nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

X forwarding authentication is now invented on a per-SSH-connection

Browse Source 
basis, so the statics are gone from x11fwd.c.

[originally from svn r2145]
This commit is contained in:
Simon Tatham 2002-10-26 11:23:15 +00:00
parent feec0e22ea
commit ae09bf1c95
2 changed files with 37 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ssh.c
View File

@ -312,10 +312,10 @@ enum { PKT_END, PKT_INT, PKT_CHAR, PKT_DATA, PKT_STR, PKT_BIGNUM };
typedef struct ssh_tag *Ssh;
extern char *x11_init(Socket *, char *, void *);
extern char *x11_init(Socket *, char *, void *, void *);
extern void x11_close(Socket);
extern int x11_send(Socket, char *, int);
extern void x11_invent_auth(char *, int, char *, int);
extern void *x11_invent_auth(char *, int, char *, int);
extern void x11_unthrottle(Socket s);
extern void x11_override_throttle(Socket s, int enable);
@ -628,6 +628,8 @@ struct ssh_tag {
char *portfwd_strptr;
int pkt_ctx;
void *x11auth;
int version;
int v1_throttle_count;
int overall_bufsize;
@ -3030,7 +3032,8 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt)
if (cfg.x11_forward) {
char proto[20], data[64];
logevent("Requesting X11 forwarding");
x11_invent_auth(proto, sizeof(proto), data, sizeof(data));
ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
data, sizeof(data));
if (ssh->v1_local_protoflags & SSH1_PROTOFLAG_SCREEN_NUMBER) {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
PKT_STR, proto, PKT_STR, data,
@ -3273,7 +3276,8 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt)
c = smalloc(sizeof(struct ssh_channel));
c->ssh = ssh;
if (x11_init(&c->u.x11.s, cfg.x11_display, c) != NULL) {
if (x11_init(&c->u.x11.s, cfg.x11_display, c,
ssh->x11auth) != NULL) {
logevent("opening X11 forward connection failed");
sfree(c);
send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE,
@ -5057,7 +5061,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
if (cfg.x11_forward) {
char proto[20], data[64];
logevent("Requesting X11 forwarding");
x11_invent_auth(proto, sizeof(proto), data, sizeof(data));
ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
data, sizeof(data));
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
ssh2_pkt_addstring(ssh, "x11-req");
@ -5703,8 +5708,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
if (typelen == 3 && !memcmp(type, "x11", 3)) {
if (!ssh->X11_fwd_enabled)
error = "X11 forwarding is not enabled";
else if (x11_init(&c->u.x11.s, cfg.x11_display, c) !=
NULL) {
else if (x11_init(&c->u.x11.s, cfg.x11_display, c,
ssh->x11auth) != NULL) {
error = "Unable to open an X11 connection";
} else {
c->type = CHAN_X11;
@ -5869,6 +5874,7 @@ static char *ssh_init(void *frontend_handle, void **backend_handle,
ssh->deferred_size = 0;
ssh->fallback_cmd = 0;
ssh->pkt_ctx = 0;
ssh->x11auth = NULL;
ssh->v2_outgoing_sequence = 0;
ssh->ssh1_rdpkt_crstate = 0;
ssh->ssh2_rdpkt_crstate = 0;

39
x11fwd.c
View File

@ -51,10 +51,16 @@
#define PUT_16BIT(endian, cp, val) \
(endian=='B' ? PUT_16BIT_MSB_FIRST(cp, val) : PUT_16BIT_LSB_FIRST(cp, val))
struct X11Auth {
unsigned char data[64];
int len;
};
struct X11Private {
struct plug_function_table *fn;
const struct plug_function_table *fn;
/* the above variable absolutely *must* be the first in this structure */
unsigned char firstpkt[12]; /* first X data packet */
struct X11Auth *auth;
char *auth_protocol;
unsigned char *auth_data;
int data_read, auth_plen, auth_psize, auth_dlen, auth_dsize;
@ -66,35 +72,36 @@ struct X11Private {
void x11_close(Socket s);
static unsigned char x11_authdata[64];
static int x11_authdatalen;
void x11_invent_auth(char *proto, int protomaxlen,
void *x11_invent_auth(char *proto, int protomaxlen,
char *data, int datamaxlen)
{
struct X11Auth *auth = smalloc(sizeof(struct X11Auth));
char ourdata[64];
int i;
/* MIT-MAGIC-COOKIE-1. Cookie size is 128 bits (16 bytes). */
x11_authdatalen = 16;
auth->len = 16;
for (i = 0; i < 16; i++)
x11_authdata[i] = random_byte();
auth->data[i] = random_byte();
/* Now format for the recipient. */
strncpy(proto, "MIT-MAGIC-COOKIE-1", protomaxlen);
ourdata[0] = '\0';
for (i = 0; i < x11_authdatalen; i++)
sprintf(ourdata + strlen(ourdata), "%02x", x11_authdata[i]);
for (i = 0; i < auth->len; i++)
sprintf(ourdata + strlen(ourdata), "%02x", auth->data[i]);
strncpy(data, ourdata, datamaxlen);
return auth;
}
static int x11_verify(char *proto, unsigned char *data, int dlen)
static int x11_verify(struct X11Auth *auth,
char *proto, unsigned char *data, int dlen)
{
if (strcmp(proto, "MIT-MAGIC-COOKIE-1") != 0)
return 0; /* wrong protocol attempted */
if (dlen != x11_authdatalen)
if (dlen != auth->len)
return 0; /* cookie was wrong length */
if (memcmp(x11_authdata, data, dlen) != 0)
if (memcmp(auth->data, data, dlen) != 0)
return 0; /* cookie was wrong cookie! */
return 1;
}
@ -139,9 +146,9 @@ static void x11_sent(Plug plug, int bufsize)
* Returns an error message, or NULL on success.
* also, fills the SocketsStructure
*/
char *x11_init(Socket * s, char *display, void *c)
char *x11_init(Socket * s, char *display, void *c, void *auth)
{
static struct plug_function_table fn_table = {
static const struct plug_function_table fn_table = {
x11_closing,
x11_receive,
x11_sent,
@ -183,6 +190,7 @@ char *x11_init(Socket * s, char *display, void *c)
pr = (struct X11Private *) smalloc(sizeof(struct X11Private));
pr->fn = &fn_table;
pr->auth_protocol = NULL;
pr->auth = (struct X11Auth *)auth;
pr->verified = 0;
pr->data_read = 0;
pr->throttled = pr->throttle_override = 0;
@ -287,7 +295,8 @@ int x11_send(Socket s, char *data, int len)
int ret;
pr->auth_protocol[pr->auth_plen] = '\0'; /* ASCIZ */
ret = x11_verify(pr->auth_protocol, pr->auth_data, pr->auth_dlen);
ret = x11_verify(pr->auth, pr->auth_protocol,
pr->auth_data, pr->auth_dlen);
/*
* If authentication failed, construct and send an error