summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-06-13 19:18:04 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-06-13 19:18:04 +0000
commite629722c72a9f0c815946d25a7cf6d686463021e (patch)
treee6e1325324020182c8b6bbf119f73059c8d66620
parentd27b597dc3708afe72356048acf9ab78b1c3bb43 (diff)
- (bal) Applied X11 Cookie Patch. X11 Cookie behavior has changed to
no longer use /tmp/ssh-XXXXX/
-rw-r--r--ChangeLog6
-rw-r--r--channels.c21
-rw-r--r--channels.h2
-rw-r--r--session.c80
4 files changed, 24 insertions, 85 deletions
diff --git a/ChangeLog b/ChangeLog
index 9fd0cc2c..9895d1ac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20010614
+ - (bal) Applied X11 Cookie Patch. X11 Cookie behavior has changed to
+ no longer use /tmp/ssh-XXXXX/
+
20010528
- (tim) [conifgure.in] add setvbuf test needed for sftp-int.c
Patch by Corinna Vinschen <vinschen@redhat.com>
@@ -5306,4 +5310,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1179.2.15 2001/05/28 17:21:43 tim Exp $
+$Id: ChangeLog,v 1.1179.2.16 2001/06/13 19:18:04 mouring Exp $
diff --git a/channels.c b/channels.c
index 57890aec..23ee899a 100644
--- a/channels.c
+++ b/channels.c
@@ -2581,10 +2581,17 @@ auth_get_socket_name()
/* removes the agent forwarding socket */
void
-cleanup_socket(void)
+auth_sock_cleanup_proc(void *_pw)
{
- unlink(channel_forwarded_auth_socket_name);
- rmdir(channel_forwarded_auth_socket_dir);
+ struct passwd *pw = _pw;
+
+ if (channel_forwarded_auth_socket_name) {
+ temporarily_use_uid(pw);
+ unlink(channel_forwarded_auth_socket_name);
+ rmdir(channel_forwarded_auth_socket_dir);
+ channel_forwarded_auth_socket_name = NULL;
+ restore_uid();
+ }
}
/*
@@ -2623,11 +2630,9 @@ auth_input_request_forwarding(struct passwd * pw)
snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d",
channel_forwarded_auth_socket_dir, (int) getpid());
- if (atexit(cleanup_socket) < 0) {
- int saved = errno;
- cleanup_socket();
- packet_disconnect("socket: %.100s", strerror(saved));
- }
+ /* delete agent socket on fatal() */
+ fatal_add_cleanup(auth_sock_cleanup_proc, pw);
+
/* Create the socket. */
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
diff --git a/channels.h b/channels.h
index bf70a8f2..25c0e83c 100644
--- a/channels.h
+++ b/channels.h
@@ -293,6 +293,8 @@ void auth_request_forwarding(void);
*/
char *auth_get_socket_name(void);
+void auth_sock_cleanup_proc(void *_pw);
+
/*
* This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
* This starts forwarding authentication requests.
diff --git a/session.c b/session.c
index 71ed304e..9c761537 100644
--- a/session.c
+++ b/session.c
@@ -146,9 +146,6 @@ extern u_int utmp_len;
extern int startup_pipe;
extern void destroy_sensitive_data(void);
-/* Local Xauthority file. */
-static char *xauthfile;
-
/* original command from peer. */
char *original_command = NULL;
@@ -197,27 +194,10 @@ do_authenticated(Authctxt *authctxt)
do_authenticated2(authctxt);
else
do_authenticated1(authctxt);
-}
-/*
- * Remove local Xauthority file.
- */
-void
-xauthfile_cleanup_proc(void *ignore)
-{
- debug("xauthfile_cleanup_proc called");
-
- if (xauthfile != NULL) {
- char *p;
- unlink(xauthfile);
- p = strrchr(xauthfile, '/');
- if (p != NULL) {
- *p = '\0';
- rmdir(xauthfile);
- }
- xfree(xauthfile);
- xauthfile = NULL;
- }
+ /* remove agent socket */
+ if (auth_get_socket_name())
+ auth_sock_cleanup_proc(authctxt->pw);
}
/*
@@ -252,7 +232,7 @@ do_authenticated1(Authctxt *authctxt)
{
Session *s;
char *command;
- int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
+ int success, type, n_bytes, plen, screen_flag, have_pty = 0;
int compression_level = 0, enable_compression_after_reply = 0;
u_int proto_len, data_len, dlen;
@@ -373,25 +353,6 @@ do_authenticated1(Authctxt *authctxt)
if (s->display == NULL)
break;
- /* Setup to always have a local .Xauthority. */
- xauthfile = xmalloc(MAXPATHLEN);
- strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
- temporarily_use_uid(s->pw);
- if (mkdtemp(xauthfile) == NULL) {
- restore_uid();
- error("private X11 dir: mkdtemp %s failed: %s",
- xauthfile, strerror(errno));
- xfree(xauthfile);
- xauthfile = NULL;
- /* XXXX remove listening channels */
- break;
- }
- strlcat(xauthfile, "/cookies", MAXPATHLEN);
- fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
- if (fd >= 0)
- close(fd);
- restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
success = 1;
break;
@@ -445,9 +406,6 @@ do_authenticated1(Authctxt *authctxt)
if (command != NULL)
xfree(command);
- /* Cleanup user's local Xauthority file. */
- if (xauthfile)
- xauthfile_cleanup_proc(NULL);
return;
default:
@@ -1348,8 +1306,6 @@ do_child(Session *s, const char *command)
do_pam_environment(&env, &envsize);
#endif /* USE_PAM */
- if (xauthfile)
- child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
if (auth_get_socket_name() != NULL)
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_get_socket_name());
@@ -1751,7 +1707,6 @@ session_subsystem_req(Session *s)
int
session_x11_req(Session *s)
{
- int fd;
if (no_x11_forwarding_flag) {
debug("X11 forwarding disabled in user configuration file.");
return 0;
@@ -1760,11 +1715,6 @@ session_x11_req(Session *s)
debug("X11 forwarding disabled in server configuration file.");
return 0;
}
- if (xauthfile != NULL) {
- debug("X11 fwd already started.");
- return 0;
- }
-
debug("Received request for X11 forwarding with auth spoofing.");
if (s->display != NULL)
packet_disconnect("Protocol error: X11 display already set.");
@@ -1781,26 +1731,6 @@ session_x11_req(Session *s)
xfree(s->auth_data);
return 0;
}
- xauthfile = xmalloc(MAXPATHLEN);
- strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
- temporarily_use_uid(s->pw);
- if (mkdtemp(xauthfile) == NULL) {
- restore_uid();
- error("private X11 dir: mkdtemp %s failed: %s",
- xauthfile, strerror(errno));
- xfree(xauthfile);
- xauthfile = NULL;
- xfree(s->auth_proto);
- xfree(s->auth_data);
- /* XXXX remove listening channels */
- return 0;
- }
- strlcat(xauthfile, "/cookies", MAXPATHLEN);
- fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
- if (fd >= 0)
- close(fd);
- restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, s);
return 1;
}
@@ -2098,6 +2028,4 @@ do_authenticated2(Authctxt *authctxt)
{
server_loop2();
- if (xauthfile)
- xauthfile_cleanup_proc(NULL);
}