18027
|
1 |
/*
|
18039
|
2 |
* Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
|
18027
|
3 |
*
|
|
4 |
* Permission is hereby granted, free of charge, to any person obtaining a
|
18039
|
5 |
* copy of this software and associated documentation files (the "Software"),
|
|
6 |
* to deal in the Software without restriction, including without limitation
|
|
7 |
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
|
8 |
* and/or sell copies of the Software, and to permit persons to whom the
|
|
9 |
* Software is furnished to do so, subject to the following conditions:
|
18027
|
10 |
*
|
18039
|
11 |
* The above copyright notice and this permission notice (including the next
|
|
12 |
* paragraph) shall be included in all copies or substantial portions of the
|
|
13 |
* Software.
|
18027
|
14 |
*
|
18039
|
15 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
18 |
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
20 |
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
|
21 |
* DEALINGS IN THE SOFTWARE.
|
18027
|
22 |
*/
|
|
23 |
|
|
24 |
Support needed for Solaris Trusted Extensions / Trusted GNOME.
|
|
25 |
|
18039
|
26 |
diff --git xscreensaver-5.11/driver/Makefile.in xscreensaver-5.11/driver/Makefile.in
|
|
27 |
--- xscreensaver-5.11/driver/Makefile.in
|
|
28 |
+++ xscreensaver-5.11/driver/Makefile.in
|
|
29 |
@@ -105,6 +105,10 @@ GTK_OBJS = demo-Gtk.o demo-Gtk-conf.o @GTK_EXTRA_OBJS@
|
18027
|
30 |
GTK_LOCK_SRCS = lock-Gtk.c remote.c
|
|
31 |
GTK_LOCK_OBJS = lock-Gtk.o remote.o
|
|
32 |
|
|
33 |
+TRUSTED_LIBS = -lglib-2.0 -lsecdb
|
|
34 |
+TRUSTED_SRCS = trusted-utils.c
|
|
35 |
+TRUSTED_OBJS = trusted-utils.o
|
|
36 |
+
|
|
37 |
PWENT_SRCS = passwd-pwent.c
|
|
38 |
PWENT_OBJS = passwd-pwent.o
|
|
39 |
|
18061
|
40 |
@@ -794,9 +798,9 @@ XScreenSaver_Xm_ad.h: XScreenSaver-Xm.ad
|
18027
|
41 |
|
|
42 |
# The executables linked in this directory.
|
|
43 |
#
|
|
44 |
-xscreensaver: $(SAVER_OBJS)
|
18061
|
45 |
- $(CC) $(LDFLAGS) -o $@ $(SAVER_OBJS) $(SAVER_LIBS) \
|
|
46 |
- -lgconf-2 -lgobject-2.0
|
18027
|
47 |
+xscreensaver: $(SAVER_OBJS) $(TRUSTED_OBJS)
|
|
48 |
+ $(CC) $(LDFLAGS) -o $@ $(SAVER_OBJS) $(TRUSTED_OBJS) \
|
18061
|
49 |
+ $(TRUSTED_LIBS) $(SAVER_LIBS) -lgconf-2 -lgobject-2.0
|
18027
|
50 |
|
|
51 |
xscreensaver-command: $(CMD_OBJS)
|
|
52 |
$(CC) $(LDFLAGS) -o $@ $(CMD_OBJS) $(CMD_LIBS)
|
18061
|
53 |
@@ -815,8 +819,9 @@ xscreensaver-demo: @PREFERRED_DEMO_PROGRAM@
|
18027
|
54 |
xscreensaver-lock: @PREFERRED_LOCK_PROGRAM@
|
|
55 |
$(INSTALL_PROGRAM) @PREFERRED_LOCK_PROGRAM@ $@
|
|
56 |
|
|
57 |
-xscreensaver-lock-Gtk: $(GTK_LOCK_OBJS)
|
|
58 |
+xscreensaver-lock-Gtk: $(GTK_LOCK_OBJS) $(TRUSTED_OBJS)
|
|
59 |
$(CC) $(LDFLAGS) -o $@ $(GTK_LOCK_OBJS) $(LIBS) $(X_LIBS) \
|
|
60 |
+ $(TRUSTED_OBJS) $(TRUSTED_LIBS) \
|
|
61 |
$(GTK_LIBS) $(XML_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
|
|
62 |
$(XDPMS_LIBS) -lXext \
|
|
63 |
$(X_EXTRA_LIBS)
|
18061
|
64 |
@@ -826,9 +831,9 @@ xscreensaver-demo-Xm: $(DEMO_OBJS) $(MOTIF_OBJS)
|
18027
|
65 |
$(MOTIF_LIBS) $(INTL_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
|
|
66 |
$(XDPMS_LIBS) $(XINERAMA_LIBS) -lXext $(X_EXTRA_LIBS)
|
|
67 |
|
|
68 |
-xscreensaver-demo-Gtk: $(DEMO_OBJS) $(GTK_OBJS)
|
|
69 |
- $(CC) $(LDFLAGS) -o $@ $(DEMO_OBJS) $(GTK_OBJS) $(LIBS) $(X_LIBS) \
|
|
70 |
- $(GTK_LIBS) $(XPM_LIBS) $(XML_LIBS) $(INTL_LIBS) $(X_PRE_LIBS) \
|
|
71 |
+xscreensaver-demo-Gtk: $(DEMO_OBJS) $(GTK_OBJS) $(TRUSTED_OBJS)
|
|
72 |
+ $(CC) $(LDFLAGS) -o $@ $(DEMO_OBJS) $(GTK_OBJS) $(TRUSTED_OBJS) $(LIBS) $(X_LIBS) \
|
|
73 |
+ $(GTK_LIBS) $(XPM_LIBS) $(XML_LIBS) $(INTL_LIBS) $(TRUSTED_LIBS) $(X_PRE_LIBS) \
|
|
74 |
-lXt -lX11 $(XDPMS_LIBS) $(XINERAMA_LIBS) -lXext $(X_EXTRA_LIBS)
|
|
75 |
|
|
76 |
demo-Gtk.o: XScreenSaver_ad.h
|
18061
|
77 |
@@ -837,7 +842,7 @@ xscreensaver.o: XScreenSaver_ad.h
|
18027
|
78 |
xscreensaver-getimage.o: XScreenSaver_ad.h
|
|
79 |
|
|
80 |
xscreensaver-getimage: $(GETIMG_OBJS)
|
|
81 |
- $(CC) $(LDFLAGS) -o $@ $(GETIMG_OBJS) $(GETIMG_LIBS) -lm
|
|
82 |
+ $(CC) $(LDFLAGS) -o $@ $(GETIMG_OBJS) $(TRUSTED_OBJS) $(GETIMG_LIBS) $(TRUSTED_LIBS) -lm
|
|
83 |
|
|
84 |
pdf2jpeg: $(PDF2JPEG_OBJS)
|
|
85 |
$(OBJCC) $(LDFLAGS) -o $@ $(PDF2JPEG_OBJS) $(PDF2JPEG_LIBS) -lm
|
18039
|
86 |
diff --git xscreensaver-5.11/driver/demo-Gtk.c xscreensaver-5.11/driver/demo-Gtk.c
|
|
87 |
--- xscreensaver-5.11/driver/demo-Gtk.c
|
|
88 |
+++ xscreensaver-5.11/driver/demo-Gtk.c
|
18027
|
89 |
@@ -136,6 +136,14 @@
|
|
90 |
#include <string.h>
|
|
91 |
#include <ctype.h>
|
|
92 |
|
|
93 |
+#include <user_attr.h>
|
|
94 |
+
|
18044
|
95 |
+#include "trusted-utils.h"
|
18027
|
96 |
+void XTSOLgetWorkstationOwner(Display *, uid_t *);
|
|
97 |
+static gboolean tsol_hack_initialized = False;
|
|
98 |
+static gboolean tsol_multi_label_session = False;
|
18044
|
99 |
+extern Display *global_dpy;
|
18027
|
100 |
+
|
|
101 |
#ifdef HAVE_GTK2
|
|
102 |
enum {
|
|
103 |
COL_ENABLED,
|
18064
|
104 |
@@ -2874,9 +2882,73 @@ populate_prefs_page (state *s)
|
18087
|
105 |
SENSITIZE ("pwd_spinbutton", p->unlock_timeout_p);
|
|
106 |
SENSITIZE ("pwd_mlabel", p->unlock_timeout_p);
|
18027
|
107 |
|
|
108 |
+ tsol_multi_label_session = tsol_is_multi_label_session ();
|
|
109 |
+ if (! tsol_hack_initialized && tsol_multi_label_session)
|
|
110 |
+ {
|
|
111 |
+ GtkWidget *doc_menu = name_to_widget (s, "doc_menu");
|
|
112 |
+ GtkWidget *restart_menu = name_to_widget (s, "restart");
|
|
113 |
+ GtkWidget *kill_menu = name_to_widget (s, "kill_menu");
|
|
114 |
+ GtkWidget *lock_spinbutton = name_to_widget (s, "lock_spinbutton");
|
|
115 |
+ GtkWidget *lock_container = name_to_widget (s, "blanking_table");
|
|
116 |
+ GtkWidget *lock_button_eventbox = name_to_widget (s, "lock_button_eventbox");
|
|
117 |
+ Widget *newlabel = g_object_new (GTK_TYPE_LABEL, "label",
|
|
118 |
+ _("_Lock Screen After"),
|
|
119 |
+ "use-underline", TRUE,
|
|
120 |
+ "mnemonic-widget", lock_spinbutton,
|
|
121 |
+ NULL);
|
|
122 |
+ GValue *gv = g_new0 (GValue, 1);
|
|
123 |
+ GtkAdjustment *adj;
|
|
124 |
+ userattr_t *uent;
|
|
125 |
+ int idletime;
|
|
126 |
+ char *value = NULL;
|
|
127 |
+ uid_t WorkstationOwner;
|
|
128 |
+ Display *dpy = GDK_DISPLAY ();
|
|
129 |
+
|
|
130 |
+ gtk_widget_hide (doc_menu);
|
|
131 |
+ gtk_widget_set_sensitive (restart_menu, FALSE);
|
|
132 |
+ gtk_widget_set_sensitive (kill_menu, FALSE);
|
|
133 |
+
|
18061
|
134 |
+ adj = gtk_spin_button_get_adjustment ((GtkSpinButton *) lock_spinbutton);
|
18027
|
135 |
+
|
|
136 |
+ XTSOLgetWorkstationOwner (dpy, &WorkstationOwner);
|
|
137 |
+ uent = getuseruid (WorkstationOwner);
|
|
138 |
+ value = getusrattrval (uent, USERATTR_IDLETIME_KW);
|
|
139 |
+ if (value != NULL && *value != '\0')
|
|
140 |
+ idletime = atoi (value);
|
|
141 |
+ adj->upper = (gdouble)idletime;
|
|
142 |
+ if (adj->value > adj->upper)
|
|
143 |
+ adj->value = adj->upper;
|
|
144 |
+
|
|
145 |
+ gtk_spin_button_set_adjustment ((GtkSpinButton *)lock_spinbutton, adj);
|
|
146 |
+
|
|
147 |
+ gtk_container_add (GTK_CONTAINER (lock_container), GTK_WIDGET (newlabel));
|
|
148 |
+ g_value_init (gv, G_TYPE_INT);
|
|
149 |
+ g_value_set_int (gv, 2);
|
18061
|
150 |
+ gtk_container_child_set_property (GTK_CONTAINER (lock_container),
|
|
151 |
+ GTK_WIDGET (newlabel),
|
|
152 |
+ "top_attach", gv);
|
18027
|
153 |
+ g_value_set_int (gv, 1);
|
18061
|
154 |
+ gtk_container_child_set_property (GTK_CONTAINER (lock_container),
|
|
155 |
+ GTK_WIDGET (newlabel),
|
|
156 |
+ "left_attach", gv);
|
18027
|
157 |
+ gtk_widget_show (GTK_WIDGET (newlabel));
|
|
158 |
+ gtk_widget_hide (GTK_WIDGET (lock_button_eventbox));
|
|
159 |
+ g_object_set (lock_button_eventbox, "active", TRUE, NULL);
|
|
160 |
+
|
|
161 |
+ SENSITIZE ("lock_button", 1);
|
18039
|
162 |
+ }
|
18027
|
163 |
+
|
|
164 |
+ if (tsol_multi_label_session)
|
|
165 |
+ {
|
|
166 |
+ SENSITIZE ("lock_spinbutton", 1);
|
|
167 |
+ SENSITIZE ("lock_mlabel", 1);
|
|
168 |
+ }
|
|
169 |
+ else
|
|
170 |
+ {
|
|
171 |
SENSITIZE ("lock_button", can_lock_p);
|
|
172 |
SENSITIZE ("lock_spinbutton", can_lock_p && p->lock_p);
|
|
173 |
SENSITIZE ("lock_mlabel", can_lock_p && p->lock_p);
|
|
174 |
+ }
|
18039
|
175 |
|
18027
|
176 |
/* DPMS
|
|
177 |
*/
|
18064
|
178 |
@@ -2906,6 +2978,7 @@ populate_prefs_page (state *s)
|
18027
|
179 |
|
|
180 |
# undef SENSITIZE
|
|
181 |
}
|
|
182 |
+ tsol_hack_initialized = True;
|
|
183 |
}
|
|
184 |
|
|
185 |
|
18064
|
186 |
@@ -2991,6 +3064,9 @@ sensitize_menu_items (state *s, Bool force_p)
|
18027
|
187 |
|
|
188 |
for (i = 0; i < countof(names); i++)
|
|
189 |
{
|
|
190 |
+ if (tsol_is_multi_label_session() && 2==i)
|
18039
|
191 |
+ continue;
|
18027
|
192 |
+
|
|
193 |
GtkWidget *w = name_to_widget (s, names[i]);
|
|
194 |
gtk_widget_set_sensitive (GTK_WIDGET(w), running_p);
|
|
195 |
}
|
18064
|
196 |
@@ -4957,7 +5033,7 @@ main (int argc, char **argv)
|
18027
|
197 |
applicationShellWidgetClass,
|
|
198 |
dpy, 0, 0);
|
|
199 |
|
|
200 |
- dpy = XtDisplay (toplevel_shell);
|
|
201 |
+ global_dpy = dpy = XtDisplay (toplevel_shell);
|
|
202 |
db = XtDatabase (dpy);
|
|
203 |
XtGetApplicationNameAndClass (dpy, &progname, &progclass);
|
|
204 |
XSetErrorHandler (demo_ehandler);
|
18039
|
205 |
diff --git xscreensaver-5.11/driver/lock-Gtk.c xscreensaver-5.11/driver/lock-Gtk.c
|
|
206 |
--- xscreensaver-5.11/driver/lock-Gtk.c
|
|
207 |
+++ xscreensaver-5.11/driver/lock-Gtk.c
|
|
208 |
@@ -71,6 +71,7 @@
|
18027
|
209 |
#include <atk/atkobject.h>
|
|
210 |
|
|
211 |
#include "remote.h"
|
|
212 |
+#include "trusted-utils.h"
|
|
213 |
|
18124
|
214 |
#if GTK_CHECK_VERSION(2,14,0)
|
|
215 |
# define GET_WINDOW(w) gtk_widget_get_window (w)
|
|
216 |
@@ -154,7 +155,10 @@ load_unlock_logo_image (void)
|
18027
|
217 |
const char *logofile;
|
|
218 |
struct stat statbuf;
|
|
219 |
|
|
220 |
- logofile = DEFAULT_ICONDIR "/unlock-logo.png";
|
|
221 |
+ if (tsol_is_multi_label_session())
|
|
222 |
+ logofile = DEFAULT_ICONDIR "/trusted-logo.png";
|
|
223 |
+ else
|
|
224 |
+ logofile = DEFAULT_ICONDIR "/unlock-logo.png";
|
|
225 |
|
18045
|
226 |
if (stat (logofile, &statbuf) != 0)
|
|
227 |
{
|
18039
|
228 |
diff --git xscreensaver-5.11/driver/prefs.c xscreensaver-5.11/driver/prefs.c
|
|
229 |
--- xscreensaver-5.11/driver/prefs.c
|
|
230 |
+++ xscreensaver-5.11/driver/prefs.c
|
18044
|
231 |
@@ -37,6 +37,8 @@
|
18027
|
232 |
# include "vms-pwd.h"
|
|
233 |
#endif /* VMS */
|
|
234 |
|
18044
|
235 |
+#include "trusted-utils.h"
|
18027
|
236 |
+#include <user_attr.h>
|
|
237 |
|
|
238 |
/* This file doesn't need the Xt headers, so stub these types out... */
|
|
239 |
#undef XtPointer
|
18044
|
240 |
@@ -67,6 +69,9 @@
|
18027
|
241 |
#include "prefs.h"
|
|
242 |
#include "resources.h"
|
18044
|
243 |
|
18027
|
244 |
+#include "trusted-utils.h"
|
18044
|
245 |
+Display *global_dpy;
|
|
246 |
+
|
18027
|
247 |
/* don't use realpath() on fedora system */
|
|
248 |
#ifdef _FORTIFY_SOURCE
|
18044
|
249 |
#undef HAVE_REALPATH
|
18124
|
250 |
@@ -1046,7 +1051,10 @@ load_init_file (Display *dpy, saver_preferences *p)
|
18027
|
251 |
p->xsync_p = get_boolean_resource (dpy, "synchronous", "Synchronous");
|
|
252 |
p->verbose_p = get_boolean_resource (dpy, "verbose", "Boolean");
|
|
253 |
p->timestamp_p = get_boolean_resource (dpy, "timestamp", "Boolean");
|
|
254 |
- p->lock_p = get_boolean_resource (dpy, "lock", "Boolean");
|
|
255 |
+ if (tsol_is_multi_label_session())
|
|
256 |
+ p->lock_p = True; /* always lock in a Multi Label Session */
|
|
257 |
+ else
|
|
258 |
+ p->lock_p = get_boolean_resource (dpy, "lock", "Boolean");
|
|
259 |
p->fade_p = get_boolean_resource (dpy, "fade", "Boolean");
|
|
260 |
p->unfade_p = get_boolean_resource (dpy, "unfade", "Boolean");
|
|
261 |
p->fade_seconds = 1000 * get_seconds_resource (dpy, "fadeSeconds", "Time");
|
18124
|
262 |
@@ -1070,6 +1078,27 @@ load_init_file (Display *dpy, saver_preferences *p)
|
18027
|
263 |
p->lock_timeout = 1000 * get_minutes_resource (dpy, "lockTimeout", "Time");
|
|
264 |
p->cycle = 1000 * get_minutes_resource (dpy, "cycle", "Time");
|
|
265 |
p->passwd_timeout = 1000 * get_seconds_resource (dpy, "passwdTimeout", "Time");
|
|
266 |
+ if (tsol_is_multi_label_session())
|
|
267 |
+ {
|
|
268 |
+ userattr_t *uent;
|
|
269 |
+ int idletime;
|
|
270 |
+ char *value = NULL;
|
|
271 |
+ uid_t WorkstationOwner;
|
|
272 |
+
|
|
273 |
+ XTSOLgetWorkstationOwner (global_dpy, &WorkstationOwner);
|
|
274 |
+ uent = getuseruid (WorkstationOwner);
|
|
275 |
+ value = getusrattrval (uent, USERATTR_IDLETIME_KW);
|
|
276 |
+ if (value != NULL && *value != '\0')
|
|
277 |
+ idletime = atoi(value) * 1000;
|
|
278 |
+ if (p->passwd_timeout > idletime)
|
|
279 |
+ p->passwd_timeout = idletime;
|
|
280 |
+
|
|
281 |
+ value = getusrattrval (uent, USERATTR_IDLECMD_KW);
|
|
282 |
+ if (value && strcmp(value, USERATTR_IDLECMD_LOGOUT_KW) == 0)
|
|
283 |
+ p->lock_cmd = LOGOUT_CMD;
|
|
284 |
+ else
|
|
285 |
+ p->lock_cmd = LOCK_CMD;
|
|
286 |
+ }
|
18061
|
287 |
/* bugid 5077981 */
|
18087
|
288 |
p->unlock_timeout_p = get_boolean_resource (dpy, "passwdTimeoutEnabled", "Boolean");
|
18027
|
289 |
p->pointer_timeout = 1000 * get_seconds_resource (dpy, "pointerPollTime", "Time");
|
18039
|
290 |
diff --git xscreensaver-5.11/driver/subprocs.c xscreensaver-5.11/driver/subprocs.c
|
|
291 |
--- xscreensaver-5.11/driver/subprocs.c
|
|
292 |
+++ xscreensaver-5.11/driver/subprocs.c
|
|
293 |
@@ -70,6 +70,7 @@ extern int kill (pid_t, int); /* signal() is in sys/signal.h... */
|
18027
|
294 |
#include "exec.h"
|
|
295 |
#include "yarandom.h"
|
|
296 |
#include "visual.h" /* for id_to_visual() */
|
|
297 |
+#include "trusted-utils.h"
|
|
298 |
|
|
299 |
extern saver_info *global_si_kludge; /* I hate C so much... */
|
|
300 |
|
18124
|
301 |
@@ -1084,6 +1085,13 @@ spawn_screenhack (saver_screen_info *ssi)
|
18027
|
302 |
strlen (HACK_PATH));
|
|
303 |
sprintf(complete_hack_command, HACK_PATH"/%s", hack->command);
|
|
304 |
|
|
305 |
+ if (tsol_is_multi_label_session())
|
|
306 |
+ if (p->lock_cmd == LOGOUT_CMD)
|
|
307 |
+ {
|
|
308 |
+ free (complete_hack_command);
|
|
309 |
+ exec_command (p->shell, "/usr/bin/pkill gnome-session", 0);
|
|
310 |
+ exit(1);
|
|
311 |
+ }
|
|
312 |
|
|
313 |
forked = fork_and_exec (ssi, complete_hack_command);
|
|
314 |
free (complete_hack_command);
|
18039
|
315 |
diff --git xscreensaver-5.11/driver/trusted-utils.c xscreensaver-5.11/driver/trusted-utils.c
|
|
316 |
new file mode 100644
|
|
317 |
--- /dev/null
|
|
318 |
+++ xscreensaver-5.11/driver/trusted-utils.c
|
|
319 |
@@ -0,0 +1,171 @@
|
18027
|
320 |
+/*
|
|
321 |
+ * Trusted xscreensaver
|
|
322 |
+ *
|
18039
|
323 |
+ * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
|
18027
|
324 |
+ *
|
|
325 |
+ * Permission is hereby granted, free of charge, to any person obtaining a
|
18039
|
326 |
+ * copy of this software and associated documentation files (the "Software"),
|
|
327 |
+ * to deal in the Software without restriction, including without limitation
|
|
328 |
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
|
329 |
+ * and/or sell copies of the Software, and to permit persons to whom the
|
|
330 |
+ * Software is furnished to do so, subject to the following conditions:
|
18027
|
331 |
+ *
|
18039
|
332 |
+ * The above copyright notice and this permission notice (including the next
|
|
333 |
+ * paragraph) shall be included in all copies or substantial portions of the
|
|
334 |
+ * Software.
|
18027
|
335 |
+ *
|
18039
|
336 |
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
337 |
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
338 |
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
339 |
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
340 |
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
341 |
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
|
342 |
+ * DEALINGS IN THE SOFTWARE.
|
18027
|
343 |
+ *
|
|
344 |
+ *
|
|
345 |
+ * Based on work by Erwann Chenede, Ghee Teo
|
|
346 |
+ *
|
|
347 |
+ * Used to check if we are in a multilabel session and to load
|
|
348 |
+ * additional functionality within the multilabel session.
|
|
349 |
+ */
|
|
350 |
+#include <dlfcn.h>
|
|
351 |
+#include <link.h>
|
|
352 |
+#include <stdlib.h>
|
|
353 |
+#include <user_attr.h>
|
|
354 |
+#include <sys/types.h>
|
|
355 |
+#include <unistd.h>
|
|
356 |
+#include <strings.h>
|
|
357 |
+#include <stdio.h>
|
|
358 |
+#include "trusted-utils.h"
|
|
359 |
+
|
|
360 |
+/*
|
|
361 |
+ * Checks for Multi label session
|
|
362 |
+ */
|
|
363 |
+gboolean
|
|
364 |
+tsol_is_multi_label_session (void)
|
|
365 |
+{
|
18039
|
366 |
+ static char *session = NULL;
|
18027
|
367 |
+
|
18039
|
368 |
+ if (!session)
|
|
369 |
+ session = (char *)getenv("TRUSTED_SESSION");
|
18027
|
370 |
+
|
18039
|
371 |
+ if (!session)
|
|
372 |
+ return FALSE;
|
18027
|
373 |
+
|
18039
|
374 |
+ return TRUE;
|
18027
|
375 |
+}
|
|
376 |
+
|
|
377 |
+/*
|
|
378 |
+ * dynamicly load the libxtsol library
|
|
379 |
+ */
|
|
380 |
+static
|
|
381 |
+void * dlopen_xtsol (void)
|
|
382 |
+{
|
18039
|
383 |
+ void *handle = NULL;
|
18027
|
384 |
+
|
18039
|
385 |
+ if ((handle = dlopen ("/usr/lib/libXtsol.so.1", RTLD_LAZY)) != NULL)
|
|
386 |
+ return handle;
|
|
387 |
+ if ((handle = dlopen ("/usr/openwin/lib/libXtsol.so.1", RTLD_LAZY)) != NULL)
|
|
388 |
+ return handle;
|
18027
|
389 |
+
|
18039
|
390 |
+ return handle;
|
18027
|
391 |
+}
|
|
392 |
+
|
|
393 |
+/*
|
|
394 |
+ * dynamicly load the libDtTsol library
|
|
395 |
+ */
|
|
396 |
+static
|
|
397 |
+void * dlopen_gnometsol (void)
|
|
398 |
+{
|
18039
|
399 |
+ void *handle = NULL;
|
18027
|
400 |
+
|
18039
|
401 |
+ if ((handle = dlopen ("/usr/lib/libgnometsol.so.1", RTLD_LAZY)) != NULL)
|
|
402 |
+ return handle;
|
18027
|
403 |
+
|
18039
|
404 |
+ return handle;
|
18027
|
405 |
+}
|
|
406 |
+
|
|
407 |
+xtsol_XTSOLgetWorkstationOwner libxtsol_XTSOLgetWorkstationOwner = NULL;
|
|
408 |
+
|
|
409 |
+void
|
|
410 |
+XTSOLgetWorkstationOwner(Display *dpy, uid_t *WorkstationOwner)
|
|
411 |
+{
|
|
412 |
+ static gpointer xtsol_handle = NULL;
|
|
413 |
+ static gboolean _xtsol_initialized = FALSE;
|
|
414 |
+
|
18039
|
415 |
+ if ( ! _xtsol_initialized )
|
|
416 |
+ {
|
|
417 |
+ _xtsol_initialized = TRUE;
|
|
418 |
+ xtsol_handle = dlopen_xtsol ();
|
|
419 |
+ if (xtsol_handle != NULL)
|
|
420 |
+ libxtsol_XTSOLgetWorkstationOwner
|
|
421 |
+ = (xtsol_XTSOLgetWorkstationOwner) dlsym(xtsol_handle,
|
|
422 |
+ "XTSOLgetWorkstationOwner");
|
|
423 |
+ }
|
18027
|
424 |
+
|
18039
|
425 |
+ if (libxtsol_XTSOLgetWorkstationOwner == NULL)
|
18027
|
426 |
+ *WorkstationOwner = getuid();
|
18039
|
427 |
+ else
|
18027
|
428 |
+ libxtsol_XTSOLgetWorkstationOwner(dpy, WorkstationOwner);
|
|
429 |
+}
|
|
430 |
+
|
|
431 |
+xtsol_XTSOLMakeTPWindow libxtsol_XTSOLMakeTPWindow = NULL;
|
|
432 |
+
|
|
433 |
+void
|
|
434 |
+XTSOLMakeTPWindow(Display *dpy, Window w)
|
|
435 |
+{
|
|
436 |
+ static gpointer xtsol_handle = NULL;
|
|
437 |
+ static gboolean _xtsol_initialized = FALSE;
|
|
438 |
+
|
18039
|
439 |
+ if ( ! _xtsol_initialized )
|
|
440 |
+ {
|
|
441 |
+ _xtsol_initialized = TRUE;
|
|
442 |
+ xtsol_handle = dlopen_xtsol ();
|
|
443 |
+ if (xtsol_handle != NULL)
|
|
444 |
+ libxtsol_XTSOLMakeTPWindow
|
|
445 |
+ = (xtsol_XTSOLMakeTPWindow) dlsym(xtsol_handle,
|
|
446 |
+ "XTSOLMakeTPWindow");
|
|
447 |
+ }
|
18027
|
448 |
+
|
18039
|
449 |
+ if (libxtsol_XTSOLMakeTPWindow)
|
|
450 |
+ {
|
|
451 |
+ libxtsol_XTSOLMakeTPWindow(dpy, w);
|
|
452 |
+ }
|
18027
|
453 |
+}
|
|
454 |
+
|
|
455 |
+gnome_tsol_get_usrattr_val libgnome_tsol_get_usrattr_val = NULL;
|
|
456 |
+
|
|
457 |
+/*
|
|
458 |
+ * Returns a value from uattr for the given key.
|
|
459 |
+ * If there is no value in user_attr, then it returns the
|
|
460 |
+ * system wide default from policy.conf or labelencodings
|
|
461 |
+ * as appropriate.
|
|
462 |
+ */
|
|
463 |
+char *
|
|
464 |
+getusrattrval(userattr_t *uattr, char *keywd)
|
|
465 |
+{
|
|
466 |
+ static gpointer gnometsol_handle = NULL;
|
|
467 |
+ static gboolean _gnometsol_initialized = FALSE;
|
|
468 |
+ char *value;
|
|
469 |
+
|
18039
|
470 |
+ if ( ! _gnometsol_initialized )
|
|
471 |
+ {
|
|
472 |
+ _gnometsol_initialized = TRUE;
|
|
473 |
+ gnometsol_handle = dlopen_gnometsol ();
|
|
474 |
+ if (gnometsol_handle != NULL)
|
|
475 |
+ libgnome_tsol_get_usrattr_val
|
|
476 |
+ = (gnome_tsol_get_usrattr_val) dlsym(gnometsol_handle,
|
|
477 |
+ "gnome_tsol_get_usrattr_val");
|
|
478 |
+ }
|
18027
|
479 |
+
|
18039
|
480 |
+ if (libgnome_tsol_get_usrattr_val == NULL)
|
|
481 |
+ {
|
|
482 |
+ if (strcmp(keywd, USERATTR_IDLETIME_KW) == 0)
|
|
483 |
+ value = strdup("15");
|
|
484 |
+ else if (strcmp(keywd, USERATTR_IDLECMD_KW) == 0)
|
|
485 |
+ value = strdup(USERATTR_IDLECMD_LOCK_KW);
|
|
486 |
+ } else
|
|
487 |
+ value = libgnome_tsol_get_usrattr_val(uattr, keywd);
|
18027
|
488 |
+
|
|
489 |
+ return ( value );
|
|
490 |
+}
|
18039
|
491 |
diff --git xscreensaver-5.11/driver/trusted-utils.h xscreensaver-5.11/driver/trusted-utils.h
|
|
492 |
new file mode 100644
|
|
493 |
--- /dev/null
|
|
494 |
+++ xscreensaver-5.11/driver/trusted-utils.h
|
|
495 |
@@ -0,0 +1,54 @@
|
18027
|
496 |
+/*
|
|
497 |
+ * Trusted xscreensaver
|
|
498 |
+ *
|
18039
|
499 |
+ * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
|
18027
|
500 |
+ *
|
|
501 |
+ * Permission is hereby granted, free of charge, to any person obtaining a
|
18039
|
502 |
+ * copy of this software and associated documentation files (the "Software"),
|
|
503 |
+ * to deal in the Software without restriction, including without limitation
|
|
504 |
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
|
505 |
+ * and/or sell copies of the Software, and to permit persons to whom the
|
|
506 |
+ * Software is furnished to do so, subject to the following conditions:
|
18027
|
507 |
+ *
|
18039
|
508 |
+ * The above copyright notice and this permission notice (including the next
|
|
509 |
+ * paragraph) shall be included in all copies or substantial portions of the
|
|
510 |
+ * Software.
|
18027
|
511 |
+ *
|
18039
|
512 |
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
513 |
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
514 |
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
515 |
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
516 |
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
517 |
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
|
518 |
+ * DEALINGS IN THE SOFTWARE.
|
18027
|
519 |
+ *
|
|
520 |
+ * Based on work by Erwann Chenede, Ghee Teo
|
|
521 |
+ *
|
|
522 |
+ * Definitions for the trusted functions.
|
|
523 |
+ */
|
|
524 |
+#ifndef TRUSTED_XSCREENSAVER_H
|
|
525 |
+#define TRUSTED_XSCREENSAVER_H
|
|
526 |
+
|
|
527 |
+#ifdef HAVE_XTSOL
|
|
528 |
+#include <X11/extensions/Xtsol.h>
|
|
529 |
+#endif /* HAVE_XTSOL */
|
|
530 |
+#include <user_attr.h>
|
|
531 |
+#include <glib.h>
|
|
532 |
+#include <X11/Xlib.h>
|
|
533 |
+#include <sys/types.h>
|
|
534 |
+#include <unistd.h>
|
|
535 |
+
|
|
536 |
+extern gboolean tsol_is_multi_label_session (void);
|
|
537 |
+extern char *getusrattrval(userattr_t *, char *);
|
|
538 |
+extern void XTSOLgetWorkstationOwner(Display *, uid_t *);
|
|
539 |
+
|
|
540 |
+typedef void (*xtsol_XTSOLgetWorkstationOwner) (Display *, uid_t *);
|
|
541 |
+extern void XTSOLMakeTPWindow(Display *, Window);
|
|
542 |
+typedef void (*xtsol_XTSOLMakeTPWindow) (Display *, Window);
|
|
543 |
+typedef char *(*gnome_tsol_get_usrattr_val) (userattr_t *, char *);
|
|
544 |
+
|
|
545 |
+enum {
|
|
546 |
+ LOCK_CMD = 0,
|
|
547 |
+ LOGOUT_CMD
|
|
548 |
+};
|
|
549 |
+#endif /* TRUSTED_XSCREENSAVER_H */
|
18044
|
550 |
diff --git xscreensaver-5.11/driver/types.h xscreensaver-5.11/driver/types.h
|
|
551 |
--- xscreensaver-5.11/driver/types.h
|
|
552 |
+++ xscreensaver-5.11/driver/types.h
|
|
553 |
@@ -105,6 +105,8 @@ struct saver_preferences {
|
|
554 |
Time initial_delay; /* how long to sleep after launch */
|
|
555 |
Time splash_duration; /* how long the splash screen stays up */
|
|
556 |
Time timeout; /* how much idle time before activation */
|
|
557 |
+ int lock_cmd; /* tsol only - whether to lock or logout */
|
|
558 |
+
|
|
559 |
Time lock_timeout; /* how long after activation locking starts */
|
|
560 |
Time cycle; /* how long each hack should run */
|
|
561 |
Time passwd_timeout; /* how much time before pw dialog goes down */
|
18039
|
562 |
diff --git xscreensaver-5.11/driver/xscreensaver-getimage.c xscreensaver-5.11/driver/xscreensaver-getimage.c
|
|
563 |
--- xscreensaver-5.11/driver/xscreensaver-getimage.c
|
|
564 |
+++ xscreensaver-5.11/driver/xscreensaver-getimage.c
|
18027
|
565 |
@@ -83,6 +83,7 @@ static char *defaults[] = {
|
|
566 |
0
|
|
567 |
};
|
|
568 |
|
|
569 |
+extern Display *global_dpy;
|
|
570 |
|
|
571 |
|
|
572 |
char *progname = 0;
|
|
573 |
@@ -1797,7 +1798,7 @@ main (int argc, char **argv)
|
|
574 |
|
|
575 |
toplevel = XtAppInitialize (&app, progclass, 0, 0, &argc, argv,
|
|
576 |
defaults, 0, 0);
|
|
577 |
- dpy = XtDisplay (toplevel);
|
|
578 |
+ global_dpy = dpy = XtDisplay (toplevel);
|
|
579 |
screen = XtScreen (toplevel);
|
|
580 |
db = XtDatabase (dpy);
|
|
581 |
XtGetApplicationNameAndClass (dpy, &s, &progclass);
|
18039
|
582 |
diff --git xscreensaver-5.11/driver/xscreensaver.c xscreensaver-5.11/driver/xscreensaver.c
|
|
583 |
--- xscreensaver-5.11/driver/xscreensaver.c
|
|
584 |
+++ xscreensaver-5.11/driver/xscreensaver.c
|
18027
|
585 |
@@ -142,6 +142,7 @@
|
|
586 |
|
|
587 |
#include <stdio.h>
|
|
588 |
#include <ctype.h>
|
|
589 |
+#include <zone.h>
|
|
590 |
#include <X11/Xlib.h>
|
|
591 |
|
|
592 |
#include <locale.h>
|
18061
|
593 |
@@ -226,6 +227,9 @@
|
18044
|
594 |
#include "usleep.h"
|
|
595 |
#include "auth.h"
|
|
596 |
|
|
597 |
+#include "trusted-utils.h"
|
18027
|
598 |
+extern Display *global_dpy;
|
18044
|
599 |
+
|
|
600 |
saver_info *global_si_kludge = 0; /* I hate C so much... */
|
18027
|
601 |
|
18044
|
602 |
/* Globals */
|
18124
|
603 |
@@ -1456,6 +1460,9 @@ main (int argc, char **argv)
|
18027
|
604 |
struct passwd *spasswd;
|
|
605 |
int i;
|
|
606 |
|
|
607 |
+ if (tsol_is_multi_label_session () && (getzoneid () != 0))
|
|
608 |
+ exit (1);
|
|
609 |
+
|
|
610 |
#ifdef ENABLE_NLS
|
|
611 |
if (!setlocale (LC_ALL, ""))
|
|
612 |
fprintf (stderr, "locale not supported by C library\n");
|
18124
|
613 |
@@ -1500,6 +1507,7 @@ main (int argc, char **argv)
|
18027
|
614 |
# endif /* !NO_LOCKING */
|
|
615 |
|
|
616 |
shell = connect_to_server (si, &argc, argv);
|
|
617 |
+ global_dpy = XtDisplay(shell);
|
|
618 |
process_command_line (si, &argc, argv);
|
|
619 |
stderr_log_file (si);
|
|
620 |
print_banner (si);
|
18061
|
621 |
|