Makefile.am | 20 ---- configure.ac | 9 +- gethost.c | 4 man/Makefile.am | 12 ++ man/xauth.man | 244 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ parsedpy.c | 4 process.c | 10 -- xauth.c | 3 xauth.h | 3 xauth.man | 244 -------------------------------------------------------- 10 files changed, 268 insertions(+), 285 deletions(-)
New commits: commit b67f0df2dbfa372417d0687e26704635e2d10034 Author: Jeremy Huddleston <[email protected]> Date: Mon May 23 19:38:50 2011 -0700 configure.ac: Bump to 1.0.6 Signed-off-by: Jeremy Huddleston <[email protected]> diff --git a/configure.ac b/configure.ac index fc63c19..1262e00 100644 --- a/configure.ac +++ b/configure.ac @@ -22,7 +22,7 @@ dnl Process this file with autoconf to create configure. AC_PREREQ([2.60]) AC_INIT([xauth], - [1.0.5], + [1.0.6], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [xauth]) AM_INIT_AUTOMAKE([foreign dist-bzip2]) commit 48f87d48fb7b51535534ef2fb18d2fd1e451c2b5 Author: Jeremy Huddleston <[email protected]> Date: Sun May 8 16:08:29 2011 -0700 auth_finalize: Attempt to rename() if link() fails On some file systems (like AFP), hard links are not supported. If link fails, try rename() before giving up. Reported-by: Jamie Kennea <[email protected]> Signed-off-by: Jeremy Huddleston <[email protected]> diff --git a/process.c b/process.c index 04abc33..a4021c7 100644 --- a/process.c +++ b/process.c @@ -888,7 +888,8 @@ auth_finalize(void) #if defined(WIN32) || defined(__UNIXOS2__) if (rename(temp_name, xauth_filename) == -1) #else - if (link (temp_name, xauth_filename) == -1) + /* Attempt to rename() if link() fails, since this may be on a FS that does not support hard links */ + if (link (temp_name, xauth_filename) == -1 && rename(temp_name, xauth_filename) == -1) #endif { fprintf (stderr, commit 5032c286df16737277c9a04e1083171ffec89000 Author: Jeremy Huddleston <[email protected]> Date: Fri May 6 23:12:50 2011 -0700 Error out and avoid a call to malloc(0) if given a bad hex string process.c:567:14: warning: Call to 'malloc' has an allocation size of 0 bytes retval = malloc (len); ^ ~~~ 1 warning generated. Found-by: clang static analyzer Signed-off-by: Jeremy Huddleston <[email protected]> diff --git a/process.c b/process.c index ee761e2..04abc33 100644 --- a/process.c +++ b/process.c @@ -558,8 +558,8 @@ cvthexkey(char *hexstr, char **ptrp) /* turn hex key string into octets */ len++; } - /* if odd then there was an error */ - if ((len & 1) == 1) return -1; + /* if 0 or odd, then there was an error */ + if (len == 0 || (len & 1) == 1) return -1; /* now we know that the input is good */ commit 9197410a2b5c875885266713f5dc470b6dac476b Author: Gaetan Nadon <[email protected]> Date: Wed Jan 19 10:06:55 2011 -0500 config: move man pages into their own directory Use services provided by XORG_MANPAGE_SECTIONS. Use standard Makefile for man pages. Signed-off-by: Gaetan Nadon <[email protected]> diff --git a/Makefile.am b/Makefile.am index 813395a..972c841 100644 --- a/Makefile.am +++ b/Makefile.am @@ -19,6 +19,7 @@ # TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. +SUBDIRS = man bin_PROGRAMS = xauth AM_CFLAGS = $(CWARNFLAGS) $(XAUTH_CFLAGS) @@ -31,17 +32,6 @@ xauth_SOURCES = \ xauth.c \ xauth.h -appman_PRE = \ - xauth.man - -appmandir = $(APP_MAN_DIR) - -appman_DATA = $(appman_PRE:man=@APP_MAN_SUFFIX@) - -EXTRA_DIST = $(appman_PRE) -MAINTAINERCLEANFILES = ChangeLog INSTALL -CLEANFILES = $(appman_DATA) - if LINT ALL_LINT_FLAGS=$(LINT_FLAGS) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ $(AM_CPPFLAGS) $(CPPFLAGS) $(XAUTH_CFLAGS) @@ -50,13 +40,7 @@ lint: $(LINT) $(ALL_LINT_FLAGS) $(xauth_SOURCES) $(xauth_LDADD) endif LINT - -SUFFIXES = .$(APP_MAN_SUFFIX) .man - -# String replacements in MAN_SUBSTS now come from xorg-macros.m4 via configure -.man.$(APP_MAN_SUFFIX): - $(AM_V_GEN)$(SED) $(MAN_SUBSTS) < $< > $@ - +MAINTAINERCLEANFILES = ChangeLog INSTALL .PHONY: ChangeLog INSTALL diff --git a/configure.ac b/configure.ac index 697dae4..fc63c19 100644 --- a/configure.ac +++ b/configure.ac @@ -51,4 +51,7 @@ XTRANS_CONNECTION_FLAGS XORG_WITH_LINT -AC_OUTPUT([Makefile]) +AC_CONFIG_FILES([ + Makefile + man/Makefile]) +AC_OUTPUT diff --git a/man/Makefile.am b/man/Makefile.am new file mode 100644 index 0000000..8958872 --- /dev/null +++ b/man/Makefile.am @@ -0,0 +1,12 @@ + +appmandir = $(APP_MAN_DIR) +appman_PRE = xauth.man +appman_DATA = $(appman_PRE:man=$(APP_MAN_SUFFIX)) + +EXTRA_DIST = $(appman_PRE) +CLEANFILES = $(appman_DATA) +SUFFIXES = .$(APP_MAN_SUFFIX) .man + +# String replacements in MAN_SUBSTS now come from xorg-macros.m4 via configure +.man.$(APP_MAN_SUFFIX): + $(AM_V_GEN)$(SED) $(MAN_SUBSTS) < $< > $@ diff --git a/man/xauth.man b/man/xauth.man new file mode 100644 index 0000000..1e3521f --- /dev/null +++ b/man/xauth.man @@ -0,0 +1,244 @@ +.\" Copyright 1993, 1998 The Open Group +.\" +.\" Permission to use, copy, modify, distribute, and sell this software and its +.\" documentation for any purpose is hereby granted without fee, provided that +.\" the above copyright notice appear in all copies and that both that +.\" copyright notice and this permission notice appear in supporting +.\" documentation. +.\" +.\" The above copyright notice and this permission notice shall be included +.\" in all copies or substantial portions of the Software. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +.\" OTHER DEALINGS IN THE SOFTWARE. +.\" +.\" Except as contained in this notice, the name of The Open Group shall +.\" not be used in advertising or otherwise to promote the sale, use or +.\" other dealings in this Software without prior written authorization +.\" from The Open Group. +.\" +.\" +.TH XAUTH 1 __xorgversion__ +.SH NAME +xauth \- X authority file utility +.SH SYNOPSIS +.B xauth +[ \fB\-f\fP \fIauthfile\fP ] [ \fB\-vqibn\fP ] [ \fIcommand arg ...\fP ] +.SH DESCRIPTION +.PP +The \fIxauth\fP program is used to edit and display the authorization +information used in connecting to the X server. This program is usually +used to extract authorization records from one machine and merge them in on +another (as is the case when using remote logins or granting access to +other users). Commands (described below) may be entered interactively, +on the \fIxauth\fP command line, or in scripts. Note that this program +does \fBnot\fP contact the X server except when the generate command is used. +Normally \fIxauth\fP is not used to create the authority file entry in +the first place; the program that starts the X server (often \fIxdm\fP +or \fIstartx\fP) does that. +.SH OPTIONS +The following options may be used with \fIxauth\fP. They may be given +individually (e.g., \fI\-q \-i\|\fP) or may combined (e.g., \fI\-qi\|\fP). +.TP 8 +.B "\-f \fIauthfile\fP" +This option specifies the name of the authority file to use. By default, +\fIxauth\fP will use the file specified by the XAUTHORITY environment variable +or \fI\.Xauthority\fP in the user's home directory. +.TP 8 +.B \-q +This option indicates that \fIxauth\fP should operate quietly and not print +unsolicited status messages. This is the default if an \fIxauth\fP command +is given on the command line or if the standard output is not directed to a +terminal. +.TP 8 +.B \-v +This option indicates that \fIxauth\fP should operate verbosely and print +status messages indicating the results of various operations (e.g., how many +records have been read in or written out). This is the default if \fIxauth\fP +is reading commands from its standard input and its standard output is +directed to a terminal. +.TP 8 +.B \-i +This option indicates that \fIxauth\fP should ignore any authority file +locks. Normally, \fIxauth\fP will refuse to read or edit any authority files +that have been locked by other programs (usually \fIxdm\fP or another +\fIxauth\fP). +.TP 8 +.B \-b +This option indicates that \fIxauth\fP should attempt to break any authority +file locks before proceeding. Use this option only to clean up stale locks. +.TP 8 +.B \-n +This option indicates that \fIxauth\fP should not attempt to resolve any +hostnames, but should simply always print the host address as stored in +the authority file. +.SH COMMANDS +The following commands may be used to manipulate authority files: +.TP 8 +.B "add \fIdisplayname protocolname hexkey" +An authorization entry for the indicated display using the given protocol +and key data is added to the authorization file. The data is specified as +an even-lengthed string of hexadecimal digits, each pair representing +one octet. The first digit of each pair gives the most significant 4 bits +of the octet, and the second digit of the pair gives the least significant 4 +bits. For example, a 32 character hexkey would represent a 128-bit value. +A protocol name consisting of just a +single period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP. + +.TP 8 +.B "generate \fIdisplayname protocolname\fP \fR[\fPtrusted|untrusted\fR]\fP" +.B \fR[\fPtimeout \fIseconds\fP\fR]\fP \fR[\fPgroup \fIgroup-id\fP\fR]\fP \fR[\fBdata \fIhexdata\fR] + +This command is similar to add. The main difference is that instead +of requiring the user to supply the key data, it connects to the +server specified in \fIdisplayname\fP and uses the SECURITY extension +in order to get the key data to store in the authorization file. If +the server cannot be contacted or if it does not support the SECURITY +extension, the command fails. Otherwise, an authorization entry for +the indicated display using the given protocol is added to the +authorization file. A protocol name consisting of just a single +period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP. + +If the \fBtrusted\fP option is used, clients that connect using this +authorization will have full run of the display, as usual. If +\fBuntrusted\fP is used, clients that connect using this authorization +will be considered untrusted and prevented from stealing or tampering +with data belonging to trusted clients. See the SECURITY extension +specification for full details on the restrictions imposed on +untrusted clients. The default is \fBuntrusted\fP. + +The \fBtimeout\fP option specifies how long in seconds this +authorization will be valid. If the authorization remains unused (no +clients are connected with it) for longer than this time period, the +server purges the authorization, and future attempts to connect using +it will fail. Note that the purging done by the server does \fBnot\fP +delete the authorization entry from the authorization file. The +default timeout is 60 seconds. + +The \fBgroup\fP option specifies the application group that clients +connecting with this authorization should belong to. See the +application group extension specification for more details. The +default is to not belong to an application group. + +The \fBdata\fP option specifies data that the server should use to +generate the authorization. Note that this is \fBnot\fP the same data +that gets written to the authorization file. The interpretation of +this data depends on the authorization protocol. The \fIhexdata\fP is +in the same format as the \fIhexkey\fP described in the add command. +The default is to send no data. + +.TP 8 +.B "[n]extract \fIfilename displayname..." +Authorization entries for each of the specified displays are written to the +indicated file. If the \fInextract\fP command is used, the entries are written +in a numeric format suitable for non-binary transmission (such as secure +electronic mail). The extracted entries can be read back in using the +\fImerge\fP and \fInmerge\fP commands. If the filename consists of +just a single dash, the entries will be written to the standard output. +.TP 8 +.B "[n]list \fR[\fIdisplayname\fP...]" +Authorization entries for each of the specified displays (or all if no +displays are named) are printed on the standard output. If the \fInlist\fP +command is used, entries will be shown in the numeric format used by +the \fInextract\fP command; otherwise, they are shown in a textual format. +Key data is always displayed in the hexadecimal format given in the +description of the \fIadd\fP command. +.TP 8 +.B "[n]merge \fR[\fIfilename\fP...]" +Authorization entries are read from the specified files and are merged into +the authorization database, superseding any matching existing entries. If +the \fInmerge\fP command is used, the numeric format given in the description +of the \fIextract\fP command is used. If a filename consists of just a single +dash, the standard input will be read if it hasn't been read before. +.TP 8 +.B "remove \fIdisplayname\fR..." +Authorization entries matching the specified displays are removed from the +authority file. +.TP 8 +.B "source \fIfilename" +The specified file is treated as a script containing \fIxauth\fP commands +to execute. Blank lines and lines beginning with a sharp sign (#) are +ignored. A single dash may be used to indicate the standard input, if it +hasn't already been read. +.TP 8 +.B "info" +Information describing the authorization file, whether or not any changes +have been made, and from where \fIxauth\fP commands are being read +is printed on the standard output. +.TP 8 +.B "exit" +If any modifications have been made, the authority file is written out (if +allowed), and the program exits. An end of file is treated as an implicit +\fIexit\fP command. +.TP 8 +.B "quit" +The program exits, ignoring any modifications. This may also be accomplished +by pressing the interrupt character. +.TP 8 +.B "help [\fIstring\fP]" +A description of all commands that begin with the given string (or all +commands if no string is given) is printed on the standard output. +.TP 8 +.B "?" +A short list of the valid commands is printed on the standard output. +.SH "DISPLAY NAMES" +Display names for the \fIadd\fP, \fI[n]extract\fP, \fI[n]list\fP, +\fI[n]merge\fP, and \fIremove\fP commands use the same format as the +DISPLAY environment variable and the common \fI\-display\fP command line +argument. Display-specific information (such as the screen number) +is unnecessary and will be ignored. +Same-machine connections (such as local-host sockets, +shared memory, and the Internet Protocol hostname \fIlocalhost\fP) are +referred to as \fIhostname\fP/unix:\fIdisplaynumber\fP so that +local entries for different machines may be stored in one authority file. +.SH EXAMPLE +.PP +The most common use for \fIxauth\fP is to extract the entry for the +current display, copy it to another machine, and merge it into the +user's authority file on the remote machine: +.sp +.nf + % xauth extract \- $DISPLAY | ssh otherhost xauth merge \- +.fi +.PP +.sp +The following command contacts the server :0 to create an +authorization using the MIT-MAGIC-COOKIE-1 protocol. Clients that +connect with this authorization will be untrusted. +.nf + % xauth generate :0 . +.fi +.SH ENVIRONMENT +This \fIxauth\fP program uses the following environment variables: +.TP 8 +.B XAUTHORITY +to get the name of the authority file to use if the \fI\-f\fP option isn't +used. +.TP 8 +.B HOME +to get the user's home directory if XAUTHORITY isn't defined. +.SH FILES +.TP 8 +.I $HOME/.Xauthority +default authority file if XAUTHORITY isn't defined. +.SH "SEE ALSO" +X(__miscmansuffix__), Xsecurity(__miscmansuffix__), xhost(__appmansuffix__), +Xserver(__appmansuffix__), xdm(__appmansuffix__), startx(__appmansuffix__), +Xau(__libmansuffix__). +.SH BUGS +.PP +Users that have unsecure networks should take care to use encrypted +file transfer mechanisms to copy authorization entries between machines. +Similarly, the \fIMIT-MAGIC-COOKIE-1\fP protocol is not very useful in +unsecure environments. Sites that are interested in additional security +may need to use encrypted authorization mechanisms such as Kerberos. +.PP +Spaces are currently not allowed in the protocol name. Quoting could be +added for the truly perverse. +.SH AUTHOR +Jim Fulton, MIT X Consortium diff --git a/xauth.man b/xauth.man deleted file mode 100644 index 1e3521f..0000000 --- a/xauth.man +++ /dev/null @@ -1,244 +0,0 @@ -.\" Copyright 1993, 1998 The Open Group -.\" -.\" Permission to use, copy, modify, distribute, and sell this software and its -.\" documentation for any purpose is hereby granted without fee, provided that -.\" the above copyright notice appear in all copies and that both that -.\" copyright notice and this permission notice appear in supporting -.\" documentation. -.\" -.\" The above copyright notice and this permission notice shall be included -.\" in all copies or substantial portions of the Software. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR -.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -.\" OTHER DEALINGS IN THE SOFTWARE. -.\" -.\" Except as contained in this notice, the name of The Open Group shall -.\" not be used in advertising or otherwise to promote the sale, use or -.\" other dealings in this Software without prior written authorization -.\" from The Open Group. -.\" -.\" -.TH XAUTH 1 __xorgversion__ -.SH NAME -xauth \- X authority file utility -.SH SYNOPSIS -.B xauth -[ \fB\-f\fP \fIauthfile\fP ] [ \fB\-vqibn\fP ] [ \fIcommand arg ...\fP ] -.SH DESCRIPTION -.PP -The \fIxauth\fP program is used to edit and display the authorization -information used in connecting to the X server. This program is usually -used to extract authorization records from one machine and merge them in on -another (as is the case when using remote logins or granting access to -other users). Commands (described below) may be entered interactively, -on the \fIxauth\fP command line, or in scripts. Note that this program -does \fBnot\fP contact the X server except when the generate command is used. -Normally \fIxauth\fP is not used to create the authority file entry in -the first place; the program that starts the X server (often \fIxdm\fP -or \fIstartx\fP) does that. -.SH OPTIONS -The following options may be used with \fIxauth\fP. They may be given -individually (e.g., \fI\-q \-i\|\fP) or may combined (e.g., \fI\-qi\|\fP). -.TP 8 -.B "\-f \fIauthfile\fP" -This option specifies the name of the authority file to use. By default, -\fIxauth\fP will use the file specified by the XAUTHORITY environment variable -or \fI\.Xauthority\fP in the user's home directory. -.TP 8 -.B \-q -This option indicates that \fIxauth\fP should operate quietly and not print -unsolicited status messages. This is the default if an \fIxauth\fP command -is given on the command line or if the standard output is not directed to a -terminal. -.TP 8 -.B \-v -This option indicates that \fIxauth\fP should operate verbosely and print -status messages indicating the results of various operations (e.g., how many -records have been read in or written out). This is the default if \fIxauth\fP -is reading commands from its standard input and its standard output is -directed to a terminal. -.TP 8 -.B \-i -This option indicates that \fIxauth\fP should ignore any authority file -locks. Normally, \fIxauth\fP will refuse to read or edit any authority files -that have been locked by other programs (usually \fIxdm\fP or another -\fIxauth\fP). -.TP 8 -.B \-b -This option indicates that \fIxauth\fP should attempt to break any authority -file locks before proceeding. Use this option only to clean up stale locks. -.TP 8 -.B \-n -This option indicates that \fIxauth\fP should not attempt to resolve any -hostnames, but should simply always print the host address as stored in -the authority file. -.SH COMMANDS -The following commands may be used to manipulate authority files: -.TP 8 -.B "add \fIdisplayname protocolname hexkey" -An authorization entry for the indicated display using the given protocol -and key data is added to the authorization file. The data is specified as -an even-lengthed string of hexadecimal digits, each pair representing -one octet. The first digit of each pair gives the most significant 4 bits -of the octet, and the second digit of the pair gives the least significant 4 -bits. For example, a 32 character hexkey would represent a 128-bit value. -A protocol name consisting of just a -single period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP. - -.TP 8 -.B "generate \fIdisplayname protocolname\fP \fR[\fPtrusted|untrusted\fR]\fP" -.B \fR[\fPtimeout \fIseconds\fP\fR]\fP \fR[\fPgroup \fIgroup-id\fP\fR]\fP \fR[\fBdata \fIhexdata\fR] - -This command is similar to add. The main difference is that instead -of requiring the user to supply the key data, it connects to the -server specified in \fIdisplayname\fP and uses the SECURITY extension -in order to get the key data to store in the authorization file. If -the server cannot be contacted or if it does not support the SECURITY -extension, the command fails. Otherwise, an authorization entry for -the indicated display using the given protocol is added to the -authorization file. A protocol name consisting of just a single -period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP. - -If the \fBtrusted\fP option is used, clients that connect using this -authorization will have full run of the display, as usual. If -\fBuntrusted\fP is used, clients that connect using this authorization -will be considered untrusted and prevented from stealing or tampering -with data belonging to trusted clients. See the SECURITY extension -specification for full details on the restrictions imposed on -untrusted clients. The default is \fBuntrusted\fP. - -The \fBtimeout\fP option specifies how long in seconds this -authorization will be valid. If the authorization remains unused (no -clients are connected with it) for longer than this time period, the -server purges the authorization, and future attempts to connect using -it will fail. Note that the purging done by the server does \fBnot\fP -delete the authorization entry from the authorization file. The -default timeout is 60 seconds. - -The \fBgroup\fP option specifies the application group that clients -connecting with this authorization should belong to. See the -application group extension specification for more details. The -default is to not belong to an application group. - -The \fBdata\fP option specifies data that the server should use to -generate the authorization. Note that this is \fBnot\fP the same data -that gets written to the authorization file. The interpretation of -this data depends on the authorization protocol. The \fIhexdata\fP is -in the same format as the \fIhexkey\fP described in the add command. -The default is to send no data. - -.TP 8 -.B "[n]extract \fIfilename displayname..." -Authorization entries for each of the specified displays are written to the -indicated file. If the \fInextract\fP command is used, the entries are written -in a numeric format suitable for non-binary transmission (such as secure -electronic mail). The extracted entries can be read back in using the -\fImerge\fP and \fInmerge\fP commands. If the filename consists of -just a single dash, the entries will be written to the standard output. -.TP 8 -.B "[n]list \fR[\fIdisplayname\fP...]" -Authorization entries for each of the specified displays (or all if no -displays are named) are printed on the standard output. If the \fInlist\fP -command is used, entries will be shown in the numeric format used by -the \fInextract\fP command; otherwise, they are shown in a textual format. -Key data is always displayed in the hexadecimal format given in the -description of the \fIadd\fP command. -.TP 8 -.B "[n]merge \fR[\fIfilename\fP...]" -Authorization entries are read from the specified files and are merged into -the authorization database, superseding any matching existing entries. If -the \fInmerge\fP command is used, the numeric format given in the description -of the \fIextract\fP command is used. If a filename consists of just a single -dash, the standard input will be read if it hasn't been read before. -.TP 8 -.B "remove \fIdisplayname\fR..." -Authorization entries matching the specified displays are removed from the -authority file. -.TP 8 -.B "source \fIfilename" -The specified file is treated as a script containing \fIxauth\fP commands -to execute. Blank lines and lines beginning with a sharp sign (#) are -ignored. A single dash may be used to indicate the standard input, if it -hasn't already been read. -.TP 8 -.B "info" -Information describing the authorization file, whether or not any changes -have been made, and from where \fIxauth\fP commands are being read -is printed on the standard output. -.TP 8 -.B "exit" -If any modifications have been made, the authority file is written out (if -allowed), and the program exits. An end of file is treated as an implicit -\fIexit\fP command. -.TP 8 -.B "quit" -The program exits, ignoring any modifications. This may also be accomplished -by pressing the interrupt character. -.TP 8 -.B "help [\fIstring\fP]" -A description of all commands that begin with the given string (or all -commands if no string is given) is printed on the standard output. -.TP 8 -.B "?" -A short list of the valid commands is printed on the standard output. -.SH "DISPLAY NAMES" -Display names for the \fIadd\fP, \fI[n]extract\fP, \fI[n]list\fP, -\fI[n]merge\fP, and \fIremove\fP commands use the same format as the -DISPLAY environment variable and the common \fI\-display\fP command line -argument. Display-specific information (such as the screen number) -is unnecessary and will be ignored. -Same-machine connections (such as local-host sockets, -shared memory, and the Internet Protocol hostname \fIlocalhost\fP) are -referred to as \fIhostname\fP/unix:\fIdisplaynumber\fP so that -local entries for different machines may be stored in one authority file. -.SH EXAMPLE -.PP -The most common use for \fIxauth\fP is to extract the entry for the -current display, copy it to another machine, and merge it into the -user's authority file on the remote machine: -.sp -.nf - % xauth extract \- $DISPLAY | ssh otherhost xauth merge \- -.fi -.PP -.sp -The following command contacts the server :0 to create an -authorization using the MIT-MAGIC-COOKIE-1 protocol. Clients that -connect with this authorization will be untrusted. -.nf - % xauth generate :0 . -.fi -.SH ENVIRONMENT -This \fIxauth\fP program uses the following environment variables: -.TP 8 -.B XAUTHORITY -to get the name of the authority file to use if the \fI\-f\fP option isn't -used. -.TP 8 -.B HOME -to get the user's home directory if XAUTHORITY isn't defined. -.SH FILES -.TP 8 -.I $HOME/.Xauthority -default authority file if XAUTHORITY isn't defined. -.SH "SEE ALSO" -X(__miscmansuffix__), Xsecurity(__miscmansuffix__), xhost(__appmansuffix__), -Xserver(__appmansuffix__), xdm(__appmansuffix__), startx(__appmansuffix__), -Xau(__libmansuffix__). -.SH BUGS -.PP -Users that have unsecure networks should take care to use encrypted -file transfer mechanisms to copy authorization entries between machines. -Similarly, the \fIMIT-MAGIC-COOKIE-1\fP protocol is not very useful in -unsecure environments. Sites that are interested in additional security -may need to use encrypted authorization mechanisms such as Kerberos. -.PP -Spaces are currently not allowed in the protocol name. Quoting could be -added for the truly perverse. -.SH AUTHOR -Jim Fulton, MIT X Consortium commit 404e5ccc404574906978570781705c73bf24b31b Author: Gaetan Nadon <[email protected]> Date: Wed Jan 12 16:28:02 2011 -0500 config: replace deprecated AM_CONFIG_HEADER with AC_CONFIG_HEADERS This silences an Autoconf warning diff --git a/configure.ac b/configure.ac index c74914a..697dae4 100644 --- a/configure.ac +++ b/configure.ac @@ -28,7 +28,7 @@ AC_INIT([xauth], AM_INIT_AUTOMAKE([foreign dist-bzip2]) AM_MAINTAINER_MODE -AM_CONFIG_HEADER(config.h) +AC_CONFIG_HEADERS([config.h]) # Require X.Org macros 1.8 or later for MAN_SUBSTS set by XORG_MANPAGE_SECTIONS m4_ifndef([XORG_MACROS_VERSION], commit 1a2ad8ef43c82dcbe0c6fc024c5a627ebb927a82 Author: Jesse Adkins <[email protected]> Date: Tue Sep 28 13:29:49 2010 -0700 Purge cvs tags. Signed-off-by: Jesse Adkins <[email protected]> diff --git a/gethost.c b/gethost.c index 6612bc0..acac864 100644 --- a/gethost.c +++ b/gethost.c @@ -1,6 +1,4 @@ /* - * $Xorg: gethost.c,v 1.5 2001/02/09 02:05:38 xorgcvs Exp $ - * $XdotOrg: $ * Copyright 1989, 1998 The Open Group @@ -27,8 +25,6 @@ in this Software without prior written authorization from The Open Group. * Author: Jim Fulton, MIT X Consortium */ -/* $XFree86: xc/programs/xauth/gethost.c,v 3.20 2003/07/27 12:34:25 herrb Exp $ */ - #ifdef HAVE_CONFIG_H #include "config.h" #endif diff --git a/parsedpy.c b/parsedpy.c index 478874e..66225d7 100644 --- a/parsedpy.c +++ b/parsedpy.c @@ -1,6 +1,4 @@ /* - * $Xorg: parsedpy.c,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $ - * $XdotOrg: $ * * parse_displayname - utility routine for splitting up display name strings * @@ -30,8 +28,6 @@ in this Software without prior written authorization from The Open Group. * Author: Jim Fulton, MIT X Consortium */ -/* $XFree86: xc/programs/xauth/parsedpy.c,v 3.7 2003/07/09 15:27:37 tsi Exp $ */ - #ifdef HAVE_CONFIG_H #include "config.h" #endif diff --git a/process.c b/process.c index 6964974..ee761e2 100644 --- a/process.c +++ b/process.c @@ -1,5 +1,3 @@ -/* $Xorg: process.c,v 1.6 2001/02/09 02:05:38 xorgcvs Exp $ */ -/* $XdotOrg: xc/programs/xauth/process.c,v 1.3 2004/04/24 23:26:55 alanc Exp $ */ /* Copyright 1989, 1998 The Open Group @@ -27,7 +25,6 @@ other dealings in this Software without prior written authorization from The Open Group. */ -/* $XFree86: xc/programs/xauth/process.c,v 3.23 2003/11/25 03:15:04 dawes Exp $ */ /* * Author: Jim Fulton, MIT X Consortium diff --git a/xauth.c b/xauth.c index aa8fb7e..557c6a6 100644 --- a/xauth.c +++ b/xauth.c @@ -1,6 +1,4 @@ /* - * $Xorg: xauth.c,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $ - * $XdotOrg: $ * * xauth - manipulate authorization file * @@ -29,7 +27,6 @@ in this Software without prior written authorization from The Open Group. * * * Author: Jim Fulton, MIT X Consortium */ -/* $XFree86: xc/programs/xauth/xauth.c,v 1.5tsi Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" diff --git a/xauth.h b/xauth.h index 51c1d22..f7aeff1 100644 --- a/xauth.h +++ b/xauth.h @@ -1,6 +1,4 @@ /* - * $Xorg: xauth.h,v 1.4 2001/02/09 02:05:38 xorgcvs Exp $ - * * Copyright 1989, 1998 The Open Group @@ -26,7 +24,6 @@ in this Software without prior written authorization from The Open Group. * * * Author: Jim Fulton, MIT X Consortium */ -/* $XFree86: xc/programs/xauth/xauth.h,v 1.6tsi Exp $ */ #include <stdio.h> #include <X11/Xos.h> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
