X-Git-Url: http://git.chise.org/gitweb/?a=blobdiff_plain;f=lib-src%2Fgnuserv.c;h=0c8cf22dc40253cc66059e2a94cb50f14a2ba92e;hb=09ea9552234731fb1cd73d93e1805d7fc5b7ccf8;hp=f792f742c7d2fb78d2aeda8e55dac39f31bbef42;hpb=762383636a99307282c2d93d26c35c046ec24da1;p=chise%2Fxemacs-chise.git.1

diff --git a/lib-src/gnuserv.c b/lib-src/gnuserv.c
index f792f74..0c8cf22 100644
--- a/lib-src/gnuserv.c
+++ b/lib-src/gnuserv.c
@@ -29,12 +29,11 @@
  * ../etc/gnuserv.README relative to the directory containing this file)
  */
 
-#if 0
-static char rcsid [] = "!Header: gnuserv.c,v 2.1 95/02/16 11:58:27 arup alpha !";
-#endif
-
 #include "gnuserv.h"
 
+char gnuserv_version[] = "gnuserv version" GNUSERV_VERSION;
+
+
 #ifdef USE_LITOUT
 #ifdef linux
 #include <bsd/sgtty.h>
@@ -379,7 +378,7 @@ handle_response (void)
 
 #ifdef INTERNET_DOMAIN_SOCKETS
 struct entry {
-  u_long host_addr;
+  unsigned long host_addr;
   struct entry *next;
 };
 
@@ -451,7 +450,7 @@ timed_read (int fd, char *buf, int max, int timeout, int one_line)
   permitted -- return whether a given host is allowed to connect to the server.
 */
 static int
-permitted (u_long host_addr, int fd)
+permitted (unsigned long host_addr, int fd)
 {
   int key;
   struct entry *entry;
@@ -491,15 +490,35 @@ permitted (u_long host_addr, int fd)
 
 	  auth_data_len = atoi(buf);
 
+	  if (auth_data_len <= 0 || auth_data_len > (int) sizeof(buf))
+	      {
+		return FALSE;
+	      }
+
 	  if (timed_read(fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
 	    return FALSE;
 
 #ifdef AUTH_MAGIC_COOKIE
-	  if (server_xauth && server_xauth->data &&
-	      !memcmp(buf, server_xauth->data, auth_data_len))
+	  if (server_xauth && server_xauth->data)
 	    {
+	    /* Do a compare without comprising info about
+	       the size of the cookie */
+	    int auth_data_pos;
+	    int auth_mismatches =
+	      ( auth_data_len ^
+		server_xauth->data_length );
+
+	    for(auth_data_pos=0; auth_data_pos < auth_data_len; ++auth_data_pos)
+	      auth_mismatches |=
+		( buf[auth_data_pos] ^
+		  server_xauth->data[auth_data_pos % server_xauth->data_length]);
+
+	    if (auth_mismatches == 0)
 	      return TRUE;
+	    
+	    for(;rand() % 1000;);
 	    }
+
 #else
 	  printf ("client tried Xauth, but server is not compiled with Xauth\n");
 #endif
@@ -540,7 +559,7 @@ permitted (u_long host_addr, int fd)
               already there.
 */
 static void
-add_host (u_long host_addr)
+add_host (unsigned long host_addr)
 {
   int key;
   struct entry *new_entry;
@@ -576,8 +595,9 @@ setup_table (void)
   FILE *host_file;
   char *file_name;
   char hostname[HOSTNAMSZ];
-  u_int host_addr;
+  unsigned int host_addr;
   int i, hosts=0;
+  int t;
 
   /* Make sure every entry is null */
   for (i=0; i<TABLE_SIZE; i++)
@@ -585,13 +605,14 @@ setup_table (void)
 
   gethostname(hostname,HOSTNAMSZ);
 
-  if ((host_addr = internet_addr(hostname)) == -1)
-    {
+  if ((t = internet_addr(hostname)) == -1)  {
       fprintf(stderr,"%s: unable to find %s in /etc/hosts or from YP",
 	      progname,hostname);
       exit(1);
-    } /* if */
-
+  } else  {
+    host_addr = t;
+  } /* if */
+  
 #ifdef AUTH_MAGIC_COOKIE
 
   server_xauth = XauGetAuthByAddr (FamilyInternet,
@@ -610,12 +631,15 @@ setup_table (void)
   if (((file_name = getenv("GNU_SECURE")) != NULL &&    /* security file  */
        (host_file = fopen(file_name,"r")) != NULL))	/* opened ok */
     {
-      while ((fscanf(host_file,"%s",hostname) != EOF))	/* find a host */
-	if ((host_addr = internet_addr(hostname)) != -1)/* get its addr */
+      while ((fscanf(host_file,"%s",hostname) != EOF))	{ /* find a host */
+	t = internet_addr(hostname);
+	if (t != -1)/* get its addr */
 	  {
+	    host_addr = t;
 	    add_host(host_addr);				/* add the addr */
 	    hosts++;
 	  }
+      }
       fclose(host_file);
     } /* if */
 
@@ -889,7 +913,7 @@ main (int argc, char *argv[])
       {
 	perror(progname);
 	fprintf(stderr,"%s: unable to select\n",progname);
-	exit(1);
+	return 1;
       } /* if */
 
 #ifdef UNIX_DOMAIN_SOCKETS
@@ -905,9 +929,7 @@ main (int argc, char *argv[])
     if (FD_ISSET(fileno(stdin), &rmask))      /* from stdin (gnu process) */
       handle_response();
 #endif /* NOT SYSV_IPC */
-  } /* while */
-
-  return 0;
+  } /* while (1) */
 } /* main */
 
 #endif /* SYSV_IPC || UNIX_DOMAIN_SOCKETS || INTERNET_DOMAIN_SOCKETS */