- markus@cvs.openbsd.org 2001/12/01 21:41:48

     [session.c sshd.8]
     don't pass user defined variables to /usr/bin/login

3 files changed, 23 insertions, 14 deletions

diff --git a/ChangeLog b/ChangeLog
index 7cfa6f8e7..d9bb0eb9d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -44,6 +44,9 @@
      [ssh.c]
      sscanf() length dependencies are clearer now; can also shrink proto
      and data if desired, but i have not done that.  ok markus@
+   - markus@cvs.openbsd.org 2001/12/01 21:41:48
+     [session.c sshd.8]
+     don't pass user defined variables to /usr/bin/login
 
 20011126
  - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
@@ -6966,4 +6969,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1679 2001/12/06 17:45:19 mouring Exp $
+$Id: ChangeLog,v 1.1680 2001/12/06 17:47:47 mouring Exp $
diff --git a/session.c b/session.c
index d0f9072f3..551eb37e6 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.108 2001/10/11 13:45:21 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.110 2001/12/01 21:41:48 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1247,18 +1247,21 @@ do_child(Session *s, const char *command)
                 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 
         /* Set custom environment options from RSA authentication. */
-        while (custom_environment) {
-                struct envstring *ce = custom_environment;
-                char *s = ce->s;
-                int i;
-                for (i = 0; s[i] != '=' && s[i]; i++);
-                if (s[i] == '=') {
-                        s[i] = 0;
-                        child_set_env(&env, &envsize, s, s + i + 1);
+        if (!options.use_login) {
+                while (custom_environment) {
+                        struct envstring *ce = custom_environment;
+                        char *s = ce->s;
+                        int i;
+                        for (i = 0; s[i] != '=' && s[i]; i++)
+                                ;
+                        if (s[i] == '=') {
+                                s[i] = 0;
+                                child_set_env(&env, &envsize, s, s + i + 1);
+                        }
+                        custom_environment = ce->next;
+                        xfree(ce->s);
+                        xfree(ce);
                 }
-                custom_environment = ce->next;
-                xfree(ce->s);
-                xfree(ce);
         }
 
         snprintf(buf, sizeof buf, "%.50s %d %d",
diff --git a/sshd.8 b/sshd.8
index d7e5937cf..a3826fa80 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.154 2001/11/07 22:12:01 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.155 2001/12/01 21:41:48 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -1014,6 +1014,9 @@ logging in using this key.
 Environment variables set this way
 override other default environment values.
 Multiple options of this type are permitted.
+This option is automatically disabled if
+.Cm UseLogin
+is enabled.
 .It Cm no-port-forwarding
 Forbids TCP/IP forwarding when this key is used for authentication.
 Any port forward requests by the client will return an error.