Attachment #220471 for bug #270345

Lines 7-13 CXX=/usr/bin/g++ Link Here

(-)a/Makefile (-2 / +3 lines)
7	CC=/usr/bin/gcc	7	CC=/usr/bin/gcc
8	CFLAGS=-Wall -I. -I/usr/include/freetype2 -I/usr/include/freetype2/config -I/usr/include/libpng12 -I/usr/include	8	CFLAGS=-Wall -I. -I/usr/include/freetype2 -I/usr/include/freetype2/config -I/usr/include/libpng12 -I/usr/include
9	CXXFLAGS=$(CFLAGS)	9	CXXFLAGS=$(CFLAGS)
10	LDFLAGS=-L/usr/X11R6/lib -lXft -lX11 -lpng12 -lm -lXmu -lpng -ljpeg	10	LDFLAGS=-L/usr/X11R6/lib -lXft -lX11 -lpng12 -lm -lXmu -lpng -ljpeg -lrt
11	CUSTOM=-DHAVE_SHADOW	11	CUSTOM=-DHAVE_SHADOW
12	ifdef USE_PAM	12	ifdef USE_PAM
13	LDFLAGS+= -lpam	13	LDFLAGS+= -lpam
Lines 25-31 VERSION=1.3.1 Link Here
25	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \	25	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
26	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"	26	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
27		27
28	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o	28	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
		29	panel.o util.o
29	ifdef USE_PAM	30	ifdef USE_PAM
30	OBJECTS+=PAM.o	31	OBJECTS+=PAM.o
31	endif	32	endif

Lines 24-30 VERSION=1.3.1 Link Here

(-)a/Makefile.freebsd (-1 / +2 lines)
24	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \	24	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
25	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"	25	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
26		26
27	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o	27	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
		28	panel.o util.o
28	.ifdef USE_PAM	29	.ifdef USE_PAM
29	OBJECTS+=PAM.o	30	OBJECTS+=PAM.o
30	.endif	31	.endif

Lines 24-30 VERSION=1.3.1 Link Here

(-)a/Makefile.netbsd (-1 / +2 lines)
24	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \	24	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
25	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"	25	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
26		26
27	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o	27	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
		28	panel.o util.o
28	.ifdef USE_PAM	29	.ifdef USE_PAM
29	OBJECTS+=PAM.o	30	OBJECTS+=PAM.o
30	.endif	31	.endif

Lines 20-26 VERSION=1.3.1 Link Here

(-)a/Makefile.openbsd (-1 / +2 lines)
20	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \	20	DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
21	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"	21	-DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
22		22
23	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o	23	OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
		24	util.o panel.o
24		25
25	.SUFFIXES: .c.o .cpp.o	26	.SUFFIXES: .c.o .cpp.o
26		27




#include <algorithm>
#include "app.h"
#include "numlock.h"
#include "util.h"


#ifdef HAVE_SHADOW



#ifdef USE_PAM
App::App(int argc, char** argv)
  : pam(conv, static_cast<void*>(&LoginPanel)),
#else
App::App(int argc, char** argv)
  :
#endif
    mcookiesize(32)		// Must be divisible by 4
{
    int tmp;
    ServerPID = -1;
    testing = false;
    mcookie = string(App::mcookiesize, 'a');
    daemonmode = false;
    force_nodaemon = false;
    firstlogin = true;

        name = name.substr(0, name.length() - 1);
    }

    Util::srandom(Util::makeseed());

    vector<string> themes;
    string themefile;
    Cfg::split(themes, name, ',');
    do {
        int sel = Util::random() % themes.size();

        name = Cfg::Trim(themes[sel]);
        themefile = string(THEMESDIR) +"/" + name + THEMESFILE;

}


/*
 * We rely on the fact that all bits generated by Util::random()
 * are usable, so we are taking full words from its output.
 */
void App::CreateServerAuth() {
    /* create mit cookie */
    uint16_t word;
    uint8_t hi, lo;
    int i;
    string authfile;
    const char *digits = "0123456789abcdef";
    Util::srandom(Util::makeseed());
    for (i = 0; i < App::mcookiesize; i+=4) {
        word = Util::random() & 0xffff;
        lo = word & 0xff;
        hi = word >> 8;
        mcookie[i] = digits[lo & 0x0f];
        mcookie[i+1] = digits[lo >> 4];
        mcookie[i+2] = digits[hi & 0x0f];
        mcookie[i+3] = digits[hi >> 4];
    }
        /* MIT-COOKIE: even occurrences of digits and hex digits */
        if ((hexcount%2) == 0) {
                r = rand()%10;
        } else {
                r = rand()%5+10;
        }
        mcookie[31] = digits[r];
    /* reinitialize auth file */
    authfile = cfg->getOption("authfile");
    remove(authfile.c_str());
    putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
    Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
      authfile);
}

char* App::StrConcat(const char* str1, const char* str2) {

Lines 101-106 private: Link Here

(-)a/app.h (+2 lines)
101		101
102	std::string themeName;	102	std::string themeName;
103	std::string mcookie;	103	std::string mcookie;
		104
		105	const int mcookiesize;
104	};	106	};
105		107
106		108




*/

#include "switchuser.h"
#include "util.h"

using namespace std;


}

void SwitchUser::SetClientAuth(const char* mcookie) {
    bool r;
    string home = string(Pw->pw_dir);
    string authfile = home + "/.Xauthority";
    remove(authfile.c_str());
    r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
      authfile);
}




/* SLiM - Simple Login Manager
   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
*/

#include <sys/types.h>

#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <unistd.h>

#include "util.h"

/*
 * Adds the given cookie to the specified Xauthority file.
 * Returns true on success, false on fault.
 */
bool Util::add_mcookie(const std::string &mcookie, const char *display,
    const std::string &xauth_cmd, const std::string &authfile)
{
	FILE *fp;
	std::string cmd = xauth_cmd + " -f " + authfile + " -q";

	fp = popen(cmd.c_str(), "w");
	if (!fp)
		return false;
	fprintf(fp, "remove %s\n", display);
	fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
	fprintf(fp, "exit\n");

	pclose(fp);
	return true;
}

/*
 * Interface for random number generator.  Just now it uses ordinary
 * random/srandom routines and serves as a wrapper for them.
 */
void Util::srandom(unsigned long seed)
{
	::srandom(seed);
}

long Util::random(void)
{
	return ::random();
}

/*
 * Makes seed for the srandom() using "random" values obtained from
 * getpid(), time(NULL) and others.
 */
long Util::makeseed(void)
{
	struct timespec ts;
	long pid = getpid();
	long tm = time(NULL);

	if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
		ts.tv_sec = ts.tv_nsec = 0;
	}

	return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
}




/* SLiM - Simple Login Manager
   Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
*/
#ifndef __UTIL_H__
#define __UTIL_H__

#include <string>

namespace Util {
	bool add_mcookie(const std::string &mcookie, const char *display,
	    const std::string &xauth_cmd, const std::string &authfile);

	void srandom(unsigned long seed);
	long random(void);

	long makeseed(void);
};

#endif /* __UTIL_H__ */

Return to bug 270345

Lines 24-29 Link Here

(-)a/app.cpp (-25 / +29 lines)
24	#include <algorithm>	24	#include <algorithm>
25	#include "app.h"	25	#include "app.h"
26	#include "numlock.h"	26	#include "numlock.h"
		27	#include "util.h"
27		28
28		29
29	#ifdef HAVE_SHADOW	30	#ifdef HAVE_SHADOW
Lines 128-142 void User1Signal(int sig) { Link Here
128		129
129		130
130	#ifdef USE_PAM	131	#ifdef USE_PAM
131	App::App(int argc, char** argv):	132	App::App(int argc, char** argv)
132	pam(conv, static_cast<void*>(&LoginPanel)){	133	: pam(conv, static_cast<void*>(&LoginPanel)),
133	#else	134	#else
134	App::App(int argc, char** argv){	135	App::App(int argc, char** argv)
		136	:
135	#endif	137	#endif
		138	mcookiesize(32) // Must be divisible by 4
		139	{
136	int tmp;	140	int tmp;
137	ServerPID = -1;	141	ServerPID = -1;
138	testing = false;	142	testing = false;
139	mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";	143	mcookie = string(App::mcookiesize, 'a');
140	daemonmode = false;	144	daemonmode = false;
141	force_nodaemon = false;	145	force_nodaemon = false;
142	firstlogin = true;	146	firstlogin = true;
Lines 1127-1139 string App::findValidRandomTheme(const string& set) Link Here
1127	name = name.substr(0, name.length() - 1);	1131	name = name.substr(0, name.length() - 1);
1128	}	1132	}
1129		1133
1130	srandom(getpid()+time(NULL));	1134	Util::srandom(Util::makeseed());
1131		1135
1132	vector<string> themes;	1136	vector<string> themes;
1133	string themefile;	1137	string themefile;
1134	Cfg::split(themes, name, ',');	1138	Cfg::split(themes, name, ',');
1135	do {	1139	do {
1136	int sel = random() % themes.size();	1140	int sel = Util::random() % themes.size();
1137		1141
1138	name = Cfg::Trim(themes[sel]);	1142	name = Cfg::Trim(themes[sel]);
1139	themefile = string(THEMESDIR) +"/" + name + THEMESFILE;	1143	themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
Lines 1160-1192 void App::replaceVariables(string& input, Link Here
1160	}	1164	}
1161		1165
1162		1166
		1167	/*
		1168	* We rely on the fact that all bits generated by Util::random()
		1169	* are usable, so we are taking full words from its output.
		1170	*/
1163	void App::CreateServerAuth() {	1171	void App::CreateServerAuth() {
1164	/* create mit cookie */	1172	/* create mit cookie */
1165	int i, r;	1173	uint16_t word;
1166	int hexcount = 0;	1174	uint8_t hi, lo;
1167	string authfile;	1175	int i;
1168	string cmd;	1176	string authfile;
1169	const char *digits = "0123456789abcdef";	1177	const char *digits = "0123456789abcdef";
1170	srand( time(NULL) );	1178	Util::srandom(Util::makeseed());
1171	for ( i = 0; i < 31; i++ ) {	1179	for (i = 0; i < App::mcookiesize; i+=4) {
1172	r = rand()%16;	1180	word = Util::random() & 0xffff;
1173	mcookie[i] = digits[r];	1181	lo = word & 0xff;
1174	if (r>9)	1182	hi = word >> 8;
1175	hexcount++;	1183	mcookie[i] = digits[lo & 0x0f];
		1184	mcookie[i+1] = digits[lo >> 4];
		1185	mcookie[i+2] = digits[hi & 0x0f];
		1186	mcookie[i+3] = digits[hi >> 4];
1176	}	1187	}
1177	/* MIT-COOKIE: even occurrences of digits and hex digits */
1178	if ((hexcount%2) == 0) {
1179	r = rand()%10;
1180	} else {
1181	r = rand()%5+10;
1182	}
1183	mcookie[31] = digits[r];
1184	/* reinitialize auth file */	1188	/* reinitialize auth file */
1185	authfile = cfg->getOption("authfile");	1189	authfile = cfg->getOption("authfile");
1186	remove(authfile.c_str());	1190	remove(authfile.c_str());
1187	putenv(StrConcat("XAUTHORITY=", authfile.c_str()));	1191	putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
1188	cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;	1192	Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
1189	system(cmd.c_str());	1193	authfile);
1190	}	1194	}
1191		1195
1192	char* App::StrConcat(const char* str1, const char* str2) {	1196	char* App::StrConcat(const char* str1, const char* str2) {

Lines 10-15 Link Here

(-)a/switchuser.cpp (-3 / +4 lines)
10	*/	10	*/
11		11
12	#include "switchuser.h"	12	#include "switchuser.h"
		13	#include "util.h"
13		14
14	using namespace std;	15	using namespace std;
15		16
Lines 53-62 void SwitchUser::Execute(const char* cmd) { Link Here
53	}	54	}
54		55
55	void SwitchUser::SetClientAuth(const char* mcookie) {	56	void SwitchUser::SetClientAuth(const char* mcookie) {
56	int r;	57	bool r;
57	string home = string(Pw->pw_dir);	58	string home = string(Pw->pw_dir);
58	string authfile = home + "/.Xauthority";	59	string authfile = home + "/.Xauthority";
59	remove(authfile.c_str());	60	remove(authfile.c_str());
60	string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;	61	r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
61	r = system(cmd.c_str());	62	authfile);
62	}	63	}

Line 0 Link Here

(-)a/util.cpp (+69 lines)
		1	/* SLiM - Simple Login Manager
		2	Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
		3
		4	This program is free software; you can redistribute it and/or modify
		5	it under the terms of the GNU General Public License as published by
		6	the Free Software Foundation; either version 2 of the License, or
		7	(at your option) any later version.
		8	*/
		9
		10	#include <sys/types.h>
		11
		12	#include <stdio.h>
		13	#include <stdlib.h>
		14	#include <time.h>
		15	#include <unistd.h>
		16
		17	#include "util.h"
		18
		19	/*
		20	* Adds the given cookie to the specified Xauthority file.
		21	* Returns true on success, false on fault.
		22	*/
		23	bool Util::add_mcookie(const std::string &mcookie, const char *display,
		24	const std::string &xauth_cmd, const std::string &authfile)
		25	{
		26	FILE *fp;
		27	std::string cmd = xauth_cmd + " -f " + authfile + " -q";
		28
		29	fp = popen(cmd.c_str(), "w");
		30	if (!fp)
		31	return false;
		32	fprintf(fp, "remove %s\n", display);
		33	fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
		34	fprintf(fp, "exit\n");
		35
		36	pclose(fp);
		37	return true;
		38	}
		39
		40	/*
		41	* Interface for random number generator. Just now it uses ordinary
		42	* random/srandom routines and serves as a wrapper for them.
		43	*/
		44	void Util::srandom(unsigned long seed)
		45	{
		46	::srandom(seed);
		47	}
		48
		49	long Util::random(void)
		50	{
		51	return ::random();
		52	}
		53
		54	/*
		55	* Makes seed for the srandom() using "random" values obtained from
		56	* getpid(), time(NULL) and others.
		57	*/
		58	long Util::makeseed(void)
		59	{
		60	struct timespec ts;
		61	long pid = getpid();
		62	long tm = time(NULL);
		63
		64	if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
65	ts.tv_sec = ts.tv_nsec = 0;
66	}
67
68	return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
69	}

Line 0 Link Here

(-)a/util.h (+24 lines)
	1	/* SLiM - Simple Login Manager
	2	Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
	3
	4	This program is free software; you can redistribute it and/or modify
	5	it under the terms of the GNU General Public License as published by
	6	the Free Software Foundation; either version 2 of the License, or
	7	(at your option) any later version.
	8	*/
	9	#ifndef __UTIL_H__
	10	#define __UTIL_H__
	11
	12	#include <string>
	13
	14	namespace Util {
	15	bool add_mcookie(const std::string &mcookie, const char *display,
	16	const std::string &xauth_cmd, const std::string &authfile);
	17
	18	void srandom(unsigned long seed);
	19	long random(void);
	20
	21	long makeseed(void);
	22	};
	23
	24	#endif /* __UTIL_H__ */