forked from pool/openssh
56 lines
1.5 KiB
Diff
56 lines
1.5 KiB
Diff
|
# HG changeset patch
|
||
|
|
# Parent a60c0d88667efe0a64c030168950b69476af1622
|
||
|
|
# --used to be called '-xauth'
|
||
|
|
try to remove xauth cookies on logout
|
||
|
|
|
||
|
|
bnc#98815
|
||
|
|
|
||
|
|
diff --git a/openssh-7.7p1/session.c b/openssh-7.7p1/session.c
|
||
|
|
--- openssh-7.7p1/session.c
|
||
|
|
+++ openssh-7.7p1/session.c
|
||
|
|
@@ -2302,16 +2302,44 @@ session_close(struct ssh *ssh, Session *
|
||
|
|
u_int i;
|
||
|
|
|
||
|
|
verbose("Close session: user %s from %.200s port %d id %d",
|
||
|
|
s->pw->pw_name,
|
||
|
|
ssh_remote_ipaddr(ssh),
|
||
|
|
ssh_remote_port(ssh),
|
||
|
|
s->self);
|
||
|
|
|
||
|
|
+ if ((s->display != NULL) && (s->auth_proto != NULL) &&
|
||
|
|
+ (s->auth_data != NULL) && (options.xauth_location != NULL)) {
|
||
|
|
+ pid_t pid;
|
||
|
|
+ FILE *f;
|
||
|
|
+ char cmd[1024];
|
||
|
|
+ struct passwd * pw = s->pw;
|
||
|
|
+
|
||
|
|
+ if (!(pid = fork())) {
|
||
|
|
+ permanently_set_uid(pw);
|
||
|
|
+
|
||
|
|
+ /* Remove authority data from .Xauthority if appropriate. */
|
||
|
|
+ debug("Running %.500s remove %.100s\n",
|
||
|
|
+ options.xauth_location, s->auth_display);
|
||
|
|
+
|
||
|
|
+ snprintf(cmd, sizeof cmd, "unset XAUTHORITY && HOME=\"%.200s\" %s -q -",
|
||
|
|
+ s->pw->pw_dir, options.xauth_location);
|
||
|
|
+ f = popen(cmd, "w");
|
||
|
|
+ if (f) {
|
||
|
|
+ fprintf(f, "remove %s\n", s->auth_display);
|
||
|
|
+ pclose(f);
|
||
|
|
+ } else
|
||
|
|
+ error("Could not run %s\n", cmd);
|
||
|
|
+ exit(0);
|
||
|
|
+ } else if (pid > 0) {
|
||
|
|
+ waitpid(pid, NULL, 0);
|
||
|
|
+ }
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
if (s->ttyfd != -1)
|
||
|
|
session_pty_cleanup(s);
|
||
|
|
free(s->term);
|
||
|
|
free(s->display);
|
||
|
|
free(s->x11_chanids);
|
||
|
|
free(s->auth_display);
|
||
|
|
free(s->auth_data);
|
||
|
|
free(s->auth_proto);
|