From 70244c229b3d253b97bfc2183d7cc768e38f9e67 Mon Sep 17 00:00:00 2001
From: dtucker <dtucker@openbsd.org>
Date: Sat, 4 Mar 2023 03:22:59 +0000
Subject: [PATCH] Use time_t instead of u_int for remaining x11 timeout checks
 for 64bit time_t safety.  From Coverity CIDs 405197 and 405028, ok djm@

---
 usr.bin/ssh/channels.c | 8 ++++----
 usr.bin/ssh/channels.h | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 3153dab8527..0f4eb53cc49 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.427 2023/01/18 02:00:10 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.428 2023/03/04 03:22:59 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -190,7 +190,7 @@ struct ssh_channels {
 	u_int x11_saved_data_len;
 
 	/* Deadline after which all X11 connections are refused */
-	u_int x11_refuse_time;
+	time_t x11_refuse_time;
 
 	/*
 	 * Fake X11 authentication data.  This is what the server will be
@@ -1246,7 +1246,7 @@ x11_open_helper(struct ssh *ssh, struct sshbuf *b)
 
 	/* Is this being called after the refusal deadline? */
 	if (sc->x11_refuse_time != 0 &&
-	    (u_int)monotime() >= sc->x11_refuse_time) {
+	    monotime() >= sc->x11_refuse_time) {
 		verbose("Rejected X11 connection after ForwardX11Timeout "
 		    "expired");
 		return -1;
@@ -1867,7 +1867,7 @@ port_open_helper(struct ssh *ssh, Channel *c, char *rtype)
 }
 
 void
-channel_set_x11_refuse_time(struct ssh *ssh, u_int refuse_time)
+channel_set_x11_refuse_time(struct ssh *ssh, time_t refuse_time)
 {
 	ssh->chanctxt->x11_refuse_time = refuse_time;
 }
diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h
index 853ac98b857..0dceef0cf34 100644
--- a/usr.bin/ssh/channels.h
+++ b/usr.bin/ssh/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.148 2023/01/18 02:00:10 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.149 2023/03/04 03:22:59 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -372,7 +372,7 @@ int	 permitopen_port(const char *);
 
 /* x11 forwarding */
 
-void	 channel_set_x11_refuse_time(struct ssh *, u_int);
+void	 channel_set_x11_refuse_time(struct ssh *, time_t);
 int	 x11_connect_display(struct ssh *);
 int	 x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **);
 void	 x11_request_forwarding_with_spoofing(struct ssh *, int,
-- 
2.20.1