summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2018-04-06 13:02:39 +0000
committerDamien Miller <djm@mindrot.org>2018-04-06 23:15:29 +1000
commit555294a7279914ae6795b71bedf4e6011b7636df (patch)
tree468b6798d0aae805b565d5654bad03c6c8386347
parent40f5f03544a07ebd2003b443d42e85cb51d94d59 (diff)
upstream: Allow "SendEnv -PATTERN" to clear environment variables
previously labeled for sendind. bz#1285 ok dtucker@ OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9
-rw-r--r--readconf.c48
-rw-r--r--ssh_config.511
2 files changed, 50 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c
index ae1c31da0..5a1055bcb 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.285 2018/04/06 03:51:27 djm Exp $ */ 1/* $OpenBSD: readconf.c,v 1.286 2018/04/06 13:02:39 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -684,6 +684,35 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
684 return result; 684 return result;
685} 685}
686 686
687/* Remove environment variable by pattern */
688static void
689rm_env(Options *options, const char *arg, const char *filename, int linenum)
690{
691 int i, j;
692 char *cp;
693
694 /* Remove an environment variable */
695 for (i = 0; i < options->num_send_env; ) {
696 cp = xstrdup(options->send_env[i]);
697 if (!match_pattern(cp, arg + 1)) {
698 free(cp);
699 i++;
700 continue;
701 }
702 debug3("%s line %d: removing environment %s",
703 filename, linenum, cp);
704 free(cp);
705 free(options->send_env[i]);
706 options->send_env[i] = NULL;
707 for (j = i; j < options->num_send_env - 1; j++) {
708 options->send_env[j] = options->send_env[j + 1];
709 options->send_env[j + 1] = NULL;
710 }
711 options->num_send_env--;
712 /* NB. don't increment i */
713 }
714}
715
687/* 716/*
688 * Returns the number of the token pointed to by cp or oBadOption. 717 * Returns the number of the token pointed to by cp or oBadOption.
689 */ 718 */
@@ -1359,11 +1388,18 @@ parse_keytypes:
1359 filename, linenum); 1388 filename, linenum);
1360 if (!*activep) 1389 if (!*activep)
1361 continue; 1390 continue;
1362 if (options->num_send_env >= MAX_SEND_ENV) 1391 if (*arg == '-') {
1363 fatal("%s line %d: too many send env.", 1392 /* Removing an env var */
1364 filename, linenum); 1393 rm_env(options, arg, filename, linenum);
1365 options->send_env[options->num_send_env++] = 1394 continue;
1366 xstrdup(arg); 1395 } else {
1396 /* Adding an env var */
1397 if (options->num_send_env >= MAX_SEND_ENV)
1398 fatal("%s line %d: too many send env.",
1399 filename, linenum);
1400 options->send_env[options->num_send_env++] =
1401 xstrdup(arg);
1402 }
1367 } 1403 }
1368 break; 1404 break;
1369 1405
diff --git a/ssh_config.5 b/ssh_config.5
index 75a21b595..0e3c4db2e 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.270 2018/04/05 22:54:28 djm Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.271 2018/04/06 13:02:39 djm Exp $
37.Dd $Mdocdate: April 5 2018 $ 37.Dd $Mdocdate: April 6 2018 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -1394,11 +1394,16 @@ Multiple environment variables may be separated by whitespace or spread
1394across multiple 1394across multiple
1395.Cm SendEnv 1395.Cm SendEnv
1396directives. 1396directives.
1397The default is not to send any environment variables.
1398.Pp 1397.Pp
1399See 1398See
1400.Sx PATTERNS 1399.Sx PATTERNS
1401for more information on patterns. 1400for more information on patterns.
1401.Pp
1402It is possible to clear previously-set
1403.Cm SendEnv
1404variable names by prefixing patterns with
1405.Pa - .
1406The default is not to send any environment variables.
1402.It Cm ServerAliveCountMax 1407.It Cm ServerAliveCountMax
1403Sets the number of server alive messages (see below) which may be 1408Sets the number of server alive messages (see below) which may be
1404sent without 1409sent without