2 * CDE - Common Desktop Environment
4 * Copyright (c) 1993-2012, The Open Group. All rights reserved.
6 * These libraries and programs are free software; you can
7 * redistribute them and/or modify them under the terms of the GNU
8 * Lesser General Public License as published by the Free Software
9 * Foundation; either version 2 of the License, or (at your option)
12 * These libraries and programs are distributed in the hope that
13 * they will be useful, but WITHOUT ANY WARRANTY; without even the
14 * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
15 * PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with these librararies and programs; if not, write
20 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
21 * Floor, Boston, MA 02110-1301 USA
23 /* $TOG: genauth.c /main/6 1997/03/25 12:33:13 barstow $ */
24 /* (c) Copyright 1997, The Open Group */
26 * (c) Copyright 1993, 1994 Hewlett-Packard Company *
27 * (c) Copyright 1993, 1994 International Business Machines Corp. *
28 * (c) Copyright 1993, 1994 Sun Microsystems, Inc. *
29 * (c) Copyright 1993, 1994 Novell, Inc. *
38 * Revision 1.1.2.2 1995/04/21 13:05:23 Peter_Derr
39 * dtlogin auth key fixes from deltacde
40 * [1995/04/14 18:03:41 Peter_Derr]
42 * R6 xdm code used in dtlogin.
43 * [1995/04/10 16:52:31 Peter_Derr]
45 * Revision 1.1.3.3 1995/02/20 21:03:19 Peter_Derr
47 * [1995/02/20 20:13:02 Peter_Derr]
49 * Revision 1.1.3.2 1994/07/13 19:26:25 Peter_Derr
50 * Include Wrap.h to get definitions for XDM-AUTHENTICATION-1
51 * authorization mechanism.
52 * [1994/07/13 12:15:59 Peter_Derr]
57 static char *rcsid = "@(#)$RCSfile: genauth.c $ $Revision: /main/6 $ (DEC) $Date: 1997/03/25 12:33:13 $";
61 Copyright (c) 1988 X Consortium
63 Permission is hereby granted, free of charge, to any person obtaining
64 a copy of this software and associated documentation files (the
65 "Software"), to deal in the Software without restriction, including
66 without limitation the rights to use, copy, modify, merge, publish,
67 distribute, sublicense, and/or sell copies of the Software, and to
68 permit persons to whom the Software is furnished to do so, subject to
69 the following conditions:
71 The above copyright notice and this permission notice shall be included
72 in all copies or substantial portions of the Software.
74 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
75 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
76 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
77 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
78 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
79 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
80 OTHER DEALINGS IN THE SOFTWARE.
82 Except as contained in this notice, the name of the X Consortium shall
83 not be used in advertising or otherwise to promote the sale, use or
84 other dealings in this Software without prior written authorization
85 from the X Consortium.
90 * xdm - display manager daemon
91 * Author: Keith Packard, MIT X Consortium
94 # include <X11/Xauth.h>
100 #ifdef X_NOT_STDC_ENV
102 extern Time_t time ();
106 #define Time_t time_t
127 # define DONT_USE_DES
131 # if (OSMAJORVERSION >= 4)
132 /* avoid strange sun crypt hackery */
133 # define crypt _crypt
139 #if !defined (DONT_USE_DES) && !defined (USE_CRYPT)
144 static unsigned char key[8];
149 static sumFile (char *name, long sum[2]);
153 typedef unsigned char auth_cblock[8]; /* block size */
155 typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
157 extern void _XdmcpWrapperToOddParity();
160 longtochars (long l, unsigned char *c)
162 c[0] = (l >> 24) & 0xff;
163 c[1] = (l >> 16) & 0xff;
164 c[2] = (l >> 8) & 0xff;
169 InitXdmcpWrapper (void)
172 unsigned char tmpkey[8];
174 * randomFile is and xdm resource not defined in dtlogin.
176 * if (!sumFile (randomFile, sum)) {
178 if (!sumFile ("/dev/mem", sum)) {
179 sum[0] = time ((Time_t *) 0);
180 sum[1] = time ((Time_t *) 0);
182 longtochars (sum[0], tmpkey+0);
183 longtochars (sum[1], tmpkey+4);
185 _XdmcpWrapperToOddParity (tmpkey, key);
188 #endif /* HASXDMAUTH */
191 /* A random number generator that is more unpredictable
192 than that shipped with some systems.
193 This code is taken from the C standard. */
195 static unsigned long int next = 1;
200 next = next * 1103515245 + 12345;
201 return (unsigned int)(next/65536) % 32768;
205 xdm_srand(unsigned int seed)
209 #endif /* no HASXDMAUTH */
213 bitsToBytes (unsigned long bits[2], char bytes[64])
219 for (byte = 0; byte < 2; byte++)
220 for (bit = 0; bit < 32; bit++)
221 bytes[i++] = ((bits[byte] & (1 << bit)) != 0);
223 #endif /* USE_ENCRYPT */
225 # define FILE_LIMIT 1024 /* no more than this many buffers */
227 /* for linux/csrg we use a simpler method to get 2 random longs from
228 * the OS's random number device.
231 #if defined(linux) || defined(CSRG_BASED) || defined(sun)
232 #define READ_LIMIT (sizeof (long) * 2)
235 sumFile (char *name, long sum[2])
241 if ( (fd = open (name, 0)) < 0 )
243 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n",
251 if (read(fd, (char *)buf, READ_LIMIT) != READ_LIMIT)
253 LogError((unsigned char *) "Could not read %d bytes from '%s'\n",
256 sum[0] = (long)time((Time_t *) 0);
272 #else /* linux || CSRG_BASED */
275 sumFile (char *name, long sum[2])
287 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n", name, errno);
290 #ifdef FRAGILE_DEV_MEM
291 if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
296 while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
297 loops = cnt / (2 * sizeof (long));
298 for (i = 0; i < loops; i+= 2) {
305 LogError((unsigned char *) "Cannot read randomFile \"%s\", errno = %d\n", name, errno);
309 #endif /* linux || CSRG_BASED */
312 GenerateAuthData (char *auth, int len)
320 X_GETTIMEOFDAY (&now);
321 ldata[0] = now.tv_sec;
322 ldata[1] = now.tv_usec;
328 ldata[0] = time ((long *) 0);
329 ldata[1] = getpid ();
331 #endif /* ITIMER_REAL */
337 auth_wrapper_schedule schedule;
338 unsigned char tdata[8];
339 static int xdmcpAuthInited;
341 longtochars (ldata[0], tdata+0);
342 longtochars (ldata[1], tdata+4);
343 if (!xdmcpAuthInited)
348 _XdmcpAuthSetup (key, schedule);
349 for (i = 0; i < len; i++) {
351 for (bit = 1; bit < 256; bit <<= 1) {
352 _XdmcpAuthDoIt (tdata, tdata, schedule, 1);
353 if (tdata[0] + tdata[1] & 0x4)
362 #if defined(USE_CRYPT)
365 char *result, *crypt ();
369 for (j = 0; j < 2; j++)
372 for (i = 0; i < 4; i++)
375 cdata[k] = sdata & 0xff;
382 for (i = 0; i < len; i += 4)
384 result = crypt (cdata, (const char *) key);
388 for (j = 0; j < k; j++)
389 auth[i + j] = result[2 + j];
390 for (j = 0; j < 8; j++)
391 cdata[j] = result[2 + j];
394 #elif defined(USE_ENCRYPT)
401 bitsToBytes (key, key_bits);
402 bitsToBytes (ldata, data_bits);
404 for (i = 0; i < len; i++) {
406 for (bit = 1; bit < 256; bit <<= 1) {
407 encrypt (data_bits, 0);
419 seed = (ldata[0] + key[0]) +
420 ((ldata[1] + key[1]) << 16);
422 for (i = 0; i < len; i++)
425 auth[i] = (value & 0xff00) >> 8;
428 if (value > sizeof (key))
429 value = sizeof (key);
430 memmove( (char *) key, auth, value);
438 static int cryptoInited = 0;
441 InitCryptoKey( void )
445 char *key_file = "/dev/urandom";
446 #elif defined(CSRG_BASED) || defined(sun)
448 char *key_file = "/dev/random";
450 # warning "Using /dev/mem for random bits."
451 /* JET - this seems like a really bad idea. */
452 char *key_file = "/dev/mem";
458 * If the sumFile fails to produce a result
459 * use the time of day.
461 if (!sumFile (key_file, key)) {
466 struct timezone zone;
467 gettimeofday (&now, &zone);
469 key[1] = now.tv_usec;
475 key[0] = time ((long *) 0);
486 #endif /* HASXDMAUTH */