# [PATCH V2 xauth] Make matching algorithm mimic XauGet*AuthByAddr

Dr. Tilmann Bubeck t.bubeck at reinform.de
Fri Oct 4 00:29:25 PDT 2013

```I follow the proposal of Egbert:
* fix the problem in match_auth_dpy()

However, looking at the previous discussion about the complicated boolean
expression in match_auth_dpy and the cleanup suggested by Walter and some
following misunderstandings, I would seperate the expression into smaller

So I propose this solution which mimics Egberts logic but is hopefully easier
to understand and maintain.

What do you think? Apply?

diff --git a/process.c b/process.c
index 750f6d5..6890f6d 100644
--- a/process.c
+++ b/process.c
@@ -1066,14 +1066,30 @@ eq_auth(Xauth *a, Xauth *b)
static int
match_auth_dpy(register Xauth *a, register Xauth *b)
{
-    if (a->family != FamilyWild && b->family != FamilyWild &&
-        return 0;
-    if (a->number_length != 0 && b->number_length != 0 &&
-          (a->number_length != b->number_length ||
-           memcmp(a->number, b->number, a->number_length) != 0))
-        return 0;
+    if (a->family != FamilyWild && b->family != FamilyWild) {
+        /* Both "a" and "b" are not FamilyWild, they are "normal" families. */
+
+       /* Make sure, that both families match: */
+       if (a->family != b->family)
+            return 0;
+
+       /* By looking at 'man Xsecurity' and the code in
+        * decided, that the address is only relevant for "normal"
+        * families and therefore should be ignored for
+        * "FamilyWild". */
+            return 0;
+    }
+
+    if (a->number_length != 0 && b->number_length != 0) {
+       /* Both "a" and "b" have a number, make sure they match: */
+       if (a->number_length != b->number_length ||
+           memcmp(a->number, b->number, a->number_length) != 0)
+            return 0;
+    }
+
return 1;
}

```