/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, and/or sell copies of the Software, and to permit persons
* to whom the Software is furnished to do so, provided that the above
* copyright notice(s) and this permission notice appear in all copies of
* the Software and that both the above copyright notice(s) and this
* permission notice appear in supporting documentation.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
* OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
* HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
* INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* Except as contained in this notice, the name of a copyright holder
* shall not be used in advertising or otherwise to promote the sale, use
* or other dealings in this Software without prior written authorization
* of the copyright holder.
*
*/
Support needed for Solaris Trusted Extensions / Trusted GNOME.
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/Makefile.in xscreensaver-5.11/driver/Makefile.in
--- xscreensaver-5.11/driver/Makefile.in 2009-05-27 17:19:52.672265000 -0700
+++ xscreensaver-5.11/driver/Makefile.in 2009-05-27 17:20:09.588024000 -0700
@@ -105,6 +105,10 @@ GTK_OBJS = demo-Gtk.o demo-Gtk-conf.o @G
GTK_LOCK_SRCS = lock-Gtk.c remote.c
GTK_LOCK_OBJS = lock-Gtk.o remote.o
+TRUSTED_LIBS = -lglib-2.0 -lsecdb
+TRUSTED_SRCS = trusted-utils.c
+TRUSTED_OBJS = trusted-utils.o
+
PWENT_SRCS = passwd-pwent.c
PWENT_OBJS = passwd-pwent.o
@@ -794,8 +798,9 @@ XScreenSaver_Xm_ad.h: XScreenSaver-Xm.ad
# The executables linked in this directory.
#
-xscreensaver: $(SAVER_OBJS)
- $(CC) $(LDFLAGS) -o $@ $(SAVER_OBJS) $(SAVER_LIBS)
+xscreensaver: $(SAVER_OBJS) $(TRUSTED_OBJS)
+ $(CC) $(LDFLAGS) -o $@ $(SAVER_OBJS) $(TRUSTED_OBJS) \
+ $(TRUSTED_LIBS) $(SAVER_LIBS)
xscreensaver-command: $(CMD_OBJS)
$(CC) $(LDFLAGS) -o $@ $(CMD_OBJS) $(CMD_LIBS)
@@ -814,8 +819,9 @@ xscreensaver-demo: @PREFERRED_DEMO_PROGR
xscreensaver-lock: @PREFERRED_LOCK_PROGRAM@
$(INSTALL_PROGRAM) @PREFERRED_LOCK_PROGRAM@ $@
-xscreensaver-lock-Gtk: $(GTK_LOCK_OBJS)
+xscreensaver-lock-Gtk: $(GTK_LOCK_OBJS) $(TRUSTED_OBJS)
$(CC) $(LDFLAGS) -o $@ $(GTK_LOCK_OBJS) $(LIBS) $(X_LIBS) \
+ $(TRUSTED_OBJS) $(TRUSTED_LIBS) \
$(GTK_LIBS) $(XML_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
$(XDPMS_LIBS) -lXext \
$(X_EXTRA_LIBS)
@@ -825,9 +831,9 @@ xscreensaver-demo-Xm: $(DEMO_OBJS) $(MOT
$(MOTIF_LIBS) $(INTL_LIBS) $(X_PRE_LIBS) -lXt -lX11 \
$(XDPMS_LIBS) $(XINERAMA_LIBS) -lXext $(X_EXTRA_LIBS)
-xscreensaver-demo-Gtk: $(DEMO_OBJS) $(GTK_OBJS)
- $(CC) $(LDFLAGS) -o $@ $(DEMO_OBJS) $(GTK_OBJS) $(LIBS) $(X_LIBS) \
- $(GTK_LIBS) $(XPM_LIBS) $(XML_LIBS) $(INTL_LIBS) $(X_PRE_LIBS) \
+xscreensaver-demo-Gtk: $(DEMO_OBJS) $(GTK_OBJS) $(TRUSTED_OBJS)
+ $(CC) $(LDFLAGS) -o $@ $(DEMO_OBJS) $(GTK_OBJS) $(TRUSTED_OBJS) $(LIBS) $(X_LIBS) \
+ $(GTK_LIBS) $(XPM_LIBS) $(XML_LIBS) $(INTL_LIBS) $(TRUSTED_LIBS) $(X_PRE_LIBS) \
-lXt -lX11 $(XDPMS_LIBS) $(XINERAMA_LIBS) -lXext $(X_EXTRA_LIBS)
demo-Gtk.o: XScreenSaver_ad.h
@@ -836,7 +842,7 @@ xscreensaver.o: XScreenSaver_ad.h
xscreensaver-getimage.o: XScreenSaver_ad.h
xscreensaver-getimage: $(GETIMG_OBJS)
- $(CC) $(LDFLAGS) -o $@ $(GETIMG_OBJS) $(GETIMG_LIBS) -lm
+ $(CC) $(LDFLAGS) -o $@ $(GETIMG_OBJS) $(TRUSTED_OBJS) $(GETIMG_LIBS) $(TRUSTED_LIBS) -lm
pdf2jpeg: $(PDF2JPEG_OBJS)
$(OBJCC) $(LDFLAGS) -o $@ $(PDF2JPEG_OBJS) $(PDF2JPEG_LIBS) -lm
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/demo-Gtk.c xscreensaver-5.11/driver/demo-Gtk.c
--- xscreensaver-5.11/driver/demo-Gtk.c 2009-05-27 17:19:52.762320000 -0700
+++ xscreensaver-5.11/driver/demo-Gtk.c 2009-05-27 17:20:09.590543000 -0700
@@ -136,6 +136,14 @@
#include <string.h>
#include <ctype.h>
+#include <user_attr.h>
+
+void XTSOLgetWorkstationOwner(Display *, uid_t *);
+char *getusrattrval(userattr_t *, char *);
+gboolean tsol_is_multi_label_session (void);
+static gboolean tsol_hack_initialized = False;
+static gboolean tsol_multi_label_session = False;
+
#ifdef HAVE_GTK2
enum {
COL_ENABLED,
@@ -153,6 +161,7 @@ static void hack_subproc_environment (Wi
#undef countof
#define countof(x) (sizeof((x))/sizeof((*x)))
+extern Display *global_dpy;
/* You might think that to read an array of 32-bit quantities out of a
server-side property, you would pass an array of 32-bit data quantities
@@ -909,8 +918,9 @@ about_menu_cb (GtkMenuItem *menuitem, gp
G_MODULE_EXPORT void
doc_menu_cb (GtkMenuItem *menuitem, gpointer user_data)
{
-
- const char *sun_help_command = "xterm -T 'Screensaver Help' -e /bin/sh -c 'man xscreensaver || read foo' &";
+if ( ! tsol_multi_label_session )
+{
+ const char *sun_help_command = "/usr/openwin/bin/xterm -T 'Screensaver Help' -e /bin/ksh -c 'export SHELL=\"/dev/null\"; /usr/bin/man xscreensaver || /usr/bin/read foo' &";
#ifdef JWZ_HELP /* We do not want to point to jwz website for help instead open man page in xterm window */
state *s = global_state_kludge; /* I hate C so much... */
@@ -939,7 +949,7 @@ doc_menu_cb (GtkMenuItem *menuitem, gpoi
system (sun_help_command);
}
-
+}
G_MODULE_EXPORT void
file_menu_cb (GtkMenuItem *menuitem, gpointer user_data)
@@ -2718,7 +2728,6 @@ update_list_sensitivity (state *s)
#endif /* !HAVE_GTK2 */
}
-
static void
populate_prefs_page (state *s)
{
@@ -2885,10 +2894,69 @@ populate_prefs_page (state *s)
SENSITIZE ("pwd_spinbutton", p->pwd_p);
SENSITIZE ("pwd_mlabel", p->pwd_p);
+ tsol_multi_label_session = tsol_is_multi_label_session ();
+ if (! tsol_hack_initialized && tsol_multi_label_session)
+ {
+ GtkWidget *doc_menu = name_to_widget (s, "doc_menu");
+ GtkWidget *restart_menu = name_to_widget (s, "restart");
+ GtkWidget *kill_menu = name_to_widget (s, "kill_menu");
+ GtkWidget *lock_spinbutton = name_to_widget (s, "lock_spinbutton");
+ GtkWidget *lock_container = name_to_widget (s, "blanking_table");
+ GtkWidget *lock_button_eventbox = name_to_widget (s, "lock_button_eventbox");
+ Widget *newlabel = g_object_new (GTK_TYPE_LABEL, "label",
+ _("_Lock Screen After"),
+ "use-underline", TRUE,
+ "mnemonic-widget", lock_spinbutton,
+ NULL);
+ GValue *gv = g_new0 (GValue, 1);
+ GtkAdjustment *adj;
+ userattr_t *uent;
+ int idletime;
+ char *value = NULL;
+ uid_t WorkstationOwner;
+ Display *dpy = GDK_DISPLAY ();
+
+ gtk_widget_hide (doc_menu);
+ gtk_widget_set_sensitive (restart_menu, FALSE);
+ gtk_widget_set_sensitive (kill_menu, FALSE);
+
+ adj = gtk_spin_button_get_adjustment ((GtkSpinButton *)lock_spinbutton);
+
+ XTSOLgetWorkstationOwner (dpy, &WorkstationOwner);
+ uent = getuseruid (WorkstationOwner);
+ value = getusrattrval (uent, USERATTR_IDLETIME_KW);
+ if (value != NULL && *value != '\0')
+ idletime = atoi (value);
+ adj->upper = (gdouble)idletime;
+ if (adj->value > adj->upper)
+ adj->value = adj->upper;
+
+ gtk_spin_button_set_adjustment ((GtkSpinButton *)lock_spinbutton, adj);
+
+ gtk_container_add (GTK_CONTAINER (lock_container), GTK_WIDGET (newlabel));
+ g_value_init (gv, G_TYPE_INT);
+ g_value_set_int (gv, 2);
+ gtk_container_child_set_property (GTK_CONTAINER (lock_container), GTK_WIDGET (newlabel), "top_attach", gv);
+ g_value_set_int (gv, 1);
+ gtk_container_child_set_property (GTK_CONTAINER (lock_container), GTK_WIDGET (newlabel), "left_attach", gv);
+ gtk_widget_show (GTK_WIDGET (newlabel));
+ gtk_widget_hide (GTK_WIDGET (lock_button_eventbox));
+ g_object_set (lock_button_eventbox, "active", TRUE, NULL);
+
+ SENSITIZE ("lock_button", 1);
+ }
+
+ if (tsol_multi_label_session)
+ {
+ SENSITIZE ("lock_spinbutton", 1);
+ SENSITIZE ("lock_mlabel", 1);
+ }
+ else
+ {
SENSITIZE ("lock_button", can_lock_p);
SENSITIZE ("lock_spinbutton", can_lock_p && p->lock_p);
SENSITIZE ("lock_mlabel", can_lock_p && p->lock_p);
-
+ }
/* DPMS
*/
SENSITIZE ("dpms_frame", dpms_supported);
@@ -2917,6 +2985,7 @@ populate_prefs_page (state *s)
# undef SENSITIZE
}
+ tsol_hack_initialized = True;
}
@@ -3002,6 +3071,9 @@ sensitize_menu_items (state *s, Bool for
for (i = 0; i < countof(names); i++)
{
+ if (tsol_is_multi_label_session() && 2==i)
+ continue;
+
GtkWidget *w = name_to_widget (s, names[i]);
gtk_widget_set_sensitive (GTK_WIDGET(w), running_p);
}
@@ -4979,7 +5051,7 @@ main (int argc, char **argv)
applicationShellWidgetClass,
dpy, 0, 0);
- dpy = XtDisplay (toplevel_shell);
+ global_dpy = dpy = XtDisplay (toplevel_shell);
db = XtDatabase (dpy);
XtGetApplicationNameAndClass (dpy, &progname, &progclass);
XSetErrorHandler (demo_ehandler);
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/lock-Gtk.c xscreensaver-5.11/driver/lock-Gtk.c
--- xscreensaver-5.11/driver/lock-Gtk.c 2009-05-27 17:19:52.432591000 -0700
+++ xscreensaver-5.11/driver/lock-Gtk.c 2009-05-27 17:20:09.612695000 -0700
@@ -77,6 +77,7 @@
#include <atk/atkobject.h>
#include "remote.h"
+#include "trusted-utils.h"
/* AT-enabled */
void write_null(int n);
@@ -181,7 +182,10 @@ load_unlock_logo_image(void)
const char *logofile;
struct stat statbuf;
- logofile = DEFAULT_ICONDIR "/unlock-logo.png";
+ if (tsol_is_multi_label_session())
+ logofile = DEFAULT_ICONDIR "/trusted-logo.png";
+ else
+ logofile = DEFAULT_ICONDIR "/unlock-logo.png";
if (stat(logofile, &statbuf) != 0) {
logofile = DEFAULT_ICONDIR "/logo-180.gif"; /* fallback */
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/prefs.c xscreensaver-5.11/driver/prefs.c
--- xscreensaver-5.11/driver/prefs.c 2009-05-27 17:19:52.718330000 -0700
+++ xscreensaver-5.11/driver/prefs.c 2009-05-27 17:20:09.613771000 -0700
@@ -37,6 +37,7 @@
# include "vms-pwd.h"
#endif /* VMS */
+#include <user_attr.h>
/* This file doesn't need the Xt headers, so stub these types out... */
#undef XtPointer
@@ -66,6 +67,7 @@
#include "prefs.h"
#include "resources.h"
+#include "trusted-utils.h"
/* don't use realpath() on fedora system */
#ifdef _FORTIFY_SOURCE
@@ -77,6 +79,7 @@ extern char *progname;
extern char *progclass;
extern const char *blurb (void);
+Display *global_dpy;
static void get_screenhacks (Display *, saver_preferences *);
@@ -1011,6 +1014,9 @@ free_screenhack_list (screenhack **list,
free (list);
}
+void XTSOLgetWorkstationOwner(Display *, uid_t *);
+char *getusrattrval(userattr_t *, char *);
+int tsol_is_multi_label_session (void);
/* Populate `saver_preferences' with the contents of the resource database.
@@ -1051,7 +1057,10 @@ load_init_file (Display *dpy, saver_pref
p->xsync_p = get_boolean_resource (dpy, "synchronous", "Synchronous");
p->verbose_p = get_boolean_resource (dpy, "verbose", "Boolean");
p->timestamp_p = get_boolean_resource (dpy, "timestamp", "Boolean");
- p->lock_p = get_boolean_resource (dpy, "lock", "Boolean");
+ if (tsol_is_multi_label_session())
+ p->lock_p = True; /* always lock in a Multi Label Session */
+ else
+ p->lock_p = get_boolean_resource (dpy, "lock", "Boolean");
p->fade_p = get_boolean_resource (dpy, "fade", "Boolean");
p->unfade_p = get_boolean_resource (dpy, "unfade", "Boolean");
p->fade_seconds = 1000 * get_seconds_resource (dpy, "fadeSeconds", "Time");
@@ -1075,6 +1084,27 @@ load_init_file (Display *dpy, saver_pref
p->lock_timeout = 1000 * get_minutes_resource (dpy, "lockTimeout", "Time");
p->cycle = 1000 * get_minutes_resource (dpy, "cycle", "Time");
p->passwd_timeout = 1000 * get_seconds_resource (dpy, "passwdTimeout", "Time");
+ if (tsol_is_multi_label_session())
+ {
+ userattr_t *uent;
+ int idletime;
+ char *value = NULL;
+ uid_t WorkstationOwner;
+
+ XTSOLgetWorkstationOwner (global_dpy, &WorkstationOwner);
+ uent = getuseruid (WorkstationOwner);
+ value = getusrattrval (uent, USERATTR_IDLETIME_KW);
+ if (value != NULL && *value != '\0')
+ idletime = atoi(value) * 1000;
+ if (p->passwd_timeout > idletime)
+ p->passwd_timeout = idletime;
+
+ value = getusrattrval (uent, USERATTR_IDLECMD_KW);
+ if (value && strcmp(value, USERATTR_IDLECMD_LOGOUT_KW) == 0)
+ p->lock_cmd = LOGOUT_CMD;
+ else
+ p->lock_cmd = LOCK_CMD;
+ }
/* *bugid 5077981 pwd timeout */
p->pwd_p = get_boolean_resource (dpy, "passwdTimeoutEnabled", "Boolean");
p->pointer_timeout = 1000 * get_seconds_resource (dpy, "pointerPollTime", "Time");
--- xscreensaver-5.11/driver/types.h-orig 2010-05-07 15:19:33.782722502 -0500
+++ xscreensaver-5.11/driver/types.h 2010-05-07 16:32:09.483800624 -0500
@@ -105,6 +105,8 @@ struct saver_preferences {
Time initial_delay; /* how long to sleep after launch */
Time splash_duration; /* how long the splash screen stays up */
Time timeout; /* how much idle time before activation */
+ int lock_cmd; /* tsol only - whether to lock or logout */
+
Time lock_timeout; /* how long after activation locking starts */
Time cycle; /* how long each hack should run */
Time passwd_timeout; /* how much time before pw dialog goes down */
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/subprocs.c xscreensaver-5.11/driver/subprocs.c
--- xscreensaver-5.11/driver/subprocs.c 2009-05-27 17:19:52.748014000 -0700
+++ xscreensaver-5.11/driver/subprocs.c 2009-05-27 17:20:09.673584000 -0700
@@ -70,6 +70,7 @@ extern int kill (pid_t, int); /* signal
#include "exec.h"
#include "yarandom.h"
#include "visual.h" /* for id_to_visual() */
+#include "trusted-utils.h"
extern saver_info *global_si_kludge; /* I hate C so much... */
@@ -1076,6 +1077,13 @@ spawn_screenhack (saver_screen_info *ssi
strlen (HACK_PATH));
sprintf(complete_hack_command, HACK_PATH"/%s", hack->command);
+ if (tsol_is_multi_label_session())
+ if (p->lock_cmd == LOGOUT_CMD)
+ {
+ free (complete_hack_command);
+ exec_command (p->shell, "/usr/bin/pkill gnome-session", 0);
+ exit(1);
+ }
forked = fork_and_exec (ssi, complete_hack_command);
free (complete_hack_command);
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/trusted-utils.c xscreensaver-5.11/driver/trusted-utils.c
--- xscreensaver-5.11/driver/trusted-utils.c 1969-12-31 16:00:00.000000000 -0800
+++ xscreensaver-5.11/driver/trusted-utils.c 2009-05-27 17:20:09.674005000 -0700
@@ -0,0 +1,170 @@
+/*
+ * Trusted xscreensaver
+ *
+ * Copyright 2008, 2010, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
+ *
+ *
+ *
+ * Based on work by Erwann Chenede, Ghee Teo
+ *
+ * Used to check if we are in a multilabel session and to load
+ * additional functionality within the multilabel session.
+ */
+#include <dlfcn.h>
+#include <link.h>
+#include <stdlib.h>
+#include <user_attr.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <strings.h>
+#include <stdio.h>
+#include "trusted-utils.h"
+
+/*
+ * Checks for Multi label session
+ */
+gboolean
+tsol_is_multi_label_session (void)
+{
+ static char *session = NULL;
+
+ if (!session)
+ session = (char *)getenv("TRUSTED_SESSION");
+
+ if (!session)
+ return FALSE;
+
+ return TRUE;
+}
+
+/*
+ * dynamicly load the libxtsol library
+ */
+static
+void * dlopen_xtsol (void)
+{
+ void *handle = NULL;
+
+ if ((handle = dlopen ("/usr/lib/libXtsol.so.1", RTLD_LAZY)) != NULL)
+ return handle;
+ if ((handle = dlopen ("/usr/openwin/lib/libXtsol.so.1", RTLD_LAZY)) != NULL)
+ return handle;
+
+ return handle;
+}
+
+/*
+ * dynamicly load the libDtTsol library
+ */
+static
+void * dlopen_gnometsol (void)
+{
+ void *handle = NULL;
+
+ if ((handle = dlopen ("/usr/lib/libgnometsol.so.1", RTLD_LAZY)) != NULL)
+ return handle;
+
+ return handle;
+}
+
+xtsol_XTSOLgetWorkstationOwner libxtsol_XTSOLgetWorkstationOwner = NULL;
+
+void
+XTSOLgetWorkstationOwner(Display *dpy, uid_t *WorkstationOwner)
+{
+ static gpointer xtsol_handle = NULL;
+ static gboolean _xtsol_initialized = FALSE;
+
+ if ( ! _xtsol_initialized ) {
+ _xtsol_initialized = TRUE;
+ xtsol_handle = dlopen_xtsol ();
+ if (xtsol_handle != NULL)
+ libxtsol_XTSOLgetWorkstationOwner = (xtsol_XTSOLgetWorkstationOwner) dlsym(xtsol_handle,
+ "XTSOLgetWorkstationOwner");
+ }
+
+ if (libxtsol_XTSOLgetWorkstationOwner == NULL) {
+ *WorkstationOwner = getuid();
+ } else
+ libxtsol_XTSOLgetWorkstationOwner(dpy, WorkstationOwner);
+}
+
+xtsol_XTSOLMakeTPWindow libxtsol_XTSOLMakeTPWindow = NULL;
+
+void
+XTSOLMakeTPWindow(Display *dpy, Window w)
+{
+ static gpointer xtsol_handle = NULL;
+ static gboolean _xtsol_initialized = FALSE;
+
+ if ( ! _xtsol_initialized ) {
+ _xtsol_initialized = TRUE;
+ xtsol_handle = dlopen_xtsol ();
+ if (xtsol_handle != NULL)
+ libxtsol_XTSOLMakeTPWindow = (xtsol_XTSOLMakeTPWindow) dlsym(xtsol_handle,
+ "XTSOLMakeTPWindow");
+ }
+
+ if (libxtsol_XTSOLMakeTPWindow) {
+ libxtsol_XTSOLMakeTPWindow(dpy, w);
+ }
+}
+
+gnome_tsol_get_usrattr_val libgnome_tsol_get_usrattr_val = NULL;
+
+/*
+ * Returns a value from uattr for the given key.
+ * If there is no value in user_attr, then it returns the
+ * system wide default from policy.conf or labelencodings
+ * as appropriate.
+ */
+char *
+getusrattrval(userattr_t *uattr, char *keywd)
+{
+ static gpointer gnometsol_handle = NULL;
+ static gboolean _gnometsol_initialized = FALSE;
+ char *value;
+
+ if ( ! _gnometsol_initialized ) {
+ _gnometsol_initialized = TRUE;
+ gnometsol_handle = dlopen_gnometsol ();
+ if (gnometsol_handle != NULL)
+ libgnome_tsol_get_usrattr_val = (gnome_tsol_get_usrattr_val) dlsym(gnometsol_handle,
+ "gnome_tsol_get_usrattr_val");
+ }
+
+ if (libgnome_tsol_get_usrattr_val == NULL) {
+ if (strcmp(keywd, USERATTR_IDLETIME_KW) == 0)
+ value = strdup("15");
+ else if (strcmp(keywd, USERATTR_IDLECMD_KW) == 0)
+ value = strdup(USERATTR_IDLECMD_LOCK_KW);
+ } else
+ value = libgnome_tsol_get_usrattr_val(uattr, keywd);
+
+ return ( value );
+}
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/trusted-utils.h xscreensaver-5.11/driver/trusted-utils.h
--- xscreensaver-5.11/driver/trusted-utils.h 1969-12-31 16:00:00.000000000 -0800
+++ xscreensaver-5.11/driver/trusted-utils.h 2009-05-27 17:20:09.674292000 -0700
@@ -0,0 +1,61 @@
+/*
+ * Trusted xscreensaver
+ *
+ * Copyright 2006, 2010, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
+ *
+ *
+ * Based on work by Erwann Chenede, Ghee Teo
+ *
+ * Definitions for the trusted functions.
+ */
+#ifndef TRUSTED_XSCREENSAVER_H
+#define TRUSTED_XSCREENSAVER_H
+
+#ifdef HAVE_XTSOL
+#include <X11/extensions/Xtsol.h>
+#endif /* HAVE_XTSOL */
+#include <user_attr.h>
+#include <glib.h>
+#include <X11/Xlib.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+extern gboolean tsol_is_multi_label_session (void);
+extern char *getusrattrval(userattr_t *, char *);
+extern void XTSOLgetWorkstationOwner(Display *, uid_t *);
+
+typedef void (*xtsol_XTSOLgetWorkstationOwner) (Display *, uid_t *);
+extern void XTSOLMakeTPWindow(Display *, Window);
+typedef void (*xtsol_XTSOLMakeTPWindow) (Display *, Window);
+typedef char *(*gnome_tsol_get_usrattr_val) (userattr_t *, char *);
+
+enum {
+ LOCK_CMD = 0,
+ LOGOUT_CMD
+};
+#endif /* TRUSTED_XSCREENSAVER_H */
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/xscreensaver-getimage.c xscreensaver-5.11/driver/xscreensaver-getimage.c
--- xscreensaver-5.11/driver/xscreensaver-getimage.c 2006-09-17 18:03:58.000000000 -0700
+++ xscreensaver-5.11/driver/xscreensaver-getimage.c 2009-05-27 17:20:09.675170000 -0700
@@ -83,6 +83,7 @@ static char *defaults[] = {
0
};
+extern Display *global_dpy;
char *progname = 0;
@@ -1797,7 +1798,7 @@ main (int argc, char **argv)
toplevel = XtAppInitialize (&app, progclass, 0, 0, &argc, argv,
defaults, 0, 0);
- dpy = XtDisplay (toplevel);
+ global_dpy = dpy = XtDisplay (toplevel);
screen = XtScreen (toplevel);
db = XtDatabase (dpy);
XtGetApplicationNameAndClass (dpy, &s, &progclass);
diff -Nurp -x '*~' -x '*.orig' xscreensaver-5.11/driver/xscreensaver.c xscreensaver-5.11/driver/xscreensaver.c
--- xscreensaver-5.11/driver/xscreensaver.c 2009-05-27 17:19:52.862425000 -0700
+++ xscreensaver-5.11/driver/xscreensaver.c 2009-05-27 17:20:09.705829000 -0700
@@ -142,6 +142,7 @@
#include <stdio.h>
#include <ctype.h>
+#include <zone.h>
#include <X11/Xlib.h>
#include <locale.h>
@@ -240,6 +241,7 @@ passwd_dialog_data *ptr_mygtkpwd = &mygt
char *progname = 0;
char *progclass = 0;
XrmDatabase db = 0;
+extern Display *global_dpy;
static Atom XA_SCREENSAVER_RESPONSE;
@@ -1446,6 +1448,9 @@ main (int argc, char **argv)
struct passwd *spasswd;
int i;
+ if (tsol_is_multi_label_session () && (getzoneid () != 0))
+ exit (1);
+
#ifdef ENABLE_NLS
if (!setlocale (LC_ALL, ""))
fprintf (stderr, "locale not supported by C library\n");
@@ -1488,6 +1493,7 @@ main (int argc, char **argv)
# endif /* !NO_LOCKING */
shell = connect_to_server (si, &argc, argv);
+ global_dpy = XtDisplay(shell);
process_command_line (si, &argc, argv);
stderr_log_file (si);
print_banner (si);