diff options
| author | Renato Botelho <renato@netgate.com> | 2016-03-14 07:56:21 -0300 |
|---|---|---|
| committer | Renato Botelho <renato@netgate.com> | 2016-03-14 07:56:21 -0300 |
| commit | a26e4b3de35515ec3eaf2eb76b001a6a502bf56c (patch) | |
| tree | 66dd86f3e16db9b45f07c989e95501b6456cf6a5 /crypto/openssh/mux.c | |
| parent | 7d66bf7f17e48798ec04b7a6d99daff1820e28f8 (diff) | |
| parent | a64e8d254dc9ecd38594b71dcd7d53c6084c5abc (diff) | |
| download | FreeBSD-src-a26e4b3de35515ec3eaf2eb76b001a6a502bf56c.zip FreeBSD-src-a26e4b3de35515ec3eaf2eb76b001a6a502bf56c.tar.gz | |
Merge remote-tracking branch 'origin/stable/10' into devel
Diffstat (limited to 'crypto/openssh/mux.c')
| -rw-r--r-- | crypto/openssh/mux.c | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/crypto/openssh/mux.c b/crypto/openssh/mux.c index 1ab9339..dd40b38 100644 --- a/crypto/openssh/mux.c +++ b/crypto/openssh/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.58 2016/01/13 23:04:47 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> * @@ -1355,16 +1355,18 @@ mux_session_confirm(int id, int success, void *arg) char *proto, *data; /* Get reasonable local authentication information. */ - client_x11_get_proto(display, options.xauth_location, + if (client_x11_get_proto(display, options.xauth_location, options.forward_x11_trusted, options.forward_x11_timeout, - &proto, &data); - /* Request forwarding with authentication spoofing. */ - debug("Requesting X11 forwarding with authentication " - "spoofing."); - x11_request_forwarding_with_spoofing(id, display, proto, - data, 1); - client_expect_confirm(id, "X11 forwarding", CONFIRM_WARN); - /* XXX exit_on_forward_failure */ + &proto, &data) == 0) { + /* Request forwarding with authentication spoofing. */ + debug("Requesting X11 forwarding with authentication " + "spoofing."); + x11_request_forwarding_with_spoofing(id, display, proto, + data, 1); + /* XXX exit_on_forward_failure */ + client_expect_confirm(id, "X11 forwarding", + CONFIRM_WARN); + } } if (cctx->want_agent_fwd && options.forward_agent) { @@ -1745,7 +1747,7 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd) fwd->connect_host ? fwd->connect_host : "", fwd->connect_port); if (muxclient_command == SSHMUX_COMMAND_FORWARD) - fprintf(stdout, "%u\n", fwd->allocated_port); + fprintf(stdout, "%i\n", fwd->allocated_port); break; case MUX_S_PERMISSION_DENIED: e = buffer_get_string(&m, NULL); @@ -1890,6 +1892,10 @@ mux_client_request_session(int fd) } muxclient_request_id++; + if (pledge("stdio proc tty", NULL) == -1) + fatal("%s pledge(): %s", __func__, strerror(errno)); + platform_pledge_mux(); + signal(SIGHUP, control_client_sighandler); signal(SIGINT, control_client_sighandler); signal(SIGTERM, control_client_sighandler); @@ -1997,6 +2003,10 @@ mux_client_request_stdio_fwd(int fd) mm_send_fd(fd, STDOUT_FILENO) == -1) fatal("%s: send fds failed", __func__); + if (pledge("stdio proc tty", NULL) == -1) + fatal("%s pledge(): %s", __func__, strerror(errno)); + platform_pledge_mux(); + debug3("%s: stdio forward request sent", __func__); /* Read their reply */ @@ -2170,7 +2180,7 @@ muxclient(const char *path) case SSHMUX_COMMAND_ALIVE_CHECK: if ((pid = mux_client_request_alive(sock)) == 0) fatal("%s: master alive check failed", __func__); - fprintf(stderr, "Master running (pid=%d)\r\n", pid); + fprintf(stderr, "Master running (pid=%u)\r\n", pid); exit(0); case SSHMUX_COMMAND_TERMINATE: mux_client_request_terminate(sock); |
