diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-03-08 22:21:58 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-03-08 22:21:58 +1100 |
commit | 2d4d0f62a6fd72088295cf9c1ce859fd130c49aa (patch) | |
tree | 84c5e1884e6787a9fdfaaefe36ebf8d38165b4ce | |
parent | ebe1cb87c4654145f21a260d0b0a3aef53fffa35 (diff) |
- (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being
inherited by the child. ok djm@
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | configure.ac | 4 | ||||
-rw-r--r-- | openbsd-compat/bsd-misc.h | 6 | ||||
-rw-r--r-- | openbsd-compat/setenv.c | 8 | ||||
-rw-r--r-- | sshd.c | 7 |
5 files changed, 25 insertions, 7 deletions
@@ -1,6 +1,9 @@ 20040308 - (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some - platforms (eg SCO, HP-UX) with logging in the wrong TZ. + platforms (eg SCO, HP-UX) with logging in the wrong TZ. ok djm@ + - (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h + openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being + inherited by the child. ok djm@ 20040304 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled with @@ -1945,4 +1948,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.3257.2.5 2004/03/08 11:20:16 dtucker Exp $ +$Id: ChangeLog,v 1.3257.2.6 2004/03/08 11:21:58 dtucker Exp $ diff --git a/configure.ac b/configure.ac index 6aa78795..22329388 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.202.2.1 2004/02/29 23:54:28 tim Exp $ +# $Id: configure.ac,v 1.202.2.2 2004/03/08 11:21:59 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -802,7 +802,7 @@ AC_CHECK_FUNCS(\ setproctitle setregid setreuid setrlimit \ setsid setvbuf sigaction sigvec snprintf socketpair strerror \ strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \ - truncate updwtmpx utimes vhangup vsnprintf waitpid \ + truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \ ) # IRIX has a const char return value for gai_strerror() diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index c8073942..f68d2b41 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -1,4 +1,4 @@ -/* $Id: bsd-misc.h,v 1.14 2004/02/17 05:49:55 djm Exp $ */ +/* $Id: bsd-misc.h,v 1.14.2.1 2004/03/08 11:21:59 dtucker Exp $ */ /* * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org> @@ -89,6 +89,10 @@ pid_t tcgetpgrp(int); int tcsendbreak(int, int); #endif +#ifndef HAVE_UNSETENV +void unsetenv(const char *); +#endif + /* wrapper for signal interface */ typedef void (*mysig_t)(int); mysig_t mysignal(int sig, mysig_t act); diff --git a/openbsd-compat/setenv.c b/openbsd-compat/setenv.c index b7ba0ce8..c3a86c65 100644 --- a/openbsd-compat/setenv.c +++ b/openbsd-compat/setenv.c @@ -30,7 +30,7 @@ */ #include "includes.h" -#ifndef HAVE_SETENV +#if !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: setenv.c,v 1.6 2003/06/02 20:18:38 millert Exp $"; @@ -77,6 +77,7 @@ __findenv(name, offset) return (NULL); } +#ifndef HAVE_SETENV /* * setenv -- * Set the value of the environmental variable "name" to be @@ -138,7 +139,9 @@ setenv(name, value, rewrite) ; return (0); } +#endif /* HAVE_SETENV */ +#ifndef HAVE_UNSETENV /* * unsetenv(name) -- * Delete environmental variable "name". @@ -157,5 +160,6 @@ unsetenv(name) if (!(*P = *(P + 1))) break; } +#endif /* HAVE_UNSETENV */ -#endif /* HAVE_SETENV */ +#endif /* !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) */ @@ -939,6 +939,13 @@ main(int ac, char **av) SYSLOG_FACILITY_AUTH : options.log_facility, log_stderr || !inetd_flag); +#ifdef _AIX + /* + * Unset KRB5CCNAME, otherwise the user's session may inherit it from + * root's environment + */ + unsetenv("KRB5CCNAME"); +#endif /* _AIX */ #ifdef _UNICOS /* Cray can define user privs drop all prives now! * Not needed on PRIV_SU systems! |