[u/mdw/putty] / x11fwd.c

#include <stdio.h>
#include <stdlib.h>

#include "putty.h"
#include "ssh.h"

#define GET_32BIT_LSB_FIRST(cp) \
  (((unsigned long)(unsigned char)(cp)[0]) | \
  ((unsigned long)(unsigned char)(cp)[1] << 8) | \
  ((unsigned long)(unsigned char)(cp)[2] << 16) | \
  ((unsigned long)(unsigned char)(cp)[3] << 24))

#define PUT_32BIT_LSB_FIRST(cp, value) ( \
  (cp)[0] = (value), \
  (cp)[1] = (value) >> 8, \
  (cp)[2] = (value) >> 16, \
  (cp)[3] = (value) >> 24 )

#define GET_16BIT_LSB_FIRST(cp) \
  (((unsigned long)(unsigned char)(cp)[0]) | \
  ((unsigned long)(unsigned char)(cp)[1] << 8))

#define PUT_16BIT_LSB_FIRST(cp, value) ( \
  (cp)[0] = (value), \
  (cp)[1] = (value) >> 8 )

#define GET_32BIT_MSB_FIRST(cp) \
  (((unsigned long)(unsigned char)(cp)[0] << 24) | \
  ((unsigned long)(unsigned char)(cp)[1] << 16) | \
  ((unsigned long)(unsigned char)(cp)[2] << 8) | \
  ((unsigned long)(unsigned char)(cp)[3]))

#define PUT_32BIT_MSB_FIRST(cp, value) ( \
  (cp)[0] = (value) >> 24, \
  (cp)[1] = (value) >> 16, \
  (cp)[2] = (value) >> 8, \
  (cp)[3] = (value) )

#define GET_16BIT_MSB_FIRST(cp) \
  (((unsigned long)(unsigned char)(cp)[0] << 8) | \
  ((unsigned long)(unsigned char)(cp)[1]))

#define PUT_16BIT_MSB_FIRST(cp, value) ( \
  (cp)[0] = (value) >> 8, \
  (cp)[1] = (value) )

#define GET_16BIT(endian, cp) \
  (endian=='B' ? GET_16BIT_MSB_FIRST(cp) : GET_16BIT_LSB_FIRST(cp))

#define PUT_16BIT(endian, cp, val) \
  (endian=='B' ? PUT_16BIT_MSB_FIRST(cp, val) : PUT_16BIT_LSB_FIRST(cp, val))

struct X11Auth {
    unsigned char data[64];
    int len;
};

struct X11Private {
    const struct plug_function_table *fn;
    /* the above variable absolutely *must* be the first in this structure */
    unsigned char firstpkt[12];	       /* first X data packet */
    struct X11Auth *auth;
    char *auth_protocol;
    unsigned char *auth_data;
    int data_read, auth_plen, auth_psize, auth_dlen, auth_dsize;
    int verified;
    int throttled, throttle_override;
    void *c;			       /* data used by ssh.c */
    Socket s;
};

void x11_close(Socket s);

void *x11_invent_auth(char *proto, int protomaxlen,
		     char *data, int datamaxlen)
{
    struct X11Auth *auth = smalloc(sizeof(struct X11Auth));
    char ourdata[64];
    int i;

    /* MIT-MAGIC-COOKIE-1. Cookie size is 128 bits (16 bytes). */
    auth->len = 16;
    for (i = 0; i < 16; i++)
	auth->data[i] = random_byte();

    /* Now format for the recipient. */
    strncpy(proto, "MIT-MAGIC-COOKIE-1", protomaxlen);
    ourdata[0] = '\0';
    for (i = 0; i < auth->len; i++)
	sprintf(ourdata + strlen(ourdata), "%02x", auth->data[i]);
    strncpy(data, ourdata, datamaxlen);

    return auth;
}

static int x11_verify(struct X11Auth *auth,
		      char *proto, unsigned char *data, int dlen)
{
    if (strcmp(proto, "MIT-MAGIC-COOKIE-1") != 0)
	return 0;		       /* wrong protocol attempted */
    if (dlen != auth->len)
	return 0;		       /* cookie was wrong length */
    if (memcmp(auth->data, data, dlen) != 0)
	return 0;		       /* cookie was wrong cookie! */
    return 1;
}

static int x11_closing(Plug plug, char *error_msg, int error_code,
		       int calling_back)
{
    struct X11Private *pr = (struct X11Private *) plug;

    /*
     * We have no way to communicate down the forwarded connection,
     * so if an error occurred on the socket, we just ignore it
     * and treat it like a proper close.
     */
    sshfwd_close(pr->c);
    x11_close(pr->s);
    return 1;
}

static int x11_receive(Plug plug, int urgent, char *data, int len)
{
    struct X11Private *pr = (struct X11Private *) plug;

    if (sshfwd_write(pr->c, data, len) > 0) {
	pr->throttled = 1;
	sk_set_frozen(pr->s, 1);
    }

    return 1;
}

static void x11_sent(Plug plug, int bufsize)
{
    struct X11Private *pr = (struct X11Private *) plug;

    sshfwd_unthrottle(pr->c, bufsize);
}

/*
 * When setting up X forwarding, we should send the screen number
 * from the specified local display. This function extracts it from
 * the display string.
 */
int x11_get_screen_number(char *display)
{
    int n;

    n = strcspn(display, ":");
    if (!display[n])
	return 0;
    n = strcspn(display, ".");
    if (!display[n])
	return 0;
    return atoi(display + n + 1);
}

/*
 * Called to set up the raw connection.
 * 
 * Returns an error message, or NULL on success.
 * also, fills the SocketsStructure
 */
char *x11_init(Socket * s, char *display, void *c, void *auth)
{
    static const struct plug_function_table fn_table = {
	x11_closing,
	x11_receive,
	x11_sent,
	NULL
    };

    SockAddr addr;
    int port;
    char *err, *dummy_realhost;
    char host[128];
    int n, displaynum;
    struct X11Private *pr;

    /*
     * Split up display name into host and display-number parts.
     */
    n = strcspn(display, ":");
    if (display[n])
	displaynum = atoi(display + n + 1);
    else
	displaynum = 0;		       /* sensible default */
    if (n > sizeof(host) - 1)
	n = sizeof(host) - 1;
    strncpy(host, display, n);
    host[n] = '\0';

    /*
     * Try to find host.
     */
    addr = name_lookup(host, port, &dummy_realhost);
    if ((err = sk_addr_error(addr)))
	return err;

    port = 6000 + displaynum;

    /*
     * Open socket.
     */
    pr = (struct X11Private *) smalloc(sizeof(struct X11Private));
    pr->fn = &fn_table;
    pr->auth_protocol = NULL;
    pr->auth = (struct X11Auth *)auth;
    pr->verified = 0;
    pr->data_read = 0;
    pr->throttled = pr->throttle_override = 0;
    pr->c = c;

    pr->s = *s = new_connection(addr, dummy_realhost, port, 0, 1, 0, (Plug) pr);
    if ((err = sk_socket_error(*s))) {
	sfree(pr);
	return err;
    }

    sk_set_private_ptr(*s, pr);
    sk_addr_free(addr);
    return NULL;
}

void x11_close(Socket s)
{
    struct X11Private *pr;
    if (!s)
	return;
    pr = (struct X11Private *) sk_get_private_ptr(s);
    if (pr->auth_protocol) {
	sfree(pr->auth_protocol);
	sfree(pr->auth_data);
    }

    sfree(pr);

    sk_close(s);
}

void x11_unthrottle(Socket s)
{
    struct X11Private *pr;
    if (!s)
	return;
    pr = (struct X11Private *) sk_get_private_ptr(s);

    pr->throttled = 0;
    sk_set_frozen(s, pr->throttled || pr->throttle_override);
}

void x11_override_throttle(Socket s, int enable)
{
    struct X11Private *pr;
    if (!s)
	return;
    pr = (struct X11Private *) sk_get_private_ptr(s);

    pr->throttle_override = enable;
    sk_set_frozen(s, pr->throttled || pr->throttle_override);
}

/*
 * Called to send data down the raw connection.
 */
int x11_send(Socket s, char *data, int len)
{
    struct X11Private *pr = (struct X11Private *) sk_get_private_ptr(s);

    if (s == NULL)
	return 0;

    /*
     * Read the first packet.
     */
    while (len > 0 && pr->data_read < 12)
	pr->firstpkt[pr->data_read++] = (unsigned char) (len--, *data++);
    if (pr->data_read < 12)
	return 0;

    /*
     * If we have not allocated the auth_protocol and auth_data
     * strings, do so now.
     */
    if (!pr->auth_protocol) {
	pr->auth_plen = GET_16BIT(pr->firstpkt[0], pr->firstpkt + 6);
	pr->auth_dlen = GET_16BIT(pr->firstpkt[0], pr->firstpkt + 8);
	pr->auth_psize = (pr->auth_plen + 3) & ~3;
	pr->auth_dsize = (pr->auth_dlen + 3) & ~3;
	/* Leave room for a terminating zero, to make our lives easier. */
	pr->auth_protocol = (char *) smalloc(pr->auth_psize + 1);
	pr->auth_data = (char *) smalloc(pr->auth_dsize);
    }

    /*
     * Read the auth_protocol and auth_data strings.
     */
    while (len > 0 && pr->data_read < 12 + pr->auth_psize)
	pr->auth_protocol[pr->data_read++ - 12] = (len--, *data++);
    while (len > 0 && pr->data_read < 12 + pr->auth_psize + pr->auth_dsize)
	pr->auth_data[pr->data_read++ - 12 -
		      pr->auth_psize] = (unsigned char) (len--, *data++);
    if (pr->data_read < 12 + pr->auth_psize + pr->auth_dsize)
	return 0;

    /*
     * If we haven't verified the authentication, do so now.
     */
    if (!pr->verified) {
	int ret;

	pr->auth_protocol[pr->auth_plen] = '\0';	/* ASCIZ */
	ret = x11_verify(pr->auth, pr->auth_protocol,
			 pr->auth_data, pr->auth_dlen);

	/*
	 * If authentication failed, construct and send an error
	 * packet, then terminate the connection.
	 */
	if (!ret) {
	    char message[] = "Authentication failed at PuTTY X11 proxy";
	    unsigned char reply[8 + sizeof(message) + 4];
	    int msglen = sizeof(message) - 1;	/* skip zero byte */
	    int msgsize = (msglen + 3) & ~3;
	    reply[0] = 0;	       /* failure */
	    reply[1] = msglen;	       /* length of reason string */
	    memcpy(reply + 2, pr->firstpkt + 2, 4);	/* major/minor proto vsn */
	    PUT_16BIT(pr->firstpkt[0], reply + 6, msgsize >> 2);/* data len */
	    memset(reply + 8, 0, msgsize);
	    memcpy(reply + 8, message, msglen);
	    sshfwd_write(pr->c, reply, 8 + msgsize);
	    sshfwd_close(pr->c);
	    x11_close(s);
	    return 0;
	}

	/*
	 * Now we know we're going to accept the connection. Strip
	 * the auth data. (TODO: if we ever work out how, we should
	 * replace some real auth data in here.)
	 */
	PUT_16BIT(pr->firstpkt[0], pr->firstpkt + 6, 0);	/* auth proto */
	PUT_16BIT(pr->firstpkt[0], pr->firstpkt + 8, 0);	/* auth data */
	sk_write(s, pr->firstpkt, 12);
	pr->verified = 1;
    }

    /*
     * After initialisation, just copy data simply.
     */

    return sk_write(s, data, len);
}
Commit	Line	Data
9c964e85	1	#include <stdio.h>
	2	#include <stdlib.h>
	3
	4	#include "putty.h"
	5	#include "ssh.h"
	6
9c964e85	7	#define GET_32BIT_LSB_FIRST(cp) \
	8	(((unsigned long)(unsigned char)(cp)[0]) \| \
	9	((unsigned long)(unsigned char)(cp)[1] << 8) \| \
	10	((unsigned long)(unsigned char)(cp)[2] << 16) \| \
	11	((unsigned long)(unsigned char)(cp)[3] << 24))
	12
	13	#define PUT_32BIT_LSB_FIRST(cp, value) ( \
	14	(cp)[0] = (value), \
	15	(cp)[1] = (value) >> 8, \
	16	(cp)[2] = (value) >> 16, \
	17	(cp)[3] = (value) >> 24 )
	18
	19	#define GET_16BIT_LSB_FIRST(cp) \
	20	(((unsigned long)(unsigned char)(cp)[0]) \| \
	21	((unsigned long)(unsigned char)(cp)[1] << 8))
	22
	23	#define PUT_16BIT_LSB_FIRST(cp, value) ( \
	24	(cp)[0] = (value), \
	25	(cp)[1] = (value) >> 8 )
	26
	27	#define GET_32BIT_MSB_FIRST(cp) \
	28	(((unsigned long)(unsigned char)(cp)[0] << 24) \| \
	29	((unsigned long)(unsigned char)(cp)[1] << 16) \| \
	30	((unsigned long)(unsigned char)(cp)[2] << 8) \| \
	31	((unsigned long)(unsigned char)(cp)[3]))
	32
	33	#define PUT_32BIT_MSB_FIRST(cp, value) ( \
	34	(cp)[0] = (value) >> 24, \
	35	(cp)[1] = (value) >> 16, \
	36	(cp)[2] = (value) >> 8, \
	37	(cp)[3] = (value) )
	38
	39	#define GET_16BIT_MSB_FIRST(cp) \
	40	(((unsigned long)(unsigned char)(cp)[0] << 8) \| \
	41	((unsigned long)(unsigned char)(cp)[1]))
	42
	43	#define PUT_16BIT_MSB_FIRST(cp, value) ( \
	44	(cp)[0] = (value) >> 8, \
	45	(cp)[1] = (value) )
	46
	47	#define GET_16BIT(endian, cp) \
	48	(endian=='B' ? GET_16BIT_MSB_FIRST(cp) : GET_16BIT_LSB_FIRST(cp))
	49
	50	#define PUT_16BIT(endian, cp, val) \
	51	(endian=='B' ? PUT_16BIT_MSB_FIRST(cp, val) : PUT_16BIT_LSB_FIRST(cp, val))
	52
302121de	53	struct X11Auth {
	54	unsigned char data[64];
	55	int len;
	56	};
	57
9c964e85	58	struct X11Private {
302121de	59	const struct plug_function_table *fn;
7e78000d	60	/* the above variable absolutely must be the first in this structure */
32874aea	61	unsigned char firstpkt[12]; /* first X data packet */
302121de	62	struct X11Auth *auth;
9c964e85	63	char *auth_protocol;
	64	unsigned char *auth_data;
	65	int data_read, auth_plen, auth_psize, auth_dlen, auth_dsize;
	66	int verified;
5471d09a	67	int throttled, throttle_override;
32874aea	68	void c; / data used by ssh.c */
7e78000d	69	Socket s;
9c964e85	70	};
9c964e85	71
32874aea	72	void x11_close(Socket s);
9c964e85	73
302121de	74	void x11_invent_auth(char proto, int protomaxlen,
32874aea	75	char *data, int datamaxlen)
32874aea	76	{
302121de	77	struct X11Auth *auth = smalloc(sizeof(struct X11Auth));
9c964e85	78	char ourdata[64];
	79	int i;
	80
	81	/* MIT-MAGIC-COOKIE-1. Cookie size is 128 bits (16 bytes). */
302121de	82	auth->len = 16;
9c964e85	83	for (i = 0; i < 16; i++)
302121de	84	auth->data[i] = random_byte();
9c964e85	85
	86	/* Now format for the recipient. */
	87	strncpy(proto, "MIT-MAGIC-COOKIE-1", protomaxlen);
	88	ourdata[0] = '\0';
302121de	89	for (i = 0; i < auth->len; i++)
302121de	90	sprintf(ourdata + strlen(ourdata), "%02x", auth->data[i]);
9c964e85	91	strncpy(data, ourdata, datamaxlen);
302121de	92
302121de	93	return auth;
9c964e85	94	}
9c964e85	95
302121de	96	static int x11_verify(struct X11Auth *auth,
302121de	97	char proto, unsigned char data, int dlen)
32874aea	98	{
9c964e85	99	if (strcmp(proto, "MIT-MAGIC-COOKIE-1") != 0)
32874aea	100	return 0; /* wrong protocol attempted */
302121de	101	if (dlen != auth->len)
32874aea	102	return 0; /* cookie was wrong length */
302121de	103	if (memcmp(auth->data, data, dlen) != 0)
32874aea	104	return 0; /* cookie was wrong cookie! */
9c964e85	105	return 1;
	106	}
	107
32874aea	108	static int x11_closing(Plug plug, char *error_msg, int error_code,
	109	int calling_back)
	110	{
7e78000d	111	struct X11Private pr = (struct X11Private ) plug;
	112
	113	/*
	114	* We have no way to communicate down the forwarded connection,
	115	* so if an error occurred on the socket, we just ignore it
	116	* and treat it like a proper close.
	117	*/
	118	sshfwd_close(pr->c);
	119	x11_close(pr->s);
	120	return 1;
	121	}
	122
32874aea	123	static int x11_receive(Plug plug, int urgent, char *data, int len)
32874aea	124	{
7e78000d	125	struct X11Private pr = (struct X11Private ) plug;
9c964e85	126
5471d09a	127	if (sshfwd_write(pr->c, data, len) > 0) {
	128	pr->throttled = 1;
	129	sk_set_frozen(pr->s, 1);
	130	}
	131
9c964e85	132	return 1;
	133	}
	134
5471d09a	135	static void x11_sent(Plug plug, int bufsize)
	136	{
	137	struct X11Private pr = (struct X11Private ) plug;
	138
	139	sshfwd_unthrottle(pr->c, bufsize);
	140	}
	141
9c964e85	142	/*
421d6835	143	* When setting up X forwarding, we should send the screen number
	144	* from the specified local display. This function extracts it from
	145	* the display string.
	146	*/
	147	int x11_get_screen_number(char *display)
	148	{
	149	int n;
	150
	151	n = strcspn(display, ":");
	152	if (!display[n])
	153	return 0;
	154	n = strcspn(display, ".");
	155	if (!display[n])
	156	return 0;
	157	return atoi(display + n + 1);
	158	}
	159
	160	/*
9c964e85	161	* Called to set up the raw connection.
	162	*
	163	* Returns an error message, or NULL on success.
	164	* also, fills the SocketsStructure
9c964e85	165	*/
302121de	166	char x11_init(Socket s, char display, void c, void *auth)
32874aea	167	{
302121de	168	static const struct plug_function_table fn_table = {
7e78000d	169	x11_closing,
5471d09a	170	x11_receive,
	171	x11_sent,
	172	NULL
7e78000d	173	};
7e78000d	174
9c964e85	175	SockAddr addr;
9c964e85	176	int port;
0c6c9a70	177	char err, dummy_realhost;
9c964e85	178	char host[128];
	179	int n, displaynum;
	180	struct X11Private *pr;
	181
	182	/*
	183	* Split up display name into host and display-number parts.
	184	*/
	185	n = strcspn(display, ":");
	186	if (display[n])
32874aea	187	displaynum = atoi(display + n + 1);
9c964e85	188	else
32874aea	189	displaynum = 0; /* sensible default */
	190	if (n > sizeof(host) - 1)
	191	n = sizeof(host) - 1;
9c964e85	192	strncpy(host, display, n);
	193	host[n] = '\0';
	194
	195	/*
	196	* Try to find host.
	197	*/
b7a189f3	198	addr = name_lookup(host, port, &dummy_realhost);
32874aea	199	if ((err = sk_addr_error(addr)))
9c964e85	200	return err;
	201
	202	port = 6000 + displaynum;
	203
	204	/*
	205	* Open socket.
	206	*/
32874aea	207	pr = (struct X11Private *) smalloc(sizeof(struct X11Private));
7e78000d	208	pr->fn = &fn_table;
9c964e85	209	pr->auth_protocol = NULL;
302121de	210	pr->auth = (struct X11Auth *)auth;
9c964e85	211	pr->verified = 0;
9c964e85	212	pr->data_read = 0;
5471d09a	213	pr->throttled = pr->throttle_override = 0;
9c964e85	214	pr->c = c;
9c964e85	215
8eebd221	216	pr->s = *s = new_connection(addr, dummy_realhost, port, 0, 1, 0, (Plug) pr);
32874aea	217	if ((err = sk_socket_error(*s))) {
32874aea	218	sfree(pr);
7e78000d	219	return err;
	220	}
	221
9c964e85	222	sk_set_private_ptr(*s, pr);
	223	sk_addr_free(addr);
	224	return NULL;
	225	}
	226
32874aea	227	void x11_close(Socket s)
	228	{
	229	struct X11Private *pr;
d74d141c	230	if (!s)
	231	return;
	232	pr = (struct X11Private *) sk_get_private_ptr(s);
9c964e85	233	if (pr->auth_protocol) {
32874aea	234	sfree(pr->auth_protocol);
32874aea	235	sfree(pr->auth_data);
9c964e85	236	}
	237
	238	sfree(pr);
	239
	240	sk_close(s);
	241	}
	242
5471d09a	243	void x11_unthrottle(Socket s)
	244	{
	245	struct X11Private *pr;
	246	if (!s)
	247	return;
	248	pr = (struct X11Private *) sk_get_private_ptr(s);
	249
	250	pr->throttled = 0;
	251	sk_set_frozen(s, pr->throttled \|\| pr->throttle_override);
	252	}
	253
	254	void x11_override_throttle(Socket s, int enable)
	255	{
	256	struct X11Private *pr;
	257	if (!s)
	258	return;
	259	pr = (struct X11Private *) sk_get_private_ptr(s);
	260
	261	pr->throttle_override = enable;
	262	sk_set_frozen(s, pr->throttled \|\| pr->throttle_override);
	263	}
	264
9c964e85	265	/*
	266	* Called to send data down the raw connection.
	267	*/
5471d09a	268	int x11_send(Socket s, char *data, int len)
32874aea	269	{
32874aea	270	struct X11Private pr = (struct X11Private ) sk_get_private_ptr(s);
9c964e85	271
9c964e85	272	if (s == NULL)
5471d09a	273	return 0;
9c964e85	274
	275	/*
	276	* Read the first packet.
	277	*/
	278	while (len > 0 && pr->data_read < 12)
32874aea	279	pr->firstpkt[pr->data_read++] = (unsigned char) (len--, *data++);
9c964e85	280	if (pr->data_read < 12)
5471d09a	281	return 0;
9c964e85	282
	283	/*
	284	* If we have not allocated the auth_protocol and auth_data
	285	* strings, do so now.
	286	*/
	287	if (!pr->auth_protocol) {
32874aea	288	pr->auth_plen = GET_16BIT(pr->firstpkt[0], pr->firstpkt + 6);
	289	pr->auth_dlen = GET_16BIT(pr->firstpkt[0], pr->firstpkt + 8);
	290	pr->auth_psize = (pr->auth_plen + 3) & ~3;
	291	pr->auth_dsize = (pr->auth_dlen + 3) & ~3;
	292	/* Leave room for a terminating zero, to make our lives easier. */
	293	pr->auth_protocol = (char *) smalloc(pr->auth_psize + 1);
	294	pr->auth_data = (char *) smalloc(pr->auth_dsize);
9c964e85	295	}
	296
	297	/*
	298	* Read the auth_protocol and auth_data strings.
	299	*/
	300	while (len > 0 && pr->data_read < 12 + pr->auth_psize)
32874aea	301	pr->auth_protocol[pr->data_read++ - 12] = (len--, *data++);
9c964e85	302	while (len > 0 && pr->data_read < 12 + pr->auth_psize + pr->auth_dsize)
32874aea	303	pr->auth_data[pr->data_read++ - 12 -
32874aea	304	pr->auth_psize] = (unsigned char) (len--, *data++);
9c964e85	305	if (pr->data_read < 12 + pr->auth_psize + pr->auth_dsize)
5471d09a	306	return 0;
9c964e85	307
	308	/*
	309	* If we haven't verified the authentication, do so now.
	310	*/
	311	if (!pr->verified) {
32874aea	312	int ret;
	313
	314	pr->auth_protocol[pr->auth_plen] = '\0'; /* ASCIZ */
302121de	315	ret = x11_verify(pr->auth, pr->auth_protocol,
302121de	316	pr->auth_data, pr->auth_dlen);
32874aea	317
	318	/*
	319	* If authentication failed, construct and send an error
	320	* packet, then terminate the connection.
	321	*/
	322	if (!ret) {
	323	char message[] = "Authentication failed at PuTTY X11 proxy";
	324	unsigned char reply[8 + sizeof(message) + 4];
	325	int msglen = sizeof(message) - 1; /* skip zero byte */
	326	int msgsize = (msglen + 3) & ~3;
	327	reply[0] = 0; /* failure */
	328	reply[1] = msglen; /* length of reason string */
	329	memcpy(reply + 2, pr->firstpkt + 2, 4); /* major/minor proto vsn */
75105663	330	PUT_16BIT(pr->firstpkt[0], reply + 6, msgsize >> 2);/* data len */
32874aea	331	memset(reply + 8, 0, msgsize);
	332	memcpy(reply + 8, message, msglen);
	333	sshfwd_write(pr->c, reply, 8 + msgsize);
	334	sshfwd_close(pr->c);
	335	x11_close(s);
5471d09a	336	return 0;
32874aea	337	}
	338
	339	/*
	340	* Now we know we're going to accept the connection. Strip
	341	* the auth data. (TODO: if we ever work out how, we should
	342	* replace some real auth data in here.)
	343	*/
	344	PUT_16BIT(pr->firstpkt[0], pr->firstpkt + 6, 0); /* auth proto */
	345	PUT_16BIT(pr->firstpkt[0], pr->firstpkt + 8, 0); /* auth data */
	346	sk_write(s, pr->firstpkt, 12);
	347	pr->verified = 1;
9c964e85	348	}
	349
	350	/*
	351	* After initialisation, just copy data simply.
	352	*/
	353
5471d09a	354	return sk_write(s, data, len);
9c964e85	355	}