typedef struct ssh_tag *Ssh;
-extern char *x11_init(Socket *, char *, void *);
+extern char *x11_init(Socket *, char *, void *, void *);
extern void x11_close(Socket);
extern int x11_send(Socket, char *, int);
-extern void x11_invent_auth(char *, int, char *, int);
+extern void *x11_invent_auth(char *, int, char *, int);
extern void x11_unthrottle(Socket s);
extern void x11_override_throttle(Socket s, int enable);
char *portfwd_strptr;
int pkt_ctx;
+ void *x11auth;
+
int version;
int v1_throttle_count;
int overall_bufsize;
if (cfg.x11_forward) {
char proto[20], data[64];
logevent("Requesting X11 forwarding");
- x11_invent_auth(proto, sizeof(proto), data, sizeof(data));
+ ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
+ data, sizeof(data));
if (ssh->v1_local_protoflags & SSH1_PROTOFLAG_SCREEN_NUMBER) {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
PKT_STR, proto, PKT_STR, data,
c = smalloc(sizeof(struct ssh_channel));
c->ssh = ssh;
- if (x11_init(&c->u.x11.s, cfg.x11_display, c) != NULL) {
+ if (x11_init(&c->u.x11.s, cfg.x11_display, c,
+ ssh->x11auth) != NULL) {
logevent("opening X11 forward connection failed");
sfree(c);
send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE,
if (cfg.x11_forward) {
char proto[20], data[64];
logevent("Requesting X11 forwarding");
- x11_invent_auth(proto, sizeof(proto), data, sizeof(data));
+ ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
+ data, sizeof(data));
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
ssh2_pkt_addstring(ssh, "x11-req");
if (typelen == 3 && !memcmp(type, "x11", 3)) {
if (!ssh->X11_fwd_enabled)
error = "X11 forwarding is not enabled";
- else if (x11_init(&c->u.x11.s, cfg.x11_display, c) !=
- NULL) {
+ else if (x11_init(&c->u.x11.s, cfg.x11_display, c,
+ ssh->x11auth) != NULL) {
error = "Unable to open an X11 connection";
} else {
c->type = CHAN_X11;
ssh->deferred_size = 0;
ssh->fallback_cmd = 0;
ssh->pkt_ctx = 0;
+ ssh->x11auth = NULL;
ssh->v2_outgoing_sequence = 0;
ssh->ssh1_rdpkt_crstate = 0;
ssh->ssh2_rdpkt_crstate = 0;
#define PUT_16BIT(endian, cp, val) \
(endian=='B' ? PUT_16BIT_MSB_FIRST(cp, val) : PUT_16BIT_LSB_FIRST(cp, val))
+struct X11Auth {
+ unsigned char data[64];
+ int len;
+};
+
struct X11Private {
- struct plug_function_table *fn;
+ const struct plug_function_table *fn;
/* the above variable absolutely *must* be the first in this structure */
unsigned char firstpkt[12]; /* first X data packet */
+ struct X11Auth *auth;
char *auth_protocol;
unsigned char *auth_data;
int data_read, auth_plen, auth_psize, auth_dlen, auth_dsize;
void x11_close(Socket s);
-static unsigned char x11_authdata[64];
-static int x11_authdatalen;
-
-void x11_invent_auth(char *proto, int protomaxlen,
+void *x11_invent_auth(char *proto, int protomaxlen,
char *data, int datamaxlen)
{
+ struct X11Auth *auth = smalloc(sizeof(struct X11Auth));
char ourdata[64];
int i;
/* MIT-MAGIC-COOKIE-1. Cookie size is 128 bits (16 bytes). */
- x11_authdatalen = 16;
+ auth->len = 16;
for (i = 0; i < 16; i++)
- x11_authdata[i] = random_byte();
+ auth->data[i] = random_byte();
/* Now format for the recipient. */
strncpy(proto, "MIT-MAGIC-COOKIE-1", protomaxlen);
ourdata[0] = '\0';
- for (i = 0; i < x11_authdatalen; i++)
- sprintf(ourdata + strlen(ourdata), "%02x", x11_authdata[i]);
+ for (i = 0; i < auth->len; i++)
+ sprintf(ourdata + strlen(ourdata), "%02x", auth->data[i]);
strncpy(data, ourdata, datamaxlen);
+
+ return auth;
}
-static int x11_verify(char *proto, unsigned char *data, int dlen)
+static int x11_verify(struct X11Auth *auth,
+ char *proto, unsigned char *data, int dlen)
{
if (strcmp(proto, "MIT-MAGIC-COOKIE-1") != 0)
return 0; /* wrong protocol attempted */
- if (dlen != x11_authdatalen)
+ if (dlen != auth->len)
return 0; /* cookie was wrong length */
- if (memcmp(x11_authdata, data, dlen) != 0)
+ if (memcmp(auth->data, data, dlen) != 0)
return 0; /* cookie was wrong cookie! */
return 1;
}
* Returns an error message, or NULL on success.
* also, fills the SocketsStructure
*/
-char *x11_init(Socket * s, char *display, void *c)
+char *x11_init(Socket * s, char *display, void *c, void *auth)
{
- static struct plug_function_table fn_table = {
+ static const struct plug_function_table fn_table = {
x11_closing,
x11_receive,
x11_sent,
pr = (struct X11Private *) smalloc(sizeof(struct X11Private));
pr->fn = &fn_table;
pr->auth_protocol = NULL;
+ pr->auth = (struct X11Auth *)auth;
pr->verified = 0;
pr->data_read = 0;
pr->throttled = pr->throttle_override = 0;
int ret;
pr->auth_protocol[pr->auth_plen] = '\0'; /* ASCIZ */
- ret = x11_verify(pr->auth_protocol, pr->auth_data, pr->auth_dlen);
+ ret = x11_verify(pr->auth, pr->auth_protocol,
+ pr->auth_data, pr->auth_dlen);
/*
* If authentication failed, construct and send an error