diff options
author | Damien Miller <djm@mindrot.org> | 2001-12-02 10:37:07 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-12-02 10:37:07 +1100 |
commit | 4499f143211a850346e4b66be7a31c87dfeeb825 (patch) | |
tree | e86c40c94841d446de14129842aedf28410e5cc9 | |
parent | fe1d100ffdf3595f3aaddc02efbf0b49a265d90c (diff) |
- (djm) Syn with OpenBSD OpenSSH-3.0.2
- markus@cvs.openbsd.org
[session.c sshd.8 version.h]
Don't allow authorized_keys specified environment variables when
UseLogin in active
-rw-r--r-- | ChangeLog | 14 | ||||
-rw-r--r-- | session.c | 25 | ||||
-rw-r--r-- | sshd.8 | 3 | ||||
-rw-r--r-- | version.h | 2 |
4 files changed, 25 insertions, 19 deletions
@@ -1,9 +1,9 @@ -20011126 - - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, - openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c] - Allow SSHD to install as service under WIndows 9x/Me - [configure.ac] Fix to allow linking against PCRE on Cygwin - Patches by Corinna Vinschen <vinschen@redhat.com> +20011202 + - (djm) Syn with OpenBSD OpenSSH-3.0.2 + - markus@cvs.openbsd.org + [session.c sshd.8 version.h] + Don't allow authorized_keys specified environment variables when + UseLogin in active 20011115 - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian @@ -6919,4 +6919,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1666 2001/11/27 01:19:43 tim Exp $ +$Id: ChangeLog,v 1.1665.4.1 2001/12/01 23:37:07 djm Exp $ @@ -1247,18 +1247,21 @@ do_child(Session *s, const char *command) child_set_env(&env, &envsize, "TZ", getenv("TZ")); /* Set custom environment options from RSA authentication. */ - while (custom_environment) { - struct envstring *ce = custom_environment; - char *s = ce->s; - int i; - for (i = 0; s[i] != '=' && s[i]; i++); - if (s[i] == '=') { - s[i] = 0; - child_set_env(&env, &envsize, s, s + i + 1); + if (!options.use_login) { + while (custom_environment) { + struct envstring *ce = custom_environment; + char *s = ce->s; + int i; + for (i = 0; s[i] != '=' && s[i]; i++) + ; + if (s[i] == '=') { + s[i] = 0; + child_set_env(&env, &envsize, s, s + i + 1); + } + custom_environment = ce->next; + xfree(ce->s); + xfree(ce); } - custom_environment = ce->next; - xfree(ce->s); - xfree(ce); } snprintf(buf, sizeof buf, "%.50s %d %d", @@ -1014,6 +1014,9 @@ logging in using this key. Environment variables set this way override other default environment values. Multiple options of this type are permitted. +This option is automatically disabled if +.Cm UseLogin +is enabled. .It Cm no-port-forwarding Forbids TCP/IP forwarding when this key is used for authentication. Any port forward requests by the client will return an error. @@ -1,3 +1,3 @@ /* $OpenBSD: version.h,v 1.25 2001/10/15 16:10:50 deraadt Exp $ */ -#define SSH_VERSION "OpenSSH_3.0.1p1" +#define SSH_VERSION "OpenSSH_3.0.2p1" |