connection.c

远程桌面连接工具

    /*
     * See above in CreateWellKnownSockets about SIGUSR1
     */
#ifndef WIN32
    if (RunFromSmartParent) {
	if (ParentProcess > 0) {
	    kill (ParentProcess, SIGUSR1);
	}
    }
#endif
    /*
     * restart XDMCP
     */
#ifdef XDMCP
    XdmcpReset ();
#endif
}

static void
AuthAudit (client, letin, saddr, len, proto_n, auth_proto, auth_id)
    ClientPtr client;
    Bool letin;
    struct sockaddr *saddr;
    int len;
    unsigned short proto_n;
    char *auth_proto;
    int auth_id;
{
    char addr[128];
    char *out = addr;

    if (!((OsCommPtr)client->osPrivate)->trans_conn) {
	strcpy(addr, "LBX proxy at ");
	out += strlen(addr);
    }
    if (!len)
        strcpy(out, "local host");
    else
	switch (saddr->sa_family)
	{
	case AF_UNSPEC:
#if defined(UNIXCONN) || defined(LOCALCONN) || defined(OS2PIPECONN)
	case AF_UNIX:
#endif
	    strcpy(out, "local host");
	    break;
#if defined(TCPCONN) || defined(STREAMSCONN) || defined(MNX_TCPCONN)
	case AF_INET:
	    sprintf(out, "IP %s port %d",
		    inet_ntoa(((struct sockaddr_in *) saddr)->sin_addr),
		    ntohs(((struct sockaddr_in *) saddr)->sin_port));
	    break;
#endif
#ifdef DNETCONN
	case AF_DECnet:
	    sprintf(out, "DN %s",
		    dnet_ntoa(&((struct sockaddr_dn *) saddr)->sdn_add));
	    break;
#endif
#ifdef AMRPCCONN
	case FamilyAmoeba:
	    sprintf(addr, "AM %s", saddr);
	    break;
#endif
#if defined(AMTCPCONN) && !(defined(TCPCONN) || defined(STREAMSCONN))
	case AF_INET:
	    sprintf(addr, "AMIP %s", inet_ntoa(*((ipaddr_t *) saddr)));
	    break;
#endif
	default:
	    strcpy(out, "unknown address");
	}
    if (letin)
	AuditF("client %d connected from %s\n", client->index, addr);
    else
	AuditF("client %d rejected from %s\n", client->index, addr);
    if (proto_n)
	AuditF("  Auth name: %.*s ID: %d\n", proto_n, auth_proto, auth_id);
}

XID
AuthorizationIDOfClient(client)
    ClientPtr client;
{
    if (client->osPrivate)
	return ((OsCommPtr)client->osPrivate)->auth_id;
    else
	return None;
}


/*****************************************************************
 * ClientAuthorized
 *
 *    Sent by the client at connection setup:
 *                typedef struct _xConnClientPrefix {
 *                   CARD8	byteOrder;
 *                   BYTE	pad;
 *                   CARD16	majorVersion, minorVersion;
 *                   CARD16	nbytesAuthProto;    
 *                   CARD16	nbytesAuthString;   
 *                 } xConnClientPrefix;
 *
 *     	It is hoped that eventually one protocol will be agreed upon.  In the
 *        mean time, a server that implements a different protocol than the
 *        client expects, or a server that only implements the host-based
 *        mechanism, will simply ignore this information.
 *
 *****************************************************************/

char * 
ClientAuthorized(client, proto_n, auth_proto, string_n, auth_string)
    ClientPtr client;
    char *auth_proto, *auth_string;
    unsigned int proto_n, string_n;
{
    register OsCommPtr 	priv;
    Xtransaddr		*from = NULL;
    int 		family;
    int			fromlen;
    XID	 		auth_id;
    char	 	*reason = NULL;
    XtransConnInfo	trans_conn;

    auth_id = CheckAuthorization (proto_n, auth_proto,
				  string_n, auth_string, client, &reason);

    priv = (OsCommPtr)client->osPrivate;
    trans_conn = priv->trans_conn;
#ifdef LBX
    if (!trans_conn) {
	ClientPtr lbxpc = LbxProxyClient(priv->proxy);
	trans_conn = ((OsCommPtr)lbxpc->osPrivate)->trans_conn;
	if (auth_id == (XID) ~0L && !GetAccessControl())
	    auth_id = ((OsCommPtr)lbxpc->osPrivate)->auth_id;
#ifdef XCSECURITY
	else if (auth_id != (XID) ~0L && !SecuritySameLevel(lbxpc, auth_id)) {
	    auth_id = (XID) ~0L;
	    reason = "Client trust level differs from that of LBX Proxy";
	}
#endif
    }
#endif
    if (auth_id == (XID) ~0L)
    {
	if (
#ifdef XCSECURITY	    
	    (proto_n == 0 ||
	    strncmp (auth_proto, XSecurityAuthorizationName, proto_n) != 0) &&
#endif
	    _XSERVTransGetPeerAddr (trans_conn,
	        &family, &fromlen, &from) != -1)
	{
#ifdef AMRPCCONN
	    /* Amoeba RPC connections are already checked by the capability. */
	    if (family == FamilyAmoeba) {
		auth_id = (XID) 0;
	    }
	    else
#endif
	    if (
#ifdef LBX
		!priv->trans_conn ||
#endif
		InvalidHost ((struct sockaddr *) from, fromlen))
		AuthAudit(client, FALSE, (struct sockaddr *) from,
			  fromlen, proto_n, auth_proto, auth_id);
	    else
	    {
		auth_id = (XID) 0;
		if (auditTrailLevel > 1)
		    AuthAudit(client, TRUE,
			(struct sockaddr *) from, fromlen,
			proto_n, auth_proto, auth_id);
	    }

	    xfree ((char *) from);
	}

	if (auth_id == (XID) ~0L)
	    if (reason)
		return reason;
	    else
		return "Client is not authorized to connect to Server";
    }
    else if (auditTrailLevel > 1)
    {
	if (_XSERVTransGetPeerAddr (trans_conn,
	    &family, &fromlen, &from) != -1)
	{
	    AuthAudit(client, TRUE, (struct sockaddr *) from, fromlen,
		      proto_n, auth_proto, auth_id);

	    xfree ((char *) from);
	}
    }
    priv->auth_id = auth_id;
    priv->conn_time = 0;

#ifdef XDMCP
    /* indicate to Xdmcp protocol that we've opened new client */
    XdmcpOpenDisplay(priv->fd);
#endif /* XDMCP */
#ifdef XAPPGROUP
    if (ClientStateCallback)
        XagCallClientStateChange (client);
#endif
    /* At this point, if the client is authorized to change the access control
     * list, we should getpeername() information, and add the client to
     * the selfhosts list.  It's not really the host machine, but the
     * true purpose of the selfhosts list is to see who may change the
     * access control list.
     */
    return((char *)NULL);
}

static ClientPtr
#ifdef LBX
AllocNewConnection (trans_conn, fd, conn_time, Flush, Close, proxy)
#else
AllocNewConnection (trans_conn, fd, conn_time)
#endif
    XtransConnInfo trans_conn;
    int	    fd;
    CARD32  conn_time;
#ifdef LBX
    int     (*Flush)();
    void    (*Close)();
    LbxProxyPtr proxy;
#endif
{
    OsCommPtr	oc;
    ClientPtr	client;
    
    if (
#ifdef LBX
	trans_conn &&
#endif
#ifndef WIN32
	fd >= lastfdesc
#else
	XFD_SETCOUNT(&AllClients) >= MaxClients
#endif
	)
	return NullClient;
    oc = (OsCommPtr)xalloc(sizeof(OsCommRec));
    if (!oc)
	return NullClient;
    oc->trans_conn = trans_conn;
    oc->fd = fd;
    oc->input = (ConnectionInputPtr)NULL;
    oc->output = (ConnectionOutputPtr)NULL;
    oc->auth_id = None;
    oc->conn_time = conn_time;
#ifdef LBX
    oc->proxy = proxy;
    oc->Flush = Flush;
    oc->Close = Close;
    oc->largereq = (ConnectionInputPtr) NULL;
#endif
    if (!(client = NextAvailableClient((pointer)oc)))
    {
	xfree (oc);
	return NullClient;
    }
#ifdef LBX
    if (trans_conn)
#endif
    {
	ConnectionTranslation[fd] = client->index;
	if (GrabInProgress)
	{
	    FD_SET(fd, &SavedAllClients);
	    FD_SET(fd, &SavedAllSockets);
	}
	else
	{
	    FD_SET(fd, &AllClients);
	    FD_SET(fd, &AllSockets);
	}
    }
    return client;
}

#ifdef LBX

int
ClientConnectionNumber (client)
    ClientPtr	client;
{
    OsCommPtr oc = (OsCommPtr) client->osPrivate;

    return oc->fd;
}

ClientPtr
AllocLbxClientConnection (client, proxy)
    ClientPtr client;
    LbxProxyPtr proxy;
{
    OsCommPtr oc = (OsCommPtr) client->osPrivate;

    return AllocNewConnection ((XtransConnInfo)NULL, oc->fd, GetTimeInMillis(),
			       LbxFlushClient, LbxCloseClient, proxy);
}

void
LbxProxyConnection (client, proxy)
    ClientPtr	client;
    LbxProxyPtr proxy;
{
    OsCommPtr	oc = (OsCommPtr) client->osPrivate;

    FlushClient(client, oc, (char *)NULL, 0);
    oc->proxy = proxy;
    oc->Flush = LbxFlushClient;
    oc->Close = LbxCloseClient;
    LbxPrimeInput(client, proxy);
}

#endif

/*****************
 * EstablishNewConnections
 *    If anyone is waiting on listened sockets, accept them.
 *    Returns a mask with indices of new clients.  Updates AllClients
 *    and AllSockets.
 *****************/

/*ARGSUSED*/
Bool
EstablishNewConnections(clientUnused, closure)
    ClientPtr clientUnused;
    pointer closure;
{
#ifndef WIN32
    fd_mask readyconnections;     /* mask of listeners that are ready */
#else
    fd_set  readyconnections;     /* set of listeners that are ready */
#endif
    int curconn;                  /* fd of listener that's ready */
    register int newconn;         /* fd of new client */
    CARD32 connect_time;
    register int i;
    register ClientPtr client;
    register OsCommPtr oc;
    fd_set tmask;

#ifndef AMOEBA
    XFD_ANDSET (&tmask, (fd_set*)closure, &WellKnownConnections);
#ifndef WIN32
    readyconnections = tmask.fds_bits[0];
    if (!readyconnections)
	return TRUE;
#else
    XFD_COPYSET(&tmask, &readyconnections);
    if (!XFD_ANYSET(&readyconnections))
	return TRUE;
#endif
    connect_time = GetTimeInMillis();
    /* kill off stragglers */
    for (i=1; i<currentMaxClients; i++)
    {
	if (client = clients[i])
	{
	    oc = (OsCommPtr)(client->osPrivate);
	    if (oc && (oc->conn_time != 0) &&
		(connect_time - oc->conn_time) >= TimeOutValue || 
		client->noClientException != Success && !client->clientGone)
		CloseDownClient(client);     
	}
    }
#else /* AMOEBA */
    /* EstablishNewConnections is only called when there is one new
     * connection waiting on the first transport.
     */
    readyconnections = 1;
#endif /* AMOEBA */
#ifndef WIN32
    while (readyconnections) 
#else
    for (i = 0; i < XFD_SETCOUNT(&readyconnections); i++) 
#endif
    {
	XtransConnInfo trans_conn, new_trans_conn;
	int status;

#ifndef WIN32
	curconn = ffsl(readyconnections) - 1;
	readyconnections &= ~(((fd_mask)1) << curconn);
#else
	curconn = XFD_FD(&readyconnections, i);
#endif

	if ((trans_conn = lookup_trans_conn (curconn)) == NULL)
	    continue;

	if ((new_trans_conn = _XSERVTransAccept (trans_conn, &status)) == NULL)
	    continue;

	newconn = _XSERVTransGetConnectionNumber (new_trans_conn);

	_XSERVTransSetOption(new_trans_conn, TRANS_NONBLOCKING, 1);

	if (!AllocNewConnection (new_trans_conn, newconn, connect_time
#ifdef LBX
				 , StandardFlushClient,
				 CloseDownFileDescriptor, (LbxProxyPtr)NULL
#endif
				))
	{
	    ErrorConnMax(new_trans_conn);
	    _XSERVTransClose(new_trans_conn);
	}
    }
    return TRUE;
}

#define NOROOM "Maximum number of clients reached"

/************
 *   ErrorConnMax
 *     Fail a connection due to lack of client or file descriptor space
 ************/

static void
ErrorConnMax(trans_conn)
XtransConnInfo trans_conn;
{
    register int fd = _XSERVTransGetConnectionNumber (trans_conn);
    xConnSetupPrefix csp;
    char pad[3];
    struct iovec iov[3];
    char byteOrder = 0;