diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | ssh.c | 22 |
2 files changed, 18 insertions, 10 deletions
| @@ -40,6 +40,10 @@ | |||
| 40 | fix protocol error: send 'failed' message instead of a 2nd challenge | 40 | fix protocol error: send 'failed' message instead of a 2nd challenge |
| 41 | (happens if the same key is in authorized_keys twice). | 41 | (happens if the same key is in authorized_keys twice). |
| 42 | reported Ralf_Meister@genua.de; ok djm@ | 42 | reported Ralf_Meister@genua.de; ok djm@ |
| 43 | - stevesk@cvs.openbsd.org 2001/11/30 20:39:28 | ||
| 44 | [ssh.c] | ||
| 45 | sscanf() length dependencies are clearer now; can also shrink proto | ||
| 46 | and data if desired, but i have not done that. ok markus@ | ||
| 43 | 47 | ||
| 44 | 20011126 | 48 | 20011126 |
| 45 | - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, | 49 | - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, |
| @@ -6962,4 +6966,4 @@ | |||
| 6962 | - Wrote replacements for strlcpy and mkdtemp | 6966 | - Wrote replacements for strlcpy and mkdtemp |
| 6963 | - Released 1.0pre1 | 6967 | - Released 1.0pre1 |
| 6964 | 6968 | ||
| 6965 | $Id: ChangeLog,v 1.1678 2001/12/06 17:41:25 mouring Exp $ | 6969 | $Id: ChangeLog,v 1.1679 2001/12/06 17:45:19 mouring Exp $ |
| @@ -39,7 +39,7 @@ | |||
| 39 | */ | 39 | */ |
| 40 | 40 | ||
| 41 | #include "includes.h" | 41 | #include "includes.h" |
| 42 | RCSID("$OpenBSD: ssh.c,v 1.149 2001/10/24 08:51:35 markus Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.150 2001/11/30 20:39:28 stevesk Exp $"); |
| 43 | 43 | ||
| 44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
| 45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
| @@ -787,19 +787,23 @@ again: | |||
| 787 | } | 787 | } |
| 788 | 788 | ||
| 789 | static void | 789 | static void |
| 790 | x11_get_proto(char *proto, int proto_len, char *data, int data_len) | 790 | x11_get_proto(char **_proto, char **_data) |
| 791 | { | 791 | { |
| 792 | char line[512]; | 792 | char line[512]; |
| 793 | static char proto[512], data[512]; | ||
| 793 | FILE *f; | 794 | FILE *f; |
| 794 | int got_data = 0, i; | 795 | int got_data = 0, i; |
| 795 | 796 | ||
| 797 | *_proto = proto; | ||
| 798 | *_data = data; | ||
| 799 | proto[0] = data[0] = '\0'; | ||
| 796 | if (options.xauth_location) { | 800 | if (options.xauth_location) { |
| 797 | /* Try to get Xauthority information for the display. */ | 801 | /* Try to get Xauthority information for the display. */ |
| 798 | snprintf(line, sizeof line, "%.100s list %.200s 2>" _PATH_DEVNULL, | 802 | snprintf(line, sizeof line, "%.100s list %.200s 2>" _PATH_DEVNULL, |
| 799 | options.xauth_location, getenv("DISPLAY")); | 803 | options.xauth_location, getenv("DISPLAY")); |
| 800 | f = popen(line, "r"); | 804 | f = popen(line, "r"); |
| 801 | if (f && fgets(line, sizeof(line), f) && | 805 | if (f && fgets(line, sizeof(line), f) && |
| 802 | sscanf(line, "%*s %s %s", proto, data) == 2) | 806 | sscanf(line, "%*s %511s %511s", proto, data) == 2) |
| 803 | got_data = 1; | 807 | got_data = 1; |
| 804 | if (f) | 808 | if (f) |
| 805 | pclose(f); | 809 | pclose(f); |
| @@ -815,11 +819,11 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len) | |||
| 815 | if (!got_data) { | 819 | if (!got_data) { |
| 816 | u_int32_t rand = 0; | 820 | u_int32_t rand = 0; |
| 817 | 821 | ||
| 818 | strlcpy(proto, "MIT-MAGIC-COOKIE-1", proto_len); | 822 | strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); |
| 819 | for (i = 0; i < 16; i++) { | 823 | for (i = 0; i < 16; i++) { |
| 820 | if (i % 4 == 0) | 824 | if (i % 4 == 0) |
| 821 | rand = arc4random(); | 825 | rand = arc4random(); |
| 822 | snprintf(data + 2 * i, data_len - 2 * i, "%02x", rand & 0xff); | 826 | snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); |
| 823 | rand >>= 8; | 827 | rand >>= 8; |
| 824 | } | 828 | } |
| 825 | } | 829 | } |
| @@ -943,9 +947,9 @@ ssh_session(void) | |||
| 943 | } | 947 | } |
| 944 | /* Request X11 forwarding if enabled and DISPLAY is set. */ | 948 | /* Request X11 forwarding if enabled and DISPLAY is set. */ |
| 945 | if (options.forward_x11 && getenv("DISPLAY") != NULL) { | 949 | if (options.forward_x11 && getenv("DISPLAY") != NULL) { |
| 946 | char proto[512], data[512]; | 950 | char *proto, *data; |
| 947 | /* Get reasonable local authentication information. */ | 951 | /* Get reasonable local authentication information. */ |
| 948 | x11_get_proto(proto, sizeof proto, data, sizeof data); | 952 | x11_get_proto(&proto, &data); |
| 949 | /* Request forwarding with authentication spoofing. */ | 953 | /* Request forwarding with authentication spoofing. */ |
| 950 | debug("Requesting X11 forwarding with authentication spoofing."); | 954 | debug("Requesting X11 forwarding with authentication spoofing."); |
| 951 | x11_request_forwarding_with_spoofing(0, proto, data); | 955 | x11_request_forwarding_with_spoofing(0, proto, data); |
| @@ -1059,9 +1063,9 @@ ssh_session2_setup(int id, void *arg) | |||
| 1059 | } | 1063 | } |
| 1060 | if (options.forward_x11 && | 1064 | if (options.forward_x11 && |
| 1061 | getenv("DISPLAY") != NULL) { | 1065 | getenv("DISPLAY") != NULL) { |
| 1062 | char proto[512], data[512]; | 1066 | char *proto, *data; |
| 1063 | /* Get reasonable local authentication information. */ | 1067 | /* Get reasonable local authentication information. */ |
| 1064 | x11_get_proto(proto, sizeof proto, data, sizeof data); | 1068 | x11_get_proto(&proto, &data); |
| 1065 | /* Request forwarding with authentication spoofing. */ | 1069 | /* Request forwarding with authentication spoofing. */ |
| 1066 | debug("Requesting X11 forwarding with authentication spoofing."); | 1070 | debug("Requesting X11 forwarding with authentication spoofing."); |
| 1067 | x11_request_forwarding_with_spoofing(id, proto, data); | 1071 | x11_request_forwarding_with_spoofing(id, proto, data); |