From 20cad57cd4d5a77e74597226091592945e1cbbf8 Mon Sep 17 00:00:00 2001
From: Jon Trulson <jon@radscan.com>
Date: Tue, 29 May 2018 12:28:21 -0600
Subject: [PATCH] dtsession: fix screen saver/locking on linux

The POSIX __linux__ commit broke the special detection on linux used
to determine whether a secure system was in use or not.

This commit reworks the logic a little bit to avoid special casing
linux in main().

It also reworks the logic in CanReAuthenticate() to fix up some issues
"fixed" to correct converity warnings.  The logic in this case was
mostly ok, but still didn't account for the proper usage of this
function.  Error detection improved somewhat as a result.
---
 cde/programs/dtsession/SmLock.c | 16 +++++++++----
 cde/programs/dtsession/SmMain.c | 42 +++++++++++----------------------
 2 files changed, 25 insertions(+), 33 deletions(-)

diff --git a/cde/programs/dtsession/SmLock.c b/cde/programs/dtsession/SmLock.c
index 20d9c669..e2020713 100644
--- a/cde/programs/dtsession/SmLock.c
+++ b/cde/programs/dtsession/SmLock.c
@@ -153,14 +153,20 @@ static void BlinkCaret( XtPointer, XtIntervalId *) ;
 static Boolean CanReAuthenticate(char *name, uid_t uid, char *passwd,
 				 struct passwd **pwent, struct spwd **spent)
 {
-  Boolean fail = False;
+  if (!pwent)
+      return False;
+
+  *pwent = (name == NULL) ? getpwuid(uid) : getpwnam(name);
+  if (!*pwent)
+      return False;
 
-  if (pwent)
-    *pwent = (name == NULL) ? getpwuid(uid) : getpwnam(name);
-    *spent = getspnam((*pwent)->pw_name);
+  *spent = getspnam((*pwent)->pw_name);
 
 #ifdef JET_AUTHDEBUG
-  fprintf(stderr, "CanReAuthenticate(): %s %s %s\n",
+  fprintf(stderr, "CanReAuthenticate(): uid: %d name: '%s' errno %d %s %s %s\n",
+          uid,
+          (name) ? name : "NULL",
+          errno,
 	  (*pwent) ? "PWENT" : "NULL",
 	  (*spent) ? "SPENT" : "NULL",
 	  (name) ? name : "NULL");
diff --git a/cde/programs/dtsession/SmMain.c b/cde/programs/dtsession/SmMain.c
index 3d4f712e..6176003e 100644
--- a/cde/programs/dtsession/SmMain.c
+++ b/cde/programs/dtsession/SmMain.c
@@ -95,7 +95,7 @@ static int RegisterX11ScreenSaver(Display *display, int *ssEventType);
 #ifdef _AIX
 #define SECURE_SYS_PATH "/etc/security/passwd"
 #endif
-#ifdef SVR4
+#if defined(SVR4) || defined(__linux__)
 #define SECURE_SYS_PATH "/etc/shadow"
 #endif
 #ifdef CSRG_BASED
@@ -159,7 +159,7 @@ main (int argc, char **argv)
      * prepended with <unknown program name> in the error log.
      */
     DtProgName = SM_RESOURCE_NAME ;
-    
+
 #ifdef DEBUG
     if(argc > 5)
     {
@@ -183,17 +183,6 @@ main (int argc, char **argv)
      */
     smGD.runningUID = getuid();
 
-#ifdef linux			/* linux always needs to be setup as secure */
-
-    /*
-     * Save the root privilege to be restored when trying to unlock
-     */
-    smGD.unLockUID = geteuid();
-    smGD.secureSystem = True;
-    SM_SETEUID(smGD.runningUID);
-    
-#else
-
 # ifdef SECURE_SYS_PATH
     status = stat(SECURE_SYS_PATH, &buf);
 # else
@@ -219,8 +208,6 @@ main (int argc, char **argv)
         SM_SETEUID(smGD.runningUID);
     }
 
-#endif /* linux */
-
     /*
      * Initialize LANG if it isn't defined.
      */
@@ -260,7 +247,7 @@ main (int argc, char **argv)
     stopvec.sa_handler = StopAll;
     sigemptyset(&stopvec.sa_mask);
     stopvec.sa_flags = 0;
- 
+
     smGD.childvec.sa_handler = WaitChildDeath;
     sigemptyset(&smGD.childvec.sa_mask);
     smGD.childvec.sa_flags = 0;
@@ -322,9 +309,9 @@ main (int argc, char **argv)
      * Create one display connection for dtsession, and one for
      * the color server. We cannot share a display connection since
      * motif creates a display object for the color server's display during
-     * color server initialization. Since the color server is not yet 
+     * color server initialization. Since the color server is not yet
      * operational, any dialogs (ie the dtsession logout confirmation
-     * dialogs) created on that display do not get the color server colors. 
+     * dialogs) created on that display do not get the color server colors.
      * The dtsession display object is created after color server
      * initialization is complete.
      */
@@ -335,7 +322,7 @@ main (int argc, char **argv)
 	 */
         XtToolkitInitialize();
         smGD.appCon = XtCreateApplicationContext();
-        smGD.display = XtOpenDisplay(smGD.appCon, NULL, argv[0], 
+        smGD.display = XtOpenDisplay(smGD.appCon, NULL, argv[0],
 				SM_RESOURCE_CLASS,
 				NULL, 0, &argc, argv);
     }
@@ -344,7 +331,7 @@ main (int argc, char **argv)
                                  NULL, 0, &argc, argv);
 
     /*
-     * Initialize XSMP 
+     * Initialize XSMP
      */
     if (!InitXSMP (argv[0]))
         SM_EXIT(-1);
@@ -483,7 +470,7 @@ main (int argc, char **argv)
 	StartWM();
     }
 
-    /* 
+    /*
      * Run the user's startup script if there is one
      */
 
@@ -594,7 +581,7 @@ StopAll(int i)
  *
  *  Description:
  *  -----------
- *  Register with X11 screen saver server extension for screen saver events. 
+ *  Register with X11 screen saver server extension for screen saver events.
  *
  *  Inputs:
  *  ------
@@ -642,11 +629,11 @@ RegisterX11ScreenSaver(
     */
     screen = DefaultScreen(display);
     root = DefaultRootWindow(display);
-   
+
     XGrabServer(display);
     if (!XScreenSaverGetRegistered(display, screen, &xid, &type))
     {
-     /* 
+     /*
       * No other clients registered with this server so register this one.
       */
       XScreenSaverRegister(display, screen, XtWindow(smGD.topLevelWid), XA_WINDOW);
@@ -658,10 +645,10 @@ RegisterX11ScreenSaver(
     {
       XSetWindowAttributes attr;
 
-     /* 
+     /*
       * Registration successful.
       */
-      XScreenSaverSelectInput(display, root, 
+      XScreenSaverSelectInput(display, root,
                               ScreenSaverNotifyMask|ScreenSaverCycleMask);
 
       /* Even though OverrideRedirect is the default attribute in this
@@ -674,7 +661,6 @@ RegisterX11ScreenSaver(
                           CopyFromParent, CopyFromParent, CWOverrideRedirect, &attr);
     }
   }
-  return(result);   
+  return(result);
 }
 #endif /* USE_X11SSEXT */
-
-- 
2.25.1