version 1.278, 2015/04/24 01:36:00 |
version 1.278.2.1, 2016/03/10 11:54:22 |
|
|
#include <sys/socket.h> |
#include <sys/socket.h> |
#include <sys/queue.h> |
#include <sys/queue.h> |
|
|
|
#include <ctype.h> |
#include <errno.h> |
#include <errno.h> |
#include <fcntl.h> |
#include <fcntl.h> |
#include <grp.h> |
#include <grp.h> |
|
|
do_cleanup(authctxt); |
do_cleanup(authctxt); |
} |
} |
|
|
|
/* Check untrusted xauth strings for metacharacters */ |
|
static int |
|
xauth_valid_string(const char *s) |
|
{ |
|
size_t i; |
|
|
|
for (i = 0; s[i] != '\0'; i++) { |
|
if (!isalnum((u_char)s[i]) && |
|
s[i] != '.' && s[i] != ':' && s[i] != '/' && |
|
s[i] != '-' && s[i] != '_') |
|
return 0; |
|
} |
|
return 1; |
|
} |
|
|
/* |
/* |
* Prepares for an interactive session. This is called after the user has |
* Prepares for an interactive session. This is called after the user has |
* been successfully authenticated. During this message exchange, pseudo |
* been successfully authenticated. During this message exchange, pseudo |
|
|
s->screen = 0; |
s->screen = 0; |
} |
} |
packet_check_eom(); |
packet_check_eom(); |
success = session_setup_x11fwd(s); |
if (xauth_valid_string(s->auth_proto) && |
|
xauth_valid_string(s->auth_data)) |
|
success = session_setup_x11fwd(s); |
|
else { |
|
success = 0; |
|
error("Invalid X11 forwarding data"); |
|
} |
if (!success) { |
if (!success) { |
free(s->auth_proto); |
free(s->auth_proto); |
free(s->auth_data); |
free(s->auth_data); |
|
|
s->screen = packet_get_int(); |
s->screen = packet_get_int(); |
packet_check_eom(); |
packet_check_eom(); |
|
|
success = session_setup_x11fwd(s); |
if (xauth_valid_string(s->auth_proto) && |
|
xauth_valid_string(s->auth_data)) |
|
success = session_setup_x11fwd(s); |
|
else { |
|
success = 0; |
|
error("Invalid X11 forwarding data"); |
|
} |
if (!success) { |
if (!success) { |
free(s->auth_proto); |
free(s->auth_proto); |
free(s->auth_data); |
free(s->auth_data); |