vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c
Jakub Jelen 6cf9b8
--- openssh-7.4p1/channels.c.x11max	2016-12-23 15:46:32.071506625 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/channels.c	2016-12-23 15:46:32.139506636 +0100
Jakub Jelen 6cf9b8
@@ -152,8 +152,8 @@ static int all_opens_permitted = 0;
Jakub Jelen 5b55d0
 #define FWD_PERMIT_ANY_HOST	"*"
Jakub Jelen 162941
 
Jakub Jelen 162941
 /* -- X11 forwarding */
Jakub Jelen 162941
-/* Maximum number of fake X11 displays to try. */
Jakub Jelen 162941
-#define MAX_DISPLAYS  1000
Jakub Jelen 162941
+/* Minimum port number for X11 forwarding */
Jakub Jelen 162941
+#define X11_PORT_MIN 6000
Jakub Jelen 162941
 
Dmitry Belyavskiy 03150f
 /* Per-channel callback for pre/post IO actions */
Dmitry Belyavskiy 03150f
 typedef void chan_fn(struct ssh *, Channel *c);
Jakub Jelen 5b55d0
@@ -4228,7 +4228,7 @@ channel_send_window_changes(void)
Jakub Jelen 162941
  */
Jakub Jelen 162941
 int
Jakub Jelen 5b55d0
 x11_create_display_inet(struct ssh *ssh, int x11_display_offset,
Jakub Jelen 5b55d0
-    int x11_use_localhost, int single_connection,
Jakub Jelen 5b55d0
+    int x11_use_localhost, int x11_max_displays, int single_connection,
Jakub Jelen 5b55d0
     u_int *display_numberp, int **chanids)
Jakub Jelen 162941
 {
Jakub Jelen 162941
 	Channel *nc = NULL;
Jakub Jelen 6cf9b8
@@ -4240,10 +4241,15 @@ x11_create_display_inet(int x11_display_
Jakub Jelen 162941
 	if (chanids == NULL)
Jakub Jelen 162941
 		return -1;
Jakub Jelen 162941
 
Jakub Jelen 162941
+	/* Try to bind ports starting at 6000+X11DisplayOffset */
Jakub Jelen 162941
+	x11_max_displays = x11_max_displays + x11_display_offset;
Jakub Jelen 162941
+
Jakub Jelen 162941
 	for (display_number = x11_display_offset;
Jakub Jelen 162941
-	    display_number < MAX_DISPLAYS;
Jakub Jelen 162941
+	    display_number < x11_max_displays;
Jakub Jelen 162941
 	    display_number++) {
Jakub Jelen 162941
-		port = 6000 + display_number;
Jakub Jelen 162941
+		port = X11_PORT_MIN + display_number;
Jakub Jelen 162941
+		if (port < X11_PORT_MIN) /* overflow */
Jakub Jelen 162941
+			break;
Jakub Jelen 162941
 		memset(&hints, 0, sizeof(hints));
Jakub Jelen 5b55d0
 		hints.ai_family = ssh->chanctxt->IPv4or6;
Jakub Jelen 162941
 		hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE;
Jakub Jelen 6cf9b8
@@ -4295,7 +4301,7 @@ x11_create_display_inet(int x11_display_
Jakub Jelen 162941
 		if (num_socks > 0)
Jakub Jelen 162941
 			break;
Jakub Jelen 162941
 	}
Jakub Jelen 162941
-	if (display_number >= MAX_DISPLAYS) {
Jakub Jelen 162941
+	if (display_number >= x11_max_displays || port < X11_PORT_MIN ) {
Jakub Jelen 162941
 		error("Failed to allocate internet-domain X11 display socket.");
Jakub Jelen 162941
 		return -1;
Jakub Jelen 162941
 	}
Jakub Jelen 6cf9b8
@@ -4441,7 +4447,7 @@ x11_connect_display(void)
Jakub Jelen 162941
 	memset(&hints, 0, sizeof(hints));
Jakub Jelen 5b55d0
 	hints.ai_family = ssh->chanctxt->IPv4or6;
Jakub Jelen 162941
 	hints.ai_socktype = SOCK_STREAM;
Jakub Jelen 162941
-	snprintf(strport, sizeof strport, "%u", 6000 + display_number);
Jakub Jelen 162941
+	snprintf(strport, sizeof strport, "%u", X11_PORT_MIN + display_number);
Jakub Jelen 162941
 	if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
Jakub Jelen 162941
 		error("%.100s: unknown host. (%s)", buf,
Jakub Jelen 162941
 		ssh_gai_strerror(gaierr));
Jakub Jelen 6cf9b8
@@ -4457,7 +4463,7 @@ x11_connect_display(void)
Jakub Jelen 162941
 		/* Connect it to the display. */
Jakub Jelen 36fef5
 		if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
Jakub Jelen 162941
 			debug2("connect %.100s port %u: %.100s", buf,
Jakub Jelen 162941
-			    6000 + display_number, strerror(errno));
Jakub Jelen 162941
+			    X11_PORT_MIN + display_number, strerror(errno));
Jakub Jelen 162941
 			close(sock);
Jakub Jelen 162941
 			continue;
Jakub Jelen 162941
 		}
Jakub Jelen 6cf9b8
@@ -4466,8 +4472,8 @@ x11_connect_display(void)
Jakub Jelen 162941
 	}
Jakub Jelen 162941
 	freeaddrinfo(aitop);
Jakub Jelen 162941
 	if (!ai) {
Jakub Jelen 5b55d0
-		error("connect %.100s port %u: %.100s", buf,
Jakub Jelen 5b55d0
-		    6000 + display_number, strerror(errno));
Jakub Jelen 162941
+		error("connect %.100s port %u: %.100s", buf,
Jakub Jelen 162941
+		    X11_PORT_MIN + display_number, strerror(errno));
Jakub Jelen 162941
 		return -1;
Jakub Jelen 162941
 	}
Jakub Jelen 162941
 	set_nodelay(sock);
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/channels.h.x11max openssh-7.4p1/channels.h
Jakub Jelen 6cf9b8
--- openssh-7.4p1/channels.h.x11max	2016-12-19 05:59:41.000000000 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/channels.h	2016-12-23 15:46:32.139506636 +0100
Jakub Jelen 6cf9b8
@@ -293,7 +293,7 @@ int	 permitopen_port(const char *);
Jakub Jelen 162941
 
Dmitry Belyavskiy f561c6
 void	 channel_set_x11_refuse_time(struct ssh *, time_t);
Jakub Jelen 5b55d0
 int	 x11_connect_display(struct ssh *);
Jakub Jelen 5b55d0
-int	 x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **);
Jakub Jelen 5b55d0
+int	 x11_create_display_inet(struct ssh *, int, int, int, int, u_int *, int **);
Jakub Jelen 5b55d0
 void	 x11_request_forwarding_with_spoofing(struct ssh *, int,
Jakub Jelen 5b55d0
 	    const char *, const char *, const char *, int);
Jakub Jelen 5b55d0
 
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c
Jakub Jelen 6cf9b8
--- openssh-7.4p1/servconf.c.x11max	2016-12-23 15:46:32.133506635 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/servconf.c	2016-12-23 15:47:27.320519121 +0100
Jakub Jelen 6cf9b8
@@ -95,6 +95,7 @@ initialize_server_options(ServerOptions
Jakub Jelen 162941
 	options->print_lastlog = -1;
Jakub Jelen 162941
 	options->x11_forwarding = -1;
Jakub Jelen 162941
 	options->x11_display_offset = -1;
Jakub Jelen 162941
+	options->x11_max_displays = -1;
Jakub Jelen 162941
 	options->x11_use_localhost = -1;
Jakub Jelen 162941
 	options->permit_tty = -1;
Jakub Jelen 162941
 	options->permit_user_rc = -1;
Jakub Jelen 6cf9b8
@@ -243,6 +244,8 @@ fill_default_server_options(ServerOption
Jakub Jelen 162941
 		options->x11_forwarding = 0;
Jakub Jelen 162941
 	if (options->x11_display_offset == -1)
Jakub Jelen 162941
 		options->x11_display_offset = 10;
Jakub Jelen 162941
+	if (options->x11_max_displays == -1)
Jakub Jelen 162941
+		options->x11_max_displays = DEFAULT_MAX_DISPLAYS;
Jakub Jelen 162941
 	if (options->x11_use_localhost == -1)
Jakub Jelen 162941
 		options->x11_use_localhost = 1;
Jakub Jelen 162941
 	if (options->xauth_location == NULL)
Jakub Jelen 6cf9b8
@@ -419,7 +422,7 @@ typedef enum {
Dmitry Belyavskiy 7b76af
	sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication,
Dmitry Belyavskiy 7b76af
	sKbdInteractiveAuthentication, sListenAddress, sAddressFamily,
Dmitry Belyavskiy 7b76af
	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
Jakub Jelen 162941
-	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
Jakub Jelen 162941
+	sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost,
Jakub Jelen 162941
 	sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
Jakub Jelen 6cf9b8
 	sPermitUserEnvironment, sAllowTcpForwarding, sCompression,
Jakub Jelen 162941
 	sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
Jakub Jelen 6cf9b8
@@ -540,6 +543,7 @@ static struct {
Jakub Jelen 162941
 	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
Jakub Jelen 162941
 	{ "x11forwarding", sX11Forwarding, SSHCFG_ALL },
Jakub Jelen 162941
 	{ "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
Jakub Jelen 162941
+	{ "x11maxdisplays", sX11MaxDisplays, SSHCFG_ALL },
Jakub Jelen 162941
 	{ "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
Jakub Jelen 162941
 	{ "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
Jakub Jelen 162941
 	{ "strictmodes", sStrictModes, SSHCFG_GLOBAL },
Jakub Jelen 6cf9b8
@@ -1316,6 +1320,10 @@ process_server_config_line(ServerOptions
Jakub Jelen 6cf9b8
 			*intptr = value;
Jakub Jelen 6cf9b8
 		break;
Jakub Jelen 162941
 
Jakub Jelen 162941
+	case sX11MaxDisplays:
Jakub Jelen 162941
+		intptr = &options->x11_max_displays;
Jakub Jelen 162941
+		goto parse_int;
Jakub Jelen 162941
+
Jakub Jelen 162941
 	case sX11UseLocalhost:
Jakub Jelen 162941
 		intptr = &options->x11_use_localhost;
Jakub Jelen 162941
 		goto parse_flag;
Jakub Jelen 6cf9b8
@@ -2063,6 +2071,7 @@ copy_set_server_options(ServerOptions *d
Jakub Jelen 162941
 	M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink);
Jakub Jelen 162941
 	M_CP_INTOPT(x11_display_offset);
Jakub Jelen 162941
 	M_CP_INTOPT(x11_forwarding);
Jakub Jelen 162941
+	M_CP_INTOPT(x11_max_displays);
Jakub Jelen 162941
 	M_CP_INTOPT(x11_use_localhost);
Jakub Jelen 162941
 	M_CP_INTOPT(permit_tty);
Jakub Jelen 162941
 	M_CP_INTOPT(permit_user_rc);
Jakub Jelen 6cf9b8
@@ -2315,6 +2324,7 @@ dump_config(ServerOptions *o)
Jakub Jelen 6cf9b8
 #endif
Jakub Jelen 162941
 	dump_cfg_int(sLoginGraceTime, o->login_grace_time);
Jakub Jelen 162941
 	dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
Jakub Jelen 162941
+	dump_cfg_int(sX11MaxDisplays, o->x11_max_displays);
Jakub Jelen 162941
 	dump_cfg_int(sMaxAuthTries, o->max_authtries);
Jakub Jelen 162941
 	dump_cfg_int(sMaxSessions, o->max_sessions);
Jakub Jelen 162941
 	dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/servconf.h.x11max openssh-7.4p1/servconf.h
Jakub Jelen 6cf9b8
--- openssh-7.4p1/servconf.h.x11max	2016-12-23 15:46:32.133506635 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/servconf.h	2016-12-23 15:46:32.140506636 +0100
Jakub Jelen 162941
@@ -55,6 +55,7 @@
Jakub Jelen 162941
 
Jakub Jelen 162941
 #define DEFAULT_AUTH_FAIL_MAX	6	/* Default for MaxAuthTries */
Jakub Jelen 162941
 #define DEFAULT_SESSIONS_MAX	10	/* Default for MaxSessions */
Jakub Jelen 162941
+#define DEFAULT_MAX_DISPLAYS	1000 /* Maximum number of fake X11 displays to try. */
Jakub Jelen 162941
 
Jakub Jelen 162941
 /* Magic name for internal sftp-server */
Jakub Jelen 162941
 #define INTERNAL_SFTP_NAME	"internal-sftp"
Jakub Jelen 162941
@@ -85,6 +86,7 @@ typedef struct {
Jakub Jelen 162941
 	int     x11_forwarding;	/* If true, permit inet (spoofing) X11 fwd. */
Jakub Jelen 162941
 	int     x11_display_offset;	/* What DISPLAY number to start
Jakub Jelen 162941
 					 * searching at */
Jakub Jelen 162941
+	int 	x11_max_displays; /* Number of displays to search */
Jakub Jelen 162941
 	int     x11_use_localhost;	/* If true, use localhost for fake X11 server. */
Jakub Jelen 162941
 	char   *xauth_location;	/* Location of xauth program */
Jakub Jelen 162941
 	int	permit_tty;	/* If false, deny pty allocation */
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/session.c.x11max openssh-7.4p1/session.c
Jakub Jelen 6cf9b8
--- openssh-7.4p1/session.c.x11max	2016-12-23 15:46:32.136506636 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/session.c	2016-12-23 15:46:32.141506636 +0100
Jakub Jelen 6cf9b8
@@ -2518,8 +2518,9 @@ session_setup_x11fwd(Session *s)
Jakub Jelen 162941
 		return 0;
Jakub Jelen 162941
 	}
Jakub Jelen 5b55d0
	if (x11_create_display_inet(ssh, options.x11_display_offset,
Jakub Jelen 162941
-	    options.x11_use_localhost, s->single_connection,
Jakub Jelen 162941
-	    &s->display_number, &s->x11_chanids) == -1) {
Jakub Jelen 162941
+	    options.x11_use_localhost, options.x11_max_displays,
Jakub Jelen 162941
+	    s->single_connection, &s->display_number,
Jakub Jelen 162941
+	    &s->x11_chanids) == -1) {
Jakub Jelen 162941
 		debug("x11_create_display_inet failed.");
Jakub Jelen 162941
 		return 0;
Jakub Jelen 162941
 	}
Jakub Jelen 6cf9b8
diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5
Jakub Jelen 6cf9b8
--- openssh-7.4p1/sshd_config.5.x11max	2016-12-23 15:46:32.134506635 +0100
Jakub Jelen 6cf9b8
+++ openssh-7.4p1/sshd_config.5	2016-12-23 15:46:32.141506636 +0100
Jakub Jelen 6cf9b8
@@ -1133,6 +1133,7 @@ Available keywords are
Jakub Jelen 162941
 .Cm TrustedUserCAKeys ,
Dmitry Belyavskiy f561c6
 .Cm UnusedConnectionTimeout ,
Jakub Jelen 162941
 .Cm X11DisplayOffset ,
Jakub Jelen 162941
+.Cm X11MaxDisplays ,
Jakub Jelen 162941
 .Cm X11Forwarding
Jakub Jelen 162941
 and
Jakub Jelen 36fef5
 .Cm X11UseLocalhost .
Jakub Jelen 6cf9b8
@@ -1566,6 +1567,12 @@ Specifies the first display number avail
Jakub Jelen 162941
 X11 forwarding.
Jakub Jelen 162941
 This prevents sshd from interfering with real X11 servers.
Jakub Jelen 162941
 The default is 10.
Jakub Jelen 162941
+.It Cm X11MaxDisplays
Jakub Jelen 162941
+Specifies the maximum number of displays available for
Jakub Jelen 162941
+.Xr sshd 8 Ns 's
Jakub Jelen 162941
+X11 forwarding.
Jakub Jelen 162941
+This prevents sshd from exhausting local ports.
Jakub Jelen 162941
+The default is 1000.
Jakub Jelen 162941
 .It Cm X11Forwarding
Jakub Jelen 162941
 Specifies whether X11 forwarding is permitted.
Jakub Jelen 162941
 The argument must be