diff options
Diffstat (limited to 'clientloop.c')
| -rw-r--r-- | clientloop.c | 54 |
1 files changed, 43 insertions, 11 deletions
diff --git a/clientloop.c b/clientloop.c index 17628efb5..75daea816 100644 --- a/clientloop.c +++ b/clientloop.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: clientloop.c,v 1.236 2011/06/22 22:08:42 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.238 2012/01/18 21:46:43 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -285,6 +285,23 @@ set_control_persist_exit_time(void) | |||
| 285 | /* else we are already counting down to the timeout */ | 285 | /* else we are already counting down to the timeout */ |
| 286 | } | 286 | } |
| 287 | 287 | ||
| 288 | #define SSH_X11_VALID_DISPLAY_CHARS ":/.-_" | ||
| 289 | static int | ||
| 290 | client_x11_display_valid(const char *display) | ||
| 291 | { | ||
| 292 | size_t i, dlen; | ||
| 293 | |||
| 294 | dlen = strlen(display); | ||
| 295 | for (i = 0; i < dlen; i++) { | ||
| 296 | if (!isalnum(display[i]) && | ||
| 297 | strchr(SSH_X11_VALID_DISPLAY_CHARS, display[i]) == NULL) { | ||
| 298 | debug("Invalid character '%c' in DISPLAY", display[i]); | ||
| 299 | return 0; | ||
| 300 | } | ||
| 301 | } | ||
| 302 | return 1; | ||
| 303 | } | ||
| 304 | |||
| 288 | #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" | 305 | #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" |
| 289 | void | 306 | void |
| 290 | client_x11_get_proto(const char *display, const char *xauth_path, | 307 | client_x11_get_proto(const char *display, const char *xauth_path, |
| @@ -307,6 +324,9 @@ client_x11_get_proto(const char *display, const char *xauth_path, | |||
| 307 | 324 | ||
| 308 | if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { | 325 | if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { |
| 309 | debug("No xauth program."); | 326 | debug("No xauth program."); |
| 327 | } else if (!client_x11_display_valid(display)) { | ||
| 328 | logit("DISPLAY '%s' invalid, falling back to fake xauth data", | ||
| 329 | display); | ||
| 310 | } else { | 330 | } else { |
| 311 | if (display == NULL) { | 331 | if (display == NULL) { |
| 312 | debug("x11_get_proto: DISPLAY not set"); | 332 | debug("x11_get_proto: DISPLAY not set"); |
| @@ -843,9 +863,8 @@ process_cmdline(void) | |||
| 843 | { | 863 | { |
| 844 | void (*handler)(int); | 864 | void (*handler)(int); |
| 845 | char *s, *cmd, *cancel_host; | 865 | char *s, *cmd, *cancel_host; |
| 846 | int delete = 0; | 866 | int delete = 0, local = 0, remote = 0, dynamic = 0; |
| 847 | int local = 0, remote = 0, dynamic = 0; | 867 | int cancel_port, ok; |
| 848 | int cancel_port; | ||
| 849 | Forward fwd; | 868 | Forward fwd; |
| 850 | 869 | ||
| 851 | bzero(&fwd, sizeof(fwd)); | 870 | bzero(&fwd, sizeof(fwd)); |
| @@ -871,8 +890,12 @@ process_cmdline(void) | |||
| 871 | "Request remote forward"); | 890 | "Request remote forward"); |
| 872 | logit(" -D[bind_address:]port " | 891 | logit(" -D[bind_address:]port " |
| 873 | "Request dynamic forward"); | 892 | "Request dynamic forward"); |
| 893 | logit(" -KL[bind_address:]port " | ||
| 894 | "Cancel local forward"); | ||
| 874 | logit(" -KR[bind_address:]port " | 895 | logit(" -KR[bind_address:]port " |
| 875 | "Cancel remote forward"); | 896 | "Cancel remote forward"); |
| 897 | logit(" -KD[bind_address:]port " | ||
| 898 | "Cancel dynamic forward"); | ||
| 876 | if (!options.permit_local_command) | 899 | if (!options.permit_local_command) |
| 877 | goto out; | 900 | goto out; |
| 878 | logit(" !args " | 901 | logit(" !args " |
| @@ -901,11 +924,7 @@ process_cmdline(void) | |||
| 901 | goto out; | 924 | goto out; |
| 902 | } | 925 | } |
| 903 | 926 | ||
| 904 | if ((local || dynamic) && delete) { | 927 | if (delete && !compat20) { |
| 905 | logit("Not supported."); | ||
| 906 | goto out; | ||
| 907 | } | ||
| 908 | if (remote && delete && !compat20) { | ||
| 909 | logit("Not supported for SSH protocol version 1."); | 928 | logit("Not supported for SSH protocol version 1."); |
| 910 | goto out; | 929 | goto out; |
| 911 | } | 930 | } |
| @@ -928,7 +947,21 @@ process_cmdline(void) | |||
| 928 | logit("Bad forwarding close port"); | 947 | logit("Bad forwarding close port"); |
| 929 | goto out; | 948 | goto out; |
| 930 | } | 949 | } |
| 931 | channel_request_rforward_cancel(cancel_host, cancel_port); | 950 | if (remote) |
| 951 | ok = channel_request_rforward_cancel(cancel_host, | ||
| 952 | cancel_port) == 0; | ||
| 953 | else if (dynamic) | ||
| 954 | ok = channel_cancel_lport_listener(cancel_host, | ||
| 955 | cancel_port, 0, options.gateway_ports) > 0; | ||
| 956 | else | ||
| 957 | ok = channel_cancel_lport_listener(cancel_host, | ||
| 958 | cancel_port, CHANNEL_CANCEL_PORT_STATIC, | ||
| 959 | options.gateway_ports) > 0; | ||
| 960 | if (!ok) { | ||
| 961 | logit("Unkown port forwarding."); | ||
| 962 | goto out; | ||
| 963 | } | ||
| 964 | logit("Canceled forwarding."); | ||
| 932 | } else { | 965 | } else { |
| 933 | if (!parse_forward(&fwd, s, dynamic, remote)) { | 966 | if (!parse_forward(&fwd, s, dynamic, remote)) { |
| 934 | logit("Bad forwarding specification."); | 967 | logit("Bad forwarding specification."); |
| @@ -949,7 +982,6 @@ process_cmdline(void) | |||
| 949 | goto out; | 982 | goto out; |
| 950 | } | 983 | } |
| 951 | } | 984 | } |
| 952 | |||
| 953 | logit("Forwarding port."); | 985 | logit("Forwarding port."); |
| 954 | } | 986 | } |
| 955 | 987 | ||