[PATCH xserver] os: Treat ssh as a non-local client (v3)

Tue Jan 12 02:55:09 PST 2016

On 12/01/16 08:57, Michel Dänzer wrote:
> On 17.12.2015 16:41, Michel Dänzer wrote:
>> From: Adam Jackson <ajax at redhat.com>
>>
>> By the time we get to ComputeLocalClient, we've already done
>> NextAvailableClient → ReserveClientIds → DetermineClientCmd (assuming
>> we're built with #define CLIENTIDS), so we can look up the name of the
>> client process and refuse to treat ssh's X forwarding as if it were
>> local.
>>
>> v2: (Michel Dänzer)
>>      * Only match "ssh" itself, not other executable names starting with
>>        that prefix.
>>      * Ignore executable path for the match.
>> v3: (Michel Dänzer)
>>      * Use GetClientCmdName (Mark Kettenis)
>>      * Perform check on Windows as well, but only ignore path on Cygwin
>>        (Martin Peres, Emil Velikov, Jon Turney)
>>
>> Signed-off-by: Adam Jackson <ajax at redhat.com>
>> Signed-off-by: Michel Dänzer <michel.daenzer at amd.com>
> Martin, Mark, Jon, any other objections? If not, can we get a Reviewed-by?

Oh, sorry, I already gave you my R-b and did not think you needed it 
again. In any case, thanks for the additional fixes!

Reviewed-by: Martin Peres <martin.peres at linux.intel.com>

>
>
>> ---
>>   os/access.c | 38 +++++++++++++++++++++++++++++++++++---
>>   1 file changed, 35 insertions(+), 3 deletions(-)
>>
>> diff --git a/os/access.c b/os/access.c
>> index 10a48c3..3ea2e21 100644
>> --- a/os/access.c
>> +++ b/os/access.c
>> @@ -173,6 +173,10 @@ SOFTWARE.
>>   
>>   #endif                          /* WIN32 */
>>   
>> +#if !defined(WIN32) || defined(__CYGWIN__)
>> +#include <libgen.h>
>> +#endif
>> +
>>   #define X_INCLUDE_NETDB_H
>>   #include <X11/Xos_r.h>
>>   
>> @@ -1081,9 +1085,8 @@ ResetHosts(const char *display)
>>       }
>>   }
>>   
>> -/* Is client on the local host */
>> -Bool
>> -ComputeLocalClient(ClientPtr client)
>> +static Bool
>> +xtransLocalClient(ClientPtr client)
>>   {
>>       int alen, family, notused;
>>       Xtransaddr *from = NULL;
>> @@ -1116,6 +1119,35 @@ ComputeLocalClient(ClientPtr client)
>>       return FALSE;
>>   }
>>   
>> +/* Is client on the local host */
>> +Bool
>> +ComputeLocalClient(ClientPtr client)
>> +{
>> +    const char *cmdname = GetClientCmdName(client);
>> +
>> +    if (!xtransLocalClient(client))
>> +        return FALSE;
>> +
>> +    /* If the executable name is "ssh", assume that this client connection
>> +     * is forwarded from another host via SSH
>> +     */
>> +    if (cmdname) {
>> +        Bool ret;
>> +
>> +#if !defined(WIN32) || defined(__CYGWIN__)
>> +        char *cmd = strdup(cmdname);
>> +        ret = strcmp(basename(cmd), "ssh") != 0;
>> +        free(cmd);
>> +#else
>> +        ret = strcmp(cmdname, "ssh") != 0;
>> +#endif
>> +
>> +        return ret;
>> +    }
>> +
>> +    return TRUE;
>> +}
>> +
>>   /*
>>    * Return the uid and all gids of a connected local client
>>    * Allocates a LocalClientCredRec - caller must call FreeLocalClientCreds
>>
>