version 1.300, 2018/06/09 03:03:10 |
version 1.301, 2018/07/03 10:59:35 |
|
|
* into the environment. If the file does not exist, this does nothing. |
* into the environment. If the file does not exist, this does nothing. |
* Otherwise, it must consist of empty lines, comments (line starts with '#') |
* Otherwise, it must consist of empty lines, comments (line starts with '#') |
* and assignments of the form name=value. No other forms are allowed. |
* and assignments of the form name=value. No other forms are allowed. |
|
* If whitelist is not NULL, then it is interpreted as a pattern list and |
|
* only variable names that match it will be accepted. |
*/ |
*/ |
static void |
static void |
read_environment_file(char ***env, u_int *envsize, |
read_environment_file(char ***env, u_int *envsize, |
const char *filename) |
const char *filename, const char *whitelist) |
{ |
{ |
FILE *f; |
FILE *f; |
char *line = NULL, *cp, *value; |
char *line = NULL, *cp, *value; |
|
|
*/ |
*/ |
*value = '\0'; |
*value = '\0'; |
value++; |
value++; |
|
if (whitelist != NULL && |
|
match_pattern_list(cp, whitelist, 0) != 1) |
|
continue; |
child_set_env(env, envsize, cp, value); |
child_set_env(env, envsize, cp, value); |
} |
} |
free(line); |
free(line); |
|
|
cp = strchr(ocp, '='); |
cp = strchr(ocp, '='); |
if (*cp == '=') { |
if (*cp == '=') { |
*cp = '\0'; |
*cp = '\0'; |
child_set_env(&env, &envsize, ocp, cp + 1); |
/* Apply PermitUserEnvironment whitelist */ |
|
if (options.permit_user_env_whitelist == NULL || |
|
match_pattern_list(ocp, |
|
options.permit_user_env_whitelist, 0) == 1) |
|
child_set_env(&env, &envsize, |
|
ocp, cp + 1); |
} |
} |
free(ocp); |
free(ocp); |
} |
} |
|
|
if (options.permit_user_env) { |
if (options.permit_user_env) { |
snprintf(buf, sizeof buf, "%.200s/.ssh/environment", |
snprintf(buf, sizeof buf, "%.200s/.ssh/environment", |
pw->pw_dir); |
pw->pw_dir); |
read_environment_file(&env, &envsize, buf); |
read_environment_file(&env, &envsize, buf, |
|
options.permit_user_env_whitelist); |
} |
} |
|
|
/* Environment specified by admin */ |
/* Environment specified by admin */ |