summaryrefslogtreecommitdiff
path: root/clientloop.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2015-08-19 17:00:17 +0100
committerColin Watson <cjwatson@debian.org>2015-08-19 17:00:17 +0100
commit544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (patch)
tree33d2a87dd50fe5894ac6ec4579c83401b7ab00a4 /clientloop.c
parentbaccdb349b31c47cd76fb63211f754ed33a9707e (diff)
parent7de4b03a6e4071d454b72927ffaf52949fa34545 (diff)
Import openssh_6.9p1.orig.tar.gz
Diffstat (limited to 'clientloop.c')
-rw-r--r--clientloop.c32
1 files changed, 22 insertions, 10 deletions
diff --git a/clientloop.c b/clientloop.c
index a9c8a90f0..dc0e557ad 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.272 2015/02/25 19:54:02 djm Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.274 2015/07/01 02:26:31 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -163,7 +163,7 @@ static int connection_in; /* Connection to server (input). */
163static int connection_out; /* Connection to server (output). */ 163static int connection_out; /* Connection to server (output). */
164static int need_rekeying; /* Set to non-zero if rekeying is requested. */ 164static int need_rekeying; /* Set to non-zero if rekeying is requested. */
165static int session_closed; /* In SSH2: login session closed. */ 165static int session_closed; /* In SSH2: login session closed. */
166static int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ 166static u_int x11_refuse_time; /* If >0, refuse x11 opens after this time. */
167 167
168static void client_init_dispatch(void); 168static void client_init_dispatch(void);
169int session_ident = -1; 169int session_ident = -1;
@@ -298,7 +298,8 @@ client_x11_display_valid(const char *display)
298 return 1; 298 return 1;
299} 299}
300 300
301#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" 301#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
302#define X11_TIMEOUT_SLACK 60
302void 303void
303client_x11_get_proto(const char *display, const char *xauth_path, 304client_x11_get_proto(const char *display, const char *xauth_path,
304 u_int trusted, u_int timeout, char **_proto, char **_data) 305 u_int trusted, u_int timeout, char **_proto, char **_data)
@@ -311,7 +312,7 @@ client_x11_get_proto(const char *display, const char *xauth_path,
311 int got_data = 0, generated = 0, do_unlink = 0, i; 312 int got_data = 0, generated = 0, do_unlink = 0, i;
312 char *xauthdir, *xauthfile; 313 char *xauthdir, *xauthfile;
313 struct stat st; 314 struct stat st;
314 u_int now; 315 u_int now, x11_timeout_real;
315 316
316 xauthdir = xauthfile = NULL; 317 xauthdir = xauthfile = NULL;
317 *_proto = proto; 318 *_proto = proto;
@@ -344,6 +345,15 @@ client_x11_get_proto(const char *display, const char *xauth_path,
344 xauthdir = xmalloc(PATH_MAX); 345 xauthdir = xmalloc(PATH_MAX);
345 xauthfile = xmalloc(PATH_MAX); 346 xauthfile = xmalloc(PATH_MAX);
346 mktemp_proto(xauthdir, PATH_MAX); 347 mktemp_proto(xauthdir, PATH_MAX);
348 /*
349 * The authentication cookie should briefly outlive
350 * ssh's willingness to forward X11 connections to
351 * avoid nasty fail-open behaviour in the X server.
352 */
353 if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)
354 x11_timeout_real = UINT_MAX;
355 else
356 x11_timeout_real = timeout + X11_TIMEOUT_SLACK;
347 if (mkdtemp(xauthdir) != NULL) { 357 if (mkdtemp(xauthdir) != NULL) {
348 do_unlink = 1; 358 do_unlink = 1;
349 snprintf(xauthfile, PATH_MAX, "%s/xauthfile", 359 snprintf(xauthfile, PATH_MAX, "%s/xauthfile",
@@ -351,17 +361,20 @@ client_x11_get_proto(const char *display, const char *xauth_path,
351 snprintf(cmd, sizeof(cmd), 361 snprintf(cmd, sizeof(cmd),
352 "%s -f %s generate %s " SSH_X11_PROTO 362 "%s -f %s generate %s " SSH_X11_PROTO
353 " untrusted timeout %u 2>" _PATH_DEVNULL, 363 " untrusted timeout %u 2>" _PATH_DEVNULL,
354 xauth_path, xauthfile, display, timeout); 364 xauth_path, xauthfile, display,
365 x11_timeout_real);
355 debug2("x11_get_proto: %s", cmd); 366 debug2("x11_get_proto: %s", cmd);
356 if (system(cmd) == 0)
357 generated = 1;
358 if (x11_refuse_time == 0) { 367 if (x11_refuse_time == 0) {
359 now = monotime() + 1; 368 now = monotime() + 1;
360 if (UINT_MAX - timeout < now) 369 if (UINT_MAX - timeout < now)
361 x11_refuse_time = UINT_MAX; 370 x11_refuse_time = UINT_MAX;
362 else 371 else
363 x11_refuse_time = now + timeout; 372 x11_refuse_time = now + timeout;
373 channel_set_x11_refuse_time(
374 x11_refuse_time);
364 } 375 }
376 if (system(cmd) == 0)
377 generated = 1;
365 } 378 }
366 } 379 }
367 380
@@ -1889,7 +1902,7 @@ client_request_x11(const char *request_type, int rchan)
1889 "malicious server."); 1902 "malicious server.");
1890 return NULL; 1903 return NULL;
1891 } 1904 }
1892 if (x11_refuse_time != 0 && monotime() >= x11_refuse_time) { 1905 if (x11_refuse_time != 0 && (u_int)monotime() >= x11_refuse_time) {
1893 verbose("Rejected X11 connection after ForwardX11Timeout " 1906 verbose("Rejected X11 connection after ForwardX11Timeout "
1894 "expired"); 1907 "expired");
1895 return NULL; 1908 return NULL;
@@ -2352,8 +2365,7 @@ client_input_hostkeys(void)
2352 /* Check that the key is accepted in HostkeyAlgorithms */ 2365 /* Check that the key is accepted in HostkeyAlgorithms */
2353 if (options.hostkeyalgorithms != NULL && 2366 if (options.hostkeyalgorithms != NULL &&
2354 match_pattern_list(sshkey_ssh_name(key), 2367 match_pattern_list(sshkey_ssh_name(key),
2355 options.hostkeyalgorithms, 2368 options.hostkeyalgorithms, 0) != 1) {
2356 strlen(options.hostkeyalgorithms), 0) != 1) {
2357 debug3("%s: %s key not permitted by HostkeyAlgorithms", 2369 debug3("%s: %s key not permitted by HostkeyAlgorithms",
2358 __func__, sshkey_ssh_name(key)); 2370 __func__, sshkey_ssh_name(key));
2359 continue; 2371 continue;
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-06 10:34:06 +0000