7 files changed, 121 insertions, 69 deletions

diff --git a/sesman/Makefile.am b/sesman/Makefile.am
index 68dba28e..b5e3f138 100644
--- a/sesman/Makefile.am
+++ b/sesman/Makefile.am
@@ -54,6 +54,8 @@ xrdp_sesman_SOURCES = \
   session.h \
   sig.c \
   sig.h \
+  xauth.c \
+  xauth.h \
   $(AUTH_C)
 
 xrdp_sesman_LDADD = \
diff --git a/sesman/env.c b/sesman/env.c
index 625f8345..1ea1a948 100644
--- a/sesman/env.c
+++ b/sesman/env.c
@@ -201,45 +201,3 @@ env_set_user(const char *username, char **passwd_file, int display,
 
     return error;
 }
-
-
-/******************************************************************************/
-int DEFAULT_CC
-env_add_xauth_user(int display, char *cookie, char *file)
-{
-    FILE *dp;
-    char xauth_str[256];
-    int fd;
-
-    if ( file == NULL )
-    {
-        if (!g_file_exist(".Xauthority")) 
-        {
-            fd = g_file_open(".Xauthority");
-            g_file_close(fd);
-        }
-
-        g_sprintf(xauth_str, "xauth -q add :%d . %s", display, cookie);
-    }
-    else
-    {
-        if (!g_file_exist(file))
-        {
-            fd = g_file_open(file);
-            g_file_close(fd);
-        }
-
-        g_sprintf(xauth_str, "xauth -q -f %s  add :%d . %s", 
-                file, display, cookie);
-    }
-    log_message(LOG_LEVEL_DEBUG, "xauth command: %s", xauth_str);
-
-    if ((dp = popen(xauth_str, "r")) == NULL) {
-        log_message(LOG_LEVEL_INFO, "xauth failed, no X security");
-        return 1;
-    }
-
-    pclose(dp);
-
-    return 0;
-}
diff --git a/sesman/env.h b/sesman/env.h
index 15920512..a7156508 100644
--- a/sesman/env.h
+++ b/sesman/env.h
@@ -53,17 +53,4 @@ int DEFAULT_CC
 env_set_user(const char *username, char **passwd_file, int display,
              const struct list *env_names, const struct list *env_values);
 
-/**
- *
- * @brief create the XAUTORITY file for the user according to the display and the cookie
- *        xauth uses XAUTORITY if defined, ~/.Xauthority otherwise
- * @param display The session display
- * @param cookie The cookie
- * @param file If not NULL, write the autorization in the file instead of default location
- * @return 0 if adding the cookie is ok
- */
-
-int DEFAULT_CC
-env_add_xauth_user(int display, char *cookie, char * file);
-
 #endif
diff --git a/sesman/sesman.h b/sesman/sesman.h
index 9abf866e..09b781bc 100644
--- a/sesman/sesman.h
+++ b/sesman/sesman.h
@@ -30,7 +30,6 @@
 #if defined(HAVE_CONFIG_H)
 #include "config_ac.h"
 #endif
-#include <stdio.h>
 #include "arch.h"
 #include "parse.h"
 #include "os_calls.h"
diff --git a/sesman/session.c b/sesman/session.c
index 0f5f6fe2..0540bc11 100644
--- a/sesman/session.c
+++ b/sesman/session.c
@@ -39,6 +39,7 @@
 
 #include "sesman.h"
 #include "libscp_types.h"
+#include "xauth.h"
 
 #ifndef PR_SET_NO_NEW_PRIVS
 #define PR_SET_NO_NEW_PRIVS 38
@@ -441,8 +442,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
     struct list *xserver_params = (struct list *)NULL;
     struct tm stime;
     time_t ltime;
-    char cookie[33]; /* the cookie which will be used for xauth */
-    char cookie_tmpval; /* Used to fill the cookie with random values */
     char authfile[256]; /* The filename for storing xauth informations */
 
     /* initialize (zero out) local variables: */
@@ -686,19 +685,11 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
                 }
                 else
                 {
-                    g_snprintf(authfile, 12, "%s", ".Xauthority");
+                    g_snprintf(authfile, 255, "%s", ".Xauthority");
                 }
 
-                /* Create the cookie */
-                for (i = 0; i < 32; i++)
-                {
-                    g_random((char *) &cookie_tmpval, 1);
-                    sprintf(&cookie[i], "%02X", cookie_tmpval & 0xff);
-                }
-                cookie[32] = '\0';
-
-                /* Add the entry in XAUTORITY file */
-                env_add_xauth_user(display, cookie, authfile);
+                /* Add the entry in XAUTHORITY file */
+                add_xauth_cookie(display, authfile);
 
                 if (type == SESMAN_SESSION_TYPE_XORG)
                 {
diff --git a/sesman/xauth.c b/sesman/xauth.c
new file mode 100644
index 00000000..948d3f0f
--- /dev/null
+++ b/sesman/xauth.c
@@ -0,0 +1,73 @@
+/**
+ * xrdp: A Remote Desktop Protocol server.
+ *
+ * Copyright (C) Jay Sorg 2004-2013
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ * @file xauth.c
+ * @brief XAUTHORITY handling code
+ * @author Emmaunel Blindauer
+ *
+ */
+
+#include <stdio.h>
+#include "sesman.h"
+// #include "grp.h"
+// #include "ssl_calls.h"
+#include "os_calls.h"
+
+
+/******************************************************************************/
+int DEFAULT_CC
+add_xauth_cookie(int display, const char *file)
+{
+    FILE *dp;
+    char cookie[33];
+    char char_cookie[16];
+    char xauth_str[256];
+    int ret;
+
+    g_random(char_cookie, 16);
+    g_bytes_to_hexstr(char_cookie, 16, cookie, 33);
+    cookie[32] = '\0';
+
+    if (file == NULL)
+    {
+        g_sprintf(xauth_str, "xauth -q add :%d . %s", display, cookie);
+    }
+    else
+    {
+        g_sprintf(xauth_str, "xauth -q -f %s add :%d . %s",
+                file, display, cookie);
+    }
+
+    dp = popen(xauth_str, "r");
+    if (dp == NULL)
+    {
+        log_message(LOG_LEVEL_ERROR, "Unable to launch xauth");
+        return 1;
+    }
+
+    ret = pclose(dp);
+    if (ret < 0)
+    {
+        log_message(LOG_LEVEL_ERROR, "An error occured while running xauth");
+        return 1;
+    }
+
+    return 0;
+}
diff --git a/sesman/xauth.h b/sesman/xauth.h
new file mode 100644
index 00000000..2bc98420
--- /dev/null
+++ b/sesman/xauth.h
@@ -0,0 +1,42 @@
+/**
+ * xrdp: A Remote Desktop Protocol server.
+ *
+ * Copyright (C) Jay Sorg 2004-2013
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ * @file xauth.c                                                                 
+ * @brief XAUTHORITY handling code                                               
+ * @author Emmaunel Blindauer                                                    
+ *
+ */
+
+#ifndef XAUTH_H
+#define XAUTH_H
+
+/**
+ *
+ * @brief create the XAUTHORITY file for the user according to the display and the cookie
+ *        xauth uses XAUTHORITY if defined, ~/.Xauthority otherwise
+ * @param display The session display
+ * @param file If not NULL, write the authorization in the file instead of default location
+ * @return 0 if adding the cookie is ok
+ */
+
+int DEFAULT_CC
+add_xauth_cookie(int display, const char *file);
+
+#endif