Mercurial > 510Connectbot

comparison src/com/trilead/ssh2/channel/RemoteX11AcceptThread.java @ 0:0ce5cc452d02

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
initial version
author Carl Byington <carl@five-ten-sg.com>
date Thu, 22 May 2014 10:41:19 -0700
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:0ce5cc452d02
1
2 package com.trilead.ssh2.channel;
3
4 import java.io.IOException;
5 import java.io.InputStream;
6 import java.io.OutputStream;
7 import java.net.Socket;
8
9 import com.trilead.ssh2.log.Logger;
10
11
12 /**
13 * RemoteX11AcceptThread.
14 *
15 * @author Christian Plattner, plattner@trilead.com
16 * @version $Id: RemoteX11AcceptThread.java,v 1.2 2008/04/01 12:38:09 cplattne Exp $
17 */
18 public class RemoteX11AcceptThread extends Thread {
19 private static final Logger log = Logger.getLogger(RemoteX11AcceptThread.class);
20
21 Channel c;
22
23 String remoteOriginatorAddress;
24 int remoteOriginatorPort;
25
26 Socket s;
27
28 public RemoteX11AcceptThread(Channel c, String remoteOriginatorAddress, int remoteOriginatorPort) {
29 this.c = c;
30 this.remoteOriginatorAddress = remoteOriginatorAddress;
31 this.remoteOriginatorPort = remoteOriginatorPort;
32 }
33
34 public void run() {
35 try {
36 /* Send Open Confirmation */
37 c.cm.sendOpenConfirmation(c);
38 /* Read startup packet from client */
39 OutputStream remote_os = c.getStdinStream();
40 InputStream remote_is = c.getStdoutStream();
41 /* The following code is based on the protocol description given in:
42 * Scheifler/Gettys,
43 * X Windows System: Core and Extension Protocols:
44 * X Version 11, Releases 6 and 6.1 ISBN 1-55558-148-X
45 */
46 /*
47 * Client startup:
48 *
49 * 1 0X42 MSB first/0x6c lSB first - byteorder
50 * 1 - unused
51 * 2 card16 - protocol-major-version
52 * 2 card16 - protocol-minor-version
53 * 2 n - lenght of authorization-protocol-name
54 * 2 d - lenght of authorization-protocol-data
55 * 2 - unused
56 * string8 - authorization-protocol-name
57 * p - unused, p=pad(n)
58 * string8 - authorization-protocol-data
59 * q - unused, q=pad(d)
60 *
61 * pad(X) = (4 - (X mod 4)) mod 4
62 *
63 * Server response:
64 *
65 * 1 (0 failed, 2 authenticate, 1 success)
66 * ...
67 *
68 */
69 /* Later on we will simply forward the first 6 header bytes to the "real" X11 server */
70 byte[] header = new byte[6];
71
72 if (remote_is.read(header) != 6)
73 throw new IOException("Unexpected EOF on X11 startup!");
74
75 if ((header[0] != 0x42) && (header[0] != 0x6c)) // 0x42 MSB first, 0x6C LSB first
76 throw new IOException("Unknown endian format in X11 message!");
77
78 /* Yes, I came up with this myself - shall I file an application for a patent? =) */
79 int idxMSB = (header[0] == 0x42) ? 0 : 1;
80 /* Read authorization data header */
81 byte[] auth_buff = new byte[6];
82
83 if (remote_is.read(auth_buff) != 6)
84 throw new IOException("Unexpected EOF on X11 startup!");
85
86 int authProtocolNameLength = ((auth_buff[idxMSB] & 0xff) << 8) | (auth_buff[1 - idxMSB] & 0xff);
87 int authProtocolDataLength = ((auth_buff[2 + idxMSB] & 0xff) << 8) | (auth_buff[3 - idxMSB] & 0xff);
88
89 if ((authProtocolNameLength > 256) || (authProtocolDataLength > 256))
90 throw new IOException("Buggy X11 authorization data");
91
92 int authProtocolNamePadding = ((4 - (authProtocolNameLength % 4)) % 4);
93 int authProtocolDataPadding = ((4 - (authProtocolDataLength % 4)) % 4);
94 byte[] authProtocolName = new byte[authProtocolNameLength];
95 byte[] authProtocolData = new byte[authProtocolDataLength];
96 byte[] paddingBuffer = new byte[4];
97
98 if (remote_is.read(authProtocolName) != authProtocolNameLength)
99 throw new IOException("Unexpected EOF on X11 startup! (authProtocolName)");
100
101 if (remote_is.read(paddingBuffer, 0, authProtocolNamePadding) != authProtocolNamePadding)
102 throw new IOException("Unexpected EOF on X11 startup! (authProtocolNamePadding)");
103
104 if (remote_is.read(authProtocolData) != authProtocolDataLength)
105 throw new IOException("Unexpected EOF on X11 startup! (authProtocolData)");
106
107 if (remote_is.read(paddingBuffer, 0, authProtocolDataPadding) != authProtocolDataPadding)
108 throw new IOException("Unexpected EOF on X11 startup! (authProtocolDataPadding)");
109
110 if ("MIT-MAGIC-COOKIE-1".equals(new String(authProtocolName, "ISO-8859-1")) == false)
111 throw new IOException("Unknown X11 authorization protocol!");
112
113 if (authProtocolDataLength != 16)
114 throw new IOException("Wrong data length for X11 authorization data!");
115
116 StringBuffer tmp = new StringBuffer(32);
117
118 for (int i = 0; i < authProtocolData.length; i++) {
119 String digit2 = Integer.toHexString(authProtocolData[i] & 0xff);
120 tmp.append((digit2.length() == 2) ? digit2 : "0" + digit2);
121 }
122
123 String hexEncodedFakeCookie = tmp.toString();
124
125 /* Order is very important here - it may be that a certain x11 forwarding
126 * gets disabled right in the moment when we check and register our connection
127 * */
128
129 synchronized (c) {
130 /* Please read the comment in Channel.java */
131 c.hexX11FakeCookie = hexEncodedFakeCookie;
132 }
133
134 /* Now check our fake cookie directory to see if we produced this cookie */
135 X11ServerData sd = c.cm.checkX11Cookie(hexEncodedFakeCookie);
136
137 if (sd == null)
138 throw new IOException("Invalid X11 cookie received.");
139
140 /* If the session which corresponds to this cookie is closed then we will
141 * detect this: the session's close code will close all channels
142 * with the session's assigned x11 fake cookie.
143 */
144 s = new Socket(sd.hostname, sd.port);
145 OutputStream x11_os = s.getOutputStream();
146 InputStream x11_is = s.getInputStream();
147 /* Now we are sending the startup packet to the real X11 server */
148 x11_os.write(header);
149
150 if (sd.x11_magic_cookie == null) {
151 byte[] emptyAuthData = new byte[6];
152 /* empty auth data, hopefully you are connecting to localhost =) */
153 x11_os.write(emptyAuthData);
154 }
155 else {
156 if (sd.x11_magic_cookie.length != 16)
157 throw new IOException("The real X11 cookie has an invalid length!");
158
159 /* send X11 cookie specified by client */
160 x11_os.write(auth_buff);
161 x11_os.write(authProtocolName); /* re-use */
162 x11_os.write(paddingBuffer, 0, authProtocolNamePadding);
163 x11_os.write(sd.x11_magic_cookie);
164 x11_os.write(paddingBuffer, 0, authProtocolDataPadding);
165 }
166
167 x11_os.flush();
168 /* Start forwarding traffic */
169 StreamForwarder r2l = new StreamForwarder(c, null, s, remote_is, x11_os, "RemoteToX11");
170 StreamForwarder l2r = new StreamForwarder(c, null, null, x11_is, remote_os, "X11ToRemote");
171 /* No need to start two threads, one can be executed in the current thread */
172 r2l.setDaemon(true);
173 r2l.start();
174 l2r.run();
175
176 while (r2l.isAlive()) {
177 try {
178 r2l.join();
179 }
180 catch (InterruptedException e) {
181 }
182 }
183
184 /* If the channel is already closed, then this is a no-op */
185 c.cm.closeChannel(c, "EOF on both X11 streams reached.", true);
186 s.close();
187 }
188 catch (IOException e) {
189 log.log(50, "IOException in X11 proxy code: " + e.getMessage());
190
191 try {
192 c.cm.closeChannel(c, "IOException in X11 proxy code (" + e.getMessage() + ")", true);
193 }
194 catch (IOException e1) {
195 }
196
197 try {
198 if (s != null)
199 s.close();
200 }
201 catch (IOException e1) {
202 }
203 }
204 }
205 }