===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.272.2.2
retrieving revision 1.273
diff -u -r1.272.2.2 -r1.273
--- src/usr.bin/ssh/clientloop.c	2016/01/27 12:20:09	1.272.2.2
+++ src/usr.bin/ssh/clientloop.c	2015/05/04 06:10:48	1.273
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.272.2.2 2016/01/27 12:20:09 sthen Exp $ */
+/* $OpenBSD: clientloop.c,v 1.273 2015/05/04 06:10:48 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -279,9 +279,6 @@
 {
 	size_t i, dlen;
 
-	if (display == NULL)
-		return 0;
-
 	dlen = strlen(display);
 	for (i = 0; i < dlen; i++) {
 		if (!isalnum((u_char)display[i]) &&
@@ -294,14 +291,16 @@
 }
 
 #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
-int
+void
 client_x11_get_proto(const char *display, const char *xauth_path,
     u_int trusted, u_int timeout, char **_proto, char **_data)
 {
-	char cmd[1024], line[512], xdisplay[512];
+	char cmd[1024];
+	char line[512];
+	char xdisplay[512];
 	static char proto[512], data[512];
 	FILE *f;
-	int got_data = 0, generated = 0, do_unlink = 0, i, r;
+	int got_data = 0, generated = 0, do_unlink = 0, i;
 	char *xauthdir, *xauthfile;
 	struct stat st;
 	u_int now;
@@ -311,17 +310,16 @@
 	*_data = data;
 	proto[0] = data[0] = '\0';
 
-	if (!client_x11_display_valid(display)) {
-		logit("DISPLAY \"%s\" invalid; disabling X11 forwarding",
-		    display);
-		return -1;
-	}
-	if (xauth_path != NULL && stat(xauth_path, &st) == -1) {
+	if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) {
 		debug("No xauth program.");
-		xauth_path = NULL;
-	}
-
-	if (xauth_path != NULL) {
+	} else if (!client_x11_display_valid(display)) {
+		logit("DISPLAY '%s' invalid, falling back to fake xauth data",
+		    display);
+	} else {
+		if (display == NULL) {
+			debug("x11_get_proto: DISPLAY not set");
+			return;
+		}
 		/*
 		 * Handle FamilyLocal case where $DISPLAY does
 		 * not match an authorization entry.  For this we
@@ -330,49 +328,33 @@
 		 *      is not perfect.
 		 */
 		if (strncmp(display, "localhost:", 10) == 0) {
-			if ((r = snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
-			    display + 10)) < 0 ||
-			    (size_t)r >= sizeof(xdisplay)) {
-				error("%s: display name too long", __func__);
-				return -1;
-			}
+			snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
+			    display + 10);
 			display = xdisplay;
 		}
 		if (trusted == 0) {
 			xauthdir = xmalloc(PATH_MAX);
 			xauthfile = xmalloc(PATH_MAX);
-			/* Generate an untrusted X11 auth cookie. */
 			mktemp_proto(xauthdir, PATH_MAX);
-			if (mkdtemp(xauthdir) == NULL) {
-				error("%s: mkdtemp: %s",
-				    __func__, strerror(errno));
-				return -1;
+			if (mkdtemp(xauthdir) != NULL) {
+				do_unlink = 1;
+				snprintf(xauthfile, PATH_MAX, "%s/xauthfile",
+				    xauthdir);
+				snprintf(cmd, sizeof(cmd),
+				    "%s -f %s generate %s " SSH_X11_PROTO
+				    " untrusted timeout %u 2>" _PATH_DEVNULL,
+				    xauth_path, xauthfile, display, timeout);
+				debug2("x11_get_proto: %s", cmd);
+				if (system(cmd) == 0)
+					generated = 1;
+				if (x11_refuse_time == 0) {
+					now = monotime() + 1;
+					if (UINT_MAX - timeout < now)
+						x11_refuse_time = UINT_MAX;
+					else
+						x11_refuse_time = now + timeout;
+				}
 			}
-			do_unlink = 1;
-			if ((r = snprintf(xauthfile, PATH_MAX,
-			    "%s/xauthfile", xauthdir)) < 0 ||
-			    (size_t)r >= PATH_MAX) {
-				error("%s: xauthfile path too long", __func__);
-				unlink(xauthfile);
-				rmdir(xauthdir);
-				return -1;
-			}
-			if ((r = snprintf(cmd, sizeof(cmd),
-			    "%s -f %s generate %s " SSH_X11_PROTO
-			    " untrusted timeout %u 2>" _PATH_DEVNULL,
-			    xauth_path, xauthfile, display, timeout)) < 0 ||
-			    (size_t)r >= sizeof(cmd))
-				fatal("%s: cmd too long", __func__);
-			debug2("%s: %s", __func__, cmd);
-			if (system(cmd) == 0)
-				generated = 1;
-			if (x11_refuse_time == 0) {
-				now = monotime() + 1;
-				if (UINT_MAX - timeout < now)
-					x11_refuse_time = UINT_MAX;
-				else
-					x11_refuse_time = now + timeout;
-			}
 		}
 
 		/*
@@ -394,7 +376,9 @@
 				got_data = 1;
 			if (f)
 				pclose(f);
-		}
+		} else
+			error("Warning: untrusted X11 forwarding setup failed: "
+			    "xauth key data not generated");
 	}
 
 	if (do_unlink) {
@@ -404,13 +388,6 @@
 	free(xauthdir);
 	free(xauthfile);
 
-	/* Don't fall back to fake X11 data for untrusted forwarding */
-	if (!trusted && !got_data) {
-		error("Warning: untrusted X11 forwarding setup failed: "
-		    "xauth key data not generated");
-		return -1;
-	}
-
 	/*
 	 * If we didn't get authentication data, just make up some
 	 * data.  The forwarding code will check the validity of the
@@ -433,8 +410,6 @@
 			rnd >>= 8;
 		}
 	}
-
-	return 0;
 }
 
 /*
@@ -2359,8 +2334,7 @@
 		/* Check that the key is accepted in HostkeyAlgorithms */
 		if (options.hostkeyalgorithms != NULL &&
 		    match_pattern_list(sshkey_ssh_name(key),
-		    options.hostkeyalgorithms,
-		    strlen(options.hostkeyalgorithms), 0) != 1) {
+		    options.hostkeyalgorithms, 0) != 1) {
 			debug3("%s: %s key not permitted by HostkeyAlgorithms",
 			    __func__, sshkey_ssh_name(key));
 			continue;