=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/channels.c,v retrieving revision 1.235.2.1 retrieving revision 1.236 diff -u -r1.235.2.1 -r1.236 --- src/usr.bin/ssh/channels.c 2006/09/30 04:06:50 1.235.2.1 +++ src/usr.bin/ssh/channels.c 2006/03/19 18:51:18 1.236 @@ -1,4 +1,3 @@ -/* $OpenBSD: channels.c,v 1.235.2.1 2006/09/30 04:06:50 brad Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -39,38 +38,28 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include +#include "includes.h" + #include +#include #include -#include -#include -#include -#include - -#include -#include -#include -#include -#include #include -#include -#include -#include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "ssh2.h" #include "packet.h" +#include "xmalloc.h" #include "log.h" #include "misc.h" -#include "buffer.h" #include "channels.h" #include "compat.h" #include "canohost.h" #include "key.h" #include "authfd.h" #include "pathnames.h" +#include "bufaux.h" /* -- channel core */ @@ -107,18 +96,11 @@ u_short listen_port; /* Remote side should listen port number. */ } ForwardPermission; -/* List of all permitted host/port pairs to connect by the user. */ +/* List of all permitted host/port pairs to connect. */ static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; -/* List of all permitted host/port pairs to connect by the admin. */ -static ForwardPermission permitted_adm_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; - -/* Number of permitted host/port pairs in the array permitted by the user. */ +/* Number of permitted host/port pairs in the array. */ static int num_permitted_opens = 0; - -/* Number of permitted host/port pair in the array permitted by the admin. */ -static int num_adm_permitted_opens = 0; - /* * If this is true, all opens are permitted. This is the case on the server * on which we have to trust the client anyway, and the user could do @@ -146,7 +128,7 @@ * Fake X11 authentication data. This is what the server will be sending us; * we should replace any occurrences of this by the real data. */ -static u_char *x11_fake_data = NULL; +static char *x11_fake_data = NULL; static u_int x11_fake_data_len; @@ -191,7 +173,7 @@ if ((c = channel_by_id(id)) == NULL) return (NULL); - switch (c->type) { + switch(c->type) { case SSH_CHANNEL_X11_OPEN: case SSH_CHANNEL_LARVAL: case SSH_CHANNEL_CONNECTING: @@ -201,6 +183,7 @@ case SSH_CHANNEL_INPUT_DRAINING: case SSH_CHANNEL_OUTPUT_DRAINING: return (c); + break; } logit("Non-public channel %d, type %d.", id, c->type); return (NULL); @@ -210,6 +193,7 @@ * Register filedescriptors for a channel, used when allocating a channel or * when the channel consumer/producer is ready, e.g. shell exec'd */ + static void channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage, int nonblock) @@ -255,6 +239,7 @@ * Allocate a new channel object and set its type and socket. This will cause * remote_name to be freed. */ + Channel * channel_new(char *ctype, int type, int rfd, int wfd, int efd, u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock) @@ -266,7 +251,7 @@ /* Do initial allocation if this is the first call. */ if (channels_alloc == 0) { channels_alloc = 10; - channels = xcalloc(channels_alloc, sizeof(Channel *)); + channels = xmalloc(channels_alloc * sizeof(Channel *)); for (i = 0; i < channels_alloc; i++) channels[i] = NULL; } @@ -283,15 +268,16 @@ if (channels_alloc > 10000) fatal("channel_new: internal error: channels_alloc %d " "too big.", channels_alloc); - channels = xrealloc(channels, channels_alloc + 10, - sizeof(Channel *)); + channels = xrealloc(channels, + (channels_alloc + 10) * sizeof(Channel *)); channels_alloc += 10; debug2("channel: expanding %d", channels_alloc); for (i = found; i < channels_alloc; i++) channels[i] = NULL; } /* Initialize and return new channel. */ - c = channels[found] = xcalloc(1, sizeof(Channel)); + c = channels[found] = xmalloc(sizeof(Channel)); + memset(c, 0, sizeof(Channel)); buffer_init(&c->input); buffer_init(&c->output); buffer_init(&c->extended); @@ -355,6 +341,7 @@ } /* Close all channel fd/socket. */ + static void channel_close_fds(Channel *c) { @@ -369,6 +356,7 @@ } /* Free the channel and close its fd/socket. */ + void channel_free(Channel *c) { @@ -415,6 +403,7 @@ * Closes the sockets/fds of all channels. This is used to close extra file * descriptors after a fork. */ + void channel_close_all(void) { @@ -428,6 +417,7 @@ /* * Stop listening to channels. */ + void channel_stop_listening(void) { @@ -454,6 +444,7 @@ * Returns true if no channel has too much buffered data, and false if one or * more channel is overfull. */ + int channel_not_very_much_buffered_data(void) { @@ -483,6 +474,7 @@ } /* Returns true if any channel is still open. */ + int channel_still_open(void) { @@ -525,6 +517,7 @@ } /* Returns the id of an open channel suitable for keepaliving */ + int channel_find_open(void) { @@ -569,6 +562,7 @@ * suitable for sending to the client. The message contains crlf pairs for * newlines. */ + char * channel_open_message(void) { @@ -653,7 +647,6 @@ packet_put_cstring(service); packet_put_char(wantconfirm); } - void channel_register_confirm(int id, channel_callback_fn *fn, void *ctx) { @@ -666,7 +659,6 @@ c->confirm = fn; c->confirm_ctx = ctx; } - void channel_register_cleanup(int id, channel_callback_fn *fn, int do_close) { @@ -679,7 +671,6 @@ c->detach_user = fn; c->detach_close = do_close; } - void channel_cancel_cleanup(int id) { @@ -692,7 +683,6 @@ c->detach_user = NULL; c->detach_close = 0; } - void channel_register_filter(int id, channel_infilter_fn *ifn, channel_outfilter_fn *ofn) @@ -732,27 +722,25 @@ * 'channel_post*': perform any appropriate operations for channels which * have events pending. */ -typedef void chan_fn(Channel *c, fd_set *readset, fd_set *writeset); +typedef void chan_fn(Channel *c, fd_set * readset, fd_set * writeset); chan_fn *channel_pre[SSH_CHANNEL_MAX_TYPE]; chan_fn *channel_post[SSH_CHANNEL_MAX_TYPE]; -/* ARGSUSED */ static void -channel_pre_listener(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_listener(Channel *c, fd_set * readset, fd_set * writeset) { FD_SET(c->sock, readset); } -/* ARGSUSED */ static void -channel_pre_connecting(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_connecting(Channel *c, fd_set * readset, fd_set * writeset) { debug3("channel %d: waiting for connection", c->self); FD_SET(c->sock, writeset); } static void -channel_pre_open_13(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->input) < packet_get_maxsize()) FD_SET(c->sock, readset); @@ -761,14 +749,16 @@ } static void -channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) { u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); + /* check buffer limits */ + limit = MIN(limit, (BUFFER_MAX_LEN - BUFFER_MAX_CHUNK - CHAN_RBUF)); + if (c->istate == CHAN_INPUT_OPEN && limit > 0 && - buffer_len(&c->input) < limit && - buffer_check_alloc(&c->input, CHAN_RBUF)) + buffer_len(&c->input) < limit) FD_SET(c->rfd, readset); if (c->ostate == CHAN_OUTPUT_OPEN || c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { @@ -798,9 +788,8 @@ FD_SET(c->ctl_fd, readset); } -/* ARGSUSED */ static void -channel_pre_input_draining(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->input) == 0) { packet_start(SSH_MSG_CHANNEL_CLOSE); @@ -811,9 +800,8 @@ } } -/* ARGSUSED */ static void -channel_pre_output_draining(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->output) == 0) chan_mark_dead(c); @@ -889,7 +877,7 @@ } static void -channel_pre_x11_open_13(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset) { int ret = x11_open_helper(&c->output); @@ -915,7 +903,7 @@ } static void -channel_pre_x11_open(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset) { int ret = x11_open_helper(&c->output); @@ -941,9 +929,8 @@ } /* try to decode a socks4 header */ -/* ARGSUSED */ static int -channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) +channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) { char *p, *host; u_int len, have, i, found; @@ -1007,7 +994,7 @@ s4_rsp.command = 90; /* cd: req granted */ s4_rsp.dest_port = 0; /* ignored */ s4_rsp.dest_addr.s_addr = INADDR_ANY; /* ignored */ - buffer_append(&c->output, &s4_rsp, sizeof(s4_rsp)); + buffer_append(&c->output, (char *)&s4_rsp, sizeof(s4_rsp)); return 1; } @@ -1020,9 +1007,8 @@ #define SSH_SOCKS5_CONNECT 0x01 #define SSH_SOCKS5_SUCCESS 0x00 -/* ARGSUSED */ static int -channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) +channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) { struct { u_int8_t version; @@ -1032,7 +1018,7 @@ } s5_req, s5_rsp; u_int16_t dest_port; u_char *p, dest_addr[255+1]; - u_int have, need, i, found, nmethods, addrlen, af; + u_int have, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); p = buffer_ptr(&c->input); @@ -1048,7 +1034,7 @@ return 0; /* look for method: "NO AUTHENTICATION REQUIRED" */ for (found = 0, i = 2 ; i < nmethods + 2; i++) { - if (p[i] == SSH_SOCKS5_NOAUTH) { + if (p[i] == SSH_SOCKS5_NOAUTH ) { found = 1; break; } @@ -1069,7 +1055,7 @@ debug2("channel %d: socks5 post auth", c->self); if (have < sizeof(s5_req)+1) return 0; /* need more */ - memcpy(&s5_req, p, sizeof(s5_req)); + memcpy((char *)&s5_req, p, sizeof(s5_req)); if (s5_req.version != 0x05 || s5_req.command != SSH_SOCKS5_CONNECT || s5_req.reserved != 0x00) { @@ -1093,10 +1079,7 @@ debug2("channel %d: bad socks5 atyp %d", c->self, s5_req.atyp); return -1; } - need = sizeof(s5_req) + addrlen + 2; - if (s5_req.atyp == SSH_SOCKS5_DOMAIN) - need++; - if (have < need) + if (have < 4 + addrlen + 2) return 0; buffer_consume(&c->input, sizeof(s5_req)); if (s5_req.atyp == SSH_SOCKS5_DOMAIN) @@ -1120,15 +1103,15 @@ ((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY; dest_port = 0; /* ignored */ - buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp)); - buffer_append(&c->output, &dest_addr, sizeof(struct in_addr)); - buffer_append(&c->output, &dest_port, sizeof(dest_port)); + buffer_append(&c->output, (char *)&s5_rsp, sizeof(s5_rsp)); + buffer_append(&c->output, (char *)&dest_addr, sizeof(struct in_addr)); + buffer_append(&c->output, (char *)&dest_port, sizeof(dest_port)); return 1; } /* dynamic port forwarding */ static void -channel_pre_dynamic(Channel *c, fd_set *readset, fd_set *writeset) +channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) { u_char *p; u_int have; @@ -1171,9 +1154,8 @@ } /* This is our fake X11 server socket. */ -/* ARGSUSED */ static void -channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) { Channel *nc; struct sockaddr addr; @@ -1297,9 +1279,8 @@ /* * This socket is listening for connections to a forwarded TCP/IP port. */ -/* ARGSUSED */ static void -channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) { Channel *nc; struct sockaddr addr; @@ -1355,9 +1336,8 @@ * This is the authentication agent socket listening for connections from * clients. */ -/* ARGSUSED */ static void -channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset) { Channel *nc; int newsock; @@ -1389,9 +1369,8 @@ } } -/* ARGSUSED */ static void -channel_post_connecting(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset) { int err = 0; socklen_t sz = sizeof(err); @@ -1436,9 +1415,8 @@ } } -/* ARGSUSED */ static int -channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset) +channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) { char buf[CHAN_RBUF]; int len; @@ -1477,10 +1455,8 @@ } return 1; } - -/* ARGSUSED */ static int -channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) +channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) { struct termios tio; u_char *data = NULL, *buf; @@ -1561,9 +1537,8 @@ } return 1; } - static int -channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset) +channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) { char buf[CHAN_RBUF]; int len; @@ -1605,10 +1580,8 @@ } return 1; } - -/* ARGSUSED */ static int -channel_handle_ctl(Channel *c, fd_set *readset, fd_set *writeset) +channel_handle_ctl(Channel *c, fd_set * readset, fd_set * writeset) { char buf[16]; int len; @@ -1634,7 +1607,6 @@ } return 1; } - static int channel_check_window(Channel *c) { @@ -1656,7 +1628,7 @@ } static void -channel_post_open(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_open(Channel *c, fd_set * readset, fd_set * writeset) { if (c->delayed) return; @@ -1669,9 +1641,8 @@ channel_check_window(c); } -/* ARGSUSED */ static void -channel_post_output_drain_13(Channel *c, fd_set *readset, fd_set *writeset) +channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset) { int len; @@ -1788,7 +1759,7 @@ } static void -channel_handler(chan_fn *ftab[], fd_set *readset, fd_set *writeset) +channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) { static int did_init = 0; u_int i; @@ -1816,20 +1787,15 @@ channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, u_int *nallocp, int rekeying) { - u_int n, sz, nfdset; + u_int n, sz; n = MAX(*maxfdp, channel_max_fd); - nfdset = howmany(n+1, NFDBITS); - /* Explicitly test here, because xrealloc isn't always called */ - if (nfdset && SIZE_T_MAX / nfdset < sizeof(fd_mask)) - fatal("channel_prepare_select: max_fd (%d) is too large", n); - sz = nfdset * sizeof(fd_mask); - + sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); /* perhaps check sz < nalloc/2 and shrink? */ if (*readsetp == NULL || sz > *nallocp) { - *readsetp = xrealloc(*readsetp, nfdset, sizeof(fd_mask)); - *writesetp = xrealloc(*writesetp, nfdset, sizeof(fd_mask)); + *readsetp = xrealloc(*readsetp, sz); + *writesetp = xrealloc(*writesetp, sz); *nallocp = sz; } *maxfdp = n; @@ -1845,13 +1811,14 @@ * events pending. */ void -channel_after_select(fd_set *readset, fd_set *writeset) +channel_after_select(fd_set * readset, fd_set * writeset) { channel_handler(channel_post, readset, writeset); } /* If there is data to send to the connection, enqueue some of it now. */ + void channel_output_poll(void) { @@ -1972,7 +1939,6 @@ /* -- protocol input */ -/* ARGSUSED */ void channel_input_data(int type, u_int32_t seq, void *ctxt) { @@ -2032,7 +1998,6 @@ xfree(data); } -/* ARGSUSED */ void channel_input_extended_data(int type, u_int32_t seq, void *ctxt) { @@ -2079,7 +2044,6 @@ xfree(data); } -/* ARGSUSED */ void channel_input_ieof(int type, u_int32_t seq, void *ctxt) { @@ -2103,7 +2067,6 @@ } -/* ARGSUSED */ void channel_input_close(int type, u_int32_t seq, void *ctxt) { @@ -2142,7 +2105,6 @@ } /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ -/* ARGSUSED */ void channel_input_oclose(int type, u_int32_t seq, void *ctxt) { @@ -2155,7 +2117,6 @@ chan_rcvd_oclose(c); } -/* ARGSUSED */ void channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt) { @@ -2172,7 +2133,6 @@ channel_free(c); } -/* ARGSUSED */ void channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) { @@ -2220,7 +2180,6 @@ return "unknown reason"; } -/* ARGSUSED */ void channel_input_open_failure(int type, u_int32_t seq, void *ctxt) { @@ -2252,7 +2211,6 @@ channel_free(c); } -/* ARGSUSED */ void channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) { @@ -2277,7 +2235,6 @@ c->remote_window += adjust; } -/* ARGSUSED */ void channel_input_port_open(int type, u_int32_t seq, void *ctxt) { @@ -2492,7 +2449,7 @@ * the secure channel to host:port from local side. */ -int +void channel_request_remote_forwarding(const char *listen_host, u_short listen_port, const char *host_to_connect, u_short port_to_connect) { @@ -2536,6 +2493,7 @@ success = 1; break; case SSH_SMSG_FAILURE: + logit("Warning: Server denied remote port forwarding."); break; default: /* Unknown packet */ @@ -2549,7 +2507,6 @@ permitted_opens[num_permitted_opens].listen_port = listen_port; num_permitted_opens++; } - return (success ? 0 : -1); } /* @@ -2589,13 +2546,13 @@ /* * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates * listening for the port, and sends back a success reply (or disconnect - * message if there was an error). + * message if there was an error). This never returns if there was an error. */ -int + +void channel_input_port_forward_request(int is_root, int gateway_ports) { u_short port, host_port; - int success = 0; char *hostname; /* Get arguments from the packet. */ @@ -2615,13 +2572,11 @@ packet_disconnect("Dynamic forwarding denied."); /* Initiate forwarding */ - success = channel_setup_local_fwd_listener(NULL, port, hostname, + channel_setup_local_fwd_listener(NULL, port, hostname, host_port, gateway_ports); /* Free the argument string. */ xfree(hostname); - - return (success ? 0 : -1); } /* @@ -2640,7 +2595,7 @@ channel_add_permitted_opens(char *host, int port) { if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("channel_add_permitted_opens: too many forwards"); + fatal("channel_request_remote_forwarding: too many forwards"); debug("allow port forwarding to host %s port %d", host, port); permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host); @@ -2650,19 +2605,6 @@ all_opens_permitted = 0; } -int -channel_add_adm_permitted_opens(char *host, int port) -{ - if (num_adm_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("channel_add_adm_permitted_opens: too many forwards"); - debug("config allows port forwarding to host %s port %d", host, port); - - permitted_adm_opens[num_adm_permitted_opens].host_to_connect - = xstrdup(host); - permitted_adm_opens[num_adm_permitted_opens].port_to_connect = port; - return ++num_adm_permitted_opens; -} - void channel_clear_permitted_opens(void) { @@ -2672,19 +2614,10 @@ if (permitted_opens[i].host_to_connect != NULL) xfree(permitted_opens[i].host_to_connect); num_permitted_opens = 0; -} -void -channel_clear_adm_permitted_opens(void) -{ - int i; - - for (i = 0; i < num_adm_permitted_opens; i++) - if (permitted_adm_opens[i].host_to_connect != NULL) - xfree(permitted_adm_opens[i].host_to_connect); - num_adm_permitted_opens = 0; } + /* return socket to remote host, port */ static int connect_to(const char *host, u_short port) @@ -2761,7 +2694,7 @@ int channel_connect_to(const char *host, u_short port) { - int i, permit, permit_adm = 1; + int i, permit; permit = all_opens_permitted; if (!permit) { @@ -2770,19 +2703,9 @@ permitted_opens[i].port_to_connect == port && strcmp(permitted_opens[i].host_to_connect, host) == 0) permit = 1; - } - if (num_adm_permitted_opens > 0) { - permit_adm = 0; - for (i = 0; i < num_adm_permitted_opens; i++) - if (permitted_adm_opens[i].host_to_connect != NULL && - permitted_adm_opens[i].port_to_connect == port && - strcmp(permitted_adm_opens[i].host_to_connect, host) - == 0) - permit_adm = 1; } - - if (!permit || !permit_adm) { + if (!permit) { logit("Received request to connect to host %.100s port %d, " "but the request was denied.", host, port); return -1; @@ -2803,10 +2726,10 @@ if (ioctl(channels[i]->rfd, TIOCGWINSZ, &ws) < 0) continue; channel_request_start(i, "window-change", 0); - packet_put_int((u_int)ws.ws_col); - packet_put_int((u_int)ws.ws_row); - packet_put_int((u_int)ws.ws_xpixel); - packet_put_int((u_int)ws.ws_ypixel); + packet_put_int(ws.ws_col); + packet_put_int(ws.ws_row); + packet_put_int(ws.ws_xpixel); + packet_put_int(ws.ws_ypixel); packet_send(); } } @@ -2892,7 +2815,7 @@ } /* Allocate a channel for each socket. */ - *chanids = xcalloc(num_socks + 1, sizeof(**chanids)); + *chanids = xmalloc(sizeof(**chanids) * (num_socks + 1)); for (n = 0; n < num_socks; n++) { sock = socks[n]; nc = channel_new("x11 listener", @@ -2921,7 +2844,7 @@ memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; snprintf(addr.sun_path, sizeof addr.sun_path, _PATH_UNIX_X, dnr); - if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0) + if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0) return sock; close(sock); error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); @@ -2931,12 +2854,12 @@ int x11_connect_display(void) { - u_int display_number; + int display_number, sock = 0; const char *display; char buf[1024], *cp; struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; - int gaierr, sock = 0; + int gaierr; /* Try to open a socket for the local X server. */ display = getenv("DISPLAY"); @@ -2956,7 +2879,7 @@ if (strncmp(display, "unix:", 5) == 0 || display[0] == ':') { /* Connect to the unix domain socket. */ - if (sscanf(strrchr(display, ':') + 1, "%u", &display_number) != 1) { + if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", display); return -1; @@ -2981,7 +2904,7 @@ } *cp = 0; /* buf now contains the host name. But first we parse the display number. */ - if (sscanf(cp + 1, "%u", &display_number) != 1) { + if (sscanf(cp + 1, "%d", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", display); return -1; @@ -2991,7 +2914,7 @@ memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; - snprintf(strport, sizeof strport, "%u", 6000 + display_number); + snprintf(strport, sizeof strport, "%d", 6000 + display_number); if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { error("%.100s: unknown host. (%s)", buf, gai_strerror(gaierr)); return -1; @@ -3005,7 +2928,7 @@ } /* Connect it to the display. */ if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) { - debug2("connect %.100s port %u: %.100s", buf, + debug2("connect %.100s port %d: %.100s", buf, 6000 + display_number, strerror(errno)); close(sock); continue; @@ -3015,7 +2938,7 @@ } freeaddrinfo(aitop); if (!ai) { - error("connect %.100s port %u: %.100s", buf, 6000 + display_number, + error("connect %.100s port %d: %.100s", buf, 6000 + display_number, strerror(errno)); return -1; } @@ -3029,7 +2952,6 @@ * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */ -/* ARGSUSED */ void x11_input_open(int type, u_int32_t seq, void *ctxt) { @@ -3073,7 +2995,6 @@ } /* dummy protocol handler that denies SSH-1 requests (agent/x11) */ -/* ARGSUSED */ void deny_input_open(int type, u_int32_t seq, void *ctxt) { @@ -3120,11 +3041,13 @@ return; } - cp = strchr(disp, ':'); + cp = disp; + if (disp) + cp = strchr(disp, ':'); if (cp) cp = strchr(cp, '.'); if (cp) - screen_number = (u_int)strtonum(cp + 1, 0, 400, NULL); + screen_number = atoi(cp + 1); else screen_number = 0;