| version 1.272, 2015/02/25 19:54:02 |
version 1.272.2.2, 2016/01/27 12:20:09 |
|
|
| { |
{ |
| size_t i, dlen; |
size_t i, dlen; |
| |
|
| |
if (display == NULL) |
| |
return 0; |
| |
|
| dlen = strlen(display); |
dlen = strlen(display); |
| for (i = 0; i < dlen; i++) { |
for (i = 0; i < dlen; i++) { |
| if (!isalnum((u_char)display[i]) && |
if (!isalnum((u_char)display[i]) && |
|
|
| } |
} |
| |
|
| #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" |
#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" |
| void |
int |
| client_x11_get_proto(const char *display, const char *xauth_path, |
client_x11_get_proto(const char *display, const char *xauth_path, |
| u_int trusted, u_int timeout, char **_proto, char **_data) |
u_int trusted, u_int timeout, char **_proto, char **_data) |
| { |
{ |
| char cmd[1024]; |
char cmd[1024], line[512], xdisplay[512]; |
| char line[512]; |
|
| char xdisplay[512]; |
|
| static char proto[512], data[512]; |
static char proto[512], data[512]; |
| FILE *f; |
FILE *f; |
| int got_data = 0, generated = 0, do_unlink = 0, i; |
int got_data = 0, generated = 0, do_unlink = 0, i, r; |
| char *xauthdir, *xauthfile; |
char *xauthdir, *xauthfile; |
| struct stat st; |
struct stat st; |
| u_int now; |
u_int now; |
|
|
| *_data = data; |
*_data = data; |
| proto[0] = data[0] = '\0'; |
proto[0] = data[0] = '\0'; |
| |
|
| if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { |
if (!client_x11_display_valid(display)) { |
| debug("No xauth program."); |
logit("DISPLAY \"%s\" invalid; disabling X11 forwarding", |
| } else if (!client_x11_display_valid(display)) { |
|
| logit("DISPLAY '%s' invalid, falling back to fake xauth data", |
|
| display); |
display); |
| } else { |
return -1; |
| if (display == NULL) { |
} |
| debug("x11_get_proto: DISPLAY not set"); |
if (xauth_path != NULL && stat(xauth_path, &st) == -1) { |
| return; |
debug("No xauth program."); |
| } |
xauth_path = NULL; |
| |
} |
| |
|
| |
if (xauth_path != NULL) { |
| /* |
/* |
| * Handle FamilyLocal case where $DISPLAY does |
* Handle FamilyLocal case where $DISPLAY does |
| * not match an authorization entry. For this we |
* not match an authorization entry. For this we |
|
|
| * is not perfect. |
* is not perfect. |
| */ |
*/ |
| if (strncmp(display, "localhost:", 10) == 0) { |
if (strncmp(display, "localhost:", 10) == 0) { |
| snprintf(xdisplay, sizeof(xdisplay), "unix:%s", |
if ((r = snprintf(xdisplay, sizeof(xdisplay), "unix:%s", |
| display + 10); |
display + 10)) < 0 || |
| |
(size_t)r >= sizeof(xdisplay)) { |
| |
error("%s: display name too long", __func__); |
| |
return -1; |
| |
} |
| display = xdisplay; |
display = xdisplay; |
| } |
} |
| if (trusted == 0) { |
if (trusted == 0) { |
| xauthdir = xmalloc(PATH_MAX); |
xauthdir = xmalloc(PATH_MAX); |
| xauthfile = xmalloc(PATH_MAX); |
xauthfile = xmalloc(PATH_MAX); |
| |
/* Generate an untrusted X11 auth cookie. */ |
| mktemp_proto(xauthdir, PATH_MAX); |
mktemp_proto(xauthdir, PATH_MAX); |
| if (mkdtemp(xauthdir) != NULL) { |
if (mkdtemp(xauthdir) == NULL) { |
| do_unlink = 1; |
error("%s: mkdtemp: %s", |
| snprintf(xauthfile, PATH_MAX, "%s/xauthfile", |
__func__, strerror(errno)); |
| xauthdir); |
return -1; |
| snprintf(cmd, sizeof(cmd), |
|
| "%s -f %s generate %s " SSH_X11_PROTO |
|
| " untrusted timeout %u 2>" _PATH_DEVNULL, |
|
| xauth_path, xauthfile, display, timeout); |
|
| debug2("x11_get_proto: %s", cmd); |
|
| if (system(cmd) == 0) |
|
| generated = 1; |
|
| if (x11_refuse_time == 0) { |
|
| now = monotime() + 1; |
|
| if (UINT_MAX - timeout < now) |
|
| x11_refuse_time = UINT_MAX; |
|
| else |
|
| x11_refuse_time = now + timeout; |
|
| } |
|
| } |
} |
| |
do_unlink = 1; |
| |
if ((r = snprintf(xauthfile, PATH_MAX, |
| |
"%s/xauthfile", xauthdir)) < 0 || |
| |
(size_t)r >= PATH_MAX) { |
| |
error("%s: xauthfile path too long", __func__); |
| |
unlink(xauthfile); |
| |
rmdir(xauthdir); |
| |
return -1; |
| |
} |
| |
if ((r = snprintf(cmd, sizeof(cmd), |
| |
"%s -f %s generate %s " SSH_X11_PROTO |
| |
" untrusted timeout %u 2>" _PATH_DEVNULL, |
| |
xauth_path, xauthfile, display, timeout)) < 0 || |
| |
(size_t)r >= sizeof(cmd)) |
| |
fatal("%s: cmd too long", __func__); |
| |
debug2("%s: %s", __func__, cmd); |
| |
if (system(cmd) == 0) |
| |
generated = 1; |
| |
if (x11_refuse_time == 0) { |
| |
now = monotime() + 1; |
| |
if (UINT_MAX - timeout < now) |
| |
x11_refuse_time = UINT_MAX; |
| |
else |
| |
x11_refuse_time = now + timeout; |
| |
} |
| } |
} |
| |
|
| /* |
/* |
|
|
| got_data = 1; |
got_data = 1; |
| if (f) |
if (f) |
| pclose(f); |
pclose(f); |
| } else |
} |
| error("Warning: untrusted X11 forwarding setup failed: " |
|
| "xauth key data not generated"); |
|
| } |
} |
| |
|
| if (do_unlink) { |
if (do_unlink) { |
|
|
| free(xauthdir); |
free(xauthdir); |
| free(xauthfile); |
free(xauthfile); |
| |
|
| |
/* Don't fall back to fake X11 data for untrusted forwarding */ |
| |
if (!trusted && !got_data) { |
| |
error("Warning: untrusted X11 forwarding setup failed: " |
| |
"xauth key data not generated"); |
| |
return -1; |
| |
} |
| |
|
| /* |
/* |
| * If we didn't get authentication data, just make up some |
* If we didn't get authentication data, just make up some |
| * data. The forwarding code will check the validity of the |
* data. The forwarding code will check the validity of the |
|
|
| rnd >>= 8; |
rnd >>= 8; |
| } |
} |
| } |
} |
| |
|
| |
return 0; |
| } |
} |
| |
|
| /* |
/* |
![[BACK]](/icons/back.gif){kind=icon}
Return to clientloop.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh