X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=x11fwd.c;h=584116aa69b29189ae93782da3ed0d5ffd15e2a8;hb=9dc9cca2265989a5a0123c327fc049b3bd82ef30;hp=ea9a157a194be18e54908a22dc1b062eb8cdf74b;hpb=94e8f97d3f6e0701276cb4c17e7479c44d025766;p=PuTTY.git

diff --git a/x11fwd.c b/x11fwd.c
index ea9a157a..584116aa 100644
--- a/x11fwd.c
+++ b/x11fwd.c
@@ -75,6 +75,31 @@ struct X11FakeAuth *x11_invent_fake_auth(tree234 *authtree, int authtype)
     struct X11FakeAuth *auth = snew(struct X11FakeAuth);
     int i;
 
+    /*
+     * This function has the job of inventing a set of X11 fake auth
+     * data, and adding it to 'authtree'. We must preserve the
+     * property that for any given actual authorisation attempt, _at
+     * most one_ thing in the tree can possibly match it.
+     *
+     * For MIT-MAGIC-COOKIE-1, that's not too difficult: the match
+     * criterion is simply that the entire cookie is correct, so we
+     * just have to make sure we don't make up two cookies the same.
+     * (Vanishingly unlikely, but we check anyway to be sure, and go
+     * round again inventing a new cookie if add234 tells us the one
+     * we thought of is already in use.)
+     *
+     * For XDM-AUTHORIZATION-1, it's a little more fiddly. The setup
+     * with XA1 is that half the cookie is used as a DES key with
+     * which to CBC-encrypt an assortment of stuff. Happily, the stuff
+     * encrypted _begins_ with the other half of the cookie, and the
+     * IV is always zero, which means that any valid XA1 authorisation
+     * attempt for a given cookie must begin with the same cipher
+     * block, consisting of the DES ECB encryption of the first half
+     * of the cookie using the second half as a key. So we compute
+     * that cipher block here and now, and use it as the sorting key
+     * for distinguishing XA1 entries in the tree.
+     */
+
     if (authtype == X11_MIT) {
 	auth->proto = X11_MIT;
 
@@ -118,6 +143,9 @@ struct X11FakeAuth *x11_invent_fake_auth(tree234 *authtree, int authtype)
 	sprintf(auth->datastring + i*2, "%02x",
 		auth->data[i]);
 
+    auth->disp = NULL;
+    auth->share_cs = auth->share_chan = NULL;
+
     return auth;
 }
 
@@ -162,7 +190,7 @@ int x11_authcmp(void *av, void *bv)
     }
 }
 
-struct X11Display *x11_setup_display(char *display, Conf *conf)
+struct X11Display *x11_setup_display(const char *display, Conf *conf)
 {
     struct X11Display *disp = snew(struct X11Display);
     char *localcopy;
@@ -202,7 +230,7 @@ struct X11Display *x11_setup_display(char *display, Conf *conf)
 	char *colon, *dot, *slash;
 	char *protocol, *hostname;
 
-	colon = strrchr(localcopy, ':');
+	colon = host_strrchr(localcopy, ':');
 	if (!colon) {
 	    sfree(disp);
 	    sfree(localcopy);
@@ -258,7 +286,8 @@ struct X11Display *x11_setup_display(char *display, Conf *conf)
 
 	disp->port = 6000 + disp->displaynum;
 	disp->addr = name_lookup(disp->hostname, disp->port,
-				 &disp->realhost, conf, ADDRTYPE_UNSPEC);
+				 &disp->realhost, conf, ADDRTYPE_UNSPEC,
+                                 NULL, NULL);
     
 	if ((err = sk_addr_error(disp->addr)) != NULL) {
 	    sk_addr_free(disp->addr);
@@ -329,10 +358,10 @@ void x11_free_display(struct X11Display *disp)
 
 #define XDM_MAXSKEW 20*60      /* 20 minute clock skew should be OK */
 
-static char *x11_verify(unsigned long peer_ip, int peer_port,
-			tree234 *authtree, char *proto,
-			unsigned char *data, int dlen,
-                        struct X11FakeAuth **auth_ret)
+static const char *x11_verify(unsigned long peer_ip, int peer_port,
+                              tree234 *authtree, char *proto,
+                              unsigned char *data, int dlen,
+                              struct X11FakeAuth **auth_ret)
 {
     struct X11FakeAuth match_dummy;    /* for passing to find234 */
     struct X11FakeAuth *auth;
@@ -342,10 +371,20 @@ static char *x11_verify(unsigned long peer_ip, int peer_port,
      * record that _might_ match.
      */
     if (!strcmp(proto, x11_authnames[X11_MIT])) {
+        /*
+         * Just look up the whole cookie that was presented to us,
+         * which x11_authcmp will compare against the cookies we
+         * currently believe in.
+         */
         match_dummy.proto = X11_MIT;
         match_dummy.datalen = dlen;
         match_dummy.data = data;
     } else if (!strcmp(proto, x11_authnames[X11_XDM])) {
+        /*
+         * Look up the first cipher block, against the stored first
+         * cipher blocks for the XDM-AUTHORIZATION-1 cookies we
+         * currently know. (See comment in x11_invent_fake_auth.)
+         */
         match_dummy.proto = X11_XDM;
         match_dummy.xa1_firstblock = data;
     } else {
@@ -382,7 +421,8 @@ static char *x11_verify(unsigned long peer_ip, int peer_port,
 	    if (data[i] != 0)	       /* zero padding wrong */
 		return "XDM-AUTHORIZATION-1 data failed check";
 	tim = time(NULL);
-	if (abs(t - tim) > XDM_MAXSKEW)
+	if (((unsigned long)t - (unsigned long)tim
+             + XDM_MAXSKEW) > 2*XDM_MAXSKEW)
 	    return "XDM-AUTHORIZATION-1 time stamp was too far out";
 	seen = snew(struct XDMSeen);
 	seen->time = t;
@@ -639,7 +679,7 @@ int x11_get_screen_number(char *display)
 {
     int n;
 
-    n = strcspn(display, ":");
+    n = host_strcspn(display, ":");
     if (!display[n])
 	return 0;
     n = strcspn(display, ".");
@@ -649,14 +689,11 @@ int x11_get_screen_number(char *display)
 }
 
 /*
- * Called to set up the raw connection.
- * 
- * On success, returns NULL and fills in *xconnret. On error, returns
- * a dynamically allocated error message string.
+ * Called to set up the X11Connection structure, though this does not
+ * yet connect to an actual server.
  */
-extern char *x11_init(struct X11Connection **xconnret,
-                      tree234 *authtree, void *c,
-                      const char *peeraddr, int peerport)
+struct X11Connection *x11_init(tree234 *authtree, void *c,
+                               const char *peeraddr, int peerport)
 {
     static const struct plug_function_table fn_table = {
 	x11_log,
@@ -671,7 +708,7 @@ extern char *x11_init(struct X11Connection **xconnret,
     /*
      * Open socket.
      */
-    xconn = *xconnret = snew(struct X11Connection);
+    xconn = snew(struct X11Connection);
     xconn->fn = &fn_table;
     xconn->auth_protocol = NULL;
     xconn->authtree = authtree;
@@ -698,7 +735,7 @@ extern char *x11_init(struct X11Connection **xconnret,
     xconn->peer_addr = peeraddr ? dupstr(peeraddr) : NULL;
     xconn->peer_port = peerport;
 
-    return NULL;
+    return xconn;
 }
 
 void x11_close(struct X11Connection *xconn)
@@ -846,6 +883,7 @@ int x11_send(struct X11Connection *xconn, char *data, int len)
 
 	xconn->auth_protocol[xconn->auth_plen] = '\0';	/* ASCIZ */
 
+        peer_ip = 0;                   /* placate optimiser */
         if (x11_parse_ip(xconn->peer_addr, &peer_ip))
             peer_port = xconn->peer_port;
         else
@@ -860,10 +898,25 @@ int x11_send(struct X11Connection *xconn, char *data, int len)
         }
         assert(auth_matched);
 
+        /*
+         * If this auth points to a connection-sharing downstream
+         * rather than an X display we know how to connect to
+         * directly, pass it off to the sharing module now.
+         */
+        if (auth_matched->share_cs) {
+            sshfwd_x11_sharing_handover(xconn->c, auth_matched->share_cs,
+                                        auth_matched->share_chan,
+                                        xconn->peer_addr, xconn->peer_port,
+                                        xconn->firstpkt[0],
+                                        protomajor, protominor, data, len);
+            return 0;
+        }
+
         /*
          * Now we know we're going to accept the connection, and what
          * X display to connect to. Actually connect to it.
          */
+        sshfwd_x11_is_local(xconn->c);
         xconn->disp = auth_matched->disp;
         xconn->s = new_connection(sk_addr_dup(xconn->disp->addr),
                                   xconn->disp->realhost, xconn->disp->port, 
@@ -881,7 +934,7 @@ int x11_send(struct X11Connection *xconn, char *data, int len)
          * Write a new connection header containing our replacement
          * auth data.
 	 */
-
+        socketdatalen = 0;             /* placate compiler warning */
         socketdata = sk_getxdmdata(xconn->s, &socketdatalen);
         if (socketdata && socketdatalen==6) {
             sprintf(new_peer_addr, "%d.%d.%d.%d", socketdata[0],
@@ -933,6 +986,44 @@ void x11_send_eof(struct X11Connection *xconn)
             sshfwd_write_eof(xconn->c);
     }
 }
+
+/*
+ * Utility functions used by connection sharing to convert textual
+ * representations of an X11 auth protocol name + hex cookie into our
+ * usual integer protocol id and binary auth data.
+ */
+int x11_identify_auth_proto(const char *protoname)
+{
+    int protocol;
+
+    for (protocol = 1; protocol < lenof(x11_authnames); protocol++)
+        if (!strcmp(protoname, x11_authnames[protocol]))
+            return protocol;
+    return -1;
+}
+
+void *x11_dehexify(const char *hex, int *outlen)
+{
+    int len, i;
+    unsigned char *ret;
+
+    len = strlen(hex) / 2;
+    ret = snewn(len, unsigned char);
+
+    for (i = 0; i < len; i++) {
+        char bytestr[3];
+        unsigned val = 0;
+        bytestr[0] = hex[2*i];
+        bytestr[1] = hex[2*i+1];
+        bytestr[2] = '\0';
+        sscanf(bytestr, "%x", &val);
+        ret[i] = val;
+    }
+
+    *outlen = len;
+    return ret;
+}
+
 /*
  * Construct an X11 greeting packet, including making up the right
  * authorisation data.
@@ -972,7 +1063,8 @@ void *x11_make_greeting(int endian, int protomajor, int protominor,
         t = time(NULL);
         PUT_32BIT_MSB_FIRST(realauthdata+14, t);
 
-        des_encrypt_xdmauth(auth_data + 9, realauthdata, authdatalen);
+        des_encrypt_xdmauth((const unsigned char *)auth_data + 9,
+                            realauthdata, authdatalen);
     } else {
         authdata = realauthdata;
         authdatalen = 0;