summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOri Bernstein <ori@eigenstate.org>2018-03-14 14:53:26 -0700
committerOri Bernstein <ori@eigenstate.org>2018-03-14 14:53:26 -0700
commit6d6ba431f9c585104b4374db6fd45ff9a7b90c96 (patch)
tree3ad1d684e498244eba66c44c13b64cf5bc05bdbf
parentc66524195111b82bbd1e78e0962ca71f65979755 (diff)
downloadlibxmyrb-6d6ba431f9c585104b4374db6fd45ff9a7b90c96.tar.gz
Check auth family in auth code.
-rw-r--r--display.myr63
-rw-r--r--types.myr6
2 files changed, 59 insertions, 10 deletions
diff --git a/display.myr b/display.myr
index f1776ae..7543cea 100644
--- a/display.myr
+++ b/display.myr
@@ -56,9 +56,9 @@ const dialdpy = {dpy
var ret, buf : byte[128]
match parsedpy(buf[:], dpy)
- | `std.Ok (ds, num, scr):
+ | `std.Ok (ds, host, num, scr):
match std.dial(ds)
- | `std.Ok fd: ret = mkdisplay(fd, num, scr)
+ | `std.Ok fd: ret = mkdisplay(fd, host, num, scr)
| `std.Err e: ret =`std.Err `Econn
;;
-> ret
@@ -67,7 +67,7 @@ const dialdpy = {dpy
;;
}
-const parsedpy = {buf, dpy -> std.result((byte[:], int32, int32), err)
+const parsedpy = {buf, dpy
var host, num, scr, ds
match std.strfind(dpy, ":")
@@ -94,13 +94,16 @@ const parsedpy = {buf, dpy -> std.result((byte[:], int32, int32), err)
| _: ds = std.bfmt(buf[:], "tcp!{}!{}", host, num + 6000)
;;
- -> `std.Ok (ds, num, scr)
+ -> `std.Ok (ds, host, num, scr)
}
-const mkdisplay = {fd, dpynum, scrnum
- var dpy, auth
+const mkdisplay = {fd, host, dpynum, scrnum
+ var islocal, dpy, auth
auth = parsemagic("/home/ori/.Xauthority")
+ if host.len == 0
+ islocal = true
+ ;;
dpy = std.mk([
.num = dpynum,
.screen = scrnum,
@@ -112,7 +115,8 @@ const mkdisplay = {fd, dpynum, scrnum
.wbuf=std.slalloc(32*std.KiB),
.woff=0,
- .auth = auth
+ .auth = auth,
+ .host = std.sldup(host),
])
@@ -134,19 +138,40 @@ const freedisplay = {dpy
const handshake = {dpy
var req : byte[512]
var resp : setup#
- var auth, sz
+ var auth, zauth, valid, sz
+ zauth = [
+ .family=0,
+ .addr="",
+ .num=0,
+ .name="",
+ .data=""
+ ]
+ auth = &zauth
for a : iter.byref(dpy.auth)
match std.intparse(a.num)
| `std.None: /* skip */
| `std.Some n:
- if n == dpy.num
+ valid = false
+ match a.family
+ | AuthfamWild: valid = true
+ | AuthfamLocal: valid = std.sleq(dpy.host, "")
+ /* localhost does hostname lookup, so it should be last */
+ | AuthfamLhost: valid = islocalip(dpy.host)
+ | _: valid = false
+ ;;
+ std.put("valid: {}, a.fam: {}\n", valid, a.family)
+ if valid && n == dpy.num
auth = a
+ break
;;
;;
;;
- /* packed by hand because our donemsg function overwrites the size */
+ /*
+ packed by hand because our donemsg function overwrites the assumed
+ location of the size bytes. This message has no size field.
+ */
sz = 0
req[sz] = ('l' : byte); sz += 1 /* byte_order */
req[sz] = 0; sz += 1 /* unused */
@@ -196,6 +221,7 @@ const getnum = {datap
n = std.getbe16(datap#[0:2])
datap# = datap#[2:]
+ std.put("n: {}\n", n)
-> n
}
@@ -207,3 +233,20 @@ const getstr = {datap
datap# = datap#[len:]
-> str
}
+
+const islocalip = {host
+ const loopback = \
+ "\x00\x00\x00\x00" \
+ "\x00\x00\x00\x00" \
+ "\x00\x00\x00\x00" \
+ "\x00\x00\x00\x01" \
+
+ match std.resolve(host)
+ | `std.Err _: -> false
+ | `std.Ok inf:
+ match inf[0].addr
+ | `std.Ipv4 a: -> a[0] == 127
+ | `std.Ipv6 a: -> std.sleq(a[:], loopback)
+ ;;
+ ;;
+}
diff --git a/types.myr b/types.myr
index 5931137..9bd56ec 100644
--- a/types.myr
+++ b/types.myr
@@ -23,8 +23,14 @@ pkg xmyrb =
/* ugly: actually a setup#, but we need to avoid a loop */
setup : void#
auth : auth[:]
+ host : byte[:]
;;
+ const AuthfamLocal : uint16 = 256
+ const AuthfamWild : uint16 = 65535
+ const AuthfamNetname : uint16 = 254
+ const AuthfamKrb5 : uint16 = 253
+ const AuthfamLhost : uint16 = 252
type auth = struct
family : uint16
addr : byte[:]