Import a security fix: the client would allow a server to use its

ssh-agent or X11 forwarding even if it was disabled.

This is the vendor fix provided, not an actual revision of clientloop.c.

Submitted by:	Markus Friedl <markus@OpenBSD.org> via kris
This commit is contained in:
Brian Feldman 2000-11-14 03:51:53 +00:00
parent b66f2d16a0
commit 4899dde749

View File

@ -75,6 +75,8 @@ RCSID("$OpenBSD: clientloop.c,v 1.34 2000/09/07 20:40:30 markus Exp $");
#include "buffer.h"
#include "bufaux.h"
extern Options options;
/* Flag indicating that stdin should be redirected from /dev/null. */
extern int stdin_null_flag;
@ -793,7 +795,6 @@ simple_escape_filter(Channel *c, char *buf, int len)
int
client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
{
extern Options options;
double start_time, total_time;
int len;
char buf[100];
@ -1036,7 +1037,7 @@ client_input_channel_open(int type, int plen)
debug("client_input_channel_open: ctype %s rchan %d win %d max %d",
ctype, rchan, rwindow, rmaxpack);
if (strcmp(ctype, "x11") == 0) {
if (strcmp(ctype, "x11") == 0 && options.forward_x11) {
int sock;
char *originator;
int originator_port;
@ -1108,11 +1109,14 @@ client_init_dispatch_13()
dispatch_set(SSH_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
dispatch_set(SSH_SMSG_AGENT_OPEN, &auth_input_open_request);
dispatch_set(SSH_SMSG_EXITSTATUS, &client_input_exit_status);
dispatch_set(SSH_SMSG_STDERR_DATA, &client_input_stderr_data);
dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
dispatch_set(SSH_SMSG_X11_OPEN, &x11_input_open);
dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
&auth_input_open_request : NULL);
dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
&x11_input_open : NULL);
}
void
client_init_dispatch_15()