diff --git a/appl/Makefile.am b/appl/Makefile.am index 58ca1eccb..e596c59cb 100644 --- a/appl/Makefile.am +++ b/appl/Makefile.am @@ -17,9 +17,7 @@ SUBDIRS = \ gssmask \ push \ su \ - xnlock \ test \ - kx \ kf \ $(dir_dce) diff --git a/appl/kx/ChangeLog b/appl/kx/ChangeLog deleted file mode 100644 index 478463027..000000000 --- a/appl/kx/ChangeLog +++ /dev/null @@ -1,457 +0,0 @@ -2007-04-19 Love Hörnquist Åstrand - - * make encoding function independent of krb4 and krb5, enable - removal of krb4 - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add man_MANS to EXTRA_DIST - -2006-05-05 Love Hörnquist Åstrand - - * Rename u_intXX_t to uintXX_t - -2005-07-09 Love Hörquist Åstrand - - * kxd.c (doit): only cleaup for active sockets, passive does it - own cleaning up - - * fix unconst and shadow warnings - -2005-07-07 Assar Westerlund - - * krb4.c: Do not assume that des_key_schedule is an - array. - -2005-06-07 Love Hörquist Åstrand - - * (recv_conn): init variables to using them uninitialized - -2005-04-30 Love Hörquist Åstrand - - * kx.c (connect_host): make sure s is initialized - -2005-04-20 Love Hörquist Åstrand - - * krb5.c: cast size_t to unsigned long - -2004-03-15 Love Hörquist Åstrand - - * krb5.c (krb5_destroy): free allocated memory, not something else - -2004-03-07 Love Hörquist Åstrand - - * rxtelnet.1: document new behavior - - * rxtelnet.in: even if kx failes, start anyway From: Harald Barth - - -2004-02-18 Love Hörquist Åstrand - - * krb4.c: remove dup on - -2004-01-08 Love Hörquist Åstrand - - * krb5.c: clean up krb5 support, log to syslog instead of stdout - (very confusing for the other end tcp connection), patch - originally from joda - -2003-11-13 Johan Danielsson - - * rxtelnet.in: add telnet -F option - -2003-05-15 Love Hörquist Åstrand - - * kxd.c (recv_conn): pass pointer to sockaddr, not pointer to - pointer - - * kxd.c (recv_conn): get sizeof of the sockaddr_storage, not the - sockaddr pointer - - * kxd.c (recv_conn): if getnameinfo failes, send error to client - (and syslog) - -2003-04-16 Johan Danielsson - - * kx.c (doit_{passive,active}): use kc->thataddr directly - - * kx.h: don't directly use sockaddr_storage, since we can't always - know what it looks like - -2003-04-11 Love Hörquist Åstrand - - * rxterm.1: spelling, from jmc - * rxtelnet.1: spelling, from jmc - * kxd.8: spelling, from jmc - * kx.1: spelling, from jmc - -2003-02-25 Love Hörquist Åstrand - - * krb4.c: remove \n from warnx, from NetBSD - -2002-12-11 Johan Danielsson - - * kx.c (connect_host): pass size of thisaddr_ss to getsockname - -2002-10-15 Johan Danielsson - - * some ipv6 support (from Love) - -2002-09-09 Johan Danielsson - - * krb5.c (krb5_authenticate): use subkey - -2002-08-22 Johan Danielsson - - * common.c: remove only reference to strndup - -2002-05-07 Johan Danielsson - - * krb5.c: use krb5_warn where appropriate - -2002-03-18 Johan Danielsson - - * rxtelnet.in, rxterm.in: add forward (-f) option - -2001-09-17 Assar Westerlund - - * kx.h: add a kludge to make it build on aix (that defines NOERROR - in both sys/stream.h and arpa/nameser.h and considers that a fatal - error) - -2001-07-12 Assar Westerlund - - * common.c (connect_local_xsocket): handle a tcp socket as last - resort - - * rxterm.in: add -K (send arguments to kx) - * rxtelnet.in: add -K (send arguments to kx) - -2001-06-21 Assar Westerlund - - * rxterm.in: add -b for pointing to the rsh program. from - - * rxtelnet.in: add -b for pointing to the telnet program. from - - -2001-01-17 Johan Danielsson - - * common.c: don't write to string constants - -2000-12-31 Assar Westerlund - - * krb5.c (krb5_make_context): handle krb5_init_context failure - consistently - -2000-10-08 Assar Westerlund - - * kxd.c (doit_passive): check that fds are not too large to select - on - * kx.c (doit_active): check that fds are not too large to select - on - * krb5.c (krb5_copy_encrypted): check that fds are not too large - to select on - * krb4.c (krb4_copy_encrypted): check that fds are not too large - to select on - -2000-07-17 Johan Danielsson - - * Makefile.am: use conditional for X - -2000-06-10 Assar Westerlund - - * Makefile.in: use INSTALL_SCRIPT for installing rxterm, rxtelnet, - tenletxr - -2000-04-19 Assar Westerlund - - * common.c: try hostname uncanonified if getaddrinfo() fails - -2000-02-06 Assar Westerlund - - * kx.h: remove old prorotypes - -2000-01-08 Assar Westerlund - - * common.c (match_local_auth): handle ai_canonname being set in - any of the addresses returnedby getaddrinfo. glibc apparently - returns the reverse lookup of every address in ai_canonname. - -1999-12-28 Assar Westerlund - - * kxd.c (main): call krb5_getportbyname with the default in - host-byte-order - -1999-12-17 Assar Westerlund - - * common.c (match_local_auth): remove extra brace. spotted by - Jakob Schlyter - -1999-12-16 Assar Westerlund - - * common.c (match_local_auth): handle ai_canonname not being set - -1999-12-06 Assar Westerlund - - * krb4.c (krb4_authenticate): the NAT address might not be the one - for the relevant realm, try anyway. - * kxd.c (recv_conn): type correctness - * kx.c (connect_host): typo - -1999-12-05 Assar Westerlund - - * common.c (INADDR_LOOPBACK): remove. now in roken. - - * kxd.c (recv_conn): use getnameinfo_verified - * kxd.c (recv_conn): replace inaddr2str with getnameinfo - -1999-12-04 Assar Westerlund - - * kx.c (connect_host): use getaddrinfo - * common.c (find_auth_cookie, match_local_auth): re-write to use - getaddrinfo - -1999-11-27 Assar Westerlund - - * kxd.c (recv_conn): better errors when getting unrecognized data - -1999-11-25 Assar Westerlund - - * krb4.c (krb4_authenticate): obtain the `local' address when - doing NAT. also turn on passive mode. From - -1999-11-18 Assar Westerlund - - * krb5.c (krb5_destroy): free the correct part of the context - -1999-11-02 Assar Westerlund - - * kx.c (main): redo the v4/v5 selection for consistency. -4 -> - try only v4 -5 -> try only v5 none, -45 -> try v5, v4 - -1999-10-10 Assar Westerlund - - * Makefile.am (CLEANFILES): add generated files so that they get - cleaned away - -1999-09-29 Assar Westerlund - - * common.c (match_local_auth): only look for FamilyLocal (and - FamilyWild) cookies. This will not work when we start talking tcp - to the local X-server but `connect_local_xsocket' and the rest of - the code doesn't handle it anyway and the old code could (and did) - pick up the wrong cookie sometimes. If we have to match - FamilyInternet cookies, the search order has to be changed anyway - -1999-09-02 Assar Westerlund - - * kxd.c (childhandler): watch for child `wait_on_pid' to die. - (recv_conn): set `wait_on_pid' instead of looping on waitpid here - also. This should solve the problem of kxd looping which was - caused by the signal handler getting invoked before this waitpid - and reaping the child leaving this poor loop without any child - -1999-08-19 Assar Westerlund - - * kxd.c (recv_conn): give better error message - (doit_active): don't die if fork gives EAGAIN - -1999-08-19 Johan Danielsson - - * kxd.c (recv_conn): call setjob on crays; - (doit_passive): if fork fails with EAGAIN, don't shutdown, just close - the connection re-implement `-t' flag - -1999-07-12 Assar Westerlund - - * Makefile.am: handle not building X programs - -1999-06-23 Assar Westerlund - - * kx.c: conditionalize krb_enable_debug - -1999-06-20 Assar Westerlund - - * kxd.c (main): hopefully do inetd confusion right - -1999-06-15 Assar Westerlund - - * krb4.c (krb4_authenticate): get rid of a warning - - * kx.h: const-pollution - - * kx.c: use get_default_username and resulting const pollution - - * context.c (context_set): const pollution - -1999-05-22 Assar Westerlund - - * kxd.c (recv_conn): fix syslog messages - (main): fix inetd_flag thinko - -1999-05-21 Assar Westerlund - - * kx.c (main): don't byte-swap the argument to krb5_getportbyname - - * kx.c (main): try to use $USERNAME - -1999-05-10 Assar Westerlund - - * Makefile.in (SOURCES*): update sources list - - * kx.c (main): forgot to conditionalize some KRB5 code - - * kxd.c (main): use getarg - (*): handle v4 and/or v5 - - * kx.h: update - - * kx.c (main): use getarg. - (*): handle v4 and/or v5 - - * common.c (do_enccopy, copy_encrypted): remove use - net_{read,write} instead of krb_net_{read,write} - (krb_get_int, krb_put_int): include fallback of these for when we - compile without krb4 - - * Makefile.am (*_SOURCES): remove encdata, add krb[45].c, - context.c - (LDADD): add krb5 - - * krb4.c, krb5.c, context.c: new files - -1999-05-08 Assar Westerlund - - * kxd.c (doit_passive): handle error code from - create_and_write_cookie - - * kx.c (doit_active): handle error code from - create_and_write_cookie - - * common.c (create_and_write_cookie): try to return better (and - correct) errors. Based on a patch from Love - - * common.c (try_pie): more braces - (match_local_auth): new function - (find_auth_cookie): new function - (replace_cookie): don't just take the first auth cookie. based on - patch from Ake Sandgren - -Wed Apr 7 23:39:23 1999 Assar Westerlund - - * common.c (get_xsockets): init local variable to get rid of a gcc - warning - -Thu Apr 1 21:11:36 1999 Johan Danielsson - - * Makefile.in: fix for writeauth.o - -Fri Mar 19 15:12:31 1999 Johan Danielsson - - * kx.c: add gcc-braces - -Thu Mar 18 11:18:20 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Thu Mar 11 14:58:32 1999 Johan Danielsson - - * writeauth.c: protoize - - * common.c: fix some warnings - -Wed Mar 10 19:33:39 1999 Johan Danielsson - - * kxd.c: openlog -> roken_openlog - -Wed Feb 3 22:01:55 1999 Assar Westerlund - - * rxtelnet.in: print out what telnet program we are running. From - - - * tenletxr.in: add --version, [-h | --help], -v - - * rxterm.in: add --version, [-h | --help], -v - - * rxtelnet.in: add --version, [-h | --help], -v - - * Makefile.in (rxterm, rxtelnet, telnetxr): substitute VERSION and - PACKAGE - - * rxtelnet.in: update usage string - -Fri Jan 22 23:51:05 1999 Assar Westerlund - - * common.c (verify_and_remove_cookies): give back a meaningful - error message if we're using the wrong cookie - -Fri Dec 18 17:42:02 1998 Assar Westerlund - - * common.c (replace_cookie): try to handle the case of not finding - any cookies - -Sun Nov 22 10:31:53 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Wed Nov 18 20:25:37 1998 Assar Westerlund - - * rxtelnet.in: new argument -n for not starting any terminal - emulator - - * kx.c (doit_passive): parse $DISPLAY correctly - -Fri Oct 2 06:34:51 1998 Assar Westerlund - - * kx.c (doit_active): check DISPLAY to figure out what local - socket to connect to. From Åke Sandgren - -Thu Oct 1 23:02:29 1998 Johan Danielsson - - * kx.h: case MAY_HAVE_X11_PIPES with Solaris - -Tue Sep 29 02:22:44 1998 Assar Westerlund - - * kx.c: fix from Ake Sandgren - -Mon Sep 28 18:04:03 1998 Johan Danielsson - - * common.c (try_pipe): return -1 if I_PUSH fails with ENOSYS - -Sat Sep 26 17:34:21 1998 Assar Westerlund - - * kxd.c: create sockets before setuid to handle Solaris' strange - permissions on /tmp/.X11-{unix,pipe} - - * common.c (chown_xsockets): new function - - * kx.h (chown_xsockets): new prototype - -Sun Aug 16 18:34:30 1998 Assar Westerlund - - * kxd.c (doit_passive): conditionalize stream pipe code - - * implement support for Solaris's named-pipe X transport - -Thu May 28 17:20:39 1998 Johan Danielsson - - * common.c: fix for (compiler?) bug in solaris 2.4 bind - - * kx.c: get_xsockets returns int, not unsigned - -Wed May 27 04:20:20 1998 Assar Westerlund - - * kxd.c (doit): better error reporting - -Tue May 26 17:41:23 1998 Johan Danielsson - - * kx.c: use krb_enable_debug - -Mon May 25 05:22:18 1998 Assar Westerlund - - * Makefile.in (clean): remove encdata.c - -Fri May 1 07:16:36 1998 Assar Westerlund - - * kx.c: unifdef -DHAVE_H_ERRNO - diff --git a/appl/kx/Makefile.am b/appl/kx/Makefile.am deleted file mode 100644 index 37036bd58..000000000 --- a/appl/kx/Makefile.am +++ /dev/null @@ -1,70 +0,0 @@ -# $Id$ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(X_CFLAGS) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -if HAVE_X - -bin_PROGRAMS = kx -bin_SCRIPTS = rxterm rxtelnet tenletxr -libexec_PROGRAMS = kxd - -else - -bin_PROGRAMS = -bin_SCRIPTS = -libexec_PROGRAMS = - -endif - -CLEANFILES = rxterm rxtelnet tenletxr - -if NEED_WRITEAUTH -XauWriteAuth_c = writeauth.c -endif - -kx_SOURCES = \ - kx.c \ - kx.h \ - common.c \ - context.c \ - krb5.c \ - $(XauWriteAuth_c) - -EXTRA_kx_SOURCES = writeauth.c - -kxd_SOURCES = \ - kxd.c \ - kx.h \ - common.c \ - context.c \ - krb5.c \ - $(XauWriteAuth_c) - -EXTRA_kxd_SOURCES = writeauth.c - -EXTRA_DIST = NTMakefile rxterm.in rxtelnet.in tenletxr.in $(man_MANS) - -man_MANS = kx.1 rxtelnet.1 rxterm.1 tenletxr.1 kxd.8 - -rxterm: rxterm.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxterm.in > $@ - chmod +x $@ - -rxtelnet: rxtelnet.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxtelnet.in > $@ - chmod +x $@ - -tenletxr: tenletxr.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/tenletxr.in > $@ - chmod +x $@ - -LDADD = \ - $(LIB_kafs) \ - $(LIB_krb5) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(X_LIBS) $(LIB_XauReadAuth) $(X_PRE_LIBS) $(X_EXTRA_LIBS) diff --git a/appl/kx/NTMakefile b/appl/kx/NTMakefile deleted file mode 100644 index 7d4b89a83..000000000 --- a/appl/kx/NTMakefile +++ /dev/null @@ -1,35 +0,0 @@ -######################################################################## -# -# Copyright (c) 2009, Secure Endpoints Inc. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# - Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# - Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# - -RELDIR=appl\kx - -!include ../../windows/NTMakefile.w32 - diff --git a/appl/kx/common.c b/appl/kx/common.c deleted file mode 100644 index b19b685f3..000000000 --- a/appl/kx/common.c +++ /dev/null @@ -1,813 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kx.h" - -RCSID("$Id$"); - -char x_socket[MaxPathLen]; - -uint32_t display_num; -char display[MaxPathLen]; -int display_size = sizeof(display); -char xauthfile[MaxPathLen]; -int xauthfile_size = sizeof(xauthfile); -u_char cookie[16]; -size_t cookie_len = sizeof(cookie); - -#ifndef X_UNIX_PATH -#define X_UNIX_PATH "/tmp/.X11-unix/X" -#endif - -#ifndef X_PIPE_PATH -#define X_PIPE_PATH "/tmp/.X11-pipe/X" -#endif - -/* - * Allocate a unix domain socket in `s' for display `dpy' and with - * filename `pattern' - * - * 0 if all is OK - * -1 if bind failed badly - * 1 if dpy is already used */ - -static int -try_socket (struct x_socket *s, int dpy, const char *pattern) -{ - struct sockaddr_un addr; - int fd; - - fd = socket (AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - err (1, "socket AF_UNIX"); - memset (&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - snprintf (addr.sun_path, sizeof(addr.sun_path), pattern, dpy); - if(bind(fd, - (struct sockaddr *)&addr, - sizeof(addr)) < 0) { - close (fd); - if (errno == EADDRINUSE || - errno == EACCES /* Cray return EACCESS */ -#ifdef ENOTUNIQ - || errno == ENOTUNIQ /* bug in Solaris 2.4 */ -#endif - ) - return 1; - else - return -1; - } - s->fd = fd; - s->pathname = strdup (addr.sun_path); - if (s->pathname == NULL) - errx (1, "strdup: out of memory"); - s->flags = UNIX_SOCKET; - return 0; -} - -#ifdef MAY_HAVE_X11_PIPES -/* - * Allocate a stream (masqueraded as a named pipe) - * - * 0 if all is OK - * -1 if bind failed badly - * 1 if dpy is already used - */ - -static int -try_pipe (struct x_socket *s, int dpy, const char *pattern) -{ - char path[MAXPATHLEN]; - int ret; - int fd; - int pipefd[2]; - - snprintf (path, sizeof(path), pattern, dpy); - fd = open (path, O_WRONLY | O_CREAT | O_EXCL, 0600); - if (fd < 0) { - if (errno == EEXIST) - return 1; - else - return -1; - } - - close (fd); - - ret = pipe (pipefd); - if (ret < 0) - err (1, "pipe"); - - ret = ioctl (pipefd[1], I_PUSH, "connld"); - if (ret < 0) { - if(errno == ENOSYS) - return -1; - err (1, "ioctl I_PUSH"); - } - - ret = fattach (pipefd[1], path); - if (ret < 0) - err (1, "fattach %s", path); - - s->fd = pipefd[0]; - close (pipefd[1]); - s->pathname = strdup (path); - if (s->pathname == NULL) - errx (1, "strdup: out of memory"); - s->flags = STREAM_PIPE; - return 0; -} -#endif /* MAY_HAVE_X11_PIPES */ - -/* - * Try to create a TCP socket in `s' corresponding to display `dpy'. - * - * 0 if all is OK - * -1 if bind failed badly - * 1 if dpy is already used - */ - -static int -try_tcp (struct x_socket *s, int dpy) -{ - struct sockaddr_in tcpaddr; - struct in_addr local; - int one = 1; - int fd; - - memset(&local, 0, sizeof(local)); - local.s_addr = htonl(INADDR_LOOPBACK); - - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - err (1, "socket AF_INET"); -#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) - setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, (void *)&one, - sizeof(one)); -#endif - memset (&tcpaddr, 0, sizeof(tcpaddr)); - tcpaddr.sin_family = AF_INET; - tcpaddr.sin_addr = local; - tcpaddr.sin_port = htons(6000 + dpy); - if (bind (fd, (struct sockaddr *)&tcpaddr, - sizeof(tcpaddr)) < 0) { - close (fd); - if (errno == EADDRINUSE) - return 1; - else - return -1; - } - s->fd = fd; - s->pathname = NULL; - s->flags = TCP; - return 0; -} - -/* - * The potential places to create unix sockets. - */ - -static char *x_sockets[] = { -X_UNIX_PATH "%u", -"/var/X/.X11-unix/X" "%u", -"/usr/spool/sockets/X11/" "%u", -NULL -}; - -/* - * Dito for stream pipes. - */ - -#ifdef MAY_HAVE_X11_PIPES -static char *x_pipes[] = { -X_PIPE_PATH "%u", -"/var/X/.X11-pipe/X" "%u", -NULL -}; -#endif - -/* - * Create the directory corresponding to dirname of `path' or fail. - */ - -static void -try_mkdir (const char *path) -{ - char *dir; - char *p; - int oldmask; - - if((dir = strdup (path)) == NULL) - errx (1, "strdup: out of memory"); - p = strrchr (dir, '/'); - if (p) - *p = '\0'; - - oldmask = umask(0); - mkdir (dir, 01777); - umask (oldmask); - free (dir); -} - -/* - * Allocate a display, returning the number of sockets in `number' and - * all the corresponding sockets in `sockets'. If `tcp_socket' is - * true, also allcoaet a TCP socket. - * - * The return value is the display allocated or -1 if an error occurred. - */ - -int -get_xsockets (int *number, struct x_socket **sockets, int tcp_socket) -{ - int dpy; - struct x_socket *s; - int n; - int i; - - s = malloc (sizeof(*s) * 5); - if (s == NULL) - errx (1, "malloc: out of memory"); - - try_mkdir (X_UNIX_PATH); - try_mkdir (X_PIPE_PATH); - - for(dpy = 4; dpy < 256; ++dpy) { - char **path; - int tmp = 0; - - n = 0; - for (path = x_sockets; *path; ++path) { - tmp = try_socket (&s[n], dpy, *path); - if (tmp == -1) { - if (errno != ENOTDIR && errno != ENOENT) - err(1, "failed to open '%s'", *path); - } else if (tmp == 1) { - while(--n >= 0) { - close (s[n].fd); - free (s[n].pathname); - } - break; - } else if (tmp == 0) - ++n; - } - if (tmp == 1) - continue; - -#ifdef MAY_HAVE_X11_PIPES - for (path = x_pipes; *path; ++path) { - tmp = try_pipe (&s[n], dpy, *path); - if (tmp == -1) { - if (errno != ENOTDIR && errno != ENOENT && errno != ENOSYS) - err(1, "failed to open '%s'", *path); - } else if (tmp == 1) { - while (--n >= 0) { - close (s[n].fd); - free (s[n].pathname); - } - break; - } else if (tmp == 0) - ++n; - } - - if (tmp == 1) - continue; -#endif - - if (tcp_socket) { - tmp = try_tcp (&s[n], dpy); - if (tmp == -1) - err(1, "failed to open tcp stocket"); - else if (tmp == 1) { - while (--n >= 0) { - close (s[n].fd); - free (s[n].pathname); - } - break; - } else if (tmp == 0) - ++n; - } - break; - } - if (dpy == 256) - errx (1, "no free x-servers"); - for (i = 0; i < n; ++i) - if (s[i].flags & LISTENP - && listen (s[i].fd, SOMAXCONN) < 0) - err (1, "listen %s", s[i].pathname ? s[i].pathname : "tcp"); - *number = n; - *sockets = s; - return dpy; -} - -/* - * Change owner on the `n' sockets in `sockets' to `uid', `gid'. - * Return 0 is succesful or -1 if an error occurred. - */ - -int -chown_xsockets (int n, struct x_socket *sockets, uid_t uid, gid_t gid) -{ - int i; - - for (i = 0; i < n; ++i) - if (sockets[i].pathname != NULL) - if (chown (sockets[i].pathname, uid, gid) < 0) - return -1; - return 0; -} - -/* - * Connect to local display `dnr' with local transport or TCP. - * Return a file descriptor. - */ - -int -connect_local_xsocket (unsigned dnr) -{ - int fd; - char **path; - - for (path = x_sockets; *path; ++path) { - struct sockaddr_un addr; - - fd = socket (AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - break; - memset (&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - snprintf (addr.sun_path, sizeof(addr.sun_path), *path, dnr); - if (connect (fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) - return fd; - close(fd); - } - { - struct sockaddr_in addr; - - fd = socket(AF_INET, SOCK_STREAM, 0); - if (fd < 0) - err (1, "socket AF_INET"); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - addr.sin_port = htons(6000 + dnr); - if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) - return fd; - close(fd); - } - err (1, "connecting to local display %u", dnr); -} - -/* - * Create a cookie file with a random cookie for the localhost. The - * file name will be stored in `xauthfile' (but not larger than - * `xauthfile_size'), and the cookie returned in `cookie', `cookie_sz'. - * Return 0 if succesful, or errno. - */ - -int -create_and_write_cookie (char *file, - size_t file_size, - u_char *cookie_buf, - size_t cookie_sz) -{ - Xauth auth; - char tmp[64]; - int fd; - FILE *f; - char hostname[MaxHostNameLen]; - int saved_errno; - - gethostname (hostname, sizeof(hostname)); - - auth.family = FamilyLocal; - auth.address = hostname; - auth.address_length = strlen(auth.address); - snprintf (tmp, sizeof(tmp), "%d", display_num); - auth.number_length = strlen(tmp); - auth.number = tmp; - auth.name = COOKIE_TYPE; - auth.name_length = strlen(auth.name); - auth.data_length = cookie_sz; - auth.data = (char*)cookie_buf; -#ifdef KRB5 - krb5_generate_random_block (cookie_buf, cookie_sz); -#else - krb_generate_random_block (cookie_buf, cookie_sz); -#endif - - strlcpy(file, "/tmp/AXXXXXX", file_size); - fd = mkstemp(file); - if(fd < 0) { - saved_errno = errno; - syslog(LOG_ERR, "create_and_write_cookie: mkstemp: %m"); - return saved_errno; - } - f = fdopen(fd, "r+"); - if(f == NULL){ - saved_errno = errno; - close(fd); - return errno; - } - if(XauWriteAuth(f, &auth) == 0) { - saved_errno = errno; - fclose(f); - return saved_errno; - } - - /* - * I would like to write a cookie for localhost:n here, but some - * stupid code in libX11 will not look for cookies of that type, - * so we are forced to use FamilyWild instead. - */ - - auth.family = FamilyWild; - auth.address_length = 0; - - if (XauWriteAuth(f, &auth) == 0) { - saved_errno = errno; - fclose (f); - return saved_errno; - } - - if(fclose(f)) - return errno; - return 0; -} - -/* - * Verify and remove cookies. Read and parse a X-connection from - * `fd'. Check the cookie used is the same as in `cookie'. Remove the - * cookie and copy the rest of it to `sock'. - * Expect cookies iff cookiesp. - * Return 0 iff ok. - * - * The protocol is as follows: - * - * C->S: [Bl] 1 - * unused 1 - * protocol major version 2 - * protocol minor version 2 - * length of auth protocol name(n) 2 - * length of auth protocol data 2 - * unused 2 - * authorization protocol name n - * pad pad(n) - * authorization protocol data d - * pad pad(d) - * - * S->C: Failed - * 0 1 - * length of reason 1 - * protocol major version 2 - * protocol minor version 2 - * length in 4 bytes unit of - * additional data (n+p)/4 2 - * reason n - * unused p = pad(n) - */ - -int -verify_and_remove_cookies (int fd, int sock, int cookiesp) -{ - u_char beg[12]; - int bigendianp; - unsigned n, d, npad, dpad; - char *protocol_name, *protocol_data; - u_char zeros[6] = {0, 0, 0, 0, 0, 0}; - u_char refused[20] = {0, 10, - 0, 0, /* protocol major version */ - 0, 0, /* protocol minor version */ - 0, 0, /* length of additional data / 4 */ - 'b', 'a', 'd', ' ', 'c', 'o', 'o', 'k', 'i', 'e', - 0, 0}; - - if (net_read (fd, beg, sizeof(beg)) != sizeof(beg)) - return 1; - if (net_write (sock, beg, 6) != 6) - return 1; - bigendianp = beg[0] == 'B'; - if (bigendianp) { - n = (beg[6] << 8) | beg[7]; - d = (beg[8] << 8) | beg[9]; - } else { - n = (beg[7] << 8) | beg[6]; - d = (beg[9] << 8) | beg[8]; - } - npad = (4 - (n % 4)) % 4; - dpad = (4 - (d % 4)) % 4; - protocol_name = malloc(n + npad); - if (n + npad != 0 && protocol_name == NULL) - return 1; - protocol_data = malloc(d + dpad); - if (d + dpad != 0 && protocol_data == NULL) { - free (protocol_name); - return 1; - } - if (net_read (fd, protocol_name, n + npad) != n + npad) - goto fail; - if (net_read (fd, protocol_data, d + dpad) != d + dpad) - goto fail; - if (cookiesp) { - if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0) - goto refused; - if (d != cookie_len || - memcmp (protocol_data, cookie, cookie_len) != 0) - goto refused; - } - free (protocol_name); - free (protocol_data); - if (net_write (sock, zeros, 6) != 6) - return 1; - return 0; -refused: - refused[2] = beg[2]; - refused[3] = beg[3]; - refused[4] = beg[4]; - refused[5] = beg[5]; - if (bigendianp) - refused[7] = 3; - else - refused[6] = 3; - - net_write (fd, refused, sizeof(refused)); -fail: - free (protocol_name); - free (protocol_data); - return 1; -} - -/* - * Return 0 iff `cookie' is compatible with the cookie for the - * localhost with name given in `ai' (or `hostname') and display - * number in `disp_nr'. - */ - -static int -match_local_auth (Xauth* auth, - struct addrinfo *ai, const char *hostname, int disp_nr) -{ - int auth_disp; - char *tmp_disp; - struct addrinfo *a; - - tmp_disp = malloc(auth->number_length + 1); - if (tmp_disp == NULL) - return -1; - memcpy(tmp_disp, auth->number, auth->number_length); - tmp_disp[auth->number_length] = '\0'; - auth_disp = atoi(tmp_disp); - free (tmp_disp); - if (auth_disp != disp_nr) - return 1; - for (a = ai; a != NULL; a = a->ai_next) { - if ((auth->family == FamilyLocal - || auth->family == FamilyWild) - && a->ai_canonname != NULL - && strncmp (auth->address, - a->ai_canonname, - auth->address_length) == 0) - return 0; - } - if (hostname != NULL - && (auth->family == FamilyLocal - || auth->family == FamilyWild) - && strncmp (auth->address, hostname, auth->address_length) == 0) - return 0; - return 1; -} - -/* - * Find `our' cookie from the cookie file `f' and return it or NULL. - */ - -static Xauth* -find_auth_cookie (FILE *f) -{ - Xauth *ret = NULL; - char local_hostname[MaxHostNameLen]; - char *display_str = getenv("DISPLAY"); - char d[MaxHostNameLen + 4]; - char *colon; - struct addrinfo *ai; - struct addrinfo hints; - int disp; - int error; - - if(display_str == NULL) - display_str = ":0"; - strlcpy(d, display_str, sizeof(d)); - display_str = d; - colon = strchr (display_str, ':'); - if (colon == NULL) - disp = 0; - else { - *colon = '\0'; - disp = atoi (colon + 1); - } - if (strcmp (display_str, "") == 0 - || strncmp (display_str, "unix", 4) == 0 - || strncmp (display_str, "localhost", 9) == 0) { - gethostname (local_hostname, sizeof(local_hostname)); - display_str = local_hostname; - } - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - error = getaddrinfo (display_str, NULL, &hints, &ai); - if (error) - ai = NULL; - - for (; (ret = XauReadAuth (f)) != NULL; XauDisposeAuth(ret)) { - if (match_local_auth (ret, ai, display_str, disp) == 0) { - if (ai != NULL) - freeaddrinfo (ai); - return ret; - } - } - if (ai != NULL) - freeaddrinfo (ai); - return NULL; -} - -/* - * Get rid of the cookie that we were sent and get the correct one - * from our own cookie file instead. - */ - -int -replace_cookie(int xserver, int fd, char *filename, int cookiesp) /* XXX */ -{ - u_char beg[12]; - int bigendianp; - unsigned n, d, npad, dpad; - FILE *f; - u_char zeros[6] = {0, 0, 0, 0, 0, 0}; - - if (net_read (fd, beg, sizeof(beg)) != sizeof(beg)) - return 1; - if (net_write (xserver, beg, 6) != 6) - return 1; - bigendianp = beg[0] == 'B'; - if (bigendianp) { - n = (beg[6] << 8) | beg[7]; - d = (beg[8] << 8) | beg[9]; - } else { - n = (beg[7] << 8) | beg[6]; - d = (beg[9] << 8) | beg[8]; - } - if (n != 0 || d != 0) - return 1; - f = fopen(filename, "r"); - if (f != NULL) { - Xauth *auth = find_auth_cookie (f); - u_char len[6] = {0, 0, 0, 0, 0, 0}; - - fclose (f); - - if (auth != NULL) { - n = auth->name_length; - d = auth->data_length; - } else { - n = 0; - d = 0; - } - if (bigendianp) { - len[0] = n >> 8; - len[1] = n & 0xFF; - len[2] = d >> 8; - len[3] = d & 0xFF; - } else { - len[0] = n & 0xFF; - len[1] = n >> 8; - len[2] = d & 0xFF; - len[3] = d >> 8; - } - if (net_write (xserver, len, 6) != 6) { - XauDisposeAuth(auth); - return 1; - } - if(n != 0 && net_write (xserver, auth->name, n) != n) { - XauDisposeAuth(auth); - return 1; - } - npad = (4 - (n % 4)) % 4; - if (npad && net_write (xserver, zeros, npad) != npad) { - XauDisposeAuth(auth); - return 1; - } - if (d != 0 && net_write (xserver, auth->data, d) != d) { - XauDisposeAuth(auth); - return 1; - } - XauDisposeAuth(auth); - dpad = (4 - (d % 4)) % 4; - if (dpad && net_write (xserver, zeros, dpad) != dpad) - return 1; - } else { - if(net_write(xserver, zeros, 6) != 6) - return 1; - } - return 0; -} - -/* - * Some simple controls on the address and corresponding socket - */ - -int -suspicious_address (int sock, struct sockaddr *addr) -{ - char data[40]; - socklen_t len = sizeof(data); - - switch (addr->sa_family) { - case AF_INET: - return ((struct sockaddr_in *)addr)->sin_addr.s_addr != - htonl(INADDR_LOOPBACK) -#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT) - || getsockopt (sock, IPPROTO_IP, IP_OPTIONS, data, &len) < 0 - || len != 0 -#endif - ; - break; -#ifdef HAVE_IPV6 - case AF_INET6: - /* XXX check route headers */ - return !IN6_IS_ADDR_LOOPBACK(&((struct sockaddr_in6*)addr)->sin6_addr); -#endif - default: - return 1; - } -} - -/* - * This really sucks, but these functions are used and if we're not - * linking against libkrb they don't exist. Using the heimdal storage - * functions will not work either cause we do not always link with - * libkrb5 either. - */ - -int -kx_get_int(void *f, uint32_t *to, int size, int lsb) -{ - int i; - unsigned char *from = (unsigned char *)f; - - *to = 0; - if(lsb){ - for(i = size-1; i >= 0; i--) - *to = (*to << 8) | from[i]; - }else{ - for(i = 0; i < size; i++) - *to = (*to << 8) | from[i]; - } - return size; -} - -int -kx_put_int(uint32_t from, void *to, size_t rem, int size) -{ - int i; - unsigned char *p = (unsigned char *)to; - - if (rem < size) - return -1; - - for(i = size - 1; i >= 0; i--){ - p[i] = from & 0xff; - from >>= 8; - } - return size; -} diff --git a/appl/kx/context.c b/appl/kx/context.c deleted file mode 100644 index a0520a382..000000000 --- a/appl/kx/context.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kx.h" - -RCSID("$Id$"); - -/* - * Set the common part of the context `kc' - */ - -void -context_set (kx_context *kc, const char *host, const char *user, int port, - int debug_flag, int keepalive_flag, int tcp_flag) -{ - kc->thisaddr = (struct sockaddr*)&kc->__ss_this; - kc->thataddr = (struct sockaddr*)&kc->__ss_that; - kc->host = host; - kc->user = user; - kc->port = port; - kc->debug_flag = debug_flag; - kc->keepalive_flag = keepalive_flag; - kc->tcp_flag = tcp_flag; -} - -/* - * dispatch functions - */ - -void -context_destroy (kx_context *kc) -{ - (*kc->destroy)(kc); -} - -int -context_authenticate (kx_context *kc, int s) -{ - return (*kc->authenticate)(kc, s); -} - -int -context_userok (kx_context *kc, char *user) -{ - return (*kc->userok)(kc, user); -} - -ssize_t -kx_read (kx_context *kc, int fd, void *buf, size_t len) -{ - return (*kc->read)(kc, fd, buf, len); -} - -ssize_t -kx_write (kx_context *kc, int fd, const void *buf, size_t len) -{ - return (*kc->write)(kc, fd, buf, len); -} - -int -copy_encrypted (kx_context *kc, int fd1, int fd2) -{ - return (*kc->copy_encrypted)(kc, fd1, fd2); -} diff --git a/appl/kx/krb5.c b/appl/kx/krb5.c deleted file mode 100644 index ded9236ef..000000000 --- a/appl/kx/krb5.c +++ /dev/null @@ -1,449 +0,0 @@ -/* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kx.h" - -RCSID("$Id$"); - -#ifdef KRB5 - -struct krb5_kx_context { - krb5_context context; - krb5_keyblock *keyblock; - krb5_crypto crypto; - krb5_principal client; - krb5_log_facility *log; - -}; - -typedef struct krb5_kx_context krb5_kx_context; - -#define K5DATA(kc) ((krb5_kx_context*)kc->data) -#define CONTEXT(kc) (K5DATA(kc)->context) - -/* - * - */ - -static void -ksyslog(krb5_context context, krb5_error_code ret, const char *fmt, ...) - __attribute__((__format__(__printf__, 3, 0))); - -static void -ksyslog(krb5_context context, krb5_error_code ret, const char *fmt, ...) -{ - const char *msg; - char *str = NULL; - va_list va; - int aret; - - msg = krb5_get_error_message(context, ret); - - va_start(va, fmt); - aret = vasprintf(&str, fmt, va); - va_end(va); - - syslog(LOG_ERR, "%s: %s", aret != -1 ? str : "(nil)", msg); - - krb5_free_error_message(context, msg); - if (aret != -1) - free(str); -} - -/* - * Destroy the krb5 context in `c'. - */ - -static void -krb5_destroy (kx_context *kc) -{ - if (K5DATA(kc)->keyblock) - krb5_free_keyblock (CONTEXT(kc), K5DATA(kc)->keyblock); - if (K5DATA(kc)->crypto) - krb5_crypto_destroy (CONTEXT(kc), K5DATA(kc)->crypto); - if (K5DATA(kc)->client) - krb5_free_principal (CONTEXT(kc), K5DATA(kc)->client); - if (CONTEXT(kc)) - krb5_free_context (CONTEXT(kc)); - memset (kc->data, 0, sizeof(krb5_kx_context)); - free (kc->data); -} - -/* - * Read the authentication information from `s' and return 0 if - * succesful, else -1. - */ - -static int -krb5_authenticate (kx_context *kc, int s) -{ - krb5_auth_context auth_context = NULL; - krb5_error_code ret; - krb5_principal server; - const char *host = kc->host; - - ret = krb5_sname_to_principal (CONTEXT(kc), - host, "host", KRB5_NT_SRV_HST, &server); - if (ret) { - krb5_warn (CONTEXT(kc), ret, "krb5_sname_to_principal: %s", host); - return 1; - } - - ret = krb5_sendauth (CONTEXT(kc), - &auth_context, - &s, - KX_VERSION, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - if (ret) { - if(ret != KRB5_SENDAUTH_BADRESPONSE) - krb5_warn (CONTEXT(kc), ret, "krb5_sendauth: %s", host); - return 1; - } - - ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context, - &K5DATA(kc)->keyblock); - if (ret) { - krb5_warn (CONTEXT(kc), ret, "krb5_auth_con_getkey: %s", host); - krb5_auth_con_free (CONTEXT(kc), auth_context); - return 1; - } - - ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock, - 0, &K5DATA(kc)->crypto); - if (ret) { - krb5_warn (CONTEXT(kc), ret, "krb5_crypto_init"); - krb5_auth_con_free (CONTEXT(kc), auth_context); - return 1; - } - return 0; -} - -/* - * Read an encapsulated krb5 packet from `fd' into `buf' (of size - * `len'). Return the number of bytes read or 0 on EOF or -1 on - * error. - */ - -static ssize_t -krb5_read (kx_context *kc, - int fd, void *buf, size_t len) -{ - size_t data_len, outer_len; - krb5_error_code ret; - unsigned char tmp[4]; - krb5_data data; - int l; - - l = krb5_net_read (CONTEXT(kc), &fd, tmp, 4); - if (l == 0) - return l; - if (l != 4) - return -1; - data_len = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; - outer_len = krb5_get_wrapped_length (CONTEXT(kc), - K5DATA(kc)->crypto, data_len); - if (outer_len > len) - return -1; - if (krb5_net_read (CONTEXT(kc), &fd, buf, outer_len) != outer_len) - return -1; - - ret = krb5_decrypt (CONTEXT(kc), K5DATA(kc)->crypto, - KRB5_KU_OTHER_ENCRYPTED, - buf, outer_len, &data); - if (ret) { - krb5_warn (CONTEXT(kc), ret, "krb5_decrypt"); - return -1; - } - if (data_len > data.length) { - krb5_data_free (&data); - return -1; - } - memmove (buf, data.data, data_len); - krb5_data_free (&data); - return data_len; -} - -/* - * Write an encapsulated krb5 packet on `fd' with the data in `buf, - * len'. Return len or -1 on error. - */ - -static ssize_t -krb5_write(kx_context *kc, - int fd, const void *buf, size_t len) -{ - krb5_data data; - krb5_error_code ret; - unsigned char tmp[4]; - size_t outlen; - - ret = krb5_encrypt (CONTEXT(kc), K5DATA(kc)->crypto, - KRB5_KU_OTHER_ENCRYPTED, - buf, len, &data); - if (ret){ - krb5_warn (CONTEXT(kc), ret, "krb5_write"); - return -1; - } - - outlen = data.length; - tmp[0] = (len >> 24) & 0xFF; - tmp[1] = (len >> 16) & 0xFF; - tmp[2] = (len >> 8) & 0xFF; - tmp[3] = (len >> 0) & 0xFF; - - if (krb5_net_write (CONTEXT(kc), &fd, tmp, 4) != 4 || - krb5_net_write (CONTEXT(kc), &fd, data.data, outlen) != outlen) { - krb5_data_free (&data); - return -1; - } - krb5_data_free (&data); - return len; -} - -/* - * Copy from the unix socket `from_fd' encrypting to `to_fd'. - * Return 0, -1 or len. - */ - -static int -copy_out (kx_context *kc, int from_fd, int to_fd) -{ - char buf[32768]; - ssize_t len; - - len = read (from_fd, buf, sizeof(buf)); - if (len == 0) - return 0; - if (len < 0) { - krb5_warn (CONTEXT(kc), errno, "read"); - return len; - } - return krb5_write (kc, to_fd, buf, len); -} - -/* - * Copy from the socket `from_fd' decrypting to `to_fd'. - * Return 0, -1 or len. - */ - -static int -copy_in (kx_context *kc, int from_fd, int to_fd) -{ - char buf[33000]; /* XXX */ - - ssize_t len; - - len = krb5_read (kc, from_fd, buf, sizeof(buf)); - if (len == 0) - return 0; - if (len < 0) { - krb5_warn (CONTEXT(kc), errno, "krb5_read"); - return len; - } - - return krb5_net_write (CONTEXT(kc), &to_fd, buf, len); -} - -/* - * Copy data between `fd1' and `fd2', encrypting in one direction and - * decrypting in the other. - */ - -static int -krb5_copy_encrypted (kx_context *kc, int fd1, int fd2) -{ - for (;;) { - fd_set fdset; - int ret; - - if (fd1 >= FD_SETSIZE || fd2 >= FD_SETSIZE) { - krb5_warnx (CONTEXT(kc), "fd too large"); - return 1; - } - - FD_ZERO(&fdset); - FD_SET(fd1, &fdset); - FD_SET(fd2, &fdset); - - ret = select (max(fd1, fd2)+1, &fdset, NULL, NULL, NULL); - if (ret < 0 && errno != EINTR) { - krb5_warn (CONTEXT(kc), errno, "select"); - return 1; - } - if (FD_ISSET(fd1, &fdset)) { - ret = copy_out (kc, fd1, fd2); - if (ret <= 0) - return ret; - } - if (FD_ISSET(fd2, &fdset)) { - ret = copy_in (kc, fd2, fd1); - if (ret <= 0) - return ret; - } - } -} - -/* - * Return 0 if the user authenticated on `kc' is allowed to login as - * `user'. - */ - -static int -krb5_userok (kx_context *kc, char *user) -{ - krb5_error_code ret; - char *tmp; - - ret = krb5_unparse_name (CONTEXT(kc), K5DATA(kc)->client, &tmp); - if (ret) - krb5_err (CONTEXT(kc), 1, ret, "krb5_unparse_name"); - kc->user = tmp; - - return !krb5_kuserok (CONTEXT(kc), K5DATA(kc)->client, user); -} - -/* - * Create an instance of an krb5 context. - */ - -void -krb5_make_context (kx_context *kc) -{ - krb5_kx_context *c; - krb5_error_code ret; - - kc->authenticate = krb5_authenticate; - kc->userok = krb5_userok; - kc->read = krb5_read; - kc->write = krb5_write; - kc->copy_encrypted = krb5_copy_encrypted; - kc->destroy = krb5_destroy; - kc->user = NULL; - kc->data = malloc(sizeof(krb5_kx_context)); - - if (kc->data == NULL) { - syslog (LOG_ERR, "failed to malloc %lu bytes", - (unsigned long)sizeof(krb5_kx_context)); - exit(1); - } - memset (kc->data, 0, sizeof(krb5_kx_context)); - c = (krb5_kx_context *)kc->data; - ret = krb5_init_context (&c->context); - if (ret) { - syslog (LOG_ERR, "failed initialise krb5 context"); - exit(1); - } -} - -/* - * Receive authentication information on `sock' (first four bytes - * in `buf'). - */ - -int -recv_v5_auth (kx_context *kc, int sock, u_char *buf) -{ - uint32_t len; - krb5_error_code ret; - krb5_principal server; - krb5_auth_context auth_context = NULL; - krb5_ticket *ticket; - - if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0) - return 1; - len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]); - if (net_read(sock, buf, len) != len) { - syslog (LOG_ERR, "read: %m"); - exit (1); - } - if (len != sizeof(KRB5_SENDAUTH_VERSION) - || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) { - syslog (LOG_ERR, "bad sendauth version: %.8s", buf); - exit (1); - } - - krb5_make_context (kc); - krb5_openlog(CONTEXT(kc), "kxd", &K5DATA(kc)->log); - krb5_set_warn_dest(CONTEXT(kc), K5DATA(kc)->log); - - ret = krb5_sock_to_principal (CONTEXT(kc), sock, "host", - KRB5_NT_SRV_HST, &server); - if (ret) { - ksyslog (CONTEXT(kc), ret, "krb5_sock_to_principal"); - exit (1); - } - - ret = krb5_recvauth (CONTEXT(kc), - &auth_context, - &sock, - KX_VERSION, - server, - KRB5_RECVAUTH_IGNORE_VERSION, - NULL, - &ticket); - krb5_free_principal (CONTEXT(kc), server); - if (ret) { - ksyslog (CONTEXT(kc), ret, "krb5_recvauth"); - exit (1); - } - - ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context, &K5DATA(kc)->keyblock); - if (ret) { - ksyslog (CONTEXT(kc), ret, "krb5_auth_con_getkey"); - exit (1); - } - - ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock, 0, &K5DATA(kc)->crypto); - if (ret) { - ksyslog (CONTEXT(kc), ret, "krb5_crypto_init"); - exit (1); - } - - K5DATA(kc)->client = ticket->client; - ticket->client = NULL; - krb5_free_ticket (CONTEXT(kc), ticket); - - krb5_auth_con_free(CONTEXT(kc), auth_context); - - return 0; -} - -#endif /* KRB5 */ diff --git a/appl/kx/kx.1 b/appl/kx/kx.1 deleted file mode 100644 index 2f5e35cec..000000000 --- a/appl/kx/kx.1 +++ /dev/null @@ -1,92 +0,0 @@ -.\" Copyright (c) 1996 - 1997 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id$ -.\" -.Dd September 27, 1996 -.Dt KX 1 -.Os KTH-KRB -.Sh NAME -.Nm kx -.Nd securely forward X conections -.Sh SYNOPSIS -.Ar kx -.Op Fl l Ar username -.Op Fl k -.Op Fl d -.Op Fl t -.Op Fl p Ar port -.Op Fl P -.Ar host -.Sh DESCRIPTION -The -.Nm -program forwards an X connection from a remote client to a local screen -through an authenticated and encrypted stream. Options supported by -.Nm kx : -.Bl -tag -width Ds -.It Fl l -Log in on the remote the host as user -.Ar username . -.It Fl k -Do not enable keep-alives on the TCP connections. -.It Fl d -Do not fork. This is mainly useful for debugging. -.It Fl t -Listen not only on a UNIX-domain socket but on a TCP socket as well. -.It Fl p -Use the port -.Ar port . -.It Fl P -Force passive mode. -.El -.Pp -This program is used by -.Nm rxtelnet -and -.Nm rxterm -and you should not need to run it directly. -.Pp -It connects to a -.Nm kxd -on the host -.Ar host -and then will relay the traffic from the remote X clients to the local -server. When started, it prints the display and Xauthority-file to be -used on host -.Ar host -and then goes to the background, waiting for connections from the -remote -.Nm kxd . -.Sh SEE ALSO -.Xr rxtelnet 1 , -.Xr rxterm 1 , -.Xr kxd 8 diff --git a/appl/kx/kx.c b/appl/kx/kx.c deleted file mode 100644 index 66363939b..000000000 --- a/appl/kx/kx.c +++ /dev/null @@ -1,711 +0,0 @@ -/* - * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kx.h" - -RCSID("$Id$"); - -static int nchild; -static int donep; - -/* - * Signal handler that justs waits for the children when they die. - */ - -static RETSIGTYPE -childhandler (int sig) -{ - pid_t pid; - int status; - - do { - pid = waitpid (-1, &status, WNOHANG|WUNTRACED); - if (pid > 0 && (WIFEXITED(status) || WIFSIGNALED(status))) - if (--nchild == 0 && donep) - exit (0); - } while(pid > 0); - signal (SIGCHLD, childhandler); - SIGRETURN(0); -} - -/* - * Handler for SIGUSR1. - * This signal means that we should wait until there are no children - * left and then exit. - */ - -static RETSIGTYPE -usr1handler (int sig) -{ - donep = 1; - - SIGRETURN(0); -} - -/* - * Almost the same as for SIGUSR1, except we should exit immediately - * if there are no active children. - */ - -static RETSIGTYPE -usr2handler (int sig) -{ - donep = 1; - if (nchild == 0) - exit (0); - - SIGRETURN(0); -} - -/* - * Establish authenticated connection. Return socket or -1. - */ - -static int -connect_host (kx_context *kc) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - socklen_t addrlen; - int s = -1; - struct sockaddr_storage thisaddr_ss; - struct sockaddr *thisaddr = (struct sockaddr *)&thisaddr_ss; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(kc->port)); - - error = getaddrinfo (kc->host, portstr, &hints, &ai); - if (error) { - warnx ("%s: %s", kc->host, gai_strerror(error)); - return -1; - } - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", kc->host); - close (s); - continue; - } - break; - } - - if (a == NULL) { - freeaddrinfo (ai); - return -1; - } - - addrlen = sizeof(thisaddr_ss); - if (getsockname (s, thisaddr, &addrlen) < 0 || - addrlen != a->ai_addrlen) - err(1, "getsockname(%s)", kc->host); - memcpy (&kc->__ss_this, thisaddr, sizeof(kc->__ss_this)); - kc->thisaddr_len = addrlen; - memcpy (&kc->__ss_that, a->ai_addr, sizeof(kc->__ss_that)); - kc->thataddr_len = a->ai_addrlen; - freeaddrinfo (ai); - if ((*kc->authenticate)(kc, s)) - return -1; - return s; -} - -/* - * Get rid of the cookie that we were sent and get the correct one - * from our own cookie file instead and then just copy data in both - * directions. - */ - -static int -passive_session (int xserver, int fd, kx_context *kc) -{ - if (replace_cookie (xserver, fd, XauFileName(), 1)) - return 1; - else - return copy_encrypted (kc, xserver, fd); -} - -static int -active_session (int xserver, int fd, kx_context *kc) -{ - if (verify_and_remove_cookies (xserver, fd, 1)) - return 1; - else - return copy_encrypted (kc, xserver, fd); -} - -/* - * fork (unless debugp) and print the output that will be used by the - * script to capture the display, xauth cookie and pid. - */ - -static void -status_output (int debugp) -{ - if(debugp) - printf ("%u\t%s\t%s\n", (unsigned)getpid(), display, xauthfile); - else { - pid_t pid; - - pid = fork(); - if (pid < 0) { - err(1, "fork"); - } else if (pid > 0) { - printf ("%u\t%s\t%s\n", (unsigned)pid, display, xauthfile); - exit (0); - } else { - fclose(stdout); - } - } -} - -/* - * Obtain an authenticated connection on `kc'. Send a kx message - * saying we are `kc->user' and want to use passive mode. Wait for - * answer on that connection and fork of a child for every new - * connection we have to make. - */ - -static int -doit_passive (kx_context *kc) -{ - int otherside; - u_char msg[1024], *p; - int len; - uint32_t tmp; - const char *host = kc->host; - - otherside = connect_host (kc); - - if (otherside < 0) - return 1; -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (kc->keepalive_flag) { - int one = 1; - - setsockopt (otherside, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - - p = msg; - *p++ = INIT; - len = strlen(kc->user); - p += kx_put_int (len, p, sizeof(msg) - 1, 4); - memcpy(p, kc->user, len); - p += len; - *p++ = PASSIVE | (kc->keepalive_flag ? KEEP_ALIVE : 0); - if (kx_write (kc, otherside, msg, p - msg) != p - msg) - err (1, "write to %s", host); - len = kx_read (kc, otherside, msg, sizeof(msg)); - if (len <= 0) - errx (1, - "error reading initial message from %s: " - "this probably means it's using an old version.", - host); - p = (u_char *)msg; - if (*p == ERROR) { - p++; - p += kx_get_int (p, &tmp, 4, 0); - errx (1, "%s: %.*s", host, (int)tmp, p); - } else if (*p != ACK) { - errx (1, "%s: strange msg %d", host, *p); - } else - p++; - p += kx_get_int (p, &tmp, 4, 0); - memcpy(display, p, tmp); - display[tmp] = '\0'; - p += tmp; - - p += kx_get_int (p, &tmp, 4, 0); - memcpy(xauthfile, p, tmp); - xauthfile[tmp] = '\0'; - p += tmp; - - status_output (kc->debug_flag); - for (;;) { - pid_t child; - - len = kx_read (kc, otherside, msg, sizeof(msg)); - if (len < 0) - err (1, "read from %s", host); - else if (len == 0) - return 0; - - p = (u_char *)msg; - if (*p == ERROR) { - p++; - p += kx_get_int (p, &tmp, 4, 0); - errx (1, "%s: %.*s", host, (int)tmp, p); - } else if(*p != NEW_CONN) { - errx (1, "%s: strange msg %d", host, *p); - } else { - p++; - p += kx_get_int (p, &tmp, 4, 0); - } - - ++nchild; - child = fork (); - if (child < 0) { - warn("fork"); - continue; - } else if (child == 0) { - int fd; - int xserver; - - close (otherside); - - socket_set_port(kc->thataddr, htons(tmp)); - - fd = socket (kc->thataddr->sa_family, SOCK_STREAM, 0); - if (fd < 0) - err(1, "socket"); -#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) - { - int one = 1; - - setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, (void *)&one, - sizeof(one)); - } -#endif -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (kc->keepalive_flag) { - int one = 1; - - setsockopt (fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - - if (connect (fd, kc->thataddr, kc->thataddr_len) < 0) - err(1, "connect(%s)", host); - { - int d = 0; - char *s; - - s = getenv ("DISPLAY"); - if (s != NULL) { - s = strchr (s, ':'); - if (s != NULL) - d = atoi (s + 1); - } - - xserver = connect_local_xsocket (d); - if (xserver < 0) - return 1; - } - return passive_session (xserver, fd, kc); - } else { - } - } -} - -/* - * Allocate a local pseudo-xserver and wait for connections - */ - -static int -doit_active (kx_context *kc) -{ - int otherside; - int nsockets; - struct x_socket *sockets; - u_char msg[1024], *p; - int len; - int tmp, tmp2; - char *str; - int i; - size_t rem; - uint32_t other_port; - int error; - const char *host = kc->host; - - otherside = connect_host (kc); - if (otherside < 0) - return 1; -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (kc->keepalive_flag) { - int one = 1; - - setsockopt (otherside, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - p = msg; - rem = sizeof(msg); - *p++ = INIT; - --rem; - len = strlen(kc->user); - tmp = kx_put_int (len, p, rem, 4); - if (tmp < 0) - return 1; - p += tmp; - rem -= tmp; - memcpy(p, kc->user, len); - p += len; - rem -= len; - *p++ = (kc->keepalive_flag ? KEEP_ALIVE : 0); - --rem; - - str = getenv("DISPLAY"); - if (str == NULL || (str = strchr(str, ':')) == NULL) - str = ":0"; - len = strlen (str); - tmp = kx_put_int (len, p, rem, 4); - if (tmp < 0) - return 1; - rem -= tmp; - p += tmp; - memcpy (p, str, len); - p += len; - rem -= len; - - str = getenv("XAUTHORITY"); - if (str == NULL) - str = ""; - len = strlen (str); - tmp = kx_put_int (len, p, rem, 4); - if (tmp < 0) - return 1; - p += len; - rem -= len; - memcpy (p, str, len); - p += len; - rem -= len; - - if (kx_write (kc, otherside, msg, p - msg) != p - msg) - err (1, "write to %s", host); - - len = kx_read (kc, otherside, msg, sizeof(msg)); - if (len < 0) - err (1, "read from %s", host); - p = (u_char *)msg; - if (*p == ERROR) { - uint32_t u32; - - p++; - p += kx_get_int (p, &u32, 4, 0); - errx (1, "%s: %.*s", host, (int)u32, p); - } else if (*p != ACK) { - errx (1, "%s: strange msg %d", host, *p); - } - - tmp2 = get_xsockets (&nsockets, &sockets, kc->tcp_flag); - if (tmp2 < 0) - errx(1, "Failed to open sockets"); - display_num = tmp2; - if (kc->tcp_flag) - snprintf (display, display_size, "localhost:%u", display_num); - else - snprintf (display, display_size, ":%u", display_num); - error = create_and_write_cookie (xauthfile, xauthfile_size, - cookie, cookie_len); - if (error) - errx(1, "failed creating cookie file: %s", strerror(error)); - - status_output (kc->debug_flag); - for (;;) { - fd_set fdset; - pid_t child; - int fd, thisfd = -1; - socklen_t zero = 0; - - FD_ZERO(&fdset); - for (i = 0; i < nsockets; ++i) { - if (sockets[i].fd >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(sockets[i].fd, &fdset); - } - if (select(FD_SETSIZE, &fdset, NULL, NULL, NULL) <= 0) - continue; - for (i = 0; i < nsockets; ++i) - if (FD_ISSET(sockets[i].fd, &fdset)) { - thisfd = sockets[i].fd; - break; - } - fd = accept (thisfd, NULL, &zero); - if (fd < 0) { - if (errno == EINTR) - continue; - else - err(1, "accept"); - } - - p = msg; - *p++ = NEW_CONN; - if (kx_write (kc, otherside, msg, p - msg) != p - msg) - err (1, "write to %s", host); - len = kx_read (kc, otherside, msg, sizeof(msg)); - if (len < 0) - err (1, "read from %s", host); - p = (u_char *)msg; - if (*p == ERROR) { - uint32_t val; - - p++; - p += kx_get_int (p, &val, 4, 0); - errx (1, "%s: %.*s", host, (int)val, p); - } else if (*p != NEW_CONN) { - errx (1, "%s: strange msg %d", host, *p); - } else { - p++; - p += kx_get_int (p, &other_port, 4, 0); - } - - ++nchild; - child = fork (); - if (child < 0) { - warn("fork"); - continue; - } else if (child == 0) { - int s; - - for (i = 0; i < nsockets; ++i) - close (sockets[i].fd); - - close (otherside); - - socket_set_port(kc->thataddr, htons(tmp)); - - s = socket (kc->thataddr->sa_family, SOCK_STREAM, 0); - if (s < 0) - err(1, "socket"); -#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) - { - int one = 1; - - setsockopt (s, IPPROTO_TCP, TCP_NODELAY, (void *)&one, - sizeof(one)); - } -#endif -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (kc->keepalive_flag) { - int one = 1; - - setsockopt (s, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - - if (connect (s, kc->thataddr, kc->thataddr_len) < 0) - err(1, "connect"); - - return active_session (fd, s, kc); - } else { - close (fd); - } - } -} - -/* - * Should we interpret `disp' as this being a passive call? - */ - -static int -check_for_passive (const char *disp) -{ - char local_hostname[MaxHostNameLen]; - - gethostname (local_hostname, sizeof(local_hostname)); - - return disp != NULL && - (*disp == ':' - || strncmp(disp, "unix", 4) == 0 - || strncmp(disp, "localhost", 9) == 0 - || strncmp(disp, local_hostname, strlen(local_hostname)) == 0); -} - -/* - * Set up signal handlers and then call the functions. - */ - -static int -doit (kx_context *kc, int passive_flag) -{ - signal (SIGCHLD, childhandler); - signal (SIGUSR1, usr1handler); - signal (SIGUSR2, usr2handler); - if (passive_flag) - return doit_passive (kc); - else - return doit_active (kc); -} - -#ifdef KRB5 - -/* - * Start a v5-authenticatated kx connection. - */ - -static int -doit_v5 (const char *host, int port, const char *user, - int passive_flag, int debug_flag, int keepalive_flag, int tcp_flag) -{ - int ret; - kx_context context; - - krb5_make_context (&context); - context_set (&context, - host, user, port, debug_flag, keepalive_flag, tcp_flag); - - ret = doit (&context, passive_flag); - context_destroy (&context); - return ret; -} -#endif /* KRB5 */ - -/* - * Variables set from the arguments - */ - -#ifdef KRB5 -static int use_v5 = -1; -#endif -static char *port_str = NULL; -static const char *user = NULL; -static int tcp_flag = 0; -static int passive_flag = 0; -static int keepalive_flag = 1; -static int debug_flag = 0; -static int version_flag = 0; -static int help_flag = 0; - -struct getargs args[] = { -#ifdef KRB5 - { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5", - NULL }, -#endif - { "port", 'p', arg_string, &port_str, "Use this port", - "number-of-service" }, - { "user", 'l', arg_string, &user, "Run as this user", - NULL }, - { "tcp", 't', arg_flag, &tcp_flag, - "Use a TCP connection for X11", NULL }, - { "passive", 'P', arg_flag, &passive_flag, - "Force a passive connection", NULL }, - { "keepalive", 'k', arg_negative_flag, &keepalive_flag, - "disable keep-alives", NULL }, - { "debug", 'd', arg_flag, &debug_flag, - "Enable debug information", NULL }, - { "version", 0, arg_flag, &version_flag, "Print version", - NULL }, - { "help", 0, arg_flag, &help_flag, NULL, - NULL } -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "host"); - exit (ret); -} - -/* - * kx - forward an x-connection over a kerberos-encrypted channel. - */ - -int -main(int argc, char **argv) -{ - int port = 0; - int optidx = 0; - int ret = 1; - char *host = NULL; - - setprogname (argv[0]); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optidx)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - if (optidx != argc - 1) - usage (1); - - host = argv[optidx]; - - if (port_str) { - struct servent *s = roken_getservbyname (port_str, "tcp"); - - if (s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - - if (user == NULL) { - user = get_default_username (); - if (user == NULL) - errx (1, "who are you?"); - } - - if (!passive_flag) - passive_flag = check_for_passive (getenv("DISPLAY")); - -#if defined(HAVE_KERNEL_ENABLE_DEBUG) - if (krb_debug_flag) - krb_enable_debug (); -#endif - -#ifdef KRB5 - if (ret && use_v5) { - if (port == 0) - port = krb5_getportbyname(NULL, "kx", "tcp", KX_PORT); - ret = doit_v5 (host, port, user, - passive_flag, debug_flag, keepalive_flag, tcp_flag); - } -#endif - return ret; -} diff --git a/appl/kx/kx.h b/appl/kx/kx.h deleted file mode 100644 index dbc5c08ee..000000000 --- a/appl/kx/kx.h +++ /dev/null @@ -1,249 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id$ */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif /* HAVE_CONFIG_H */ - -#include -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif -#ifdef HAVE_SYSLOG_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_TCP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYS_UN_H -#include -#endif -#include -#include -#include - -#ifdef HAVE_SYS_STREAM_H -#include -#endif -#ifdef HAVE_SYS_STROPTS_H -#include -#endif - -/* defined by aix's sys/stream.h and again by arpa/nameser.h */ - -#undef NOERROR - -/* as far as we know, this is only used with later versions of Slowlaris */ -#if SunOS >= 50 && defined(HAVE_SYS_STROPTS_H) && defined(HAVE_FATTACH) && defined(I_PUSH) -#define MAY_HAVE_X11_PIPES -#endif - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#ifdef KRB5 -#include -#endif - -#include -#include -#include - -struct x_socket { - char *pathname; - int fd; - enum { - LISTENP = 0x80, - TCP = LISTENP | 1, - UNIX_SOCKET = LISTENP | 2, - STREAM_PIPE = 3 - } flags; -}; - -extern char x_socket[]; -extern uint32_t display_num; -extern char display[]; -extern int display_size; -extern char xauthfile[]; -extern int xauthfile_size; -extern u_char cookie[]; -extern size_t cookie_len; - -int get_xsockets (int *number, struct x_socket **sockets, int tcpp); -int chown_xsockets (int n, struct x_socket *sockets, uid_t uid, gid_t gid); - -int connect_local_xsocket (unsigned dnr); -int create_and_write_cookie (char *file, - size_t file_size, - u_char *cookie_buf, - size_t sz); -int verify_and_remove_cookies (int fd, int sock, int cookiesp); -int replace_cookie(int xserver, int fd, char *filename, int cookiesp); - -int suspicious_address (int sock, struct sockaddr *addr); - -#define KX_PORT 2111 - -#define KX_OLD_VERSION "KXSERV.1" -#define KX_VERSION "KXSERV.2" - -#define COOKIE_TYPE "MIT-MAGIC-COOKIE-1" - -enum { INIT = 0, ACK = 1, NEW_CONN = 2, ERROR = 3 }; - -enum kx_flags { PASSIVE = 1, KEEP_ALIVE = 2 }; - -typedef enum kx_flags kx_flags; - -struct kx_context { - int (*authenticate)(struct kx_context *kc, int s); - int (*userok)(struct kx_context *kc, char *user); - ssize_t (*read)(struct kx_context *kc, - int fd, void *buf, size_t len); - ssize_t (*write)(struct kx_context *kc, - int fd, const void *buf, size_t len); - int (*copy_encrypted)(struct kx_context *kc, - int fd1, int fd2); - void (*destroy)(struct kx_context *kc); - const char *host; - const char *user; - int port; - int debug_flag; - int keepalive_flag; - int tcp_flag; - struct sockaddr_storage __ss_this; - struct sockaddr_storage __ss_that; - struct sockaddr *thisaddr; - struct sockaddr *thataddr; - socklen_t thisaddr_len, thataddr_len; - void *data; -}; - -typedef struct kx_context kx_context; - -void -context_set (kx_context *kc, const char *host, const char *user, int port, - int debug_flag, int keepalive_flag, int tcp_flag); - -void -context_destroy (kx_context *kc); - -int -context_authenticate (kx_context *kc, int s); - -int -context_userok (kx_context *kc, char *user); - -ssize_t -kx_read (kx_context *kc, int fd, void *buf, size_t len); - -ssize_t -kx_write (kx_context *kc, int fd, const void *buf, size_t len); - -int -copy_encrypted (kx_context *kc, int fd1, int fd2); - -#ifdef KRB5 - -void -krb5_make_context (kx_context *c); - -int -recv_v5_auth (kx_context *kc, int sock, u_char *buf); - -#endif - -void -fatal (kx_context *kc, int fd, char *format, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 3, 4))) -#endif -; - -int -kx_get_int(void *f, uint32_t *to, int size, int lsb); - -int -kx_put_int(uint32_t from, void *to, size_t rem, int size); diff --git a/appl/kx/kxd.8 b/appl/kx/kxd.8 deleted file mode 100644 index 4a0101ec2..000000000 --- a/appl/kx/kxd.8 +++ /dev/null @@ -1,83 +0,0 @@ -.\" Copyright (c) 1996 - 1997, 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id$ -.\" -.Dd September 27, 1996 -.Dt KXD 8 -.Os KTH-KRB -.Sh NAME -.Nm kxd -.Nd securely forward X conections -.Sh SYNOPSIS -.Ar kxd -.Op Fl t -.Op Fl i -.Op Fl p Ar port -.Sh DESCRIPTION -This is the daemon for -.Nm kx . -.Pp -Options supported by -.Nm kxd : -.Bl -tag -width Ds -.It Fl t -TCP. Normally -.Nm kxd -will only listen for X connections on a UNIX socket, but some machines -(for example, Cray) have X libraries that are not able to use UNIX -sockets and thus you need to use TCP to talk to the pseudo-xserver -created by -.Nm kxd . -This option decreases the security significantly and should only be -used when it is necessary and you have considered the consequences of -doing so. -.It Fl i -Interactive. Do not expect to be started by -.Nm inetd , -but allocate and listen to the socket yourself. Handy for testing -and debugging. -.It Fl p -Port. Listen on the port -.Ar port . -Only usable with -.Fl i . -.El -.Sh EXAMPLES -Put the following in -.Pa /etc/inetd.conf : -.Bd -literal -kx stream tcp nowait root /usr/athena/libexec/kxd kxd -.Ed -.Sh SEE ALSO -.Xr kx 1 , -.Xr rxtelnet 1 , -.Xr rxterm 1 diff --git a/appl/kx/kxd.c b/appl/kx/kxd.c deleted file mode 100644 index f817e1ad3..000000000 --- a/appl/kx/kxd.c +++ /dev/null @@ -1,780 +0,0 @@ -/* - * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kx.h" - -RCSID("$Id$"); - -static pid_t wait_on_pid = -1; -static int done = 0; - -/* - * Signal handler that justs waits for the children when they die. - */ - -static RETSIGTYPE -childhandler (int sig) -{ - pid_t pid; - int status; - - do { - pid = waitpid (-1, &status, WNOHANG|WUNTRACED); - if (pid > 0 && pid == wait_on_pid) - done = 1; - } while(pid > 0); - signal (SIGCHLD, childhandler); - SIGRETURN(0); -} - -/* - * Print the error message `format' and `...' on fd and die. - */ - -void -fatal (kx_context *kc, int fd, char *format, ...) -{ - u_char msg[1024]; - u_char *p; - va_list args; - int len; - - va_start(args, format); - p = msg; - *p++ = ERROR; - vsnprintf ((char *)p + 4, sizeof(msg) - 5, format, args); - syslog (LOG_ERR, "%s", (char *)p + 4); - len = strlen ((char *)p + 4); - p += kx_put_int (len, p, 4, 4); - p += len; - kx_write (kc, fd, msg, p - msg); - va_end(args); - exit (1); -} - -/* - * Remove all sockets and cookie files. - */ - -static void -cleanup(int nsockets, struct x_socket *sockets) -{ - int i; - - if(xauthfile[0]) - unlink(xauthfile); - for (i = 0; i < nsockets; ++i) { - if (sockets[i].pathname != NULL) { - unlink (sockets[i].pathname); - free (sockets[i].pathname); - } - } - free(sockets); -} - -/* - * Prepare to receive a connection on `sock'. - */ - -static int -recv_conn (int sock, kx_context *kc, - int *dispnr, int *nsockets, struct x_socket **sockets, - int tcp_flag) -{ - u_char msg[1024], *p; - char user[256]; - socklen_t addrlen; - struct passwd *passwd; - char remotehost[MaxHostNameLen]; - char remoteaddr[INET6_ADDRSTRLEN]; - int ret = 1; - int flags; - int len; - uint32_t tmp32; - - memset(kc, 0, sizeof(*kc)); - *nsockets = 0; - *sockets = NULL; - *dispnr = 0; - - addrlen = sizeof(kc->__ss_this); - kc->thisaddr = (struct sockaddr*)&kc->__ss_this; - if (getsockname (sock, kc->thisaddr, &addrlen) < 0) { - syslog (LOG_ERR, "getsockname: %m"); - exit (1); - } - kc->thisaddr_len = addrlen; - addrlen = sizeof(kc->__ss_that); - kc->thataddr = (struct sockaddr*)&kc->__ss_that; - if (getpeername (sock, kc->thataddr, &addrlen) < 0) { - syslog (LOG_ERR, "getpeername: %m"); - exit (1); - } - kc->thataddr_len = addrlen; - - getnameinfo_verified (kc->thataddr, - kc->thataddr_len, - remotehost, sizeof(remotehost), - NULL, 0, 0); - - if (net_read (sock, msg, 4) != 4) { - syslog (LOG_ERR, "read: %m"); - exit (1); - } - -#ifdef KRB5 - if (ret && recv_v5_auth (kc, sock, msg) == 0) - ret = 0; -#endif - if (ret) { - syslog (LOG_ERR, "unrecognized auth protocol: %x %x %x %x", - msg[0], msg[1], msg[2], msg[3]); - exit (1); - } - - len = kx_read (kc, sock, msg, sizeof(msg)); - if (len < 0) { - syslog (LOG_ERR, "kx_read failed"); - exit (1); - } - p = (u_char *)msg; - if (*p != INIT) - fatal(kc, sock, "Bad message"); - p++; - if ((p - msg) < sizeof(msg)) - fatal(kc, sock, "user"); - - p += kx_get_int (p, &tmp32, 4, 0); - if (tmp32 >= sizeof(user) - 1) - fatal(kc, sock, "user name too long"); - if ((p - msg) + tmp32 >= sizeof(msg)) - fatal(kc, sock, "user too long"); - memcpy (user, p, tmp32); - p += tmp32; - user[tmp32] = '\0'; - - passwd = k_getpwnam (user); - if (passwd == NULL) - fatal (kc, sock, "cannot find uid for %s", user); - - if (context_userok (kc, user) != 0) - fatal (kc, sock, "%s not allowed to login as %s", - kc->user, user); - - if ((p - msg) >= sizeof(msg)) - fatal(kc, sock, "user too long"); - - flags = *p++; - - if (flags & PASSIVE) { - pid_t pid; - int tmp; - - tmp = get_xsockets (nsockets, sockets, tcp_flag); - if (tmp < 0) { - fatal (kc, sock, "Cannot create X socket(s): %s", - strerror(errno)); - } - *dispnr = tmp; - - if (chown_xsockets (*nsockets, *sockets, - passwd->pw_uid, passwd->pw_gid)) { - cleanup (*nsockets, *sockets); - fatal (kc, sock, "Cannot chown sockets: %s", - strerror(errno)); - } - - pid = fork(); - if (pid == -1) { - cleanup (*nsockets, *sockets); - fatal (kc, sock, "fork: %s", strerror(errno)); - } else if (pid != 0) { - wait_on_pid = pid; - while (!done) - pause (); - cleanup (*nsockets, *sockets); - exit (0); - } - } - - if (setgid (passwd->pw_gid) || - initgroups(passwd->pw_name, passwd->pw_gid) || -#ifdef HAVE_GETUDBNAM /* XXX this happens on crays */ - setjob(passwd->pw_uid, 0) == -1 || -#endif - setuid(passwd->pw_uid)) { - syslog(LOG_ERR, "setting uid/groups: %m"); - fatal (kc, sock, "cannot set uid"); - } - - ret = getnameinfo(kc->thataddr, kc->thataddr_len, - remoteaddr, sizeof(remoteaddr), - NULL, 0, NI_NUMERICHOST); - if (ret != 0) - fatal (kc, sock, "getnameinfo failed: %s", gai_strerror(ret)); - - syslog (LOG_INFO, "from %s(%s): %s -> %s", - remotehost, remoteaddr, - kc->user, user); - umask(077); - if (!(flags & PASSIVE)) { - p += kx_get_int (p, &tmp32, 4, 0); - if (tmp32 > display_size) - fatal(kc, sock, "display too large"); - if ((p - msg) + tmp32 + 8 >= sizeof(msg)) - fatal(kc, sock, "user too long"); - memcpy (display, p, tmp32); - display[tmp32] = '\0'; - p += tmp32; - p += kx_get_int (p, &tmp32, 4, 0); - len = min(tmp32, xauthfile_size); - memcpy (xauthfile, p, len); - xauthfile[len] = '\0'; - } -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (flags & KEEP_ALIVE) { - int one = 1; - - setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - return flags; -} - -/* - * - */ - -static int -passive_session (kx_context *kc, int fd, int sock, int cookiesp) -{ - if (verify_and_remove_cookies (fd, sock, cookiesp)) - return 1; - else - return copy_encrypted (kc, fd, sock); -} - -/* - * - */ - -static int -active_session (kx_context *kc, int fd, int sock, int cookiesp) -{ - fd = connect_local_xsocket(0); - - if (replace_cookie (fd, sock, xauthfile, cookiesp)) - return 1; - else - return copy_encrypted (kc, fd, sock); -} - -/* - * Handle a new connection. - */ - -static int -doit_conn (kx_context *kc, - int fd, int meta_sock, int flags, int cookiesp) -{ - int sock, sock2, port; - struct sockaddr_storage __ss_addr; - struct sockaddr *addr = (struct sockaddr*)&__ss_addr; - struct sockaddr_storage __ss_thisaddr; - struct sockaddr *thisaddr = (struct sockaddr*)&__ss_thisaddr; - socklen_t addrlen; - u_char msg[1024], *p; - - sock = socket (kc->thisaddr->sa_family, SOCK_STREAM, 0); - if (sock < 0) { - syslog (LOG_ERR, "socket: %m"); - return 1; - } -#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) - { - int one = 1; - setsockopt (sock, IPPROTO_TCP, TCP_NODELAY, (void *)&one, sizeof(one)); - } -#endif -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - if (flags & KEEP_ALIVE) { - int one = 1; - - setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, - sizeof(one)); - } -#endif - memset (&__ss_addr, 0, sizeof(__ss_addr)); - __ss_addr.ss_family = kc->thisaddr->sa_family; - if (kc->thisaddr_len > sizeof(__ss_addr)) { - syslog(LOG_ERR, "error in af"); - return 1; - } - if (bind (sock, addr, kc->thisaddr_len) < 0) { - syslog (LOG_ERR, "bind: %m"); - return 1; - } - addrlen = sizeof(__ss_addr); - if (getsockname (sock, addr, &addrlen) < 0) { - syslog (LOG_ERR, "getsockname: %m"); - return 1; - } - if (listen (sock, SOMAXCONN) < 0) { - syslog (LOG_ERR, "listen: %m"); - return 1; - } - port = socket_get_port(addr); - - p = msg; - *p++ = NEW_CONN; - p += kx_put_int (ntohs(port), p, 4, 4); - - if (kx_write (kc, meta_sock, msg, p - msg) < 0) { - syslog (LOG_ERR, "write: %m"); - return 1; - } - - addrlen = sizeof(__ss_thisaddr); - sock2 = accept (sock, thisaddr, &addrlen); - if (sock2 < 0) { - syslog (LOG_ERR, "accept: %m"); - return 1; - } - close (sock); - close (meta_sock); - - if (flags & PASSIVE) - return passive_session (kc, fd, sock2, cookiesp); - else - return active_session (kc, fd, sock2, cookiesp); -} - -/* - * Is the current user the owner of the console? - */ - -static void -check_user_console (kx_context *kc, int fd) -{ - struct stat sb; - - if (stat ("/dev/console", &sb) < 0) - fatal (kc, fd, "Cannot stat /dev/console: %s", strerror(errno)); - if (getuid() != sb.st_uid) - fatal (kc, fd, "Permission denied"); -} - -/* close down the new connection with a reasonable error message */ -static void -close_connection(int fd, const char *message) -{ - char buf[264]; /* max message */ - char *p; - int lsb = 0; - size_t mlen; - - mlen = strlen(message); - if(mlen > 255) - mlen = 255; - - /* read first part of connection packet, to get byte order */ - if(read(fd, buf, 6) != 6) { - close(fd); - return; - } - if(buf[0] == 0x6c) - lsb++; - p = buf; - *p++ = 0; /* failed */ - *p++ = mlen; /* length of message */ - p += 4; /* skip protocol version */ - p += 2; /* skip additional length */ - memcpy(p, message, mlen); /* copy message */ - p += mlen; - while((p - buf) % 4) /* pad to multiple of 4 bytes */ - *p++ = 0; - - /* now fill in length of additional data */ - if(lsb) { - buf[6] = (p - buf - 8) / 4; - buf[7] = 0; - }else{ - buf[6] = 0; - buf[7] = (p - buf - 8) / 4; - } - write(fd, buf, p - buf); - close(fd); -} - - -/* - * Handle a passive session on `sock' - */ - -static int -doit_passive (kx_context *kc, - int sock, - int flags, - int dispnr, - int nsockets, - struct x_socket *sockets, - int tcp_flag) -{ - int tmp; - int len; - size_t rem; - u_char msg[1024], *p; - int error; - - display_num = dispnr; - if (tcp_flag) - snprintf (display, display_size, "localhost:%u", display_num); - else - snprintf (display, display_size, ":%u", display_num); - error = create_and_write_cookie (xauthfile, xauthfile_size, - cookie, cookie_len); - if (error) { - cleanup(nsockets, sockets); - fatal (kc, sock, "Cookie-creation failed: %s", strerror(error)); - return 1; - } - - p = msg; - rem = sizeof(msg); - *p++ = ACK; - --rem; - - len = strlen (display); - tmp = kx_put_int (len, p, rem, 4); - if (tmp < 0 || rem < len + 4) { - syslog (LOG_ERR, "doit: buffer too small"); - cleanup(nsockets, sockets); - return 1; - } - p += tmp; - rem -= tmp; - - memcpy (p, display, len); - p += len; - rem -= len; - - len = strlen (xauthfile); - tmp = kx_put_int (len, p, rem, 4); - if (tmp < 0 || rem < len + 4) { - syslog (LOG_ERR, "doit: buffer too small"); - cleanup(nsockets, sockets); - return 1; - } - p += tmp; - rem -= tmp; - - memcpy (p, xauthfile, len); - p += len; - rem -= len; - - if(kx_write (kc, sock, msg, p - msg) < 0) { - syslog (LOG_ERR, "write: %m"); - cleanup(nsockets, sockets); - return 1; - } - for (;;) { - pid_t child; - int fd = -1; - fd_set fds; - int i; - int ret; - int cookiesp = TRUE; - - FD_ZERO(&fds); - if (sock >= FD_SETSIZE) { - syslog (LOG_ERR, "fd too large"); - cleanup(nsockets, sockets); - return 1; - } - - FD_SET(sock, &fds); - for (i = 0; i < nsockets; ++i) { - if (sockets[i].fd >= FD_SETSIZE) { - syslog (LOG_ERR, "fd too large"); - cleanup(nsockets, sockets); - return 1; - } - FD_SET(sockets[i].fd, &fds); - } - ret = select(FD_SETSIZE, &fds, NULL, NULL, NULL); - if(ret <= 0) - continue; - if(FD_ISSET(sock, &fds)){ - /* there are no processes left on the remote side - */ - cleanup(nsockets, sockets); - exit(0); - } else if(ret) { - for (i = 0; i < nsockets; ++i) { - if (FD_ISSET(sockets[i].fd, &fds)) { - if (sockets[i].flags == TCP) { - struct sockaddr_storage __ss_peer; - struct sockaddr *peer = (struct sockaddr*)&__ss_peer; - socklen_t slen = sizeof(__ss_peer); - - fd = accept (sockets[i].fd, - peer, - &slen); - if (fd < 0 && errno != EINTR) - syslog (LOG_ERR, "accept: %m"); - - /* XXX */ - if (fd >= 0 && suspicious_address (fd, peer)) { - close (fd); - fd = -1; - errno = EINTR; - } - } else if(sockets[i].flags == UNIX_SOCKET) { - socklen_t zero = 0; - - fd = accept (sockets[i].fd, NULL, &zero); - - if (fd < 0 && errno != EINTR) - syslog (LOG_ERR, "accept: %m"); -#ifdef MAY_HAVE_X11_PIPES - } else if(sockets[i].flags == STREAM_PIPE) { - /* - * this code tries to handle the - * send fd-over-pipe stuff for - * solaris - */ - - struct strrecvfd strrecvfd; - - ret = ioctl (sockets[i].fd, - I_RECVFD, &strrecvfd); - if (ret < 0 && errno != EINTR) { - syslog (LOG_ERR, "ioctl I_RECVFD: %m"); - } - - /* XXX */ - if (ret == 0) { - if (strrecvfd.uid != getuid()) { - close (strrecvfd.fd); - fd = -1; - errno = EINTR; - } else { - fd = strrecvfd.fd; - cookiesp = FALSE; - } - } -#endif /* MAY_HAVE_X11_PIPES */ - } else - abort (); - break; - } - } - } - if (fd < 0) { - if (errno == EINTR) - continue; - else - return 1; - } - - child = fork (); - if (child < 0) { - syslog (LOG_ERR, "fork: %m"); - if(errno != EAGAIN) - return 1; - close_connection(fd, strerror(errno)); - } else if (child == 0) { - for (i = 0; i < nsockets; ++i) - close (sockets[i].fd); - return doit_conn (kc, fd, sock, flags, cookiesp); - } else { - close (fd); - } - } -} - -/* - * Handle an active session on `sock' - */ - -static int -doit_active (kx_context *kc, - int sock, - int flags, - int tcp_flag) -{ - u_char msg[1024], *p; - - check_user_console (kc, sock); - - p = msg; - *p++ = ACK; - - if(kx_write (kc, sock, msg, p - msg) < 0) { - syslog (LOG_ERR, "write: %m"); - return 1; - } - for (;;) { - pid_t child; - int len; - - len = kx_read (kc, sock, msg, sizeof(msg)); - if (len < 0) { - syslog (LOG_ERR, "read: %m"); - return 1; - } - p = (u_char *)msg; - if (*p != NEW_CONN) { - syslog (LOG_ERR, "bad_message: %d", *p); - return 1; - } - - child = fork (); - if (child < 0) { - syslog (LOG_ERR, "fork: %m"); - if (errno != EAGAIN) - return 1; - } else if (child == 0) { - return doit_conn (kc, sock, sock, flags, 1); - } else { - } - } -} - -/* - * Receive a connection on `sock' and process it. - */ - -static int -doit(int sock, int tcp_flag) -{ - int ret; - kx_context context; - int dispnr; - int nsockets; - struct x_socket *sockets; - int flags; - - flags = recv_conn (sock, &context, &dispnr, &nsockets, &sockets, tcp_flag); - - if (flags & PASSIVE) { - ret = doit_passive (&context, sock, flags, dispnr, - nsockets, sockets, tcp_flag); - } else { - ret = doit_active (&context, sock, flags, tcp_flag); - cleanup(nsockets, sockets); - } - context_destroy (&context); - return ret; -} - -static char *port_str = NULL; -static int inetd_flag = 1; -static int tcp_flag = 0; -static int version_flag = 0; -static int help_flag = 0; - -struct getargs args[] = { - { "inetd", 'i', arg_negative_flag, &inetd_flag, - "Not started from inetd", NULL }, - { "tcp", 't', arg_flag, &tcp_flag, "Use TCP", - NULL }, - { "port", 'p', arg_string, &port_str, "Use this port", - "port" }, - { "version", 0, arg_flag, &version_flag, NULL, NULL }, - { "help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "host"); - exit (ret); -} - -/* - * kxd - receive a forwarded X conncection - */ - -int -main (int argc, char **argv) -{ - int port; - int optidx = 0; - - setprogname (argv[0]); - roken_openlog ("kxd", LOG_ODELAY | LOG_PID, LOG_DAEMON); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optidx)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - if(port_str) { - struct servent *s = roken_getservbyname (port_str, "tcp"); - - if (s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "bad port `%s'", port_str); - port = htons(port); - } - } else { -#if defined(KRB5) - port = krb5_getportbyname(NULL, "kx", "tcp", KX_PORT); -#else -#error define KRB5 -#endif - } - - if (!inetd_flag) - mini_inetd (port, NULL); - - signal (SIGCHLD, childhandler); - return doit(STDIN_FILENO, tcp_flag); -} diff --git a/appl/kx/rxtelnet.1 b/appl/kx/rxtelnet.1 deleted file mode 100644 index 8cdb5ae80..000000000 --- a/appl/kx/rxtelnet.1 +++ /dev/null @@ -1,128 +0,0 @@ -.\" Copyright (c) 1996 - 1998, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id$ -.\" -.Dd March 7, 2004 -.Dt RXTELNET 1 -.Os KTH_KRB -.Sh NAME -.Nm rxtelnet -.Nd start a telnet and forward X-connections. -.Sh SYNOPSIS -.Nm rxtelnet -.Op Fl l Ar username -.Op Fl k -.Op Fl t Ar telnet_args -.Op Fl x Ar xterm_args -.Op Fl K Ar kx_args -.Op Fl w Ar term_emulator -.Op Fl b Ar telnet_program -.Op Fl n -.Op Fl v -.Ar host -.Op Ar port -.Sh DESCRIPTION -The -.Nm -program starts an -.Nm xterm -window with a telnet to host -.Ar host . -From this window you will also be able to run X clients that will be -able to connect securely to your X server. If -.Ar port -is given, that port will be used instead of the default. -.Pp -If setting up the X forwarding failes, -.Nm -will still telnet in to the remote host, but without X forwarding. -.Pp -The supported options are: -.Bl -tag -width Ds -.It Fl l -Log in on the remote host as user -.Ar username . -.It Fl k -Disables keep-alives. -.It Fl t -Send -.Ar telnet_args -as arguments to -.Nm telnet . -.It Fl x -Send -.Ar xterm_args -as arguments to -.Nm xterm . -.It Fl X -Send -.Ar kx_args -as arguments to -.Nm kx . -.It Fl w -Use -.Ar term_emulator -instead of xterm. -.It Fl b -Use -.Ar telnet_program -instead of telnet. -.It Fl n -Do not start any terminal emulator. -.It Fl v -Be verbose. -.El -.Sh EXAMPLE -To login from host -.Va foo -(where your display is) -to host -.Va bar , -you might do the following. -.Bl -enum -.It -On foo: -.Nm -.Va bar -.It -You will get a new window with a -.Nm telnet -to -.Va bar . -In this window you will be able to start X clients. -.El -.Sh SEE ALSO -.Xr kx 1 , -.Xr rxterm 1 , -.Xr telnet 1 , -.Xr tenletxr 1 , -.Xr kxd 8 diff --git a/appl/kx/rxtelnet.in b/appl/kx/rxtelnet.in deleted file mode 100644 index d5cf010f2..000000000 --- a/appl/kx/rxtelnet.in +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/sh -# $Id$ -# -usage="Usage: $0 [-l username] [-k] [-fF] [-t args_to_telnet] [-x args_to_xterm] [-K args_to_kx] [-w term_emulator] [-b telnet_binary] [-n] [-v] [-h | --help] [--version] host [port]" -binary=telnet -term= -kx_args=-P -while true -do - case $1 in - -l) telnet_args="${telnet_args} -l $2 "; kx_args="${kx_args} -l $2"; title="${2}@"; shift 2;; - -t) telnet_args="${telnet_args} $2 "; shift 2;; - -x) xterm_args="${xterm_args} $2 "; shift 2;; - -f) telnet_args="${telnet_args} -f"; shift;; - -F) telnet_args="${telnet_args} -F"; shift;; - -k) kx_args="${kx_args} -k"; shift;; - -K) kx_args="${kx_args} $2 "; shift 2;; - -n) term=none; shift;; - -w) term=$2; shift 2;; - -b) binary=$2; shift 2;; - --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; - -h) echo $usage; exit 0;; - --help) echo $usage; exit 0;; - -v) set -x; verb=1; shift;; - -*) echo "$0: Bad option $1"; echo $usage; exit 1;; - *) break;; - esac -done -if test $# -lt 1; then - echo $usage - exit 1 -fi -host=$1 -port=$2 -title="${title}${host}" -bindir=%bindir% -pdc_trams=`dirname $0` -PATH=$pdc_trams:$bindir:$PATH -export PATH -set -- `kx $kx_args $host` -if test $# -ne 3; then - echo "Warning: Cound not setup X forwarding" - pid=NO - disp="" - auth="" -else - screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` - pid=$1 - disp=${2}${screen} - auth=$3 -fi -oldifs=$IFS -IFS=: -set -- $PATH -IFS=$oldifs -if test -z "$term"; then - for j in xterm dtterm aixterm dxterm hpterm; do - for i in $*; do - test -n "$i" || i="." - if test -x $i/$j; then - term=$j; break 2 - fi - done - done -fi -test "$verb" && echo "Telnet command used is `type $binary`." -if test -n "$term" -a "$term" != "none"; then - ($term -title $title -n $title $xterm_args -e env DISPLAY=$disp XAUTHORITY=$auth $binary -D $telnet_args $host $port; test x"$pid" != xNO && kill -USR2 $pid) & -else - env DISPLAY=$disp XAUTHORITY=$auth $binary -D $telnet_args $host $port - test x"$pid" != xNO && kill -USR2 $pid -fi diff --git a/appl/kx/rxterm.1 b/appl/kx/rxterm.1 deleted file mode 100644 index a7e848c6e..000000000 --- a/appl/kx/rxterm.1 +++ /dev/null @@ -1,120 +0,0 @@ -.\" Copyright (c) 1996 - 1997, 2001 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id$ -.\" -.Dd April 11, 2003 -.Dt RXTERM 1 -.Os KTH_KRB -.Sh NAME -.Nm rxterm -.Nd start a secure remote xterm -.Sh SYNOPSIS -.Nm rxterm -.Op Fl l Ar username -.Op Fl k -.Op Fl r Ar rsh_args -.Op Fl x Ar xterm_args -.Op Fl K Ar kx_args -.Op Fl w Ar term_emulator -.Op Fl b Ar rsh_program -.Ar host -.Op Ar port -.Sh DESCRIPTION -The -.Nm -program starts an -.Nm xterm -window on host -.Ar host . -From this window you will also be able to run X clients that will be -able to connect securely to your X server. If -.Ar port -is given, that port will be used instead of the default. -.Pp -The supported options are: -.Bl -tag -width Ds -.It Fl l -Log in on the remote host as user -.Ar username . -.It Fl k -Disable keep-alives. -.It Fl r -Send -.Ar rsh_args -as arguments to -.Nm rsh . -.It Fl x -Send -.Ar xterm_args -as arguments to -.Nm xterm . -.It Fl X -Send -.Ar kx_args -as arguments to -.Nm kx . -.It Fl w -Use -.Ar term_emulator -instead of xterm. -.It Fl b -Use -.Ar rsh_program -instead of rsh. -.It Fl v -Be verbose. -.El -.Sh EXAMPLE -To login from host -.Va foo -(where your display is) -to host -.Va bar , -you might do the following. -.Bl -enum -.It -On foo: -.Nm -.Va bar -.It -You will get a new window running an -.Nm xterm -on host -.Va bar . -In this window you will be able to start X clients. -.El -.Sh SEE ALSO -.Xr kx 1 , -.Xr rsh 1 , -.Xr rxtelnet 1 , -.Xr tenletxr 1 , -.Xr kxd 8 diff --git a/appl/kx/rxterm.in b/appl/kx/rxterm.in deleted file mode 100644 index d0a409031..000000000 --- a/appl/kx/rxterm.in +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh -# $Id$ -# -usage="Usage: $0 [-l username] [-k] [-f] [-r rsh_args] [-x xterm_args] [-K kx_args] [-w term_emulator] [-b rsh_binary][-v] [-h | --help] [--version] host" -binary=rsh -term=xterm -while true -do - case $1 in - -l) rsh_args="${rsh_args} -l $2 "; kx_args="${kx_args} -l $2"; title="${2}@"; shift 2;; - -r) rsh_args="${rsh_args} $2 "; shift 2;; - -x) xterm_args="${xterm_args} $2 "; shift 2;; - -f) rsh_args="${rsh_args} -f"; shift;; - -k) kx_args="${kx_args} -k"; shift;; - -K) kx_args="${kx_args} $2 "; shift 2;; - -w) term=$2; shift 2;; - -b) binary=$2; shift 2;; - --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; - -h) echo $usage; exit 0;; - --help) echo $usage; exit 0;; - -v) set -x; shift;; - -*) echo "$0: Bad option $1"; echo $usage; exit 1;; - *) break;; - esac -done -if test $# -lt 1; then - echo "Usage: $0 host [arguments to $term]" - exit 1 -fi -host=$1 -title="${title}${host}" -bindir=%bindir% -pdc_trams=`dirname $0` -PATH=$pdc_trams:$bindir:$PATH -export PATH -set -- `kx $kx_args $host` -if test $# -ne 3; then - exit 1 -fi -screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` -pid=$1 -disp=${2}${screen} -auth=$3 -kill -USR1 $pid -$binary -n $rsh_args $host "/bin/sh -c 'DISPLAY=$disp XAUTHORITY=$auth $term -T $title -n $title $xterm_args /dev/null 2>/dev/null &'" diff --git a/appl/kx/tenletxr.1 b/appl/kx/tenletxr.1 deleted file mode 100644 index e030d1534..000000000 --- a/appl/kx/tenletxr.1 +++ /dev/null @@ -1,91 +0,0 @@ -.\" Copyright (c) 1997, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id$ -.\" -.Dd March 31, 1997 -.Dt TENLETXR 1 -.Os KTH_KRB -.Sh NAME -.Nm tenletxr -.Nd forward X-connections backwards. -.Sh SYNOPSIS -.Nm tenletxr -.Op Fl l Ar username -.Op Fl k -.Ar host -.Op Ar port -.Sh DESCRIPTION -The -.Nm -program -enables forwarding of X-connections from this machine to host -.Ar host . -If -.Ar port -is given, that port will be used instead of the default. -.Pp -The supported options are: -.Bl -tag -width Ds -.It Fl l -Log in on the remote host as user -.Ar username -.It Fl k -Disables keep-alives. -.El -.Sh EXAMPLE -To login from host -.Va foo -to host -.Va bar -(where your display is), -you might do the following. -.Bl -enum -.It -On foo: -.Nm -.Va bar -.It -You will get a new shell where you will be able to start X clients -that will show their windows on -.Va bar . -.El -.Sh BUGS -It currently checks if you have permission to run it by checking if -you own -.Pa /dev/console -on the remote host. -.Sh SEE ALSO -.Xr kx 1 , -.Xr rxtelnet 1 , -.Xr rxterm 1 , -.Xr telnet 1 , -.Xr kxd 8 diff --git a/appl/kx/tenletxr.in b/appl/kx/tenletxr.in deleted file mode 100644 index e0b57ae8c..000000000 --- a/appl/kx/tenletxr.in +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh -# $Id$ -# -usage="Usage: $0 [-l username] [-k] [-v] [-h | --help] [--version] host [port]" -while true -do - case $1 in - -l) kx_args="${kx_args} -l $2"; shift 2;; - -k) kx_args="${kx_args} -k"; shift;; - --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; - -h) echo $usage; exit 0;; - --help) echo $usage; exit 0;; - -v) set -x; shift;; - -*) echo "$0: Bad option $1"; echo $usage; exit 1;; - *) break;; - esac -done -if test $# -lt 1; then - echo $usage - exit 1 -fi -host=$1 -port=$2 -bindir=%bindir% -pdc_trams=`dirname $0` -PATH=$pdc_trams:$bindir:$PATH -export PATH -set -- `kx $kx_args $host` -if test $# -ne 3; then - exit 1 -fi -screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` -pid=$1 -disp=${2}${screen} -auth=$3 -env DISPLAY=$disp XAUTHORITY=$auth $SHELL -kill -USR2 $pid diff --git a/appl/kx/writeauth.c b/appl/kx/writeauth.c deleted file mode 100644 index d142278c9..000000000 --- a/appl/kx/writeauth.c +++ /dev/null @@ -1,73 +0,0 @@ -/* $XConsortium: AuWrite.c,v 1.6 94/04/17 20:15:45 gildea Exp $ */ - -/* - -Copyright (c) 1988 X Consortium - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name of the X Consortium shall not be -used in advertising or otherwise to promote the sale, use or other dealings -in this Software without prior written authorization from the X Consortium. - -*/ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id$"); -#endif - -#include - -static int -write_short (unsigned short s, FILE *file) -{ - unsigned char file_short[2]; - - file_short[0] = (s & (unsigned)0xff00) >> 8; - file_short[1] = s & 0xff; - if (fwrite (file_short, sizeof (file_short), 1, file) != 1) - return 0; - return 1; -} - -static int -write_counted_string (unsigned short count, char *string, FILE *file) -{ - if (write_short (count, file) == 0) - return 0; - if (fwrite (string, (int) sizeof (char), (int) count, file) != count) - return 0; - return 1; -} - -int -XauWriteAuth (FILE *auth_file, Xauth *auth) -{ - if (write_short (auth->family, auth_file) == 0) - return 0; - if (write_counted_string (auth->address_length, auth->address, auth_file) == 0) - return 0; - if (write_counted_string (auth->number_length, auth->number, auth_file) == 0) - return 0; - if (write_counted_string (auth->name_length, auth->name, auth_file) == 0) - return 0; - if (write_counted_string (auth->data_length, auth->data, auth_file) == 0) - return 0; - return 1; -} diff --git a/appl/xnlock/ChangeLog b/appl/xnlock/ChangeLog deleted file mode 100644 index c1188ef08..000000000 --- a/appl/xnlock/ChangeLog +++ /dev/null @@ -1,159 +0,0 @@ -2007-07-28 Love Hörnquist Åstrand - - * xnlock.c: Add --help. - -2006-10-21 Love Hörnquist Åstrand - - * xnlock.c: Don't include , its x11's "roken.h" and we - do that just fine ourself thanks. - -2006-05-13 Love Hörnquist Åstrand - - * xnlock.c (main): argc_in_out argument to XtVaAppInitialize - should be an 'int *' accoring to manpage and headerfile, so remove - the cast added in 1996 - (rev 1.54) - -2005-10-22 Love Hörnquist Åstrand - - * xnlock.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell - -2005-04-06 Love Hörnquist Åstrand - - * xnlock.c: use NULL as last argument to execl, not 0 - -2005-01-09 Love Hörnquist Åstrand - - * xnlock.c: get_v4_tgt only used when compileing with kerberos 4 - support - -2004-09-08 Johan Danielsson - - * xnlock.c: use krb5_appdefault_boolean instead of - krb5_config_get_bool - -2004-03-22 Johan Danielsson - - * xnlock.c: protect the world from des_encrypt in crypt.h - -2004-03-01 Love Hörnquist Åstrand - - * xnlock.c: include , From: Fredrik Ljungberg - - -2003-09-30 Love Hörnquist Åstrand - - * xnlock.c (verify_krb5): set mcred.client too - -2003-08-25 Johan Danielsson - - * Makefile.am: fix automake conditional foo - -2003-08-16 Love Hörnquist Åstrand - - * Makefile.am: Don't do local checks on xnlock, it only passes if - there is a working X11 socket, XXX should really be fixed in - xnlock - -2003-07-07 Love Hörnquist Åstrand - - * xnlock.c (verify_krb5): use krb5_cc_clear_mcred - -2003-05-06 Johan Danielsson - - * no checks here - -2003-04-29 Love Hörnquist Åstrand - - * xnlock.c: include kafs.h in the krb5 case - -2003-04-14 Love Hörnquist Åstrand - - * xnlock.c (GetPasswd): cast argument to isprint to unsigned char, - From Christian Biere via NetBSD - -2003-03-18 Love Hörnquist Åstrand - - * xnlock.c: do krb5_afslog when compling with afs support - -2003-02-10 Assar Westerlund - - * xnlock.c (verify): move ret to where it's used - -2002-08-23 Assar Westerlund - - * xnlock.c: add --version as a special case - -2001-06-24 Assar Westerlund - - * xnlock.c (verify_krb5): remove unused variable - -2001-03-15 Johan Danielsson - - * xnlock.c: don't explicitly set the krb4 ticket file - -2000-12-31 Assar Westerlund - - * xnlock.c (main): handle krb5_init_context failure consistently - -2000-07-17 Johan Danielsson - - * Makefile.am: use conditional for X - -2000-04-09 Assar Westerlund - - * xnlock.c (verfiy_krb5): get the v4-realm from the v5-ticket and - not from the default one. - * xnlock.c (verify_krb5): add obtainting of v4 tickets. - -1999-11-17 Assar Westerlund - - * Makefile.am: only build when we have X11. From: Simon Josefsson - - -Thu Mar 18 11:21:44 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Wed Mar 17 23:35:51 1999 Assar Westerlund - - * xnlock.c (verify): use KRB_VERIFY_SECURE instead of 1 - -Tue Mar 16 22:29:14 1999 Assar Westerlund - - * xnlock.c: krb_verify_user_multiple -> krb_verify_user - -Thu Mar 11 14:59:20 1999 Johan Danielsson - - * xnlock.c: add some if-braces to keep gcc happy - -Sun Nov 22 10:36:45 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Wed Jul 8 01:37:37 1998 Assar Westerlund - - * xnlock.c (main): create place-holder ticket file with - open(O_EXCL | O_CREAT) instead of creat - -Sat Mar 28 12:53:46 1998 Assar Westerlund - - * Makefile.in (install, uninstall): transform the man page - -Tue Mar 24 05:20:34 1998 Assar Westerlund - - * xnlock.c: remove redundant preprocessor stuff - -Sat Mar 21 14:36:21 1998 Assar Westerlund - - * xnlock.c (init_words): recognize both `-p' and `-prog' - -Sat Feb 7 10:08:07 1998 Assar Westerlund - - * xnlock.c: Don't use REALM_SZ + 1, just REALM_SZ - -Sat Nov 29 04:58:19 1997 Johan Danielsson - - * xnlock.c: Make it build w/o krb4. - diff --git a/appl/xnlock/Makefile.am b/appl/xnlock/Makefile.am deleted file mode 100644 index f971d18c3..000000000 --- a/appl/xnlock/Makefile.am +++ /dev/null @@ -1,32 +0,0 @@ -# $Id$ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(X_CFLAGS) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -if HAVE_X - -bin_PROGRAMS = xnlock - -else - -bin_PROGRAMS = - -endif - -CHECK_LOCAL = no-check-local - -man_MANS = xnlock.1 - -EXTRA_DIST = $(man_MANS) nose.0.left nose.0.right nose.1.left nose.1.right \ - nose.down nose.front nose.left.front nose.right.front \ - NTMakefile - -LDADD = \ - $(LIB_kafs) \ - $(LIB_krb5) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(X_LIBS) -lXt $(X_PRE_LIBS) -lX11 $(X_EXTRA_LIBS) diff --git a/appl/xnlock/NTMakefile b/appl/xnlock/NTMakefile deleted file mode 100644 index 16f305b88..000000000 --- a/appl/xnlock/NTMakefile +++ /dev/null @@ -1,35 +0,0 @@ -######################################################################## -# -# Copyright (c) 2009, Secure Endpoints Inc. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# - Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# - Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# - -RELDIR=appl\xnlock - -!include ../../windows/NTMakefile.w32 - diff --git a/appl/xnlock/README b/appl/xnlock/README deleted file mode 100644 index 5b16c522f..000000000 --- a/appl/xnlock/README +++ /dev/null @@ -1,21 +0,0 @@ -xnlock -- Dan Heller, 1990 -"nlock" is a "new lockscreen" type program... something that prevents -screen burnout by making most of it "black" while providing something -of interest to be displayed in case anyone is watching. The program -also provides added security. - -"xnlock" is the X11 version of the program. - -Original sunview version written by Dan Heller 1985 (not included). - -For a real description of how this program works, read the -man page or just try running it. - -The one major outstanding bug with this program is that every -once in a while, two horizontal lines appear below the little -figure that runs around the screen. If someone can find and -fix this bug, *please* let me know -- I don't have time to -look and if I waited till I had time, you'd never see this -program... It has something to do with the "looking down" -position and then directly moving up and right or left... - diff --git a/appl/xnlock/nose.0.left b/appl/xnlock/nose.0.left deleted file mode 100644 index cb3d15286..000000000 --- a/appl/xnlock/nose.0.left +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_0_left_width 64 -#define nose_0_left_height 64 -static unsigned char nose_0_left_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, - 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, - 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, - 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, - 0x08,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x20,0x00, - 0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00,0xf0,0x03,0x00,0x00,0x80,0x00, - 0x00,0x00,0x0e,0x0c,0x00,0x00,0x80,0x01,0x00,0x00,0x03,0x30,0x00,0x00,0x00, - 0x01,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x40,0x00,0xc0,0x00,0x00, - 0x00,0x02,0x00,0x20,0x00,0x80,0x00,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, - 0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x0c,0x00,0x08,0x00,0x00, - 0x00,0x00,0x00,0x08,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x08,0x00, - 0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, - 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, - 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, - 0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x01,0x00,0x00, - 0x18,0x00,0x20,0x00,0x00,0x01,0x00,0x00,0x08,0x00,0x40,0x00,0x80,0x00,0x00, - 0x00,0x08,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x0c,0x00,0x00,0x01,0x20,0x00, - 0x00,0x00,0x04,0x00,0x00,0x06,0x18,0x00,0x00,0x00,0x06,0x00,0x00,0xf8,0x07, - 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0x01,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf8,0x0f,0x00,0x00,0x00, - 0x00,0xff,0x00,0x04,0x10,0x00,0x00,0x00,0xc0,0x00,0x03,0x03,0x10,0x00,0x00, - 0x00,0x30,0x00,0x0c,0x01,0x20,0x00,0x00,0x00,0x08,0x00,0x98,0x00,0x20,0x00, - 0x00,0x00,0x0c,0x03,0x60,0x00,0x20,0x00,0x00,0x00,0xc2,0x00,0xc0,0x00,0x20, - 0x00,0x00,0x00,0x42,0x00,0x80,0x00,0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x01, - 0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x01,0x20,0x00,0x00,0x00,0x21,0x00,0x00, - 0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x01,0x00, - 0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x02, - 0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00,0x00, - 0x18,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x10,0x00,0x00, - 0x00,0xc0,0xff,0xff,0xff,0x0f,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.0.right b/appl/xnlock/nose.0.right deleted file mode 100644 index f387baa73..000000000 --- a/appl/xnlock/nose.0.right +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_0_right_width 64 -#define nose_0_right_height 64 -static unsigned char nose_0_right_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, - 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, - 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, - 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, - 0x04,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x10,0x00, - 0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x01,0x00,0x00,0xc0,0x0f, - 0x00,0x00,0x80,0x01,0x00,0x00,0x30,0x70,0x00,0x00,0x80,0x00,0x00,0x00,0x0c, - 0xc0,0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x40,0x00,0x00,0x00, - 0x03,0x00,0x02,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x04,0x00,0x20,0x00,0x00, - 0x00,0x00,0x00,0x08,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x10,0x00, - 0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, - 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, - 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, - 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00, - 0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x18,0x00,0x00,0x80,0x00, - 0x00,0x08,0x00,0x10,0x00,0x00,0x80,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, - 0x01,0x00,0x02,0x00,0x30,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x20,0x00,0x00, - 0x00,0x04,0x80,0x00,0x00,0x60,0x00,0x00,0x00,0x18,0x60,0x00,0x00,0x40,0x00, - 0x00,0x00,0xe0,0x1f,0x00,0x00,0x80,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf0,0x1f,0x00,0x00,0x00,0x00,0x00, - 0x00,0x08,0x20,0x00,0xff,0x00,0x00,0x00,0x00,0x08,0xc0,0xc0,0x00,0x03,0x00, - 0x00,0x00,0x04,0x80,0x30,0x00,0x0c,0x00,0x00,0x00,0x04,0x00,0x19,0x00,0x10, - 0x00,0x00,0x00,0x04,0x00,0x06,0xc0,0x30,0x00,0x00,0x00,0x04,0x00,0x03,0x00, - 0x43,0x00,0x00,0x00,0x04,0x00,0x01,0x00,0x42,0x00,0x00,0x00,0x04,0x80,0x00, - 0x00,0x84,0x00,0x00,0x00,0x04,0x80,0x00,0x00,0x84,0x00,0x00,0x00,0x04,0x00, - 0x00,0x00,0x84,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02, - 0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00, - 0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00, - 0x00,0x04,0x00,0x00,0x00,0x18,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x0e,0x00, - 0x00,0x00,0xf0,0xff,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.1.left b/appl/xnlock/nose.1.left deleted file mode 100644 index 8a6b82952..000000000 --- a/appl/xnlock/nose.1.left +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_1_left_width 64 -#define nose_1_left_height 64 -static unsigned char nose_1_left_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, - 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, - 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, - 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, - 0x08,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x20,0x00, - 0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00,0xf0,0x03,0x00,0x00,0x80,0x00, - 0x00,0x00,0x0e,0x0c,0x00,0x00,0x80,0x01,0x00,0x00,0x03,0x30,0x00,0x00,0x00, - 0x01,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x40,0x00,0xc0,0x00,0x00, - 0x00,0x02,0x00,0x20,0x00,0x80,0x00,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, - 0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x0c,0x00,0x08,0x00,0x00, - 0x00,0x00,0x00,0x08,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x08,0x00, - 0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, - 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, - 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, - 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x01,0x00,0x00, - 0x18,0x00,0x10,0x00,0x00,0x01,0x00,0x00,0x08,0x00,0x20,0x00,0x80,0x00,0x00, - 0x00,0x08,0x00,0x40,0x00,0x40,0x00,0x00,0x00,0x0c,0x00,0x80,0x00,0x20,0x00, - 0x00,0x00,0xe4,0x00,0x00,0x03,0x18,0x00,0x00,0x00,0x26,0x03,0x00,0xfc,0x07, - 0x00,0x00,0x00,0x12,0x0c,0x00,0x00,0xf8,0xff,0xff,0xff,0x11,0x10,0x80,0x1f, - 0x00,0x00,0x00,0x00,0x08,0x20,0x60,0x60,0xc0,0x07,0x00,0x00,0x04,0x40,0x10, - 0xc0,0x20,0x08,0x00,0x1f,0x02,0x40,0x08,0x00,0x21,0x10,0xc0,0x60,0x02,0x40, - 0x04,0x00,0x12,0x20,0x20,0x80,0x02,0x20,0xc2,0x00,0x14,0x40,0x18,0x00,0x03, - 0x20,0x22,0x00,0x0c,0x80,0x04,0x03,0x02,0x10,0x12,0x00,0x08,0x80,0x86,0x00, - 0x04,0x10,0x12,0x00,0x10,0x80,0x42,0x00,0x18,0x08,0x12,0x00,0x10,0x40,0x42, - 0x00,0x00,0x04,0x02,0x00,0x20,0x40,0x42,0x00,0x00,0x04,0x02,0x00,0x00,0x20, - 0x42,0x00,0x00,0x02,0x04,0x00,0x00,0x20,0x02,0x00,0x00,0x01,0x04,0x00,0x00, - 0x20,0x02,0x00,0x00,0x01,0x08,0x00,0x00,0x20,0x04,0x00,0x80,0x00,0x10,0x00, - 0x00,0x20,0x0c,0x00,0x80,0x00,0x60,0x00,0x00,0x10,0x08,0x00,0x40,0x00,0x80, - 0xff,0xff,0x0f,0x30,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0x0f,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.1.right b/appl/xnlock/nose.1.right deleted file mode 100644 index f7c8962c0..000000000 --- a/appl/xnlock/nose.1.right +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_1_right_width 64 -#define nose_1_right_height 64 -static unsigned char nose_1_right_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, - 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, - 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, - 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, - 0x04,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x10,0x00, - 0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x01,0x00,0x00,0xc0,0x0f, - 0x00,0x00,0x80,0x01,0x00,0x00,0x30,0x70,0x00,0x00,0x80,0x00,0x00,0x00,0x0c, - 0xc0,0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x40,0x00,0x00,0x00, - 0x03,0x00,0x02,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x04,0x00,0x20,0x00,0x00, - 0x00,0x00,0x00,0x08,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x10,0x00, - 0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, - 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, - 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, - 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00, - 0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x18,0x00,0x00,0x80,0x00, - 0x00,0x08,0x00,0x10,0x00,0x00,0x80,0x00,0x00,0x08,0x00,0x10,0x00,0x00,0x00, - 0x01,0x00,0x04,0x00,0x30,0x00,0x00,0x00,0x02,0x00,0x02,0x00,0x27,0x00,0x00, - 0x00,0x04,0x00,0x01,0xc0,0x64,0x00,0x00,0x00,0x18,0xc0,0x00,0x30,0x48,0x00, - 0x00,0x00,0xe0,0x3f,0x00,0x08,0x88,0xff,0xff,0xff,0x1f,0x00,0x00,0x04,0x10, - 0x00,0x00,0x00,0x00,0xf8,0x01,0x02,0x20,0x00,0x00,0xe0,0x03,0x06,0x06,0x02, - 0x40,0xf8,0x00,0x10,0x04,0x03,0x08,0x02,0x40,0x06,0x03,0x08,0x84,0x00,0x10, - 0x04,0x40,0x01,0x04,0x04,0x48,0x00,0x20,0x04,0xc0,0x00,0x18,0x02,0x28,0x00, - 0x43,0x08,0x40,0xc0,0x20,0x01,0x30,0x00,0x44,0x08,0x20,0x00,0x61,0x01,0x10, - 0x00,0x48,0x10,0x18,0x00,0x42,0x01,0x08,0x00,0x48,0x20,0x00,0x00,0x42,0x02, - 0x08,0x00,0x48,0x20,0x00,0x00,0x42,0x02,0x04,0x00,0x40,0x40,0x00,0x00,0x42, - 0x04,0x00,0x00,0x40,0x80,0x00,0x00,0x40,0x04,0x00,0x00,0x20,0x80,0x00,0x00, - 0x40,0x04,0x00,0x00,0x20,0x00,0x01,0x00,0x20,0x04,0x00,0x00,0x10,0x00,0x01, - 0x00,0x30,0x04,0x00,0x00,0x08,0x00,0x02,0x00,0x10,0x08,0x00,0x00,0x06,0x00, - 0x0c,0x00,0x0c,0xf0,0xff,0xff,0x01,0x00,0xf0,0xff,0x03,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.down b/appl/xnlock/nose.down deleted file mode 100644 index e8bdba4f4..000000000 --- a/appl/xnlock/nose.down +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_down_width 64 -#define nose_down_height 64 -static unsigned char nose_down_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0xfc,0xff,0x01,0x00,0x00,0x00,0x00,0xc0,0x03,0x00,0x1e,0x00, - 0x00,0x00,0x00,0x38,0x00,0x00,0xe0,0x00,0x00,0x00,0x00,0x06,0x00,0x00,0x00, - 0x03,0x00,0x00,0x80,0x01,0x00,0x00,0x00,0x04,0x00,0x00,0x40,0x00,0x00,0x00, - 0x00,0x08,0x00,0x00,0x20,0x00,0x00,0x00,0x00,0x30,0x00,0x00,0x10,0x00,0x80, - 0x1f,0x00,0x40,0x00,0x00,0x08,0x00,0x60,0x60,0x00,0x80,0x00,0x00,0x08,0x00, - 0x10,0x80,0x00,0x80,0x00,0x00,0x04,0x00,0x08,0x00,0x01,0x00,0x01,0x00,0x04, - 0x00,0x08,0x00,0x01,0x00,0x01,0x00,0x02,0x00,0x18,0x80,0x01,0x00,0x02,0x00, - 0x02,0x00,0x68,0x60,0x01,0x00,0x02,0x00,0x02,0x00,0x88,0x1f,0x01,0x00,0x02, - 0x00,0x02,0x00,0x08,0x00,0x01,0x00,0x02,0x00,0x02,0x00,0x10,0x80,0x00,0x00, - 0x03,0x00,0x06,0x00,0x60,0x60,0x00,0x80,0x02,0x00,0x0c,0x00,0x80,0x1f,0x00, - 0x40,0x01,0x00,0x14,0x00,0x00,0x00,0x00,0x20,0x01,0x00,0x28,0x00,0x00,0x00, - 0x00,0x90,0x00,0x00,0x50,0x00,0x00,0x00,0x00,0x48,0x00,0x00,0xa0,0x01,0x00, - 0x00,0x00,0x26,0x00,0x00,0x40,0x1e,0x00,0x00,0xc0,0x11,0x00,0x00,0x80,0xe1, - 0x03,0x00,0x3c,0x0c,0x00,0x00,0x00,0x0e,0xfc,0xff,0x83,0x03,0x00,0x00,0x00, - 0xf0,0x01,0x00,0x78,0x00,0x00,0x00,0x00,0x00,0xfe,0xff,0x0f,0x00,0x00,0x00, - 0x00,0x80,0x03,0x00,0x0c,0x00,0x00,0x00,0x00,0x80,0x02,0x00,0x14,0x00,0x00, - 0x00,0x00,0x60,0x04,0x00,0x12,0x00,0x00,0xc0,0x7f,0x10,0x04,0x00,0x22,0xe0, - 0x01,0x70,0xc0,0x18,0x08,0x00,0x61,0x1c,0x06,0x10,0x00,0x0f,0x30,0xc0,0x80, - 0x07,0x08,0x08,0x00,0x06,0xc0,0x3f,0x80,0x01,0x08,0x08,0x00,0x18,0x00,0x02, - 0xc0,0x00,0x10,0x04,0x00,0x30,0x00,0x05,0x30,0x00,0x10,0x04,0x00,0x00,0x80, - 0x08,0x18,0x00,0x20,0x04,0x00,0x00,0x80,0x08,0x00,0x00,0x20,0x04,0x00,0x00, - 0x40,0x10,0x00,0x00,0x20,0x24,0x00,0x00,0x40,0x10,0x00,0x00,0x22,0x24,0x00, - 0x00,0x40,0x10,0x00,0x00,0x22,0x44,0x00,0x00,0x40,0x10,0x00,0x00,0x11,0x84, - 0x01,0x00,0xc0,0x18,0x00,0xc0,0x10,0x08,0x00,0x00,0x80,0x08,0x00,0x00,0x08, - 0x30,0x00,0x00,0x80,0x08,0x00,0x00,0x04,0xe0,0xff,0xff,0xff,0xf8,0xff,0xff, - 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.front b/appl/xnlock/nose.front deleted file mode 100644 index 64b82015c..000000000 --- a/appl/xnlock/nose.front +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_front_width 64 -#define nose_front_height 64 -static unsigned char nose_front_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, - 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, - 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, - 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, - 0x08,0x00,0xc0,0x1f,0x00,0x20,0x00,0x00,0x08,0x00,0x30,0x60,0x00,0x20,0x00, - 0x00,0xf8,0xff,0x0f,0x80,0xff,0x3f,0x00,0x00,0x00,0x02,0x02,0x00,0x82,0x00, - 0x00,0x00,0x00,0x03,0x01,0x00,0x84,0x01,0x00,0x00,0x00,0x81,0x00,0x00,0x08, - 0x01,0x00,0x00,0x80,0x80,0x00,0x00,0x08,0x02,0x00,0x00,0x80,0x40,0x00,0x00, - 0x10,0x02,0x00,0x00,0x40,0x40,0x00,0x00,0x10,0x04,0x00,0x00,0x40,0x20,0x00, - 0x00,0x20,0x04,0x00,0x00,0x60,0x20,0x00,0x00,0x20,0x0c,0x00,0x00,0x20,0x20, - 0x00,0x00,0x20,0x08,0x00,0x00,0x20,0x20,0x00,0x00,0x20,0x08,0x00,0x00,0x10, - 0x20,0x00,0x00,0x20,0x10,0x00,0x00,0x10,0x20,0x00,0x00,0x20,0x10,0x00,0x00, - 0x10,0x20,0x00,0x00,0x20,0x10,0x00,0x00,0x10,0x40,0x00,0x00,0x10,0x10,0x00, - 0x00,0x10,0x40,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x80,0x00,0x00,0x08,0x10, - 0x00,0x00,0x10,0x80,0x00,0x00,0x08,0x10,0x00,0x00,0x30,0x00,0x01,0x00,0x04, - 0x18,0x00,0x00,0x20,0x00,0x02,0x00,0x02,0x08,0x00,0x00,0x20,0x00,0x0c,0x80, - 0x01,0x08,0x00,0x00,0x60,0x00,0x30,0x60,0x00,0x0c,0x00,0x00,0x40,0x00,0xc0, - 0x1f,0x00,0x04,0x00,0x00,0xc0,0x00,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x01, - 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xfe,0xff,0xff,0xff,0x01,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x0f,0xc0,0x0f,0x00,0x00,0x00, - 0x00,0x40,0x10,0x20,0x10,0x00,0x00,0x00,0x00,0x20,0x60,0x30,0x20,0x00,0x00, - 0x00,0x00,0x20,0xc0,0x18,0x20,0x00,0x00,0xc0,0x7f,0x10,0x80,0x0d,0x40,0xe0, - 0x01,0x70,0xc0,0x18,0x00,0x05,0x40,0x1c,0x06,0x10,0x00,0x0f,0x00,0x05,0x80, - 0x07,0x08,0x08,0x00,0x06,0x00,0x05,0x80,0x01,0x08,0x08,0x00,0x18,0x00,0x05, - 0xc0,0x00,0x10,0x04,0x00,0x30,0x00,0x05,0x30,0x00,0x10,0x04,0x00,0x00,0x80, - 0x08,0x18,0x00,0x20,0x04,0x00,0x00,0x80,0x08,0x00,0x00,0x20,0x04,0x00,0x00, - 0x40,0x10,0x00,0x00,0x20,0x24,0x00,0x00,0x40,0x10,0x00,0x00,0x22,0x24,0x00, - 0x00,0x40,0x10,0x00,0x00,0x22,0x44,0x00,0x00,0x40,0x10,0x00,0x00,0x11,0x84, - 0x01,0x00,0xc0,0x18,0x00,0xc0,0x10,0x08,0x00,0x00,0x80,0x08,0x00,0x00,0x08, - 0x30,0x00,0x00,0x80,0x08,0x00,0x00,0x04,0xe0,0xff,0xff,0xff,0xf8,0xff,0xff, - 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.left.front b/appl/xnlock/nose.left.front deleted file mode 100644 index 3a871eaaa..000000000 --- a/appl/xnlock/nose.left.front +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_left_front_width 64 -#define nose_left_front_height 64 -static unsigned char nose_left_front_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, - 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, - 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, - 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, - 0x08,0x00,0xe0,0x0f,0x00,0x20,0x00,0x00,0x08,0x00,0x18,0x30,0x00,0x20,0x00, - 0x00,0xf8,0xff,0x07,0xc0,0xff,0x3f,0x00,0x00,0x00,0x02,0x01,0x00,0x81,0x00, - 0x00,0x00,0x00,0x83,0x00,0x00,0x82,0x01,0x00,0x00,0x00,0x41,0x00,0x00,0x04, - 0x01,0x00,0x00,0x80,0x40,0x00,0x00,0x04,0x02,0x00,0x00,0x80,0x20,0x00,0x00, - 0x08,0x02,0x00,0x00,0x40,0x20,0x00,0x00,0x08,0x04,0x00,0x00,0x40,0x10,0x00, - 0x00,0x10,0x04,0x00,0x00,0x60,0x10,0x00,0x00,0x10,0x0c,0x00,0x00,0x20,0x10, - 0x00,0x00,0x10,0x08,0x00,0x00,0x30,0x10,0x00,0x00,0x10,0x08,0x00,0x00,0x10, - 0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00, - 0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x20,0x00,0x00,0x08,0x10,0x00, - 0x00,0x10,0x20,0x00,0x00,0x08,0x10,0x00,0x00,0x10,0x40,0x00,0x00,0x04,0x10, - 0x00,0x00,0x30,0x40,0x00,0x00,0x04,0x10,0x00,0x00,0x20,0x80,0x00,0x00,0x02, - 0x18,0x00,0x00,0x20,0x00,0x01,0x00,0x01,0x08,0x00,0x00,0x60,0x00,0x06,0xc0, - 0x00,0x08,0x00,0x00,0x80,0x00,0x18,0x30,0x00,0x0c,0x00,0x00,0x80,0x00,0xe0, - 0x0f,0x00,0x04,0x00,0x00,0x80,0x01,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x01, - 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xfe,0xff,0xff,0xff,0x01,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf8,0x0f,0x00,0x00,0x00, - 0x00,0xff,0x00,0x04,0x10,0x00,0x00,0x00,0xe0,0x00,0x07,0x02,0x10,0x00,0x00, - 0x00,0x30,0x00,0x8c,0x01,0x20,0x00,0x00,0x00,0x0c,0x00,0x90,0x00,0x20,0x00, - 0x00,0x00,0x04,0x03,0x60,0x00,0x20,0x00,0x00,0x00,0xc2,0x00,0xc0,0x00,0x20, - 0x00,0x00,0x00,0x42,0x00,0x00,0x01,0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x02, - 0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x06,0x20,0x00,0x00,0x00,0x21,0x00,0x00, - 0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x03,0x00, - 0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x02, - 0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00,0x00, - 0x18,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x10,0x00,0x00, - 0x00,0xc0,0xff,0xff,0xff,0x0f,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/nose.right.front b/appl/xnlock/nose.right.front deleted file mode 100644 index f8214174e..000000000 --- a/appl/xnlock/nose.right.front +++ /dev/null @@ -1,38 +0,0 @@ -#define nose_right_front_width 64 -#define nose_right_front_height 64 -static unsigned char nose_right_front_bits[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, - 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, - 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, - 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, - 0x04,0x00,0xf0,0x07,0x00,0x10,0x00,0x00,0x04,0x00,0x0c,0x18,0x00,0x10,0x00, - 0x00,0xfc,0xff,0x03,0xe0,0xff,0x1f,0x00,0x00,0x00,0x81,0x00,0x80,0x40,0x00, - 0x00,0x00,0x80,0x41,0x00,0x00,0xc1,0x00,0x00,0x00,0x80,0x20,0x00,0x00,0x82, - 0x00,0x00,0x00,0x40,0x20,0x00,0x00,0x02,0x01,0x00,0x00,0x40,0x10,0x00,0x00, - 0x04,0x01,0x00,0x00,0x20,0x10,0x00,0x00,0x04,0x02,0x00,0x00,0x20,0x08,0x00, - 0x00,0x08,0x02,0x00,0x00,0x30,0x08,0x00,0x00,0x08,0x06,0x00,0x00,0x10,0x08, - 0x00,0x00,0x08,0x04,0x00,0x00,0x10,0x08,0x00,0x00,0x08,0x0c,0x00,0x00,0x08, - 0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00, - 0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x10,0x00,0x00,0x04,0x08,0x00, - 0x00,0x08,0x10,0x00,0x00,0x04,0x08,0x00,0x00,0x08,0x20,0x00,0x00,0x02,0x08, - 0x00,0x00,0x08,0x20,0x00,0x00,0x02,0x0c,0x00,0x00,0x18,0x40,0x00,0x00,0x01, - 0x04,0x00,0x00,0x10,0x80,0x00,0x80,0x00,0x04,0x00,0x00,0x10,0x00,0x03,0x60, - 0x00,0x06,0x00,0x00,0x30,0x00,0x0c,0x18,0x00,0x01,0x00,0x00,0x20,0x00,0xf0, - 0x07,0x00,0x01,0x00,0x00,0x60,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x40,0x00, - 0x00,0x00,0x80,0x00,0x00,0x00,0x80,0xff,0xff,0xff,0x7f,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf0,0x1f,0x00,0x00,0x00,0x00,0x00, - 0x00,0x08,0x20,0x00,0xff,0x00,0x00,0x00,0x00,0x08,0x40,0xe0,0x00,0x07,0x00, - 0x00,0x00,0x04,0x80,0x31,0x00,0x0c,0x00,0x00,0x00,0x04,0x00,0x09,0x00,0x30, - 0x00,0x00,0x00,0x04,0x00,0x06,0xc0,0x20,0x00,0x00,0x00,0x04,0x00,0x03,0x00, - 0x43,0x00,0x00,0x00,0x04,0x80,0x00,0x00,0x42,0x00,0x00,0x00,0x04,0x40,0x00, - 0x00,0x84,0x00,0x00,0x00,0x04,0x60,0x00,0x00,0x84,0x00,0x00,0x00,0x04,0x00, - 0x00,0x00,0x84,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02, - 0x00,0x00,0x00,0xc0,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00, - 0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00, - 0x00,0x04,0x00,0x00,0x00,0x18,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x0e,0x00, - 0x00,0x00,0xf0,0xff,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00}; diff --git a/appl/xnlock/xnlock.1 b/appl/xnlock/xnlock.1 deleted file mode 100644 index 1adc9b577..000000000 --- a/appl/xnlock/xnlock.1 +++ /dev/null @@ -1,123 +0,0 @@ -.\" xnlock -- Dan Heller 1985 -.TH XNLOCK 1 "19 April 1990" -.SH NAME -xnlock \- amusing lock screen program with message for passers-by -.SH SYNOPSIS -.B xnlock -[ -\fIoptions\fP -] -[ -\fImessage\fP -] -.SH DESCRIPTION -.I xnlock -is a program that acts as a screen saver for workstations running X11. -It also "locks" the screen such that the workstation can be left -unattended without worry that someone else will walk up to it and -mess everything up. When \fIxnlock\fP is running, a little man with -a big nose and a hat runs around spewing out messages to the screen. -By default, the messages are "humorous", but that depends on your -sense of humor. -.LP -If a key or mouse button is pressed, a prompt is printed requesting the -user's password. If a RETURN is not typed within 30 seconds, -the little man resumes running around. -.LP -Text on the command line is used as the message. For example: -.br - % xnlock I\'m out to lunch for a couple of hours. -.br -Note the need to quote shell metacharacters. -.LP -In the absence of flags or text, \fIxnlock\fP displays random fortunes. -.SH OPTIONS -Command line options override all resource specifications. -All arguments that are not associated with a command line option -is taken to be message text that the little man will "say" every -once in a while. The resource \fBxnlock.text\fP may be set to -a string. -.TP -.BI \-fn " fontname" -The default font is the first 18 point font in the \fInew century schoolbook\fP -family. While larger fonts are recokmmended over smaller ones, any font -in the server's font list will work. The resource to use for this option -is \fBxnlock.font\fP. -.TP -.BI \-filename " filename" -Take the message to be displayed from the file \fIfilename\fP. -If \fIfilename\fP is not specified, \fI$HOME/.msgfile\fP is used. -If the contents of the file are changed during runtime, the most recent text -of the file is used (allowing the displayed message to be altered remotely). -Carriage returns within the text are allowed, but tabs or other control -characters are not translated and should not be used. -The resource available for this option is \fBxnlock.file\fP. -.TP -.BI \-ar -Accept root's password to unlock screen. This option is true by -default. The reason for this is so that someone's screen may be -unlocked by autorized users in case of emergency and the person -running the program is still out to lunch. The resource available -for specifying this option is \fBxnlock.acceptRootPasswd\fP. -.TP -.BI \-noar -Don't accept root's password. This option is for paranoids who -fear their peers might breakin using root's password and remove -their files anyway. Specifying this option on the command line -overrides the \fBxnlock.acceptRootPasswd\fP if set to True. -.TP -.BI \-ip -Ignore password prompt. -The resource available for this option is \fBxnlock.ignorePasswd\fP. -.TP -.BI \-noip -Don't ignore password prompt. This is available in order to -override the resource \fBignorePasswd\fP if set to True. -.TP -.BI -fg " color" -Specifies the foreground color. The resource available for this -is \fBxnlock.foreground\fP. -.TP -.BI -bg " color" -Specifies the background color. The resource available for this -is \fBxnlock.background\fP. -.TP -.BI \-rv -Reverse the foreground and background colors. -The resource for this is \fBxvnlock.reverseVideo\fP. -.TP -.BI \-norv -Don't use reverse video. This is available to override the reverseVideo -resource if set to True. -.TP -.BI \-prog " program" -Receive message text from the running program \fIprogram\fP. If there -are arguments to \fIprogram\fP, encase them with the name of the program in -quotes (e.g. xnlock -t "fortune -o"). -The resource for this is \fBxnlock.program\fP. -.SH RESOURCES -.br -xnlock.font: fontname -.br -xnlock.foreground: color -.br -xnlock.background: color -.br -xnlock.reverseVideo: True/False -.br -xnlock.text: Some random text string -.br -xnlock.program: program [args] -.br -xnlock.ignorePasswd: True/False -.br -xnlock.acceptRootPasswd: True/False -.SH FILES -\fIxnlock\fP executable file -.br -~/.msgfile default message file -.SH AUTHOR -Dan Heller Copyright (c) 1985, 1990. -.br -The original version of this program was written using pixrects on -a Sun 2 running SunOS 1.1. diff --git a/appl/xnlock/xnlock.c b/appl/xnlock/xnlock.c deleted file mode 100644 index b3692df26..000000000 --- a/appl/xnlock/xnlock.c +++ /dev/null @@ -1,1089 +0,0 @@ -/* - * xnlock -- Dan Heller, 1990 - * "nlock" is a "new lockscreen" type program... something that prevents - * screen burnout by making most of it "black" while providing something - * of interest to be displayed in case anyone is watching. - * "xnlock" is the X11 version of the program. - * Original sunview version written by Dan Heller 1985 (not included here). - */ -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id$"); -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_CRYPT_H -#undef des_encrypt -#define des_encrypt wingless_pigs_mostly_fail_to_fly -#include -#undef des_encrypt -#endif - -#ifdef KRB5 -#include -#include -#endif - -#include -#include - -static char login[16]; -static char userprompt[128]; -#ifdef KRB5 -static krb5_context context; -static krb5_principal client; -#endif - -#define font_height(font) (font->ascent + font->descent) - -static char *SPACE_STRING = " "; -static char STRING[] = "****************"; - -#define STRING_LENGTH (sizeof(STRING)) -#define MAX_PASSWD_LENGTH 256 -/* (sizeof(STRING)) */ - -#define PROMPT "Password: " -#define FAIL_MSG "Sorry, try again" -#define LEFT 001 -#define RIGHT 002 -#define DOWN 004 -#define UP 010 -#define FRONT 020 -#define X_INCR 3 -#define Y_INCR 2 -#define XNLOCK_CTRL 1 -#define XNLOCK_NOCTRL 0 - -static XtAppContext app; -static Display *dpy; -static unsigned short Width, Height; -static Widget widget; -static GC gc; -static XtIntervalId timeout_id; -static char *words; -static int x, y; -static Pixel Black, White; -static XFontStruct *font; -static char root_cpass[128]; -static char user_cpass[128]; -static int time_left, prompt_x, prompt_y, time_x, time_y; -static unsigned long interval; -static Pixmap left0, left1, right0, right1, left_front, - right_front, front, down; - -#define MAXLINES 40 - -#define IS_MOVING 1 -#define GET_PASSWD 2 -static int state; /* indicates states: walking or getting passwd */ - -static int ALLOW_LOGOUT = (60*10); /* Allow logout after nn seconds */ -#define LOGOUT_PASSWD "enuHDmTo5Lq4g" /* when given password "LOGOUT" */ -static time_t locked_at; - -struct appres_t { - Pixel bg; - Pixel fg; - XFontStruct *font; - Boolean ignore_passwd; - Boolean do_reverse; - Boolean accept_root; - char *text, *text_prog, *file, *logoutPasswd; - Boolean no_screensaver; - Boolean destroytickets; -} appres; - -static XtResource resources[] = { - { XtNbackground, XtCBackground, XtRPixel, sizeof(Pixel), - XtOffsetOf(struct appres_t, bg), XtRString, "black" }, - - { XtNforeground, XtCForeground, XtRPixel, sizeof(Pixel), - XtOffsetOf(struct appres_t, fg), XtRString, "white" }, - - { XtNfont, XtCFont, XtRFontStruct, sizeof (XFontStruct *), - XtOffsetOf(struct appres_t, font), - XtRString, "-*-new century schoolbook-*-*-*-18-*" }, - - { "ignorePasswd", "IgnorePasswd", XtRBoolean, sizeof(Boolean), - XtOffsetOf(struct appres_t,ignore_passwd),XtRImmediate,(XtPointer)False }, - - { "acceptRootPasswd", "AcceptRootPasswd", XtRBoolean, sizeof(Boolean), - XtOffsetOf(struct appres_t, accept_root), XtRImmediate, (XtPointer)True }, - - { "text", "Text", XtRString, sizeof(String), - XtOffsetOf(struct appres_t, text), XtRString, "I'm out running around." }, - - { "program", "Program", XtRString, sizeof(String), - XtOffsetOf(struct appres_t, text_prog), XtRImmediate, NULL }, - - { "file", "File", XtRString, sizeof(String), - XtOffsetOf(struct appres_t,file), XtRImmediate, NULL }, - - { "logoutPasswd", "logoutPasswd", XtRString, sizeof(String), - XtOffsetOf(struct appres_t, logoutPasswd), XtRString, LOGOUT_PASSWD }, - - { "noScreenSaver", "NoScreenSaver", XtRBoolean, sizeof(Boolean), - XtOffsetOf(struct appres_t,no_screensaver), XtRImmediate, (XtPointer)True }, - - { "destroyTickets", "DestroyTickets", XtRBoolean, sizeof(Boolean), - XtOffsetOf(struct appres_t,destroytickets), XtRImmediate, (XtPointer)True }, -}; - -static XrmOptionDescRec options[] = { - { "-fg", ".foreground", XrmoptionSepArg, NULL }, - { "-foreground", ".foreground", XrmoptionSepArg, NULL }, - { "-fn", ".font", XrmoptionSepArg, NULL }, - { "-font", ".font", XrmoptionSepArg, NULL }, - { "-ip", ".ignorePasswd", XrmoptionNoArg, "True" }, - { "-noip", ".ignorePasswd", XrmoptionNoArg, "False" }, - { "-ar", ".acceptRootPasswd", XrmoptionNoArg, "True" }, - { "-noar", ".acceptRootPasswd", XrmoptionNoArg, "False" }, - { "-nonoscreensaver", ".noScreenSaver", XrmoptionNoArg, "False" }, - { "-nodestroytickets", ".destroyTickets", XrmoptionNoArg, "False" }, -}; - -static char* -get_words(void) -{ - FILE *pp = NULL; - static char buf[512]; - long n; - - if (appres.text_prog) { - pp = popen(appres.text_prog, "r"); - if (!pp) { - warn("popen %s", appres.text_prog); - return appres.text; - } - n = fread(buf, 1, sizeof(buf) - 1, pp); - buf[n] = 0; - pclose(pp); - return buf; - } - if (appres.file) { - pp = fopen(appres.file, "r"); - if (!pp) { - warn("fopen %s", appres.file); - return appres.text; - } - n = fread(buf, 1, sizeof(buf) - 1, pp); - buf[n] = 0; - fclose(pp); - return buf; - } - - return appres.text; -} - -static void -usage(int exit_code) -{ - fprintf(stderr, "usage: %s [options] [message]\n", getprogname()); - fprintf(stderr, "-fg color foreground color\n"); - fprintf(stderr, "-bg color background color\n"); - fprintf(stderr, "-rv reverse foreground/background colors\n"); - fprintf(stderr, "-nrv no reverse video\n"); - fprintf(stderr, "-ip ignore passwd\n"); - fprintf(stderr, "-nip don't ignore passwd\n"); - fprintf(stderr, "-ar accept root's passwd to unlock\n"); - fprintf(stderr, "-nar don't accept root's passwd\n"); - fprintf(stderr, "-f [file] message is read from file or ~/.msgfile\n"); - fprintf(stderr, "-prog program text is gotten from executing `program'\n"); - fprintf(stderr, "-nodestroytickets keep kerberos tickets\n"); - fprintf(stderr, "--version\n"); - fprintf(stderr, "--help\n"); - exit(exit_code); -} - -static void -init_words (int argc, char **argv) -{ - int i = 0; - - while(argv[i]) { - if(strcmp(argv[i], "-p") == 0 - || strcmp(argv[i], "-prog") == 0) { - i++; - if(argv[i]) { - appres.text_prog = argv[i]; - i++; - } else { - warnx ("-p requires an argument"); - usage(1); - } - } else if(strcmp(argv[i], "-f") == 0) { - i++; - if(argv[i]) { - appres.file = argv[i]; - i++; - } else { - int ret; - ret = asprintf (&appres.file, - "%s/.msgfile", getenv("HOME")); - if (ret == -1) - errx (1, "cannot allocate memory for message"); - } - } else if(strcmp(argv[i], "--version") == 0) { - print_version(NULL); - exit(0); - } else if(strcmp(argv[i], "--help") == 0) { - usage(0); - } else { - int j; - int len = 1; - for(j = i; argv[j]; j++) - len += strlen(argv[j]) + 1; - appres.text = malloc(len); - if (appres.text == NULL) - errx (1, "cannot allocate memory for message"); - appres.text[0] = 0; - for(; i < j; i++){ - strlcat(appres.text, argv[i], len); - strlcat(appres.text, " ", len); - } - } - } -} - -static void -ScreenSaver(int save) -{ - static int timeout, ival, prefer_blank, allow_exp; - if(!appres.no_screensaver){ - if (save) { - XGetScreenSaver(dpy, &timeout, &ival, - &prefer_blank, &allow_exp); - XSetScreenSaver(dpy, 0, ival, prefer_blank, allow_exp); - } else - /* restore state */ - XSetScreenSaver(dpy, timeout, ival, prefer_blank, allow_exp); - } -} - -/* Forward decls necessary */ -static void talk(int force_erase); -static unsigned long look(void); - -static int -zrefresh(void) -{ - switch (fork()) { - case -1: - warn ("zrefresh: fork"); - return -1; - case 0: - /* Child */ - execlp("zrefresh", "zrefresh", NULL); - execl(BINDIR "/zrefresh", "zrefresh", NULL); - return -1; - default: - /* Parent */ - break; - } - return 0; -} - -static void -leave(void) -{ - XUngrabPointer(dpy, CurrentTime); - XUngrabKeyboard(dpy, CurrentTime); - ScreenSaver(0); - XCloseDisplay(dpy); - zrefresh(); - exit(0); -} - -static void -walk(int dir) -{ - int incr = 0; - static int lastdir; - static int up = 1; - static Pixmap frame; - - XSetForeground(dpy, gc, White); - XSetBackground(dpy, gc, Black); - if (dir & (LEFT|RIGHT)) { /* left/right movement (mabye up/down too) */ - up = -up; /* bouncing effect (even if hit a wall) */ - if (dir & LEFT) { - incr = X_INCR; - frame = (up < 0) ? left0 : left1; - } else { - incr = -X_INCR; - frame = (up < 0) ? right0 : right1; - } - if ((lastdir == FRONT || lastdir == DOWN) && dir & UP) { - /* workaround silly bug that leaves screen dust when - * guy is facing forward or down and moves up-left/right. - */ - XCopyPlane(dpy, frame, XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); - XFlush(dpy); - } - /* note that maybe neither UP nor DOWN is set! */ - if (dir & UP && y > Y_INCR) - y -= Y_INCR; - else if (dir & DOWN && y < (int)Height - 64) - y += Y_INCR; - } - /* Explicit up/down movement only (no left/right) */ - else if (dir == UP) - XCopyPlane(dpy, front, XtWindow(widget), gc, - 0,0, 64,64, x, y -= Y_INCR, 1L); - else if (dir == DOWN) - XCopyPlane(dpy, down, XtWindow(widget), gc, - 0,0, 64,64, x, y += Y_INCR, 1L); - else if (dir == FRONT && frame != front) { - if (up > 0) - up = -up; - if (lastdir & LEFT) - frame = left_front; - else if (lastdir & RIGHT) - frame = right_front; - else - frame = front; - XCopyPlane(dpy, frame, XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); - } - if (dir & LEFT) - while(--incr >= 0) { - XCopyPlane(dpy, frame, XtWindow(widget), gc, - 0,0, 64,64, --x, y+up, 1L); - XFlush(dpy); - } - else if (dir & RIGHT) - while(++incr <= 0) { - XCopyPlane(dpy, frame, XtWindow(widget), gc, - 0,0, 64,64, ++x, y+up, 1L); - XFlush(dpy); - } - lastdir = dir; -} - -static long -my_random (void) -{ -#ifdef HAVE_RANDOM - return random(); -#else - return rand(); -#endif -} - -static int -think(void) -{ - if (my_random() & 1) - walk(FRONT); - if (my_random() & 1) { - words = get_words(); - return 1; - } - return 0; -} - -static void -move(XtPointer _p, XtIntervalId *_id) -{ - static int dir; - static unsigned int length; - - if (!length) { - int tries = 0; - dir = 0; - if ((my_random() & 1) && think()) { - talk(0); /* sets timeout to itself */ - return; - } - if (!(my_random() % 3) && (interval = look())) { - timeout_id = XtAppAddTimeOut(app, interval, move, NULL); - return; - } - interval = 20 + my_random() % 100; - do { - if (!tries) - length = Width/100 + my_random() % 90, tries = 8; - else - tries--; - switch (my_random() % 8) { - case 0: - if (x - X_INCR*length >= 5) - dir = LEFT; - case 1: - if (x + X_INCR*length <= (int)Width - 70) - dir = RIGHT; - case 2: - if (y - (Y_INCR*length) >= 5) - dir = UP, interval = 40; - case 3: - if (y + Y_INCR*length <= (int)Height - 70) - dir = DOWN, interval = 20; - case 4: - if (x - X_INCR*length >= 5 && y - (Y_INCR*length) >= 5) - dir = (LEFT|UP); - case 5: - if (x + X_INCR * length <= (int)Width - 70 && - y-Y_INCR * length >= 5) - dir = (RIGHT|UP); - case 6: - if (x - X_INCR * length >= 5 && - y + Y_INCR * length <= (int)Height - 70) - dir = (LEFT|DOWN); - case 7: - if (x + X_INCR*length <= (int)Width - 70 && - y + Y_INCR*length <= (int)Height - 70) - dir = (RIGHT|DOWN); - } - } while (!dir); - } - walk(dir); - --length; - timeout_id = XtAppAddTimeOut(app, interval, move, NULL); -} - -static void -post_prompt_box(Window window) -{ - int width = (Width / 3); - int height = font_height(font) * 6; - int box_x, box_y; - - /* make sure the entire nose icon fits in the box */ - if (height < 100) - height = 100; - - if(width < 105 + font->max_bounds.width*STRING_LENGTH) - width = 105 + font->max_bounds.width*STRING_LENGTH; - box_x = (Width - width) / 2; - time_x = prompt_x = box_x + 105; - - time_y = prompt_y = Height / 2; - box_y = prompt_y - 3 * font_height(font); - - /* erase current guy -- text message may still exist */ - XSetForeground(dpy, gc, Black); - XFillRectangle(dpy, window, gc, x, y, 64, 64); - talk(1); /* forcefully erase message if one is being displayed */ - /* Clear area in middle of screen for prompt box */ - XSetForeground(dpy, gc, White); - XFillRectangle(dpy, window, gc, box_x, box_y, width, height); - - /* make a box that's 5 pixels thick. Then add a thin box inside it */ - XSetForeground(dpy, gc, Black); - XSetLineAttributes(dpy, gc, 5, 0, 0, 0); - XDrawRectangle(dpy, window, gc, box_x+5, box_y+5, width-10, height-10); - XSetLineAttributes(dpy, gc, 0, 0, 0, 0); - XDrawRectangle(dpy, window, gc, box_x+12, box_y+12, width-23, height-23); - - XDrawString(dpy, window, gc, - prompt_x, prompt_y-font_height(font), - userprompt, strlen(userprompt)); - XDrawString(dpy, window, gc, prompt_x, prompt_y, PROMPT, strlen(PROMPT)); - /* set background for copyplane and DrawImageString; need reverse video */ - XSetBackground(dpy, gc, White); - XCopyPlane(dpy, right0, window, gc, 0,0, 64,64, - box_x + 20, box_y + (height - 64)/2, 1L); - prompt_x += XTextWidth(font, PROMPT, strlen(PROMPT)); - time_y += 2*font_height(font); -} - -static void -RaiseWindow(Widget w, XEvent *ev, String *s, Cardinal *n) -{ - Widget new; - if(!XtIsRealized(w)) - return; - new = XtParent(w); - XRaiseWindow(dpy, XtWindow(new)); -} - - -static void -ClearWindow(Widget w, XEvent *_event, String *_s, Cardinal *_n) -{ - XExposeEvent *event = (XExposeEvent *)_event; - if (!XtIsRealized(w)) - return; - XClearArea(dpy, XtWindow(w), event->x, event->y, - event->width, event->height, False); - if (state == GET_PASSWD) - post_prompt_box(XtWindow(w)); - if (timeout_id == 0 && event->count == 0) { - timeout_id = XtAppAddTimeOut(app, 1000L, move, NULL); - /* first grab the input focus */ - XSetInputFocus(dpy, XtWindow(w), RevertToPointerRoot, CurrentTime); - /* now grab the pointer and keyboard and contrain to this window */ - XGrabPointer(dpy, XtWindow(w), TRUE, 0, GrabModeAsync, - GrabModeAsync, XtWindow(w), None, CurrentTime); - } -} - -static void -countdown(XtPointer _t, XtIntervalId *_d) -{ - int *timeout = (int *)_t; - char buf[128]; - time_t seconds; - - if (--(*timeout) < 0) { - XExposeEvent event; - XtRemoveTimeOut(timeout_id); - state = IS_MOVING; - event.x = event.y = 0; - event.width = Width, event.height = Height; - ClearWindow(widget, (XEvent *)&event, 0, 0); - timeout_id = XtAppAddTimeOut(app, 200L, move, NULL); - return; - } - seconds = time(0) - locked_at; - if (seconds >= 3600) - snprintf(buf, sizeof(buf), - "Locked for %d:%02d:%02d ", - (int)seconds/3600, (int)seconds/60%60, (int)seconds%60); - else - snprintf(buf, sizeof(buf), - "Locked for %2d:%02d ", - (int)seconds/60, (int)seconds%60); - - XDrawImageString(dpy, XtWindow(widget), gc, - time_x, time_y, buf, strlen(buf)); - XtAppAddTimeOut(app, 1000L, countdown, timeout); - return; -} - -#ifdef KRB5 -static int -verify_krb5(const char *password) -{ - krb5_error_code ret; - krb5_ccache id; - - krb5_cc_default(context, &id); - ret = krb5_verify_user(context, - client, - id, - password, - 0, - NULL); - if (ret == 0){ - if (k_hasafs()) - krb5_afslog(context, id, NULL, NULL); - return 0; - } - if (ret != KRB5KRB_AP_ERR_MODIFIED) - krb5_warn(context, ret, "verify_krb5"); - - return -1; -} -#endif - -static int -verify(char *password) -{ - /* - * First try with root password, if allowed. - */ - if ( appres.accept_root - && strcmp(crypt(password, root_cpass), root_cpass) == 0) - return 0; - - /* - * Password that log out user - */ - if (getuid() != 0 && - geteuid() != 0 && - (time(0) - locked_at) > ALLOW_LOGOUT && - strcmp(crypt(password, appres.logoutPasswd), appres.logoutPasswd) == 0) - { - signal(SIGHUP, SIG_IGN); - kill(-1, SIGHUP); - sleep(5); - /* If the X-server shut down then so will we, else - * continue */ - signal(SIGHUP, SIG_DFL); - } - - /* - * Try copy of users password. - */ - if (strcmp(crypt(password, user_cpass), user_cpass) == 0) - return 0; - - /* - * Try to verify as user in case password change. - */ - if (unix_verify_user(login, password) == 0) - return 0; - -#ifdef KRB5 - /* - * Try to verify as user with kerberos 5. - */ - if(verify_krb5(password) == 0) - return 0; -#endif - - return -1; -} - - -static void -GetPasswd(Widget w, XEvent *_event, String *_s, Cardinal *_n) -{ - XKeyEvent *event = (XKeyEvent *)_event; - static char passwd[MAX_PASSWD_LENGTH]; - static unsigned int cnt; - static int is_ctrl = XNLOCK_NOCTRL; - char c; - KeySym keysym; - int echolen; - int old_state = state; - - if (event->type == ButtonPress) { - x = event->x, y = event->y; - return; - } - if (state == IS_MOVING) { - /* guy is running around--change to post prompt box. */ - XtRemoveTimeOut(timeout_id); - state = GET_PASSWD; - if (appres.ignore_passwd || !strlen(user_cpass)) - leave(); - post_prompt_box(XtWindow(w)); - cnt = 0; - time_left = 30; - countdown((XtPointer)&time_left, 0); - } - if (event->type == KeyRelease) { - keysym = XLookupKeysym(event, 0); - if (keysym == XK_Control_L || keysym == XK_Control_R) { - is_ctrl = XNLOCK_NOCTRL; - } - } - if (event->type != KeyPress) - return; - - time_left = 30; - - keysym = XLookupKeysym(event, 0); - if (keysym == XK_Control_L || keysym == XK_Control_R) { - is_ctrl = XNLOCK_CTRL; - return; - } - if (!XLookupString(event, &c, 1, &keysym, 0)) - return; - if (keysym == XK_Return || keysym == XK_Linefeed) { - passwd[cnt] = 0; - if(old_state == IS_MOVING) - return; - XtRemoveTimeOut(timeout_id); - - if(verify(passwd) == 0) - leave(); - - cnt = 0; - - XDrawImageString(dpy, XtWindow(widget), gc, - time_x, time_y, FAIL_MSG, strlen(FAIL_MSG)); - time_left = 0; - timeout_id = XtAppAddTimeOut(app, 2000L, countdown, &time_left); - return; - } - if (keysym == XK_BackSpace || keysym == XK_Delete || keysym == XK_Left) { - if (cnt) - passwd[cnt--] = ' '; - } else if (keysym == XK_u && is_ctrl == XNLOCK_CTRL) { - while (cnt) { - passwd[cnt--] = ' '; - echolen = min(cnt, STRING_LENGTH); - XDrawImageString(dpy, XtWindow(w), gc, - prompt_x, prompt_y, STRING, echolen); - XDrawImageString(dpy, XtWindow(w), gc, - prompt_x + XTextWidth(font, STRING, echolen), - prompt_y, SPACE_STRING, STRING_LENGTH - echolen + 1); - } - } else if (isprint((unsigned char)c)) { - if ((cnt + 1) >= MAX_PASSWD_LENGTH) - XBell(dpy, 50); - else - passwd[cnt++] = c; - } else - return; - echolen = min(cnt, STRING_LENGTH); - XDrawImageString(dpy, XtWindow(w), gc, - prompt_x, prompt_y, STRING, echolen); - XDrawImageString(dpy, XtWindow(w), gc, - prompt_x + XTextWidth(font, STRING, echolen), - prompt_y, SPACE_STRING, STRING_LENGTH - echolen +1); -} - -#include "nose.0.left" -#include "nose.1.left" -#include "nose.0.right" -#include "nose.1.right" -#include "nose.left.front" -#include "nose.right.front" -#include "nose.front" -#include "nose.down" - -static void -init_images(void) -{ - static Pixmap *images[] = { - &left0, &left1, &right0, &right1, - &left_front, &right_front, &front, &down - }; - static unsigned char *bits[] = { - nose_0_left_bits, nose_1_left_bits, nose_0_right_bits, - nose_1_right_bits, nose_left_front_bits, nose_right_front_bits, - nose_front_bits, nose_down_bits - }; - int i; - - for (i = 0; i < XtNumber(images); i++) - if (!(*images[i] = - XCreatePixmapFromBitmapData(dpy, DefaultRootWindow(dpy), - (char*)(bits[i]), 64, 64, 1, 0, 1))) - XtError("Can't load nose images"); -} - -static void -talk(int force_erase) -{ - unsigned int width = 0, height, Z, total = 0; - static unsigned int X, Y; - static int talking; - static struct { int x, y, width, height; } s_rect; - char *p, *p2; - char buf[BUFSIZ], args[MAXLINES][256]; - - /* clear what we've written */ - if (talking || force_erase) { - if (!talking) - return; - if (talking == 2) { - XSetForeground(dpy, gc, Black); - XDrawString(dpy, XtWindow(widget), gc, X, Y, words, strlen(words)); - } else if (talking == 1) { - XSetForeground(dpy, gc, Black); - XFillRectangle(dpy, XtWindow(widget), gc, s_rect.x-5, s_rect.y-5, - s_rect.width+10, s_rect.height+10); - } - talking = 0; - if (!force_erase) - timeout_id = XtAppAddTimeOut(app, 40L, - (XtTimerCallbackProc)move, - NULL); - return; - } - XSetForeground(dpy, gc, White); - talking = 1; - walk(FRONT); - strlcpy (buf, words, sizeof(buf)); - p = buf; - - /* possibly avoid a lot of work here - * if no CR or only one, then just print the line - */ - if (!(p2 = strchr(p, '\n')) || !p2[1]) { - int w; - - if (p2) - *p2 = 0; - w = XTextWidth(font, words, strlen(words)); - X = x + 32 - w/2; - Y = y - 5 - font_height(font); - /* give us a nice 5 pixel margin */ - if (X < 5) - X = 5; - else if (X + w + 15 > (int)Width + 5) - X = Width - w - 5; - if (Y < 5) - Y = y + 64 + 5 + font_height(font); - XDrawString(dpy, XtWindow(widget), gc, X, Y, words, strlen(words)); - timeout_id = XtAppAddTimeOut(app, 5000L, (XtTimerCallbackProc)talk, - NULL); - talking++; - return; - } - - /* p2 now points to the first '\n' */ - for (height = 0; p[0]; height++) { - int w; - *p2 = 0; - if ((w = XTextWidth(font, p, p2 - p)) > width) - width = w; - total += p2 - p; /* total chars; count to determine reading time */ - strlcpy(args[height], p, sizeof(args[height])); - if (height == MAXLINES - 1) { - puts("Message too long!"); - break; - } - p = p2+1; - if (!(p2 = strchr(p, '\n'))) - break; - } - height++; - - /* Figure out the height and width in pixels (height, width) extend - * the new box by 15 pixels on the sides (30 total) top and bottom. - */ - s_rect.width = width + 30; - s_rect.height = height * font_height(font) + 30; - if (x - s_rect.width - 10 < 5) - s_rect.x = 5; - else - if ((s_rect.x = x+32-(s_rect.width+15)/2) - + s_rect.width+15 > (int)Width-5) - s_rect.x = Width - 15 - s_rect.width; - if (y - s_rect.height - 10 < 5) - s_rect.y = y + 64 + 5; - else - s_rect.y = y - 5 - s_rect.height; - - XSetForeground(dpy, gc, White); - XFillRectangle(dpy, XtWindow(widget), gc, - s_rect.x-5, s_rect.y-5, s_rect.width+10, s_rect.height+10); - - /* make a box that's 5 pixels thick. Then add a thin box inside it */ - XSetForeground(dpy, gc, Black); - XSetLineAttributes(dpy, gc, 5, 0, 0, 0); - XDrawRectangle(dpy, XtWindow(widget), gc, - s_rect.x, s_rect.y, s_rect.width-1, s_rect.height-1); - XSetLineAttributes(dpy, gc, 0, 0, 0, 0); - XDrawRectangle(dpy, XtWindow(widget), gc, - s_rect.x + 7, s_rect.y + 7, s_rect.width - 15, - s_rect.height - 15); - - X = 15; - Y = 15 + font_height(font); - - /* now print each string in reverse order (start at bottom of box) */ - for (Z = 0; Z < height; Z++) { - XDrawString(dpy, XtWindow(widget), gc, s_rect.x+X, s_rect.y+Y, - args[Z], strlen(args[Z])); - Y += font_height(font); - } - timeout_id = XtAppAddTimeOut(app, (total/15) * 1000, - (XtTimerCallbackProc)talk, NULL); -} - -static unsigned long -look(void) -{ - XSetForeground(dpy, gc, White); - XSetBackground(dpy, gc, Black); - if (my_random() % 3) { - XCopyPlane(dpy, (my_random() & 1)? down : front, XtWindow(widget), gc, - 0, 0, 64,64, x, y, 1L); - return 1000L; - } - if (!(my_random() % 5)) - return 0; - if (my_random() % 3) { - XCopyPlane(dpy, (my_random() & 1)? left_front : right_front, - XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); - return 1000L; - } - if (!(my_random() % 5)) - return 0; - XCopyPlane(dpy, (my_random() & 1)? left0 : right0, XtWindow(widget), gc, - 0, 0, 64,64, x, y, 1L); - return 1000L; -} - -int -main (int argc, char **argv) -{ - int i; - Widget override; - XGCValues gcvalues; - - setprogname (argv[0]); - - /* - * Must be setuid root to read /etc/shadow, copy encrypted - * passwords here and then switch to sane uid. - */ - { - struct passwd *pw; - uid_t uid = getuid(); - if (!(pw = k_getpwuid(0))) - errx (1, "can't get root's passwd!"); - strlcpy(root_cpass, pw->pw_passwd, sizeof(root_cpass)); - - if (!(pw = k_getpwuid(uid))) - errx (1, "Can't get your password entry!"); - strlcpy(user_cpass, pw->pw_passwd, sizeof(user_cpass)); - setuid(uid); - if (uid != 0 && setuid(0) != -1) { - fprintf(stderr, "Failed to drop privileges!\n"); - exit(1); - } - /* Now we're no longer running setuid root. */ - strlcpy(login, pw->pw_name, sizeof(login)); - } - -#if defined(HAVE_SRANDOMDEV) - srandomdev(); -#elif defined(HAVE_RANDOM) - srandom(time(NULL)); -#else - srand (time(NULL)); -#endif - for (i = 0; i < STRING_LENGTH; i++) - STRING[i] = ((unsigned long)my_random() % ('~' - ' ')) + ' '; - - locked_at = time(0); - - snprintf(userprompt, sizeof(userprompt), "User: %s", login); -#ifdef KRB5 - { - krb5_error_code ret; - char *str; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_get_default_principal(context, &client); - if (ret) - krb5_err(context, 1, ret, "getting default principal failed"); - - ret = krb5_unparse_name(context, client, &str); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - snprintf(userprompt, sizeof(userprompt), "User: %s", str); - free(str); - } -#endif - - override = XtVaAppInitialize(&app, "XNlock", options, XtNumber(options), - &argc, argv, NULL, - XtNoverrideRedirect, True, - NULL); - - XtVaGetApplicationResources(override,(XtPointer)&appres, - resources,XtNumber(resources), - NULL); - /* the background is black and the little guy is white */ - Black = appres.bg; - White = appres.fg; - - if (appres.destroytickets) { -#ifdef KRB5 - /*XXX add krb4 code here */ -#endif - } - - dpy = XtDisplay(override); - - if (dpy == 0) - errx (1, "Error: Can't open display"); - - Width = DisplayWidth(dpy, DefaultScreen(dpy)) + 2; - Height = DisplayHeight(dpy, DefaultScreen(dpy)) + 2; - - for(i = 0; i < ScreenCount(dpy); i++){ - Widget shell, core; - - struct xxx{ - Pixel bg; - }res; - - XtResource Res[] = { - { XtNbackground, XtCBackground, XtRPixel, sizeof(Pixel), - XtOffsetOf(struct xxx, bg), XtRString, "black" } - }; - - if(i == DefaultScreen(dpy)) - continue; - - shell = XtVaAppCreateShell(NULL,NULL, applicationShellWidgetClass, dpy, - XtNscreen, ScreenOfDisplay(dpy, i), - XtNoverrideRedirect, True, - XtNx, -1, - XtNy, -1, - NULL); - - XtVaGetApplicationResources(shell, (XtPointer)&res, - Res, XtNumber(Res), - NULL); - - core = XtVaCreateManagedWidget("_foo", widgetClass, shell, - XtNwidth, DisplayWidth(dpy, i), - XtNheight, DisplayHeight(dpy, i), - XtNbackground, res.bg, - NULL); - XtRealizeWidget(shell); - } - - widget = XtVaCreateManagedWidget("_foo", widgetClass, override, - XtNwidth, Width, - XtNheight, Height, - XtNbackground, Black, - NULL); - - init_words(--argc, ++argv); - init_images(); - - gcvalues.foreground = Black; - gcvalues.background = White; - - - font = appres.font; - gcvalues.font = font->fid; - gcvalues.graphics_exposures = False; - gc = XCreateGC(dpy, DefaultRootWindow(dpy), - GCForeground | GCBackground | GCGraphicsExposures | GCFont, - &gcvalues); - - x = Width / 2; - y = Height / 2; - srand (time(0)); - state = IS_MOVING; - - { - static XtActionsRec actions[] = { - { "ClearWindow", ClearWindow }, - { "GetPasswd", GetPasswd }, - { "RaiseWindow", RaiseWindow }, - }; - XtAppAddActions(app, actions, XtNumber(actions)); - XtOverrideTranslations(widget, - XtParseTranslationTable( - ": ClearWindow() \n" - ": GetPasswd() \n" - ": RaiseWindow() \n" - ": GetPasswd() \n" - ": GetPasswd()")); - } - - XtRealizeWidget(override); - if((i = XGrabPointer(dpy, XtWindow(widget), True, 0, GrabModeAsync, - GrabModeAsync, XtWindow(widget), - None, CurrentTime)) != 0) - errx(1, "Failed to grab pointer (%d)", i); - - if((i = XGrabKeyboard(dpy, XtWindow(widget), True, GrabModeAsync, - GrabModeAsync, CurrentTime)) != 0) - errx(1, "Failed to grab keyboard (%d)", i); - ScreenSaver(1); - XtAppMainLoop(app); - exit(0); -} - diff --git a/configure.ac b/configure.ac index 3b8dd5f01..317bd786f 100644 --- a/configure.ac +++ b/configure.ac @@ -644,12 +644,10 @@ AC_CONFIG_FILES(Makefile \ appl/ftp/ftp/Makefile \ appl/ftp/ftpd/Makefile \ appl/gssmask/Makefile \ - appl/kx/Makefile \ appl/login/Makefile \ appl/otp/Makefile \ appl/push/Makefile \ appl/su/Makefile \ - appl/xnlock/Makefile \ appl/test/Makefile \ appl/kf/Makefile \ appl/dceutils/Makefile \