summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'session.c')
-rw-r--r--session.c43
1 files changed, 25 insertions, 18 deletions
diff --git a/session.c b/session.c
index 837a8bacf..b1796a803 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.319 2020/03/13 03:17:07 djm Exp $ */ 1/* $OpenBSD: session.c,v 1.324 2020/07/07 02:47:21 deraadt Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -843,12 +843,12 @@ check_quietlogin(Session *s, const char *command)
843 * into the environment. If the file does not exist, this does nothing. 843 * into the environment. If the file does not exist, this does nothing.
844 * Otherwise, it must consist of empty lines, comments (line starts with '#') 844 * Otherwise, it must consist of empty lines, comments (line starts with '#')
845 * and assignments of the form name=value. No other forms are allowed. 845 * and assignments of the form name=value. No other forms are allowed.
846 * If whitelist is not NULL, then it is interpreted as a pattern list and 846 * If allowlist is not NULL, then it is interpreted as a pattern list and
847 * only variable names that match it will be accepted. 847 * only variable names that match it will be accepted.
848 */ 848 */
849static void 849static void
850read_environment_file(char ***env, u_int *envsize, 850read_environment_file(char ***env, u_int *envsize,
851 const char *filename, const char *whitelist) 851 const char *filename, const char *allowlist)
852{ 852{
853 FILE *f; 853 FILE *f;
854 char *line = NULL, *cp, *value; 854 char *line = NULL, *cp, *value;
@@ -881,8 +881,8 @@ read_environment_file(char ***env, u_int *envsize,
881 */ 881 */
882 *value = '\0'; 882 *value = '\0';
883 value++; 883 value++;
884 if (whitelist != NULL && 884 if (allowlist != NULL &&
885 match_pattern_list(cp, whitelist, 0) != 1) 885 match_pattern_list(cp, allowlist, 0) != 1)
886 continue; 886 continue;
887 child_set_env(env, envsize, cp, value); 887 child_set_env(env, envsize, cp, value);
888 } 888 }
@@ -924,7 +924,7 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
924 * interested in. 924 * interested in.
925 */ 925 */
926 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login", 926 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login",
927 options.permit_user_env_whitelist); 927 options.permit_user_env_allowlist);
928 928
929 if (tmpenv == NULL) 929 if (tmpenv == NULL)
930 return; 930 return;
@@ -1091,7 +1091,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1091 if ((cp = getenv("AUTHSTATE")) != NULL) 1091 if ((cp = getenv("AUTHSTATE")) != NULL)
1092 child_set_env(&env, &envsize, "AUTHSTATE", cp); 1092 child_set_env(&env, &envsize, "AUTHSTATE", cp);
1093 read_environment_file(&env, &envsize, "/etc/environment", 1093 read_environment_file(&env, &envsize, "/etc/environment",
1094 options.permit_user_env_whitelist); 1094 options.permit_user_env_allowlist);
1095 } 1095 }
1096#endif 1096#endif
1097#ifdef KRB5 1097#ifdef KRB5
@@ -1111,10 +1111,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1111 cp = strchr(ocp, '='); 1111 cp = strchr(ocp, '=');
1112 if (*cp == '=') { 1112 if (*cp == '=') {
1113 *cp = '\0'; 1113 *cp = '\0';
1114 /* Apply PermitUserEnvironment whitelist */ 1114 /* Apply PermitUserEnvironment allowlist */
1115 if (options.permit_user_env_whitelist == NULL || 1115 if (options.permit_user_env_allowlist == NULL ||
1116 match_pattern_list(ocp, 1116 match_pattern_list(ocp,
1117 options.permit_user_env_whitelist, 0) == 1) 1117 options.permit_user_env_allowlist, 0) == 1)
1118 child_set_env(&env, &envsize, 1118 child_set_env(&env, &envsize,
1119 ocp, cp + 1); 1119 ocp, cp + 1);
1120 } 1120 }
@@ -1127,7 +1127,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1127 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", 1127 snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
1128 pw->pw_dir); 1128 pw->pw_dir);
1129 read_environment_file(&env, &envsize, buf, 1129 read_environment_file(&env, &envsize, buf,
1130 options.permit_user_env_whitelist); 1130 options.permit_user_env_allowlist);
1131 } 1131 }
1132 1132
1133#ifdef USE_PAM 1133#ifdef USE_PAM
@@ -1206,19 +1206,21 @@ static void
1206do_rc_files(struct ssh *ssh, Session *s, const char *shell) 1206do_rc_files(struct ssh *ssh, Session *s, const char *shell)
1207{ 1207{
1208 FILE *f = NULL; 1208 FILE *f = NULL;
1209 char cmd[1024]; 1209 char *cmd = NULL, *user_rc = NULL;
1210 int do_xauth; 1210 int do_xauth;
1211 struct stat st; 1211 struct stat st;
1212 1212
1213 do_xauth = 1213 do_xauth =
1214 s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; 1214 s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL;
1215 xasprintf(&user_rc, "%s/%s", s->pw->pw_dir, _PATH_SSH_USER_RC);
1215 1216
1216 /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ 1217 /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */
1217 if (!s->is_subsystem && options.adm_forced_command == NULL && 1218 if (!s->is_subsystem && options.adm_forced_command == NULL &&
1218 auth_opts->permit_user_rc && options.permit_user_rc && 1219 auth_opts->permit_user_rc && options.permit_user_rc &&
1219 stat(_PATH_SSH_USER_RC, &st) >= 0) { 1220 stat(user_rc, &st) >= 0) {
1220 snprintf(cmd, sizeof cmd, "%s -c '%s %s'", 1221 if (xasprintf(&cmd, "%s -c '%s %s'", shell, _PATH_BSHELL,
1221 shell, _PATH_BSHELL, _PATH_SSH_USER_RC); 1222 user_rc) == -1)
1223 fatal("%s: xasprintf: %s", __func__, strerror(errno));
1222 if (debug_flag) 1224 if (debug_flag)
1223 fprintf(stderr, "Running %s\n", cmd); 1225 fprintf(stderr, "Running %s\n", cmd);
1224 f = popen(cmd, "w"); 1226 f = popen(cmd, "w");
@@ -1229,7 +1231,7 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
1229 pclose(f); 1231 pclose(f);
1230 } else 1232 } else
1231 fprintf(stderr, "Could not run %s\n", 1233 fprintf(stderr, "Could not run %s\n",
1232 _PATH_SSH_USER_RC); 1234 user_rc);
1233 } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { 1235 } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) {
1234 if (debug_flag) 1236 if (debug_flag)
1235 fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, 1237 fprintf(stderr, "Running %s %s\n", _PATH_BSHELL,
@@ -1254,8 +1256,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
1254 options.xauth_location, s->auth_display, 1256 options.xauth_location, s->auth_display,
1255 s->auth_proto, s->auth_data); 1257 s->auth_proto, s->auth_data);
1256 } 1258 }
1257 snprintf(cmd, sizeof cmd, "%s -q -", 1259 if (xasprintf(&cmd, "%s -q -", options.xauth_location) == -1)
1258 options.xauth_location); 1260 fatal("%s: xasprintf: %s", __func__, strerror(errno));
1259 f = popen(cmd, "w"); 1261 f = popen(cmd, "w");
1260 if (f) { 1262 if (f) {
1261 fprintf(f, "remove %s\n", 1263 fprintf(f, "remove %s\n",
@@ -1269,6 +1271,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
1269 cmd); 1271 cmd);
1270 } 1272 }
1271 } 1273 }
1274 free(cmd);
1275 free(user_rc);
1272} 1276}
1273 1277
1274static void 1278static void
@@ -1497,6 +1501,9 @@ child_close_fds(struct ssh *ssh)
1497 */ 1501 */
1498 endpwent(); 1502 endpwent();
1499 1503
1504 /* Stop directing logs to a high-numbered fd before we close it */
1505 log_redirect_stderr_to(NULL);
1506
1500 /* 1507 /*
1501 * Close any extra open file descriptors so that we don't have them 1508 * Close any extra open file descriptors so that we don't have them
1502 * hanging around in clients. Note that we want to do this after 1509 * hanging around in clients. Note that we want to do this after
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 00:23:42 +0000