upstream: Allow ssh_config ForwardX11Timeout=0 to disable the

timeout and allow X11 connections in untrusted mode indefinitely. ok dtucker@ OpenBSD-Commit-ID: ea1ceed3f540b48e5803f933e59a03b20db10c69
author: djm@openbsd.org <djm@openbsd.org> 2018-09-21 12:46:22 +0000
committer: Damien Miller <djm@mindrot.org> 2018-09-21 22:49:27 +1000
commit: b5e412a8993ad17b9e1141c78408df15d3d987e1 (patch)
tree: 3dc7a5be35019f5afac2d4fa1587a9befd3e7d9b /clientloop.c
parent: cb24d9fcc901429d77211f274031653476864ec6 (diff)
1 files changed, 28 insertions, 15 deletions
diff --git a/clientloop.c b/clientloop.c
index ad35cb7ba..8d312cdaa 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -279,7 +279,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
    const char *xauth_path, u_int trusted, u_int timeout,
    char **_proto, char **_data)
 {
-        char cmd[1024], line[512], xdisplay[512];
+        char *cmd, line[512], xdisplay[512];
        char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
        static char proto[512], data[512];
        FILE *f;
@@ -343,19 +343,30 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                                return -1;
                        }
-                        if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)
+                        if (timeout == 0) {
-                                x11_timeout_real = UINT_MAX;
+                                /* auth doesn't time out */
-                        else
+                                xasprintf(&cmd, "%s -f %s generate %s %s "
-                                x11_timeout_real = timeout + X11_TIMEOUT_SLACK;
+                                    "untrusted 2>%s",
-                        if ((r = snprintf(cmd, sizeof(cmd),
+                                    xauth_path, xauthfile, display,
-                            "%s -f %s generate %s " SSH_X11_PROTO
+                                    SSH_X11_PROTO, _PATH_DEVNULL);
-                            " untrusted timeout %u 2>" _PATH_DEVNULL,
+                        } else {
-                            xauth_path, xauthfile, display,
+                                /* Add some slack to requested expiry */
-                            x11_timeout_real)) < 0 ||
+                                if (timeout < UINT_MAX - X11_TIMEOUT_SLACK)
-                            (size_t)r >= sizeof(cmd))
+                                        x11_timeout_real = timeout +
-                                fatal("%s: cmd too long", __func__);
+                                            X11_TIMEOUT_SLACK;
+                                else {
+                                        /* Don't overflow on long timeouts */
+                                        x11_timeout_real = UINT_MAX;
+                                }
+                                xasprintf(&cmd, "%s -f %s generate %s %s "
+                                    "untrusted timeout %u 2>%s",
+                                    xauth_path, xauthfile, display,
+                                    SSH_X11_PROTO, x11_timeout_real,
+                                    _PATH_DEVNULL);
+                        }
                        debug2("%s: %s", __func__, cmd);
-                        if (x11_refuse_time == 0) {
+                        if (timeout != 0 && x11_refuse_time == 0) {
                                now = monotime() + 1;
                                if (UINT_MAX - timeout < now)
                                        x11_refuse_time = UINT_MAX;
@@ -366,6 +377,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                        }
                        if (system(cmd) == 0)
                                generated = 1;
+                        free(cmd);
                }
                /*
@@ -374,7 +386,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                 * above.
                 */
                if (trusted || generated) {
-                        snprintf(cmd, sizeof(cmd),
+                        xasprintf(&cmd,
                            "%s %s%s list %s 2>" _PATH_DEVNULL,
                            xauth_path,
                            generated ? "-f " : "" ,
@@ -387,6 +399,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                                got_data = 1;
                        if (f)
                                pclose(f);
+                        free(cmd);
                }
        }
author	djm@openbsd.org <djm@openbsd.org>	2018-09-21 12:46:22 +0000
committer	Damien Miller <djm@mindrot.org>	2018-09-21 22:49:27 +1000
commit	b5e412a8993ad17b9e1141c78408df15d3d987e1 (patch)
tree	3dc7a5be35019f5afac2d4fa1587a9befd3e7d9b /clientloop.c
parent	cb24d9fcc901429d77211f274031653476864ec6 (diff)

diff --git a/clientloop.c b/clientloop.c index ad35cb7ba..8d312cdaa 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */	1	/* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -279,7 +279,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
279	const char *xauth_path, u_int trusted, u_int timeout,	279	const char *xauth_path, u_int trusted, u_int timeout,
280	char _proto, char _data)	280	char _proto, char _data)
281	{	281	{
282	char cmd[1024], line[512], xdisplay[512];	282	char *cmd, line[512], xdisplay[512];
283	char xauthfile[PATH_MAX], xauthdir[PATH_MAX];	283	char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
284	static char proto[512], data[512];	284	static char proto[512], data[512];
285	FILE *f;	285	FILE *f;
@@ -343,19 +343,30 @@ client_x11_get_proto(struct ssh ssh, const char display,
343	return -1;	343	return -1;
344	}	344	}
345		345
346	if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)	346	if (timeout == 0) {
347	x11_timeout_real = UINT_MAX;	347	/* auth doesn't time out */
348	else	348	xasprintf(&cmd, "%s -f %s generate %s %s "
349	x11_timeout_real = timeout + X11_TIMEOUT_SLACK;	349	"untrusted 2>%s",
350	if ((r = snprintf(cmd, sizeof(cmd),	350	xauth_path, xauthfile, display,
351	"%s -f %s generate %s " SSH_X11_PROTO	351	SSH_X11_PROTO, _PATH_DEVNULL);
352	" untrusted timeout %u 2>" _PATH_DEVNULL,	352	} else {
353	xauth_path, xauthfile, display,	353	/* Add some slack to requested expiry */
354	x11_timeout_real)) < 0 \|\|	354	if (timeout < UINT_MAX - X11_TIMEOUT_SLACK)
355	(size_t)r >= sizeof(cmd))	355	x11_timeout_real = timeout +
356	fatal("%s: cmd too long", __func__);	356	X11_TIMEOUT_SLACK;
		357	else {
		358	/* Don't overflow on long timeouts */
		359	x11_timeout_real = UINT_MAX;
		360	}
		361	xasprintf(&cmd, "%s -f %s generate %s %s "
		362	"untrusted timeout %u 2>%s",
		363	xauth_path, xauthfile, display,
		364	SSH_X11_PROTO, x11_timeout_real,
		365	_PATH_DEVNULL);
		366	}
357	debug2("%s: %s", __func__, cmd);	367	debug2("%s: %s", __func__, cmd);
358	if (x11_refuse_time == 0) {	368
		369	if (timeout != 0 && x11_refuse_time == 0) {
359	now = monotime() + 1;	370	now = monotime() + 1;
360	if (UINT_MAX - timeout < now)	371	if (UINT_MAX - timeout < now)
361	x11_refuse_time = UINT_MAX;	372	x11_refuse_time = UINT_MAX;
@@ -366,6 +377,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
366	}	377	}
367	if (system(cmd) == 0)	378	if (system(cmd) == 0)
368	generated = 1;	379	generated = 1;
		380	free(cmd);
369	}	381	}
370		382
371	/*	383	/*
@@ -374,7 +386,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
374	* above.	386	* above.
375	*/	387	*/
376	if (trusted \|\| generated) {	388	if (trusted \|\| generated) {
377	snprintf(cmd, sizeof(cmd),	389	xasprintf(&cmd,
378	"%s %s%s list %s 2>" _PATH_DEVNULL,	390	"%s %s%s list %s 2>" _PATH_DEVNULL,
379	xauth_path,	391	xauth_path,
380	generated ? "-f " : "" ,	392	generated ? "-f " : "" ,
@@ -387,6 +399,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
387	got_data = 1;	399	got_data = 1;
388	if (f)	400	if (f)
389	pclose(f);	401	pclose(f);
		402	free(cmd);
390	}	403	}
391	}	404	}
392		405