Mailing List Archive

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 3b9798bda15bd3f598f5ef07595d64e23504da91
Author: djm@openbsd.org <djm@openbsd.org>
Date: Sat Jun 9 02:58:02 2018 +0000

upstream: reorder child environment preparation so that variables

read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
by the server.

OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
---
session.c | 128 +++++++++++++++++++++++++++++++-------------------------------
1 file changed, 65 insertions(+), 63 deletions(-)

diff --git a/session.c b/session.c
index 511fc4e8..7b15e32c 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.298 2018/06/06 18:29:18 markus Exp $ */
+/* $OpenBSD: session.c,v 1.299 2018/06/09 02:58:02 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1078,6 +1078,41 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)

if (getenv("TZ"))
child_set_env(&env, &envsize, "TZ", getenv("TZ"));
+ if (s->term)
+ child_set_env(&env, &envsize, "TERM", s->term);
+ if (s->display)
+ child_set_env(&env, &envsize, "DISPLAY", s->display);
+
+ /*
+ * Since we clear KRB5CCNAME at startup, if it's set now then it
+ * must have been set by a native authentication method (eg AIX or
+ * SIA), so copy it to the child.
+ */
+ {
+ char *cp;
+
+ if ((cp = getenv("KRB5CCNAME")) != NULL)
+ child_set_env(&env, &envsize, "KRB5CCNAME", cp);
+ }
+
+#ifdef _AIX
+ {
+ char *cp;
+
+ if ((cp = getenv("AUTHSTATE")) != NULL)
+ child_set_env(&env, &envsize, "AUTHSTATE", cp);
+ read_environment_file(&env, &envsize, "/etc/environment");
+ }
+#endif
+#ifdef KRB5
+ if (s->authctxt->krb5_ccname)
+ child_set_env(&env, &envsize, "KRB5CCNAME",
+ s->authctxt->krb5_ccname);
+#endif
+ if (auth_sock_name != NULL)
+ child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
+ auth_sock_name);
+

/* Set custom environment options from pubkey authentication. */
if (options.permit_user_env) {
@@ -1092,6 +1127,35 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
}
}

+ /* read $HOME/.ssh/environment. */
+ if (options.permit_user_env) {
+ snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
+ pw->pw_dir);
+ read_environment_file(&env, &envsize, buf);
+ }
+
+#ifdef USE_PAM
+ /*
+ * Pull in any environment variables that may have
+ * been set by PAM.
+ */
+ if (options.use_pam) {
+ char **p;
+
+ /*
+ * Don't allow SSH_AUTH_INFO variables posted to PAM to leak
+ * back into the environment.
+ */
+ p = fetch_pam_child_environment();
+ copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+ free_pam_environment(p);
+
+ p = fetch_pam_environment();
+ copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+ free_pam_environment(p);
+ }
+#endif /* USE_PAM */
+
/* SSH_CLIENT deprecated */
snprintf(buf, sizeof buf, "%.50s %d %d",
ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
@@ -1111,72 +1175,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
if (s->ttyfd != -1)
child_set_env(&env, &envsize, "SSH_TTY", s->tty);
- if (s->term)
- child_set_env(&env, &envsize, "TERM", s->term);
- if (s->display)
- child_set_env(&env, &envsize, "DISPLAY", s->display);
if (original_command)
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);

- /*
- * Since we clear KRB5CCNAME at startup, if it's set now then it
- * must have been set by a native authentication method (eg AIX or
- * SIA), so copy it to the child.
- */
- {
- char *cp;
-
- if ((cp = getenv("KRB5CCNAME")) != NULL)
- child_set_env(&env, &envsize, "KRB5CCNAME", cp);
- }
-
-#ifdef _AIX
- {
- char *cp;
-
- if ((cp = getenv("AUTHSTATE")) != NULL)
- child_set_env(&env, &envsize, "AUTHSTATE", cp);
- read_environment_file(&env, &envsize, "/etc/environment");
- }
-#endif
-#ifdef KRB5
- if (s->authctxt->krb5_ccname)
- child_set_env(&env, &envsize, "KRB5CCNAME",
- s->authctxt->krb5_ccname);
-#endif
-#ifdef USE_PAM
- /*
- * Pull in any environment variables that may have
- * been set by PAM.
- */
- if (options.use_pam) {
- char **p;
-
- /*
- * Don't allow SSH_AUTH_INFO variables posted to PAM to leak
- * back into the environment.
- */
- p = fetch_pam_child_environment();
- copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
- free_pam_environment(p);
-
- p = fetch_pam_environment();
- copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
- free_pam_environment(p);
- }
-#endif /* USE_PAM */
-
- if (auth_sock_name != NULL)
- child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
- auth_sock_name);
-
- /* read $HOME/.ssh/environment. */
- if (options.permit_user_env) {
- snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
- strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
- read_environment_file(&env, &envsize, buf);
- }
if (debug_flag) {
/* dump the environment */
fprintf(stderr, "Environment:\n");

--
To stop receiving notification emails like this one, please contact
djm@mindrot.org.
_______________________________________________
openssh-commits mailing list
openssh-commits@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-commits