jcarr
/
x11-xserver-utils
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add 03_iceauth_manpage_commands.patch. Documents iceauth commands more fully. Also fixes fd.o bug # 2354. Closes: #509837 

Rescue patch by David Nusinow in a forgotten debian-experimental branch,
even though it needs to be refreshed.
This commit is contained in:
Cyril Brulebois 2010-11-12 19:26:44 +01:00
parent 15f7db4872
commit 19d392b8d7
4 changed files with 273 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
debian/changelog vendored
View File

@ -1,3 +1,11 @@
x11-xserver-utils (7.6~2) UNRELEASED; urgency=low
[ David Nusinow ]
* Add 03_iceauth_manpage_commands.patch. Documents iceauth commands more
fully. Also fixes fd.o bug # 2354. Closes: #509837
-- Cyril Brulebois <kibi@debian.org> Fri, 12 Nov 2010 19:28:04 +0100
x11-xserver-utils (7.6~1) experimental; urgency=low x11-xserver-utils (7.6~1) experimental; urgency=low
* New upstream release candidate: X11R7.6 RC1. * New upstream release candidate: X11R7.6 RC1.

112
debian/patches/03_iceauth_manpage_commands.patch vendored Normal file
View File

@ -0,0 +1,112 @@
From 3deeff7e94fc6400b8e5d4cfb32a5e95b22318bc Mon Sep 17 00:00:00 2001
From: David Nusinow <dnusinow@debian.org>
Date: Tue, 3 Feb 2009 21:35:30 -0500
Subject: [PATCH] Make iceauth manpage describe commands. (fd.o bug#2354)
---
iceauth.man | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 85 insertions(+), 1 deletions(-)
diff --git a/iceauth/iceauth.man b/iceauth/iceauth.man
index 6a8d32f..c967eb4 100644
--- a/iceauth/iceauth.man
+++ b/iceauth/iceauth.man
@@ -1,4 +1,4 @@
-.\" $Xorg: iceauth.man,v 1.4 2001/02/09 02:05:31 xorgcvs Exp $
+m.\" $Xorg: iceauth.man,v 1.4 2001/02/09 02:05:31 xorgcvs Exp $
.\" Copyright 1994, 1998 The Open Group
.\"
.\" Permission to use, copy, modify, distribute, and sell this software and its
@@ -39,5 +39,89 @@ used to extract authorization records from one machine and merge them in on
another (as is the case when using remote logins or granting access to
other users). Commands (described below) may be entered interactively,
on the \fIiceauth\fP command line, or in scripts.
+.SH OPTIONS
+.PP
+\fB\-f\fP \fIauthfile\fP Name of the authority file to use. Will default to
+ the file currently in use by the session.
+.PP
+\fB\-v\fP Turns on extra messages (verbose mode)
+.PP
+\fB\-q\fP Turns off extra messages (quiet mode)
+.PP
+\fB\-i\fP Ignore the locks on the authority file
+.PP
+\fB\-b\fP Break the locks on the authority file
+.PP
+\fB\-u\fP Print basic usage instructions
+.PP
+.SH USAGE
+.PP
+When \fIiceauth\fP is run it will allow the following set of commands
+to be entered interactively or in scripts.
+.PP
+\fB?\fP
+.PP
+List available commands.
+.PP
+\fBhelp\fP
+.PP
+Print help information. You may supply a command name to \fIhelp\fP to
+get specific information about it.
+.PP
+\fBinfo\fP
+.PP
+Print information about the entries in the authority file.
+.PP
+\fBlist\fP
+.PP
+List (print) entries in the authority file. You may specify optional
+modifiers as below to specify which entries are listed.
+.PP
+\fIlist\fP [ \fIprotocol_name\fP ] [ \fIprotocol_data\fP ] [
+\fInetid\fP ] [ \fIauthname\fP ]
+.PP
+\fBadd\fP
+.PP
+Add an entry to the authority file. This must be in the format
+.PP
+\fIadd\fP \fIprotocol_name\fP \fIprotocol_data\fP \fInetid\fP \fIauthname\fP \fIauthdata\fP
+.PP
+\fBremove\fP
+.PP
+Remove entries from the authority file.
+.PP
+\fIremove\fP [ \fIprotocol_name\fP ] [ \fIprotocol_data\fP ] [
+\fInetid\fP ] [ \fIauthname\fP ]
+.PP
+\fBextract\fP
+.PP
+Extract entries from the authority file in to a destination file. You
+must supply the path to the destination to this command as in the
+following format. Optional specifiers allow you to narrow which
+entries are extracted.
+.PP
+\fIextract\fP \fIfilename\fP [ \fIprotocol_name\fP ] [ \fIprotocol_data\fP ]
+[ \fInetid\fP ] [ \fIauthname\fP ]
+.PP
+\fBmerge\fP
+.PP
+Merge entries from other files in to the authority file selected by the program. You may supply any number of file paths to this command as follows:
+.PP
+\fImerge\fP \fIfilename1\fP [ \fIfilename2\fP ] [ \fIfilename3\fP ] ...
+.PP
+\fBexit\fP
+.PP
+Save changes and exit the program.
+.PP
+\fBquit\fP
+.PP
+Abort changes and exit the program without saving.
+.PP
+\fBsource\fP
+.PP
+Read and execute commands from a file.
+.PP
+\fIsource\fP \fIfilename\fP
+.PP
.SH AUTHOR
Ralph Mor, X Consortium
--
1.5.6.5

1
debian/patches/series vendored
View File

@ -1 +1,2 @@
01_sessreg_implement_hostname_hashing.diff 01_sessreg_implement_hostname_hashing.diff
03_iceauth_manpage_commands.patch

164
sessreg/sessreg.c
View File

@ -93,6 +93,18 @@ static void set_utmpx (struct utmpx *u, const char *line, const char *user,
const char *host, Time_t date, int addp); const char *host, Time_t date, int addp);
#endif #endif
#ifdef SYSV
/* used for hashing ut_id */
typedef unsigned long int ub4; /* unsigned 4-byte quantities */
typedef unsigned char ub1; /* unsigned 1-byte quantities */
#define hashsize(n) ((ub4)1<<(n))
#define hashmask(n) (hashsize(n)-1)
ub4 hash(register ub1 *k, register ub4 length, register ub4 initval);
#endif
static int wflag, uflag, lflag; static int wflag, uflag, lflag;
static char *wtmp_file, *utmp_file, *line; static char *wtmp_file, *utmp_file, *line;
#ifdef USE_UTMPX #ifdef USE_UTMPX
@ -404,21 +416,23 @@ set_utmp (struct utmp *u, char *line, char *user, char *host, Time_t date, int a
bzero (u->ut_name, sizeof (u->ut_name)); bzero (u->ut_name, sizeof (u->ut_name));
#ifdef SYSV #ifdef SYSV
if (line) { if (line) {
int i;
/* /*
* this is a bit crufty, but * The ut_id is 4 bytes long. We make a hash of the line
* follows the apparent conventions in * received, preceding it by ":" to prevent clashing with
* the ttys file. ut_id is only 4 bytes * other ut_ids.
* long, and the last 4 bytes of the line
* name are written into it, left justified.
*/ */
i = strlen (line); ub4 h;
if (i >= sizeof (u->ut_id)) u->ut_id[0]=':';
i -= sizeof (u->ut_id); h = hash(line, strlen(line),0x9e3779b9);
else h = (h & hashmask((sizeof(u->ut_id)-sizeof(char))*8));
i = 0; (void) strncpy (u->ut_id + 1,(char *) &h, sizeof (u->ut_id)-sizeof(char));
(void) strncpy (u->ut_id, line + i, sizeof (u->ut_id));
} else } else
/*
* From utmp(5):
* Clearing ut_id may result in race conditions leading to corrupted
* utmp entries and and potential security holes.
*/
/* TODO: CHECK this */
bzero (u->ut_id, sizeof (u->ut_id)); bzero (u->ut_id, sizeof (u->ut_id));
if (addp) { if (addp) {
u->ut_pid = getppid (); u->ut_pid = getppid ();
@ -662,3 +676,129 @@ findslot (char *line_name, char *host_name, int addp, int slot)
return freeslot; return freeslot;
} }
#endif #endif
#ifdef SYSV
/*
--------------------------------------------------------------------
mix -- mix 3 32-bit values reversibly.
For every delta with one or two bits set, and the deltas of all three
high bits or all three low bits, whether the original value of a,b,c
is almost all zero or is uniformly distributed,
* If mix() is run forward or backward, at least 32 bits in a,b,c
have at least 1/4 probability of changing.
* If mix() is run forward, every bit of c will change between 1/3 and
2/3 of the time. (Well, 22/100 and 78/100 for some 2-bit deltas.)
mix() was built out of 36 single-cycle latency instructions in a
structure that could supported 2x parallelism, like so:
a -= b;
a -= c; x = (c>>13);
b -= c; a ^= x;
b -= a; x = (a<<8);
c -= a; b ^= x;
c -= b; x = (b>>13);
...
Unfortunately, superscalar Pentiums and Sparcs can't take advantage
of that parallelism. They've also turned some of those single-cycle
latency instructions into multi-cycle latency instructions. Still,
this is the fastest good hash I could find. There were about 2^^68
to choose from. I only looked at a billion or so.
--------------------------------------------------------------------
*/
#define mix(a,b,c) \
{ \
a -= b; a -= c; a ^= (c>>13); \
b -= c; b -= a; b ^= (a<<8); \
c -= a; c -= b; c ^= (b>>13); \
a -= b; a -= c; a ^= (c>>12); \
b -= c; b -= a; b ^= (a<<16); \
c -= a; c -= b; c ^= (b>>5); \
a -= b; a -= c; a ^= (c>>3); \
b -= c; b -= a; b ^= (a<<10); \
c -= a; c -= b; c ^= (b>>15); \
}
/*
--------------------------------------------------------------------
hash() -- hash a variable-length key into a 32-bit value
k : the key (the unaligned variable-length array of bytes)
len : the length of the key, counting by bytes
initval : can be any 4-byte value
Returns a 32-bit value. Every bit of the key affects every bit of
the return value. Every 1-bit and 2-bit delta achieves avalanche.
About 6*len+35 instructions.
The best hash table sizes are powers of 2. There is no need to do
mod a prime (mod is sooo slow!). If you need less than 32 bits,
use a bitmask. For example, if you need only 10 bits, do
h = (h & hashmask(10));
In which case, the hash table should have hashsize(10) elements.
If you are hashing n strings (ub1 **)k, do it like this:
for (i=0, h=0; i<n; ++i) h = hash( k[i], len[i], h);
By Bob Jenkins, 1996. bob_jenkins@burtleburtle.net. You may use this
code any way you wish, private, educational, or commercial. It's free.
[On 27 May 2004, Bob Jenkins further clarified the above statement.
From: Bob Jenkins <bob_jenkins@burtleburtle.net>
Date: Thu, 27 May 2004 22:33:06 -0700
To: Margarita Manterola <marga@marga.com.ar>
Subject: Re: Hash function
The algorithm is public domain. I ask that I be referenced as the
source of the algorithm, but I can't enforce that, since being public
domain means I've reserved no rights at all.
-- Branden Robinson, 2004-06-06]
See http://burtleburtle.net/bob/hash/evahash.html
Use for hash table lookup, or anything where one collision in 2^^32 is
acceptable. Do NOT use for cryptographic purposes.
--------------------------------------------------------------------
*/
ub4
hash(register ub1 *k, register ub4 length, register ub4 initval)
{
register ub4 a,b,c,len;
/* Set up the internal state */
len = length;
a = b = 0x9e3779b9; /* the golden ratio; an arbitrary value */
c = initval; /* the previous hash value */
/*---------------------------------------- handle most of the key */
while (len >= 12)
{
a += (k[0] +((ub4)k[1]<<8) +((ub4)k[2]<<16) +((ub4)k[3]<<24));
b += (k[4] +((ub4)k[5]<<8) +((ub4)k[6]<<16) +((ub4)k[7]<<24));
c += (k[8] +((ub4)k[9]<<8) +((ub4)k[10]<<16)+((ub4)k[11]<<24));
mix(a,b,c);
k += 12; len -= 12;
}
/*------------------------------------- handle the last 11 bytes */
c += length;
switch(len) /* all the case statements fall through */
{
case 11: c+=((ub4)k[10]<<24);
case 10: c+=((ub4)k[9]<<16);
case 9 : c+=((ub4)k[8]<<8);
/* the first byte of c is reserved for the length */
case 8 : b+=((ub4)k[7]<<24);
case 7 : b+=((ub4)k[6]<<16);
case 6 : b+=((ub4)k[5]<<8);
case 5 : b+=k[4];
case 4 : a+=((ub4)k[3]<<24);
case 3 : a+=((ub4)k[2]<<16);
case 2 : a+=((ub4)k[1]<<8);
case 1 : a+=k[0];
/* case 0: nothing left to add */
}
mix(a,b,c);
/*-------------------------------------------- report the result */
return c;
}
#endif