upstream: Allow ssh_config ForwardX11Timeout=0 to disable the

timeout and allow X11 connections in untrusted mode indefinitely. ok dtucker@

OpenBSD-Commit-ID: ea1ceed3f540b48e5803f933e59a03b20db10c69
This commit is contained in:
djm@openbsd.org 2018-09-21 12:46:22 +00:00 committed by Damien Miller
parent cb24d9fcc9
commit b5e412a899
2 changed files with 33 additions and 16 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */ /* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -279,7 +279,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
const char *xauth_path, u_int trusted, u_int timeout, const char *xauth_path, u_int trusted, u_int timeout,
char **_proto, char **_data) char **_proto, char **_data)
{ {
char cmd[1024], line[512], xdisplay[512]; char *cmd, line[512], xdisplay[512];
char xauthfile[PATH_MAX], xauthdir[PATH_MAX]; char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
static char proto[512], data[512]; static char proto[512], data[512];
FILE *f; FILE *f;
@ -343,19 +343,30 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
return -1; return -1;
} }
if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK) if (timeout == 0) {
x11_timeout_real = UINT_MAX; /* auth doesn't time out */
else xasprintf(&cmd, "%s -f %s generate %s %s "
x11_timeout_real = timeout + X11_TIMEOUT_SLACK; "untrusted 2>%s",
if ((r = snprintf(cmd, sizeof(cmd), xauth_path, xauthfile, display,
"%s -f %s generate %s " SSH_X11_PROTO SSH_X11_PROTO, _PATH_DEVNULL);
" untrusted timeout %u 2>" _PATH_DEVNULL, } else {
xauth_path, xauthfile, display, /* Add some slack to requested expiry */
x11_timeout_real)) < 0 || if (timeout < UINT_MAX - X11_TIMEOUT_SLACK)
(size_t)r >= sizeof(cmd)) x11_timeout_real = timeout +
fatal("%s: cmd too long", __func__); X11_TIMEOUT_SLACK;
else {
/* Don't overflow on long timeouts */
x11_timeout_real = UINT_MAX;
}
xasprintf(&cmd, "%s -f %s generate %s %s "
"untrusted timeout %u 2>%s",
xauth_path, xauthfile, display,
SSH_X11_PROTO, x11_timeout_real,
_PATH_DEVNULL);
}
debug2("%s: %s", __func__, cmd); debug2("%s: %s", __func__, cmd);
if (x11_refuse_time == 0) {
if (timeout != 0 && x11_refuse_time == 0) {
now = monotime() + 1; now = monotime() + 1;
if (UINT_MAX - timeout < now) if (UINT_MAX - timeout < now)
x11_refuse_time = UINT_MAX; x11_refuse_time = UINT_MAX;
@ -366,6 +377,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
} }
if (system(cmd) == 0) if (system(cmd) == 0)
generated = 1; generated = 1;
free(cmd);
} }
/* /*
@ -374,7 +386,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
* above. * above.
*/ */
if (trusted || generated) { if (trusted || generated) {
snprintf(cmd, sizeof(cmd), xasprintf(&cmd,
"%s %s%s list %s 2>" _PATH_DEVNULL, "%s %s%s list %s 2>" _PATH_DEVNULL,
xauth_path, xauth_path,
generated ? "-f " : "" , generated ? "-f " : "" ,
@ -387,6 +399,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
got_data = 1; got_data = 1;
if (f) if (f)
pclose(f); pclose(f);
free(cmd);
} }
} }

View File

@ -33,7 +33,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh_config.5,v 1.284 2018/09/21 03:11:36 djm Exp $ .\" $OpenBSD: ssh_config.5,v 1.285 2018/09/21 12:46:22 djm Exp $
.Dd $Mdocdate: September 21 2018 $ .Dd $Mdocdate: September 21 2018 $
.Dt SSH_CONFIG 5 .Dt SSH_CONFIG 5
.Os .Os
@ -686,6 +686,10 @@ section of
X11 connections received by X11 connections received by
.Xr ssh 1 .Xr ssh 1
after this time will be refused. after this time will be refused.
Setting
.Cm ForwardX11Timeout
to zero will disable the timeout and permit X11 forwarding for the life
of the connection.
The default is to disable untrusted X11 forwarding after twenty minutes has The default is to disable untrusted X11 forwarding after twenty minutes has
elapsed. elapsed.
.It Cm ForwardX11Trusted .It Cm ForwardX11Trusted