commit 477307d00c1220f8594622e1af982fb0e4e215bf
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Nov 28 15:32:37 2021 -0800

    xauth 1.1.1
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 1bfa5bff47654213f1d40af64bae0e9e23b4bed4
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Nov 28 15:03:37 2021 -0800

    Fix spelling/wording issues
    
    Found by using:
        codespell --builtin clear,rare,usage,informal,code,names
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit c2811c953620cf946269db2b74b29e0dc707e26a
Author: Alex Gendin <ukkeefy@gmail.com>
Date:   Sat Sep 26 23:26:07 2020 -0400

    Fix segfault when X starts
    
    This patch potentially fixes bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884934
    
    System log entries when this bug occurs:
        kernel: xauth[16729]: segfault at 1 ip 00007f51f517f5a5 sp 00007ffdec846568 error 4
                              in libc-2.31.so[7f51f5102000+144000]
        kernel: Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0
                      0f 49 29 d0 48 8d 7c 17 31 e9 8f 0b 00 00 66 0f ef c0 <f3> 0f 6f 0e f3
                      0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f
    
    This bug happens when function get_address_info() in gethost.c is called
    with a display name without forward slash, for example 'myhost.mydomain:0'

commit d7e5021416444e3cc545ffa4f8d1e613cabec633
Author: Karol Herbst <kherbst@redhat.com>
Date:   Thu Apr 22 13:26:50 2021 +0200

    Check malloc calls in process.c
    
    Fixes warnings like
    
    warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'authdata' where non-null expected
    
    Found-by: gcc static analysis
    Signed-off-by: Karol Herbst <kherbst@redhat.com>

commit 18a3c3a7672ff5d65bf0b79b89464eac7540b95b
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Thu Aug 20 20:28:52 2020 +0200

    Additionally check socket file with S_ISSOCK
    This fixes bug https://bugzilla.redhat.com/show_bug.cgi?id=1870201

commit aaf037ec5c576e46318935feaf6e2b7407ff11a0
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 13:21:50 2020 -0700

    Avoid memory leaks in error paths in do_generate
    
    Reported by Oracle Parfait:
    Error: Memory leak
       Memory leak [memory-leak] (CWE 401):
          Memory leak of pointer authdata allocated with malloc((authdatalen - 1))
            at line 1955 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
          Memory leak of pointer authdata allocated with malloc((authdatalen - 1))
            at line 1971 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
              authdata leaks when (i + 1) >= argc at line 1910.
            at line 1980 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
              authdata leaks when (i + 1) >= argc at line 1910.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 4faf0f63f0563513252967a2da1c51de6f5f7b0c
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 11:46:16 2020 -0700

    Use reallocarray() when adding members to array in split_into_words()
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 11:27:25 2020 -0700

    Avoid memory leak when realloc() fails in split_into_words()
    
    Reported by Oracle Parfait:
    Error: Memory leak
       Memory leak [memory-leak] (CWE 401):
          Memory leak of pointer argv allocated with malloc(32)
            at line 283 of process.c in function 'split_into_words'.
              argv allocated at line 264 with malloc(32)
              argv leaks when cur == total at line 280.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun May 3 12:29:53 2020 +0200

    Prevent OOB write with long file names.
    
    If an -f argument is exactly 1022 characters in size, an off-by-one
    stack overflow happens in auth_finalize. The overflow could be even
    larger if locks are ignored for authentication files.
    
    Make sure that a given authentication file name fits into temporary
    buffer and that this buffer matches buffer sizes of libXau which is
    used by xauth.

commit cb98d3b3c5e0f8a7585ab6e2c909fad68c52fd55
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun May 3 12:25:21 2020 +0200

    Fix segmentation fault on invalid add argument.
    
    The hex key supplied with an add command can be quoted, in which
    case the quotation marks are removed.
    
    The check itself makes sure that a given string starts with a
    double quotation mark and ends with a double quotation mark.
    
    Buf if only " is supplied, the code crashes because it subtracts
    2 from the length (which is 1) and therefore copies too much
    memory into a 0 allocated memory area.
    
    Proof of concept:
    
    $ xauth add :0 0 \"

commit e97992671b3870878709a1c01991488965b61b94
Author: Adam Jackson <ajax@redhat.com>
Date:   Thu Jul 11 13:49:26 2019 -0400

    xauth 1.1

commit 0932418d9b47e8240160bcbacbdc38b9bc9870d3
Author: Adam Jackson <ajax@redhat.com>
Date:   Tue Jun 18 12:03:33 2019 -0400

    process: Close a window where no authority file would exist
    
    unlink()ing the old auth file before link()ing the temp to the new is
    just silly. rename() is atomic and will happily clobber the destination,
    and the only thing link() can give you here is the ability to fail on
    filesystems that don't support hardlinks.
    
    Fixes: xorg/app/xauth#2

commit 42239054b088dcdfc637880a8edf39b841c5ea51
Author: Michal Srb <msrb@suse.com>
Date:   Thu May 31 15:12:36 2018 +0200

    Sort entries from most specific to most generic.
    
    There is no point in adding entry or merging lists if a FamilyWild entry would
    end in front of any entry, or entry without display number would end in front
    of entry with number.
    
    This sorts all entries in order:
      * FamilyWild without display number
      * FamilyWild with display number
      * Other family without display number
      * Other family with display number
    
    The order of the entries in each category is kept.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 06a21f7c3d5eb5dc9a86418e87946cc7ac83e437
Author: Michal Srb <msrb@suse.com>
Date:   Thu May 31 15:12:35 2018 +0200

    Merge only entries with equal dpy and protoname.
    
    Merging two lists, or adding entry a into list acts unexpectedly if the list
    contains FamilyWild or entry with an empty display numbers. For example:
    
      > xauth list
      #ffff#6f70656e737573652d74756d626c6577656564#:  MIT-MAGIC-COOKIE-1  1500d80327733252cc42ba469138a259
    
      > xauth add test/unix:2 MIT-MAGIC-COOKIE-1 aabbccddeeff00112233445566778899
      > xauth list
      test/unix:2  MIT-MAGIC-COOKIE-1  aabbccddeeff00112233445566778899
    
    This is because merge_entries compares entries using `match_auth`, which
    follows the same rules as XauGetBestAuthByAddr. Following these rules is good
    when filtering the output of `xauth list`, but for merging we should compare
    for equality. It used to be done that way before commit 1555fff4. That commit
    changed it to improve the `xauth list` behavior, but did not seem consider the
    impact on merge.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 673d42c5ffbbb07ad6b9b3d99a9cc78198999dd1
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Nov 21 16:58:33 2018 -0800

    Update configure.ac bug URL for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit fa5c2797921b2b0c6dcdde5cf1832a90a0a9dfbf
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Nov 16 21:03:57 2018 -0800

    Update README for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 4a3a9fc5271cd04ab9123e4713d00b161daf0b6a
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat May 5 14:58:15 2018 -0700

    Change fall through comment in process.c to match gcc's requirements
    
    Needs to match one of the regexps shown under
    https://gcc.gnu.org/onlinedocs/gcc-7.3.0/gcc/Warning-Options.html#index-Wimplicit-fallthrough
    
    Silences warning from gcc 7.3:
    process.c: In function ‘dump_entry’:
    process.c:1007:9: warning: this statement may fall through [-Wimplicit-fallthrough=]
          if (dpyname) {
             ^
    process.c:1012:4: note: here
        default:
        ^~~~~~~
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 536d1003a5c4d5ac24cd3b8afd10492e4e6242df
Author: Matt Turner <mattst88@gmail.com>
Date:   Sun Jan 29 13:09:12 2017 -0800

    xauth 1.0.10
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit 72717ccee0b6bdbf161cc9d44abe3dc1d824fe46
Author: Matt Turner <mattst88@gmail.com>
Date:   Sun Jan 29 13:09:39 2017 -0800

    Build xauth before running tests.
    
    Otherwise make check fails if make hasn't previously been run.
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit 4dee6a980fdc0174d3825389f95ac1f27c2427db
Author: Mihail Konev <k.mvc@ya.ru>
Date:   Thu Jan 26 14:00:20 2017 +1000

    autogen: add default patch prefix
    
    Signed-off-by: Mihail Konev <k.mvc@ya.ru>

commit 4933bc594087c25dfbc9b1f6db46440f19d0b360
Author: Emil Velikov <emil.l.velikov@gmail.com>
Date:   Mon Mar 9 12:00:52 2015 +0000

    autogen.sh: use quoted string variables
    
    Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
    fall-outs, when they contain space.
    
    Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit eaeb306e67c23657f713b3ca48765d1c6ed99986
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Jan 24 10:32:07 2017 +1000

    autogen.sh: use exec instead of waiting for configure to finish
    
    Syncs the invocation of configure with the one from the server.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    Reviewed-by: Emil Velikov <emil.velikov@collabora.com>

commit 179459471e83a0cd235a0c8ead99b3156390e00c
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jun 1 21:03:14 2014 -0700

    autogen.sh: Honor NOCONFIGURE=1
    
    See http://people.gnome.org/~walters/docs/build-api.txt
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 0e4c17c6d6980f07896f0631cffeb82a0e9705f7
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jan 26 10:26:30 2017 +1000

    autogen.sh: stop using maintainer mode
    
    See xserver commit 4bf3eac5fe20f
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit a64ca3aafcde516658d699047382ab294e3e974f
Author: Søren Sandmann Pedersen <ssp@redhat.com>
Date:   Thu Sep 26 12:30:03 2013 -0400

    usage(): Print summary for the -n option
    
    This option is mentioned in the man page, but not in the help text
    
    Signed-off-by: Hans de Goede <hdegoede@redhat.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit ad26f2137f6414c8cadc070f96a4476d435e994b
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Jan 2 09:49:52 2015 -0800

    include POSIX-standard limits.h for PATH_MAX instead of sys/syslimits.h
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    Reviewed-by: Mark Kettenis <kettenis@openbsd.org>

commit a58c9d74c8f9c4292d367c6e23d15c4cba03dfde
Author: Jon TURNEY <jon.turney@dronecode.org.uk>
Date:   Fri Jan 2 16:18:52 2015 +0000

    Fix !HAVE_STRLCPY case
    
    Fix error in the !HAVE_STRLCPY case, introduced in commit
    f990dd936b5fd1a40290bb88cde517a0ac38f823
    
    It seems that "path[sizeof(path) - 1]" rather than "buf[sizeof(path) - 1]" must
    be meant here, especially as the second instance doesn't even compile...
    
    parsedpy.c: In function ‘parse_displayname’:
    parsedpy.c:176:9: error: ‘buf’ undeclared (first use in this function)
    
    Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit f990dd936b5fd1a40290bb88cde517a0ac38f823
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Wed Dec 31 02:42:17 2014 -0800

    Update DISPLAY parsing to work with new launchd paths in Yosemite
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit 047f92a85796fca563d9345d6c4798b64be77cff
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Tue Jun 24 00:22:54 2014 +0200

    Fix for xauth failing on ENOSPC (= disk full)
    
    If xauth must store its XAUTHORITY file on a file system which is
    full, it will be unable to write the changes. This condition was
    not detected and therefore often the whole XAUTHORITY file was
    cleared. Here is the fix.
    
    Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=21260
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit 12e63de4e0b3a45fad15863a66723609b068e668
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 22:13:48 2014 +0200

    Clarified RELEASING in README
    
    Changed clone URL and improved text. Removed section GARBAGE.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit 0b120e37be8ed44188b3497bf02db48e9cf638bc
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 20:02:00 2014 +0200

    Third version bump to 1.0.9.
    
    Minor change in README to include 1.0.9 in diff so that release.sh
    is happy.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit e204395a7ccf403999ffa2515379784b641745d1
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 19:52:43 2014 +0200

    Second version bump to 1.0.9.
    
    Minor change in README to push the version bump.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit c36e9838294a6042eb7ae61fc476cbc3280aef2d
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 19:44:37 2014 +0200

    Fixed missing EXTRA_DIST in tests. Extended README for releasing.
    
    The tests/Makefile.am missed the EXTRA_DIST definition which resulted in
    missing files for the test done with "make check". This was fixed.
    README was extended to describe howto release a new version of this
    software and to clarify something from ReleaseHOWTO of x.org.
    Prepare anything for releasing 1.0.9.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit ce4bfd951160eabdb28f5534c34aa7549dba7fba
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Mon Mar 31 23:21:12 2014 +0200

    version bump to 1.0.9
    
    Prepare for a new version 1.0.9 of xauth.
    
    Signed-off-by: Dr. Tilmann Bubeck <t.bubeck@reinform.de>

commit ccf30deb585297823ea03fc68805a1c825e335fe
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Dec 27 11:01:35 2013 -0800

    Add AC_USE_SYSTEM_EXTENSIONS to expose non-standard extensions
    
    Required on Solaris to expose definitions in system headers that
    are not defined in the XPG standards now that xtrans 1.3 defines
    _XOPEN_SOURCE to 600 on Solaris.
    
    Fixes build failures:
    gethost.c: In function ‘get_hostname’:
    gethost.c:97:21: error: ‘INET6_ADDRSTRLEN’ undeclared (first use in this function)
    gethost.c:97:21: note: each undeclared identifier is reported only once for each function it appears in
    gethost.c:97:16: warning: unused variable ‘addr’ [-Wunused-variable]
    gethost.c: In function ‘get_address_info’:
    gethost.c:196:9: error: implicit declaration of function ‘strlcpy’ [-Werror=implicit-function-declaration]
    gethost.c:196:9: warning: nested extern declaration of ‘strlcpy’ [-Wnested-externs]
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Daniel Stone <daniel@fooishbar.org>

commit afeb2c22ba1f7193acf814954e66f40cfd699c17
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 13 21:38:10 2013 +0200

    Fix warning about warn_unused_result triggered by WRITES.

commit 2eb4ef59d7c27ac7972954d406ad9c2fa8123672
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 13 17:57:49 2013 +0200

    * Do not install test_xauth during "make install" as it is
      only used during "make check".
    * perror out, if test_xauth does not find "cmdtest".

commit 4de4a231f3a718d2af0d2b00443c803f8bddfbc5
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:45:15 2013 +0200

    Second version bump to 1.0.8

commit f7425f45addce5629d338c051a41ec1a119ea51f
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:38:15 2013 +0200

    Rewrote test_xauth to C to make automake and "make distclean" happy.

commit c4356e8dc8b9fe039c38104551af93e0583ffbee
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:33:42 2013 +0200

    Revert version bump back to 1.0.7 to prepare missing commit before 1.0.8

commit d907dda4e5a2584ac15a404c8269b888b61bbf9e
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:45:06 2013 +0200

    version bump to 1.0.8

commit c6ecc2c8470093ba17ff1cf993df46f9e670173d
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:41:37 2013 +0200

    Improved README to explain "make check".

commit 4e05bce6da8eeb9eb98624cf868675eaf5816df5
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:34:49 2013 +0200

    Added command "version" and command line arg "-V" to show version of xauth.

commit e53df261c9ca11435df0c8853350d913b557446b
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 16:50:33 2013 +0200

    Fix warning raised by "-Wshadow".

commit 92de3583c7aaaa2040728808add2186348859b98
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 15:10:05 2013 +0200

    Rework match_auth_dpy() to be easier to read and maintain (hopefully).

commit 1555fff4ab458d7d4053f1ea6b74c3e14a65ad63
Author: Egbert Eich <eich@freedesktop.org>
Date:   Wed Aug 14 22:11:06 2013 +0200

    Make matching algorithm mimic XauGet*AuthByAddr
    
    Xlib (xcb) uses XauGetBestAuthByAddr() when looking for an
    authorization. 'xauth [n]list $DISPLAY' used a slightly
    stricter algorithm which doesn't find a possible authorization
    for cases where either the family is set to FamilyWild or
    address the address length is 0.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 10cbe2ed2a96582e7ee9fa5cfe6f8f69a3a4e4d4
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 14:16:59 2013 +0200

    Added black box tests for basic functionality started with "make check".

commit 3be53072f8252962c6df740e64e897b970ae0349
Author: Egbert Eich <eich@freedesktop.org>
Date:   Tue Oct 1 01:17:09 2013 +0200

    Handle v4-mapped inet6 addresses correctly
    
    Handling of v4-mapped inet6 addresses has been introduced
    with commit 58140dbbd39389ad6af58e201e055f3d4b92d368:
    
       Look for FamilyLocal if inet or inet6 address is loopback
    
    These adresses should be treated as inet addresses. This patch
    makes the code consistent with the handling if xcb_auth.c in
    libxcb.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 58140dbbd39389ad6af58e201e055f3d4b92d368
Author: Egbert Eich <eich@freedesktop.org>
Date:   Sun Sep 29 08:25:14 2013 -0700

    Look for FamilyLocal if inet or inet6 address is loopback
    
    libxcb uses FamilyLocal authorization if the host name or IP in the
    display string is from the loopback device. This patch adds the same
    behavior to xauth.
    This fixes a long standing problem that for ssh tunneled connections
    a display variable of the form: localhost:<N>.<M> leads to correct
    authorization when an X client is started but "xauth list $DISPLAY"
    returns nothing.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit 09a9451af29545196cedfc8dcaf32e3f1ccc672b
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Sun Sep 29 07:57:37 2013 -0700

    Silenece lack of noreturn warning
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit a2c8f59f13caf63a642bad1b97d9adf5a9e01bcb
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Sun Sep 29 08:04:39 2013 -0700

    Revert "Look for FamilyLocal if inet or inet6 address is loopback"
    
    Also reverts the followup "More fixes for compiler warnings regarding the use of "const"."
    
    This reverts commits fb328950ce1156b8228214240b213860b794b4c8 and
    345c7bf0d09f26183cfde9ad1c812c8de71869a5.
    
    Fixes build regression found on darwin tinderbox.
    
    Per SUSv4*, IN6_IS_ADDR_LOOPBACK takes a 'const struct in6_addr *', not a
    'const struct sockaddr_in6 *'.
    
    *: http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/netinet_in.h.html

commit fb328950ce1156b8228214240b213860b794b4c8
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Sep 25 09:36:58 2013 +0200

    More fixes for compiler warnings regarding the use of "const".

commit 345c7bf0d09f26183cfde9ad1c812c8de71869a5
Author: Egbert Eich <eich@freedesktop.org>
Date:   Wed Aug 14 17:08:27 2013 +0200

    Look for FamilyLocal if inet or inet6 address is loopback
    
    libxcb uses FamilyLocal authorization if the host name or IP in the
    display string is from the loopback device. This patch adds the same
    behavior to xauth.
    This fixes a long standing problem that for ssh tunneled connections
    a display variable of the form: localhost:<N>.<M> leads to correct
    authorization when an X client is started but "xauth list $DISPLAY"
    returns nothing.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 289ca779f73840cb5c9d69b919413079d1be3fc2
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Sep 24 11:21:52 2013 +0200

    Fix various compiler warnings raised by modern gcc (4.8.1).

commit 2440a254797cc3655c8743a9232f30a693f6f947
Author: Thomas Klausner <wiz@NetBSD.org>
Date:   Thu Jul 11 11:27:15 2013 +0200

    Use copystring to create non-const string.]
    
    Hello!
    
    I see you're the official xauth maintainer according to
    http://cgit.freedesktop.org/xorg/doc/xorg-docs/tree/MAINTAINERS#n80
    
    Can you please take a look at the attached patch and merge it?
    
    Thanks,
     Thomas
    
    ----- Forwarded message from Thomas Klausner <wiz@NetBSD.org> -----
    
    Date: Sun, 30 Jun 2013 13:29:44 +0200
    From: Thomas Klausner <wiz@NetBSD.org>
    To: xorg-devel@lists.x.org
    Cc: Thomas Klausner <wiz@NetBSD.org>
    Subject: [PATCH:xauth] Use copystring to create non-const string.
    
    Fixes "error: assignment discards qualifiers from pointer target type"
    
    Signed-off-by: Thomas Klausner <wiz@NetBSD.org>

commit eee471e446405350c02c221f044a70669dac48a2
Author: Egbert Eich <eich@freedesktop.org>
Date:   Wed Aug 14 17:07:35 2013 +0200

    Don't crash when running past the end of the chain
    
    Running past the end of the chain would cause a SEGV.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 6dda11c17f2fdc47d43f269dccee98ec66cc8c4b
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Feb 23 10:13:14 2013 -0800

    Assume signal handlers return void, as C89 requires
    
    Drops use of autoconf's obsolete AC_TYPE_SIGNAL and Imake's even more
    obsolete SIGNALRETURNSINT.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 399dc5d6282f90fee2f6071aadde977280656ffc
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Dec 26 23:11:36 2012 -0800

    Remove unused DECnet ("DNETCONN") code from xauth
    
    Has never been converted to build in modular builds, so has been unusable
    since X11R7.0 release in 2005.  DNETCONN support was removed from xtrans
    back in 2008.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit fe46fcc3ae58767960434445a4ea9c3ce0a6724e
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Dec 26 23:09:31 2012 -0800

    Remove unused TLI ("STREAMSCONN") code from xauth
    
    Has never been converted to build in modular builds, so has been unusable
    since X11R7.0 release in 2005.  All known platforms with TLI/XTI support
    that X11R7 & later releases run on also have (and mostly prefer) BSD
    socket support for their networking API.
    
    And as the comment notes, it never worked right in xauth anyway.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit ea343d117b5dbb17fc753e08918f44f167207fa9
Author: Jon TURNEY <jon.turney@dronecode.org.uk>
Date:   Sat Oct 27 18:10:30 2012 +0100

    Include Xwinsock.h rather than sys/socket.h on WIN32
    
    For AF_INET6, include Xwinsock.h rather than sys/socket.h on WIN32
    
    Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
    Reviewed-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>

commit 374c8c7005200c13299fdcb7b7d1b12f9f4258ae
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Mar 22 21:41:35 2012 -0700

    xauth 1.0.7
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit fbc307f3445a549815efb2476e9476bd51250cf6
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Fri Sep 3 13:45:49 2010 +0200

    Remove alarm handler in get_hostname
    
    gethostbyaddr is not (required to be) async-signal-safe.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit ee3e046dfd84cda1588eef155c7e7c36df9bf5f4
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Sep 28 19:57:15 2011 -0700

    Add const attributes to fix gcc -Wwrite-strings warnings
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 7f7f8cd60795c9503156950d518caa04b30a94a2
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Sep 28 19:50:40 2011 -0700

    Strip trailing whitespace
    
    Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
    git diff -w & git diff -b show no diffs from this change
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit eb5ed59c623aa360677f62a7fd6e398ee9f3cab5
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Sep 28 19:39:20 2011 -0700

    convert strlen/malloc/strcpy combo to strdup
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit b67f0df2dbfa372417d0687e26704635e2d10034
Author: Jeremy Huddleston <jeremyhu@apple.com>
Date:   Mon May 23 19:38:50 2011 -0700

    configure.ac: Bump to 1.0.6
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit 48f87d48fb7b51535534ef2fb18d2fd1e451c2b5
Author: Jeremy Huddleston <jeremyhu@apple.com>
Date:   Sun May 8 16:08:29 2011 -0700

    auth_finalize: Attempt to rename() if link() fails
    
    On some file systems (like AFP), hard links are not supported. If
    link fails, try rename() before giving up.
    
    Reported-by: Jamie Kennea <jamie@pompey.org>
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit 5032c286df16737277c9a04e1083171ffec89000
Author: Jeremy Huddleston <jeremyhu@apple.com>
Date:   Fri May 6 23:12:50 2011 -0700

    Error out and avoid a call to malloc(0) if given a bad hex string
    
    process.c:567:14: warning: Call to 'malloc' has an allocation size of 0 bytes
        retval = malloc (len);
                 ^       ~~~
    1 warning generated.
    
    Found-by: clang static analyzer
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit 9197410a2b5c875885266713f5dc470b6dac476b
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Wed Jan 19 10:06:55 2011 -0500

    config: move man pages into their own directory
    
    Use services provided by XORG_MANPAGE_SECTIONS.
    Use standard Makefile for man pages.
    
    Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

commit 404e5ccc404574906978570781705c73bf24b31b
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Wed Jan 12 16:28:02 2011 -0500

    config: replace deprecated AM_CONFIG_HEADER with AC_CONFIG_HEADERS
    
    This silences an Autoconf warning

commit 1a2ad8ef43c82dcbe0c6fc024c5a627ebb927a82
Author: Jesse Adkins <jesserayadkins@gmail.com>
Date:   Tue Sep 28 13:29:49 2010 -0700

    Purge cvs tags.
    
    Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>

commit da552fc4c69a62b6227383452e56428cd5d696a0
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Sep 23 17:57:16 2010 -0700

    xauth 1.0.5
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit eec190f060cd61b44e0e7029309f7db841c824b8
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Sep 23 07:33:02 2010 -0700

    config: upgrade to util-macros 1.8 for additional man page support
    
    Use MAN_SUBST now supplied in XORG_MANPAGE_SECTIONS
    The value of MAN_SUBST is the same for all X.Org packages.
    
    Use AC_PROG_SED now supplied by XORG_DEFAULT_OPTIONS
    The existing statement can now be removed from the configuration file.
    
    Use automake provided $(AM_V_GEN) and XORG_DEFAULT_OPTIONS provided $(SED)
    Enables silent rule and use platform appropriate version of sed.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 732922acd465f081f8cbd315aa687dd745da2337
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Sep 23 07:29:53 2010 -0700

    config: Remove unnecessary calls from configure.ac
    
    AC_PROG_CC & AC_PROG_INSTALL are provided by XORG_DEFAULT_OPTIONS now
    PKG_CONFIG_MODULES handles AC_SUBST of the CFLAGS & LIBS variables
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 6eef00c1021930444e09d8334b06bbad83d7f2fb
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Tue Jul 20 18:45:18 2010 -0400

    config: update AC_PREREQ statement to 2.60
    
    Unrelated to the previous patches, the new value simply reflects
    the reality that the minimum level for autoconf to configure
    all x.org modules is 2.60 dated June 2006.
    
    ftp://ftp.gnu.org/gnu/autoconf/autoconf-2.60.tar.gz
    
    Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

commit 4f6dea33200af6d42e29b43269d8ee389db1b98f
Author: Jeremy Huddleston <jeremyhu@apple.com>
Date:   Thu Aug 26 08:26:31 2010 -0700

    Fix build failure resulting from previous commit on systems without strlcpy
    
    Found-by: Tinderbox
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit 135338af9a141d609e07e42208b9104465346ae4
Author: Jeremy Huddleston <jeremyhu@apple.com>
Date:   Wed Aug 25 18:23:26 2010 -0700

    launchd: Properly support launchd sockets in xauth
    
    What we had in place before was a hack that always used ':0'.  This change
    results in the bundle id being used to differentiate different connections.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>

commit 96ea88d3aeae710d8fc04f23151d5b669c5e8a0c
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Thu Nov 26 09:19:52 2009 -0500

    Makefile.am: add ChangeLog and INSTALL on MAINTAINERCLEANFILES
    
    Now that the INSTALL file is generated.
    Allows running make maintainer-clean.

commit 1eb55d8efd568c31e8bc9f1f7ab91558ceecfc06
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Wed Oct 28 14:09:08 2009 -0400

    INSTALL, NEWS, README or AUTHORS files are missing/incorrect #24206
    
    Add missing INSTALL file. Use standard GNU file on building tarball
    README may have been updated
    Remove AUTHORS file as it is empty and no content available yet.
    Remove NEWS file as it is empty and no content available yet.

commit f326a1fe16f6717fb822228051a7fdfd30048cab
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Tue Oct 27 15:07:24 2009 -0400

    Deploy the new XORG_DEFAULT_OPTIONS #24242
    
    This macro aggregate a number of existing macros that sets commmon
    X.Org components configuration options. It shields the configuration file from
    future changes.

commit e3a895e81611d881e74fb5106319af513f78df07
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Mon Oct 26 22:08:38 2009 -0400

    Makefile.am: ChangeLog not required: EXTRA_DIST or *CLEANFILES #24432
    
    ChangeLog filename is known to Automake and requires no further
    coding in the makefile.

commit b0f1523247680c9a6045c3a6296bf45d4106de1e
Author: Gaetan Nadon <memsize@videotron.ca>
Date:   Thu Oct 22 12:34:15 2009 -0400

    .gitignore: use common defaults with custom section # 24239
    
    Using common defaults will reduce errors and maintenance.
    Only the very small or inexistent custom section need periodic maintenance
    when the structure of the component changes. Do not edit defaults.

commit b6c280336a6cf681917692933589d878e9984470
Author: Jeremy Huddleston <jeremyhu@freedesktop.org>
Date:   Wed Oct 21 12:47:20 2009 -0700

    This is not a GNU project, so declare it foreign.
    
    On Wed, 2009-10-21 at 13:36 +1000, Peter Hutterer wrote:
    > On Tue, Oct 20, 2009 at 08:23:55PM -0700, Jeremy Huddleston wrote:
    > > I noticed an INSTALL file in xlsclients and libXvMC today, and it
    > > was quite annoying to work around since 'autoreconf -fvi' replaces
    > > it and git wants to commit it.  Should these files even be in git?
    > > Can I nuke them for the betterment of humanity and since they get
    > > created by autoreconf anyways?
    >
    > See https://bugs.freedesktop.org/show_bug.cgi?id=24206
    
    As an interim measure, replace AM_INIT_AUTOMAKE([dist-bzip2]) with
    AM_INIT_AUTOMAKE([foreign dist-bzip2]). This will prevent the generation
    of the INSTALL file. It is also part of the 24206 solution.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@freedesktop.org>

commit 1c701094169b6e33f7faf21a269e949bf134a326
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date:   Fri Oct 9 22:58:52 2009 -0700

    Bug 7051: xauth says creating new authority file even though it does not
    
    https://bugs.freedesktop.org/show_bug.cgi?id=7051
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>

commit d2d802ea9f882b7b7eac1251309d8141e55f213e
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date:   Mon Sep 21 20:25:09 2009 -0700

    xauth 1.0.4
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>

commit e4ab625fd4e31a6cc043dfabbb7d5a801e87d526
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date:   Mon Sep 21 20:22:28 2009 -0700

    Migrate to xorg macros 1.3 & XORG_DEFAULT_OPTIONS
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>

commit 2cbcbed9dedb696535fe54290189478c6c007270
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date:   Mon Sep 21 20:17:48 2009 -0700

    Man page updates: add "SEE ALSO", update xdm references
    
    Also trim trailing whitespaces and fix a spelling error
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>

commit d376341c3cbeca0aec335462dffb796e5a8e5d03
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date:   Mon Sep 21 20:08:10 2009 -0700

    Add pointers to mailing list, bugzilla, wiki & git repo to README
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>

commit 6d47c482a198f5421a7007221a69ee24d5f0a2a4
Author: Matthieu Herrb <matthieu.herrb@laas.fr>
Date:   Sun Jul 19 10:27:49 2009 +0200

