diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2018-10-03 06:38:36 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2018-10-03 06:38:36 +0000 |
commit | f6dc1151e1cabd869fe17bdc43f16f347273f433 (patch) | |
tree | df4d73557578fac7b8d59b72e01fdd9a5a5544af | |
parent | 58db26d75b296c74c3327eae64ca4b6ca703b3d3 (diff) |
Allow ssh_config IdentityAgent directive to accept environment variable
names as well as explicit paths. ok dtucker@
-rw-r--r-- | usr.bin/ssh/auth-options.c | 17 | ||||
-rw-r--r-- | usr.bin/ssh/misc.c | 21 | ||||
-rw-r--r-- | usr.bin/ssh/misc.h | 3 | ||||
-rw-r--r-- | usr.bin/ssh/readconf.c | 15 | ||||
-rw-r--r-- | usr.bin/ssh/ssh.c | 24 | ||||
-rw-r--r-- | usr.bin/ssh/ssh_config.5 | 8 |
6 files changed, 72 insertions, 16 deletions
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c index a13696505c0..597fea99e91 100644 --- a/usr.bin/ssh/auth-options.c +++ b/usr.bin/ssh/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.83 2018/06/19 02:59:41 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.84 2018/10/03 06:38:35 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller <djm@mindrot.org> * @@ -466,13 +466,16 @@ sshauthopt_parse(const char *opts, const char **errstrp) errstr = "invalid environment string"; goto fail; } - for (cp = opt; cp < tmp; cp++) { - if (!isalnum((u_char)*cp) && *cp != '_') { - free(opt); - errstr = "invalid environment string"; - goto fail; - } + if ((cp = strdup(opt)) == NULL) + goto alloc_fail; + cp[tmp - opt] = '\0'; /* truncate at '=' */ + if (!valid_env_name(cp)) { + free(cp); + free(opt); + errstr = "invalid environment string"; + goto fail; } + free(cp); /* Append it. */ oarray = ret->env; if ((ret->env = recallocarray(ret->env, ret->nenv, diff --git a/usr.bin/ssh/misc.c b/usr.bin/ssh/misc.c index 8d8736e32b5..e6051a05bd8 100644 --- a/usr.bin/ssh/misc.c +++ b/usr.bin/ssh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.131 2018/07/27 05:13:02 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.132 2018/10/03 06:38:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -1862,6 +1862,25 @@ bad: return 0; } +/* + * Verify that a environment variable name (not including initial '$') is + * valid; consisting of one or more alphanumeric or underscore characters only. + * Returns 1 on valid, 0 otherwise. + */ +int +valid_env_name(const char *name) +{ + const char *cp; + + if (name[0] == '\0') + return 0; + for (cp = name; *cp != '\0'; cp++) { + if (!isalnum((u_char)*cp) && *cp != '_') + return 0; + } + return 1; +} + const char * atoi_err(const char *nptr, int *val) { diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h index a5dca0c67e3..7da802bca7d 100644 --- a/usr.bin/ssh/misc.h +++ b/usr.bin/ssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.74 2018/07/27 05:13:02 dtucker Exp $ */ +/* $OpenBSD: misc.h,v 1.75 2018/10/03 06:38:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -74,6 +74,7 @@ double monotime_double(void); void lowercase(char *s); int unix_listener(const char *, int, int); int valid_domain(char *, int, const char **); +int valid_env_name(const char *); const char *atoi_err(const char *, int *); int parse_absolute_time(const char *, uint64_t *); void format_absolute_time(uint64_t, char *, size_t); diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index c4f8e19486b..5fe0ccc7d3f 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.298 2018/09/20 03:30:44 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.299 2018/10/03 06:38:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1685,7 +1685,18 @@ parse_keytypes: case oIdentityAgent: charptr = &options->identity_agent; - goto parse_string; + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", + filename, linenum); + /* Extra validation if the string represents an env var. */ + if (arg[0] == '$' && !valid_env_name(arg + 1)) { + fatal("%.200s line %d: Invalid environment name %s.", + filename, linenum, arg); + } + if (*activep && *charptr == NULL) + *charptr = xstrdup(arg); + break; case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index d96fba9b401..3b5ea99148f 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.493 2018/09/21 03:11:36 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.494 2018/10/03 06:38:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1421,9 +1421,27 @@ main(int ac, char **av) "r", options.user, "u", pw->pw_name, (char *)NULL); - setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1); - free(cp); free(p); + /* + * If identity_agent represents an environment variable + * then recheck that it is valid (since processing with + * percent_expand() may have changed it) and substitute + * its value. + */ + if (cp[0] == '$') { + if (!valid_env_name(cp + 1)) { + fatal("Invalid IdentityAgent " + "environment variable name %s", cp); + } + if ((p = getenv(cp + 1)) == NULL) + unsetenv(SSH_AUTHSOCKET_ENV_NAME); + else + setenv(SSH_AUTHSOCKET_ENV_NAME, p, 1); + } else { + /* identity_agent specifies a path directly */ + setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1); + } + free(cp); } } diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index a6b41eb6cb6..c270ed67518 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.285 2018/09/21 12:46:22 djm Exp $ -.Dd $Mdocdate: September 21 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.286 2018/10/03 06:38:35 djm Exp $ +.Dd $Mdocdate: October 3 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -877,6 +877,10 @@ If the string is specified, the location of the socket will be read from the .Ev SSH_AUTH_SOCK environment variable. +Otherwise if the specified value begins with a +.Sq $ +character, then it will be treated as an environment variable containing +the location of the socket. .Pp Arguments to .Cm IdentityAgent |