Bug 10665 - XOpenDisplay says "XDM authorization key matches an existing client!"
Summary: XOpenDisplay says "XDM authorization key matches an existing client!"
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: git
Hardware: Other All
: high normal
Assignee: Xorg Project Team
QA Contact: Xorg Project Team
URL: http://bugs.debian.org/cgi-bin/bugrep...
Whiteboard: 2011BRB_Reviewed
Keywords: patch
Depends on:
Reported: 2007-04-17 13:52 UTC by Brice Goglin
Modified: 2018-12-13 18:34 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:

The described patch for Xorg server (2.39 KB, patch)
2010-08-09 10:19 UTC, Michał Górny
no flags Details | Splinter Review

Description Brice Goglin 2007-04-17 13:52:06 UTC
Bug reported on the Debian BTS by Bernhard R. Link about 2 years ago, still applies to a recent git (xdm 1.1.4, Xlib 1.1.1 with XCB, Xserver 1.3-rc5).

The following code, when executed after a login with xdm, successfully opens display :0 once and then fails saying "XDM authorization key matches an existing client!" (while it is apparently supposed to successfully open/close forever).

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <X11/Xlib.h>
Display *dpy;
int main() {
	dpy = XOpenDisplay(":0");
	if (dpy == NULL) {
		fprintf(stderr, "cannot open display :0\n");
	fprintf(stderr, "opened display :0\n");
	execl("./test","./test", NULL);

It seems related to having "XDM-AUTHORIZATION-1" in the output of xauth list. Adding "DisplayManager*authName: MIT-MAGIC-COOKIE-1" makes the XDM-AUTHORIZATION-1 disappear from xauth list, and the program now works as expected.

According to the submitter, it might be related to the block of code starting at http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=blob;h=95a836d44662c0e1cb08862e30bfbe1e97be3bf4;hb=603c2f88d4e57ce1a3c16e8b6246866e6edd8fa8;f=src/ConnDis.c#l1139

See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=292388 for details

Comment 1 Michał Górny 2010-08-09 10:19:03 UTC
IMHO the real issue is that the xdmauth code inside Xorg server doesn't free the auth data whenever a client disconnects. It basically requires clients to rely on some kind of randomness.

Thus, I've added an 'xclient' ClientPtr field to the auth data structure to track X clients, and I've created a XdmDeleteClient() function to drop the auth data whenever the client disconnects. The code doesn't use the 'xclient' field directly, it is set within XdmCheckCookie() and compared within XdmDeleteClient(), thus there's no reason to worry even if it the structure was freed somehow without calling XdmDeleteClient().
Comment 2 Michał Górny 2010-08-09 10:19:48 UTC
Created attachment 37736 [details] [review]
The described patch for Xorg server
Comment 3 Jeremy Huddleston Sequoia 2011-10-07 15:33:58 UTC
Can you please submit your patch to xorg-devel for review?
Comment 4 Michał Górny 2011-10-08 00:49:08 UTC
(In reply to comment #3)
> Can you please submit your patch to xorg-devel for review?

I'm not sure where but I think the patch was rejected already with the intent that xdm clients are not removed on purpose (some kind of obscurity).
Comment 5 debguy 2014-11-28 16:28:56 UTC
did you run iceauth and check ?
Comment 6 GitLab Migration User 2018-12-13 18:34:40 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/xorg/xserver/issues/245.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.