Author: branden
Date: 2003-09-15 15:06:51 -0500 (Mon, 15 Sep 2003)
New Revision: 530
Removed:
branches/4.3.0/sid/debian/patches/821_gnu-freebsd_xdm.diff
Modified:
branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff
Log:
Resync xdm patches with trunk. Bring in a lot of fixes from post 4.2.1-4,
including the latest fix from 4.2.1-10. Merge in GNU/FreeBSD changes and
resync with upstream.
Modified: branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff
===================================================================
--- branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff 2003-09-15
08:42:56 UTC (rev 529)
+++ branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff 2003-09-15
20:06:51 UTC (rev 530)
@@ -1,108 +1,421 @@
-Various fixes for xdm; forward-ported from 4.2.1 (patch originally by Branden
-Robinson).
+$Id$
-The second part of this patch fixes a few /dev/mem issues, described below.
+This patch by Branden Robinson, Matthieu Herrb, and Richard Braakman.
-Historically, if HASXDMAUTH was defined but neither ARC4_RANDOM nor
-DEV_RANDOM were defined, xdm provided a function called sumFile() that
-would read straight from /dev/mem and use that as an entropy source.
-However, that's a bad idea because A) it's not very entropic and B) some
-OSes have hardware registers mapped into /dev/mem, and even just reading
-from them can cause machine checks. It's a Bad Thing to do.
+These patches do a number of things:
-* Remove no longer needed "FRAGILE_DEV_MEM" define.
-* Revert meaning of DEV_RANDOM define to a simple on/off. DEF_RANDOM_FILE
- is already used in resource.c for the same purpose that the old
- (NetBSD-based?) code was using it.
-* Have NetBSD use /dev/urandcom as its DEF_RANDOM_FILE.
-* Define DEV_RANDOM for Linux and the Hurd. They both use /dev/random for
- their DEF_RANDOM_FILE.
-* Rewrite genauth.c to drop the sumFile() function and throw a cpp #error
- if HASXDMAUTH is defined but neither ARC4_RANDOM nor DEV_RANDOM are.
-* Whitespace and stylistic cleanups to genauth.c
-* Have genauth.c log an error, using _SysErrorMsg(), if it cannot open the
- specified randomFile.
-* Change semantics of randomFile resource to refer to the device to be
- opened for platforms that use DEV_RANDOM, instead of the device to be
- checksummed with the now-nonexistent sumFile() function.
-* Update manpage to reflect above change in meaning of randomFile resource,
- and document when it's not used.
-* Cleaned up whitespace and indented pre-processor conditionals in
- resource.c.
-
Not submitted upstream yet.
-diff -urN xc.orig/programs/xdm/Imakefile xc/programs/xdm/Imakefile
---- xc.orig/programs/xdm/Imakefile Wed Oct 9 05:26:16 2002
-+++ xc/programs/xdm/Imakefile Fri Dec 6 15:27:31 2002
-@@ -127,14 +127,14 @@
- SOCK_DEFINES = -DBSD44SOCKETS
+* Imakefile:
+ Use /dev/random as the default random number generator on
+ Linux, Hurd, and GNU/FreeBSD.
+* auth.c:
+ - Add a couple of comments to assuage some of the fears of security
+ auditors, and people who follow up on the GNU linker's ritual
+ complaints about mktemp().
+ - Protect against race-based symlink attacks in
+ SaveServerAuthorizations().
+ - Change openFiles() to avoid race-based symlink attacks.
+ - Change openFiles() to accept NULL for its third argument, and check
+ for a NULL value before fopen()ing the first argument.
+ - In SetUserAuthorization(), when falling back to /tmp for creation of
+ the authorization file, pass openFiles() NULL as arg 3, and set "old"
+ to NULL, since the we know the temp file just created to contain auth
+ credentials will be empty and have no authorization records in it.
+ - Richard Braakman observes the following about the above changes: "I
+ can think of only one case where the new behaviour could be a
+ problem: if a user already has a file ".Xauthority-n" in $HOME and
+ the user's home directory is not writable for self (so the unlink
+ fails) and the .Xauthority-n file _is_ writable then the old fopen
+ would have succeeded (and truncated the file), while the new code
+ would fail. Well, tough titties." Since "-n" files are cleaned
+ shortly after they are created, the existence of any such file would
+ be an anomaly (the result of an xdm or xinit process getting killed
+ at an inopportune moment). This doesn't seem like an important
+ concession.
+ - Also note that xdm is only susceptible to the aforementioned
+ race-condition-based symlink attacks if:
+ 1) the administrator configures the authDir or authFile resources to
+ be in publicly-writable directories; or
+ 2) the user's home directory is unwritable (NFS failure, over quota,
+ etc.)
+ - Change LogError() invocations to use _SysErrorMsg() where errno might
+ be set (and not clobbered by intermediate calls). Also make
+ LogError() the first thing we do after an error condition in those
+ cases.
+ - Make several LogError() and Debug() messages more informative.
+ - Fix typo in debug message.
+* choose.c:
+ Use xdm's _SysErrorMsg() function instead of strerror().
+* config/Imakefile:
+ - Handle GNUMachArchitecture the same as LinuxArchitecture.
+* config/Xres.cpp:
+ - Use fonts for the greeter that look good (or, at least, less
+ horrible). I experimented with this quite a bit to get something
+ that looks good when the ordinary bitmap fonts aren't scaled.
+ - Move some XPM-extension stuff inside the XPM #ifdef.
+ - Don't use a bitmap in the greeter if the root window is small.
+* daemon.c:
+ - Use xdm's _SysErrorMsg() function instead of strerror or merely
+ printing the raw error number.
+ - Stop manipulating the standard file descriptiors, since this can
+ interfere with logging.
+ - Log error if daemon() call fails.
+* dm.c:
+ - Matthieu Herrb rewrote the StorePid() function based on my changes;
+ he made it more careful with the size of Pid_t, and treats an
+ existing pid file as a failure. I then made some more changes: use
+ _SysErrorMsg() instead of strerror(), catch errors from the daemon()
+ function, do not close standard file descriptiors on daemonization,
+ add a comment explaining why, and don't assume that the process id we
+ write to the pidFile is 5 digits.
+ - Miscellaenous fixes: Add indentation to (heavily-used) preprocessor
+ statements. Initialize the log file sooner. Update log messages to
+ indicate when an immediate exit is taking place. Add log messages
+ for xdm startup, shutdown, and normal exit. Add a debugging message
+ when xdm enters its main loop. Fix a typo in a log message. Move a
+ "default" case in a switch() to be the final case evaluated, as is
+ customary in C code. Made brace usage a little more internally
+ consistent. Change a LogError() to a LogInfo() when we expect a
+ child X server process to become a zombie. Use the PID file as most
+ other Unix daemons do. Use _SysErrorMsg() instead of strerror().
+ Wrap some code at 80 columns.
+* dm_auth.h:
+ - Add function prototypes for exposed interfaces in xdmauth.c.
+ - Copy declarations from Xdmcp library's Wrap.h header.
+* dm_error.h:
+ Remove protoype for unused Panic() function.
+* error.c:
+ - Add timestamping to logging functions, except for LogOutOfMem().
+ - Remove unused Panic() function.
+ - Append to the log file if it already exists.
+ - Style fix: put function names flush left when they're being defined.
+* genauth.c:
+ - Include <fcntl.h> for definitions of O_ flags to open().
+ - Remove partial set of delcarations from Xdmcp library's Wrap.h
+ header; now in dm_auth.h instead.
+* greeter/verify.c:
+ Use _SysErrorMsg() instead of strerror().
+* session.c:
+ Indent pre-processor statements. Use _SysErrorMsg() instead of
+ strerror(). Recognize that GNU LibC-based systems as well as Linux
+ systems in general have the endpwent() function. Recognize that GNU
+ LibC-based systems as well as CSRG_BASED ones have the getpwnam() and
+ crypt() functions. Style fix: put function names flush left when
+ they're being defined.
+socket.c:
+ Use _SysErrorMsg() instead of strerror().
+util.c:
+ The setpgrp define wouldn't be necessary if GlibC's setpgrp was
+ equivalent to setpgid as described in the GlibC (info, of course)
+ documentation. -- Robert Millan <[EMAIL PROTECTED]>
+xdm.man:
+ Use dot macros instead of backslash roff sequences to mark up literals
+ that use __projectroot__, because cpp won't recognize them otherwise.
+xdmauth.c:
+ - Declare functions used only internally as static.
+ - Delcare function prototypes for internal functions.
+ - Move from K&R to ANSI style function headers.
+xdmcp.c:
+ When terminating an active session, report this fact with LogInfo()
+ rather than Debug().
+xdmshell.c:
+ #include <string.h> for strerror() prototype. (xdmshell can't use
+ _SysErrorMsg because it is a standalone program that doesn't include
+ server.c.)
+
+--- xc/programs/xdm/Imakefile~ 2003-09-15 14:31:57.000000000 -0500
++++ xc/programs/xdm/Imakefile 2003-09-15 14:34:28.000000000 -0500
+@@ -137,6 +137,10 @@
+ RANDOM_DEFINES = -DDEV_RANDOM=\"/dev/urandom\"
#endif
--#if defined(i386Architecture) || defined(AmigaArchitecture)
--FRAGILE_DEFINES = -DFRAGILE_DEV_MEM
--#endif
--
- #if defined(NetBSDArchitecture) && \
- ((OSMajorVersion > 1) || \
- (OSMajorVersion == 1 && OSMinorVersion > 3))
--RANDOM_DEFINES = -DDEV_RANDOM=\"/dev/urandom\"
-+RANDOM_DEFINES = -DDEV_RANDOM -DDEF_RANDOM_FILE="\"/dev/urandom\""
++#if defined(LinuxArchitecture) || defined(GNUMachArchitecture) ||
defined(GNUFreeBSDArchitecture)
++ RANDOM_DEFINES = -DDEV_RANDOM -DDEF_RANDOM_FILE="\"/dev/random\""
+#endif
+
-+#if defined(LinuxArchitecture) || defined(GNUMachArchitecture)
-+RANDOM_DEFINES = -DDEV_RANDOM -DDEF_RANDOM_FILE="\"/dev/random\""
+ #ifdef OpenBSDArchitecture
+ RANDOM_DEFINES = -DARC4_RANDOM
#endif
+diff -urN xc/programs/xdm~/auth.c xc/programs/xdm/auth.c
+--- xc/programs/xdm~/auth.c 2003-08-19 01:01:30.000000000 -0500
++++ xc/programs/xdm/auth.c 2003-08-19 01:04:55.000000000 -0500
+@@ -46,6 +46,7 @@
+ #include "dm_error.h"
- #ifdef OpenBSDArchitecture
-@@ -230,7 +230,7 @@
- $(SIGNAL_DEFINES) $(CRYPT_DEFINES) $(BSDAUTH_DEFINES) \
- $(XDMAUTH_DEFINES) $(RPC_DEFINES) $(KRB5_DEFINES) \
- $(PWD_DEFINES) $(PAM_DEFINES) $(CONN_DEFINES) \
-- $(GREET_DEFINES) $(FRAGILE_DEFINES) $(RANDOM_DEFINES) \
-+ $(GREET_DEFINES) $(RANDOM_DEFINES) \
- -DOSMAJORVERSION=$(OSMAJORVERSION) \
- -DOSMINORVERSION=$(OSMINORVERSION) \
- $(XKB_CLIENT_DEFINES) $(USER_CONTEXT_DEFINES) \
-@@ -256,9 +256,9 @@
- '-DDEF_SYSTEM_SHELL="$(BOURNE_SHELL)"' \
- '-DDEF_FAILSAFE_CLIENT="$(BINDIR)/xterm"' \
- '-DDEF_XDM_CONFIG="$(XDMDIR)/xdm-config"' \
-- '-DDEF_CHOOSER="$(XDMDIR)/chooser"' \
-- '-DDEF_AUTH_DIR="$(XDMDIR)"' \
-- '-DDEF_GREETER_LIB="$(XDMDIR)/libXdmGreet.so"'
-+ '-DDEF_CHOOSER="$(BINDIR)/chooser"' \
-+ '-DDEF_AUTH_DIR="$(XDMVARDIR)"' \
-+ '-DDEF_GREETER_LIB="$(USRLIBDIR)/libXdmGreet.so"'
+ #include <errno.h>
++#include <fcntl.h>
- ComplexProgramTarget_1(xdm,$(LOCAL_LIBRARIES),NullParameter)
- LinkConfDirectory(xdm,.,xdm,.)
-@@ -277,7 +277,7 @@
- #if BuildChooser
- SpecialCObjectRule(chooser, $(ICONFIGFILES), $(SOCK_DEFINES))
- NormalProgramTarget(chooser,$(OBJS3),$(DEPLIBS3),$(LIBS3),NullParameter)
--InstallProgram(chooser,$(XDMDIR))
-+InstallProgram(chooser,$(BINDIR))
- InstallAppDefaults(Chooser)
- #endif
- #if BuildBoth
---- xc/programs/xdm/config/Imakefile.orig Sun Dec 29 17:16:42 2002
-+++ xc/programs/xdm/config/Imakefile Sun Dec 29 17:20:57 2002
-@@ -22,8 +22,13 @@
- # define XdmbwPixmap XFree86bw.xpm
- #endif
+ #include <sys/ioctl.h>
-+#if LinuxDistribution && (LinuxDistribution == LinuxDebian)
-+XPM_DEFINES=-DXPM -DBITMAPDIR=$(XDMDIR)/pixmaps -DXDM_PIXMAP=debian.xpm\ @@\
-+ -DXDM_BWPIXMAP=debianbw.xpm
-+#else
- XPM_DEFINES=-DXPM -DBITMAPDIR=$(XDMDIR)/pixmaps -DXDM_PIXMAP=XdmPixmap\ @@\
- -DXDM_BWPIXMAP=XdmbwPixmap
-+#endif
+@@ -319,8 +320,16 @@
+ d->authFile = NULL;
+ return FALSE;
+ }
+- sprintf (d->authFile, "%s/%s/%s/A%s-XXXXXX",
++ sprintf (d->authFile, "%s/%s/%s/A%s-XXXXXX",
+ authDir, authdir1, authdir2, cleanname);
++ /*
++ * Security auditors should note that mktemp() is not used unsafely
++ * here. The authFile is created in authDir, which defaults to
++ * a non-user-writeable location (see xdm.man). Only root, the
++ * owner of xdm's configuration files, or someone with permission
++ * to execute xdm (which is not installed setuid or setgid by
++ * default) can change the authDir or authFile resources.
++ */
+ (void) mktemp (d->authFile);
+ }
+ return TRUE;
+@@ -336,42 +345,50 @@
+ int mask;
+ int ret;
+ int i;
++ int fd;
- XDMLOGDIR = $(LOGDIRECTORY)
- #ifdef VarRunDirectory
-@@ -39,7 +44,11 @@
+ mask = umask (0077);
+ if (!d->authFile && !MakeServerAuthFile (d))
+ return FALSE;
+ (void) unlink (d->authFile);
+- auth_file = fopen (d->authFile, "w");
+- umask (mask);
+- if (!auth_file) {
+- Debug ("Can't creat auth file %s\n", d->authFile);
+- LogError ("Cannot open server authorization file %s\n", d->authFile);
++ fd = open (d->authFile, O_WRONLY | O_CREAT | O_EXCL, 0600);
++ if (fd >= 0)
++ auth_file = fdopen (fd, "w");
++ else
++ {
++ LogError ("cannot create server authorization file %s: %s\n",
++ d->authFile, _SysErrorMsg (errno));
++ Debug ("can't create auth file %s\n", d->authFile);
++ }
++ (void) umask (mask);
++ if (!auth_file)
++ {
+ free (d->authFile);
+ d->authFile = NULL;
+ ret = FALSE;
+ }
+ else
+ {
+- Debug ("File: %s auth: %p\n", d->authFile, auths);
++ Debug ("file: %s auth: %p\n", d->authFile, auths);
+ ret = TRUE;
+ for (i = 0; i < count; i++)
+ {
+ /*
+- * User-based auths may not have data until
+- * a user logs in. In which case don't write
+- * to the auth file so xrdb and setup programs don't fail.
++ * User-based auths may not have data until a user logs in, in
++ * which case don't write to the auth file so xrdb and setup
++ * programs don't fail.
+ */
+ if (auths[i]->data_length > 0)
+ if (!XauWriteAuth (auth_file, auths[i]) ||
+ fflush (auth_file) == EOF)
+ {
+- LogError ("Cannot write server authorization file %s\n",
++ LogError ("cannot write to server authorization file %s\n",
+ d->authFile);
+ ret = FALSE;
+ free (d->authFile);
+ d->authFile = NULL;
+ }
+- }
++ }
+ fclose (auth_file);
+ }
+ return ret;
+@@ -458,19 +475,36 @@
+ openFiles (char *name, char *new_name, FILE **oldp, FILE **newp)
+ {
+ int mask;
++ int newfd;
+
+ strcpy (new_name, name);
+ strcat (new_name, "-n");
+ mask = umask (0077);
+ (void) unlink (new_name);
+- *newp = fopen (new_name, "w");
++ newfd = open (new_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
++ if (newfd >= 0)
++ *newp = fdopen (newfd, "w");
++ else
++ {
++ LogError ("cannot create file %s: %s\n", new_name,
++ _SysErrorMsg (errno));
++ Debug ("can't create file %s\n", new_name);
++ *newp = NULL;
++ }
+ (void) umask (mask);
+- if (!*newp) {
+- Debug ("can't open new file %s\n", new_name);
+- return 0;
++ if (!*newp)
++ {
++ Debug ("can't open new file %s\n", new_name);
++ return 0;
++ }
++ else
++ Debug ("open succeeded: %s\n", new_name);
++ if (oldp)
++ {
++ *oldp = fopen (name, "r");
++ if (*oldp)
++ Debug ("open succeeded: %s\n", name);
+ }
+- *oldp = fopen (name, "r");
+- Debug ("opens succeeded %s %s\n", name, new_name);
+ return 1;
+ }
+
+@@ -804,10 +838,11 @@
+ struct in_ifaddr ifaddr;
+ struct strioctl str;
+ unsigned char *addr;
+- int len, ipfd;
++ int len, ipfd;
+
+ if ((ipfd = open ("/dev/ip", O_RDWR, 0 )) < 0)
+- LogError ("Getting interface configuration");
++ LogError ("cannot get interface configuration; cannot open /dev/ip: "
++ "%s\n", _SysErrorMsg (errno));
+
+ /* Indicate that we want to start at the begining */
+ ifnet.ib_next = (struct ipb *) 1;
+@@ -821,8 +856,9 @@
+
+ if (ioctl (ipfd, (int) I_STR, (char *) &str) < 0)
+ {
++ LogError ("cannot get interface configuration; ioctl failed: %s\n",
++ _SysErrorMsg (errno));
+ close (ipfd);
+- LogError ("Getting interface configuration");
+ }
+
+ ifaddr.ia_next = (struct in_ifaddr *) ifnet.if_addrlist;
+@@ -833,8 +869,9 @@
+
+ if (ioctl (ipfd, (int) I_STR, (char *) &str) < 0)
+ {
++ LogError ("cannot get interface configuration; ioctl failed: %s\n",
++ _SysErrorMsg (errno));
+ close (ipfd);
+- LogError ("Getting interface configuration");
+ }
+
+ /*
+@@ -874,11 +911,11 @@
+ char *addr;
+ int family;
+ register struct ifreq *ifr;
+-
++
+ ifc.ifc_len = sizeof (buf);
+ ifc.ifc_buf = buf;
+ if (ifioctl (fd, SIOCGIFCONF, (char *) &ifc) < 0)
+- LogError ("Trouble getting network interface configuration");
++ LogError ("trouble getting network interface configuration");
+
+ #ifdef ISC
+ #define IFC_IFC_REQ (struct ifreq *) ifc.ifc_buf
+@@ -1096,28 +1133,47 @@
+ Debug ("openFiles failed\n");
+ XauUnlockAuth (home_name);
+ lockStatus = LOCK_ERROR;
+- }
++ }
+ }
+ }
+ if (lockStatus != LOCK_SUCCESS) {
++ /* log the fact that we're having trouble with authorization */
++ if (home) {
++ LogInfo ("unable to lock authority file in %s for display %s\n",
++ home, d->name);
++ } else {
++ LogInfo ("unable to determine home directory for authority "
++ "file locking on display %s\n", d->name);
++ }
+ snprintf (backup_name, sizeof(backup_name), "%s/.XauthXXXXXX",
d->userAuthDir);
++ /*
++ * Security auditors should note that mktemp() is not used
++ * unsafely here. XauLockAuth() is very careful about opening
++ * the authority file, using O_CREAT and O_EXCL.
++ *
++ * However, note that the file backup_name will likely never be
++ * unlinked, since the user's home directory was unwritable and we
++ * will have to use backup_name as the authority file for the entire
++ * session.
++ */
+ (void) mktemp (backup_name);
+ lockStatus = XauLockAuth (backup_name, 1, 2, 10);
+ Debug ("backup lock is %d\n", lockStatus);
+ if (lockStatus == LOCK_SUCCESS) {
+- if (openFiles (backup_name, new_name, &old, &new)) {
++ if (openFiles (backup_name, new_name, NULL, &new)) {
++ old = NULL;
+ name = backup_name;
+ setenv = 1;
+ } else {
+ XauUnlockAuth (backup_name);
+ lockStatus = LOCK_ERROR;
+- }
++ }
+ }
+ }
+ if (lockStatus != LOCK_SUCCESS) {
+ Debug ("can't lock auth file %s or backup %s\n",
+ home_name, backup_name);
+- LogError ("can't lock authorization file %s or backup %s\n",
++ LogError ("cannot lock authorization file %s or backup %s\n",
+ home_name, backup_name);
+ return;
+ }
+@@ -1186,8 +1242,9 @@
+ Debug ("unlink %s failed\n", name);
+ envname = name;
+ if (link (new_name, name) == -1) {
++ LogError ("cannot move authorization file into place: %s\n",
++ _SysErrorMsg (errno));
+ Debug ("link failed %s %s\n", new_name, name);
+- LogError ("Can't move authorization into place\n");
+ setenv = 1;
+ envname = new_name;
+ } else {
+@@ -1263,12 +1320,14 @@
+ if (unlink (name) == -1)
+ Debug ("unlink %s failed\n", name);
+ if (link (new_name, name) == -1) {
++ LogError ("cannot move authorization file into place: %s\n",
++ _SysErrorMsg (errno));
+ Debug ("link failed %s %s\n", new_name, name);
+- LogError ("Can't move authorization into place\n");
+ } else {
+ Debug ("new is in place, go for it!\n");
+ unlink (new_name);
+ }
+ }
+ XauUnlockAuth (name);
++ Debug ("done RemoveUserAuthorization\n");
+ }
+diff -urN xc/programs/xdm~/choose.c xc/programs/xdm/choose.c
+--- xc/programs/xdm~/choose.c 2001-12-14 15:01:20.000000000 -0500
++++ xc/programs/xdm/choose.c 2003-02-23 17:04:20.000000000 -0500
+@@ -480,7 +480,7 @@
+ }
+ else
+ {
+- LogError ("Choice response read error: %s\n", strerror(errno));
++ LogError ("Choice response read error: %s\n", _SysErrorMsg (errno));
+ }
+
+ #if defined(STREAMSCONN)
+diff -urN xc/programs/xdm~/config/Imakefile xc/programs/xdm/config/Imakefile
+--- xc/programs/xdm~/config/Imakefile 2003-02-23 17:03:35.000000000 -0500
++++ xc/programs/xdm/config/Imakefile 2003-02-23 17:04:20.000000000 -0500
+@@ -39,7 +39,11 @@
#endif
CppFileTarget(Xservers.ws,Xserv.ws.cpp,-DBINDIR=$(BINDIR)
-DDEFAULTVT=$(DEFAULTVT),NullParameter)
@@ -110,12 +423,12 @@
+CppFileTarget(xdm-config,xdm-conf.cpp,-DXDMDIR=$(XDMDIR)
-DXDMLOGDIR=$(XDMLOGDIR) -DXDMPIDDIR=$(XDMPIDDIR) -DXDMVARDIR=$(XDMVARDIR)
-DSU=$(SU),NullParameter)
+#else
CppFileTarget(xdm-config,xdm-conf.cpp,-DXDMDIR=$(XDMDIR)
-DXDMLOGDIR=$(XDMLOGDIR) -DXDMPIDDIR=$(XDMPIDDIR) -DSU=$(SU),NullParameter)
-+#endif /* (LinuxArchitecture || GNUMachArchitecture) */
++#endif /* LinuxArchitecture || GNUMachArchitecture */
CppFileTarget(Xresources,Xres.cpp,$(XPM_DEFINES),NullParameter)
LinkFile(Xservers,Xservers.$(SERVERSTYPE))
---- xc/programs/xdm/config/Xres.cpp.orig Sun Dec 29 17:21:08 2002
-+++ xc/programs/xdm/config/Xres.cpp Sun Dec 29 17:28:23 2002
+--- xc/programs/xdm~/config/Xres.cpp 2003-09-15 14:17:05.000000000 -0500
++++ xc/programs/xdm/config/Xres.cpp 2003-09-15 14:23:34.000000000 -0500
@@ -28,22 +28,25 @@
#endif /* XPM */
xlogin*fail: Login incorrect
@@ -126,22 +439,22 @@
-xlogin*promptFont:
-adobe-helvetica-bold-r-normal--18-180-75-75-p-103-iso8859-1
-xlogin*failFont: -adobe-helvetica-bold-r-normal--18-180-75-75-p-103-iso8859-1
+/**/#if WIDTH >= 1024
-+xlogin*greetFont: -adobe-helvetica-bold-o-normal--25-180-75-75-p-138-iso8859-1
-+xlogin*font: -adobe-helvetica-medium-r-normal--20-140-75-75-p-98-iso8859-1
-+xlogin*promptFont:
-adobe-helvetica-bold-r-normal--20-140-75-75-p-103-iso8859-1
-+xlogin*failFont: -adobe-helvetica-bold-r-normal--20-140-75-75-p-103-iso8859-1
++xlogin*greetFont:
-adobe-helvetica-bold-o-normal--25-180-100-100-p-138-iso8859-1
++xlogin*font: -adobe-helvetica-medium-r-normal--20-140-100-100-p-100-iso8859-1
++xlogin*promptFont:
-adobe-helvetica-bold-r-normal--20-140-100-100-p-105-iso8859-1
++xlogin*failFont:
-adobe-helvetica-bold-r-normal--20-140-100-100-p-105-iso8859-1
+/**/#if PLANES >= 8
+xlogin*logoFileName: BITMAPDIR/**//XDM_PIXMAP
++/**/#else
++xlogin*logoFileName: BITMAPDIR/**//XDM_BWPIXMAP
++/**/#endif
/**/#else
-xlogin*greetFont:
-adobe-helvetica-bold-o-normal--17-120-100-100-p-92-iso8859-1
-+xlogin*logoFileName: BITMAPDIR/**//XDM_BWPIXMAP
-+/**/#endif
-+/**/#else
-+xlogin*greetFont:
-adobe-helvetica-bold-o-normal--14-140-100-100-p-92-iso8859-1
++xlogin*greetFont: -adobe-helvetica-bold-o-normal--14-140-75-75-p-82-iso8859-1
xlogin*font: -adobe-helvetica-medium-r-normal--12-120-75-75-p-67-iso8859-1
xlogin*promptFont: -adobe-helvetica-bold-r-normal--12-120-75-75-p-70-iso8859-1
-xlogin*failFont: -adobe-helvetica-bold-o-normal--14-140-75-75-p-82-iso8859-1
-+xlogin*failFont: -adobe-helvetica-bold-o-normal--12-120-75-75-p-82-iso8859-1
++xlogin*failFont: -adobe-helvetica-bold-r-normal--12-120-75-75-p-70-iso8859-1
/**/#endif
#endif /* XPM */
/**/#ifdef COLOR
@@ -173,57 +486,193 @@
xlogin*useShape: true
xlogin*logoPadding: 10
#endif /* XPM */
---- xc/programs/xdm/config/xdm-conf.cpp.orig Sun Dec 29 17:28:54 2002
-+++ xc/programs/xdm/config/xdm-conf.cpp Sun Dec 29 17:32:40 2002
-@@ -10,19 +10,21 @@
- DisplayManager.keyFile: XDMDIR/xdm-keys
- DisplayManager.servers: XDMDIR/Xservers
- DisplayManager.accessFile: XDMDIR/Xaccess
-+DisplayManager.authDir: XDMVARDIR
- DisplayManager.willing: SU nobody -c XDMDIR/Xwilling
- ! All displays should use authorization, but we cannot be sure
- ! X terminals may not be configured that way, so they will require
- ! individual resource settings.
- DisplayManager*authorize: true
--! The following three resources set up display :0 as the console.
--DisplayManager._0.setup: XDMDIR/Xsetup_0
--DisplayManager._0.startup: XDMDIR/GiveConsole
--DisplayManager._0.reset: XDMDIR/TakeConsole
--!
-+DisplayManager*setup: XDMDIR/Xsetup
-+DisplayManager*startup: XDMDIR/Xstartup
-+DisplayManager*reset: XDMDIR/Xreset
- DisplayManager*resources: XDMDIR/Xresources
- DisplayManager*session: XDMDIR/Xsession
- DisplayManager*authComplain: true
-+!
-+DisplayManager*userPath:
/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games
-+DisplayManager*systemPath:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11
- #ifdef XPM
- DisplayManager*loginmoveInterval: 10
- #endif /* XPM */
---- xc/programs/xdm/dm.c.orig Sun Dec 29 17:35:59 2002
-+++ xc/programs/xdm/dm.c Sun Dec 29 17:41:22 2002
-@@ -40,6 +40,7 @@
- # include "dm_error.h"
+--- xc/programs/xdm~/daemon.c 2002-12-04 11:53:39.000000000 -0500
++++ xc/programs/xdm/daemon.c 2003-09-15 14:28:21.000000000 -0500
+@@ -87,7 +87,7 @@
+ break;
+ case -1:
+ /* error */
+- LogError ("daemon fork failed, errno = %d\n", errno);
++ LogError ("daemon fork failed: %s\n", _SysErrorMsg (errno));
+ break;
- # include <stdio.h>
-+# include <string.h>
+ default: {
+@@ -107,7 +107,7 @@
+ #endif
+ if (stat != 0)
+ LogError ("setting process group for daemon failed: %s\n",
+- strerror(errno));
++ _SysErrorMsg (errno));
+ #endif /* ! (CSRG_BASED || SYSV || SVR4 || __QNXNTO__ || __GLIBC__) */
+ }
+ exit (0);
+@@ -118,28 +118,29 @@
+ BecomeDaemon (void)
+ {
+ /*
+- * Close standard file descriptors and get rid of controlling tty
++ * Get rid of controlling tty. We would close standard file
++ * descriptors as well, but that interferes with our logging.
+ */
+
+ /* If our C library has the daemon() function, just use it. */
+ #if defined(__GLIBC__) || defined(CSRG_BASED)
+- daemon (0, 0);
++ if ((daemon (0, 1)) == -1) {
++ if (errno) {
++ LogError ("unable to daemonize: %s\n", _SysErrorMsg (errno));
++ } else {
++ LogError ("unable to daemonize\n");
++ }
++ }
+ #else
+- int i;
+-
+ # if defined(SYSV) || defined(SVR4) || defined(__QNXNTO__)
+ setpgrp ();
+ # else
+ setpgrp (0, getpid ());
+ # endif
+
+- close (0);
+- close (1);
+- close (2);
+-
+ # if !defined(__UNIXOS2__) && !defined(__CYGWIN__)
+ # if !((defined(SYSV) || defined(SVR4)) && defined(i386))
+- if ((i = open ("/dev/tty", O_RDWR)) >= 0) { /* did open succeed? */
++ if ((int i = open ("/dev/tty", O_RDWR)) >= 0) { /* did open succeed?
*/
+ # if defined(USG) && defined(TCCLRCTTY)
+ int zero = 0;
+ (void) ioctl (i, TCCLRCTTY, &zero);
+@@ -148,19 +149,12 @@
+ int zero = 0;
+ (void) ioctl (i, TIOCTTY, &zero);
+ # else
+- (void) ioctl (i, TIOCNOTTY, (char *) 0); /* detach, BSD style */
++ (void) ioctl (i, TIOCNOTTY, (char *) 0); /* detach, BSD style */
+ # endif
+ # endif
+ (void) close (i);
+ }
+ # endif /* !((SYSV || SVR4) && i386) */
+ # endif /* !__UNIXOS2__ && !__CYGWIN__*/
+-
+- /*
+- * Set up the standard file descriptors.
+- */
+- (void) open ("/", O_RDONLY); /* root inode already in core */
+- (void) dup2 (0, 1);
+- (void) dup2 (0, 2);
+ #endif
+ }
+diff -urN xc/programs/xdm~/dm.c xc/programs/xdm/dm.c
+--- xc/programs/xdm~/dm.c 2003-02-23 17:03:35.000000000 -0500
++++ xc/programs/xdm/dm.c 2003-02-23 17:04:25.000000000 -0500
+@@ -35,41 +35,42 @@
+ * display manager
+ */
+
+-# include "dm.h"
+-# include "dm_auth.h"
+-# include "dm_error.h"
++#include "dm.h"
++#include "dm_auth.h"
++#include "dm_error.h"
+
+-# include <stdio.h>
++#include <stdio.h>
++#include <string.h>
#ifdef X_POSIX_C_SOURCE
- #define _POSIX_C_SOURCE X_POSIX_C_SOURCE
- #include <signal.h>
+-#define _POSIX_C_SOURCE X_POSIX_C_SOURCE
+-#include <signal.h>
+-#undef _POSIX_C_SOURCE
+-#else
+-#if defined(X_NOT_POSIX) || defined(_POSIX_SOURCE)
+-#include <signal.h>
+-#else
+-#define _POSIX_SOURCE
+-#include <signal.h>
+-#undef _POSIX_SOURCE
+-#endif
++# define _POSIX_C_SOURCE X_POSIX_C_SOURCE
++# include <signal.h>
++# undef _POSIX_C_SOURCE
++#else
++# if defined(X_NOT_POSIX) || defined(_POSIX_SOURCE)
++# include <signal.h>
++# else
++# define _POSIX_SOURCE
++# include <signal.h>
++# undef _POSIX_SOURCE
++# endif
+ #endif
+ #ifdef __NetBSD__
+-#include <sys/param.h>
++# include <sys/param.h>
+ #endif
+
+ #ifndef sigmask
+-#define sigmask(m) (1 << ((m - 1)))
++# define sigmask(m) (1 << ((m - 1)))
+ #endif
+
+-# include <sys/stat.h>
+-# include <errno.h>
+-# include <X11/Xfuncproto.h>
+-# include <stdarg.h>
++#include <sys/stat.h>
++#include <errno.h>
++#include <X11/Xfuncproto.h>
++#include <stdarg.h>
+
+ #ifndef F_TLOCK
+-#ifndef X_NOT_POSIX
++# ifndef X_NOT_POSIX
+ # include <unistd.h>
+-#endif
++# endif
+ #endif
+
+
@@ -100,7 +101,9 @@
static SIGVAL ChildNotify (int n);
#endif
-static int StorePid (void);
-+static int pidFd;
-+static FILE *pidFilePtr;
-+static int StorePid (void);
++static int pidFd;
++static FILE *pidFilePtr;
++static long StorePid (void);
static int parent_pid = -1; /* PID of parent xdm process */
-@@ -138,7 +141,6 @@
+@@ -124,34 +127,42 @@
+ InitResources (argc, argv);
+ SetConfigFileTime ();
+ LoadDMResources ();
++ if (debugLevel == 0)
++ {
++ if (getuid() != 0)
++ {
+ /*
+- * Only allow root to run in non-debug mode to avoid problems
++ * only allow root to run in non-debug mode to avoid problems
+ */
+- if (debugLevel == 0 && getuid() != 0)
+- {
+- fprintf (stderr, "Only root wants to run %s\n", argv[0]);
++ LogError ("only root run can run %s in non-debug mode; exiting\n",
++ argv[0]);
+ exit (1);
+ }
++ /*
++ * if not debugging, send messages to the log file
++ */
++ InitErrorLog ();
++ }
+ if (debugLevel == 0 && daemonMode)
+ BecomeOrphan ();
+ if (debugLevel >= 10)
nofork_session = 1;
if (debugLevel == 0 && daemonMode)
BecomeDaemon ();
@@ -231,27 +680,317 @@
if ((oldpid = StorePid ()))
{
if (oldpid == -1)
-@@ -761,9 +763,6 @@
+- LogError ("Can't create/lock pid file %s\n", pidFile);
++ LogError ("error opening process-id file %s; exiting\n", pidFile);
+ else
+- LogError ("Can't lock pid file %s, another xdm is running (pid
%d)\n",
+- pidFile, oldpid);
++ LogError ("process-id file %s indicates another xdm is "
++ "running (pid %d); exiting\n", pidFile, oldpid);
+ exit (1);
+ }
+- if (debugLevel == 0)
+- InitErrorLog ();
+
+- if (nofork_session == 0) {
++ LogInfo ("starting\n");
++
++ if (nofork_session == 0)
++ {
+ /* Clean up any old Authorization files */
+ /* AUD: all good? */
+ snprintf(cmdbuf, sizeof(cmdbuf), "/bin/rm -f %s/authdir/authfiles/A*",
authDir);
+@@ -184,6 +195,7 @@
+ #ifndef UNRELIABLE_SIGNALS
+ (void) Signal (SIGCHLD, ChildNotify);
+ #endif
++ Debug ("startup successful; entering main loop\n");
+ while (
+ #ifdef XDMCP
+ AnyWellKnownSockets() ||
+@@ -202,7 +214,8 @@
+ #endif
+ }
+ Debug ("Nothing left to do, exiting\n");
+- exit(0);
++ LogInfo ("exiting\n");
++ exit (0);
+ /*NOTREACHED*/
+ }
+
+@@ -363,13 +376,14 @@
+ *
+ * See defect XWSog08655 for more information.
+ */
+- Debug ("Child xdm caught SIGTERM before it remove that signal.\n");
++ Debug ("Child xdm caught SIGTERM before it removed that signal.\n");
+ (void) Signal (n, SIG_DFL);
+ TerminateProcess (getpid(), SIGTERM);
+ errno = olderrno;
+ return;
+ }
+ Debug ("Shutting down entire manager\n");
++ LogInfo ("shutting down\n");
+ #ifdef XDMCP
+ DestroyWellKnownSockets ();
+ #endif
+@@ -420,43 +434,45 @@
+ /* XXX classic System V signal race condition here with RescanNotify */
+ if ((pid = wait (&status)) != -1)
+ #else
+-#ifndef X_NOT_POSIX
++# ifndef X_NOT_POSIX
+ sigemptyset(&mask);
+ sigaddset(&mask, SIGCHLD);
+ sigaddset(&mask, SIGHUP);
+ sigprocmask(SIG_BLOCK, &mask, &omask);
+ Debug ("signals blocked\n");
+-#else
++# else
+ omask = sigblock (sigmask (SIGCHLD) | sigmask (SIGHUP));
+ Debug ("signals blocked, mask was 0x%x\n", omask);
+-#endif
++# endif
+ if (!ChildReady && !Rescan)
+-#ifndef X_NOT_POSIX
++# ifndef X_NOT_POSIX
+ sigsuspend(&omask);
+-#else
++# else
+ sigpause (omask);
+-#endif
++# endif
+ ChildReady = 0;
+-#ifndef X_NOT_POSIX
++# ifndef X_NOT_POSIX
+ sigprocmask(SIG_SETMASK, &omask, (sigset_t *)NULL);
+-#else
++# else
+ sigsetmask (omask);
+-#endif
+-#ifndef X_NOT_POSIX
++# endif
++# ifndef X_NOT_POSIX
+ while ((pid = waitpid (-1, &status, WNOHANG)) > 0)
+-#else
++# else
+ while ((pid = wait3 (&status, WNOHANG, (struct rusage *) 0)) > 0)
+-#endif
+-#endif
++# endif
++#endif /* UNRELIABLE_SIGNALS */
+ {
+ Debug ("Manager wait returns pid: %d sig %d core %d code %d\n",
+ pid, waitSig(status), waitCore(status), waitCode(status));
+ if (autoRescan)
+ RescanIfMod ();
+ /* SUPPRESS 560 */
+- if ((d = FindDisplayByPid (pid))) {
++ if ((d = FindDisplayByPid (pid)))
++ {
+ d->pid = -1;
+- switch (waitVal (status)) {
++ switch (waitVal (status))
++ {
+ case UNMANAGE_DISPLAY:
+ Debug ("Display exited with UNMANAGE_DISPLAY\n");
+ StopDisplay (d);
+@@ -470,12 +486,6 @@
+ else
+ RestartDisplay (d, FALSE);
+ break;
+- default:
+- Debug ("Display exited with unknown status %d\n",
waitVal(status));
+- LogError ("Unknown session exit code %d from process %d\n",
+- waitVal (status), pid);
+- StopDisplay (d);
+- break;
+ case OPENFAILED_DISPLAY:
+ Debug ("Display exited with OPENFAILED_DISPLAY, try %d of %d\n",
+ d->startTries, d->startAttempts);
+@@ -492,7 +502,7 @@
+ d->status == zombie ||
+ ++d->startTries >= d->startAttempts)
+ {
+- LogError ("Display %s is being disabled\n", d->name);
++ LogError ("display %s is being disabled\n", d->name);
+ StopDisplay (d);
+ }
+ else
+@@ -512,13 +522,15 @@
+ time(&Time);
+ Debug("time %i %i\n",Time,d->lastCrash);
+ if (d->lastCrash &&
+- ((Time - d->lastCrash) < XDM_BROKEN_INTERVAL)) {
++ ((Time - d->lastCrash) < XDM_BROKEN_INTERVAL))
++ {
+ Debug("Server crash frequency too high:"
+ " removing display %s\n",d->name);
+ LogError("Server crash rate too high:"
+ " removing display %s\n",d->name);
+ RemoveDisplay (d);
+- } else
++ }
++ else
+ d->lastCrash = Time;
+ }
+ break;
+@@ -527,10 +539,20 @@
+ d->startTries, d->startAttempts);
+ if (d->displayType.origin == FromXDMCP ||
+ d->status == zombie ||
+- ++d->startTries >= d->startAttempts) {
+- LogError ("Display %s is being disabled\n", d->name);
++ ++d->startTries >= d->startAttempts)
++ {
++ /*
++ * During normal xdm shutdown, killed local X servers
++ * can be zombies; this is not an error.
++ */
++ if (d->status == zombie &&
++ (d->startTries < d->startAttempts))
++ LogInfo ("display %s is being disabled\n", d->name);
++ else
++ LogError ("display %s is being disabled\n", d->name);
+ StopDisplay(d);
+- } else
++ }
++ else
+ RestartDisplay (d, TRUE);
+ break;
+ case REMANAGE_DISPLAY:
+@@ -545,6 +567,13 @@
+ else
+ RestartDisplay (d, FALSE);
+ break;
++ default:
++ Debug ("Display %s exited with unknown status %d\n",
++ d->name, waitVal(status));
++ LogError ("display %s (pid %ld) exited with unexpected status "
++ "%d\n", d->name, waitVal (status), (long) pid);
++ StopDisplay (d);
++ break;
+ }
+ }
+ /* SUPPRESS 560 */
+@@ -558,12 +587,15 @@
+ RemoveDisplay (d);
+ break;
+ case phoenix:
+- Debug ("Phoenix server arises, restarting display %s\n",
d->name);
++ Debug ("Phoenix server arises, restarting display %s\n",
++ d->name);
+ d->status = notRunning;
+ break;
+ case running:
+- Debug ("Server for display %s terminated unexpectedly, status
%d %d\n", d->name, waitVal (status), status);
+- LogError ("Server for display %s terminated unexpectedly:
%d\n", d->name, waitVal (status));
++ Debug ("Server for display %s terminated unexpectedly, "
++ "status %d %d\n", d->name, waitVal (status), status);
++ LogError ("Server for display %s terminated unexpectedly: %d\n",
++ d->name, waitVal (status));
+ if (d->pid != -1)
+ {
+ Debug ("Terminating session pid %d\n", d->pid);
+@@ -571,7 +603,8 @@
+ }
+ break;
+ case notRunning:
+- Debug ("Server exited for notRunning session on display %s\n",
d->name);
++ Debug ("Server exited for notRunning session on display %s\n",
++ d->name);
+ break;
+ }
+ }
+@@ -588,7 +621,8 @@
+ {
+ if (d->displayType.origin == FromFile)
+ {
+- switch (d->state) {
++ switch (d->state)
++ {
+ case MissingEntry:
+ StopDisplay (d);
+ break;
+@@ -614,10 +648,12 @@
+ int pid;
+
+ Debug ("StartDisplay %s\n", d->name);
++ LogInfo ("starting X server on %s\n", d->name);
+ LoadServerResources (d);
+ if (d->displayType.location == Local)
+ {
+- /* don't bother pinging local displays; we'll
++ /*
++ * don't bother pinging local displays; we'll
+ * certainly notice when they exit
+ */
+ d->pingInterval = 0;
+@@ -637,7 +673,8 @@
+ }
+ if (d->serverPid == -1 && !StartServer (d))
+ {
+- LogError ("Server for display %s can't be started, session
disabled\n", d->name);
++ LogError ("Server for display %s can't be started, session "
++ "disabled\n", d->name);
+ RemoveDisplay (d);
+ return;
+ }
+@@ -655,7 +692,8 @@
+ switch (pid)
+ {
+ case 0:
+- if (!nofork_session) {
++ if (!nofork_session)
++ {
+ CleanUpChild ();
+ (void) Signal (SIGPIPE, SIG_IGN);
+ }
+@@ -739,7 +777,8 @@
+ ClearCloseOnFork (int fd)
+ {
+ FD_CLR (fd, &CloseMask);
+- if (fd == max) {
++ if (fd == max)
++ {
+ while (--fd >= 0)
+ if (FD_ISSET (fd, &CloseMask))
+ break;
+@@ -761,100 +800,68 @@
max = 0;
}
-static int pidFd;
-static FILE *pidFilePtr;
-
- static int
+-static int
++static long
StorePid (void)
{
-@@ -779,77 +778,24 @@
- pidFile);
- return -1;
- }
+- int oldpid;
++ long oldpid;
++ char pidstr[11]; /* enough space for a 32-bit pid plus \0 */
++ size_t pidstrlen;
+
+- if (pidFile[0] != '\0') {
+- pidFd = open (pidFile, O_RDWR);
+- if (pidFd == -1 && errno == ENOENT)
+- pidFd = open (pidFile, O_RDWR|O_CREAT, 0666);
+- if (pidFd == -1 || !(pidFilePtr = fdopen (pidFd, "r+")))
++ if (pidFile[0] != '\0')
++ {
++ pidFd = open (pidFile, O_WRONLY|O_CREAT|O_EXCL, 0666);
++ if (pidFd == -1)
+ {
+- LogError ("process-id file %s cannot be opened\n",
+- pidFile);
+- return -1;
+- }
- if (fscanf (pidFilePtr, "%d\n", &oldpid) != 1)
-+ if (fscanf(pidFilePtr, "%d\n", &oldpid) != 1)
- oldpid = -1;
+- oldpid = -1;
- fseek (pidFilePtr, 0l, 0);
- if (lockPidFile)
-+ if (fseek(pidFilePtr, 0L, SEEK_SET) == -1)
- {
+- {
-#ifdef F_SETLK
-#ifndef SEEK_SET
-#define SEEK_SET 0
@@ -261,48 +1000,73 @@
- lock_data.l_whence = SEEK_SET;
- lock_data.l_start = lock_data.l_len = 0;
- if (fcntl(pidFd, F_SETLK, &lock_data) == -1)
-- {
++ if (errno == EEXIST)
+ {
- if (errno == EAGAIN)
- return oldpid;
- else
-- return -1;
-- }
++ /* pidFile already exists; see if we can open it */
++ pidFilePtr = fopen (pidFile, "r");
++ if (pidFilePtr == NULL)
++ {
++ LogError ("cannot open process-id file %s for reading: "
++ "%s\n", pidFile, _SysErrorMsg (errno));
+ return -1;
++ }
++ if (fscanf (pidFilePtr, "%ld\n", &oldpid) != 1)
++ {
++ LogError ("existing process-id file %s empty or contains "
++ "garbage\n", pidFile);
++ oldpid = -1;
++ }
++ fclose (pidFilePtr);
++ return oldpid;
+ }
-#else
-#ifdef LOCK_EX
- if (flock (pidFd, LOCK_EX|LOCK_NB) == -1)
- {
- if (errno == EWOULDBLOCK)
- return oldpid;
-- else
+ else
- return -1;
- }
-#else
- if (lockf (pidFd, F_TLOCK, 0) == -1)
-- {
+ {
- if (errno == EACCES)
- return oldpid;
- else
- return -1;
-- }
++ LogError ("cannot fdopen process-id file %s for writing: "
++ "%s\n", pidFile, _SysErrorMsg (errno));
++ return -1;
+ }
-#endif
-#endif
-+ LogError("cannot seek PID file %s: %s\n", pidFile,
-+ strerror(errno));
-+ return -1;
-+ }
-+ if (fprintf(pidFilePtr, "%5ld\n", (long)getpid()) != 6) {
-+ LogError("cannot write to PID file %s: %s\n", pidFile,
-+ strerror(errno));
-+ return -1;
}
- fprintf (pidFilePtr, "%5ld\n", (long)getpid ());
++ if ((pidFilePtr = fdopen (pidFd, "w")) == NULL)
++ {
++ LogError ("cannot open process-id file %s for writing: %s\n",
++ pidFile, _SysErrorMsg (errno));
++ return -1;
++ }
++ (void) snprintf (pidstr, 11, "%ld", (long) getpid ());
++ pidstrlen = strlen (pidstr);
++ if (fprintf (pidFilePtr, "%s\n", pidstr) != ( pidstrlen + 1))
++ {
++ LogError ("cannot write to process-id file %s: %s\n", pidFile,
++ _SysErrorMsg (errno));
++ return -1;
++ }
(void) fflush (pidFilePtr);
- RegisterCloseOnFork (pidFd);
+ (void) fclose (pidFilePtr);
}
return 0;
}
--
+
-#if 0
-void
-UnlockPidFile (void)
@@ -327,336 +1091,865 @@
- fclose (pidFilePtr);
-}
-#endif
-
+-
#ifndef HAS_SETPROCTITLE
void SetTitle (char *name, ...)
-
---- xc/programs/xdm~/genauth.c 2002-11-06 00:03:23.000000000 -0500
-+++ xc/programs/xdm/genauth.c 2002-11-06 00:06:42.000000000 -0500
-@@ -66,52 +66,27 @@
+ {
+-#ifndef NOXDMTITLE
++# ifndef NOXDMTITLE
+ char *p = Title;
+ int left = TitleLen;
+ char *s;
+@@ -879,6 +886,6 @@
+ --left;
+ }
+ va_end(args);
+-#endif
++# endif /* NOXDMTITLE */
+ }
+-#endif
++#endif /* HAS_SETPROCTITLE */
+diff -urN xc/programs/xdm~/dm_auth.h xc/programs/xdm/dm_auth.h
+--- xc/programs/xdm~/dm_auth.h 2000-05-31 02:15:11.000000000 -0500
++++ xc/programs/xdm/dm_auth.h 2003-02-23 17:04:25.000000000 -0500
+@@ -42,18 +42,40 @@
+ extern void MitInitAuth (unsigned short name_len, char *name);
+ extern Xauth *MitGetAuth (unsigned short namelen, char *name);
- #endif
++/* xdmauth.c */
+ #ifdef HASXDMAUTH
+ extern void XdmInitAuth (unsigned short name_len, char *name);
+ extern Xauth *XdmGetAuth (unsigned short namelen, char *name);
+-#ifdef XDMCP
++# ifdef XDMCP
+ extern void XdmGetXdmcpAuth (
+ struct protoDisplay *pdpy,
+ unsigned short authorizationNameLen,
+ char *authorizationName);
+-#else
+-#define XdmGetXdmcpAuth NULL
+-#endif
+-#endif
++
++extern int XdmCheckAuthentication (
++ struct protoDisplay *pdpy,
++ ARRAY8Ptr displayID,
++ ARRAY8Ptr authenticationName,
++ ARRAY8Ptr authenticationData);
++
++typedef unsigned char auth_cblock[8]; /* block size */
++
++typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
++
++extern void _XdmcpAuthSetup (auth_cblock key,
++ auth_wrapper_schedule schedule);
++
++extern void _XdmcpAuthDoIt (auth_cblock input,
++ auth_cblock output,
++ auth_wrapper_schedule schedule,
++ int edflag);
++
++extern void _XdmcpWrapperToOddParity (unsigned char *in,
++ unsigned char *out);
++# else
++# define XdmGetXdmcpAuth NULL
++# endif
++#endif /* HASXDMAUTH */
--# define FILE_LIMIT 1024 /* no more than this many buffers */
-+#define FILE_LIMIT 1024 /* no more than this many buffers */
+ #ifdef SECURE_RPC
+ extern void SecureRPCInitAuth (unsigned short name_len, char *name);
+@@ -68,15 +90,12 @@
+ /* auth.c */
+ extern int ValidAuthorization (unsigned short name_length, char *name);
--#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
--static int
--sumFile (char *name, long sum[2])
--{
-- long buf[1024*2];
-- int cnt;
-- int fd;
-- int loops;
-- int reads;
-- int i;
-- int ret_status = 0;
-
-- fd = open (name, O_RDONLY);
-- if (fd < 0) {
-- LogError("Cannot open randomFile \"%s\", errno = %d\n", name, errno);
-- return 0;
-- }
--#ifdef FRAGILE_DEV_MEM
-- if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
--#endif
-- reads = FILE_LIMIT;
-- sum[0] = 0;
-- sum[1] = 0;
-- while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
-- loops = cnt / (2 * sizeof (long));
-- for (i = 0; i < loops; i+= 2) {
-- sum[0] += buf[i];
-- sum[1] += buf[i+1];
-- ret_status = 1;
-- }
-- }
-- if (cnt < 0)
-- LogError("Cannot read randomFile \"%s\", errno = %d\n", name, errno);
-- close (fd);
-- return ret_status;
--}
-+/*
-+ * Historically, if HASXDMAUTH was defined but neither ARC4_RANDOM nor
-+ * DEV_RANDOM were defined, xdm provided a function called sumFile() that
-+ * would read straight from /dev/mem and use that as an entropy source.
-+ * However, that's a bad idea because A) it's not very entropic and B) some
-+ * OSes have hardware registers mapped into /dev/mem, and even just reading
-+ * from them can cause machine checks. It's a Bad Thing to do.
-+ */
-+#ifdef HASXDMAUTH
-+# if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
-+# error neither ARC4_RANDOM nor DEV_RANDOM defined; no entropy collection
mechanism available
-+# endif
- #endif
+ #ifdef XDMCP
+-
+ extern void
+ SetProtoDisplayAuthorization (
+ struct protoDisplay *pdpy,
+ unsigned short authorizationNameLen,
+ char *authorizationName);
+-
+ #endif /* XDMCP */
- #ifdef HASXDMAUTH
- static void
- InitXdmcpWrapper (void)
+ extern int SaveServerAuthorizations (struct display *d, Xauth **auths, int
count);
+diff -urN xc/programs/xdm~/dm_error.h xc/programs/xdm/dm_error.h
+--- xc/programs/xdm~/dm_error.h 1998-10-10 10:25:33.000000000 -0500
++++ xc/programs/xdm/dm_error.h 2003-02-23 17:04:25.000000000 -0500
+@@ -50,7 +50,6 @@
+ extern void LogInfo (char * fmt, ...) GCC_PRINTFLIKE(1,2);
+ extern void LogOutOfMem (char * fmt, ...) GCC_PRINTFLIKE(1,2);
+ extern void LogPanic (char * fmt, ...) GCC_PRINTFLIKE(1,2);
+-extern void Panic (char * mesg);
+
+
+ #endif /* _DM_ERROR_H_ */
+diff -urN xc/programs/xdm~/error.c xc/programs/xdm/error.c
+--- xc/programs/xdm~/error.c 2003-02-23 17:03:35.000000000 -0500
++++ xc/programs/xdm/error.c 2003-02-23 17:41:04.000000000 -0500
+@@ -34,23 +34,41 @@
+ *
+ * error.c
+ *
+- * Log display manager errors to a file as
+- * we generally do not have a terminal to talk to
++ * Log display manager errors to a file as we generally do not have a
++ * terminal to talk to.
++ *
++ * Because we have child processes, and chatty things like X servers, we do
++ * not use syslog().
+ */
+
+-# include <stdio.h>
+-# include <stdarg.h>
++#include <errno.h>
++#include <stdio.h>
++#include <stdarg.h>
++#include <time.h>
+
+-# include "dm.h"
+-# include "dm_error.h"
++#include "dm.h"
++#include "dm_error.h"
+
+ #define WRITES(fd, buf) write(fd, buf, strlen(buf))
+
+-void LogInfo(char * fmt, ...)
++void
++LogInfo(char * fmt, ...)
{
--
--#ifdef ARC4_RANDOM
-+# ifdef ARC4_RANDOM
- u_int32_t sum[2];
+ char buf[1024];
- sum[0] = arc4random();
-@@ -119,42 +95,30 @@
- *(u_char *)sum = 0;
+- snprintf(buf, sizeof buf, "xdm info (pid %ld): ", (long)getpid());
++ time_t seconds;
++ struct tm *timestamp = NULL;
++ char timebuf[256];
++
++ if (time(&seconds) > (time_t) -1)
++ timestamp = localtime(&seconds);
++
++ strcpy(timebuf, "(time unavailable)");
++
++ if (timestamp != NULL)
++ strftime(timebuf, 255, "%c", timestamp);
++
++ snprintf(buf, sizeof buf, "%s xdm info (pid %ld): ", timebuf,
(long)getpid());
+ WRITES(STDERR_FILENO, buf);
+ {
+ va_list args;
+@@ -61,11 +79,24 @@
+ WRITES(STDERR_FILENO, buf);
+ }
- _XdmcpWrapperToOddParity(sum, key);
--
--#elif defined(DEV_RANDOM)
-+# elif defined(DEV_RANDOM)
- int fd;
- unsigned char tmpkey[8];
--
-- if ((fd = open(DEV_RANDOM, O_RDONLY)) >= 0) {
+-void LogError (char * fmt, ...)
++void
++LogError (char * fmt, ...)
+ {
+ char buf[1024];
+
+- snprintf (buf, sizeof buf, "xdm error (pid %ld): ", (long)getpid());
++ time_t seconds;
++ struct tm *timestamp = NULL;
++ char timebuf[256];
+
-+ if ((fd = open(randomFile, O_RDONLY)) >= 0) {
- if (read(fd, tmpkey, 8) == 8) {
- tmpkey[0] = 0;
- _XdmcpWrapperToOddParity(tmpkey, key);
- close(fd);
-- return;
-+ return;
- } else {
- close(fd);
- }
-+ } else {
-+ LogError("cannot open random device \"%s\": %s\n", randomFile,
-+ _SysErrorMsg (errno));
- }
--#else
-- long sum[2];
-- unsigned char tmpkey[8];
--
-- if (!sumFile (randomFile, sum)) {
-- sum[0] = time ((Time_t *) 0);
-- sum[1] = time ((Time_t *) 0);
-- }
-- longtochars (sum[0], tmpkey+0);
-- longtochars (sum[1], tmpkey+4);
-- tmpkey[0] = 0;
-- _XdmcpWrapperToOddParity (tmpkey, key);
--#endif
-+# endif /* ARC4_RANDOM, DEV_RANDOM */
++ if (time(&seconds) > (time_t) -1)
++ timestamp = localtime(&seconds);
++
++ strcpy(timebuf, "(time unavailable)");
++
++ if (timestamp != NULL)
++ strftime(timebuf, 255, "%c", timestamp);
++
++ snprintf (buf, sizeof buf, "%s xdm error (pid %ld): ", timebuf,
(long)getpid());
+ WRITES(STDERR_FILENO, buf);
+ {
+ va_list args;
+@@ -76,11 +107,24 @@
+ WRITES(STDERR_FILENO, buf);
}
+
+-void LogPanic (char * fmt, ...)
++void
++LogPanic (char * fmt, ...)
+ {
+ char buf[1024];
+
+- snprintf (buf, sizeof buf, "xdm panic (pid %ld): ", (long)getpid());
++ time_t seconds;
++ struct tm *timestamp = NULL;
++ char timebuf[256];
++
++ if (time(&seconds) > (time_t) -1)
++ timestamp = localtime(&seconds);
++
++ strcpy(timebuf, "(time unavailable)");
++
++ if (timestamp != NULL)
++ strftime(timebuf, 255, "%c", timestamp);
++
++ snprintf (buf, sizeof buf, "%s xdm panic (pid %ld): ", timebuf,
(long)getpid());
+ WRITES(STDERR_FILENO, buf);
+ {
+ va_list args;
+@@ -92,8 +136,14 @@
+ _exit (1);
+ }
+
+-void LogOutOfMem (char * fmt, ...)
++void
++LogOutOfMem (char * fmt, ...)
+ {
++ /*
++ * No point messing with allocation of timeval structs and static
++ * buffers for the timestamp string if we're already out of memory...
++ */
++
+ fprintf (stderr, "xdm: out of memory in routine ");
+ {
+ va_list args;
+@@ -104,23 +154,12 @@
+ fflush (stderr);
+ }
+
+-void Panic (char *mesg)
+-{
+- int i;
-
--#endif
+- i = creat ("/dev/console", 0666);
+- write (i, "panic: ", 7);
+- write (i, mesg, strlen (mesg));
+- exit (1);
+-}
-
--#ifndef HASXDMAUTH
--/* A random number generator that is more unpredictable
-- than that shipped with some systems.
-- This code is taken from the C standard. */
-+#else
-+/*
-+ * This is a random number generator that is more unpredictable than that
-+ * shipped with some systems. This code is taken from the C standard.
-+ */
+-
+-void Debug (char * fmt, ...)
++void
++Debug (char * fmt, ...)
+ {
+ char buf[1024];
- static unsigned long int next = 1;
+- if (debugLevel > 0)
+- {
++ if (debugLevel > 0) {
+ va_list args;
+ va_start(args, fmt);
+ vsnprintf (buf, sizeof buf, fmt, args);
+@@ -129,17 +168,26 @@
+ }
+ }
-@@ -170,12 +134,12 @@
+-void InitErrorLog (void)
++void
++InitErrorLog (void)
{
- next = seed;
+- int i;
+- if (errorLogFile[0]) {
+- i = creat (errorLogFile, 0666);
+- if (i != -1) {
+- if (i != 2) {
+- dup2 (i, 2);
+- close (i);
+- }
+- } else
+- LogError ("Cannot open errorLogFile %s\n",
errorLogFile);
+- }
++ int fd;
++
++ if (errorLogFile[0]) {
++ /* create the log file if it doesn't already exist */
++ fd = open (errorLogFile, O_WRONLY|O_CREAT|O_EXCL, 0666);
++ if (fd == -1)
++ if (errno == EEXIST)
++ /* log file already exists; append to it */
++ fd = open (errorLogFile, O_WRONLY|O_APPEND);
++ if (fd != -1) {
++ /* redirect stderr to the log file */
++ if (fd != 2) {
++ dup2 (fd, 2);
++ close (fd);
++ }
++ } else
++ fprintf (stderr, "cannot open log file %s: %s\n", errorLogFile,
++ _SysErrorMsg (errno));
++ }
}
--#endif /* no HASXDMAUTH */
-+#endif /* HASXDMAUTH */
+diff -urN xc/programs/xdm~/genauth.c xc/programs/xdm/genauth.c
+--- xc/programs/xdm~/genauth.c 2003-02-23 17:03:31.000000000 -0500
++++ xc/programs/xdm/genauth.c 2003-02-23 17:04:25.000000000 -0500
+@@ -41,6 +41,7 @@
+ # include "dm_error.h"
- void
- GenerateAuthData (char *auth, int len)
+ #include <errno.h>
++#include <fcntl.h>
+
+ #include <time.h>
+ #define Time_t time_t
+@@ -49,12 +50,6 @@
+
+ #ifdef HASXDMAUTH
+
+-typedef unsigned char auth_cblock[8]; /* block size */
+-
+-typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
+-
+-extern void _XdmcpWrapperToOddParity();
+-
+ static void
+ longtochars (long l, unsigned char *c)
{
-- long ldata[2];
-+ long ldata[2];
+diff -urN xc/programs/xdm~/greeter/verify.c xc/programs/xdm/greeter/verify.c
+--- xc/programs/xdm~/greeter/verify.c 2003-02-23 17:03:35.000000000 -0500
++++ xc/programs/xdm/greeter/verify.c 2003-02-23 17:04:25.000000000 -0500
+@@ -367,7 +367,7 @@
+ errno = 0;
+ sp = getspnam(greet->name);
+ if (sp == NULL) {
+- Debug ("getspnam() failed, errno=%d. Are you root?\n", errno);
++ Debug ("getspnam() failed: %s", _SysErrorMsg (errno));
+ } else {
+ user_pass = sp->sp_pwdp;
+ }
+diff -urN xc/programs/xdm~/session.c xc/programs/xdm/session.c
+--- xc/programs/xdm~/session.c 2001-12-14 15:01:23.000000000 -0500
++++ xc/programs/xdm/session.c 2003-02-23 17:04:25.000000000 -0500
+@@ -60,17 +60,17 @@
+ #endif
- #ifdef ITIMER_REAL
- {
-@@ -187,53 +151,53 @@
- }
- #else
- {
--#ifndef __UNIXOS2__
-- long time ();
+ #ifndef GREET_USER_STATIC
+-#include <dlfcn.h>
+-#ifndef RTLD_NOW
+-#define RTLD_NOW 1
-#endif
-+# ifndef __UNIXOS2__
-+ long time ();
++# include <dlfcn.h>
++# ifndef RTLD_NOW
++# define RTLD_NOW 1
+# endif
+ #endif
- ldata[0] = time ((long *) 0);
- ldata[1] = getpid ();
- }
+ static int runAndWait (char **args, char **environ);
+
+-#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) ||
defined(__QNXNTO__)
+-#include <sys/types.h>
+-#include <grp.h>
++#if defined(CSRG_BASED) || defined(__osf__) || defined(__DARWIN__) ||
defined(__QNXNTO__) || defined(__GLIBC__)
++# include <sys/types.h>
++# include <grp.h>
+ #else
+ /* should be in <grp.h> */
+ extern void setgrent(void);
+@@ -82,28 +82,34 @@
+ extern struct spwd *getspnam(GETSPNAM_ARGS);
+ extern void endspent(void);
+ #endif
+-#if defined(CSRG_BASED)
+-#include <pwd.h>
+-#include <unistd.h>
++
++#if defined(CSRG_BASED) || defined(__GLIBC__)
++# include <pwd.h>
++# include <unistd.h>
+ #else
+ extern struct passwd *getpwnam(GETPWNAM_ARGS);
+-#ifdef linux
++# ifdef linux
+ extern void endpwent(void);
-#endif
-+#endif /* ITIMER_REAL */
++# endif
++# ifndef __GLIBC__
+ extern char *crypt(CRYPT_ARGS);
++# endif
+ #endif
+
- #ifdef HASXDMAUTH
- {
-- int bit;
-- int i;
-- auth_wrapper_schedule schedule;
-- unsigned char data[8];
-- static int xdmcpAuthInited;
--
-+ int bit;
-+ int i;
-+ auth_wrapper_schedule schedule;
-+ unsigned char data[8];
-+ static int xdmcpAuthInited;
-+
- longtochars (ldata[0], data+0);
- longtochars (ldata[1], data+4);
-- if (!xdmcpAuthInited)
+ #ifdef USE_PAM
+-pam_handle_t **thepamhp()
++pam_handle_t **
++thepamhp ()
+ {
+ static pam_handle_t *pamh = NULL;
+ return &pamh;
+ }
+
+-pam_handle_t *thepamh()
++pam_handle_t *
++thepamh ()
+ {
+ pam_handle_t **pamhp;
+
+- pamhp = thepamhp();
++ pamhp = thepamhp ();
+ if (pamhp)
+ return *pamhp;
+ else
+@@ -136,12 +142,12 @@
+ endgrent,
+ #ifdef USESHADOW
+ getspnam,
+-#ifndef QNX4
++# ifndef QNX4
+ endspent,
+-#endif /* QNX4 doesn't use endspent */
++# endif /* QNX4 doesn't use endspent */
+ #endif
+ getpwnam,
+-#ifdef linux
++#if defined(linux) || defined(__GLIBC__)
+ endpwent,
+ #endif
+ crypt,
+@@ -189,7 +195,7 @@
+ }
+
+ #if defined(_POSIX_SOURCE) || defined(SYSV) || defined(SVR4)
+-#define killpg(pgrp, sig) kill(-(pgrp), sig)
++# define killpg(pgrp, sig) kill(-(pgrp), sig)
+ #endif
+
+ static void
+@@ -577,35 +583,33 @@
+
+ #ifndef AIXV3
+ #ifndef HAS_SETUSERCONTEXT
+- if (setgid(verify->gid) < 0)
- {
-+ if (!xdmcpAuthInited) {
- InitXdmcpWrapper ();
- xdmcpAuthInited = 1;
+- LogError("setgid %d (user \"%s\") failed, errno=%d\n",
+- verify->gid, name, errno);
++ if (setgid (verify->gid) < 0) {
++ LogError ("setgid %d (user \"%s\") failed: %s\n",
++ verify->gid, name, _SysErrorMsg (errno));
+ return (0);
}
- _XdmcpAuthSetup (key, schedule);
-- for (i = 0; i < len; i++) {
-+ for (i = 0; i < len; i++) {
- auth[i] = 0;
- for (bit = 1; bit < 256; bit <<= 1) {
- _XdmcpAuthDoIt (data, data, schedule, 1);
- if ((data[0] + data[1]) & 0x4)
- auth[i] |= bit;
+ #if defined(BSD) && (BSD >= 199103)
+- if (setlogin(name) < 0)
+- {
+- LogError("setlogin for \"%s\" failed, errno=%d", name, errno);
+- return(0);
++ if (setlogin (name) < 0) {
++ LogError ("setlogin for \"%s\" failed: %s\n", name,
++ _SysErrorMsg (errno));
++ return (0);
+ }
+ #endif
+ #ifndef QNX4
+- if (initgroups(name, verify->gid) < 0)
+- {
+- LogError("initgroups for \"%s\" failed, errno=%d\n", name, errno);
++ if (initgroups (name, verify->gid) < 0) {
++ LogError ("initgroups for \"%s\" failed: %s\n", name,
++ _SysErrorMsg (errno));
+ return (0);
+ }
+ #endif /* QNX4 doesn't support multi-groups, no initgroups() */
+ #ifdef USE_PAM
+- if (thepamh()) {
+- pam_setcred(thepamh(), PAM_ESTABLISH_CRED);
++ if (thepamh ()) {
++ pam_setcred (thepamh (), PAM_ESTABLISH_CRED);
+ }
+ #endif
+- if (setuid(verify->uid) < 0)
+- {
+- LogError("setuid %d (user \"%s\") failed, errno=%d\n",
+- verify->uid, name, errno);
++ if (setuid (verify->uid) < 0) {
++ LogError ("setuid %d (user \"%s\") failed: %s\n",
++ verify->uid, name, _SysErrorMsg (errno));
+ return (0);
+ }
+ #else /* HAS_SETUSERCONTEXT */
+@@ -613,20 +617,17 @@
+ * Set the user's credentials: uid, gid, groups,
+ * environment variables, resource limits, and umask.
+ */
+- pwd = getpwnam(name);
+- if (pwd)
+- {
+- if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0)
+- {
+- LogError("setusercontext for \"%s\" failed, errno=%d\n", name,
+- errno);
++ pwd = getpwnam (name);
++ if (pwd) {
++ if (setusercontext (NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) {
++ LogError ("setusercontext for \"%s\" failed: %s\n", name,
++ _SysErrorMsg (errno));
+ return (0);
}
-- }
-+ }
+- endpwent();
+- }
+- else
+- {
+- LogError("getpwnam for \"%s\" failed, errno=%d\n", name, errno);
++ endpwent ();
++ } else {
++ LogError ("getpwnam for \"%s\" failed: %s\n", name,
++ _SysErrorMsg (errno));
+ return (0);
+ }
+ #endif /* HAS_SETUSERCONTEXT */
+@@ -635,9 +636,9 @@
+ * Set the user's credentials: uid, gid, groups,
+ * audit classes, user limits, and umask.
+ */
+- if (setpcred(name, NULL) == -1)
+- {
+- LogError("setpcred for \"%s\" failed, errno=%d\n", name, errno);
++ if (setpcred (name, NULL) == -1) {
++ LogError ("setpcred for \"%s\" failed: %s\n", name,
++ _SysErrorMsg (errno));
+ return (0);
+ }
+ #endif /* AIXV3 */
+@@ -751,13 +752,13 @@
+ execute (failsafeArgv, verify->userEnviron);
+ exit (1);
+ case -1:
+- bzero(passwd, strlen(passwd));
++ bzero (passwd, strlen (passwd));
+ Debug ("StartSession, fork failed\n");
+- LogError ("can't start session on \"%s\", fork failed, errno=%d\n",
+- d->name, errno);
++ LogError ("can't start session on \"%s\", fork failed: %s\n",
++ d->name, _SysErrorMsg (errno));
+ return 0;
+ default:
+- bzero(passwd, strlen(passwd));
++ bzero (passwd, strlen (passwd));
+ Debug ("StartSession, fork succeeded %d\n", pid);
+ *pidp = pid;
+ return 1;
+@@ -924,9 +925,10 @@
+ return env;
+ }
+
+-#if (defined(Lynx) && !defined(HAS_CRYPT)) || defined(SCO) &&
!defined(SCO_USA) && !defined(_SCO_DS)
+-char *crypt(char *s1, char *s2)
++#if (defined(Lynx) && !defined(HAS_CRYPT)) || (defined(SCO) &&
!defined(SCO_USA) && !defined(_SCO_DS))
++char *
++crypt (char *s1, char *s2)
+ {
+- return(s2);
++ return (s2);
+ }
+ #endif
+diff -urN xc/programs/xdm~/socket.c xc/programs/xdm/socket.c
+--- xc/programs/xdm~/socket.c 2001-12-14 15:01:24.000000000 -0500
++++ xc/programs/xdm/socket.c 2003-02-23 17:04:25.000000000 -0500
+@@ -71,7 +71,7 @@
+ Debug ("creating socket %d\n", request_port);
+ xdmcpFd = socket (AF_INET, SOCK_DGRAM, 0);
+ if (xdmcpFd == -1) {
+- LogError ("XDMCP socket creation failed, errno %d\n", errno);
++ LogError ("XDMCP socket creation failed: %s\n", _SysErrorMsg (errno));
+ return;
}
- #else
+ name = localHostname ();
+@@ -87,7 +87,8 @@
+ sock_addr.sin_addr.s_addr = htonl (INADDR_ANY);
+ if (bind (xdmcpFd, (struct sockaddr *)&sock_addr, sizeof (sock_addr)) ==
-1)
{
-- int seed;
-- int value;
-- int i;
-+ int seed;
-+ int value;
-+ int i;
- static long localkey[2] = {0,0};
--
+- LogError ("error %d binding socket address %d\n", errno, request_port);
++ LogError ("error binding socket address %d: %s\n", request_port,
++ _SysErrorMsg (errno));
+ close (xdmcpFd);
+ xdmcpFd = -1;
+ return;
+@@ -99,7 +100,7 @@
+ Debug ("Created chooser socket %d\n", chooserFd);
+ if (chooserFd == -1)
+ {
+- LogError ("chooser socket creation failed, errno %d\n", errno);
++ LogError ("chooser socket creation failed: %s\n", _SysErrorMsg (errno));
+ return;
+ }
+ listen (chooserFd, 5);
+diff -Nur xc/programs/xdm.old/util.c xc/programs/xdm/util.c
+--- xc/programs/xdm.old/util.c 2002-05-31 20:46:10.000000000 +0200
++++ xc/programs/xdm/util.c 2003-05-31 15:05:02.000000000 +0200
+@@ -55,7 +55,7 @@
+ #undef _POSIX_SOURCE
+ #endif
+ #endif
+-#if defined(__osf__) || defined(linux) || defined(__QNXNTO__) ||
defined(__GNU__)
++#if defined(__osf__) || defined(linux) || defined(__QNXNTO__) ||
defined(__GNU__) || defined(__GLIBC__)
+ #define setpgrp setpgid
+ #endif
+
+--- xc/programs/xdm/xdm.man~ 2003-02-23 18:01:10.000000000 -0500
++++ xc/programs/xdm/xdm.man 2003-02-23 18:03:47.000000000 -0500
+@@ -144,8 +144,9 @@
+ At the end of the session, the \fIXreset\fP script is run to clean up,
+ the X server is reset, and the cycle starts over.
+ .PP
+-The file \fI__projectroot__/lib/X11/xdm/xdm-errors\fP will contain error
+-messages from
++The file
++.I __projectroot__/lib/X11/xdm/xdm-errors
++will contain error messages from
+ .I xdm
+ and anything output to stderr by \fIXsetup, Xstartup, Xsession\fP
+ or \fIXreset\fP.
+@@ -305,7 +306,8 @@
+ This names a directory under which
+ .I xdm
+ stores authorization files while initializing the session. The
+-default value is \fI__projectroot__/lib/X11/xdm.\fP
++default value is
++.IR __projectroot__/lib/X11/xdm .
+ Can be overridden for specific displays by
+ DisplayManager.\fIDISPLAY\fP.authFile.
+ .IP \fBDisplayManager.autoRescan\fP
+@@ -352,7 +354,7 @@
+ .IP \fBDisplayManager.greeterLib\fP
+ On systems that support a dynamically-loadable greeter library, the
+ name of the library. The default is
+-\fI__projectroot__/lib/X11/xdm/libXdmGreet.so\fP.
++.IR __projectroot__/lib/X11/xdm/libXdmGreet.so .
+ .IP \fBDisplayManager.choiceTimeout\fP
+ Number of seconds to wait for display to respond after user has
+ selected a host from the chooser. If the display sends an XDMCP
+@@ -384,17 +386,19 @@
+ which describes the various
+ resources that are appropriate to place in this file.
+ There is no default value for this resource, but
+-\fI__projectroot__/lib/X11/xdm/Xresources\fP
++.I __projectroot__/lib/X11/xdm/Xresources
+ is the conventional name.
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.chooser\fP"
+ Specifies the program run to offer a host menu for Indirect queries
+ redirected to the special host name CHOOSER.
+-\fI__projectroot__/lib/X11/xdm/chooser\fP is the default.
+-See the sections \fBXDMCP Access Control\fP and \fBChooser\fP.
++.I __projectroot__/lib/X11/xdm/chooser
++is the default. See the sections \fBXDMCP Access Control\fP and
++\fBChooser\fP.
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.xrdb\fP"
+ Specifies the program used to load the resources. By default,
+ .I xdm
+-uses \fI__projectroot__/bin/xrdb\fP.
++uses
++.IR __projectroot__/bin/xrdb .
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.cpp\fP"
+ This specifies the name of the C preprocessor which is used by \fIxrdb\fP.
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.setup\fP"
+@@ -412,8 +416,9 @@
+ See the section \fBStartup Program.\fP
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.session\fP"
+ This specifies the session to be executed (not running as root).
+-By default, \fI__projectroot__/bin/xterm\fP is
+-run. The conventional name is \fIXsession\fP.
++By default,
++.I __projectroot__/bin/xterm
++is run. The conventional name is \fIXsession\fP.
+ See the section
+ .B "Session Program."
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.reset\fP"
+@@ -498,7 +503,9 @@
+ will fall back to this program. This program is executed with no
+ arguments, but executes using the same environment variables as
+ the session would have had (see the section \fBSession Program\fP).
+-By default, \fI__projectroot__/bin/xterm\fP is used.
++By default,
++.I __projectroot__/bin/xterm
++is used.
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.grabServer\fP"
+ .IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.grabTimeout\fP"
+ To improve security,
+@@ -577,8 +584,9 @@
+ First, the
+ .I xdm
+ configuration file should be set up.
+-Make a directory (usually \fI__projectroot__/lib/X11/xdm\fP) to contain all
+-of the relevant files.
++Make a directory (usually
++.IR __projectroot__/lib/X11/xdm )
++to contain all of the relevant files.
+ .LP
+ Here is a reasonable configuration file, which could be
+ named \fIxdm-config\fP:
+diff -urN xc/programs/xdm~/xdmauth.c xc/programs/xdm/xdmauth.c
+--- xc/programs/xdm~/xdmauth.c 2001-12-14 15:01:25.000000000 -0500
++++ xc/programs/xdm/xdmauth.c 2003-02-23 17:04:25.000000000 -0500
+@@ -45,11 +45,20 @@
+ static char auth_name[256];
+ static int auth_name_len;
+
+-void
+-XdmPrintDataHex (s, a, l)
+- char *s;
+- char *a;
+- int l;
++static void XdmPrintDataHex (char *s, char *a, int l);
++# ifdef XDMCP
++static void XdmPrintArray8Hex (char *s, ARRAY8Ptr a);
++# endif
++static Xauth *XdmGetAuthHelper (unsigned short namelen,
++ char *name,
++ int includeRho);
++# ifdef XDMCP
++static int HexToBinary (char *key);
++static int XdmGetKey (struct protoDisplay *pdpy, ARRAY8Ptr displayID);
++# endif
+
- if ( (localkey[0] == 0) && (localkey[1] == 0) ) {
--#ifdef ARC4_RANDOM
-+# ifdef ARC4_RANDOM
- localkey[0] = arc4random();
- localkey[1] = arc4random();
--#elif defined(DEV_RANDOM)
-+# elif defined(DEV_RANDOM)
- int fd;
--
-+
- if ((fd = open(DEV_RANDOM, O_RDONLY)) >= 0) {
- if (read(fd, (char *)localkey, 8) != 8) {
- localkey[0] = 1;
-@@ -242,24 +206,19 @@
- } else {
- localkey[0] = 1;
- }
--#else
-- if (!sumFile (randomFile, localkey)) {
-- localkey[0] = 1; /* To keep from continually calling sumFile()
*/
-- }
--#endif
-+# endif /* ARC4_RANDOM, DEV_RANDOM */
- }
++static void
++XdmPrintDataHex (char *s, char *a, int l)
+ {
+ int i;
-- seed = (ldata[0]+localkey[0]) + ((ldata[1]+localkey[1]) << 16);
-- xdm_srand (seed);
-- for (i = 0; i < len; i++)
-- {
-+ seed = (ldata[0]+localkey[0]) + ((ldata[1]+localkey[1]) << 16);
-+ xdm_srand (seed);
-+ for (i = 0; i < len; i++) {
- value = xdm_rand ();
- auth[i] = (value & 0xff00) >> 8;
-- }
-+ }
- value = len;
- if (value > sizeof (key))
- value = sizeof (key);
-- memmove( (char *) key, auth, value);
-+ memmove( (char *) key, auth, value);
- }
--#endif
-+#endif /* HASXDMAUTH */
+@@ -59,7 +68,7 @@
+ Debug ("\n");
}
-diff -urN xc/programs/xdm~/resource.c xc/programs/xdm/resource.c
---- xc/programs/xdm~/resource.c 2002-11-02 13:03:25.000000000 -0500
-+++ xc/programs/xdm/resource.c 2002-11-02 13:19:52.000000000 -0500
-@@ -35,11 +35,11 @@
- * resource.c
- */
--# include "dm.h"
--# include "dm_error.h"
-+#include "dm.h"
-+#include "dm_error.h"
+-#ifdef notdef /* not used */
++#if 0 /* not used */
+ void
+ XdmPrintKey (s, k)
+ char *s;
+@@ -69,20 +78,16 @@
+ }
+ #endif
--# include <X11/Intrinsic.h>
--# include <X11/Xmu/CharSet.h>
-+#include <X11/Intrinsic.h>
-+#include <X11/Xmu/CharSet.h>
+-#ifdef XDMCP
+-void
+-XdmPrintArray8Hex (s, a)
+- char *s;
+- ARRAY8Ptr a;
++# ifdef XDMCP
++static void
++XdmPrintArray8Hex (char *s, ARRAY8Ptr a)
+ {
+ XdmPrintDataHex (s, (char *) a->data, a->length);
+ }
+-#endif
++# endif
- char *config;
+ void
+-XdmInitAuth (name_len, name)
+- unsigned short name_len;
+- char *name;
++XdmInitAuth (unsigned short name_len, char *name)
+ {
+ if (name_len > 256)
+ name_len = 256;
+@@ -91,7 +96,7 @@
+ }
-@@ -62,10 +62,10 @@
- char *willing;
- int choiceTimeout; /* chooser choice timeout */
+ /*
+- * Generate authorization for XDM-AUTHORIZATION-1
++ * Generate authorization for XDM-AUTHORIZATION-1
+ *
+ * When being used with XDMCP, 8 bytes are generated for the session key
+ * (sigma), as the random number (rho) is already shared between xdm and
+@@ -99,11 +104,8 @@
+ * between xdm and the server (16 bytes total)
+ */
--# define DM_STRING 0
--# define DM_INT 1
--# define DM_BOOL 2
--# define DM_ARGV 3
-+#define DM_STRING 0
-+#define DM_INT 1
-+#define DM_BOOL 2
-+#define DM_ARGV 3
+-Xauth *
+-XdmGetAuthHelper (namelen, name, includeRho)
+- unsigned short namelen;
+- char *name;
+- int includeRho;
++static Xauth *
++XdmGetAuthHelper (unsigned short namelen, char *name, int includeRho)
+ {
+ Xauth *new;
+ new = (Xauth *) malloc (sizeof (Xauth));
+@@ -146,20 +148,17 @@
+ }
- /*
- * the following constants are supposed to be set in the makefile from
-@@ -175,9 +176,9 @@
- ""} ,
- };
+ Xauth *
+-XdmGetAuth (namelen, name)
+- unsigned short namelen;
+- char *name;
++XdmGetAuth (unsigned short namelen, char *name)
+ {
+ return XdmGetAuthHelper (namelen, name, TRUE);
+ }
--# define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0])
-+#define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0])
+-#ifdef XDMCP
++# ifdef XDMCP
--# define boffset(f) XtOffsetOf(struct display, f)
-+#define boffset(f) XtOffsetOf(struct display, f)
+ void
+-XdmGetXdmcpAuth (pdpy,authorizationNameLen, authorizationName)
+- struct protoDisplay *pdpy;
+- unsigned short authorizationNameLen;
+- char *authorizationName;
++XdmGetXdmcpAuth (struct protoDisplay *pdpy,
++ unsigned short authorizationNameLen,
++ char *authorizationName)
+ {
+ Xauth *fileauth, *xdmcpauth;
- struct displayResource {
- char *name, *class;
-@@ -225,7 +226,7 @@
- "" },
- };
+@@ -200,7 +199,9 @@
+ XdmPrintDataHex ("Accept packet auth", xdmcpauth->data,
xdmcpauth->data_length);
+ XdmPrintDataHex ("Auth file auth", fileauth->data, fileauth->data_length);
+ /* encrypt the session key for its trip back to the server */
+- XdmcpWrap (xdmcpauth->data, (unsigned char *)&pdpy->key, xdmcpauth->data,
8);
++ XdmcpWrap ((unsigned char *)&xdmcpauth->data,
++ (unsigned char *)&pdpy->key,
++ (unsigned char *)&xdmcpauth->data, 8);
+ pdpy->fileAuthorization = fileauth;
+ pdpy->xdmcpAuthorization = xdmcpauth;
+ }
+@@ -210,8 +211,7 @@
+ 'A' <= c && c <= 'F' ? c - 'A' + 10 : -1)
--# define NUM_SERVER_RESOURCES (sizeof serverResources/\
-+#define NUM_SERVER_RESOURCES (sizeof serverResources/\
- sizeof serverResources[0])
+ static int
+-HexToBinary (key)
+- char *key;
++HexToBinary (char *key)
+ {
+ char *out, *in;
+ int top, bottom;
+@@ -240,10 +240,8 @@
+ * routine accepts either plain ascii strings for keys, or hex-encoded numbers
+ */
- /* resources which control the session behaviour */
-@@ -257,7 +258,7 @@
- DEF_CHOOSER },
- };
+-int
+-XdmGetKey (pdpy, displayID)
+- struct protoDisplay *pdpy;
+- ARRAY8Ptr displayID;
++static int
++XdmGetKey (struct protoDisplay *pdpy, ARRAY8Ptr displayID)
+ {
+ FILE *keys;
+ char line[1024], id[1024], key[1024];
+@@ -305,5 +303,5 @@
+ return TRUE;
+ }
--# define NUM_SESSION_RESOURCES (sizeof sessionResources/\
-+#define NUM_SESSION_RESOURCES (sizeof sessionResources / \
- sizeof sessionResources[0])
+-#endif /* XDMCP */
++# endif /* XDMCP */
+ #endif /* HASXDMAUTH (covering the entire file) */
+diff -urN xc/programs/xdm~/xdmcp.c xc/programs/xdm/xdmcp.c
+--- xc/programs/xdm~/xdmcp.c 2003-02-23 17:03:35.000000000 -0500
++++ xc/programs/xdm/xdmcp.c 2003-02-23 17:04:25.000000000 -0500
+@@ -966,7 +966,7 @@
+ d = FindDisplayByName (name);
+ if (d)
+ {
+- Debug ("Terminating active session for %s\n", d->name);
++ LogInfo ("Terminating active session for %s\n", d->name);
+ StopDisplay (d);
+ }
+ class = malloc (displayClass.length + 1);
+diff -urN xc/programs/xdm~/xdmshell.c xc/programs/xdm/xdmshell.c
+--- xc/programs/xdm~/xdmshell.c 2001-12-14 15:01:26.000000000 -0500
++++ xc/programs/xdm/xdmshell.c 2003-02-23 17:04:25.000000000 -0500
+@@ -41,6 +41,7 @@
+ #include <stdio.h>
+ #include "dm.h"
+ #include <errno.h>
++#include <string.h>
- XrmDatabase DmResourceDB;
-diff -urN xc/programs/xdm~/xdm.man xc/programs/xdm/xdm.man
---- xc/programs/xdm~/xdm.man 2002-11-02 13:03:25.000000000 -0500
-+++ xc/programs/xdm/xdm.man 2002-11-02 13:03:51.000000000 -0500
-@@ -346,9 +346,11 @@
- to pass on to the \fIXsetup\fP,
- \fIXstartup\fP, \fIXsession\fP, and \fIXreset\fP programs.
- .IP \fBDisplayManager.randomFile\fP
--A file to checksum to generate the seed of authorization keys.
--This should be a file that changes frequently.
--The default is \fI/dev/mem\fP.
-+A file from which to gather entropy for the generation of authorization
-+keys. This resource is only used if
-+.B xdm
-+was compiled with support for the XDM-AUTHORIZATION-1 protocol and the
-+\(oqrandom\(cq device. The default is \fI/dev/random\fP.
- .IP \fBDisplayManager.greeterLib\fP
- On systems that support a dynamically-loadable greeter library, the
- name of the library. The default is
+ #ifdef macII
+ #define ON_CONSOLE_ONLY
+@@ -193,7 +194,7 @@
+ args[4] = NULL;
+ if (exec_args (cmdbuf, args) == -1) {
+ fprintf (stderr, "%s: unable to execute %s (error %d, %s)\r\n",
+- ProgramName, cmdbuf, errno, strerror(errno));
++ ProgramName, cmdbuf, errno, strerror (errno));
+ exit (1);
+ }
+
Property changes on: branches/4.3.0/sid/debian/patches/002_xdm_fixes.diff
___________________________________________________________________
Name: svn:keywords
+ Id
Deleted: branches/4.3.0/sid/debian/patches/821_gnu-freebsd_xdm.diff
===================================================================
--- branches/4.3.0/sid/debian/patches/821_gnu-freebsd_xdm.diff 2003-09-15
08:42:56 UTC (rev 529)
+++ branches/4.3.0/sid/debian/patches/821_gnu-freebsd_xdm.diff 2003-09-15
20:06:51 UTC (rev 530)
@@ -1,29 +0,0 @@
-
- the setpgrp define shouldn't be necessary if Glibc's setpgrp was
- equivalent to setpgid as described in the Glibc (info, of course)
- documentation. --Robert Millan <[EMAIL PROTECTED]>
-
-diff -Nur xc/programs/xdm.old/Imakefile xc/programs/xdm/Imakefile
---- xc/programs/xdm.old/Imakefile 2003-05-31 14:55:26.000000000 +0200
-+++ xc/programs/xdm/Imakefile 2003-05-31 15:05:02.000000000 +0200
-@@ -133,7 +133,7 @@
- RANDOM_DEFINES = -DDEV_RANDOM -DDEF_RANDOM_FILE="\"/dev/urandom\""
- #endif
-
--#if defined(LinuxArchitecture) || defined(GNUMachArchitecture)
-+#if defined(LinuxArchitecture) || defined(GNUMachArchitecture) ||
defined(GNUFreeBSDArchitecture)
- RANDOM_DEFINES = -DDEV_RANDOM -DDEF_RANDOM_FILE="\"/dev/random\""
- #endif
-
-diff -Nur xc/programs/xdm.old/util.c xc/programs/xdm/util.c
---- xc/programs/xdm.old/util.c 2002-05-31 20:46:10.000000000 +0200
-+++ xc/programs/xdm/util.c 2003-05-31 15:05:02.000000000 +0200
-@@ -55,7 +55,7 @@
- #undef _POSIX_SOURCE
- #endif
- #endif
--#if defined(__osf__) || defined(linux) || defined(__QNXNTO__) ||
defined(__GNU__)
-+#if defined(__osf__) || defined(linux) || defined(__QNXNTO__) ||
defined(__GNU__) || defined(__GLIBC__)
- #define setpgrp setpgid
- #endif
-
