if (!font_path_string)
|
||||
return NULL;
|
||||
return BadAlloc;
|
||||
|
||||
c = font_path_string;
|
||||
*length = 0;
|
||||
|
@ -1850,7 +1865,8 @@ GetFontPath(int *count, int *length)
|
|||
c += fpe->name_length;
|
||||
}
|
||||
*count = num_fpes;
|
||||
return font_path_string;
|
||||
*result = font_path_string;
|
||||
return Success;
|
||||
}
|
||||
|
||||
_X_EXPORT int
|
||||
|
|
|
@ -66,7 +66,7 @@ static char **dmxGetFontPath(int *npaths)
|
|||
char *newfp;
|
||||
int len, l, i;
|
||||
|
||||
paths = GetFontPath(npaths, &len);
|
||||
GetFontPath(serverClient, npaths, &len, &paths);
|
||||
|
||||
newfp = xalloc(*npaths + len);
|
||||
c = (unsigned char *)newfp;
|
||||
|
@ -194,7 +194,7 @@ static int dmxProcSetFontPath(ClientPtr client)
|
|||
if (total >= 4)
|
||||
return BadLength;
|
||||
|
||||
tmpFontPath = GetFontPath(&nOldPaths, &lenOldPaths);
|
||||
GetFontPath(serverClient, &nOldPaths, &lenOldPaths, &tmpFontPath);
|
||||
oldFontPath = xalloc(nOldPaths + lenOldPaths);
|
||||
memmove(oldFontPath, tmpFontPath, nOldPaths + lenOldPaths);
|
||||
|
||||
|
|
|
@ -105,8 +105,10 @@ extern int SetFontPath(ClientPtr /*client*/,
|
|||
|
||||
extern int SetDefaultFontPath(char * /*path*/);
|
||||
|
||||
extern unsigned char *GetFontPath(int * /*count*/,
|
||||
int * /*length*/);
|
||||
extern int GetFontPath(ClientPtr client,
|
||||
int *count,
|
||||
int *length,
|
||||
unsigned char **result);
|
||||
|
||||
extern int LoadGlyphs(ClientPtr /*client*/,
|
||||
FontPtr /*pfont*/,
|
||||
|
|
|
@ -155,7 +155,7 @@ extern void AddEnabledDevice(int /*fd*/);
|
|||
|
||||
extern void RemoveEnabledDevice(int /*fd*/);
|
||||
|
||||
extern void OnlyListenToOneClient(ClientPtr /*client*/);
|
||||
extern int OnlyListenToOneClient(ClientPtr /*client*/);
|
||||
|
||||
extern void ListenToAllClients(void);
|
||||
|
||||
|
|
32
os/access.c
32
os/access.c
|
@ -1493,17 +1493,20 @@ LocalClientCredAndGroups(ClientPtr client, int *pUid, int *pGid,
|
|||
#endif
|
||||
}
|
||||
|
||||
static Bool
|
||||
static int
|
||||
AuthorizedClient(ClientPtr client)
|
||||
{
|
||||
int rc;
|
||||
|
||||
if (!client || defeatAccessControl)
|
||||
return TRUE;
|
||||
return Success;
|
||||
|
||||
/* untrusted clients can't change host access */
|
||||
if (XaceHook(XACE_SERVER_ACCESS, client, DixWriteAccess) != Success)
|
||||
return FALSE;
|
||||
rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
|
||||
return LocalClient(client);
|
||||
return LocalClient(client) ? Success : BadAccess;
|
||||
}
|
||||
|
||||
/* Add a host to the access control list. This is the external interface
|
||||
|
@ -1515,10 +1518,11 @@ AddHost (ClientPtr client,
|
|||
unsigned length, /* of bytes in pAddr */
|
||||
pointer pAddr)
|
||||
{
|
||||
int len;
|
||||
int rc, len;
|
||||
|
||||
if (!AuthorizedClient(client))
|
||||
return(BadAccess);
|
||||
rc = AuthorizedClient(client);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
switch (family) {
|
||||
case FamilyLocalHost:
|
||||
len = length;
|
||||
|
@ -1612,11 +1616,12 @@ RemoveHost (
|
|||
unsigned length, /* of bytes in pAddr */
|
||||
pointer pAddr)
|
||||
{
|
||||
int len;
|
||||
int rc, len;
|
||||
register HOST *host, **prev;
|
||||
|
||||
if (!AuthorizedClient(client))
|
||||
return(BadAccess);
|
||||
rc = AuthorizedClient(client);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
switch (family) {
|
||||
case FamilyLocalHost:
|
||||
len = length;
|
||||
|
@ -1873,8 +1878,9 @@ ChangeAccessControl(
|
|||
ClientPtr client,
|
||||
int fEnabled)
|
||||
{
|
||||
if (!AuthorizedClient(client))
|
||||
return BadAccess;
|
||||
int rc = AuthorizedClient(client);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
AccessEnabled = fEnabled;
|
||||
return Success;
|
||||
}
|
||||
|
|
|
@ -1081,11 +1081,15 @@ RemoveEnabledDevice(int fd)
|
|||
* This routine is "undone" by ListenToAllClients()
|
||||
*****************/
|
||||
|
||||
void
|
||||
int
|
||||
OnlyListenToOneClient(ClientPtr client)
|
||||
{
|
||||
OsCommPtr oc = (OsCommPtr)client->osPrivate;
|
||||
int connection = oc->fd;
|
||||
int rc, connection = oc->fd;
|
||||
|
||||
rc = XaceHook(XACE_SERVER_ACCESS, client, DixGrabAccess);
|
||||
if (rc != Success)
|
||||
return rc;
|
||||
|
||||
if (! GrabInProgress)
|
||||
{
|
||||
|
@ -1106,6 +1110,7 @@ OnlyListenToOneClient(ClientPtr client)
|
|||
XFD_ORSET(&AllSockets, &AllSockets, &AllClients);
|
||||
GrabInProgress = client->index;
|
||||
}
|
||||
return rc;
|
||||
}
|
||||
|
||||
/****************
|
||||
|
|
Loading…
Reference in New Issue
Block a user