| version 1.218, 2005/07/01 13:19:47 |
version 1.219, 2005/07/04 00:58:42 |
|
|
| /* Maximum number of fake X11 displays to try. */ |
/* Maximum number of fake X11 displays to try. */ |
| #define MAX_DISPLAYS 1000 |
#define MAX_DISPLAYS 1000 |
| |
|
| |
/* Saved X11 local (client) display. */ |
| |
static char *x11_saved_display = NULL; |
| |
|
| /* Saved X11 authentication protocol name. */ |
/* Saved X11 authentication protocol name. */ |
| static char *x11_saved_proto = NULL; |
static char *x11_saved_proto = NULL; |
| |
|
|
|
| const char *proto, const char *data) |
const char *proto, const char *data) |
| { |
{ |
| u_int data_len = (u_int) strlen(data) / 2; |
u_int data_len = (u_int) strlen(data) / 2; |
| u_int i, value, len; |
u_int i, value; |
| char *new_data; |
char *new_data; |
| int screen_number; |
int screen_number; |
| const char *cp; |
const char *cp; |
| u_int32_t rnd = 0; |
u_int32_t rnd = 0; |
| |
|
| |
if (x11_saved_display && strcmp(disp, x11_saved_display) != 0) { |
| |
error("x11_request_forwarding_with_spoofing: different " |
| |
"$DISPLAY already forwarded"); |
| |
return; |
| |
} |
| |
|
| cp = disp; |
cp = disp; |
| if (disp) |
if (disp) |
| cp = strchr(disp, ':'); |
cp = strchr(disp, ':'); |
|
|
| else |
else |
| screen_number = 0; |
screen_number = 0; |
| |
|
| /* Save protocol name. */ |
if (x11_saved_proto == NULL) { |
| x11_saved_proto = xstrdup(proto); |
/* Save protocol name. */ |
| |
x11_saved_proto = xstrdup(proto); |
| /* |
/* |
| * Extract real authentication data and generate fake data of the |
* Extract real authentication data and generate fake data |
| * same length. |
* of the same length. |
| */ |
*/ |
| x11_saved_data = xmalloc(data_len); |
x11_saved_data = xmalloc(data_len); |
| x11_fake_data = xmalloc(data_len); |
x11_fake_data = xmalloc(data_len); |
| for (i = 0; i < data_len; i++) { |
for (i = 0; i < data_len; i++) { |
| if (sscanf(data + 2 * i, "%2x", &value) != 1) |
if (sscanf(data + 2 * i, "%2x", &value) != 1) |
| fatal("x11_request_forwarding: bad authentication data: %.100s", data); |
fatal("x11_request_forwarding: bad " |
| if (i % 4 == 0) |
"authentication data: %.100s", data); |
| rnd = arc4random(); |
if (i % 4 == 0) |
| x11_saved_data[i] = value; |
rnd = arc4random(); |
| x11_fake_data[i] = rnd & 0xff; |
x11_saved_data[i] = value; |
| rnd >>= 8; |
x11_fake_data[i] = rnd & 0xff; |
| |
rnd >>= 8; |
| |
} |
| |
x11_saved_data_len = data_len; |
| |
x11_fake_data_len = data_len; |
| } |
} |
| x11_saved_data_len = data_len; |
|
| x11_fake_data_len = data_len; |
|
| |
|
| /* Convert the fake data into hex. */ |
/* Convert the fake data into hex. */ |
| len = 2 * data_len + 1; |
new_data = tohex(x11_fake_data, data_len); |
| new_data = xmalloc(len); |
|
| for (i = 0; i < data_len; i++) |
|
| snprintf(new_data + 2 * i, len - 2 * i, |
|
| "%02x", (u_char) x11_fake_data[i]); |
|
| |
|
| /* Send the request packet. */ |
/* Send the request packet. */ |
| if (compat20) { |
if (compat20) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to channels.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh