diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | session.c | 12 |
2 files changed, 15 insertions, 3 deletions
@@ -8,6 +8,10 @@ | |||
8 | [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c | 8 | [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c |
9 | readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] | 9 | readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] |
10 | improved kbd-interactive support. work by per@appgate.com and me | 10 | improved kbd-interactive support. work by per@appgate.com and me |
11 | - djm@cvs.openbsd.org 2001/05/19 00:36:40 | ||
12 | [session.c] | ||
13 | Disable X11 forwarding if xauth binary is not found. Patch from Nalin | ||
14 | Dahyabhai <nalin@redhat.com>; ok markus@ | ||
11 | 15 | ||
12 | 20010528 | 16 | 20010528 |
13 | - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c | 17 | - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c |
@@ -5438,4 +5442,4 @@ | |||
5438 | - Wrote replacements for strlcpy and mkdtemp | 5442 | - Wrote replacements for strlcpy and mkdtemp |
5439 | - Released 1.0pre1 | 5443 | - Released 1.0pre1 |
5440 | 5444 | ||
5441 | $Id: ChangeLog,v 1.1228 2001/06/05 18:56:16 mouring Exp $ | 5445 | $Id: ChangeLog,v 1.1229 2001/06/05 19:29:20 mouring Exp $ |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.75 2001/05/03 15:45:15 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.76 2001/05/19 00:36:40 djm Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -255,6 +255,7 @@ do_authenticated1(Authctxt *authctxt) | |||
255 | int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; | 255 | int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; |
256 | int compression_level = 0, enable_compression_after_reply = 0; | 256 | int compression_level = 0, enable_compression_after_reply = 0; |
257 | u_int proto_len, data_len, dlen; | 257 | u_int proto_len, data_len, dlen; |
258 | struct stat st; | ||
258 | 259 | ||
259 | s = session_new(); | 260 | s = session_new(); |
260 | s->pw = authctxt->pw; | 261 | s->pw = authctxt->pw; |
@@ -337,7 +338,8 @@ do_authenticated1(Authctxt *authctxt) | |||
337 | packet_send_debug("X11 forwarding disabled in server configuration file."); | 338 | packet_send_debug("X11 forwarding disabled in server configuration file."); |
338 | break; | 339 | break; |
339 | } | 340 | } |
340 | if (!options.xauth_location) { | 341 | if (!options.xauth_location || |
342 | (stat(options.xauth_location, &st) == -1)) { | ||
341 | packet_send_debug("No xauth program; cannot forward with spoofing."); | 343 | packet_send_debug("No xauth program; cannot forward with spoofing."); |
342 | break; | 344 | break; |
343 | } | 345 | } |
@@ -1752,6 +1754,7 @@ int | |||
1752 | session_x11_req(Session *s) | 1754 | session_x11_req(Session *s) |
1753 | { | 1755 | { |
1754 | int fd; | 1756 | int fd; |
1757 | struct stat st; | ||
1755 | if (no_x11_forwarding_flag) { | 1758 | if (no_x11_forwarding_flag) { |
1756 | debug("X11 forwarding disabled in user configuration file."); | 1759 | debug("X11 forwarding disabled in user configuration file."); |
1757 | return 0; | 1760 | return 0; |
@@ -1760,6 +1763,11 @@ session_x11_req(Session *s) | |||
1760 | debug("X11 forwarding disabled in server configuration file."); | 1763 | debug("X11 forwarding disabled in server configuration file."); |
1761 | return 0; | 1764 | return 0; |
1762 | } | 1765 | } |
1766 | if (!options.xauth_location || | ||
1767 | (stat(options.xauth_location, &st) == -1)) { | ||
1768 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
1769 | return 0; | ||
1770 | } | ||
1763 | if (xauthfile != NULL) { | 1771 | if (xauthfile != NULL) { |
1764 | debug("X11 fwd already started."); | 1772 | debug("X11 fwd already started."); |
1765 | return 0; | 1773 | return 0; |