Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 95344c257412b51199ead18d54eaed5bafb75617^! / . / servconf.c
commit95344c257412b51199ead18d54eaed5bafb75617[log] [tgz]
authordjm@openbsd.org <djm@openbsd.org>Tue Jul 03 10:59:35 2018 +0000
committerDamien Miller <djm@mindrot.org>Tue Jul 03 21:01:30 2018 +1000
tree320a21db8781ca4f6a363db928ca04b3b0d1dd70
parent6f56fe4b9578b0627667f8bce69d4d938a88324c [diff] [blame]
upstream: allow sshd_config PermitUserEnvironment to accept a

pattern-list of whitelisted environment variable names in addition to yes|no.

bz#1800, feedback and ok markus@

OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24

diff --git a/servconf.c b/servconf.c
index cb57865..a41fdc2 100644
--- a/servconf.c
+++ b/servconf.c

@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.333 2018/06/19 02:59:41 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.334 2018/07/03 10:59:35 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -130,6 +130,7 @@
 	options->challenge_response_authentication = -1;
 	options->permit_empty_passwd = -1;
 	options->permit_user_env = -1;
+	options->permit_user_env_whitelist = NULL;
 	options->compression = -1;
 	options->rekey_limit = -1;
 	options->rekey_interval = -1;
@@ -329,8 +330,10 @@
 		options->challenge_response_authentication = 1;
 	if (options->permit_empty_passwd == -1)
 		options->permit_empty_passwd = 0;
-	if (options->permit_user_env == -1)
+	if (options->permit_user_env == -1) {
 		options->permit_user_env = 0;
+		options->permit_user_env_whitelist = NULL;
+	}
 	if (options->compression == -1)
 		options->compression = COMP_DELAYED;
 	if (options->rekey_limit == -1)
@@ -1514,7 +1517,29 @@
 
 	case sPermitUserEnvironment:
 		intptr = &options->permit_user_env;
-		goto parse_flag;
+		charptr = &options->permit_user_env_whitelist;
+		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing argument.",
+			    filename, linenum);
+		value = 0;
+		p = NULL;
+		if (strcmp(arg, "yes") == 0)
+			value = 1;
+		else if (strcmp(arg, "no") == 0)
+			value = 0;
+		else {
+			/* Pattern-list specified */
+			value = 1;
+			p = xstrdup(arg);
+		}
+		if (*activep && *intptr == -1) {
+			*intptr = value;
+			*charptr = p;
+			p = NULL;
+		}
+		free(p);
+		break;
 
 	case sCompression:
 		intptr = &options->compression;
@@ -2528,7 +2553,6 @@
 	dump_cfg_fmtint(sStrictModes, o->strict_modes);
 	dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
 	dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
-	dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
 	dump_cfg_fmtint(sCompression, o->compression);
 	dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);
 	dump_cfg_fmtint(sUseDNS, o->use_dns);
@@ -2628,4 +2652,12 @@
 			printf(" %s", o->permitted_listens[i]);
 	}
 	printf("\n");
+
+	if (o->permit_user_env_whitelist == NULL) {
+		dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
+	} else {
+		printf("permituserenvironment %s\n",
+		    o->permit_user_env_whitelist);
+	}
+
 }