[src/trunk]: src/crypto/dist/ssh correct validation on X11 forwarding. from ...

[itojun <itojun%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/b3ceff4a0884
branches:  trunk
changeset: 499144:b3ceff4a0884
user:      itojun <itojun%NetBSD.org@localhost>
date:      Mon Nov 13 02:30:38 2000 +0000

description:
correct validation on X11 forwarding.  from markus@openbsd

diffstat:

 crypto/dist/ssh/clientloop.c |  16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diffs (61 lines):

diff -r 61e97c77d7fd -r b3ceff4a0884 crypto/dist/ssh/clientloop.c
--- a/crypto/dist/ssh/clientloop.c      Mon Nov 13 01:22:39 2000 +0000
+++ b/crypto/dist/ssh/clientloop.c      Mon Nov 13 02:30:38 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: clientloop.c,v 1.1.1.1 2000/09/28 22:09:59 thorpej Exp $       */
+/*     $NetBSD: clientloop.c,v 1.2 2000/11/13 02:30:38 itojun Exp $    */
 
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -64,7 +64,7 @@
 
 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: clientloop.c,v 1.1.1.1 2000/09/28 22:09:59 thorpej Exp $");
+__RCSID("$NetBSD: clientloop.c,v 1.2 2000/11/13 02:30:38 itojun Exp $");
 #endif
 
 #include "includes.h"
@@ -85,6 +85,8 @@
 #include "buffer.h"
 #include "bufaux.h"
 
+extern Options options;
+
 /* Flag indicating that stdin should be redirected from /dev/null. */
 extern int stdin_null_flag;
 
@@ -802,7 +804,6 @@
 int
 client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 {
-       extern Options options;
        double start_time, total_time;
        int len;
        char buf[100];
@@ -1045,7 +1046,7 @@
        debug("client_input_channel_open: ctype %s rchan %d win %d max %d",
            ctype, rchan, rwindow, rmaxpack);
 
-       if (strcmp(ctype, "x11") == 0) {
+       if (strcmp(ctype, "x11") == 0 && options.forward_x11) {
                int sock;
                char *originator;
                int originator_port;
@@ -1117,11 +1118,14 @@
        dispatch_set(SSH_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
        dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
        dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
-       dispatch_set(SSH_SMSG_AGENT_OPEN, &auth_input_open_request);
        dispatch_set(SSH_SMSG_EXITSTATUS, &client_input_exit_status);
        dispatch_set(SSH_SMSG_STDERR_DATA, &client_input_stderr_data);
        dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
-       dispatch_set(SSH_SMSG_X11_OPEN, &x11_input_open);
+
+       dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
+           &auth_input_open_request : NULL);
+       dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
+           &x11_input_open : NULL);
 }
 static void
 client_init_dispatch_15(void)