===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/session.c,v
retrieving revision 1.112
retrieving revision 1.113
diff -u -r1.112 -r1.113
--- src/usr.bin/ssh/session.c	2001/12/19 07:18:56	1.112
+++ src/usr.bin/ssh/session.c	2001/12/19 15:43:11	1.113
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.112 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: session.c,v 1.113 2001/12/19 15:43:11 stevesk Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -76,7 +76,7 @@
 	int	display_number;
 	char	*display;
 	int	screen;
-	char	*auth_display;
+	char	*auth_display[2];
 	char	*auth_proto;
 	char	*auth_data;
 	int	single_connection;
@@ -1035,20 +1035,29 @@
 				    _PATH_SSH_SYSTEM_RC);
 		} else if (do_xauth && options.xauth_location != NULL) {
 			/* Add authority data to .Xauthority if appropriate. */
-
 			if (debug_flag) {
 				fprintf(stderr,
 				    "Running %.100s add "
 				    "%.100s %.100s %.100s\n",
-				    options.xauth_location, s->auth_display,
+				    options.xauth_location, s->auth_display[0],
 				    s->auth_proto, s->auth_data);
+				if (s->auth_display[1])
+					fprintf(stderr,
+					    "add %.100s %.100s %.100s\n",
+					    s->auth_display[1],
+					    s->auth_proto, s->auth_data);
 			}
 			snprintf(cmd, sizeof cmd, "%s -q -",
 			    options.xauth_location);
 			f = popen(cmd, "w");
 			if (f) {
-				fprintf(f, "add %s %s %s\n", s->auth_display,
-				    s->auth_proto, s->auth_data);
+				fprintf(f, "add %s %s %s\n",
+				    s->auth_display[0], s->auth_proto,
+				    s->auth_data);
+				if (s->auth_display[1])
+					fprintf(f, "add %s %s %s\n",
+					    s->auth_display[1], s->auth_proto,
+					    s->auth_data);
 				pclose(f);
 			} else {
 				fprintf(stderr, "Could not run %s\n",
@@ -1540,8 +1549,10 @@
 		xfree(s->term);
 	if (s->display)
 		xfree(s->display);
-	if (s->auth_display)
-		xfree(s->auth_display);
+	if (s->auth_display[0])
+		xfree(s->auth_display[0]);
+	if (s->auth_display[1])
+		xfree(s->auth_display[1]);
 	if (s->auth_data)
 		xfree(s->auth_data);
 	if (s->auth_proto)
@@ -1677,18 +1688,36 @@
 	 * authorization entry is added with xauth(1).  This will be
 	 * different than the DISPLAY string for localhost displays.
 	 */
+	s->auth_display[1] = NULL;
 	if (!options.gateway_ports) {
+		struct utsname uts;
+
 		snprintf(display, sizeof display, "localhost:%d.%d",
 		    s->display_number, s->screen);
 		snprintf(auth_display, sizeof auth_display, "%.400s/unix:%d.%d",
 		    hostname, s->display_number, s->screen);
 		s->display = xstrdup(display);
-		s->auth_display = xstrdup(auth_display);
+		s->auth_display[0] = xstrdup(auth_display);
+		/*
+		 * Xlib may use gethostbyname() or uname() hostname to
+		 * look up authorization data for FamilyLocal; see:
+		 * xc/lib/xtrans/Xtrans.c:TRANS(GetHostname)
+		 * We just add authorization entries with both
+		 * hostname and nodename if they are different.
+		 */
+		if (uname(&uts) == -1)
+			fatal("uname: %.100s", strerror(errno));
+		if (strcmp(hostname, uts.nodename) != 0) {
+			snprintf(auth_display, sizeof auth_display,
+			    "%.400s/unix:%d.%d", uts.nodename,
+			    s->display_number, s->screen);
+			s->auth_display[1] = xstrdup(auth_display);
+		}
 	} else {
 		snprintf(display, sizeof display, "%.400s:%d.%d", hostname,
 		    s->display_number, s->screen);
 		s->display = xstrdup(display);
-		s->auth_display = xstrdup(display);
+		s->auth_display[0] = xstrdup(display);
 	}
 
 	return 1;