summaryrefslogtreecommitdiff
path: root/clientloop.c
diff options
context:
space:
mode:
Diffstat (limited to 'clientloop.c')
-rw-r--r--clientloop.c54
1 files changed, 43 insertions, 11 deletions
diff --git a/clientloop.c b/clientloop.c
index 17628efb5..75daea816 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.236 2011/06/22 22:08:42 djm Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.238 2012/01/18 21:46:43 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -285,6 +285,23 @@ set_control_persist_exit_time(void)
285 /* else we are already counting down to the timeout */ 285 /* else we are already counting down to the timeout */
286} 286}
287 287
288#define SSH_X11_VALID_DISPLAY_CHARS ":/.-_"
289static int
290client_x11_display_valid(const char *display)
291{
292 size_t i, dlen;
293
294 dlen = strlen(display);
295 for (i = 0; i < dlen; i++) {
296 if (!isalnum(display[i]) &&
297 strchr(SSH_X11_VALID_DISPLAY_CHARS, display[i]) == NULL) {
298 debug("Invalid character '%c' in DISPLAY", display[i]);
299 return 0;
300 }
301 }
302 return 1;
303}
304
288#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" 305#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
289void 306void
290client_x11_get_proto(const char *display, const char *xauth_path, 307client_x11_get_proto(const char *display, const char *xauth_path,
@@ -307,6 +324,9 @@ client_x11_get_proto(const char *display, const char *xauth_path,
307 324
308 if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { 325 if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) {
309 debug("No xauth program."); 326 debug("No xauth program.");
327 } else if (!client_x11_display_valid(display)) {
328 logit("DISPLAY '%s' invalid, falling back to fake xauth data",
329 display);
310 } else { 330 } else {
311 if (display == NULL) { 331 if (display == NULL) {
312 debug("x11_get_proto: DISPLAY not set"); 332 debug("x11_get_proto: DISPLAY not set");
@@ -843,9 +863,8 @@ process_cmdline(void)
843{ 863{
844 void (*handler)(int); 864 void (*handler)(int);
845 char *s, *cmd, *cancel_host; 865 char *s, *cmd, *cancel_host;
846 int delete = 0; 866 int delete = 0, local = 0, remote = 0, dynamic = 0;
847 int local = 0, remote = 0, dynamic = 0; 867 int cancel_port, ok;
848 int cancel_port;
849 Forward fwd; 868 Forward fwd;
850 869
851 bzero(&fwd, sizeof(fwd)); 870 bzero(&fwd, sizeof(fwd));
@@ -871,8 +890,12 @@ process_cmdline(void)
871 "Request remote forward"); 890 "Request remote forward");
872 logit(" -D[bind_address:]port " 891 logit(" -D[bind_address:]port "
873 "Request dynamic forward"); 892 "Request dynamic forward");
893 logit(" -KL[bind_address:]port "
894 "Cancel local forward");
874 logit(" -KR[bind_address:]port " 895 logit(" -KR[bind_address:]port "
875 "Cancel remote forward"); 896 "Cancel remote forward");
897 logit(" -KD[bind_address:]port "
898 "Cancel dynamic forward");
876 if (!options.permit_local_command) 899 if (!options.permit_local_command)
877 goto out; 900 goto out;
878 logit(" !args " 901 logit(" !args "
@@ -901,11 +924,7 @@ process_cmdline(void)
901 goto out; 924 goto out;
902 } 925 }
903 926
904 if ((local || dynamic) && delete) { 927 if (delete && !compat20) {
905 logit("Not supported.");
906 goto out;
907 }
908 if (remote && delete && !compat20) {
909 logit("Not supported for SSH protocol version 1."); 928 logit("Not supported for SSH protocol version 1.");
910 goto out; 929 goto out;
911 } 930 }
@@ -928,7 +947,21 @@ process_cmdline(void)
928 logit("Bad forwarding close port"); 947 logit("Bad forwarding close port");
929 goto out; 948 goto out;
930 } 949 }
931 channel_request_rforward_cancel(cancel_host, cancel_port); 950 if (remote)
951 ok = channel_request_rforward_cancel(cancel_host,
952 cancel_port) == 0;
953 else if (dynamic)
954 ok = channel_cancel_lport_listener(cancel_host,
955 cancel_port, 0, options.gateway_ports) > 0;
956 else
957 ok = channel_cancel_lport_listener(cancel_host,
958 cancel_port, CHANNEL_CANCEL_PORT_STATIC,
959 options.gateway_ports) > 0;
960 if (!ok) {
961 logit("Unkown port forwarding.");
962 goto out;
963 }
964 logit("Canceled forwarding.");
932 } else { 965 } else {
933 if (!parse_forward(&fwd, s, dynamic, remote)) { 966 if (!parse_forward(&fwd, s, dynamic, remote)) {
934 logit("Bad forwarding specification."); 967 logit("Bad forwarding specification.");
@@ -949,7 +982,6 @@ process_cmdline(void)
949 goto out; 982 goto out;
950 } 983 }
951 } 984 }
952
953 logit("Forwarding port."); 985 logit("Forwarding port.");
954 } 986 }
955 987