From 94334a6841f1f87d7fc9f50bc56ba7fffb8d47b7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 20 Jun 2004 17:37:00 +0000 Subject: filter passed env vars at slave in connection sharing case; ok markus@ --- usr.bin/ssh/ssh.c | 44 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 36 insertions(+), 8 deletions(-) (limited to 'usr.bin/ssh/ssh.c') diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index f5c3cb7bd6d..c49650e8ca0 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.219 2004/06/18 10:55:43 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.220 2004/06/20 17:36:59 djm Exp $"); #include #include @@ -1211,11 +1211,30 @@ control_client_sigrelay(int signo) kill(control_server_pid, signo); } +static int +env_permitted(char *env) +{ + int i; + char name[1024], *cp; + + strlcpy(name, env, sizeof(name)); + if ((cp = strchr(name, '=')) == NULL) + return (0); + + *cp = '\0'; + + for (i = 0; i < options.num_send_env; i++) + if (match_pattern(name, options.send_env[i])) + return (1); + + return (0); +} + static void control_client(const char *path) { struct sockaddr_un addr; - int i, r, sock, exitval; + int i, r, sock, exitval, num_env; Buffer m; char *cp; extern char **environ; @@ -1258,12 +1277,21 @@ control_client(const char *path) buffer_append(&command, "\0", 1); buffer_put_cstring(&m, buffer_ptr(&command)); - /* Pass environment */ - for (i = 0; environ != NULL && environ[i] != NULL; i++) - ; - buffer_put_int(&m, i); - for (i = 0; environ != NULL && environ[i] != NULL; i++) - buffer_put_cstring(&m, environ[i]); + if (options.num_send_env == 0 || environ == NULL) { + buffer_put_int(&m, 0); + } else { + /* Pass environment */ + num_env = 0; + for (i = 0; environ[i] != NULL; i++) + if (env_permitted(environ[i])) + num_env++; /* Count */ + + buffer_put_int(&m, num_env); + + for (i = 0; environ[i] != NULL && num_env >= 0; i++, num_env--) + if (env_permitted(environ[i])) + buffer_put_cstring(&m, environ[i]); + } if (ssh_msg_send(sock, /* version */0, &m) == -1) fatal("%s: msg_send", __func__); -- cgit v1.2.3