diff options
author | Damien Miller <djm@mindrot.org> | 2010-06-26 10:02:24 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-06-26 10:02:24 +1000 |
commit | 1ab6a51f9b258a6e844f1ee442c15aec7fcb6a72 (patch) | |
tree | 708954349afa3ef3f1294934443d5773c1b6b53f /mux.c | |
parent | 383ffe6c5f31d3ecd89caadc8aef1bc2b821d63a (diff) |
- djm@cvs.openbsd.org 2010/06/25 23:10:30
[ssh.c]
log the hostname and address that we connected to at LogLevel=verbose
after authentication is successful to mitigate "phishing" attacks by
servers with trusted keys that accept authentication silently and
automatically before presenting fake password/passphrase prompts;
"nice!" markus@
Diffstat (limited to 'mux.c')
-rw-r--r-- | mux.c | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.20 2010/06/25 07:14:46 djm Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.21 2010/06/25 23:15:36 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -1107,11 +1107,14 @@ mux_session_confirm(int id, int success, void *arg) | |||
1107 | display = getenv("DISPLAY"); | 1107 | display = getenv("DISPLAY"); |
1108 | if (cctx->want_x_fwd && options.forward_x11 && display != NULL) { | 1108 | if (cctx->want_x_fwd && options.forward_x11 && display != NULL) { |
1109 | char *proto, *data; | 1109 | char *proto, *data; |
1110 | |||
1110 | /* Get reasonable local authentication information. */ | 1111 | /* Get reasonable local authentication information. */ |
1111 | client_x11_get_proto(display, options.xauth_location, | 1112 | client_x11_get_proto(display, options.xauth_location, |
1112 | options.forward_x11_trusted, &proto, &data); | 1113 | options.forward_x11_trusted, options.forward_x11_timeout, |
1114 | &proto, &data); | ||
1113 | /* Request forwarding with authentication spoofing. */ | 1115 | /* Request forwarding with authentication spoofing. */ |
1114 | debug("Requesting X11 forwarding with authentication spoofing."); | 1116 | debug("Requesting X11 forwarding with authentication " |
1117 | "spoofing."); | ||
1115 | x11_request_forwarding_with_spoofing(id, display, proto, data); | 1118 | x11_request_forwarding_with_spoofing(id, display, proto, data); |
1116 | /* XXX wait for reply */ | 1119 | /* XXX wait for reply */ |
1117 | } | 1120 | } |