[openssh-commits] [openssh] 01/11: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Sun May 10 11:59:09 AEST 2015


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit a42d67be65b719a430b7fcaba2a4e4118382723a
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri May 1 03:20:54 2015 +0000

    upstream commit
    
    Don't make parsing of authorized_keys' environment=
     option conditional on PermitUserEnv - always parse it, but only use the
     result if the option is enabled. This prevents the syntax of authorized_keys
     changing depending on which sshd_config options were enabled.
    
    bz#2329; based on patch from coladict AT gmail.com, ok dtucker@
---
 auth-options.c | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/auth-options.c b/auth-options.c
index 0595537..facfc02 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.66 2015/04/22 01:24:01 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.67 2015/05/01 03:20:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -209,8 +209,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 			goto next_option;
 		}
 		cp = "environment=\"";
-		if (options.permit_user_env &&
-		    strncasecmp(opts, cp, strlen(cp)) == 0) {
+		if (strncasecmp(opts, cp, strlen(cp)) == 0) {
 			char *s;
 			struct envstring *new_envstring;
 
@@ -236,13 +235,19 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 				goto bad_option;
 			}
 			s[i] = '\0';
-			auth_debug_add("Adding to environment: %.900s", s);
-			debug("Adding to environment: %.900s", s);
 			opts++;
-			new_envstring = xcalloc(1, sizeof(struct envstring));
-			new_envstring->s = s;
-			new_envstring->next = custom_environment;
-			custom_environment = new_envstring;
+			if (options.permit_user_env) {
+				auth_debug_add("Adding to environment: "
+				    "%.900s", s);
+				debug("Adding to environment: %.900s", s);
+				new_envstring = xcalloc(1,
+				    sizeof(*new_envstring));
+				new_envstring->s = s;
+				new_envstring->next = custom_environment;
+				custom_environment = new_envstring;
+				s = NULL;
+			}
+			free(s);
 			goto next_option;
 		}
 		cp = "from=\"";

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list