2 * CDE - Common Desktop Environment
4 * Copyright (c) 1993-2012, The Open Group. All rights reserved.
6 * These libraries and programs are free software; you can
7 * redistribute them and/or modify them under the terms of the GNU
8 * Lesser General Public License as published by the Free Software
9 * Foundation; either version 2 of the License, or (at your option)
12 * These libraries and programs are distributed in the hope that
13 * they will be useful, but WITHOUT ANY WARRANTY; without even the
14 * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
15 * PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with these librararies and programs; if not, write
20 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
21 * Floor, Boston, MA 02110-1301 USA
23 /* $TOG: genauth.c /main/6 1997/03/25 12:33:13 barstow $ */
24 /* (c) Copyright 1997, The Open Group */
26 * (c) Copyright 1993, 1994 Hewlett-Packard Company *
27 * (c) Copyright 1993, 1994 International Business Machines Corp. *
28 * (c) Copyright 1993, 1994 Sun Microsystems, Inc. *
29 * (c) Copyright 1993, 1994 Novell, Inc. *
38 * Revision 1.1.2.2 1995/04/21 13:05:23 Peter_Derr
39 * dtlogin auth key fixes from deltacde
40 * [1995/04/14 18:03:41 Peter_Derr]
42 * R6 xdm code used in dtlogin.
43 * [1995/04/10 16:52:31 Peter_Derr]
45 * Revision 1.1.3.3 1995/02/20 21:03:19 Peter_Derr
47 * [1995/02/20 20:13:02 Peter_Derr]
49 * Revision 1.1.3.2 1994/07/13 19:26:25 Peter_Derr
50 * Include Wrap.h to get definitions for XDM-AUTHENTICATION-1
51 * authorization mechanism.
52 * [1994/07/13 12:15:59 Peter_Derr]
57 static char *rcsid = "@(#)$RCSfile: genauth.c $ $Revision: /main/6 $ (DEC) $Date: 1997/03/25 12:33:13 $";
61 Copyright (c) 1988 X Consortium
63 Permission is hereby granted, free of charge, to any person obtaining
64 a copy of this software and associated documentation files (the
65 "Software"), to deal in the Software without restriction, including
66 without limitation the rights to use, copy, modify, merge, publish,
67 distribute, sublicense, and/or sell copies of the Software, and to
68 permit persons to whom the Software is furnished to do so, subject to
69 the following conditions:
71 The above copyright notice and this permission notice shall be included
72 in all copies or substantial portions of the Software.
74 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
75 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
76 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
77 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
78 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
79 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
80 OTHER DEALINGS IN THE SOFTWARE.
82 Except as contained in this notice, the name of the X Consortium shall
83 not be used in advertising or otherwise to promote the sale, use or
84 other dealings in this Software without prior written authorization
85 from the X Consortium.
90 * xdm - display manager daemon
91 * Author: Keith Packard, MIT X Consortium
94 # include <X11/Xauth.h>
100 #ifdef X_NOT_STDC_ENV
102 extern Time_t time ();
106 #define Time_t time_t
128 # if (OSMAJORVERSION >= 4)
129 /* avoid strange sun crypt hackery */
130 # define crypt _crypt
136 #if !defined (DONT_USE_DES) && !defined (USE_CRYPT)
141 static unsigned char key[8];
146 static sumFile (char *name, long sum[2]);
150 typedef unsigned char auth_cblock[8]; /* block size */
152 typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
154 extern void _XdmcpWrapperToOddParity();
161 c[0] = (l >> 24) & 0xff;
162 c[1] = (l >> 16) & 0xff;
163 c[2] = (l >> 8) & 0xff;
171 unsigned char tmpkey[8];
173 * randomFile is and xdm resource not defined in dtlogin.
175 * if (!sumFile (randomFile, sum)) {
177 if (!sumFile ("/dev/mem", sum)) {
178 sum[0] = time ((Time_t *) 0);
179 sum[1] = time ((Time_t *) 0);
181 longtochars (sum[0], tmpkey+0);
182 longtochars (sum[1], tmpkey+4);
184 _XdmcpWrapperToOddParity (tmpkey, key);
187 #endif /* HASXDMAUTH */
190 /* A random number generator that is more unpredictable
191 than that shipped with some systems.
192 This code is taken from the C standard. */
194 static unsigned long int next = 1;
199 next = next * 1103515245 + 12345;
200 return (unsigned int)(next/65536) % 32768;
209 #endif /* no HASXDMAUTH */
213 bitsToBytes (bits, bytes)
214 unsigned long bits[2];
221 for (byte = 0; byte < 2; byte++)
222 for (bit = 0; bit < 32; bit++)
223 bytes[i++] = ((bits[byte] & (1 << bit)) != 0);
225 #endif /* USE_ENCRYPT */
227 # define FILE_LIMIT 1024 /* no more than this many buffers */
229 /* for linux/csrg we use a simpler method to get 2 random longs from
230 * the OS's random number device.
233 #if defined(linux) || defined(CSRG_BASED)
234 #define READ_LIMIT (sizeof (long) * 2)
236 static sumFile (char *name, long sum[2])
242 if ( (fd = open (name, 0)) < 0 )
244 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n",
252 if (read(fd, (char *)buf, READ_LIMIT) != READ_LIMIT)
254 LogError((unsigned char *) "Could not read %d bytes from '%s'\n",
257 sum[0] = (long)time((Time_t *) 0);
273 #else /* linux || CSRG_BASED */
290 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n", name, errno);
293 #ifdef FRAGILE_DEV_MEM
294 if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
299 while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
300 loops = cnt / (2 * sizeof (long));
301 for (i = 0; i < loops; i+= 2) {
308 LogError((unsigned char *) "Cannot read randomFile \"%s\", errno = %d\n", name, errno);
312 #endif /* linux || CSRG_BASED */
314 GenerateAuthData (auth, len)
324 X_GETTIMEOFDAY (&now);
325 ldata[0] = now.tv_sec;
326 ldata[1] = now.tv_usec;
332 ldata[0] = time ((long *) 0);
333 ldata[1] = getpid ();
335 #endif /* ITIMER_REAL */
341 auth_wrapper_schedule schedule;
342 unsigned char tdata[8];
343 static int xdmcpAuthInited;
345 longtochars (ldata[0], tdata+0);
346 longtochars (ldata[1], tdata+4);
347 if (!xdmcpAuthInited)
352 _XdmcpAuthSetup (key, schedule);
353 for (i = 0; i < len; i++) {
355 for (bit = 1; bit < 256; bit <<= 1) {
356 _XdmcpAuthDoIt (tdata, tdata, schedule, 1);
357 if (tdata[0] + tdata[1] & 0x4)
366 #if defined(USE_CRYPT)
369 char *result, *crypt ();
373 for (j = 0; j < 2; j++)
376 for (i = 0; i < 4; i++)
379 cdata[k] = sdata & 0xff;
386 for (i = 0; i < len; i += 4)
388 result = crypt (cdata, (const char *) key);
392 for (j = 0; j < k; j++)
393 auth[i + j] = result[2 + j];
394 for (j = 0; j < 8; j++)
395 cdata[j] = result[2 + j];
398 #elif defined(USE_ENCRYPT)
405 bitsToBytes (key, key_bits);
406 bitsToBytes (ldata, data_bits);
408 for (i = 0; i < len; i++) {
410 for (bit = 1; bit < 256; bit <<= 1) {
411 encrypt (data_bits, 0);
423 seed = (ldata[0] + key[0]) +
424 ((ldata[1] + key[1]) << 16);
426 for (i = 0; i < len; i++)
429 auth[i] = (value & 0xff00) >> 8;
432 if (value > sizeof (key))
433 value = sizeof (key);
434 memmove( (char *) key, auth, value);
442 static int cryptoInited = 0;
445 InitCryptoKey( void )
449 char *key_file = "/dev/urandom";
450 #elif defined(CSRG_BASED)
452 char *key_file = "/dev/random";
454 # warning "Using /dev/mem for random bits."
455 /* JET - this seems like a really bad idea. */
456 char *key_file = "/dev/mem";
462 * If the sumFile fails to produce a result
463 * use the time of day.
465 if (!sumFile (key_file, key)) {
470 struct timezone zone;
471 gettimeofday (&now, &zone);
473 key[1] = now.tv_usec;
479 key[0] = time ((long *) 0);
488 #endif /* HASXDMAUTH */