diff options
| -rw-r--r-- | session.c | 35 |
1 files changed, 17 insertions, 18 deletions
| @@ -8,7 +8,7 @@ | |||
| 8 | */ | 8 | */ |
| 9 | 9 | ||
| 10 | #include "includes.h" | 10 | #include "includes.h" |
| 11 | RCSID("$OpenBSD: session.c,v 1.14 2000/05/25 03:10:18 deraadt Exp $"); | 11 | RCSID("$OpenBSD: session.c,v 1.17 2000/06/05 19:53:40 markus Exp $"); |
| 12 | 12 | ||
| 13 | #include "xmalloc.h" | 13 | #include "xmalloc.h" |
| 14 | #include "ssh.h" | 14 | #include "ssh.h" |
| @@ -257,7 +257,10 @@ do_authenticated(struct passwd * pw) | |||
| 257 | packet_send_debug("X11 forwarding disabled in server configuration file."); | 257 | packet_send_debug("X11 forwarding disabled in server configuration file."); |
| 258 | break; | 258 | break; |
| 259 | } | 259 | } |
| 260 | #ifdef XAUTH_PATH | 260 | if (!options.xauth_location) { |
| 261 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
| 262 | break; | ||
| 263 | } | ||
| 261 | if (no_x11_forwarding_flag) { | 264 | if (no_x11_forwarding_flag) { |
| 262 | packet_send_debug("X11 forwarding not permitted for this authentication."); | 265 | packet_send_debug("X11 forwarding not permitted for this authentication."); |
| 263 | break; | 266 | break; |
| @@ -298,10 +301,6 @@ do_authenticated(struct passwd * pw) | |||
| 298 | fatal_add_cleanup(xauthfile_cleanup_proc, NULL); | 301 | fatal_add_cleanup(xauthfile_cleanup_proc, NULL); |
| 299 | success = 1; | 302 | success = 1; |
| 300 | break; | 303 | break; |
| 301 | #else /* XAUTH_PATH */ | ||
| 302 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
| 303 | break; | ||
| 304 | #endif /* XAUTH_PATH */ | ||
| 305 | 304 | ||
| 306 | case SSH_CMSG_AGENT_REQUEST_FORWARDING: | 305 | case SSH_CMSG_AGENT_REQUEST_FORWARDING: |
| 307 | if (no_agent_forwarding_flag || compat13) { | 306 | if (no_agent_forwarding_flag || compat13) { |
| @@ -309,8 +308,7 @@ do_authenticated(struct passwd * pw) | |||
| 309 | break; | 308 | break; |
| 310 | } | 309 | } |
| 311 | debug("Received authentication agent forwarding request."); | 310 | debug("Received authentication agent forwarding request."); |
| 312 | auth_input_request_forwarding(pw); | 311 | success = auth_input_request_forwarding(pw); |
| 313 | success = 1; | ||
| 314 | break; | 312 | break; |
| 315 | 313 | ||
| 316 | case SSH_CMSG_PORT_FORWARD_REQUEST: | 314 | case SSH_CMSG_PORT_FORWARD_REQUEST: |
| @@ -805,6 +803,7 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
| 805 | { | 803 | { |
| 806 | const char *shell, *cp = NULL; | 804 | const char *shell, *cp = NULL; |
| 807 | char buf[256]; | 805 | char buf[256]; |
| 806 | char cmd[1024]; | ||
| 808 | FILE *f; | 807 | FILE *f; |
| 809 | unsigned int envsize, i; | 808 | unsigned int envsize, i; |
| 810 | char **env; | 809 | char **env; |
| @@ -1039,23 +1038,24 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
| 1039 | pclose(f); | 1038 | pclose(f); |
| 1040 | } else | 1039 | } else |
| 1041 | fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC); | 1040 | fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC); |
| 1042 | } | 1041 | } else if (options.xauth_location != NULL) { |
| 1043 | #ifdef XAUTH_PATH | ||
| 1044 | else { | ||
| 1045 | /* Add authority data to .Xauthority if appropriate. */ | 1042 | /* Add authority data to .Xauthority if appropriate. */ |
| 1046 | if (auth_proto != NULL && auth_data != NULL) { | 1043 | if (auth_proto != NULL && auth_data != NULL) { |
| 1047 | char *screen = strchr(display, ':'); | 1044 | char *screen = strchr(display, ':'); |
| 1048 | if (debug_flag) { | 1045 | if (debug_flag) { |
| 1049 | fprintf(stderr, | 1046 | fprintf(stderr, |
| 1050 | "Running %.100s add %.100s %.100s %.100s\n", | 1047 | "Running %.100s add %.100s %.100s %.100s\n", |
| 1051 | XAUTH_PATH, display, auth_proto, auth_data); | 1048 | options.xauth_location, display, |
| 1049 | auth_proto, auth_data); | ||
| 1052 | if (screen != NULL) | 1050 | if (screen != NULL) |
| 1053 | fprintf(stderr, | 1051 | fprintf(stderr, |
| 1054 | "Adding %.*s/unix%s %s %s\n", | 1052 | "Adding %.*s/unix%s %s %s\n", |
| 1055 | screen-display, display, | 1053 | screen-display, display, |
| 1056 | screen, auth_proto, auth_data); | 1054 | screen, auth_proto, auth_data); |
| 1057 | } | 1055 | } |
| 1058 | f = popen(XAUTH_PATH " -q -", "w"); | 1056 | snprintf(cmd, sizeof cmd, "%s -q -", |
| 1057 | options.xauth_location); | ||
| 1058 | f = popen(cmd, "w"); | ||
| 1059 | if (f) { | 1059 | if (f) { |
| 1060 | fprintf(f, "add %s %s %s\n", display, | 1060 | fprintf(f, "add %s %s %s\n", display, |
| 1061 | auth_proto, auth_data); | 1061 | auth_proto, auth_data); |
| @@ -1064,13 +1064,12 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
| 1064 | screen-display, display, | 1064 | screen-display, display, |
| 1065 | screen, auth_proto, auth_data); | 1065 | screen, auth_proto, auth_data); |
| 1066 | pclose(f); | 1066 | pclose(f); |
| 1067 | } else | 1067 | } else { |
| 1068 | fprintf(stderr, "Could not run %s -q -\n", | 1068 | fprintf(stderr, "Could not run %s\n", |
| 1069 | XAUTH_PATH); | 1069 | cmd); |
| 1070 | } | ||
| 1070 | } | 1071 | } |
| 1071 | } | 1072 | } |
| 1072 | #endif /* XAUTH_PATH */ | ||
| 1073 | |||
| 1074 | /* Get the last component of the shell name. */ | 1073 | /* Get the last component of the shell name. */ |
| 1075 | cp = strrchr(shell, '/'); | 1074 | cp = strrchr(shell, '/'); |
| 1076 | if (cp) | 1075 | if (cp) |