[REPOST PATCH xauth] Look for FamilyLocal if inet or inet6 address is loopback
Julien Cristau
jcristau at debian.org
Mon Sep 30 13:58:04 PDT 2013
> On Aug 14, 2013, at 8:08, Egbert Eich <eich at freedesktop.org> wrote:
>
> > libxcb uses FamilyLocal authorization if the host name or IP in the
> > display string is from the loopback device. This patch adds the same
> > behavior to xauth.
> > This fixes a long standing problem that for ssh tunneled connections
> > a display variable of the form: localhost:<N>.<M> leads to correct
> > authorization when an X client is started but "xauth list $DISPLAY"
> > returns nothing.
> >
> > Signed-off-by: Egbert Eich <eich at freedesktop.org>
> > ---
> > gethost.c | 40 +++++++++++++++++++++++++++++++++++-----
> > 1 file changed, 35 insertions(+), 5 deletions(-)
> >
> > diff --git a/gethost.c b/gethost.c
> > index 10f6078..83fa95b 100644
> > --- a/gethost.c
> > +++ b/gethost.c
> > @@ -224,16 +224,36 @@ struct addrlist *get_address_info (
> > for (ai = firstai; ai != NULL; ai = ai->ai_next) {
> > struct addrlist *duplicate;
> >
> > + len = 0;
> > if (ai->ai_family == AF_INET) {
> > struct sockaddr_in *sin = (struct sockaddr_in *)ai->ai_addr;
> > src = &(sin->sin_addr);
> > - len = sizeof(sin->sin_addr);
> > - family = FamilyInternet;
> > + if (*(in_addr_t *) src == htonl(INADDR_LOOPBACK)) {
> > + family = FamilyLocal;
> > + if (get_local_hostname (buf, sizeof buf)) {
> > + src = buf;
> > + len = strlen (buf);
> > + } else
> > + src = NULL;
> > + } else {
> > + len = sizeof(sin->sin_addr);
> > + family = FamilyInternet;
> > + }
> > } else if (ai->ai_family == AF_INET6) {
> > struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)ai->ai_addr;
> > src = &(sin6->sin6_addr);
> > - len = sizeof(sin6->sin6_addr);
> > - family = FamilyInternet6;
> > + if (IN6_IS_ADDR_V4MAPPED((struct sockaddr_in6 *)src)
> > + || IN6_IS_ADDR_LOOPBACK((struct sockaddr_in6 *)src)) {
> > + family = FamilyLocal;
I must be missing some context, but why are v4mapped addresses treated
as local?
Cheers,
Julien
> > + if (get_local_hostname (buf, sizeof buf)) {
> > + src = buf;
> > + len = strlen (buf);
> > + } else
> > + src = NULL;
> > + } else {
> > + len = sizeof(sin6->sin6_addr);
> > + family = FamilyInternet6;
> > + }
> > }
> >
> > for(duplicate = retval; duplicate != NULL; duplicate = duplicate->next) {
> > @@ -272,7 +292,17 @@ struct addrlist *get_address_info (
> > #else
> > if (!get_inet_address (host, &hostinetaddr)) return NULL;
> > src = (char *) &hostinetaddr;
> > - len = 4; /* sizeof inaddr.sin_addr, would fail on Cray */
> > + if (*(in_addr_t *) src == htonl(INADDR_LOOPBACK)) {
> > + family = FamilyLocal;
> > + if (get_local_hostname (buf, sizeof buf)) {
> > + src = buf;
> > + len = strlen (buf);
> > + } else {
> > + len = 0;
> > + src = NULL;
> > + }
> > + } else
> > + len = 4; /* sizeof inaddr.sin_addr, would fail on Cray */
> > break;
> > #endif /* IPv6 */
> > #else
> > --
> > 1.8.1.4
> >
> > _______________________________________________
> > xorg-devel at lists.x.org: X.Org development
> > Archives: http://lists.x.org/archives/xorg-devel
> > Info: http://lists.x.org/mailman/listinfo/xorg-devel
> >
>
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: http://lists.x.org/mailman/listinfo/xorg-devel
More information about the xorg-devel
mailing list