📄 access.c

📁 远程桌面连接工具
💻 C
📖 第 1 页 / 共 3 页
字号:
上一页 1 23
	    krb5_free_principal(princ);        }	else#endif#ifdef SECURE_RPC	if ((family == FamilyNetname) || (strchr(hostname, '@')))	{	    SecureRPCInit ();	    (void) NewHost (FamilyNetname, hostname, strlen (hostname));	}	else#endif /* SECURE_RPC */#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)	{    	    /* host name */    	    if (family == FamilyInternet && (hp = gethostbyname (hostname)) ||		 (hp = gethostbyname (hostname)))	    {    		saddr.sa.sa_family = hp->h_addrtype;		len = sizeof(saddr.sa);    		if ((family = ConvertAddr (&saddr.sa, &len, (pointer *)&addr)) != -1)		{#ifdef h_addr				/* new 4.3bsd version of gethostent */		    char **list;		    /* iterate over the addresses */		    for (list = hp->h_addr_list; *list; list++)			(void) NewHost (family, (pointer)*list, len);#else    		    (void) NewHost (family, (pointer)hp->h_addr, len);#endif		}    	    }        }#endif /* TCPCONN || STREAMSCONN */	family = FamilyWild;        }        fclose (fd);    }}/* Is client on the local host */Bool LocalClient(client)    ClientPtr client;{    int    		alen, family, notused;    Xtransaddr		*from = NULL;    pointer		addr;    register HOST	*host;#ifdef XCSECURITY    /* untrusted clients can't change host access */    if (client->trustLevel != XSecurityClientTrusted)    {	SecurityAudit("client %d attempted to change host access\n",		      client->index);	return FALSE;    }#endif#ifdef LBX    if (!((OsCommPtr)client->osPrivate)->trans_conn)	return FALSE;#endif    if (!_XSERVTransGetPeerAddr (((OsCommPtr)client->osPrivate)->trans_conn,	&notused, &alen, &from))    {	family = ConvertAddr ((struct sockaddr *) from,	    &alen, (pointer *)&addr);	if (family == -1)	{	    xfree ((char *) from);	    return FALSE;	}	if (family == FamilyLocal)	{	    xfree ((char *) from);	    return TRUE;	}	for (host = selfhosts; host; host = host->next)	{	    if (addrEqual (family, addr, alen, host))		return TRUE;	}	xfree ((char *) from);    }    return FALSE;}static BoolAuthorizedClient(client)    ClientPtr client;{    if (!client || defeatAccessControl)	return TRUE;    return LocalClient(client);}/* Add a host to the access control list.  This is the external interface * called from the dispatcher */intAddHost (client, family, length, pAddr)    ClientPtr		client;    int                 family;    unsigned            length;        /* of bytes in pAddr */    pointer             pAddr;{    int			len;    if (!AuthorizedClient(client))	return(BadAccess);    switch (family) {    case FamilyLocalHost:	len = length;	LocalHostEnabled = TRUE;	break;#ifdef K5AUTH    case FamilyKrb5Principal:        len = length;        break;#endif#ifdef SECURE_RPC    case FamilyNetname:	len = length;	SecureRPCInit ();	break;#endif    case FamilyInternet:    case FamilyDECnet:    case FamilyChaos:	if ((len = CheckAddr (family, pAddr, length)) < 0)	{	    client->errorValue = length;	    return (BadValue);	}	break;    case FamilyLocal:    default:	client->errorValue = family;	return (BadValue);    }    if (NewHost (family, pAddr, len))	return Success;    return BadAlloc;}Bool#if NeedFunctionPrototypesForEachHostInFamily (    int	    family,    Bool    (*func)(#if NeedNestedPrototypes            unsigned char * /* addr */,            short           /* len */,            pointer         /* closure */#endif            ),    pointer closure)#elseForEachHostInFamily (family, func, closure)    int	    family;    Bool    (*func)();    pointer closure;#endif{    HOST    *host;    for (host = validhosts; host; host = host->next)	if (family == host->family && func (host->addr, host->len, closure))	    return TRUE;    return FALSE;}/* Add a host to the access control list. This is the internal interface  * called when starting or resetting the server */static BoolNewHost (family, addr, len)    int		family;    pointer	addr;    int		len;{    register HOST *host;    for (host = validhosts; host; host = host->next)    {        if (addrEqual (family, addr, len, host))	    return TRUE;    }    MakeHost(host,len)    if (!host)	return FALSE;    host->family = family;    host->len = len;    acopy(addr, host->addr, len);    host->next = validhosts;    validhosts = host;    return TRUE;}/* Remove a host from the access control list */intRemoveHost (client, family, length, pAddr)    ClientPtr		client;    int                 family;    unsigned            length;        /* of bytes in pAddr */    pointer             pAddr;{    int			len;    register HOST	*host, **prev;    if (!AuthorizedClient(client))	return(BadAccess);    switch (family) {    case FamilyLocalHost:	len = length;	LocalHostEnabled = FALSE;	break;#ifdef K5AUTH    case FamilyKrb5Principal:        len = length;	break;#endif#ifdef SECURE_RPC    case FamilyNetname:	len = length;	break;#endif    case FamilyInternet:    case FamilyDECnet:    case FamilyChaos:    	if ((len = CheckAddr (family, pAddr, length)) < 0)    	{	    client->errorValue = length;            return(BadValue);    	}	break;    case FamilyLocal:    default:	client->errorValue = family;        return(BadValue);    }    for (prev = &validhosts;         (host = *prev) && (!addrEqual (family, pAddr, len, host));         prev = &host->next)        ;    if (host)    {        *prev = host->next;        FreeHost (host);    }    return (Success);}/* Get all hosts in the access control list */intGetHosts (data, pnHosts, pLen, pEnabled)    pointer		*data;    int			*pnHosts;    int			*pLen;    BOOL		*pEnabled;{    int			len;    register int 	n = 0;    register unsigned char *ptr;    register HOST	*host;    int			nHosts = 0;    *pEnabled = AccessEnabled ? EnableAccess : DisableAccess;    for (host = validhosts; host; host = host->next)    {	nHosts++;	n += (((host->len + 3) >> 2) << 2) + sizeof(xHostEntry);    }    if (n)    {        *data = ptr = (pointer) xalloc (n);	if (!ptr)	{	    return(BadAlloc);	}        for (host = validhosts; host; host = host->next)	{	    len = host->len;	    ((xHostEntry *)ptr)->family = host->family;	    ((xHostEntry *)ptr)->length = len;	    ptr += sizeof(xHostEntry);	    acopy (host->addr, ptr, len);	    ptr += ((len + 3) >> 2) << 2;        }    } else {	*data = NULL;    }    *pnHosts = nHosts;    *pLen = n;    return(Success);}/* Check for valid address family and length, and return address length. *//*ARGSUSED*/static intCheckAddr (family, pAddr, length)    int			family;    pointer		pAddr;    unsigned		length;{    int	len;    switch (family)    {#if defined(TCPCONN) || defined(STREAMSCONN) || defined(AMTCPCONN) || defined(MNX_TCPCONN)      case FamilyInternet:#if !defined(AMOEBA)	if (length == sizeof (struct in_addr))#else	if (length == sizeof(ipaddr_t))#endif	    len = length;	else	    len = -1;        break;#endif #ifdef DNETCONN      case FamilyDECnet:        {	    struct dn_naddr *dnaddr = (struct dn_naddr *) pAddr;	    if ((length < sizeof(dnaddr->a_len)) ||		(length < dnaddr->a_len + sizeof(dnaddr->a_len)))		len = -1;	    else		len = dnaddr->a_len + sizeof(dnaddr->a_len);	    if (len > sizeof(struct dn_naddr))		len = -1;	}        break;#endif      default:        len = -1;    }    return (len);}/* Check if a host is not in the access control list.  * Returns 1 if host is invalid, 0 if we've found it. */InvalidHost (saddr, len)#ifndef AMOEBA_ORIG    register struct sockaddr	*saddr;#else    register ipaddr_t		*saddr;#endif    int				len;{    int 			family;    pointer			addr;    register HOST 		*selfhost, *host;    if (!AccessEnabled)   /* just let them in */        return(0);        family = ConvertAddr (saddr, &len, (pointer *)&addr);    if (family == -1)        return 1;    if (family == FamilyLocal)    {	if (!LocalHostEnabled) 	{	    /*	     * check to see if any local address is enabled.  This 	     * implicitly enables local connections.	     */	    for (selfhost = selfhosts; selfhost; selfhost=selfhost->next) 	    {		for (host = validhosts; host; host=host->next)		{		    if (addrEqual (selfhost->family, selfhost->addr,				   selfhost->len, host))			return 0;		}	    }	    return 1;	} else	    return 0;    }    for (host = validhosts; host; host = host->next)    {        if (addrEqual (family, addr, len, host))    	    return (0);    }    return (1);}static intConvertAddr (saddr, len, addr)#ifndef AMOEBA_ORIG    register struct sockaddr	*saddr;#else    register ipaddr_t		*saddr;#endif    int				*len;    pointer			*addr;{#ifndef AMOEBA    if (*len == 0)        return (FamilyLocal);    switch (saddr->sa_family)    {    case AF_UNSPEC:#if defined(UNIXCONN) || defined(LOCALCONN) || defined(OS2PIPECONN)    case AF_UNIX:#endif        return FamilyLocal;#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)    case AF_INET:        *len = sizeof (struct in_addr);        *addr = (pointer) &(((struct sockaddr_in *) saddr)->sin_addr);        return FamilyInternet;#endif#ifdef DNETCONN    case AF_DECnet:	{	    struct sockaddr_dn *sdn = (struct sockaddr_dn *) saddr;	    *len = sdn->sdn_nodeaddrl + sizeof(sdn->sdn_nodeaddrl);	    *addr = (pointer) &(sdn->sdn_add);	}        return FamilyDECnet;#endif#ifdef CHAOSCONN    case AF_CHAOS:	{	    not implemented	}	return FamilyChaos;#endif    default:        return -1;    }#else /* AMOEBA */    if (*len == 0) return -1;    *len = sizeof (ipaddr_t);    *addr = (pointer) saddr;    return FamilyInternet;#endif /* AMOEBA */}intChangeAccessControl(client, fEnabled)    ClientPtr client;    int fEnabled;{    if (!AuthorizedClient(client))	return BadAccess;    AccessEnabled = fEnabled;    return Success;}/* returns FALSE if xhost + in effect, else TRUE */intGetAccessControl(){    return AccessEnabled;}
上一页 1 23
💿 文件大小 2198 K
👤 上传用户 jhjfjh22544
📂 所属分类网络
🏷️ 相关标签

#远程 #连接
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -