2 * CDE - Common Desktop Environment
4 * Copyright (c) 1993-2012, The Open Group. All rights reserved.
6 * These libraries and programs are free software; you can
7 * redistribute them and/or modify them under the terms of the GNU
8 * Lesser General Public License as published by the Free Software
9 * Foundation; either version 2 of the License, or (at your option)
12 * These libraries and programs are distributed in the hope that
13 * they will be useful, but WITHOUT ANY WARRANTY; without even the
14 * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
15 * PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with these libraries and programs; if not, write
20 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
21 * Floor, Boston, MA 02110-1301 USA
23 /* $TOG: genauth.c /main/6 1997/03/25 12:33:13 barstow $ */
24 /* (c) Copyright 1997, The Open Group */
26 * (c) Copyright 1993, 1994 Hewlett-Packard Company *
27 * (c) Copyright 1993, 1994 International Business Machines Corp. *
28 * (c) Copyright 1993, 1994 Sun Microsystems, Inc. *
29 * (c) Copyright 1993, 1994 Novell, Inc. *
38 * Revision 1.1.2.2 1995/04/21 13:05:23 Peter_Derr
39 * dtlogin auth key fixes from deltacde
40 * [1995/04/14 18:03:41 Peter_Derr]
42 * R6 xdm code used in dtlogin.
43 * [1995/04/10 16:52:31 Peter_Derr]
45 * Revision 1.1.3.3 1995/02/20 21:03:19 Peter_Derr
47 * [1995/02/20 20:13:02 Peter_Derr]
49 * Revision 1.1.3.2 1994/07/13 19:26:25 Peter_Derr
50 * Include Wrap.h to get definitions for XDM-AUTHENTICATION-1
51 * authorization mechanism.
52 * [1994/07/13 12:15:59 Peter_Derr]
57 static char *rcsid = "@(#)$RCSfile: genauth.c $ $Revision: /main/6 $ (DEC) $Date: 1997/03/25 12:33:13 $";
61 Copyright (c) 1988 X Consortium
63 Permission is hereby granted, free of charge, to any person obtaining
64 a copy of this software and associated documentation files (the
65 "Software"), to deal in the Software without restriction, including
66 without limitation the rights to use, copy, modify, merge, publish,
67 distribute, sublicense, and/or sell copies of the Software, and to
68 permit persons to whom the Software is furnished to do so, subject to
69 the following conditions:
71 The above copyright notice and this permission notice shall be included
72 in all copies or substantial portions of the Software.
74 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
75 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
76 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
77 IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR
78 OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
79 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
80 OTHER DEALINGS IN THE SOFTWARE.
82 Except as contained in this notice, the name of the X Consortium shall
83 not be used in advertising or otherwise to promote the sale, use or
84 other dealings in this Software without prior written authorization
85 from the X Consortium.
90 * xdm - display manager daemon
91 * Author: Keith Packard, MIT X Consortium
94 # include <X11/Xauth.h>
100 #ifdef X_NOT_STDC_ENV
102 extern Time_t time ();
106 #define Time_t time_t
109 #if !defined(DONT_USE_DES) && !defined(USE_CRYPT)
110 # if defined(AIXV3) || defined(hpux) || defined(__FreeBSD__)
112 # elif defined(__OpenBSD__)
113 # define DONT_USE_DES
116 # if (OSMAJORVERSION >= 4)
117 /* avoid strange sun crypt hackery */
118 # define crypt _crypt
125 static unsigned char key[8];
130 static sumFile (char *name, long sum[2]);
134 typedef unsigned char auth_cblock[8]; /* block size */
136 typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
138 extern void _XdmcpWrapperToOddParity();
141 longtochars (long l, unsigned char *c)
143 c[0] = (l >> 24) & 0xff;
144 c[1] = (l >> 16) & 0xff;
145 c[2] = (l >> 8) & 0xff;
150 InitXdmcpWrapper (void)
153 unsigned char tmpkey[8];
155 * randomFile is and xdm resource not defined in dtlogin.
157 * if (!sumFile (randomFile, sum)) {
159 if (!sumFile ("/dev/mem", sum)) {
160 sum[0] = time ((Time_t *) 0);
161 sum[1] = time ((Time_t *) 0);
163 longtochars (sum[0], tmpkey+0);
164 longtochars (sum[1], tmpkey+4);
166 _XdmcpWrapperToOddParity (tmpkey, key);
169 #endif /* HASXDMAUTH */
172 /* A random number generator that is more unpredictable
173 than that shipped with some systems.
174 This code is taken from the C standard. */
176 static unsigned long int next = 1;
181 next = next * 1103515245 + 12345;
182 return (unsigned int)(next/65536) % 32768;
186 xdm_srand(unsigned int seed)
190 #endif /* no HASXDMAUTH */
194 bitsToBytes (unsigned long bits[2], char bytes[64])
200 for (byte = 0; byte < 2; byte++)
201 for (bit = 0; bit < 32; bit++)
202 bytes[i++] = ((bits[byte] & (1 << bit)) != 0);
204 #endif /* USE_ENCRYPT */
206 # define FILE_LIMIT 1024 /* no more than this many buffers */
208 /* for linux/csrg we use a simpler method to get 2 random longs from
209 * the OS's random number device.
212 #if defined(__linux__) || defined(CSRG_BASED) || defined(sun)
213 #define READ_LIMIT (sizeof (long) * 2)
216 sumFile (char *name, long sum[2])
222 if ( (fd = open (name, 0)) < 0 )
224 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n",
232 if (read(fd, (char *)buf, READ_LIMIT) != READ_LIMIT)
234 LogError((unsigned char *) "Could not read %d bytes from '%s'\n",
237 sum[0] = (long)time((Time_t *) 0);
253 #else /* linux || CSRG_BASED */
256 sumFile (char *name, long sum[2])
268 LogError((unsigned char *) "Cannot open randomFile \"%s\", errno = %d\n", name, errno);
271 #ifdef FRAGILE_DEV_MEM
272 if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
277 while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
278 loops = cnt / (2 * sizeof (long));
279 for (i = 0; i < loops; i+= 2) {
286 LogError((unsigned char *) "Cannot read randomFile \"%s\", errno = %d\n", name, errno);
290 #endif /* linux || CSRG_BASED */
293 GenerateAuthData (char *auth, int len)
301 X_GETTIMEOFDAY (&now);
302 ldata[0] = now.tv_sec;
303 ldata[1] = now.tv_usec;
309 ldata[0] = time ((long *) 0);
310 ldata[1] = getpid ();
312 #endif /* ITIMER_REAL */
318 auth_wrapper_schedule schedule;
319 unsigned char tdata[8];
320 static int xdmcpAuthInited;
322 longtochars (ldata[0], tdata+0);
323 longtochars (ldata[1], tdata+4);
324 if (!xdmcpAuthInited)
329 _XdmcpAuthSetup (key, schedule);
330 for (i = 0; i < len; i++) {
332 for (bit = 1; bit < 256; bit <<= 1) {
333 _XdmcpAuthDoIt (tdata, tdata, schedule, 1);
334 if (tdata[0] + tdata[1] & 0x4)
343 #if defined(USE_CRYPT)
346 char *result, *crypt ();
350 for (j = 0; j < 2; j++)
353 for (i = 0; i < 4; i++)
356 cdata[k] = sdata & 0xff;
363 for (i = 0; i < len; i += 4)
365 result = crypt (cdata, (const char *) key);
369 for (j = 0; j < k; j++)
370 auth[i + j] = result[2 + j];
371 for (j = 0; j < 8; j++)
372 cdata[j] = result[2 + j];
375 #elif defined(USE_ENCRYPT)
382 bitsToBytes (key, key_bits);
383 bitsToBytes (ldata, data_bits);
385 for (i = 0; i < len; i++) {
387 for (bit = 1; bit < 256; bit <<= 1) {
388 encrypt (data_bits, 0);
400 seed = (ldata[0] + key[0]) +
401 ((ldata[1] + key[1]) << 16);
403 for (i = 0; i < len; i++)
406 auth[i] = (value & 0xff00) >> 8;
409 if (value > sizeof (key))
410 value = sizeof (key);
411 memmove( (char *) key, auth, value);
419 static int cryptoInited = 0;
422 InitCryptoKey( void )
424 #if defined(__linux__)
426 char *key_file = "/dev/urandom";
427 #elif defined(CSRG_BASED) || defined(sun)
429 char *key_file = "/dev/random";
431 # warning "Using /dev/mem for random bits."
432 /* JET - this seems like a really bad idea. */
433 char *key_file = "/dev/mem";
439 * If the sumFile fails to produce a result
440 * use the time of day.
442 if (!sumFile (key_file, key)) {
447 struct timezone zone;
448 gettimeofday (&now, &zone);
450 key[1] = now.tv_usec;
456 key[0] = time ((long *) 0);
467 #endif /* HASXDMAUTH */
projects / oweals / cde.git / blob