src/usr.bin/ssh/session.c - diff

Return to session.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/session.c between version 1.108 and 1.108.2.2

version 1.108, 2001/10/11 13:45:21

version 1.108.2.2, 2002/03/07 17:37:47

Line 73

int row, col, xpixel, ypixel;

char tty[TTYSZ];

/* X11 */

int display_number;

char *display;

int screen;

char *auth_display;

char *auth_proto;

char *auth_data;

int single_connection;

Line 181

Line 183

{

Session *s;

char *command;

int success, type, plen, screen_flag;

int success, type, screen_flag;

int compression_level = 0, enable_compression_after_reply = 0;

u_int proto_len, data_len, dlen;

Line 197

Line 199

success = 0;

/* Get a packet from the client. */

type = packet_read(&plen);

type = packet_read();

/* Process the packet. */

switch (type) {

case SSH_CMSG_REQUEST_COMPRESSION:

packet_integrity_check(plen, 4, type);

compression_level = packet_get_int();

packet_check_eom();

if (compression_level < 1 || compression_level > 9) {

packet_send_debug("Received illegal compression level %d.",

compression_level);

break;

}

/* Enable compression after we have responded with SUCCESS. */

Line 234

Line 236

} else {

s->screen = 0;

}

packet_done();

packet_check_eom();

success = session_setup_x11fwd(s);

if (!success) {

xfree(s->auth_proto);

Line 271

Line 273

if (packet_set_maxsize(packet_get_int()) > 0)

success = 1;

break;

#if defined(AFS) || defined(KRB5)

case SSH_CMSG_HAVE_KERBEROS_TGT:

if (!options.kerberos_tgt_passing) {

verbose("Kerberos TGT passing disabled.");

} else {

char *kdata = packet_get_string(&dlen);

packet_integrity_check(plen, 4 + dlen, type);

packet_check_eom();

/* XXX - 0x41, see creds_to_radix version */

if (kdata[0] != 0x41) {

#ifdef KRB5

krb5_data tgt;

tgt.data = kdata;

tgt.length = dlen;

if (auth_krb5_tgt(s->authctxt, &tgt))

success = 1;

else

Line 304

Line 306

}

break;

#endif /* AFS || KRB5 */

#ifdef AFS

case SSH_CMSG_HAVE_AFS_TOKEN:

if (!options.afs_token_passing || !k_hasafs()) {

Line 312

Line 314

} else {

/* Accept AFS token. */

char *token = packet_get_string(&dlen);

packet_integrity_check(plen, 4 + dlen, type);

packet_check_eom();

if (auth_afs_token(s->authctxt, token))

success = 1;

else

Line 334

Line 336

} else {

do_exec(s, NULL);

}

packet_done();

packet_check_eom();

session_close(s);

return;

Line 596

Line 598

if (packet_connection_is_on_socket()) {

fromlen = sizeof(from);

if (getpeername(packet_get_connection_in(),

(struct sockaddr *) & from, &fromlen) < 0) {

debug("getpeername: %.100s", strerror(errno));

fatal_cleanup();

}

Line 611

Line 613

/* Record that there was a login on that tty from the remote host. */

record_login(pid, s->tty, pw->pw_name, pw->pw_uid,

get_remote_name_or_ip(utmp_len, options.reverse_mapping_check),

get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),

(struct sockaddr *)&from);

if (check_quietlogin(s, command))

Line 685

Line 687

static void

child_set_env(char ***envp, u_int *envsizep, const char *name,

const char *value)

{

u_int i, namelen;

char **env;

Line 726

Line 728

static void

read_environment_file(char ***env, u_int *envsize,

const char *filename)

{

FILE *f;

char buf[4096];

Line 759

Line 761

fclose(f);

}

static char **

* Performs common processing for the child, such as setting up the

do_setup_env(Session *s, const char *shell)

* environment, closing extra file descriptors, setting the user and group

* ids, and executing the command or shell.

void

do_child(Session *s, const char *command)

{

const char *shell, *hostname = NULL, *cp = NULL;

struct passwd *pw = s->pw;

char buf[256];

char cmd[1024];

u_int i, envsize;

FILE *f = NULL;

u_int envsize, i;

char **env;

extern char **environ;

struct passwd *pw = s->pw;

struct stat st;

char *argv[10];

int do_xauth;

do_xauth =

s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL;

/* remove hostkey from the child's memory */

destroy_sensitive_data();

/* login(1) is only called if we execute the login shell */

if (options.use_login && command != NULL)

options.use_login = 0;

if (!options.use_login) {

#ifdef HAVE_LOGIN_CAP

if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid)

f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN,

_PATH_NOLOGIN), "r");

#else

if (pw->pw_uid)

f = fopen(_PATH_NOLOGIN, "r");

#endif

if (f) {

/* /etc/nologin exists. Print its contents and exit. */

while (fgets(buf, sizeof(buf), f))

fputs(buf, stderr);

fclose(f);

exit(254);

}

/* Set login name, uid, gid, and groups. */

/* Login(1) does this as well, and it needs uid 0 for the "-h"

switch, so we let login(1) to this for us. */

if (!options.use_login) {

if (getuid() == 0 || geteuid() == 0) {

#ifdef HAVE_LOGIN_CAP

if (setusercontext(lc, pw, pw->pw_uid,

(LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {

perror("unable to set user context");

exit(1);

}

#else

if (setlogin(pw->pw_name) < 0)

error("setlogin failed: %s", strerror(errno));

if (setgid(pw->pw_gid) < 0) {

perror("setgid");

exit(1);

}

/* Initialize the group list. */

if (initgroups(pw->pw_name, pw->pw_gid) < 0) {

perror("initgroups");

exit(1);

}

endgrent();

/* Permanently switch to the desired uid. */

permanently_set_uid(pw);

#endif

}

if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)

fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);

}

* Get the shell from the password data. An empty shell field is

* legal, and means /bin/sh.

shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;

#ifdef HAVE_LOGIN_CAP

shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);

#endif

/* Initialize the environment. */

envsize = 100;

env = xmalloc(envsize * sizeof(char *));

Line 875

Line 797

child_set_env(&env, &envsize, "TZ", getenv("TZ"));

/* Set custom environment options from RSA authentication. */

while (custom_environment) {

if (!options.use_login) {

struct envstring *ce = custom_environment;

while (custom_environment) {

char *s = ce->s;

struct envstring *ce = custom_environment;

int i;

char *s = ce->s;

for (i = 0; s[i] != '=' && s[i]; i++);

if (s[i] == '=') {

for (i = 0; s[i] != '=' && s[i]; i++)

s[i] = 0;

;

child_set_env(&env, &envsize, s, s + i + 1);

if (s[i] == '=') {

s[i] = 0;

child_set_env(&env, &envsize, s, s + i + 1);

}

custom_environment = ce->next;

xfree(ce->s);

xfree(ce);

}

custom_environment = ce->next;

xfree(ce->s);

xfree(ce);

}

snprintf(buf, sizeof buf, "%.50s %d %d",

get_remote_ipaddr(), get_remote_port(), get_local_port());

child_set_env(&env, &envsize, "SSH_CLIENT", buf);

if (s->ttyfd != -1)

Line 905

Line 830

#ifdef KRB4

if (s->authctxt->krb4_ticket_file)

child_set_env(&env, &envsize, "KRBTKFILE",

s->authctxt->krb4_ticket_file);

#endif

#ifdef KRB5

if (s->authctxt->krb5_ticket_file)

child_set_env(&env, &envsize, "KRB5CCNAME",

s->authctxt->krb5_ticket_file);

#endif

if (auth_get_socket_name() != NULL)

child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,

auth_get_socket_name());

/* read $HOME/.ssh/environment. */

if (!options.use_login) {

Line 928

Line 853

for (i = 0; env[i]; i++)

fprintf(stderr, " %.200s\n", env[i]);

}

return env;

}

* Run $HOME/.ssh/rc, /etc/ssh/sshrc, or xauth (whichever is found

* first in this order).

static void

do_rc_files(Session *s, const char *shell)

{

FILE *f = NULL;

char cmd[1024];

int do_xauth;

struct stat st;

do_xauth =

s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL;

/* ignore _PATH_SSH_USER_RC for subsystems */

if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {

snprintf(cmd, sizeof cmd, "%s -c '%s %s'",

shell, _PATH_BSHELL, _PATH_SSH_USER_RC);

if (debug_flag)

fprintf(stderr, "Running %s\n", cmd);

f = popen(cmd, "w");

if (f) {

if (do_xauth)

fprintf(f, "%s %s\n", s->auth_proto,

s->auth_data);

pclose(f);

} else

fprintf(stderr, "Could not run %s\n",

_PATH_SSH_USER_RC);

} else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) {

if (debug_flag)

fprintf(stderr, "Running %s %s\n", _PATH_BSHELL,

_PATH_SSH_SYSTEM_RC);

f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w");

if (f) {

if (do_xauth)

fprintf(f, "%s %s\n", s->auth_proto,

s->auth_data);

pclose(f);

} else

fprintf(stderr, "Could not run %s\n",

_PATH_SSH_SYSTEM_RC);

} else if (do_xauth && options.xauth_location != NULL) {

/* Add authority data to .Xauthority if appropriate. */

if (debug_flag) {

fprintf(stderr,

"Running %.100s add "

"%.100s %.100s %.100s\n",

options.xauth_location, s->auth_display,

s->auth_proto, s->auth_data);

}

snprintf(cmd, sizeof cmd, "%s -q -",

options.xauth_location);

f = popen(cmd, "w");

if (f) {

fprintf(f, "add %s %s %s\n",

s->auth_display, s->auth_proto,

s->auth_data);

pclose(f);

} else {

fprintf(stderr, "Could not run %s\n",

cmd);

}

static void

do_nologin(struct passwd *pw)

{

FILE *f = NULL;

char buf[1024];

#ifdef HAVE_LOGIN_CAP

if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid)

f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN,

_PATH_NOLOGIN), "r");

#else

if (pw->pw_uid)

f = fopen(_PATH_NOLOGIN, "r");

#endif

if (f) {

/* /etc/nologin exists. Print its contents and exit. */

while (fgets(buf, sizeof(buf), f))

fputs(buf, stderr);

fclose(f);

exit(254);

}

/* Set login name, uid, gid, and groups. */

static void

do_setusercontext(struct passwd *pw)

{

if (getuid() == 0 || geteuid() == 0) {

#ifdef HAVE_LOGIN_CAP

if (setusercontext(lc, pw, pw->pw_uid,

(LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {

perror("unable to set user context");

exit(1);

}

#else

if (setlogin(pw->pw_name) < 0)

error("setlogin failed: %s", strerror(errno));

if (setgid(pw->pw_gid) < 0) {

perror("setgid");

exit(1);

}

/* Initialize the group list. */

if (initgroups(pw->pw_name, pw->pw_gid) < 0) {

perror("initgroups");

exit(1);

}

endgrent();

/* Permanently switch to the desired uid. */

permanently_set_uid(pw);

#endif

}

if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)

fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);

}

* Performs common processing for the child, such as setting up the

* environment, closing extra file descriptors, setting the user and group

* ids, and executing the command or shell.

void

do_child(Session *s, const char *command)

{

extern char **environ;

char **env;

char *argv[10];

const char *shell, *shell0, *hostname = NULL;

struct passwd *pw = s->pw;

u_int i;

/* remove hostkey from the child's memory */

destroy_sensitive_data();

/* login(1) is only called if we execute the login shell */

if (options.use_login && command != NULL)

options.use_login = 0;

* Login(1) does this as well, and it needs uid 0 for the "-h"

* switch, so we let login(1) to this for us.

if (!options.use_login) {

do_nologin(pw);

do_setusercontext(pw);

}

* Get the shell from the password data. An empty shell field is

* legal, and means /bin/sh.

shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;

#ifdef HAVE_LOGIN_CAP

shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);

#endif

env = do_setup_env(s, shell);

/* we have to stash the hostname before we close our socket. */

if (options.use_login)

hostname = get_remote_name_or_ip(utmp_len,

options.reverse_mapping_check);

options.verify_reverse_mapping);

* Close the connection descriptors; note that this is the child, and

* the server will still have the socket open, and it is important

Line 968

Line 1061

close(i);

* Must take new environment into use so that .ssh/rc, /etc/sshrc and

* Must take new environment into use so that .ssh/rc,

* xauth are run in the proper environment.

* /etc/ssh/sshrc and xauth are run in the proper environment.

environ = env;

Line 977

Line 1070

/* Try to get AFS tokens for the local cell. */

if (k_hasafs()) {

char cell[64];

if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)

krb_afslog(cell, 0);

krb_afslog(0, 0);

}

#endif /* AFS */

Line 995

Line 1088

#endif

}

if (!options.use_login)

* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first

do_rc_files(s, shell);

* in this order).

if (!options.use_login) {

/* ignore _PATH_SSH_USER_RC for subsystems */

if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {

snprintf(cmd, sizeof cmd, "%s -c '%s %s'",

shell, _PATH_BSHELL, _PATH_SSH_USER_RC);

if (debug_flag)

fprintf(stderr, "Running %s\n", cmd);

f = popen(cmd, "w");

if (f) {

if (do_xauth)

fprintf(f, "%s %s\n", s->auth_proto,

s->auth_data);

pclose(f);

} else

fprintf(stderr, "Could not run %s\n",

_PATH_SSH_USER_RC);

} else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) {

if (debug_flag)

fprintf(stderr, "Running %s %s\n", _PATH_BSHELL,

_PATH_SSH_SYSTEM_RC);

f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w");

if (f) {

if (do_xauth)

fprintf(f, "%s %s\n", s->auth_proto,

s->auth_data);

pclose(f);

} else

fprintf(stderr, "Could not run %s\n",

_PATH_SSH_SYSTEM_RC);

} else if (do_xauth && options.xauth_location != NULL) {

/* Add authority data to .Xauthority if appropriate. */

char *screen = strchr(s->display, ':');

if (debug_flag) {

fprintf(stderr,

"Running %.100s add "

"%.100s %.100s %.100s\n",

options.xauth_location, s->display,

s->auth_proto, s->auth_data);

if (screen != NULL)

fprintf(stderr,

"Adding %.*s/unix%s %s %s\n",

(int)(screen - s->display),

s->display, screen,

s->auth_proto, s->auth_data);

}

snprintf(cmd, sizeof cmd, "%s -q -",

options.xauth_location);

f = popen(cmd, "w");

if (f) {

fprintf(f, "add %s %s %s\n", s->display,

s->auth_proto, s->auth_data);

if (screen != NULL)

fprintf(f, "add %.*s/unix%s %s %s\n",

(int)(screen - s->display),

s->display, screen,

s->auth_proto,

s->auth_data);

pclose(f);

} else {

fprintf(stderr, "Could not run %s\n",

cmd);

}

/* Get the last component of the shell name. */

cp = strrchr(shell, '/');

if (cp)

cp++;

else

cp = shell;

}

/* restore SIGPIPE for child */

signal(SIGPIPE, SIG_DFL);

if (options.use_login) {

/* Launch login(1). */

execl("/usr/bin/login", "login", "-h", hostname,

"-p", "-f", "--", pw->pw_name, (char *)NULL);

/* Login couldn't be executed, die. */

perror("login");

exit(1);

}

/* Get the last component of the shell name. */

if ((shell0 = strrchr(shell, '/')) != NULL)

shell0++;

else

shell0 = shell;

* If we have no command, execute the shell. In this case, the shell

* name to be passed in argv[0] is preceded by '-' to indicate that

* this is a login shell.

if (!command) {

if (!options.use_login) {

char argv0[256];

char buf[256];

/* Start the shell. Set initial character to '-'. */

buf[0] = '-';

argv0[0] = '-';

strncpy(buf + 1, cp, sizeof(buf) - 1);

buf[sizeof(buf) - 1] = 0;

/* Execute the shell. */

if (strlcpy(argv0 + 1, shell0, sizeof(argv0) - 1)

argv[0] = buf;

>= sizeof(argv0) - 1) {

argv[1] = NULL;

errno = EINVAL;

execve(shell, argv, env);

/* Executing the shell failed. */

perror(shell);

exit(1);

}

} else {

/* Execute the shell. */

/* Launch login(1). */

argv[0] = argv0;

argv[1] = NULL;

execve(shell, argv, env);

execl("/usr/bin/login", "login", "-h", hostname,

/* Executing the shell failed. */

"-p", "-f", "--", pw->pw_name, (char *)NULL);

perror(shell);

exit(1);

/* Login couldn't be executed, die. */

perror("login");

exit(1);

}

* Execute the command using the user's shell. This uses the -c

* option to execute the command.

argv[0] = (char *) cp;

argv[0] = (char *) shell0;

argv[1] = "-c";

argv[2] = (char *) command;

argv[3] = NULL;

Line 1129

Line 1159

static int did_init = 0;

if (!did_init) {

debug("session_new: init");

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

sessions[i].used = 0;

}

did_init = 1;

}

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (! s->used) {

memset(s, 0, sizeof(*s));

Line 1154

Line 1184

session_dump(void)

{

int i;

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

debug("dump: used %d session %d %p channel %d pid %d",

s->used,

Line 1187

Line 1217

session_by_channel(int id)

{

int i;

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (s->used && s->chanid == id) {

debug("session_by_channel: session %d channel %d", i, id);

Line 1204

Line 1234

{

int i;

debug("session_by_pid: pid %d", pid);

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (s->used && s->pid == pid)

return s;

Line 1221

Line 1251

s->row = packet_get_int();

s->xpixel = packet_get_int();

s->ypixel = packet_get_int();

packet_done();

packet_check_eom();

pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);

return 1;

}

Line 1286

Line 1316

/* Set window size from the packet. */

pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);

packet_done();

packet_check_eom();

session_proctitle(s);

return 1;

}

Line 1300

Line 1330

char *cmd, *subsys = packet_get_string(&len);

int i;

packet_done();

packet_check_eom();

log("subsystem request for %s", subsys);

log("subsystem request for %.100s", subsys);

for (i = 0; i < options.num_subsystems; i++) {

if (strcmp(subsys, options.subsystem_name[i]) == 0) {

Line 1315

Line 1345

s->is_subsystem = 1;

do_exec(s, cmd);

success = 1;

break;

}

if (!success)

log("subsystem request for %s failed, subsystem not found",

log("subsystem request for %.100s failed, subsystem not found",

subsys);

xfree(subsys);

Line 1335

Line 1366

s->auth_proto = packet_get_string(NULL);

s->auth_data = packet_get_string(NULL);

s->screen = packet_get_int();

packet_done();

packet_check_eom();

success = session_setup_x11fwd(s);

if (!success) {

Line 1350

Line 1381

static int

session_shell_req(Session *s)

{

packet_done();

packet_check_eom();

do_exec(s, NULL);

return 1;

}

Line 1360

Line 1391

{

u_int len;

char *command = packet_get_string(&len);

packet_done();

packet_check_eom();

do_exec(s, command);

xfree(command);

return 1;

Line 1370

Line 1401

session_auth_agent_req(Session *s)

{

static int called = 0;

packet_done();

packet_check_eom();

if (no_agent_forwarding_flag) {

debug("session_auth_agent_req: no_agent_forwarding_flag");

return 0;

Line 1383

Line 1414

}

void

int

session_input_channel_req(int id, void *arg)

session_input_channel_req(Channel *c, const char *rtype)

{

u_int len;

int reply;

int success = 0;

char *rtype;

Session *s;

Channel *c;

rtype = packet_get_string(&len);

if ((s = session_by_channel(c->self)) == NULL) {

reply = packet_get_char();

log("session_input_channel_req: no session %d req %.100s",

c->self, rtype);

return 0;

}

debug("session_input_channel_req: session %d req %s", s->self, rtype);

s = session_by_channel(id);

if (s == NULL)

fatal("session_input_channel_req: channel %d: no session", id);

c = channel_lookup(id);

if (c == NULL)

fatal("session_input_channel_req: channel %d: bad channel", id);

debug("session_input_channel_req: session %d channel %d request %s reply %d",

s->self, id, rtype, reply);

* a session is in LARVAL state until a shell, a command

* or a subsystem is executed

Line 1428

Line 1449

if (strcmp(rtype, "window-change") == 0) {

success = session_window_change_req(s);

}

return success;

if (reply) {

packet_start(success ?

SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);

packet_put_int(c->remote_id);

packet_send();

}

xfree(rtype);

}

void

Line 1452

Line 1466

channel_set_fds(s->chanid,

fdout, fdin, fderr,

fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ,

1);

CHAN_SES_WINDOW_DEFAULT);

}

Line 1496

Line 1511

session_exit_message(Session *s, int status)

{

Channel *c;

if (s == NULL)

fatal("session_close: no session");

if ((c = channel_lookup(s->chanid)) == NULL)

c = channel_lookup(s->chanid);

if (c == NULL)

fatal("session_exit_message: session %d: no channel %d",

s->self, s->chanid);

debug("session_exit_message: session %d channel %d pid %d",

s->self, s->chanid, s->pid);

if (WIFEXITED(status)) {

channel_request_start(s->chanid,

channel_request_start(s->chanid, "exit-status", 0);

"exit-status", 0);

packet_put_int(WEXITSTATUS(status));

packet_send();

} else if (WIFSIGNALED(status)) {

channel_request_start(s->chanid,

channel_request_start(s->chanid, "exit-signal", 0);

"exit-signal", 0);

packet_put_int(WTERMSIG(status));

packet_put_char(WCOREDUMP(status));

packet_put_cstring("");

Line 1549

Line 1560

xfree(s->term);

if (s->display)

xfree(s->display);

if (s->auth_display)

xfree(s->auth_display);

if (s->auth_data)

xfree(s->auth_data);

if (s->auth_proto)

Line 1605

Line 1618

session_destroy_all(void)

{

int i;

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (s->used)

session_close(s);

}

Line 1618

Line 1631

static char buf[1024];

int i;

buf[0] = '\0';

for(i = 0; i < MAX_SESSIONS; i++) {

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (s->used && s->ttyfd != -1) {

if (buf[0] != '\0')

Line 1644

Line 1657

session_setup_x11fwd(Session *s)

{

struct stat st;

char display[512], auth_display[512];

char hostname[MAXHOSTNAMELEN];

if (no_x11_forwarding_flag) {

packet_send_debug("X11 forwarding disabled in user configuration file.");

Line 1667

Line 1682

debug("X11 display already set.");

return 0;

}

s->display = x11_create_display_inet(s->screen, options.x11_display_offset);

s->display_number = x11_create_display_inet(options.x11_display_offset,

if (s->display == NULL) {

options.x11_use_localhost, s->single_connection);

if (s->display_number == -1) {

debug("x11_create_display_inet failed.");

return 0;

}

/* Set up a suitable value for the DISPLAY variable. */

if (gethostname(hostname, sizeof(hostname)) < 0)

fatal("gethostname: %.100s", strerror(errno));

* auth_display must be used as the displayname when the

* authorization entry is added with xauth(1). This will be

* different than the DISPLAY string for localhost displays.

if (options.x11_use_localhost) {

snprintf(display, sizeof display, "localhost:%d.%d",

s->display_number, s->screen);

snprintf(auth_display, sizeof auth_display, "unix:%d.%d",

s->display_number, s->screen);

s->display = xstrdup(display);

s->auth_display = xstrdup(auth_display);

} else {

snprintf(display, sizeof display, "%.400s:%d.%d", hostname,

s->display_number, s->screen);

s->display = xstrdup(display);

s->auth_display = xstrdup(display);

}

return 1;

}