[_CDCSL_93-16_]<1>Cedar>release>X11>XlAuthImpl.mesa

XlAuthImpl.mesa

Created by Christian Jacobi, October 27, 1993 11:49:40 am PDT

Christian Jacobi, October 27, 1993 5:41 pm PDT

Implements pluggable authentication for Xl

This is inverted: it does not export XlAuthFriends, but imports it so that Xl could run without XlAuthImpl.

See

/import/X11R4/source/mit/lib/Xau/README

/import/X11R4/source/mit/lib/Xau/Xauth.h

/import/X11R4/source/mit/lib/Xau/AuRead.c

/import/X11R4/source/mit/lib/Xau/AuGetAddr.c

/import/X11R4/source/mit/lib/X/XOpenDis.c

/import/X11R4/source/mit/lib/X/XConnDis.c

DIRECTORY

Arpa, Basics, <<Commander, CommanderOps,>> Convert, EnvironmentVariables, IO, PFS, RefText, Rope, SystemNames, XlAuthFriends;

XlAuthImpl: CEDAR MONITOR

IMPORTS <<Commander, CommanderOps,>> Convert, EnvironmentVariables, IO, PFS, RefText, Rope, SystemNames, XlAuthFriends =

BEGIN

AuthRec: TYPE = RECORD [

family: CARD16,

adress, displayNumber, method, data: Rope.ROPE

];

familyLocal: CARD16 = 256; --Xauth.h

familyWildCard: CARD16 = 65535; --Xauth.h

familyInternet: CARD16 = 0; --X11/X.h

familyDECnet: CARD16 = 1; --X11/X.h

familyChaos: CARD16 = 2; --X11/X.h

GetAuth: XlAuthFriends.AuthentifierProc = {

IF family=familyInternet THEN {

IF Rope.Equal[adress, "127.0.0.1"]

THEN family ¬ familyLocal

ELSE {

addr: Arpa.Address ¬ Convert.ArpaAddressFromRope[adress];

text: REF TEXT ¬ RefText.New[4];

text[0] ¬ VAL[addr.a];

text[1] ¬ VAL[addr.b];

text[2] ¬ VAL[addr.c];

text[3] ¬ VAL[addr.d];

adress ¬ Rope.FromRefText[text]

};

IF family=familyLocal THEN adress ¬ SystemNames.MachineName[];

[method: method, data: data] ¬ GetAuthorization[NIL, family, proposedMethod, adress, display];

};

GetAuthorization: PROC [fileName: Rope.ROPE ¬ NIL, rFamily: CARD16, rMethod: Rope.ROPE, rAdress: Rope.ROPE, rDisplayNumber: Rope.ROPE ¬ NIL] RETURNS [method, data: Rope.ROPE ¬ NIL] = {

ENABLE PFS.Error => GOTO PFSError;

ReadAuthRec: PROC [s: IO.STREAM] RETURNS [ar: AuthRec] = {

Read16: PROC [s: IO.STREAM] RETURNS [CARD16] = {

--always MSB first

hword: Basics.HWORD ~ IO.GetHWord[s];

RETURN [hword.hi*256+hword.lo]

};

ReadString: PROC [s: IO.STREAM] RETURNS [Rope.ROPE] = {

leng: CARD16 ~ Read16[s];

RETURN [IO.GetRope[s, leng, TRUE]]

};

ar.family ¬ Read16[s];

ar.adress ¬ ReadString[s];

ar.displayNumber ¬ ReadString[s];

ar.method ¬ ReadString[s];

ar.data ¬ ReadString[s];

};

s: IO.STREAM;

IF fileName=NIL THEN {

fileName ¬ EnvironmentVariables.Get["XAUTHORITY"];

IF Rope.IsEmpty[fileName] THEN {

fileName ¬ Rope.Concat[SystemNames.SimpleHomeDirectory[], ".Xauthority"];

};

s ¬ PFS.StreamOpen[PFS.PathFromRope[fileName]];

BEGIN --for goto out of loop

DO --until end of file or a good entry is found

ENABLE IO.EndOfStream, IO.Error => GOTO IODone;

ar: AuthRec ¬ ReadAuthRec[s];

IF ar.family=familyWildCard OR rFamily=familyWildCard OR ar.family=rFamily THEN {

IF Rope.IsEmpty[ar.adress] OR Rope.IsEmpty[rAdress] OR Rope.Equal[ar.adress, rAdress] THEN {

IF Rope.IsEmpty[ar.displayNumber] OR Rope.IsEmpty[rDisplayNumber] OR Rope.Equal[ar.displayNumber, rDisplayNumber] THEN {

IF Rope.IsEmpty[ar.method] OR Rope.IsEmpty[rMethod] OR Rope.Equal[ar.method, rMethod] THEN {

method ¬ ar.method;

data ¬ ar.data;

RETURN

};

ENDLOOP;

EXITS IODone => {}

END;

IO.Close[s];

EXITS PFSError => {method ¬ data ¬ NIL}

};

XlAuthTestCommand: Commander.CommandProc = {

method, data: Rope.ROPE;

fileName: Rope.ROPE ¬ NIL;

rFamily: CARD16 ¬ familyInternet;

rMethod: Rope.ROPE;

rAdress: Rope.ROPE;

rDisplayNumber: Rope.ROPE ¬ "0";

rMethod ¬ CommanderOps.NextArgument[cmd];

rAdress ¬ CommanderOps.NextArgument[cmd];

[method, data] ¬ GetAuth[rFamily, rAdress, rDisplayNumber, rMethod];

IO.PutF1[cmd.out, "method: ""%g""\n", IO.rope[method]];

IO.PutF1[cmd.out, "data: ""%g""\n", IO.rope[data]];

};

XlAuthFriends.authentifier ¬ GetAuth;

Commander.Register["XlAuthTest", XlAuthTestCommand, "Test"];

END.