diff options
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 43 |
1 files changed, 25 insertions, 18 deletions
diff --git a/session.c b/session.c index 18cdfa8cf450..27ca8a104dd6 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.319 2020/03/13 03:17:07 djm Exp $ */ +/* $OpenBSD: session.c,v 1.324 2020/07/07 02:47:21 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -843,12 +843,12 @@ check_quietlogin(Session *s, const char *command) * into the environment. If the file does not exist, this does nothing. * Otherwise, it must consist of empty lines, comments (line starts with '#') * and assignments of the form name=value. No other forms are allowed. - * If whitelist is not NULL, then it is interpreted as a pattern list and + * If allowlist is not NULL, then it is interpreted as a pattern list and * only variable names that match it will be accepted. */ static void read_environment_file(char ***env, u_int *envsize, - const char *filename, const char *whitelist) + const char *filename, const char *allowlist) { FILE *f; char *line = NULL, *cp, *value; @@ -881,8 +881,8 @@ read_environment_file(char ***env, u_int *envsize, */ *value = '\0'; value++; - if (whitelist != NULL && - match_pattern_list(cp, whitelist, 0) != 1) + if (allowlist != NULL && + match_pattern_list(cp, allowlist, 0) != 1) continue; child_set_env(env, envsize, cp, value); } @@ -924,7 +924,7 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid) * interested in. */ read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login", - options.permit_user_env_whitelist); + options.permit_user_env_allowlist); if (tmpenv == NULL) return; @@ -1091,7 +1091,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) if ((cp = getenv("AUTHSTATE")) != NULL) child_set_env(&env, &envsize, "AUTHSTATE", cp); read_environment_file(&env, &envsize, "/etc/environment", - options.permit_user_env_whitelist); + options.permit_user_env_allowlist); } #endif #ifdef KRB5 @@ -1111,10 +1111,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) cp = strchr(ocp, '='); if (*cp == '=') { *cp = '\0'; - /* Apply PermitUserEnvironment whitelist */ - if (options.permit_user_env_whitelist == NULL || + /* Apply PermitUserEnvironment allowlist */ + if (options.permit_user_env_allowlist == NULL || match_pattern_list(ocp, - options.permit_user_env_whitelist, 0) == 1) + options.permit_user_env_allowlist, 0) == 1) child_set_env(&env, &envsize, ocp, cp + 1); } @@ -1127,7 +1127,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); read_environment_file(&env, &envsize, buf, - options.permit_user_env_whitelist); + options.permit_user_env_allowlist); } #ifdef USE_PAM @@ -1206,19 +1206,21 @@ static void do_rc_files(struct ssh *ssh, Session *s, const char *shell) { FILE *f = NULL; - char cmd[1024]; + char *cmd = NULL, *user_rc = NULL; int do_xauth; struct stat st; do_xauth = s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; + xasprintf(&user_rc, "%s/%s", s->pw->pw_dir, _PATH_SSH_USER_RC); /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ if (!s->is_subsystem && options.adm_forced_command == NULL && auth_opts->permit_user_rc && options.permit_user_rc && - stat(_PATH_SSH_USER_RC, &st) >= 0) { - snprintf(cmd, sizeof cmd, "%s -c '%s %s'", - shell, _PATH_BSHELL, _PATH_SSH_USER_RC); + stat(user_rc, &st) >= 0) { + if (xasprintf(&cmd, "%s -c '%s %s'", shell, _PATH_BSHELL, + user_rc) == -1) + fatal("%s: xasprintf: %s", __func__, strerror(errno)); if (debug_flag) fprintf(stderr, "Running %s\n", cmd); f = popen(cmd, "w"); @@ -1229,7 +1231,7 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) pclose(f); } else fprintf(stderr, "Could not run %s\n", - _PATH_SSH_USER_RC); + user_rc); } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { if (debug_flag) fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, @@ -1254,8 +1256,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) options.xauth_location, s->auth_display, s->auth_proto, s->auth_data); } - snprintf(cmd, sizeof cmd, "%s -q -", - options.xauth_location); + if (xasprintf(&cmd, "%s -q -", options.xauth_location) == -1) + fatal("%s: xasprintf: %s", __func__, strerror(errno)); f = popen(cmd, "w"); if (f) { fprintf(f, "remove %s\n", @@ -1269,6 +1271,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) cmd); } } + free(cmd); + free(user_rc); } static void @@ -1497,6 +1501,9 @@ child_close_fds(struct ssh *ssh) */ endpwent(); + /* Stop directing logs to a high-numbered fd before we close it */ + log_redirect_stderr_to(NULL); + /* * Close any extra open file descriptors so that we don't have them * hanging around in clients. Note that we want to do this after |