thaeler@hc.DSPO.GOV (Bret K. Thaeler) (02/23/89)
% % Feel free to use this code as you like. Any questions, bugs, ideas, % problems, whatever would be greatly appreciated. % % Bret K. Thaeler % Los Alamos National Labs (MEE-10) % thaeler@hc.dspo.gov % % If you are like me you are probably at little bit worried about % strange people and programs connecting into your NeWS server. % So you probably run with NetSecurityWanted set to true so that % only machines in the RemoteHostRegistry dict (this is what the % 'newshost' commands adds and remove things from) can connect % to your machine. Unfortunitly sometimes you forget to add % a host before you try sending something from that host. Well, % this program solves all of that. % % This program will replace the connection server for your NeWS % server. This program will work exactly like its predicessor % execpt that if a machine is not registered it will popup a % little window asking you if you want to accept this connection % refuse this connections or accept and register this host for % all future connection attemps. The window appears such that % the YES or accept button is dirrectly under the mouse. You % can press the left mouse button or hit a return on the keyboard % so simple accept the connection. To refuse the connection or % register the new host you will have to move the mouse to the % appropriate button and press the left mouse key. This window % will also wake up and raise itself to the top of all the other % windows every couple of seconds just to make sure you didn't % forget a connection request. % % Note: all the options to 'newshost' still work exactly as % before. % % This file contains two parts: % The first part contains the new server code itself. This % code can be inserted directly into the 'init.ps' file in place % of the existing server or added to a 'user.ps' to superceed % the default server. % % The second part of this file contains code which can be used % to kill the running connection server thus allowing you to % start the new server up. This allows you to add this new % server without having to modify any files or having to reboot % your news server. % % WARNING!!!! % 1) The code which kills the running server relies on the % fact that the definition for the server '/server' has % not yet changed. Therefor you will need to kill the % running server BEFORE you define the code for the new % server. SEE THE COMMENTS FOR '/start_new_server'. % % 2) When modifing this code you should use great care. If % you happen to crash your connections server you will % not be able to start up any more jobs or connections. % Your only option will be to reboot your NeWS server. % % This is the code to define the new connection server into % the systemdict. % % New variables added into system dict: % /SecurityCanvas --- dict containing all the information about the % popup window. % /SecurityPopup --- The routine which popus up the window and waits % for a responce. % /LastConnectingHost --- The name of the last host to have connected % into the server. % /define_new_server { systemdict begin gsave /SecurityCans 7 dict dup begin /Times-Roman findfont 20 scalefont setfont /root framebuffer 200 75 createcanvas def /xcurs /xcurs_m root setstandardcursor root begin /Transparent false def /EventsConsumed /AllEvents def /Retained true def end root setcanvas 1 1 1 rgbcolor fillcanvas 0 0 0 rgbcolor strokecanvas /no root 66 37 createcanvas dup begin /Transparent false def /EventsConsumed /AllEvents def /Mapped true def /Retained true def end def no setcanvas 0 0 0 rgbcolor dup setcolor strokecanvas 10 10 moveto (NO) show /yes root 66 35 createcanvas dup begin /Transparent false def /EventsConsumed /AllEvents def /Mapped true def /Retained true def end def yes setcanvas 65 0 movecanvas 0 0 0 rgbcolor dup setcolor strokecanvas 10 10 moveto (YES) show /reg root 66 35 createcanvas dup begin /Transparent false def /EventsConsumed /AllEvents def /Mapped true def /Retained true def end def reg setcanvas 132 0 movecanvas 0 0 0 rgbcolor dup setcolor strokecanvas 10 10 moveto (REG) show /SecBoldFont /Times-Bold findfont 14 scalefont def /SecFont /Times-Roman findfont 12 scalefont def /SecurityAddInterests { createevent dup begin /Name LeftMouseButton def /Action UpTransition def /Canvas yes def end expressinterest createevent dup begin /Name ascii_keymap def /Action DownTransition def /Canvas yes def end expressinterest createevent dup begin /Name /AddFocusClient def /Action [ currentprocess yes] def end sendevent createevent dup begin /Name LeftMouseButton def /Action UpTransition def /Canvas no def end expressinterest createevent dup begin /Name LeftMouseButton def /Action UpTransition def /Canvas reg def end expressinterest createevent dup begin /Name /SecurityLift def end expressinterest } def end def grestore /SecurityPopup { % (host hame) => true/false(should we allow connection) SecurityCans begin gsave currentcursorlocation 18 sub exch 99 sub exch root setcanvas movecanvas 1 1 1 rgbcolor fillcanvas 0 0 0 rgbcolor dup setcolor strokecanvas 10 46 moveto SecBoldFont setfont (Connecting Host: ) show SecFont setfont dup show root /Mapped true put createevent dup begin /Name /SecurityLift def /TimeStamp currenttime .03 add def end sendevent { root canvastotop awaitevent /Canvas get [ yes { pop true exit } no { pop false exit } reg { % reg canvas systemdict /RemoteHostRegistry get exch cvn 1 put % systemdict /NetSecurityWanted false put true exit } /Default { createevent dup begin /Name /SecurityLift def /TimeStamp currenttime .03 add def end sendevent } ] case } loop root /Mapped false put grestore end } def /NetSecurityWanted true def /server { { { currentdict systemdict eq { exit } { end } ifelse } loop clear newprocessgroup SecurityCans begin SecurityAddInterests end { NeWS_socket (r) file } stopped { clear (%socketl2000) (r) file } if dup getsocketlocaladdress (NEWSSERVER) exch putenv (TERM) (PostScript) putenv { dup mark exch acceptconnection dup getsocketpeername /LastConnectingHost exch def RemoteHostRegistry LastConnectingHost known NetSecurityWanted not or { true } { LastConnectingHost SecurityPopup } ifelse { LastConnectingHost { 200 dict begin initmatrix newprocessgroup /OriginatingHost exch def exch pop exch pop cvx exec currentprocess killprocessgroup } fork } { closefile } ifelse cleartomark } loop } fork pop } def end } def % % End of new server code... % % This routine can be called to kill a running connection server and % start up the new server. % % The {/old,/new} option to this function specifies weather you % are tring to kill and old style or a new style server. This % code is VERY specific. If you have changed your server code % from the default released by Sun this code will PROBABLY NOT % work. % % NOTE: % This code relies on the definition for '/server' in systemdict % being the actual code that the running connections server is % executing. Therefor the loading of the new server code MUST % take place in the routine AFTER the running server has been killed. % /start_new_server { % /old,/new => - % this is the code we will insert into the runnign server. { closefile pop closefile currentprocess killprocessgroup } % depending weather we are old or new insert the above code % into different places. (we are inserting this code after % the 'acceptconnections' instructions). exch /old eq { /server load 0 get 13 get dup 3 2 roll 4 exch put 5 /exec cvx put } { /server load 0 get 20 get dup 3 2 roll 4 exch put 5 /exec cvx put } ifelse % Now that the server has been booby traped to die when it % recieves a new connection request, try to connect into it. (NEWSSERVER) getenv (.) search pop pop pop (;) search pop exch pop exch pop (%socketcXXXX) dup 3 -1 roll 8 exch putinterval (r) file pause pause pause pause pause closefile % This is UGLY UGLY UGLY. But we must wait for the socket to % clear its self up before we try to reuse it. % We have a NASTY NASTY race condition sometimes...... 1 1 1000 { pause } for % This following two line can be removed from here and called % anytime after this command. But until these are called % no connections to the NeWS server will succeed. define_new_server server } def % go ahead and start the new server. /old start_new_server