394061aa31
security/ssh6: IPv4/v6 ready, socks unavailable, kerberos available (not tested) security/ssh: IPv4 onlyready, socks available, kerberos available (not tested) should be integrated into one whenever socks support becomes aware of getaddrinfo/getnameinfo. two directories with tons of patches/patch-* is a maintenance headache.
68 lines
2.4 KiB
Text
68 lines
2.4 KiB
Text
$NetBSD: patch-aq,v 1.6 2000/03/20 02:25:52 itojun Exp $
|
|
|
|
--- newchannels.c- Wed May 12 20:19:27 1999
|
|
+++ newchannels.c Mon Mar 20 09:47:24 2000
|
|
@@ -274,7 +274,7 @@
|
|
#include "authfd.h"
|
|
#include "emulate.h"
|
|
#include "servconf.h"
|
|
-#ifdef LIBWRAP
|
|
+#if defined(LIBWRAP) && defined(LIBWRAP_FWD)
|
|
#include <tcpd.h>
|
|
#include <syslog.h>
|
|
#ifdef NEED_SYS_SYSLOG_H
|
|
@@ -922,6 +922,7 @@
|
|
/* This is our fake X11 server socket. */
|
|
if (FD_ISSET(ch->sock, readset))
|
|
{
|
|
+ int on = 1;
|
|
debug("X11 connection requested.");
|
|
addrlen = sizeof(addr);
|
|
newsock = accept(ch->sock, &addr, &addrlen);
|
|
@@ -930,11 +931,12 @@
|
|
error("accept: %.100s", strerror(errno));
|
|
break;
|
|
}
|
|
+ setsockopt(newsock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
|
|
remote_hostname = get_remote_hostname(newsock);
|
|
snprintf(buf, sizeof(buf), "X11 connection from %.200s port %d",
|
|
remote_hostname, get_peer_port(newsock));
|
|
xfree(remote_hostname);
|
|
-#ifdef LIBWRAP
|
|
+#if defined(LIBWRAP) && defined(LIBWRAP_FWD)
|
|
{
|
|
struct request_info req;
|
|
struct servent *serv;
|
|
@@ -986,7 +988,7 @@
|
|
ch->listening_port, remote_hostname,
|
|
get_peer_port(newsock));
|
|
xfree(remote_hostname);
|
|
-#ifdef LIBWRAP
|
|
+#if defined(LIBWRAP) && defined(LIBWRAP_FWD)
|
|
{
|
|
struct request_info req;
|
|
struct servent *serv;
|
|
@@ -2110,7 +2112,11 @@
|
|
|
|
success:
|
|
/* We have successfully obtained a connection to the real X display. */
|
|
-
|
|
+ {
|
|
+ int on = 1;
|
|
+ setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
|
|
+ }
|
|
+
|
|
#if defined(O_NONBLOCK) && !defined(O_NONBLOCK_BROKEN)
|
|
(void)fcntl(sock, F_SETFL, O_NONBLOCK);
|
|
#else /* O_NONBLOCK && !O_NONBLOCK_BROKEN */
|
|
@@ -2412,6 +2418,10 @@
|
|
ssh-agent connections on your system */
|
|
old_umask = umask(S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
|
|
|
|
+ /* Make sure the socket doesn't already exist, left over from a system
|
|
+ crash perhaps. */
|
|
+ unlink(channel_forwarded_auth_socket_name);
|
|
+
|
|
if (bind(sock, (struct sockaddr *)&sunaddr, AF_UNIX_SIZE(sunaddr)) < 0)
|
|
packet_disconnect("Agent socket bind failed: %.100s", strerror(errno));
|
|
|