- (djm) Syn with OpenBSD OpenSSH-3.0.2

   - markus@cvs.openbsd.org
     [session.c sshd.8 version.h]
     Don't allow authorized_keys specified environment variables when
     UseLogin in active

4 files changed, 25 insertions, 19 deletions

diff --git a/ChangeLog b/ChangeLog
index 6a7b4ccb..2f8298d2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,9 @@
-20011126
- - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
-   openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c]
-   Allow SSHD to install as service under WIndows 9x/Me
-   [configure.ac] Fix to allow linking against PCRE on Cygwin
-   Patches by Corinna Vinschen <vinschen@redhat.com>
+20011202
+ - (djm) Syn with OpenBSD OpenSSH-3.0.2
+   - markus@cvs.openbsd.org
+     [session.c sshd.8 version.h]
+     Don't allow authorized_keys specified environment variables when 
+     UseLogin in active
 
 20011115
  - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian 
@@ -6919,4 +6919,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1666 2001/11/27 01:19:43 tim Exp $
+$Id: ChangeLog,v 1.1665.4.1 2001/12/01 23:37:07 djm Exp $
diff --git a/session.c b/session.c
index d0f9072f..02c0c526 100644
--- a/session.c
+++ b/session.c
@@ -1247,18 +1247,21 @@ do_child(Session *s, const char *command)
 		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 
 	/* Set custom environment options from RSA authentication. */
-	while (custom_environment) {
-		struct envstring *ce = custom_environment;
-		char *s = ce->s;
-		int i;
-		for (i = 0; s[i] != '=' && s[i]; i++);
-		if (s[i] == '=') {
-			s[i] = 0;
-			child_set_env(&env, &envsize, s, s + i + 1);
+	if (!options.use_login) {
+		while (custom_environment) {
+			struct envstring *ce = custom_environment;
+			char *s = ce->s;
+			int i;
+			for (i = 0; s[i] != '=' && s[i]; i++)
+				;
+			if (s[i] == '=') {
+				s[i] = 0;
+				child_set_env(&env, &envsize, s, s + i + 1);
+			}
+			custom_environment = ce->next;
+			xfree(ce->s);
+			xfree(ce);
 		}
-		custom_environment = ce->next;
-		xfree(ce->s);
-		xfree(ce);
 	}
 
 	snprintf(buf, sizeof buf, "%.50s %d %d",
diff --git a/sshd.8 b/sshd.8
index d7e5937c..5a6624b7 100644
--- a/sshd.8
+++ b/sshd.8
@@ -1014,6 +1014,9 @@ logging in using this key.
 Environment variables set this way
 override other default environment values.
 Multiple options of this type are permitted.
+This option is automatically disabled if
+.Cm UseLogin
+is enabled.
 .It Cm no-port-forwarding
 Forbids TCP/IP forwarding when this key is used for authentication.
 Any port forward requests by the client will return an error.
diff --git a/version.h b/version.h
index 4455811e..804e560c 100644
--- a/version.h
+++ b/version.h
@@ -1,3 +1,3 @@
 /* $OpenBSD: version.h,v 1.25 2001/10/15 16:10:50 deraadt Exp $ */
 
-#define SSH_VERSION	"OpenSSH_3.0.1p1"
+#define SSH_VERSION	"OpenSSH_3.0.2p1"