upstream commit

eliminate fallback from untrusted X11 forwarding to trusted forwarding when the X server disables the SECURITY extension; Reported by Thomas Hoger; ok deraadt@ Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
author: djm@openbsd.org <djm@openbsd.org> 2016-01-13 23:04:47 +0000
committer: Damien Miller <djm@mindrot.org> 2016-01-14 10:06:01 +1100
commit: ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c (patch)
tree: 008ac3334471370857e32b48893cb6f07d28e987 /ssh.c
parent: 9a728cc918fad67c8a9a71201088b1e150340ba4 (diff)
1 files changed, 9 insertions, 14 deletions
diff --git a/ssh.c b/ssh.c
index 81704ab31..096c5b5d7 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.432 2015/12/11 03:20:09 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.433 2016/01/13 23:04:47 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1626,6 +1626,7 @@ ssh_session(void)
        struct winsize ws;
        char *cp;
        const char *display;
+        char *proto = NULL, *data = NULL;
        /* Enable compression if requested. */
        if (options.compression) {
@@ -1696,13 +1697,9 @@ ssh_session(void)
        display = getenv("DISPLAY");
        if (display == NULL && options.forward_x11)
                debug("X11 forwarding requested but DISPLAY not set");
-        if (options.forward_x11 && display != NULL) {
+        if (options.forward_x11 && client_x11_get_proto(display,
-                char *proto, *data;
+            options.xauth_location, options.forward_x11_trusted,
-                /* Get reasonable local authentication information. */
+            options.forward_x11_timeout, &proto, &data) == 0) {
-                client_x11_get_proto(display, options.xauth_location,
-                    options.forward_x11_trusted,
-                    options.forward_x11_timeout,
-                    &proto, &data);
                /* Request forwarding with authentication spoofing. */
                debug("Requesting X11 forwarding with authentication "
                    "spoofing.");
@@ -1792,6 +1789,7 @@ ssh_session2_setup(int id, int success, void *arg)
        extern char **environ;
        const char *display;
        int interactive = tty_flag;
+        char *proto = NULL, *data = NULL;
        if (!success)
                return; /* No need for error message, channels code sens one */
@@ -1799,12 +1797,9 @@ ssh_session2_setup(int id, int success, void *arg)
        display = getenv("DISPLAY");
        if (display == NULL && options.forward_x11)
                debug("X11 forwarding requested but DISPLAY not set");
-        if (options.forward_x11 && display != NULL) {
+        if (options.forward_x11 && client_x11_get_proto(display,
-                char *proto, *data;
+            options.xauth_location, options.forward_x11_trusted,
-                /* Get reasonable local authentication information. */
+            options.forward_x11_timeout, &proto, &data) == 0) {
-                client_x11_get_proto(display, options.xauth_location,
-                    options.forward_x11_trusted,
-                    options.forward_x11_timeout, &proto, &data);
                /* Request forwarding with authentication spoofing. */
                debug("Requesting X11 forwarding with authentication "
                    "spoofing.");
author	djm@openbsd.org <djm@openbsd.org>	2016-01-13 23:04:47 +0000
committer	Damien Miller <djm@mindrot.org>	2016-01-14 10:06:01 +1100
commit	ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c (patch)
tree	008ac3334471370857e32b48893cb6f07d28e987 /ssh.c
parent	9a728cc918fad67c8a9a71201088b1e150340ba4 (diff)