xserver: Branch 'master' - 2 commits
Eamon Walsh
ewalsh at kemper.freedesktop.org
Sat Dec 2 04:16:43 EET 2006
Xext/security.c | 14 +++++-----
Xext/xace.c | 2 -
Xext/xace.h | 26 +++++++++++++++---
dix/devices.c | 22 ++++------------
dix/dispatch.c | 41 +++++++----------------------
dix/dixutils.c | 2 -
dix/events.c | 50 +++++++++++++-----------------------
dix/extension.c | 17 ++----------
dix/getevents.c | 4 --
dix/property.c | 77 +++++++++++++++++++++-----------------------------------
dix/resource.c | 8 +----
dix/window.c | 42 +++++++++---------------------
os/access.c | 6 +---
os/connection.c | 6 +---
14 files changed, 114 insertions(+), 203 deletions(-)
New commits:
diff-tree ac90ce58ba1da3ed605adf75f4d54c34b578c402 (from f44f14fe564d834568a0afefba944223a73ea0f5)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Dec 1 21:12:21 2006 -0500
Naming change: Security*Operation -> Xace*Operation
diff --git a/Xext/security.c b/Xext/security.c
index ac76279..572f811 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -1251,7 +1251,7 @@ typedef struct _PropertyAccessRec {
} PropertyAccessRec, *PropertyAccessPtr;
static PropertyAccessPtr PropertyAccessList = NULL;
-static char SecurityDefaultAction = SecurityErrorOperation;
+static char SecurityDefaultAction = XaceErrorOperation;
static char *SecurityPolicyFile = DEFAULTPOLICYFILE;
static ATOM SecurityMaxPropertyName = 0;
@@ -1410,9 +1410,9 @@ SecurityParsePropertyAccessRule(
{
switch (c)
{
- case 'i': action = SecurityIgnoreOperation; break;
- case 'a': action = SecurityAllowOperation; break;
- case 'e': action = SecurityErrorOperation; break;
+ case 'i': action = XaceIgnoreOperation; break;
+ case 'a': action = XaceAllowOperation; break;
+ case 'e': action = XaceErrorOperation; break;
case 'r': readAction = action; break;
case 'w': writeAction = action; break;
@@ -1797,7 +1797,7 @@ CALLBACK(SecurityCheckPropertyAccess)
* If pacl doesn't apply, something above should have
* executed a continue, which will skip the follwing code.
*/
- action = SecurityAllowOperation;
+ action = XaceAllowOperation;
if (access_mode & SecurityReadAccess)
action = max(action, pacl->readAction);
if (access_mode & SecurityWriteAccess)
@@ -1808,11 +1808,11 @@ CALLBACK(SecurityCheckPropertyAccess)
} /* end for each pacl */
} /* end if propertyName <= SecurityMaxPropertyName */
- if (SecurityAllowOperation != action)
+ if (XaceAllowOperation != action)
{ /* audit the access violation */
int cid = CLIENT_ID(pWin->drawable.id);
int reqtype = ((xReq *)client->requestBuffer)->reqType;
- char *actionstr = (SecurityIgnoreOperation == action) ?
+ char *actionstr = (XaceIgnoreOperation == action) ?
"ignored" : "error";
SecurityAudit("client %d attempted request %d with window 0x%x property %s (atom 0x%x) of client %d, %s\n",
client->index, reqtype, pWin->drawable.id,
diff --git a/Xext/xace.c b/Xext/xace.c
index 7f7944a..6fc5c12 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -99,7 +99,7 @@ int XaceHook(int hook, ...)
va_arg(ap, WindowPtr),
va_arg(ap, Atom),
va_arg(ap, Mask),
- SecurityAllowOperation /* default allow */
+ XaceAllowOperation /* default allow */
};
calldata = &rec;
prv = &rec.rval;
diff --git a/Xext/xace.h b/Xext/xace.h
index 6f99895..7231b04 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -21,9 +21,9 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#define _XACE_H
/* Hook return codes */
-#define SecurityErrorOperation 0
-#define SecurityAllowOperation 1
-#define SecurityIgnoreOperation 2
+#define XaceErrorOperation 0
+#define XaceAllowOperation 1
+#define XaceIgnoreOperation 2
#ifdef XACE
@@ -107,10 +107,10 @@ extern void XaceCensorImage(
/* Define calls away when XACE is not being built. */
#ifdef __GNUC__
-#define XaceHook(args...) SecurityAllowOperation
+#define XaceHook(args...) XaceAllowOperation
#define XaceCensorImage(args...) { ; }
#else
-#define XaceHook(...) SecurityAllowOperation
+#define XaceHook(...) XaceAllowOperation
#define XaceCensorImage(...) { ; }
#endif
diff --git a/dix/property.c b/dix/property.c
index 0946b65..00d4856 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -119,12 +119,12 @@ ProcRotateProperties(ClientPtr client)
char action = XaceHook(XACE_PROPERTY_ACCESS, client, pWin, atoms[i],
SecurityReadAccess|SecurityWriteAccess);
- if (!ValidAtom(atoms[i]) || (SecurityErrorOperation == action)) {
+ if (!ValidAtom(atoms[i]) || (XaceErrorOperation == action)) {
DEALLOCATE_LOCAL(props);
client->errorValue = atoms[i];
return BadAtom;
}
- if (SecurityIgnoreOperation == action) {
+ if (XaceIgnoreOperation == action) {
DEALLOCATE_LOCAL(props);
return Success;
}
@@ -226,10 +226,10 @@ ProcChangeProperty(ClientPtr client)
switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
SecurityWriteAccess))
{
- case SecurityErrorOperation:
+ case XaceErrorOperation:
client->errorValue = stuff->property;
return BadAtom;
- case SecurityIgnoreOperation:
+ case XaceIgnoreOperation:
return Success;
}
@@ -495,10 +495,10 @@ ProcGetProperty(ClientPtr client)
switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
access_mode))
{
- case SecurityErrorOperation:
+ case XaceErrorOperation:
client->errorValue = stuff->property;
return BadAtom;;
- case SecurityIgnoreOperation:
+ case XaceIgnoreOperation:
return NullPropertyReply(client, pProp->type, pProp->format, &reply);
}
@@ -649,10 +649,10 @@ ProcDeleteProperty(register ClientPtr cl
switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
SecurityDestroyAccess))
{
- case SecurityErrorOperation:
+ case XaceErrorOperation:
client->errorValue = stuff->property;
return BadAtom;;
- case SecurityIgnoreOperation:
+ case XaceIgnoreOperation:
return Success;
}
diff-tree f44f14fe564d834568a0afefba944223a73ea0f5 (from a5d6499d666fea4a9988118ddd3a5e4c9cfcc32c)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Dec 1 20:48:15 2006 -0500
Define calls away when not building XACE, allowing ifdef's to be removed.
diff --git a/Xext/xace.h b/Xext/xace.h
index 6cb4b4f..6f99895 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -20,6 +20,13 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#ifndef _XACE_H
#define _XACE_H
+/* Hook return codes */
+#define SecurityErrorOperation 0
+#define SecurityAllowOperation 1
+#define SecurityIgnoreOperation 2
+
+#ifdef XACE
+
#define XACE_EXTENSION_NAME "XAccessControlExtension"
#define XACE_MAJOR_VERSION 1
#define XACE_MINOR_VERSION 0
@@ -75,11 +82,6 @@ extern int XaceHook(
/* From the original Security extension...
*/
-/* Hook return codes */
-#define SecurityAllowOperation 0
-#define SecurityIgnoreOperation 1
-#define SecurityErrorOperation 2
-
/* Proc vectors for untrusted clients, swapped and unswapped versions.
* These are the same as the normal proc vectors except that extensions
* that haven't declared themselves secure will have ProcBadRequest plugged
@@ -100,4 +102,18 @@ extern void XaceCensorImage(
char * pBuf
);
+#else /* XACE */
+
+/* Define calls away when XACE is not being built. */
+
+#ifdef __GNUC__
+#define XaceHook(args...) SecurityAllowOperation
+#define XaceCensorImage(args...) { ; }
+#else
+#define XaceHook(...) SecurityAllowOperation
+#define XaceCensorImage(...) { ; }
+#endif
+
+#endif /* XACE */
+
#endif /* _XACE_H */
diff --git a/dix/devices.c b/dix/devices.c
index aa04862..e6a5049 100644
--- a/dix/devices.c
+++ b/dix/devices.c
@@ -69,9 +69,7 @@ SOFTWARE.
#ifdef XKB
#include <X11/extensions/XKBsrv.h>
#endif
-#ifdef XACE
#include "xace.h"
-#endif
#include "dispatch.h"
#include "swaprep.h"
@@ -1178,10 +1176,8 @@ DoSetModifierMapping(ClientPtr client, K
}
}
-#ifdef XACE
if (!XaceHook(XACE_DEVICE_ACCESS, client, pDev, TRUE))
return BadAccess;
-#endif
/* None of the modifiers (old or new) may be down while we change
* the map. */
@@ -1302,14 +1298,12 @@ ProcChangeKeyboardMapping(ClientPtr clie
return BadValue;
}
-#ifdef XACE
for (pDev = inputInfo.devices; pDev; pDev = pDev->next) {
if ((pDev->coreEvents || pDev == inputInfo.keyboard) && pDev->key) {
if (!XaceHook(XACE_DEVICE_ACCESS, client, pDev, TRUE))
return BadAccess;
}
}
-#endif
keysyms.minKeyCode = stuff->firstKeyCode;
keysyms.maxKeyCode = stuff->firstKeyCode + stuff->keyCodes - 1;
@@ -1655,7 +1649,6 @@ ProcChangeKeyboardControl (ClientPtr cli
if (client->req_len != (sizeof(xChangeKeyboardControlReq)>>2)+Ones(vmask))
return BadLength;
-#ifdef XACE
for (pDev = inputInfo.devices; pDev; pDev = pDev->next) {
if ((pDev->coreEvents || pDev == inputInfo.keyboard) &&
pDev->kbdfeed && pDev->kbdfeed->CtrlProc) {
@@ -1663,7 +1656,6 @@ ProcChangeKeyboardControl (ClientPtr cli
return BadAccess;
}
}
-#endif
for (pDev = inputInfo.devices; pDev; pDev = pDev->next) {
if ((pDev->coreEvents || pDev == inputInfo.keyboard) &&
@@ -1920,15 +1912,13 @@ ProcQueryKeymap(ClientPtr client)
rep.type = X_Reply;
rep.sequenceNumber = client->sequence;
rep.length = 2;
-#ifdef XACE
- if (!XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE))
- {
- bzero((char *)&rep.map[0], 32);
- }
+
+ if (XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE))
+ for (i = 0; i<32; i++)
+ rep.map[i] = down[i];
else
-#endif
- for (i = 0; i<32; i++)
- rep.map[i] = down[i];
+ bzero((char *)&rep.map[0], 32);
+
WriteReplyToClient(client, sizeof(xQueryKeymapReply), &rep);
return Success;
}
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 26cb544..0a93c3b 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -135,9 +135,7 @@ int ProcInitialConnection();
#include "panoramiX.h"
#include "panoramiXsrv.h"
#endif
-#ifdef XACE
#include "xace.h"
-#endif
#ifdef XAPPGROUP
#include "appgroup.h"
#endif
@@ -504,16 +502,11 @@ Dispatch(void)
#endif
if (result > (maxBigRequestSize << 2))
result = BadLength;
- else
-#ifdef XACE
- {
+ else {
XaceHook(XACE_AUDIT_BEGIN, client);
result = (* client->requestVector[MAJOROP])(client);
XaceHook(XACE_AUDIT_END, client, result);
}
-#else
- result = (* client->requestVector[MAJOROP])(client);
-#endif /* XACE */
#ifdef XSERVER_DTRACE
XSERVER_REQUEST_DONE(GetRequestName(MAJOROP), MAJOROP,
client->sequence, client->index, result);
@@ -1166,14 +1159,11 @@ ProcConvertSelection(register ClientPtr
i = 0;
while ((i < NumCurrentSelections) &&
CurrentSelections[i].selection != stuff->selection) i++;
- if ((i < NumCurrentSelections) &&
- (CurrentSelections[i].window != None)
-#ifdef XACE
- && XaceHook(XACE_RESOURCE_ACCESS, client,
- CurrentSelections[i].window, RT_WINDOW,
- SecurityReadAccess, CurrentSelections[i].pWin)
-#endif
- )
+ if ((i < NumCurrentSelections) &&
+ (CurrentSelections[i].window != None) &&
+ XaceHook(XACE_RESOURCE_ACCESS, client,
+ CurrentSelections[i].window, RT_WINDOW,
+ SecurityReadAccess, CurrentSelections[i].pWin))
{
event.u.u.type = SelectionRequest;
event.u.selectionRequest.time = stuff->time;
@@ -2163,9 +2153,7 @@ DoGetImage(register ClientPtr client, in
Mask plane = 0;
char *pBuf;
xGetImageReply xgi;
-#ifdef XACE
RegionPtr pVisibleRegion = NULL;
-#endif
if ((format != XYPixmap) && (format != ZPixmap))
{
@@ -2269,17 +2257,16 @@ DoGetImage(register ClientPtr client, in
WriteReplyToClient(client, sizeof (xGetImageReply), &xgi);
}
-#ifdef XACE
if (pDraw->type == DRAWABLE_WINDOW &&
!XaceHook(XACE_DRAWABLE_ACCESS, client, pDraw))
{
pVisibleRegion = NotClippedByChildren((WindowPtr)pDraw);
if (pVisibleRegion)
{
- REGION_TRANSLATE(pDraw->pScreen, pVisibleRegion, -pDraw->x, -pDraw->y);
+ REGION_TRANSLATE(pDraw->pScreen, pVisibleRegion,
+ -pDraw->x, -pDraw->y);
}
}
-#endif
if (linesPerBuf == 0)
{
@@ -2299,12 +2286,10 @@ DoGetImage(register ClientPtr client, in
format,
planemask,
(pointer) pBuf);
-#ifdef XACE
if (pVisibleRegion)
XaceCensorImage(client, pVisibleRegion, widthBytesLine,
pDraw, x, y + linesDone, width,
nlines, format, pBuf);
-#endif
/* Note that this is NOT a call to WriteSwappedDataToClient,
as we do NOT byte swap */
@@ -2340,13 +2325,11 @@ DoGetImage(register ClientPtr client, in
format,
plane,
(pointer)pBuf);
-#ifdef XACE
if (pVisibleRegion)
XaceCensorImage(client, pVisibleRegion,
widthBytesLine,
pDraw, x, y + linesDone, width,
nlines, format, pBuf);
-#endif
/* Note: NOT a call to WriteSwappedDataToClient,
as we do NOT byte swap */
@@ -2368,10 +2351,8 @@ DoGetImage(register ClientPtr client, in
}
}
}
-#ifdef XACE
if (pVisibleRegion)
REGION_DESTROY(pDraw->pScreen, pVisibleRegion);
-#endif
if (!im_return)
DEALLOCATE_LOCAL(pBuf);
return (client->noClientException);
@@ -3342,13 +3323,11 @@ ProcListHosts(register ClientPtr client)
/* REQUEST(xListHostsReq); */
REQUEST_SIZE_MATCH(xListHostsReq);
-#ifdef XACE
+
/* untrusted clients can't list hosts */
if (!XaceHook(XACE_HOSTLIST_ACCESS, client, SecurityReadAccess))
- {
return BadAccess;
- }
-#endif
+
result = GetHosts(&pdata, &nHosts, &len, &reply.enabled);
if (result != Success)
return(result);
diff --git a/dix/dixutils.c b/dix/dixutils.c
index a395d44..af7e1c8 100644
--- a/dix/dixutils.c
+++ b/dix/dixutils.c
@@ -95,9 +95,7 @@ Author: Adobe Systems Incorporated
#include "scrnintstr.h"
#define XK_LATIN1
#include <X11/keysymdef.h>
-#ifdef XACE
#include "xace.h"
-#endif
/*
* CompareTimeStamps returns -1, 0, or +1 depending on if the first
diff --git a/dix/events.c b/dix/events.c
index c8da7d6..7cfe0ad 100644
--- a/dix/events.c
+++ b/dix/events.c
@@ -137,9 +137,7 @@ of the copyright holder.
extern Bool XkbFilterEvents(ClientPtr, int, xEvent *);
#endif
-#ifdef XACE
#include "xace.h"
-#endif
#ifdef XSERVER_DTRACE
#include <sys/types.h>
@@ -2462,10 +2460,8 @@ CheckPassiveGrabsOnWindow(
(grab->confineTo->realized &&
BorderSizeNotEmpty(grab->confineTo))))
{
-#ifdef XACE
if (!XaceHook(XACE_DEVICE_ACCESS, wClient(pWin), device, FALSE))
return FALSE;
-#endif
#ifdef XKB
if (!noXkbExtension) {
XE_KBPTR.state &= 0x1f00;
@@ -2826,9 +2822,7 @@ drawable.id:0;
if (deactivateGrab)
(*keybd->DeactivateGrab)(keybd);
-#ifdef XACE
XaceHook(XACE_KEY_AVAIL, xE, keybd, count);
-#endif
}
#ifdef XKB
@@ -3252,17 +3246,13 @@ EnterLeaveEvent(
if ((type == EnterNotify) && (mask & KeymapStateMask))
{
xKeymapEvent ke;
-
-#ifdef XACE
ClientPtr client = grab ? rClient(grab)
: clients[CLIENT_ID(pWin->drawable.id)];
- if (!XaceHook(XACE_DEVICE_ACCESS, client, keybd, FALSE))
- {
- bzero((char *)&ke.map[0], 31);
- }
+ if (XaceHook(XACE_DEVICE_ACCESS, client, keybd, FALSE))
+ memmove((char *)&ke.map[0], (char *)&keybd->key->down[1], 31);
else
-#endif
- memmove((char *)&ke.map[0], (char *)&keybd->key->down[1], 31);
+ bzero((char *)&ke.map[0], 31);
+
ke.type = KeymapNotify;
if (grab)
(void)TryClientEvents(rClient(grab), (xEvent *)&ke, 1, mask,
@@ -3348,15 +3338,12 @@ FocusEvent(DeviceIntPtr dev, int type, i
((pWin->eventMask | wOtherEventMasks(pWin)) & KeymapStateMask))
{
xKeymapEvent ke;
-#ifdef XACE
ClientPtr client = clients[CLIENT_ID(pWin->drawable.id)];
- if (!XaceHook(XACE_DEVICE_ACCESS, client, dev, FALSE))
- {
- bzero((char *)&ke.map[0], 31);
- }
+ if (XaceHook(XACE_DEVICE_ACCESS, client, dev, FALSE))
+ memmove((char *)&ke.map[0], (char *)&dev->key->down[1], 31);
else
-#endif
- memmove((char *)&ke.map[0], (char *)&dev->key->down[1], 31);
+ bzero((char *)&ke.map[0], 31);
+
ke.type = KeymapNotify;
(void)DeliverEventsToWindow(pWin, (xEvent *)&ke, 1,
KeymapStateMask, NullGrab, 0);
@@ -3619,10 +3606,10 @@ ProcSetInputFocus(client)
REQUEST(xSetInputFocusReq);
REQUEST_SIZE_MATCH(xSetInputFocusReq);
-#ifdef XACE
+
if (!XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE))
return Success;
-#endif
+
return SetInputFocus(client, inputInfo.keyboard, stuff->focus,
stuff->revertTo, stuff->time, FALSE);
}
@@ -3884,18 +3871,17 @@ ProcGrabKeyboard(ClientPtr client)
int result;
REQUEST_SIZE_MATCH(xGrabKeyboardReq);
-#ifdef XACE
- if (!XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE))
- {
+
+ if (XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE))
+ result = GrabDevice(client, inputInfo.keyboard, stuff->keyboardMode,
+ stuff->pointerMode, stuff->grabWindow,
+ stuff->ownerEvents, stuff->time,
+ KeyPressMask | KeyReleaseMask, &rep.status);
+ else {
result = Success;
rep.status = AlreadyGrabbed;
}
- else
-#endif
- result = GrabDevice(client, inputInfo.keyboard, stuff->keyboardMode,
- stuff->pointerMode, stuff->grabWindow,
- stuff->ownerEvents, stuff->time,
- KeyPressMask | KeyReleaseMask, &rep.status);
+
if (result != Success)
return result;
rep.type = X_Reply;
diff --git a/dix/extension.c b/dix/extension.c
index fe779b2..29cae86 100644
--- a/dix/extension.c
+++ b/dix/extension.c
@@ -59,9 +59,7 @@ SOFTWARE.
#include "gcstruct.h"
#include "scrnintstr.h"
#include "dispatch.h"
-#ifdef XACE
#include "xace.h"
-#endif
#define EXTENSION_BASE 128
#define EXTENSION_EVENT_BASE 64
@@ -256,11 +254,9 @@ GetExtensionEntry(int major)
_X_EXPORT void
DeclareExtensionSecurity(char *extname, Bool secure)
{
-#ifdef XACE
int i = FindExtension(extname, strlen(extname));
if (i >= 0)
XaceHook(XACE_DECLARE_EXT_SECURE, extensions[i], secure);
-#endif
}
_X_EXPORT unsigned short
@@ -336,12 +332,7 @@ ProcQueryExtension(ClientPtr client)
else
{
i = FindExtension((char *)&stuff[1], stuff->nbytes);
- if (i < 0
-#ifdef XACE
- /* call callbacks to find out whether to show extension */
- || !XaceHook(XACE_EXT_ACCESS, client, extensions[i])
-#endif
- )
+ if (i < 0 || !XaceHook(XACE_EXT_ACCESS, client, extensions[i]))
reply.present = xFalse;
else
{
@@ -376,11 +367,10 @@ ProcListExtensions(ClientPtr client)
for (i=0; i<NumExtensions; i++)
{
-#ifdef XACE
/* call callbacks to find out whether to show extension */
if (!XaceHook(XACE_EXT_ACCESS, client, extensions[i]))
continue;
-#endif
+
total_length += strlen(extensions[i]->name) + 1;
reply.nExtensions += 1 + extensions[i]->num_aliases;
for (j = extensions[i]->num_aliases; --j >= 0;)
@@ -393,10 +383,9 @@ ProcListExtensions(ClientPtr client)
for (i=0; i<NumExtensions; i++)
{
int len;
-#ifdef XACE
if (!XaceHook(XACE_EXT_ACCESS, client, extensions[i]))
continue;
-#endif
+
*bufptr++ = len = strlen(extensions[i]->name);
memmove(bufptr, extensions[i]->name, len);
bufptr += len;
diff --git a/dix/getevents.c b/dix/getevents.c
index be598bc..4154262 100644
--- a/dix/getevents.c
+++ b/dix/getevents.c
@@ -48,10 +48,6 @@
extern Bool XkbCopyKeymap(XkbDescPtr src, XkbDescPtr dst, Bool sendNotifies);
#endif
-#ifdef XACE
-#include "xace.h"
-#endif
-
#ifdef PANORAMIX
#include "panoramiX.h"
#include "panoramiXsrv.h"
diff --git a/dix/property.c b/dix/property.c
index da98383..0946b65 100644
--- a/dix/property.c
+++ b/dix/property.c
@@ -58,9 +58,7 @@ SOFTWARE.
#include "dixstruct.h"
#include "dispatch.h"
#include "swaprep.h"
-#ifdef XACE
#include "xace.h"
-#endif
/*****************************************************************
* Property Stuff
@@ -118,27 +116,19 @@ ProcRotateProperties(ClientPtr client)
return(BadAlloc);
for (i = 0; i < stuff->nAtoms; i++)
{
-#ifdef XACE
char action = XaceHook(XACE_PROPERTY_ACCESS, client, pWin, atoms[i],
SecurityReadAccess|SecurityWriteAccess);
-#endif
- if (!ValidAtom(atoms[i])
-#ifdef XACE
- || (SecurityErrorOperation == action)
-#endif
- )
- {
+
+ if (!ValidAtom(atoms[i]) || (SecurityErrorOperation == action)) {
DEALLOCATE_LOCAL(props);
client->errorValue = atoms[i];
return BadAtom;
}
-#ifdef XACE
- if (SecurityIgnoreOperation == action)
- {
+ if (SecurityIgnoreOperation == action) {
DEALLOCATE_LOCAL(props);
return Success;
}
-#endif
+
for (j = i + 1; j < stuff->nAtoms; j++)
if (atoms[j] == atoms[i])
{
@@ -233,17 +223,15 @@ ProcChangeProperty(ClientPtr client)
return(BadAtom);
}
-#ifdef XACE
switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
- SecurityWriteAccess))
+ SecurityWriteAccess))
{
- case SecurityErrorOperation:
- client->errorValue = stuff->property;
- return BadAtom;
- case SecurityIgnoreOperation:
- return Success;
+ case SecurityErrorOperation:
+ client->errorValue = stuff->property;
+ return BadAtom;
+ case SecurityIgnoreOperation:
+ return Success;
}
-#endif
err = ChangeWindowProperty(pWin, stuff->property, stuff->type, (int)format,
(int)mode, len, (pointer)&stuff[1], TRUE);
@@ -460,6 +448,7 @@ ProcGetProperty(ClientPtr client)
unsigned long n, len, ind;
WindowPtr pWin;
xGetPropertyReply reply;
+ Mask access_mode = SecurityReadAccess;
REQUEST(xGetPropertyReq);
REQUEST_SIZE_MATCH(xGetPropertyReq);
@@ -501,24 +490,18 @@ ProcGetProperty(ClientPtr client)
if (!pProp)
return NullPropertyReply(client, None, 0, &reply);
-#ifdef XACE
+ if (stuff->delete)
+ access_mode |= SecurityDestroyAccess;
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
+ access_mode))
{
- Mask access_mode = SecurityReadAccess;
-
- if (stuff->delete)
- access_mode |= SecurityDestroyAccess;
- switch(XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
- access_mode))
- {
- case SecurityErrorOperation:
- client->errorValue = stuff->property;
- return BadAtom;;
- case SecurityIgnoreOperation:
- return NullPropertyReply(client, pProp->type, pProp->format,
- &reply);
- }
+ case SecurityErrorOperation:
+ client->errorValue = stuff->property;
+ return BadAtom;;
+ case SecurityIgnoreOperation:
+ return NullPropertyReply(client, pProp->type, pProp->format, &reply);
}
-#endif
+
/* If the request type and actual type don't match. Return the
property information, but not the data. */
@@ -663,17 +646,15 @@ ProcDeleteProperty(register ClientPtr cl
return (BadAtom);
}
-#ifdef XACE
- switch(XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
- SecurityDestroyAccess))
- {
- case SecurityErrorOperation:
- client->errorValue = stuff->property;
- return BadAtom;;
- case SecurityIgnoreOperation:
- return Success;
+ switch (XaceHook(XACE_PROPERTY_ACCESS, client, pWin, stuff->property,
+ SecurityDestroyAccess))
+ {
+ case SecurityErrorOperation:
+ client->errorValue = stuff->property;
+ return BadAtom;;
+ case SecurityIgnoreOperation:
+ return Success;
}
-#endif
result = DeleteProperty(pWin, stuff->property);
if (client->noClientException != Success)
diff --git a/dix/resource.c b/dix/resource.c
index efb759e..c204460 100644
--- a/dix/resource.c
+++ b/dix/resource.c
@@ -148,9 +148,7 @@ Equipment Corporation.
#include "panoramiX.h"
#include "panoramiXsrv.h"
#endif
-#ifdef XACE
#include "xace.h"
-#endif
#include <assert.h>
#ifdef XSERVER_DTRACE
@@ -904,11 +902,10 @@ SecurityLookupIDByType(ClientPtr client,
break;
}
}
-#ifdef XACE
if (retval && client &&
!XaceHook(XACE_RESOURCE_ACCESS, client, id, rtype, mode, retval))
retval = NULL;
-#endif
+
return retval;
}
@@ -932,11 +929,10 @@ SecurityLookupIDByClass(ClientPtr client
break;
}
}
-#ifdef XACE
if (retval && client &&
!XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type, mode, retval))
retval = NULL;
-#endif
+
return retval;
}
diff --git a/dix/window.c b/dix/window.c
index f0079e0..fa6906f 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -126,9 +126,7 @@ Equipment Corporation.
#ifdef XAPPGROUP
#include "appgroup.h"
#endif
-#ifdef XACE
#include "xace.h"
-#endif
/******
* Window stuff for server
@@ -531,9 +529,7 @@ InitRootWindow(WindowPtr pWin)
/* We SHOULD check for an error value here XXX */
(*pScreen->ChangeWindowAttributes)(pWin, backFlag);
-#ifdef XACE
XaceHook(XACE_WINDOW_INIT, serverClient, pWin);
-#endif
MapWindow(pWin, serverClient);
}
@@ -738,18 +734,16 @@ CreateWindow(Window wid, register Window
}
pWin->borderWidth = bw;
-#ifdef XACE
+
/* can't let untrusted clients have background None windows;
* they make it too easy to steal window contents
*/
- if (!XaceHook(XACE_BACKGRND_ACCESS, client, pWin))
- {
+ if (XaceHook(XACE_BACKGRND_ACCESS, client, pWin))
+ pWin->backgroundState = None;
+ else {
pWin->backgroundState = BackgroundPixel;
pWin->background.pixel = 0;
}
- else
-#endif
- pWin->backgroundState = None;
pWin->borderIsPixel = pParent->borderIsPixel;
pWin->border = pParent->border;
@@ -769,9 +763,7 @@ CreateWindow(Window wid, register Window
REGION_NULL(pScreen, &pWin->winSize);
REGION_NULL(pScreen, &pWin->borderSize);
-#ifdef XACE
XaceHook(XACE_WINDOW_INIT, client, pWin);
-#endif
pHead = RealChildHead(pParent);
if (pHead)
@@ -1036,24 +1028,18 @@ ChangeWindowAttributes(register WindowPt
borderRelative = TRUE;
if (pixID == None)
{
-#ifdef XACE
/* can't let untrusted clients have background None windows */
- if (XaceHook(XACE_BACKGRND_ACCESS, client, pWin))
- {
-#endif
- if (pWin->backgroundState == BackgroundPixmap)
- (*pScreen->DestroyPixmap)(pWin->background.pixmap);
- if (!pWin->parent)
- MakeRootTile(pWin);
- else
- pWin->backgroundState = None;
-#ifdef XACE
- }
- else
- { /* didn't change the background to None, so don't tell ddx */
+ if (XaceHook(XACE_BACKGRND_ACCESS, client, pWin)) {
+ if (pWin->backgroundState == BackgroundPixmap)
+ (*pScreen->DestroyPixmap)(pWin->background.pixmap);
+ if (!pWin->parent)
+ MakeRootTile(pWin);
+ else
+ pWin->backgroundState = None;
+ } else {
+ /* didn't change the backgrnd to None, so don't tell ddx */
index2 = 0;
}
-#endif
}
else if (pixID == ParentRelative)
{
@@ -2739,11 +2725,9 @@ MapWindow(register WindowPtr pWin, Clien
if (pWin->mapped)
return(Success);
-#ifdef XACE
/* general check for permission to map window */
if (!XaceHook(XACE_MAP_ACCESS, client, pWin))
return Success;
-#endif
pScreen = pWin->drawable.pScreen;
if ( (pParent = pWin->parent) )
diff --git a/os/access.c b/os/access.c
index cdb1758..d61edef 100644
--- a/os/access.c
+++ b/os/access.c
@@ -202,9 +202,7 @@ SOFTWARE.
#include "dixstruct.h"
#include "osdep.h"
-#ifdef XACE
#include "xace.h"
-#endif
#ifndef PATH_MAX
#ifdef MAXPATHLEN
@@ -1528,11 +1526,11 @@ AuthorizedClient(ClientPtr client)
{
if (!client || defeatAccessControl)
return TRUE;
-#ifdef XACE
+
/* untrusted clients can't change host access */
if (!XaceHook(XACE_HOSTLIST_ACCESS, client, SecurityWriteAccess))
return FALSE;
-#endif
+
return LocalClient(client);
}
diff --git a/os/connection.c b/os/connection.c
index 100f1e5..ffe911e 100644
--- a/os/connection.c
+++ b/os/connection.c
@@ -148,9 +148,7 @@ extern __const__ int _nfiles;
#ifdef XAPPGROUP
#include "appgroup.h"
#endif
-#ifdef XACE
#include "xace.h"
-#endif
#ifdef XCSECURITY
#include "securitysrv.h"
#endif
@@ -750,9 +748,9 @@ ClientAuthorized(ClientPtr client,
/* indicate to Xdmcp protocol that we've opened new client */
XdmcpOpenDisplay(priv->fd);
#endif /* XDMCP */
-#ifdef XACE
+
XaceHook(XACE_AUTH_AVAIL, client, auth_id);
-#endif
+
/* At this point, if the client is authorized to change the access control
* list, we should getpeername() information, and add the client to
* the selfhosts list. It's not really the host machine, but the
More information about the xorg-commit
mailing list