X Window System, Version 11
Release 6.3
Release Notes
X Consortium, Inc.
December 23, 1996
Copyright c 1996 X Consortium
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish, dis-
tribute, sublicense, and/or sell copies of the Software, and to permit
persons to whom the Software is furnished to do so, subject to the fol-
lowing conditions:
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABIL-
ITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABIL-
ITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
Except as contained in this notice, the name of the X Consortium shall
not be used in advertising or otherwise to promote the sale, use or
other dealings in this Software without prior written authorization from
the X Consortium.
X Window System is a trademark of X Consortium, Inc.
1. What Is Release 6.3
This is the last X Consortium implementation of the X Window System. X
is a vendor-neutral, system-architecture neutral network-transparent
window system and user interface standard. X runs on a wide range of
computing and graphics machines. For an overview of X, see the X manual
page.
R6.3 is an update to R6.1. It is compatible with R6 and R6.1 at the
source and protocol levels in all respects, and binaries are upward-
compatible.
What about Release 6.2? Release 6.2 is a proper subset of Release 6.3
produced at the request of the OSF Common Desktop Environment program.
It was produced by the X Consortium and is being released by OSF simul-
taneously with CDE 2.1. Release 6.2 contains only the print extension
and the Xlib implementation of vertical writing and user-defined charac-
ter support.
The X Consortium was an independent, not-for-profit membership corpora-
tion formed in 1993 as the successor to the MIT X Consortium and dis-
solved at the end of 1996. Refer to the Consortium man page for addi-
tional details about the X Consortium.
See xc/INSTALL.PS (PostScript) or xc/INSTALL.TXT (plain text) for
instructions on how to build and install this software.
1.1. Overview of the X Consortium Release
The X Consortium software and documentation in Release 6.3 is in direc-
tory xc/ and contains the following:
X Consortium Standards
The X Consortium produced standards: documents which define net-
work protocols, programming interfaces, and other aspects of the X
environment. See the XStandards manual page for a list of stan-
dards.
Implementations
For most of our standards, we provide high-quality implementations
to demonstrate proof of concept and to give early adopters and ven-
dors a base to use. These are not reference implementations; the
written specifications define the standards.
Fonts
A collection of bitmap and outline fonts are included in the dis-
tribution, contributed by various individuals and companies.
Utility Libraries
A number of libraries, such as Xmu and the Athena Widget Set, are
included. These are not standards, but are used in building X Con-
sortium applications and may be useful in building other applica-
tions.
Programs
We also provide a number of application programs. A few of these
programs, such as xdm (or its equivalent), should be considered
essential in almost all environments. The rest of the applications
carry no special status; they are simply programs that have been
developed and/or maintained by X Consortium staff. In some cases,
you will find better substitutes for these programs contributed by
others.
1.2. Supported Systems
We built and tested this release on the following systems:
AIX 4.2
Digital Unix 4.0A
HP-UX 10.01
IRIX 6.2
Solaris 2.5
UNIX System V/386 Release 4.2 (Novell UnixWare) Version 2.02
We also built this release on the following and did some minimal test-
ing:
FreeBSD 2.1.6
Linux 1.2.13 (Yggdrasil) and 2.0.0 (Slackware 3.1)
SCO Open Server 5.0
SunOS 4.1.4
Windows NT 4.0
In all cases except SunOS we have used the vendor's compiler. On SunOS
we build with gcc.
1.2.1. Supported Display Devices
This release includes the necessary device-dependent support to build a
native X server for the following platforms:
XFree86: See the XF_* man pages for supported video cards
AIX: Xibm with Skyway display adapter
HP-UX: Xhp
Digital Unix: Xdec on Alpha AXP with PMAG-B frame buffer
SunOS/Solaris: Xsun -- see the Xsun man page for supported frame buffers
Ultrix[1] :Xdec
In addition to the above, the Xvfb and Xnest servers can be built on
most platforms.
Native servers are not built on IRIX or Microsoft Windows NT.
1.3. The XC Tree
The general layout under xc/ is as follows:
config/ config files, imake, makedepend, build utilities
doc/ all documentation other than per-program manual pages
fonts/ BDF, Speedo, Type1 fonts
include/ include files shared by multiple directories
lib/ all libraries
nls/ national language support files
programs/ all programs, including the X server and rgb
util/ patch, compress, other utilities
bug-report bug reporting template
registry X Registry
This file is xc/RELNOTES.*, in various formats. The documentation
source files RELNOTES.ms and INSTALL.ms are in the xc/doc/misc/ direc-
tory.
1.4. X Registry
The X Consortium maintained a registry of certain X-related items to aid
in avoiding conflicts and to aid in sharing of such items.
The registry is in the file xc/registry in the distribution. The latest
version may also be available by sending a message to xstuff@x.org. The
message can have a subject line and no body, or a single-line body and
no subject; in either case the line should look like this:
send docs registry
1.5. Extensions Supported
The core distribution includes the following extensions: BIG-REQUESTS,
DOUBLE-BUFFER, LBX, MIT-SHM, MIT-SUNDRY-NONSTANDARD, Multi-Buffering,
RECORD, SECURITY, SHAPE, SYNC, X3D-PEX, XC-APPGROUP, XC-MISC, XFree86-
VidModeExtension, XIE, XInputExtension, XKEYBOARD, XpExtension (print-
ing), XTEST, and XTestExtension1.
Not all of these extensions are standards; see the XStandards manual
page. Some of these extensions are not supported on all platforms.
1.6. Implementation Parameters
Some of the specifications define some behavior as implementation-
dependent. Implementations of X Consortium standards need to document
how those parameters are implemented; this section does so.
XFILESEARCHPATH default
This default can be set at build time by setting the imake vari-
ables XFileSearchPathDefault, XAppLoadDir, XFileSearchPathBase, and
ProjectRoot in site.def. See xc/config/cf/README for instructions
and xc/config/cf/X11.tmpl[2] for details of how these configuration
variables are used.
By default ProjectRoot is /usr/X11R6.3 and XFILESEARCHPATH has
these components:
/usr/X11R6.3/lib/X11/%L/%T/%N%C%S
/usr/X11R6.3/lib/X11/%l/%T/%N%C%S
/usr/X11R6.3/lib/X11/%T/%N%C%S
/usr/X11R6.3/lib/X11/%L/%T/%N%S
/usr/X11R6.3/lib/X11/%l/%T/%N%S
/usr/X11R6.3/lib/X11/%T/%N%S
XUSERFILESEARCHPATH default
If the environment variable XAPPLRESDIR is defined, the default
value of XUSERFILESEARCHPATH has the following components:
$XAPPLRESDIR/%L/%N%C
$XAPPLRESDIR/%l/%N%C
$XAPPLRESDIR/%N%C
$HOME/%N%C
$XAPPLRESDIR/%L/%N
$XAPPLRESDIR/%l/%N
$XAPPLRESDIR/%N
$HOME/%N
Otherwise it has these components:
$HOME/%L/%N%C
$HOME/%l/%N%C
$HOME/%N%C
$HOME/%L/%N
$HOME/%l/%N
$HOME/%N
XKEYSYMDB default
Defaults to /usr/X11R6.3/lib/X11/XKeysymDB, assuming ProjectRoot is
set to /usr/X11R6.3.
XCMSDB default
Defaults to /usr/X11R6.3/lib/X11/Xcms.txt, assuming ProjectRoot is
set to /usr/X11R6.3.
XLOCALEDIR default
Defaults to the directory /usr/X11R6.3/lib/X11/locale, assuming
ProjectRoot is set to /usr/X11R6.3. The XLOCALEDIR variable can
contain multiple colon-separated pathnames.
XErrorDB location
The Xlib error database file is /usr/X11R6.3/lib/X11/XErrorDB,
assuming ProjectRoot is set to /usr/X11R6.3.
XtErrorDB location
The Xt error database file is /usr/X11R6.3/lib/X11/XtErrorDB,
assuming ProjectRoot is set to /usr/X11R6.3.
Supported Locales
X locales supported are in locale.dir; the mapping between various
system locale names and X locale names is in locale.alias. Both
files are shipped in the xc/nls/X11/locale/ directory and installed
in the XLocaleDir directory (e.g. /usr/X11R6.3/lib/X11/locale/).
Input Methods supported
The core distribution does not include any input method servers.
However, Xlib supplies a default built-in input method that sup-
ports compose processing in 8-bit locales. Compose files are pro-
vided for Latin-1 and Latin-2. The built-in input method can sup-
port other locales, given suitable compose files. See
xc/nls/X11/locale/Compose/iso8859-* for the supported compositions.
There are input method servers available on the net.
2. What is Unchanged in Release 6.3
As this is an update release, there is a great deal of stability in the
standards, libraries, and clients. No existing standards other than the
ICE library specification have changed in a material way, though several
documents have been updated with editorial improvements. There is one
new interface added to the ICE library libICE; see below. The extension
library, libXext, is updated to include the LBX, security, and applica-
tion group extension interfaces. All previous interfaces in these and
all other libraries are unchanged.
3. What Is New in Release 6.3
This section describes changes in the X Consortium distribution since
Release 6.1.
All libraries, protocols, and servers are compatible with Release 6 and
Release 6.1. That is, R6 and R6.1 clients and applications will work
with R6.3 libraries and servers. Most R6.3 clients will work with R6.1
and R6 libraries except those that use the new interfaces in libICE,
libXext, and libXp.
The major new functionality in R6.3 is support for World Wide Web
integration, protection of data from ``untrusted'' client connections, a
bandwidth- and latency-optimized protocol for using X across the Inter-
net, a print protocol following the Xlib API, and support for vertical
text writing and user-defined characters in the Xlib implementation.
3.1. OS Support
The following platforms have a newer operating system version supported:
System R6.1 R6.3
AIX 4.1.4 4.2
Digital Unix 3.2C 4.0A
HP-UX 10.01
IRIX 5.3 6.2
Solaris 2.4 2.5
UnixWare 2.02
We also built on the following platforms, however full support is not
guaranteed:
System R6.1 R6.3
FreeBSD 2.1.0 2.1.6
Linux 1.2.13 2.0
SCO Open Server 5.0
SunOS 4.1.3 4.1.4
Windows NT 3.5 4.0
3.2. New Standards
The following are new X Consortium standards in Release 6.3. Each is
described in its own section below.
Low Bandwidth X Extension
RX: X Remote Execution MIME type
Security Extension
Application Group Extension
Print Extension
Proxy Management Protocol
3.3. Low Bandwidth X Extension
The Low Bandwidth X extension (LBX) defines several compression and
local caching techniques to improve performance on wide area networks
and also on slower-speed connections. These reduce the amount of proto-
col data transported over the network and reduce the number of client-
to-server roundtrips required for common application startup operations.
LBX was referred to as X.fast in some materials but we elected to not go
through the implementation and change all the names. To avoid any con-
fusion with an external name different from the internal name in the
implementation, we elected to drop the ``X.fast'' moniker.
LBX is implemented in two pieces; an X server extension and a proxy
application. The X server extension provides the new optimized proto-
col. The proxy application, lbxproxy, translates a normal client X pro-
tocol stream into an LBX stream. This permits any existing application
to gain the benefit of the optimized protocol with no changes. The
proxy is especially useful when multiple applications are running on the
same local area network separated from the X server by a slower network.
In this case the full benefit of the local cache is shared by each
application using the same proxy process.
The specification for LBX is in xc/doc/specs/Xext/lbx.mif (FrameMaker
interchange source) and xc/doc/hardcopy/Xext/lbx.PS.Z (compressed
PostScript).
3.4. RX: X Remote eXecution
The remote execution (RX) service specifies a MIME format for invoking
applications remotely, for example via a World Wide Web browser. This
RX format specifies a syntax for listing network services required by
the application, for example an X display server. The requesting Web
browser must identify specific instances of the services in the request
to invoke the application.
The distribution contains a helper program (xrx) and a Netscape Naviga-
tor plug-in (libxrx) that demonstrate this protocol. The plug-in
requires Navigator 3.0.
We have only been able to test the plug-in on HP-UX, IRIX, Digital Unix,
and Solaris2. Netscape Navigator binaries for other platforms are
either not available at all or were not available in time to be included
in the testing for this release.
The specification for the RX mime type is in xc/doc/specs/RX/RX.mif
(FrameMaker interchange source) and xc/doc/hardcopy/RX/RX.PS.Z
(compressed PostScript).
The following section describes the procedure to set up your environment
and try the examples provided in this distribution.
3.4.1. Preparing Your Web Server
In order to demonstrate the RX helper program and the RX Netscape plug-
in you need to have access to an HTTP server to install ``common gateway
interface'' (CGI) scripts. While CGI programs can be written in any
compiled or interpreted language, the sample CGI programs in the distri-
bution are written in perl.
If you don't currently have a web server the NCSA server is a good one
to try. Binaries for various systems are available at:
http://hoohoo.ncsa.uiuc.edu/docs/setup/PreExec.html
If you don't have perl you can get the source code from:
ftp://prep.ai.mit.edu/pub/gnu/perl-4.036.tar.gz
You need to install the HTML, RX, and CGI sample files into your
server's HTML and CGI directories. The process can be partially
automated by adding the following definitions to your site.def or
host.def file:
WebServer defines the hostname and port of your web server, for
example
#define WebServer www.myorg.org:8001
HtmlDir defines the path at which HTML and RX documents are
installed, for example
#define HtmlDir /usr/local/etc/httpd/htdocs
CgiBinDir defines the path at which CGI programs are installed, for
example
#define CgiBinDir /usr/local/etc/httpd/cgi-bin
ProxyManager defines the transport scheme, hostname, and port for CGI
programs to contact the Proxy Manager. See the proxymngr
man pages for further details. Typically the proxy
manager host will be the same as your web server, for
example:
#define ProxyManager tcp/www.myorg.org:6500
Then make the Makefiles and build the directories with the following
command sequence:
cd xc/programs/xrx/htdocs
xmkmf ../../.. programs/xrx/htdocs
make
make install
cd ../cgi-bin
xmkmf ../../.. programs/xrx/cgi-bin
make
make install
These directories are not automatically built or installed by the top
level Makefile because they install outside the ProjectRoot.
You also need to configure your web server so that files with the exten-
sion name ``rx'' are of the MIME type ``application/x-rx''. See your
HTTP server's configuration documentation for the right procedure to do
so.
3.4.2. The RX Helper Program
The helper program, xrx, may be used with any Web browser to interpret
the new RX document type.
The RX helper program is installed in <ProjectRoot>/bin (e.g.
/usr/X11R6.3/bin/). You will need to configure your web browser to use
it for RX documents by adding a line to your $HOME/.mailcap:
application/x-rx; /X11/bin/xrx %s
You may need to refer to your web browser's documentation for exact
instructions on configuring helper applications.
The helper program is activated by your browser as soon as you retrieve
any document of the MIME type application/x-rx. All you need to do is to
point your browser at the URL:
http://your.web.server/xload.rx
The application (i.e. xload) should appear on your DISPLAY as a new
top-level client. The client will be running on your web server host
and connected to your X server. If your X server supports the SECURITY
extension the client will be running as an untrusted client.
3.4.3. The RX Netscape Navigator Plug-in
The Navigator plug-in supports all the functions of xrx and in addition
uses the new XC-APPGROUP extension, if your X server provides it, to
cause the remotely launched application to be embedded within the
browser page from which it was launched.
The HTML page links to an RX document via the EMBED tag, a Netscape
extension to HTML. The RX document provides the plug-in with the list
of services the application wants to use. Based on this information,
the plug-in sets the various requested services, including creating
authorization keys, and passes the relevant data to the application
through an HTTP GET request of the associated CGI script. The Web
server then executes the CGI script to start the application.
To be able to use the RX plug-in you need Netscape Navigator 3.0.
Binaries for various systems can be found at:
http://home.netscape.com/comprod/mirror/client_download.html
To complete the installation of the Netscape plug-in, find the file
named libxrx.so.6.3 or libxrx.sl.6.3 (or similar, depending on your
platform) in <ProjectRoot>/lib (e.g. /usr/X11R6.3/lib) and copy it to
either /usr/local/lib/netscape/plugins or $HOME/.netscape/plugins. Do
not install the symlinks libxrx.so or libxrx.sl; they may confuse
Netscape.
You should remove or comment out the line you may have previously added
in your mailcap file to use the RX helper program, otherwise the plug-in
will not be enabled. (The usual comment character for mailcap is
``#''.)
If you are already running Netscape Navigator, you need to exit and res-
tart it after copying the plug-in library so the new plug-in will be
found. Once this is done you can check that Navigator has successfully
loaded the plug-in by checking the ``About Plug-ins'' page from the Help
menu. This should show something like:
RX Plug-in
File name: /usr/guest/netscape/plugins/libxrx.sl.6.3
X Remote Activation Plug-in
Mime Type Description Suffixes Enabled
application/x-rx X Remote Activation Plug-inxrxYes
The plug-in will be activated by Netscape Navigator as soon as you
retrieve any document of the MIME type application/x-rx. Several sam-
ples are included in the distribution. The most basic one is xload. All
you need to do is point your browser at the page:
http://your.web.server/xload.html
If something goes wrong check on the all the previous steps listed above
and try again. Once xload is working you can try some of the other
examples in the distribution such as bitmap.html or dtcm.html.
3.4.4. Trying Embedding With an Old X Server
The Netscape Navigator plug-in, libxrx, will work with an X server that
does not contain the application group or security extensions. The
application will be started as a separate top-level client.
If you wish to try out the embedding facilities without replacing your
desktop X server, you may use the Xnest server.
A typical Xnest session would look like the following:
% Xnest :11
% xterm -display :11
These two commands start a ``nested'' server and a terminal emulator
within that server. Your favorite window manager and Netscape Navigator
can now be executed from the nested xterm window. You may wish to first
disable access control in the nested server by running ``xhost +'' in
the nested xterm.
3.4.5. Setting Up Your Own Applications To Run Over The Web
Based on the examples provided in the distribution it should be easy to
set up your web server to run your own applications. Every application
requires 3 additional files to identify it to Web browsers:
myapp.htmlAn HTML page to present the application embedded
myapp.rx The RX document describing the application
myapp.pl The CGI script to start the application
Note that the separate ``.rx'' file could be omitted by implementing the
CGI script such that if it is invoked without a QUERY_STRING it will
return the RX content. We decided not to do so in the distributed exam-
ples for purpose of clarity.
The xload demo provides a good starting point. Simply make a copy of
each of the files xload.rx, xload.html, and xload.pl. Then look inside
them for every instance of ``xload'' and change it to whatever is
appropriate for your application.
You will not be able to run the dtcm demo unless you have dtcm (a CDE
component) installed on your web server host. This example shows how a
CGI script would look when an X Print server is requested. The script
dtcm.pl is, for that reason, slightly more complicated than other exam-
ples.
3.5. Security Extension
The SECURITY extension contains new protocol needed to provide enhanced
X server security. This extension adds to the X protocol the concepts
of ``trusted'' and ``untrusted'' clients. The trust status of a client
is determined by the authorization used at connection setup. All
clients using host-based authorization are considered ``trusted''.
Clients using other authorization protocols may be either trusted or
untrusted depending on the data included in the connection authorization
phase.
The requests in the security extension permit a trusted client to create
multiple authorization entries for a single authorization protocol.
Each entry is tagged with the trust status to be associated with any
client presenting that authorization.
When a connection identifying an ``untrusted'' client is accepted, the
client is restricted from performing certain operations that would steal
or modify data that is held by the server for trusted clients. An
untrusted client performing a disallowed operation will receive protocol
errors. Such a client may be written to catch these errors and continue
operation.
When a client is untrusted, the server will also limit the extensions
that are available to the client. Each X protocol extension is respon-
sible for defining what operations are permitted to untrusted clients;
by default, the entire extension is hidden.
The specification for the SECURITY extension is in
xc/doc/specs/Xext/security.tex (LaTeX source) and
xc/doc/hardcopy/Xext/security.PS.Z (compressed PostScript).
3.5.1. Untrusted Application Behavior
Most applications work normally when run as untrusted clients, but since
the security extension changes the semantics of certain parts of the X
protocol, it is no surprise that some clients behave differently when
untrusted. We note the following significant behavior changes,
separated into two categories: changes that we expect could disappear or
mutate if the implementation were improved in a future release, and
changes we expect are permanent, legitimate defenses against data loss
or leakage.
3.5.1.1. Behaviors That Are Implementation-Dependent
The following behaviors when running the respective applications as
untrusted are not mandated by the security design but are side effects
of limitations in the current implementation.
oclock is square because the SHAPE extension hasn't been marked secure
yet. Similarly, Xaw applications that use oval buttons will have rec-
tangular buttons instead.
Any application that depends on an extension other than XC-MISC, LBX, or
BIG-REQUESTS will have different behavior, as no other extensions are
currently marked secure. The core clients affected are xieperf and all
the xkb utilities.
emacs exits with a Window error when trying to use the QueryPointer
request on the root window when you click in a buffer.
FrameMaker, and xwd -root both exit with a Window error when trying to
use the GetWindowAttributes request on a window manager frame window.
All the remaining changes are involved in some way with window proper-
ties. Some of these behaviors can be modified with changes to the Secu-
rityPolicy file; see the Xserver man page.
Several clients exit with a Window error when trying to use the
DeleteProperty request on various properties on the root window. These
include xcmsdb -remove, xprop -root -remove, and xstdcmap -delete.
xprop exits with an Atom error when attempting to access protected pro-
perties.
The following two changes require, in addition, a ``trusted selection
intermediary'' to provide selection transfer from untrusted to trusted
clients (and vice-versa). R6.3 does not include such a trusted
intermediary.
xterm exits with an Atom error when it tries to store the property value
during a selection transfer (paste) to a trusted selection requester.
The ``copy 0 to PRIMARY'' button of xcutsel does not work.
Selection transfer from untrusted clients to trusted clients fails when
the untrusted client attempts to use SendEvent to generate the Selec-
tionNotify event for the requester. Most requesters will treat this as
a transfer timeout and continue. Xt-based applications will create an
additional Atom each time such a transfer is attempted.
3.5.1.2. Behaviors That Are Not Likely To Change
The following behaviors represent actions performed by the applications
that are disallowed by design.
editres will fail when pointed at a trusted client when it tries to read
window properties on a window owned by that client.
Xnest exits on startup with an Access error as it tries to use the
ChangeKeyboardControl request.
The new generate option to xauth fails because untrusted applications
are not allowed to create additional authorizations.
xhost cannot be used to modify the host access list.
xmag gets an unending stream of Drawable errors as it tries to use the
PolyRectangle request on the root window. If you click to select a
location to magnify, xmag gets a Drawable error as it tries to use the
GetImage request on the root window. xmag could be modified to exit
gracefully under these conditions.
netscape exits on startup with a Drawable error when trying to use the
GetImage request on the root window.
xmodmap exits with an Access error when trying to use the ChangeKey-
boardMapping request.
xset with the b, c, led, or r options exits with an Access error when
trying to use the ChangeKeyboardControl request. With the bc option, it
can't find the MIT-SUNDRY-NONSTANDARD extension and exits gracefully.
xsetroot exits with a Window error when trying to use the ChangeWin-
dowAttributes request on the root window.
3.6. Application Group Extension
The application group extension (XC-APPGROUP) provides new protocol to
implement Application Groups (``AppGroups''). The AppGroup facility
allows other clients to share the SubstructureRedirect mechanism with
the window manager. This allows another client called the ``application
group leader'', such as a web browser, to intercept a MapRequest made by
a third application and reparent its window into the web browser before
the window manager takes control. The AppGroup leader may also limit
the screens and visuals available to the applications in the group.
Users who have an XC-APPGROUP enhanced X server and an RX plug-in for
their Netscape Navigator web browser can run programs remotely over the
web and have the output appear as part of the presentation in their web
browser.
The only way for an application to become a member of an AppGroup is by
using an authorization generated using the new security extension.
Whenever an application connects to the server, the authorization that
it used to connect is tested to see if it belongs to an AppGroup. This
means that the Authorization data must be transmitted to the remote host
where the application will be run. In the case of RX, HTTP is used to
send the Authorization. Sites who have concerns about sending unen-
crypted authorization data such as MIT-MAGIC-COOKIE-1 via HTTP should
configure their web servers and web browsers to use SHTTP or SSL.
The specification for the XC-APPGROUP extension is in
xc/doc/specs/Xext/AppGroup.mif (FrameMaker interchange source) and
xc/doc/hardcopy/Xext/AppGroup.PS.Z (compressed PostScript).
3.7. Print Extension
The print extension supports output to hardcopy devices using the core X
drawing requests. The print extension adds requests for job and page
control and defines how specific printer attributes are communicated
between the server and printing clients. Printer attribute specifica-
tions are modeled after the ISO 10175 specification.
An X client that wants to produce hardcopy output will typically open a
second connection to an X print server, produce a print job, and then
close the print server connection. The print server may be the same
process as the display server (the term ``video server'' is sometimes
used) although the implementation provided in R6.3 does not completely
support video and print servers in the same binary.
The specification for the print extension is in
xc/doc/specs/XPRINT/xp_proto.mif (FrameMaker interchange source) and
xc/doc/hardcopy/XPRINT/xp_proto.PS.Z (compressed PostScript). The
library API specification is in xc/doc/specs/XPRINT/xp_library.mif
(FrameMaker interchange source) and
xc/doc/hardcopy/XPRINT/xp_library.PS.Z (compressed PostScript).
3.7.1. Running an X Print Server
The print server is simply an X server with the print extension and spe-
cial DDX implementations. The X Print Server is started like any other
X server.
Here is a sample command line for use with a typical configuration:
% Xprt :1 -ac
The options used in the example are:
:1 On a host that is running a video display server you will need
to specify a different display from the default.
-ac Disable access control, since no simple mechanism for sharing
keys is provided.
The X print server supports the following additional options:
-XpFile Points to the directory containing the print server configura-
tion files.
XPCONFIGDIREnvironment variable specifying alternative location of the
print server configuration files.
The print server, Xprt, is built only if the config option XprtServer is
YES. Four printer DDXen are provided, each with a separate config
option to control whether or not it will be included: XpRasterDDX,
XpColorPclDDX, XpMonoPclDDX, XpPostScriptDDX; see xc/config/cf/README.
XprtServer defaults to the value of BuildServer (i.e. Xprt will be built
by default on all platforms that build a full X server). XpRasterDDX
and XpMonoPclDDX default to NO. XpColorPclDDX and XpPostScriptDDX
default to YES.
The print server is configured through a directory of configuration
files that define printer model types and instances of printer models.
An example configuration tree is provided in
xc/programs/Xserver/XpConfig/. See also xc/doc/specs/Xserver/Xprt.mif
(FrameMaker interchange source) and xc/doc/hardcopy/Xserver/Xprt.PS.Z
(compressed PostScript) for further instructions on configuring Xprt.
3.7.2. Specifying The Print Server To A Client
By convention, clients locate the print server using the environment
variable XPRINTER. The syntax of XPRINTER is an augmented DISPLAY; i.e.
printerName@host:display
where ``printerName'' is one of the printer instances listed in the
print server configuration files. The use of XPRINTER and its syntax is
an application convention only; there is nothing in the supplied
libraries that uses (or parses) this environment variable.
3.8. Proxy Management Protocol
The Proxy Management Protocol is an ICE based protocol that provides a
way for application servers to easily locate proxy services such as the
LBX proxy and the X firewall proxy.
Typically, a service called a ``proxy manager'' is responsible for
resolving requests for proxy services, starting new proxies when
appropriate, and keeping track of all of the available proxy services.
The proxy manager strives to reuse existing proxy processes whenever
possible.
The Proxy Management Protocol is described in xc/doc/specs/PM/PM_spec.
3.9. Configuration
As in R6.1, the top-level Makefile is no longer over-ridden by the first
build. Instead a new file xmakefile is created. Thus is it not neces-
sary to take any additional steps to reset the builds.
The file xc/config/cf/README provides more guidance on how to write an
Imakefile, including a list of variables that may be set in an
Imakefile. This file is strongly recommended reading for Imakefile
authors.
The LaTeX text processor is supported as of R6.1. If you have LaTeX on
your system, turn on HasLatex to have the MakeLatexDoc rule use it.
Also since R6.1, with System V Release 4 (SVR4) compilers we now use the
-Xa (ANSI C with native extensions) compiler flag rather than -Xc (limit
environment to that specified in the standard). This provides access to
the full richness of the platform. Unfortunately, it also defines the
preprocessor symbol __STDC__ to 0, instead of 1 as specified by the
standard. Therefore we use "#ifdef __STDC__" in our sources rather than
"#if __STDC__". On HP-UX systems we use the -Ae compiler option instead
of -Aa, also to access the full environment offered by the platform.
As in R6.1, the imake variables InstallXdmConfig, InstallXinitConfig,
and InstallAppDefFiles suppress overwriting existing files; if the files
didn't previously exist, the files are always installed. This interpre-
tation makes bootstrapping a new system easier than in R6 and earlier
releases.
A new configuration build option, GzipFontCompression, has been added to
use gzip rather than compress for font compression. It defaults to NO.
The build creates a new directory xc/exports into which the header
files, libraries, and certain build utility binaries are symlinked.
This greatly simplifies Imakefile construction and supports multiple
development projects (such as X, Motif, and CDE) on a single system.
Imake rules and template files for building Motif and CDE were contri-
buted by the OSF CDE/Motif project and are included in R6.3.
3.10. Documentation
Additional X server internals documentation is provided in the
/xc/doc/specs/Xserver/ directory for the XC-APPGROUP and SECURITY exten-
sions. An analysis and rationale for the SECURITY extension will also
be found in that directory. Specifications for the other new standards
are in /xc/doc/specs/RX/, /xc/doc/specs/XPRINT/, and
/xc/doc/specs/Xext/.
3.11. Header Files
xc/include/Xos_r.h is a new header file to promote portable source code
using thread-safe implementations of getpwnam, getpwuid, gethostbyname,
gethostbyaddr, and getservbyname. It is not required by any X Consor-
tium standard.
3.12. X Server
The security, LBX, printing, and AppGroup extensions are all new. In
R6.3 only MIT-MAGIC-COOKIE-1 is supported in the security extension.
Parts of the security policy are configured at run-time from the file
/usr/X11R6.3/lib/X11/xserver/SecurityPolicy. Site-defined policy
strings used by xfwp and rules for property access by untrusted clients
are defined there. See the Xserver man page for full details.
3.12.1. New Device Support
Support has been added for the Sun TCX frame buffer as a dumb 8-bit
frame buffer on Solaris 2.5.
New XFree86 servers based on XFree86 3.2 are included.
3.12.2. Internal Changes
The security extension provides new internal resource ID lookup inter-
faces that incorporate the access control lookup. In order to be
declared secure and therefore be made available to untrusted clients,
other extensions should, at a minimum, be changed to use these inter-
faces. Depending on what the extension does, more may need to be done
in its implementation before it can appropriately be labeled ``secure''.
Refer to the documents xc/doc/specs/Xserver/appgroup.ms and
xc/doc/specs/Xserver/secint.tex for implementation details of the appli-
cation group and security extensions, respectively.
3.13. ICE Library Addition
To support proxy managers and firewall proxies using ICE on well-known
TCP ports, an additional interface has been added to the ICE library.
This new interface, IceListenForWellKnownConnections, has equivalent
calling parameters to IceListenForConnections plus an ICE network id
parameter.
3.14. Xlib Vertical Writing and User-Defined Characters
The Xlib output method implementation has been enhanced to support the
XOM value drawing direction XOMOrientation_TTB_RTL. Vertical writing
information and other locale specific information is read from the file
<XLocaleDir>/%L/XLC_LOCALE where the XLocaleDir configuration option
defaults to /usr/X11R6.3/lib/X11/locale.
The X[mb|wc]TextEscapement functions now return the text escapement in
pixels for the vertical or horizontal direction depending on the
XNOrientation XOCValue.
The X[mb|wc]DrawString functions will now render a character string in
the vertical or horizontal direction depending on the XNOrientation
XOCValue.
The Xlib NLS database implementation has been enhanced to support
extended segments used for interchanging non-standard code sets. Sup-
port has been added for control sequences and encoding names used in
extended segments and conversion of glyph indexes when interchanging
data in extended segments.
3.15. Xt Geometry Management Debugger
Daniel Dardailler's ``GeoTattler'' code has been merged into the Xt
Intrinsics library implementation. This is not a standard. If libXt is
compiled with the XT_GEO_TATTLER symbol defined (currently there is no
build configuration support to do this) then a ``geoTattler'' resource
may be specified for any widget in an application. If the geoTattler
resource for a widget instance is True then libXt will generate debug-
ging information to stdout when the widget makes geometry change
requests.
For example, if the resources specify:
myapp*draw.XmScale.geoTattler: ON
*XmScrollBar.geoTattler:ON
*XmRowColumn.exit_button.geoTattler:ON
then geometry management debugging information will be generated for all
the XmScale children of the widget named draw, all the XmScrollBars, and
the widget named exit_button in any XmRowColumn.
3.16. New Programs
There are new core programs lbxproxy, proxymngr, xfindproxy, xfwp, Xprt,
and xrx.
lbxproxy The lbxproxy program is used to ``translate'' X protocol to
LBX protocol. It should be executed on the same host as the
client application or on a host connected to the client host
by a fast network. lbxproxy appears to the clients using it
as another X server; that is, the clients connect through it
using the conventional DISPLAY syntax, specifying the proxy
host in place of the server. lbxproxy can be used stand-
alone or in conjunction with proxymngr and xfindproxy. See
the lbxproxy man page for further details.
proxymngr proxymngr is a process that runs continuously to control
other proxy applications, such as lbxproxy and xfwp. It
maintains a list of active proxy processes and responds to
queries from xfindproxy. See the proxymngr man pages for
further details.
xfindproxy xfindproxy is used to locate a running proxy process for a
given network service, such as lbxproxy or xfwp, or to
request that a proxy be started if one is not already run-
ning. xfindproxy communicates with proxymngr to perform the
actual work.
xfwp xfwp is the X firewall application proxy. It is designed to
run on a network firewall host and relay X protocol between
applications (typically outside the firewall) and the X
server (inside the firewall). xfwp appears to the clients
using it as another X server; that is, clients connect
through it using the conventional DISPLAY syntax. xfwp will
not do anything useful without proxymngr and xfindproxy or
xrx. See the xfwp man page for further details.
Xprt Xprt is the print server, built as part of the Xserver build
if the XprtServer config option is YES. The print server
supports printing to PostScript and PCL devices, as well as
raster output to an xwd format file (and thence to any
printer that xpr supports). The print extension was
designed to be integrated with the ``video'' server in a
single process but the R6.3 implementation does not support
a combined video and print server. Details of configuration
for Xprt are in xc/doc/specs/Xserver/Xprt.mif (FrameMaker
interchange source) and xc/doc/hardcopy/Xserver/Xprt.PS.Z
(compressed PostScript).
xrx, libxrx xrx is the Web browser helper application that interprets
documents in the RX MIME type to remotely launch applica-
tions via the Web. Its companion libxrx is a plug-in for
Netscape Navigator 3.0 that supports in addition the capa-
bility to visually embed the remote applications in the
associated browser Web page window. See the xrx man page
for further details.
3.16.1. Using The LBX Proxy
The implementation of lbxproxy provided here will support an arbitrary
number of clients connecting to the same X server. A separate lbxproxy
process is required for each separate X server process. A typical com-
mand line to invoke lbxproxy is
lbxproxy :22 -display myhost:0
This command runs a proxy with the X server ``myhost:0'' as the target.
Clients must connect to the proxy using ``proxyhost:22'' as the DISPLAY.
The .Xauthority file for these clients must contain an entry for server
``proxyhost:22'' with the same MIT-MAGIC-COOKIE as ``myhost:0'', or the
X server must be configured to permit connections from any host on the
network.
Here is an example showing how to setup the appropriate .Xauthority
entries:
% lbxproxy :22 -display myws:0
% xauth list
myws:0 MIT-MAGIC-COOKIE-1 7fd231ccdce2
myws/unix:0 MIT-MAGIC-COOKIE-1 7fd231ccdce2
% xauth -f $HOME/proxyauth add proxyhost:22 . 7fd231ccdce2
xauth: creating new authority file /usr/myself/proxyauth
% xauth -f $HOME/proxyauth add proxyhost/unix:22 . 7fd231ccdce2
% setenv XAUTHORITY $HOME/proxyauth
In this example, the authorization token for display 0 is copied into a
new file ``proxyauth'' and associated with the LBX proxy server display
number (22). The new authority file may then be copied to another host
and used as the value of the XAUTHORITY environment variable.
The proxymngr daemon is usually configured to invoke lbxproxy automati-
cally when a user or a CGI script runs xfindproxy -name LBX.
See the lbxproxy man page for further details.
3.17. Major Additions to Existing Programs
The generate option of xauth is used to obtain additional authorization
tokens for client connections. These authorization tokens may specify
that the client using them is to be restricted in the operations that
may be performed in the X server. The authorization tokens may be
independently revoked. Refer to the SECURITY extension for further
details on authorizations.
The xauth man page gives full details on the new generate command. Here
is an example use:
xauth -f untrusted-auth-file g :0 . timeout 0
setenv XAUTHORITY untrusted-auth-file
This will cause xauth to contact server ``:0'' to get a long-lasting
untrusted cookie which it then stores in untrusted-auth-file. By set-
ting XAUTHORITY to point to untrusted-auth-file, subsequent applications
run from this shell to server :0 will be untrusted. The ``g'' is short
for ``generate'', and the ``.'' is short for ``MIT-MAGIC-COOKIE-1''. If
you omit the -f argument, xauth will use $XAUTHORITY (or ~/.Xauthority),
which may not be what you want, especially if you are creating an
untrusted auth. This is because xauth will replace the trusted auth in
~/.Xauthority (put there by xdm) with the untrusted one, preventing you
from making any further trusted connections to the server.
The xterm terminal emulator now supports the active icon mode that was
in X version 10 Release 4. See the xterm man page for further details.
There is support in the xterm source to build xterm without the active
icon mode for those who may care for some reason to not provide it.
3.18. ANSIfication
As noted previously under "Configuration Files", for pragmatic reasons
we changed the way we use __STDC__ to test for standard C compilers.
R6.1 was officially the last release that supported traditional K&R C.
R6.3 assumes a standard C compiler and environment. We have not inten-
tionally removed any K&R C support from old code; most of the release
will continue to build on older platforms.
4. Known Bugs
There are no examples in this release showing how to use the print
extension. CDE 2.1 has several such applications.
lbxproxy fails to start on SCO Open Server.
x11perf running through lbxproxy will tickle a drawing bug in cfb-based
X servers that causes some lines and curves to be drawn to the wrong
coordinates and outside the window boundaries. Use the -nogfx option to
lbxproxy as a workaround on affected servers.
If proxymngr exits abnormally all managed proxies die.
Documentation is missing on how to use the vertical writing and user-
defined character support.
Documentation is sparse on how to configure Xprt.
There are no example fonts in the release with vertical text escapement
(``vertical writing fonts'').
5. Filing Bug Reports
If you find a reproducible bug in software in the xc/ directory, or find
bugs in the xc documentation, please send a bug report to The Open Group
using the form in the file xc/bug-report and this destination address:
xbugs@x.org
Please try to provide all of the information requested on the form if it
is applicable; the little extra time you spend on the report will make
it much easier for someone to reproduce, find, and fix the bug.
Bugs in the contributed software that is available on the net are not
handled on any official basis. Consult the documentation for the indi-
vidual software to see where (if anywhere) to report the bug. Many
authors of contributed software subscribe to the mailing list "contrib-
bugs" hosted at x.org, so this might be a useful place to report bugs.
(To subscribe to contrib-bugs yourself, send email to contrib-bugs-
request@x.org.)
6. Acknowledgements
Release 6.3 of X Version 11 was brought to you by the X staff at the X
Consortium, Inc.: Donna Converse (emeritus), Jim Fournier, Stephen Gil-
dea (emeritus), Kaleb Keithley, Matt Landau (emeritus), Arnaud Le Hors,
Ralph Mor (emeritus), Bob Scheifler, Ralph Swick, Ray Tice, Mark Welch
(emeritus), and Dave Wiggins (emeritus). Kevin Samborn and George Tsang
(emeritus) of the CDE staff at X Consortium, Inc. worked hard on the
print extension, including the PostScript driver; David Kaelbling of the
CDE staff converged the X, Motif, and CDE imake/config support and
helped with Xos_r.h; and Daniel Dardailler (emeritus) of the CDE staff
contributed the libXt geometry tracing code. Also, contractors Reed
Augliere, Roger Helmendach (Liberty Systems), and Ann Pichey each worked
on critical components.
Several companies and individuals have cooperated and worked extremely
hard to make this release a reality, and our thanks go out to them. You
will find many of them listed in the acknowledgements in the individual
specifications.
Ken Raeburn of XFree86 and Cygnus Support contributed the gzip font
compression support.
The Common Desktop Environment sponsors Digital Equipment Corp, Fujitsu,
Hewlett-Packard, Hitachi, IBM, Novell, and SunSoft jointly contributed
the print extension and the Xlib vertical writing and user-defined char-
acter support. Axel Deininger, Harry Phinney, Tom Gilg, Charles Prince,
and Jim Miller all from Hewlett-Packard did the print extension and PCL
and raster drivers. Fujitsu did the Xlib vertical writing and user-
defined character support.