X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/52e3daedec4da996f923934417982ace52d0b981..caba7de7d39b58f9f4fa9f33ca04531e0358e266:/channels.c diff --git a/channels.c b/channels.c index 0e7d5cf5..c766cc27 100644 --- a/channels.c +++ b/channels.c @@ -1,3 +1,4 @@ +/* $OpenBSD: channels.c,v 1.272 2008/01/19 23:02:40 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -40,26 +41,40 @@ #include "includes.h" -#include #include +#include #include +#include +#ifdef HAVE_SYS_TIME_H +# include +#endif +#include +#include + +#include +#include +#include +#include +#include #include +#include +#include +#include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "ssh2.h" #include "packet.h" -#include "xmalloc.h" #include "log.h" #include "misc.h" +#include "buffer.h" #include "channels.h" #include "compat.h" #include "canohost.h" #include "key.h" #include "authfd.h" #include "pathnames.h" -#include "bufaux.h" /* -- channel core */ @@ -96,11 +111,18 @@ typedef struct { u_short listen_port; /* Remote side should listen port number. */ } ForwardPermission; -/* List of all permitted host/port pairs to connect. */ +/* List of all permitted host/port pairs to connect by the user. */ static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; -/* Number of permitted host/port pairs in the array. */ +/* List of all permitted host/port pairs to connect by the admin. */ +static ForwardPermission permitted_adm_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; + +/* Number of permitted host/port pairs in the array permitted by the user. */ static int num_permitted_opens = 0; + +/* Number of permitted host/port pair in the array permitted by the admin. */ +static int num_adm_permitted_opens = 0; + /* * If this is true, all opens are permitted. This is the case on the server * on which we have to trust the client anyway, and the user could do @@ -266,8 +288,8 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, if (channels_alloc > 10000) fatal("channel_new: internal error: channels_alloc %d " "too big.", channels_alloc); - channels = xrealloc(channels, - (channels_alloc + 10) * sizeof(Channel *)); + channels = xrealloc(channels, channels_alloc + 10, + sizeof(Channel *)); channels_alloc += 10; debug2("channel: expanding %d", channels_alloc); for (i = found; i < channels_alloc; i++) @@ -719,12 +741,14 @@ typedef void chan_fn(Channel *c, fd_set *readset, fd_set *writeset); chan_fn *channel_pre[SSH_CHANNEL_MAX_TYPE]; chan_fn *channel_post[SSH_CHANNEL_MAX_TYPE]; +/* ARGSUSED */ static void channel_pre_listener(Channel *c, fd_set *readset, fd_set *writeset) { FD_SET(c->sock, readset); } +/* ARGSUSED */ static void channel_pre_connecting(Channel *c, fd_set *readset, fd_set *writeset) { @@ -746,12 +770,10 @@ channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset) { u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); - /* check buffer limits */ - limit = MIN(limit, (BUFFER_MAX_LEN - BUFFER_MAX_CHUNK - CHAN_RBUF)); - if (c->istate == CHAN_INPUT_OPEN && limit > 0 && - buffer_len(&c->input) < limit) + buffer_len(&c->input) < limit && + buffer_check_alloc(&c->input, CHAN_RBUF)) FD_SET(c->rfd, readset); if (c->ostate == CHAN_OUTPUT_OPEN || c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { @@ -781,6 +803,7 @@ channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset) FD_SET(c->ctl_fd, readset); } +/* ARGSUSED */ static void channel_pre_input_draining(Channel *c, fd_set *readset, fd_set *writeset) { @@ -793,6 +816,7 @@ channel_pre_input_draining(Channel *c, fd_set *readset, fd_set *writeset) } } +/* ARGSUSED */ static void channel_pre_output_draining(Channel *c, fd_set *readset, fd_set *writeset) { @@ -922,6 +946,7 @@ channel_pre_x11_open(Channel *c, fd_set *readset, fd_set *writeset) } /* try to decode a socks4 header */ +/* ARGSUSED */ static int channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) { @@ -987,7 +1012,7 @@ channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) s4_rsp.command = 90; /* cd: req granted */ s4_rsp.dest_port = 0; /* ignored */ s4_rsp.dest_addr.s_addr = INADDR_ANY; /* ignored */ - buffer_append(&c->output, (char *)&s4_rsp, sizeof(s4_rsp)); + buffer_append(&c->output, &s4_rsp, sizeof(s4_rsp)); return 1; } @@ -1000,6 +1025,7 @@ channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) #define SSH_SOCKS5_CONNECT 0x01 #define SSH_SOCKS5_SUCCESS 0x00 +/* ARGSUSED */ static int channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1011,7 +1037,7 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) } s5_req, s5_rsp; u_int16_t dest_port; u_char *p, dest_addr[255+1]; - u_int have, i, found, nmethods, addrlen, af; + u_int have, need, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); p = buffer_ptr(&c->input); @@ -1026,8 +1052,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) if (have < nmethods + 2) return 0; /* look for method: "NO AUTHENTICATION REQUIRED" */ - for (found = 0, i = 2 ; i < nmethods + 2; i++) { - if (p[i] == SSH_SOCKS5_NOAUTH ) { + for (found = 0, i = 2; i < nmethods + 2; i++) { + if (p[i] == SSH_SOCKS5_NOAUTH) { found = 1; break; } @@ -1048,7 +1074,7 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) debug2("channel %d: socks5 post auth", c->self); if (have < sizeof(s5_req)+1) return 0; /* need more */ - memcpy((char *)&s5_req, p, sizeof(s5_req)); + memcpy(&s5_req, p, sizeof(s5_req)); if (s5_req.version != 0x05 || s5_req.command != SSH_SOCKS5_CONNECT || s5_req.reserved != 0x00) { @@ -1072,7 +1098,10 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) debug2("channel %d: bad socks5 atyp %d", c->self, s5_req.atyp); return -1; } - if (have < 4 + addrlen + 2) + need = sizeof(s5_req) + addrlen + 2; + if (s5_req.atyp == SSH_SOCKS5_DOMAIN) + need++; + if (have < need) return 0; buffer_consume(&c->input, sizeof(s5_req)); if (s5_req.atyp == SSH_SOCKS5_DOMAIN) @@ -1096,9 +1125,9 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) ((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY; dest_port = 0; /* ignored */ - buffer_append(&c->output, (char *)&s5_rsp, sizeof(s5_rsp)); - buffer_append(&c->output, (char *)&dest_addr, sizeof(struct in_addr)); - buffer_append(&c->output, (char *)&dest_port, sizeof(dest_port)); + buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp)); + buffer_append(&c->output, &dest_addr, sizeof(struct in_addr)); + buffer_append(&c->output, &dest_port, sizeof(dest_port)); return 1; } @@ -1147,6 +1176,7 @@ channel_pre_dynamic(Channel *c, fd_set *readset, fd_set *writeset) } /* This is our fake X11 server socket. */ +/* ARGSUSED */ static void channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1272,6 +1302,7 @@ channel_set_reuseaddr(int fd) /* * This socket is listening for connections to a forwarded TCP/IP port. */ +/* ARGSUSED */ static void channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1329,6 +1360,7 @@ channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset) * This is the authentication agent socket listening for connections from * clients. */ +/* ARGSUSED */ static void channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1362,6 +1394,7 @@ channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset) } } +/* ARGSUSED */ static void channel_post_connecting(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1408,18 +1441,25 @@ channel_post_connecting(Channel *c, fd_set *readset, fd_set *writeset) } } +/* ARGSUSED */ static int channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset) { char buf[CHAN_RBUF]; - int len; + int len, force; - if (c->rfd != -1 && - FD_ISSET(c->rfd, readset)) { + force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED; + if (c->rfd != -1 && (force || FD_ISSET(c->rfd, readset))) { + errno = 0; len = read(c->rfd, buf, sizeof(buf)); - if (len < 0 && (errno == EINTR || errno == EAGAIN)) + if (len < 0 && (errno == EINTR || (errno == EAGAIN && !force))) return 1; +#ifndef PTY_ZEROREAD if (len <= 0) { +#else + if ((!c->isatty && len <= 0) || + (c->isatty && (len < 0 || (len == 0 && errno != 0)))) { +#endif debug2("channel %d: read<=0 rfd %d len %d", c->self, c->rfd, len); if (c->type != SSH_CHANNEL_OPEN) { @@ -1449,6 +1489,7 @@ channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset) return 1; } +/* ARGSUSED */ static int channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1563,11 +1604,12 @@ channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset) c->local_consumed += len; } } else if (c->extended_usage == CHAN_EXTENDED_READ && - FD_ISSET(c->efd, readset)) { + (c->detach_close || FD_ISSET(c->efd, readset))) { len = read(c->efd, buf, sizeof(buf)); debug2("channel %d: read %d from efd %d", c->self, len, c->efd); - if (len < 0 && (errno == EINTR || errno == EAGAIN)) + if (len < 0 && (errno == EINTR || + (errno == EAGAIN && !c->detach_close))) return 1; if (len <= 0) { debug2("channel %d: closing read-efd %d", @@ -1581,6 +1623,7 @@ channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset) return 1; } +/* ARGSUSED */ static int channel_handle_ctl(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1614,7 +1657,9 @@ channel_check_window(Channel *c) { if (c->type == SSH_CHANNEL_OPEN && !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && - c->local_window < c->local_window_max/2 && + ((c->local_window_max - c->local_window > + c->local_maxpacket*3) || + c->local_window < c->local_window_max/2) && c->local_consumed > 0) { packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); packet_put_int(c->remote_id); @@ -1643,6 +1688,7 @@ channel_post_open(Channel *c, fd_set *readset, fd_set *writeset) channel_check_window(c); } +/* ARGSUSED */ static void channel_post_output_drain_13(Channel *c, fd_set *readset, fd_set *writeset) { @@ -1789,15 +1835,20 @@ void channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, u_int *nallocp, int rekeying) { - u_int n, sz; + u_int n, sz, nfdset; n = MAX(*maxfdp, channel_max_fd); - sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); + nfdset = howmany(n+1, NFDBITS); + /* Explicitly test here, because xrealloc isn't always called */ + if (nfdset && SIZE_T_MAX / nfdset < sizeof(fd_mask)) + fatal("channel_prepare_select: max_fd (%d) is too large", n); + sz = nfdset * sizeof(fd_mask); + /* perhaps check sz < nalloc/2 and shrink? */ if (*readsetp == NULL || sz > *nallocp) { - *readsetp = xrealloc(*readsetp, sz); - *writesetp = xrealloc(*writesetp, sz); + *readsetp = xrealloc(*readsetp, nfdset, sizeof(fd_mask)); + *writesetp = xrealloc(*writesetp, nfdset, sizeof(fd_mask)); *nallocp = sz; } *maxfdp = n; @@ -1939,6 +1990,8 @@ channel_output_poll(void) /* -- protocol input */ + +/* ARGSUSED */ void channel_input_data(int type, u_int32_t seq, void *ctxt) { @@ -1998,6 +2051,7 @@ channel_input_data(int type, u_int32_t seq, void *ctxt) xfree(data); } +/* ARGSUSED */ void channel_input_extended_data(int type, u_int32_t seq, void *ctxt) { @@ -2044,6 +2098,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) xfree(data); } +/* ARGSUSED */ void channel_input_ieof(int type, u_int32_t seq, void *ctxt) { @@ -2067,6 +2122,7 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt) } +/* ARGSUSED */ void channel_input_close(int type, u_int32_t seq, void *ctxt) { @@ -2105,6 +2161,7 @@ channel_input_close(int type, u_int32_t seq, void *ctxt) } /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ +/* ARGSUSED */ void channel_input_oclose(int type, u_int32_t seq, void *ctxt) { @@ -2117,6 +2174,7 @@ channel_input_oclose(int type, u_int32_t seq, void *ctxt) chan_rcvd_oclose(c); } +/* ARGSUSED */ void channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt) { @@ -2133,6 +2191,7 @@ channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt) channel_free(c); } +/* ARGSUSED */ void channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) { @@ -2180,6 +2239,7 @@ reason2txt(int reason) return "unknown reason"; } +/* ARGSUSED */ void channel_input_open_failure(int type, u_int32_t seq, void *ctxt) { @@ -2211,6 +2271,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt) channel_free(c); } +/* ARGSUSED */ void channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) { @@ -2235,6 +2296,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) c->remote_window += adjust; } +/* ARGSUSED */ void channel_input_port_open(int type, u_int32_t seq, void *ctxt) { @@ -2323,7 +2385,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por wildcard = 1; } else if (gateway_ports || is_client) { if (((datafellows & SSH_OLD_FORWARD_ADDR) && - strcmp(listen_addr, "0.0.0.0") == 0) || + strcmp(listen_addr, "0.0.0.0") == 0 && is_client == 0) || *listen_addr == '\0' || strcmp(listen_addr, "*") == 0 || (!is_client && gateway_ports == 1)) wildcard = 1; @@ -2347,10 +2409,11 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por if (addr == NULL) { /* This really shouldn't happen */ packet_disconnect("getaddrinfo: fatal error: %s", - gai_strerror(r)); + ssh_gai_strerror(r)); } else { error("channel_setup_fwd_listener: " - "getaddrinfo(%.64s): %s", addr, gai_strerror(r)); + "getaddrinfo(%.64s): %s", addr, + ssh_gai_strerror(r)); } return 0; } @@ -2453,7 +2516,7 @@ channel_setup_remote_fwd_listener(const char *listen_address, * the secure channel to host:port from local side. */ -void +int channel_request_remote_forwarding(const char *listen_host, u_short listen_port, const char *host_to_connect, u_short port_to_connect) { @@ -2466,11 +2529,18 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port, /* Send the forward request to the remote side. */ if (compat20) { const char *address_to_bind; - if (listen_host == NULL) - address_to_bind = "localhost"; - else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0) - address_to_bind = ""; - else + if (listen_host == NULL) { + if (datafellows & SSH_BUG_RFWD_ADDR) + address_to_bind = "127.0.0.1"; + else + address_to_bind = "localhost"; + } else if (*listen_host == '\0' || + strcmp(listen_host, "*") == 0) { + if (datafellows & SSH_BUG_RFWD_ADDR) + address_to_bind = "0.0.0.0"; + else + address_to_bind = ""; + } else address_to_bind = listen_host; packet_start(SSH2_MSG_GLOBAL_REQUEST); @@ -2497,7 +2567,6 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port, success = 1; break; case SSH_SMSG_FAILURE: - logit("Warning: Server denied remote port forwarding."); break; default: /* Unknown packet */ @@ -2511,6 +2580,7 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port, permitted_opens[num_permitted_opens].listen_port = listen_port; num_permitted_opens++; } + return (success ? 0 : -1); } /* @@ -2550,12 +2620,13 @@ channel_request_rforward_cancel(const char *host, u_short port) /* * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates * listening for the port, and sends back a success reply (or disconnect - * message if there was an error). This never returns if there was an error. + * message if there was an error). */ -void +int channel_input_port_forward_request(int is_root, int gateway_ports) { u_short port, host_port; + int success = 0; char *hostname; /* Get arguments from the packet. */ @@ -2577,11 +2648,13 @@ channel_input_port_forward_request(int is_root, int gateway_ports) #endif /* Initiate forwarding */ - channel_setup_local_fwd_listener(NULL, port, hostname, + success = channel_setup_local_fwd_listener(NULL, port, hostname, host_port, gateway_ports); /* Free the argument string. */ xfree(hostname); + + return (success ? 0 : -1); } /* @@ -2600,7 +2673,7 @@ void channel_add_permitted_opens(char *host, int port) { if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("channel_request_remote_forwarding: too many forwards"); + fatal("channel_add_permitted_opens: too many forwards"); debug("allow port forwarding to host %s port %d", host, port); permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host); @@ -2610,6 +2683,19 @@ channel_add_permitted_opens(char *host, int port) all_opens_permitted = 0; } +int +channel_add_adm_permitted_opens(char *host, int port) +{ + if (num_adm_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) + fatal("channel_add_adm_permitted_opens: too many forwards"); + debug("config allows port forwarding to host %s port %d", host, port); + + permitted_adm_opens[num_adm_permitted_opens].host_to_connect + = xstrdup(host); + permitted_adm_opens[num_adm_permitted_opens].port_to_connect = port; + return ++num_adm_permitted_opens; +} + void channel_clear_permitted_opens(void) { @@ -2619,7 +2705,17 @@ channel_clear_permitted_opens(void) if (permitted_opens[i].host_to_connect != NULL) xfree(permitted_opens[i].host_to_connect); num_permitted_opens = 0; +} + +void +channel_clear_adm_permitted_opens(void) +{ + int i; + for (i = 0; i < num_adm_permitted_opens; i++) + if (permitted_adm_opens[i].host_to_connect != NULL) + xfree(permitted_adm_opens[i].host_to_connect); + num_adm_permitted_opens = 0; } /* return socket to remote host, port */ @@ -2637,7 +2733,7 @@ connect_to(const char *host, u_short port) snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) { error("connect_to %.100s: unknown host (%s)", host, - gai_strerror(gaierr)); + ssh_gai_strerror(gaierr)); return -1; } for (ai = aitop; ai; ai = ai->ai_next) { @@ -2698,7 +2794,7 @@ channel_connect_by_listen_address(u_short listen_port) int channel_connect_to(const char *host, u_short port) { - int i, permit; + int i, permit, permit_adm = 1; permit = all_opens_permitted; if (!permit) { @@ -2707,9 +2803,19 @@ channel_connect_to(const char *host, u_short port) permitted_opens[i].port_to_connect == port && strcmp(permitted_opens[i].host_to_connect, host) == 0) permit = 1; + } + if (num_adm_permitted_opens > 0) { + permit_adm = 0; + for (i = 0; i < num_adm_permitted_opens; i++) + if (permitted_adm_opens[i].host_to_connect != NULL && + permitted_adm_opens[i].port_to_connect == port && + strcmp(permitted_adm_opens[i].host_to_connect, host) + == 0) + permit_adm = 1; } - if (!permit) { + + if (!permit || !permit_adm) { logit("Received request to connect to host %.100s port %d, " "but the request was denied.", host, port); return -1; @@ -2769,7 +2875,7 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, hints.ai_socktype = SOCK_STREAM; snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { - error("getaddrinfo: %.100s", gai_strerror(gaierr)); + error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr)); return -1; } for (ai = aitop; ai; ai = ai->ai_next) { @@ -2880,12 +2986,12 @@ connect_local_xsocket(u_int dnr) int x11_connect_display(void) { - int display_number, sock = 0; + u_int display_number; const char *display; char buf[1024], *cp; struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; - int gaierr; + int gaierr, sock = 0; /* Try to open a socket for the local X server. */ display = getenv("DISPLAY"); @@ -2905,7 +3011,7 @@ x11_connect_display(void) if (strncmp(display, "unix:", 5) == 0 || display[0] == ':') { /* Connect to the unix domain socket. */ - if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { + if (sscanf(strrchr(display, ':') + 1, "%u", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", display); return -1; @@ -2930,7 +3036,7 @@ x11_connect_display(void) } *cp = 0; /* buf now contains the host name. But first we parse the display number. */ - if (sscanf(cp + 1, "%d", &display_number) != 1) { + if (sscanf(cp + 1, "%u", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", display); return -1; @@ -2940,9 +3046,10 @@ x11_connect_display(void) memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; - snprintf(strport, sizeof strport, "%d", 6000 + display_number); + snprintf(strport, sizeof strport, "%u", 6000 + display_number); if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { - error("%.100s: unknown host. (%s)", buf, gai_strerror(gaierr)); + error("%.100s: unknown host. (%s)", buf, + ssh_gai_strerror(gaierr)); return -1; } for (ai = aitop; ai; ai = ai->ai_next) { @@ -2954,7 +3061,7 @@ x11_connect_display(void) } /* Connect it to the display. */ if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) { - debug2("connect %.100s port %d: %.100s", buf, + debug2("connect %.100s port %u: %.100s", buf, 6000 + display_number, strerror(errno)); close(sock); continue; @@ -2964,7 +3071,7 @@ x11_connect_display(void) } freeaddrinfo(aitop); if (!ai) { - error("connect %.100s port %d: %.100s", buf, 6000 + display_number, + error("connect %.100s port %u: %.100s", buf, 6000 + display_number, strerror(errno)); return -1; } @@ -2978,6 +3085,7 @@ x11_connect_display(void) * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */ +/* ARGSUSED */ void x11_input_open(int type, u_int32_t seq, void *ctxt) { @@ -3021,6 +3129,7 @@ x11_input_open(int type, u_int32_t seq, void *ctxt) } /* dummy protocol handler that denies SSH-1 requests (agent/x11) */ +/* ARGSUSED */ void deny_input_open(int type, u_int32_t seq, void *ctxt) { @@ -3067,13 +3176,11 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, return; } - cp = disp; - if (disp) - cp = strchr(disp, ':'); + cp = strchr(disp, ':'); if (cp) cp = strchr(cp, '.'); if (cp) - screen_number = atoi(cp + 1); + screen_number = (u_int)strtonum(cp + 1, 0, 400, NULL); else screen_number = 0;