Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c^! / . / ssh.c
commited4ce82dbfa8a3a3c8ea6fa0db113c71e234416c[log] [tgz]
authordjm@openbsd.org <djm@openbsd.org>Wed Jan 13 23:04:47 2016 +0000
committerDamien Miller <djm@mindrot.org>Thu Jan 14 10:06:01 2016 +1100
tree008ac3334471370857e32b48893cb6f07d28e987
parent9a728cc918fad67c8a9a71201088b1e150340ba4 [diff] [blame]
upstream commit

eliminate fallback from untrusted X11 forwarding to trusted
 forwarding when the X server disables the SECURITY extension; Reported by
 Thomas Hoger; ok deraadt@

Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938

diff --git a/ssh.c b/ssh.c
index 81704ab..096c5b5 100644
--- a/ssh.c
+++ b/ssh.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.432 2015/12/11 03:20:09 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.433 2016/01/13 23:04:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1626,6 +1626,7 @@
 	struct winsize ws;
 	char *cp;
 	const char *display;
+	char *proto = NULL, *data = NULL;
 
 	/* Enable compression if requested. */
 	if (options.compression) {
@@ -1696,13 +1697,9 @@
 	display = getenv("DISPLAY");
 	if (display == NULL && options.forward_x11)
 		debug("X11 forwarding requested but DISPLAY not set");
-	if (options.forward_x11 && display != NULL) {
-		char *proto, *data;
-		/* Get reasonable local authentication information. */
-		client_x11_get_proto(display, options.xauth_location,
-		    options.forward_x11_trusted,
-		    options.forward_x11_timeout,
-		    &proto, &data);
+	if (options.forward_x11 && client_x11_get_proto(display,
+	    options.xauth_location, options.forward_x11_trusted,
+	    options.forward_x11_timeout, &proto, &data) == 0) {
 		/* Request forwarding with authentication spoofing. */
 		debug("Requesting X11 forwarding with authentication "
 		    "spoofing.");
@@ -1792,6 +1789,7 @@
 	extern char **environ;
 	const char *display;
 	int interactive = tty_flag;
+	char *proto = NULL, *data = NULL;
 
 	if (!success)
 		return; /* No need for error message, channels code sens one */
@@ -1799,12 +1797,9 @@
 	display = getenv("DISPLAY");
 	if (display == NULL && options.forward_x11)
 		debug("X11 forwarding requested but DISPLAY not set");
-	if (options.forward_x11 && display != NULL) {
-		char *proto, *data;
-		/* Get reasonable local authentication information. */
-		client_x11_get_proto(display, options.xauth_location,
-		    options.forward_x11_trusted,
-		    options.forward_x11_timeout, &proto, &data);
+	if (options.forward_x11 && client_x11_get_proto(display,
+	    options.xauth_location, options.forward_x11_trusted,
+	    options.forward_x11_timeout, &proto, &data) == 0) {
 		/* Request forwarding with authentication spoofing. */
 		debug("Requesting X11 forwarding with authentication "
 		    "spoofing.");