Attachment 1903 Details for Bug 1800 – patch replacement: diff -u

[patch] patch replacement: diff -u

permituserenvironment-allows-pattern-u.diff (text/plain), 6.96 KB, created by Daniel Allen on 2010-07-20 01:03:35 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Daniel Allen

Created: 2010-07-20 01:03:35 AEST

Size: 6.96 KB

patch

obsolete

>diff -u openssh-5.5p1/auth-options.c openssh-5.5p1-patched/auth-options.c
>--- openssh-5.5p1/auth-options.c	Sun Mar 21 14:59:02 2010
>+++ openssh-5.5p1-patched/auth-options.c	Mon Jul 19 10:38:32 2010
>@@ -195,13 +195,21 @@
> 				goto bad_option;
> 			}
> 			s[i] = '\0';
>-			auth_debug_add("Adding to environment: %.900s", s);
>-			debug("Adding to environment: %.900s", s);
>+			
>+			if ( strncasecmp(options.permit_user_env, "yes", strlen(options.permit_user_env)) == 0 || 
>+			     strncasecmp(s, options.permit_user_env, strlen(options.permit_user_env)) == 0)
>+				{
>+			    
>+					auth_debug_add("Adding to environment: %.900s", s);
>+
>+					debug("Adding to environment: %.900s (based on permitUserEnvironment=%.900s)", s, options.permit_user_env);
>+					new_envstring = xmalloc(sizeof(struct envstring));
>+					new_envstring->s = s;
>+					new_envstring->next = custom_environment;
>+					custom_environment = new_envstring;
>+				}
>+			
> 			opts++;
>-			new_envstring = xmalloc(sizeof(struct envstring));
>-			new_envstring->s = s;
>-			new_envstring->next = custom_environment;
>-			custom_environment = new_envstring;
> 			goto next_option;
> 		}
> 		cp = "from=\"";
>diff -u openssh-5.5p1/servconf.c openssh-5.5p1-patched/servconf.c
>--- openssh-5.5p1/servconf.c	Thu Mar 25 19:40:04 2010
>+++ openssh-5.5p1-patched/servconf.c	Mon Jul 19 10:38:32 2010
>@@ -98,7 +98,7 @@
> 	options->kbd_interactive_authentication = -1;
> 	options->challenge_response_authentication = -1;
> 	options->permit_empty_passwd = -1;
>-	options->permit_user_env = -1;
>+	options->permit_user_env = NULL;
> 	options->use_login = -1;
> 	options->compression = -1;
> 	options->allow_tcp_forwarding = -1;
>@@ -224,8 +224,6 @@
> 		options->challenge_response_authentication = 1;
> 	if (options->permit_empty_passwd == -1)
> 		options->permit_empty_passwd = 0;
>-	if (options->permit_user_env == -1)
>-		options->permit_user_env = 0;
> 	if (options->use_login == -1)
> 		options->use_login = 0;
> 	if (options->compression == -1)
>@@ -980,10 +978,18 @@
> 		intptr = &options->permit_empty_passwd;
> 		goto parse_flag;
> 
>-	case sPermitUserEnvironment:
>-		intptr = &options->permit_user_env;
>-		goto parse_flag;
>+        case sPermitUserEnvironment:
>+		arg = strdelim(&cp);
>+		if (!arg || *arg == '\0')
>+			fatal("%s line %d: missing yes/no/value argument.", 
>+			      filename, linenum);
> 
>+		if (strcmp(arg, "no") == 0)
>+			return 0;
>+		else if (*activep && options->permit_user_env == NULL)
>+			options->permit_user_env = xstrdup(arg);
>+		return 0;
>+		
> 	case sUseLogin:
> 		intptr = &options->use_login;
> 		goto parse_flag;
>@@ -1461,6 +1467,7 @@
> 	M_CP_STROPT(chroot_directory);
> 	M_CP_STROPT(trusted_user_ca_keys);
> 	M_CP_STROPT(revoked_keys_file);
>+	M_CP_STROPT(permit_user_env);
> }
> 
> #undef M_CP_INTOPT
>@@ -1662,7 +1669,6 @@
> 	dump_cfg_fmtint(sStrictModes, o->strict_modes);
> 	dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
> 	dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
>-	dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
> 	dump_cfg_fmtint(sUseLogin, o->use_login);
> 	dump_cfg_fmtint(sCompression, o->compression);
> 	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
>@@ -1682,6 +1688,7 @@
> 	dump_cfg_string(sChrootDirectory, o->chroot_directory);
> 	dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
> 	dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
>+	dump_cfg_string(sPermitUserEnvironment, o->permit_user_env);
> 
> 	/* string arguments requiring a lookup */
> 	dump_cfg_string(sLogLevel, log_level_name(o->log_level));
>Only in openssh-5.5p1-patched: servconf.c.orig
>diff -u openssh-5.5p1/servconf.h openssh-5.5p1-patched/servconf.h
>--- openssh-5.5p1/servconf.h	Thu Mar  4 05:53:35 2010
>+++ openssh-5.5p1-patched/servconf.h	Mon Jul 19 10:47:16 2010
>@@ -103,7 +103,7 @@
> 					/* If true, permit jpake auth */
> 	int     permit_empty_passwd;	/* If false, do not permit empty
> 					 * passwords. */
>-	int     permit_user_env;	/* If true, read ~/.ssh/environment */
>+	char   *permit_user_env;	/* If true or string, read ~/.ssh/environment */
> 	int     use_login;	/* If true, login(1) is used */
> 	int     compression;	/* If true, compression is allowed */
> 	int	allow_tcp_forwarding;
>diff -u openssh-5.5p1/session.c openssh-5.5p1-patched/session.c
>--- openssh-5.5p1/session.c	Thu Mar 25 20:04:09 2010
>+++ openssh-5.5p1-patched/session.c	Mon Jul 19 10:38:32 2010
>@@ -992,10 +992,12 @@
>  * into the environment.  If the file does not exist, this does nothing.
>  * Otherwise, it must consist of empty lines, comments (line starts with '#')
>  * and assignments of the form name=value.  No other forms are allowed.
>+ * If prefix is present, only adds/overrides the subset of variables whose
>+ * names start with prefix (case-insensitive).
>  */
> static void
> read_environment_file(char ***env, u_int *envsize,
>-	const char *filename)
>+	const char *filename, char *prefix)
> {
> 	FILE *f;
> 	char buf[4096];
>@@ -1028,11 +1030,13 @@
> 		 */
> 		*value = '\0';
> 		value++;
>-		child_set_env(env, envsize, cp, value);
>+		if (prefix == NULL || strncasecmp(cp, prefix, strlen(prefix)) == 0)
>+			child_set_env(env, envsize, cp, value);
> 	}
> 	fclose(f);
> }
> 
>+
> #ifdef HAVE_ETC_DEFAULT_LOGIN
> /*
>  * Return named variable from specified environment, or NULL if not present.
>@@ -1066,7 +1070,7 @@
> 	 * so we use a temporary environment and copy the variables we're
> 	 * interested in.
> 	 */
>-	read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login");
>+	read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login", NULL);
> 
> 	if (tmpenv == NULL)
> 		return;
>@@ -1258,7 +1262,7 @@
> 
> 		if ((cp = getenv("AUTHSTATE")) != NULL)
> 			child_set_env(&env, &envsize, "AUTHSTATE", cp);
>-		read_environment_file(&env, &envsize, "/etc/environment");
>+		read_environment_file(&env, &envsize, "/etc/environment", NULL);
> 	}
> #endif
> #ifdef KRB5
>@@ -1289,10 +1293,15 @@
> 		    auth_sock_name);
> 
> 	/* read $HOME/.ssh/environment. */
>-	if (options.permit_user_env && !options.use_login) {
>+
>+	if (options.permit_user_env && !options.use_login) { 
>+		
> 		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
> 		    strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
>-		read_environment_file(&env, &envsize, buf);
>+		if (strncasecmp(options.permit_user_env, "yes", strlen(options.permit_user_env)) == 0)
>+			read_environment_file(&env, &envsize, buf, NULL);
>+		else
>+			read_environment_file(&env, &envsize, buf, options.permit_user_env);
> 	}
> 	if (debug_flag) {
> 		/* dump the environment */
>diff -u openssh-5.5p1/sshd_config.5 openssh-5.5p1-patched/sshd_config.5
>--- openssh-5.5p1/sshd_config.5	Thu Mar  4 18:41:45 2010
>+++ openssh-5.5p1-patched/sshd_config.5	Mon Jul 19 10:38:32 2010
>@@ -755,9 +755,15 @@
> .Pa ~/.ssh/authorized_keys
> are processed by
> .Xr sshd 8 .
>+Arguments may be 
>+.Dq yes ,
>+.Dq no ,
>+or a single-word prefix for permitted user environment variables.
> The default is
> .Dq no .
>-Enabling environment processing may enable users to bypass access
>+Enabling environment processing with 
>+.Dq yes
>+is not recommended because it may enable users to bypass access
> restrictions in some configurations using mechanisms such as
> .Ev LD_PRELOAD .
> .It Cm PidFile

Actions: View | Diff

Attachments on bug 1800: 1901 | 1903 | 2017 | 2098 | 2113 | 3012 | 3013