tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2001/05/19 00:36:40 

[session.c]
     Disable X11 forwarding if xauth binary is not found. Patch from Nalin
     Dahyabhai <nalin@redhat.com>; ok markus@
This commit is contained in:
Ben Lindstrom 2001-06-05 19:29:20 +00:00
parent 551ea37576
commit 7d68fbf4c5
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -8,6 +8,10 @@
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
improved kbd-interactive support. work by per@appgate.com and me improved kbd-interactive support. work by per@appgate.com and me
- djm@cvs.openbsd.org 2001/05/19 00:36:40
[session.c]
Disable X11 forwarding if xauth binary is not found. Patch from Nalin
Dahyabhai <nalin@redhat.com>; ok markus@
20010528 20010528
- (tim) [conifgure.in] add setvbuf test needed for sftp-int.c - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c
@ -5438,4 +5442,4 @@
- Wrote replacements for strlcpy and mkdtemp - Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1 - Released 1.0pre1
$Id: ChangeLog,v 1.1228 2001/06/05 18:56:16 mouring Exp $ $Id: ChangeLog,v 1.1229 2001/06/05 19:29:20 mouring Exp $

12
session.c
View File

@ -33,7 +33,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: session.c,v 1.75 2001/05/03 15:45:15 markus Exp $"); RCSID("$OpenBSD: session.c,v 1.76 2001/05/19 00:36:40 djm Exp $");
#include "ssh.h" #include "ssh.h"
#include "ssh1.h" #include "ssh1.h"
@ -255,6 +255,7 @@ do_authenticated1(Authctxt *authctxt)
int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
int compression_level = 0, enable_compression_after_reply = 0; int compression_level = 0, enable_compression_after_reply = 0;
u_int proto_len, data_len, dlen; u_int proto_len, data_len, dlen;
struct stat st;
s = session_new(); s = session_new();
s->pw = authctxt->pw; s->pw = authctxt->pw;
@ -337,7 +338,8 @@ do_authenticated1(Authctxt *authctxt)
packet_send_debug("X11 forwarding disabled in server configuration file."); packet_send_debug("X11 forwarding disabled in server configuration file.");
break; break;
} }
if (!options.xauth_location) { if (!options.xauth_location ||
(stat(options.xauth_location, &st) == -1)) {
packet_send_debug("No xauth program; cannot forward with spoofing."); packet_send_debug("No xauth program; cannot forward with spoofing.");
break; break;
} }
@ -1752,6 +1754,7 @@ int
session_x11_req(Session *s) session_x11_req(Session *s)
{ {
int fd; int fd;
struct stat st;
if (no_x11_forwarding_flag) { if (no_x11_forwarding_flag) {
debug("X11 forwarding disabled in user configuration file."); debug("X11 forwarding disabled in user configuration file.");
return 0; return 0;
@ -1760,6 +1763,11 @@ session_x11_req(Session *s)
debug("X11 forwarding disabled in server configuration file."); debug("X11 forwarding disabled in server configuration file.");
return 0; return 0;
} }
if (!options.xauth_location ||
(stat(options.xauth_location, &st) == -1)) {
packet_send_debug("No xauth program; cannot forward with spoofing.");
return 0;
}
if (xauthfile != NULL) { if (xauthfile != NULL) {
debug("X11 fwd already started."); debug("X11 fwd already started.");
return 0; return 0;