[openssh-commits] [openssh] 04/06: upstream: reorder child environment preparation so that variables

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Jun 9 13:11:16 AEST 2018 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 3b9798bda15bd3f598f5ef07595d64e23504da91
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Jun 9 02:58:02 2018 +0000

    upstream: reorder child environment preparation so that variables
    
    read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
    by the server.
    
    OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
---
 session.c | 128 +++++++++++++++++++++++++++++++-------------------------------
 1 file changed, 65 insertions(+), 63 deletions(-)

diff --git a/session.c b/session.c
index 511fc4e8..7b15e32c 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.298 2018/06/06 18:29:18 markus Exp $ */
+/* $OpenBSD: session.c,v 1.299 2018/06/09 02:58:02 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1078,6 +1078,41 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 
 	if (getenv("TZ"))
 		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
+	if (s->term)
+		child_set_env(&env, &envsize, "TERM", s->term);
+	if (s->display)
+		child_set_env(&env, &envsize, "DISPLAY", s->display);
+
+	/*
+	 * Since we clear KRB5CCNAME at startup, if it's set now then it
+	 * must have been set by a native authentication method (eg AIX or
+	 * SIA), so copy it to the child.
+	 */
+	{
+		char *cp;
+
+		if ((cp = getenv("KRB5CCNAME")) != NULL)
+			child_set_env(&env, &envsize, "KRB5CCNAME", cp);
+	}
+
+#ifdef _AIX
+	{
+		char *cp;
+
+		if ((cp = getenv("AUTHSTATE")) != NULL)
+			child_set_env(&env, &envsize, "AUTHSTATE", cp);
+		read_environment_file(&env, &envsize, "/etc/environment");
+	}
+#endif
+#ifdef KRB5
+	if (s->authctxt->krb5_ccname)
+		child_set_env(&env, &envsize, "KRB5CCNAME",
+		    s->authctxt->krb5_ccname);
+#endif
+	if (auth_sock_name != NULL)
+		child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
+		    auth_sock_name);
+
 
 	/* Set custom environment options from pubkey authentication. */
 	if (options.permit_user_env) {
@@ -1092,6 +1127,35 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 		}
 	}
 
+	/* read $HOME/.ssh/environment. */
+	if (options.permit_user_env) {
+		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
+		    pw->pw_dir);
+		read_environment_file(&env, &envsize, buf);
+	}
+
+#ifdef USE_PAM
+	/*
+	 * Pull in any environment variables that may have
+	 * been set by PAM.
+	 */
+	if (options.use_pam) {
+		char **p;
+
+		/*
+		 * Don't allow SSH_AUTH_INFO variables posted to PAM to leak
+		 * back into the environment.
+		 */
+		p = fetch_pam_child_environment();
+		copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+		free_pam_environment(p);
+
+		p = fetch_pam_environment();
+		copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+		free_pam_environment(p);
+	}
+#endif /* USE_PAM */
+
 	/* SSH_CLIENT deprecated */
 	snprintf(buf, sizeof buf, "%.50s %d %d",
 	    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
@@ -1111,72 +1175,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 		child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
 	if (s->ttyfd != -1)
 		child_set_env(&env, &envsize, "SSH_TTY", s->tty);
-	if (s->term)
-		child_set_env(&env, &envsize, "TERM", s->term);
-	if (s->display)
-		child_set_env(&env, &envsize, "DISPLAY", s->display);
 	if (original_command)
 		child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
 		    original_command);
 
-	/*
-	 * Since we clear KRB5CCNAME at startup, if it's set now then it
-	 * must have been set by a native authentication method (eg AIX or
-	 * SIA), so copy it to the child.
-	 */
-	{
-		char *cp;
-
-		if ((cp = getenv("KRB5CCNAME")) != NULL)
-			child_set_env(&env, &envsize, "KRB5CCNAME", cp);
-	}
-
-#ifdef _AIX
-	{
-		char *cp;
-
-		if ((cp = getenv("AUTHSTATE")) != NULL)
-			child_set_env(&env, &envsize, "AUTHSTATE", cp);
-		read_environment_file(&env, &envsize, "/etc/environment");
-	}
-#endif
-#ifdef KRB5
-	if (s->authctxt->krb5_ccname)
-		child_set_env(&env, &envsize, "KRB5CCNAME",
-		    s->authctxt->krb5_ccname);
-#endif
-#ifdef USE_PAM
-	/*
-	 * Pull in any environment variables that may have
-	 * been set by PAM.
-	 */
-	if (options.use_pam) {
-		char **p;
-
-		/*
-		 * Don't allow SSH_AUTH_INFO variables posted to PAM to leak
-		 * back into the environment.
-		 */
-		p = fetch_pam_child_environment();
-		copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
-		free_pam_environment(p);
-
-		p = fetch_pam_environment();
-		copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
-		free_pam_environment(p);
-	}
-#endif /* USE_PAM */
-
-	if (auth_sock_name != NULL)
-		child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
-		    auth_sock_name);
-
-	/* read $HOME/.ssh/environment. */
-	if (options.permit_user_env) {
-		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
-		    strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
-		read_environment_file(&env, &envsize, buf);
-	}
 	if (debug_flag) {
 		/* dump the environment */
 		fprintf(stderr, "Environment:\n");

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list