2 * CDE - Common Desktop Environment
4 * Copyright (c) 1993-2012, The Open Group. All rights reserved.
6 * These libraries and programs are free software; you can
7 * redistribute them and/or modify them under the terms of the GNU
8 * Lesser General Public License as published by the Free Software
9 * Foundation; either version 2 of the License, or (at your option)
12 * These libraries and programs are distributed in the hope that
13 * they will be useful, but WITHOUT ANY WARRANTY; without even the
14 * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
15 * PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with these librararies and programs; if not, write
20 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
21 * Floor, Boston, MA 02110-1301 USA
23 /* $TOG: genauth.c /main/6 1997/03/25 12:33:13 barstow $ */
24 /* (c) Copyright 1997, The Open Group */
26 * (c) Copyright 1993, 1994 Hewlett-Packard Company *
27 * (c) Copyright 1993, 1994 International Business Machines Corp. *
28 * (c) Copyright 1993, 1994 Sun Microsystems, Inc. *
29 * (c) Copyright 1993, 1994 Novell, Inc. *
38 * Revision 1.1.2.2 1995/04/21 13:05:23 Peter_Derr
39 * dtlogin auth key fixes from deltacde
40 * [1995/04/14 18:03:41 Peter_Derr]
42 * R6 xdm code used in dtlogin.
43 * [1995/04/10 16:52:31 Peter_Derr]
45 * Revision 1.1.3.3 1995/02/20 21:03:19 Peter_Derr
47 * [1995/02/20 20:13:02 Peter_Derr]
49 * Revision 1.1.3.2 1994/07/13 19:26:25 Peter_Derr
50 * Include Wrap.h to get definitions for XDM-AUTHENTICATION-1
51 * authorization mechanism.
52 * [1994/07/13 12:15:59 Peter_Derr]
57 static char *rcsid = "@(#)$RCSfile: genauth.c $ $Revision: /main/6 $ (DEC) $Date: 1997/03/25 12:33:13 $";
61 Copyright (c) 1988 X Consortium
63 Permission is hereby granted, free of charge, to any person obtaining
64 a copy of this software and associated documentation files (the
65 "Software"), to deal in the Software without restriction, including
66 without limitation the rights to use, copy, modify, merge, publish,
67 distribute, sublicense, and/or sell copies of the Software, and to
68 permit persons to whom the Software is furnished to do so, subject to
69 the following conditions:
71 The above copyright notice and this permission notice shall be included
72 in all copies or substantial portions of the Software.
74 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
75 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
76 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
77 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
78 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
79 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
80 OTHER DEALINGS IN THE SOFTWARE.
82 Except as contained in this notice, the name of the X Consortium shall
83 not be used in advertising or otherwise to promote the sale, use or
84 other dealings in this Software without prior written authorization
85 from the X Consortium.
90 * xdm - display manager daemon
91 * Author: Keith Packard, MIT X Consortium
94 # include <X11/Xauth.h>
100 #ifdef X_NOT_STDC_ENV
102 extern Time_t time ();
106 #define Time_t time_t
125 # if (OSMAJORVERSION >= 4)
126 /* avoid strange sun crypt hackery */
127 # define crypt _crypt
133 #if !defined (DONT_USE_DES) && !defined (USE_CRYPT)
138 static unsigned char key[8];
143 static sumFile (char *name, long sum[2]);
147 typedef unsigned char auth_cblock[8]; /* block size */
149 typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
151 extern void _XdmcpWrapperToOddParity();
158 c[0] = (l >> 24) & 0xff;
159 c[1] = (l >> 16) & 0xff;
160 c[2] = (l >> 8) & 0xff;
168 unsigned char tmpkey[8];
170 * randomFile is and xdm resource not defined in dtlogin.
172 * if (!sumFile (randomFile, sum)) {
174 if (!sumFile ("/dev/mem", sum)) {
175 sum[0] = time ((Time_t *) 0);
176 sum[1] = time ((Time_t *) 0);
178 longtochars (sum[0], tmpkey+0);
179 longtochars (sum[1], tmpkey+4);
181 _XdmcpWrapperToOddParity (tmpkey, key);
184 #endif /* HASXDMAUTH */
187 /* A random number generator that is more unpredictable
188 than that shipped with some systems.
189 This code is taken from the C standard. */
191 static unsigned long int next = 1;
196 next = next * 1103515245 + 12345;
197 return (unsigned int)(next/65536) % 32768;
206 #endif /* no HASXDMAUTH */
210 bitsToBytes (bits, bytes)
211 unsigned long bits[2];
218 for (byte = 0; byte < 2; byte++)
219 for (bit = 0; bit < 32; bit++)
220 bytes[i++] = ((bits[byte] & (1 << bit)) != 0);
222 #endif /* USE_ENCRYPT */
224 # define FILE_LIMIT 1024 /* no more than this many buffers */
226 /* for linux/csrg we use a simpler method to get 2 random longs from
227 * the OS's random number device.
230 #if defined(linux) || defined(CSRG_BASED)
231 #define READ_LIMIT (sizeof (long) * 2)
233 static sumFile (char *name, long sum[2])
239 if ( (fd = open (name, 0)) < 0 )
241 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n",
249 if (read(fd, (char *)buf, READ_LIMIT) != READ_LIMIT)
251 LogError((unsigned char *) "Could not read %d bytes from '%s'\n",
254 sum[0] = (long)time((Time_t *) 0);
270 #else /* linux || CSRG_BASED */
287 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n", name, errno);
290 #ifdef FRAGILE_DEV_MEM
291 if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
296 while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
297 loops = cnt / (2 * sizeof (long));
298 for (i = 0; i < loops; i+= 2) {
305 LogError((unsigned char *) "Cannot read randomFile \"%s\", errno = %d\n", name, errno);
309 #endif /* linux || CSRG_BASED */
311 GenerateAuthData (auth, len)
321 X_GETTIMEOFDAY (&now);
322 ldata[0] = now.tv_sec;
323 ldata[1] = now.tv_usec;
329 ldata[0] = time ((long *) 0);
330 ldata[1] = getpid ();
332 #endif /* ITIMER_REAL */
338 auth_wrapper_schedule schedule;
339 unsigned char tdata[8];
340 static int xdmcpAuthInited;
342 longtochars (ldata[0], tdata+0);
343 longtochars (ldata[1], tdata+4);
344 if (!xdmcpAuthInited)
349 _XdmcpAuthSetup (key, schedule);
350 for (i = 0; i < len; i++) {
352 for (bit = 1; bit < 256; bit <<= 1) {
353 _XdmcpAuthDoIt (tdata, tdata, schedule, 1);
354 if (tdata[0] + tdata[1] & 0x4)
363 #if defined(USE_CRYPT)
366 char *result, *crypt ();
370 for (j = 0; j < 2; j++)
373 for (i = 0; i < 4; i++)
376 cdata[k] = sdata & 0xff;
383 for (i = 0; i < len; i += 4)
385 result = crypt (cdata, (const char *) key);
389 for (j = 0; j < k; j++)
390 auth[i + j] = result[2 + j];
391 for (j = 0; j < 8; j++)
392 cdata[j] = result[2 + j];
395 #elif defined(USE_ENCRYPT)
402 bitsToBytes (key, key_bits);
403 bitsToBytes (ldata, data_bits);
405 for (i = 0; i < len; i++) {
407 for (bit = 1; bit < 256; bit <<= 1) {
408 encrypt (data_bits, 0);
420 seed = (ldata[0] + key[0]) +
421 ((ldata[1] + key[1]) << 16);
423 for (i = 0; i < len; i++)
426 auth[i] = (value & 0xff00) >> 8;
429 if (value > sizeof (key))
430 value = sizeof (key);
431 memmove( (char *) key, auth, value);
439 static int cryptoInited = 0;
442 InitCryptoKey( void )
446 char *key_file = "/dev/urandom";
447 #elif defined(CSRG_BASED)
449 char *key_file = "/dev/random";
451 # warning "Using /dev/mem for random bits."
452 /* JET - this seems like a really bad idea. */
453 char *key_file = "/dev/mem";
459 * If the sumFile fails to produce a result
460 * use the time of day.
462 if (!sumFile (key_file, key)) {
467 struct timezone zone;
468 gettimeofday (&now, &zone);
470 key[1] = now.tv_usec;
476 key[0] = time ((long *) 0);
485 #endif /* HASXDMAUTH */