From 9942172e2d42cb89996fe260f65ca2ec5d6d91cf Mon Sep 17 00:00:00 2001
From: tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>
Date: Thu, 15 Sep 2011 17:30:04 +0000
Subject: Export the kdmtsak calling executable validation routine in a header
 file

git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebase@1253837 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
---
 kdmlib/kdmtsak.cpp | 141 +----------------------------------------------------
 1 file changed, 2 insertions(+), 139 deletions(-)

(limited to 'kdmlib/kdmtsak.cpp')

diff --git a/kdmlib/kdmtsak.cpp b/kdmlib/kdmtsak.cpp
index f00346182..2602025bb 100644
--- a/kdmlib/kdmtsak.cpp
+++ b/kdmlib/kdmtsak.cpp
@@ -18,146 +18,9 @@
    Boston, MA 02110-1301, USA.
 */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <dirent.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/select.h>
-#include <sys/time.h>
-#include <termios.h>
-#include <signal.h>
-
-#include <tqstring.h>
-
-#include "config.h"
-
-#define FIFO_FILE "/tmp/ksocket-global/tsak"
-
-// #define DEBUG
+#include "kdmtsak.h"
 
 int main (int argc, char *argv[])
 {
-	int mPipe_fd;
-	char readbuf[128];
-	int numread;
-	bool authorized = false;
-
-	pid_t parentproc = getppid();
-#ifdef DEBUG
-	printf("Parent pid is: %d\n\r", parentproc);
-#endif
-
-	char parentexecutable[8192];
-	TQString procparent = TQString("/proc/%1/exe").arg(parentproc);
-	int chars = readlink(procparent.ascii(), parentexecutable, sizeof(parentexecutable));
-	parentexecutable[chars] = 0;
-	parentexecutable[8191] = 0;
-	procparent = parentexecutable;
-#ifdef DEBUG
-	printf("Parent executable name and full path is: %s\n\r", procparent.ascii());
-#endif
-
-	TQString tdeBinaryPath = TQString(KDE_BINDIR "/");
-#ifdef DEBUG
-	printf("The TDE binary path is: %s\n\r", tdeBinaryPath.ascii());
-#endif
-
-	if (!procparent.startsWith(tdeBinaryPath)) {
-		printf("Unauthorized path detected in calling process\n\r");
-		return 2;
-	}
-	else {
-		procparent = procparent.mid(tdeBinaryPath.length());
-#ifdef DEBUG
-		printf("Parent executable name is: %s\n\r", procparent.ascii());
-#endif
-		if ((procparent == "kdesktop") || (procparent == "kdesktop_lock") || (procparent == "kdm")) {
-			authorized = true;
-		}
-		else if (procparent == "kdeinit") {
-			printf("kdeinit detected\n\r");
-			// A bit more digging is needed to see if this is an authorized process or not
-			// Get the kdeinit command
-			char kdeinitcmdline[8192];
-			FILE *fp = fopen(TQString("/proc/%1/cmdline").arg(parentproc).ascii(),"r");
-			if (fp != NULL) {
-				if (fgets (kdeinitcmdline, 8192, fp) != NULL)
-				fclose (fp);
-			}
-			kdeinitcmdline[8191] = 0;
-			TQString kdeinitCommand = kdeinitcmdline;
-
-			// Also get the environment, specifically the path
-			TQString kdeinitEnvironment;
-			char kdeinitenviron[8192];
-			fp = fopen(TQString("/proc/%1/environ").arg(parentproc).ascii(),"r");
-			if (fp != NULL) {
-				int c;
-				int pos = 0;
-				do {
-					c = fgetc(fp);
-					kdeinitenviron[pos] = c;
-					pos++;
-					if (c == 0) {
-						TQString curEnvLine = kdeinitenviron;
-						if (curEnvLine.startsWith("PATH=")) {
-							kdeinitEnvironment = curEnvLine.mid(5);
-						}
-						pos = 0;
-					}
-				} while ((c != EOF) && (pos < 8192));
-				fclose (fp);
-			}
-			kdeinitenviron[8191] = 0;
-
-#ifdef DEBUG
-			printf("Called executable name is: %s\n\r", kdeinitCommand.ascii());
-			printf("Environment is: %s\n\r", kdeinitEnvironment.ascii());
-#endif
-
-			if ((kdeinitCommand == "kdesktop [kdeinit]") && (kdeinitEnvironment.startsWith(KDE_BINDIR))) {
-				authorized = true;
-			}
-			else {
-				return 4;
-			}
-		}
-		else {
-			printf("Unauthorized calling process detected\n\r");
-			return 3;
-		}
-
-		if (authorized == true) {
-			// OK, the calling process is authorized to retrieve SAK data
-			// First, flush the buffer
-			mPipe_fd = open(FIFO_FILE, O_RDWR | O_NONBLOCK);
-			numread = 1;
-			while (numread > 0) {
-				numread = read(mPipe_fd, readbuf, 128);
-			}
-			// Now wait for SAK press
-			mPipe_fd = open(FIFO_FILE, O_RDWR);
-			if (mPipe_fd > -1) {
-				numread = read(mPipe_fd, readbuf, 128);
-				readbuf[numread] = 0;
-				readbuf[127] = 0;
-				close(mPipe_fd);
-				if (strcmp(readbuf, "SAK\n\r") == 0) {
-					return 0;
-				}
-				else {
-					return 1;
-				}
-			}
-			return 6;
-		}
-	}
-
-	return 5;
+	return tde_sak_verify_calling_process();
 }
\ No newline at end of file
-- 
cgit v1.2.3