- stevesk@cvs.openbsd.org 2002/07/19 17:42:40

[ssh.c] display a warning from ssh when XAuthLocation does not exist or xauth returned no authentication data. ok markus@
author: Ben Lindstrom <mouring@eviladmin.org> 2002-07-23 21:03:02 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2002-07-23 21:03:02 +0000
commit: ee8d52d008c03e5aa19e1bd9b0baaf5faa6cfbb8 (patch)
tree: a3cb96a630ed10969615c2bf8799dca9adb5c490
parent: 264ee307a8fd171dbb44121ec05b83f4143408cf (diff)
2 files changed, 17 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 3b92fd015..b3b77567d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,10 @@
     [log.c log.h session.c sshd.c]
     remove fatal cleanups after fork; based on discussions with and code
     from solar.
+   - stevesk@cvs.openbsd.org 2002/07/19 17:42:40
+     [ssh.c]
+     display a warning from ssh when XAuthLocation does not exist or xauth
+     returned no authentication data. ok markus@
 
 20020722
 - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk
@@ -1428,4 +1432,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2395 2002/07/23 21:01:56 mouring Exp $
+$Id: ChangeLog,v 1.2396 2002/07/23 21:03:02 mouring Exp $
diff --git a/ssh.c b/ssh.c
index 77e709daf..fec93be0d 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.181 2002/07/03 14:21:05 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.182 2002/07/19 17:42:40 stevesk Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -734,11 +734,19 @@ x11_get_proto(char **_proto, char **_data)
        FILE *f;
        int got_data = 0, i;
        char *display;
+        struct stat st;
        *_proto = proto;
        *_data = data;
        proto[0] = data[0] = '\0';
-        if (options.xauth_location && (display = getenv("DISPLAY"))) {
+        if (!options.xauth_location ||
+            (stat(options.xauth_location, &st) == -1)) {
+                debug("No xauth program.");
+        } else {
+                if ((display = getenv("DISPLAY")) == NULL) {
+                        debug("x11_get_proto: DISPLAY not set");
+                        return;
+                }
                /* Try to get Xauthority information for the display. */
                if (strncmp(display, "localhost:", 10) == 0)
                        /*
@@ -753,7 +761,7 @@ x11_get_proto(char **_proto, char **_data)
                else
                        snprintf(line, sizeof line, "%s list %.200s 2>"
                            _PATH_DEVNULL, options.xauth_location, display);
-                debug2("x11_get_proto %s", line);
+                debug2("x11_get_proto: %s", line);
                f = popen(line, "r");
                if (f && fgets(line, sizeof(line), f) &&
                    sscanf(line, "%*s %511s %511s", proto, data) == 2)
@@ -772,6 +780,7 @@ x11_get_proto(char **_proto, char **_data)
        if (!got_data) {
                u_int32_t rand = 0;
+                log("Warning: No xauth data; using fake authentication data for X11 forwarding.");
                strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto);
                for (i = 0; i < 16; i++) {
                        if (i % 4 == 0)
author	Ben Lindstrom <mouring@eviladmin.org>	2002-07-23 21:03:02 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2002-07-23 21:03:02 +0000
commit	ee8d52d008c03e5aa19e1bd9b0baaf5faa6cfbb8 (patch)
tree	a3cb96a630ed10969615c2bf8799dca9adb5c490
parent	264ee307a8fd171dbb44121ec05b83f4143408cf (diff)