diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-03-08 22:59:03 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-03-08 22:59:03 +1100 |
| commit | 86c093d2895989d1258459b797ce3630eaa47d1a (patch) | |
| tree | 1de57c50af2b52f32906f21f91e81ab1f839eb93 | |
| parent | 112aaac0ce350fb3365bfb6e2d69faef81422783 (diff) | |
- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being
inherited by the child. ok djm@
| -rw-r--r-- | configure.ac | 4 | ||||
| -rw-r--r-- | openbsd-compat/bsd-misc.h | 6 | ||||
| -rw-r--r-- | openbsd-compat/setenv.c | 8 | ||||
| -rw-r--r-- | sshd.c | 7 |
4 files changed, 20 insertions, 5 deletions
diff --git a/configure.ac b/configure.ac index fc765b47..8eea7558 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.204 2004/03/03 00:08:59 djm Exp $ +# $Id: configure.ac,v 1.205 2004/03/08 11:59:03 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -802,7 +802,7 @@ AC_CHECK_FUNCS(\ setproctitle setregid setreuid setrlimit \ setsid setvbuf sigaction sigvec snprintf socketpair strerror \ strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \ - truncate updwtmpx utimes vhangup vsnprintf waitpid \ + truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \ ) # IRIX has a const char return value for gai_strerror() diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index c8073942..009739b1 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -1,4 +1,4 @@ -/* $Id: bsd-misc.h,v 1.14 2004/02/17 05:49:55 djm Exp $ */ +/* $Id: bsd-misc.h,v 1.15 2004/03/08 11:59:03 dtucker Exp $ */ /* * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org> @@ -89,6 +89,10 @@ pid_t tcgetpgrp(int); int tcsendbreak(int, int); #endif +#ifndef HAVE_UNSETENV +void unsetenv(const char *); +#endif + /* wrapper for signal interface */ typedef void (*mysig_t)(int); mysig_t mysignal(int sig, mysig_t act); diff --git a/openbsd-compat/setenv.c b/openbsd-compat/setenv.c index b7ba0ce8..c3a86c65 100644 --- a/openbsd-compat/setenv.c +++ b/openbsd-compat/setenv.c @@ -30,7 +30,7 @@ */ #include "includes.h" -#ifndef HAVE_SETENV +#if !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: setenv.c,v 1.6 2003/06/02 20:18:38 millert Exp $"; @@ -77,6 +77,7 @@ __findenv(name, offset) return (NULL); } +#ifndef HAVE_SETENV /* * setenv -- * Set the value of the environmental variable "name" to be @@ -138,7 +139,9 @@ setenv(name, value, rewrite) ; return (0); } +#endif /* HAVE_SETENV */ +#ifndef HAVE_UNSETENV /* * unsetenv(name) -- * Delete environmental variable "name". @@ -157,5 +160,6 @@ unsetenv(name) if (!(*P = *(P + 1))) break; } +#endif /* HAVE_UNSETENV */ -#endif /* HAVE_SETENV */ +#endif /* !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) */ @@ -939,6 +939,13 @@ main(int ac, char **av) SYSLOG_FACILITY_AUTH : options.log_facility, log_stderr || !inetd_flag); +#ifdef _AIX + /* + * Unset KRB5CCNAME, otherwise the user's session may inherit it from + * root's environment + */ + unsetenv("KRB5CCNAME"); +#endif /* _AIX */ #ifdef _UNICOS /* Cray can define user privs drop all prives now! * Not needed on PRIV_SU systems! |