diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-07-03 10:59:35 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-03 21:01:30 +1000 |
commit | 95344c257412b51199ead18d54eaed5bafb75617 (patch) | |
tree | 320a21db8781ca4f6a363db928ca04b3b0d1dd70 /servconf.h | |
parent | 6f56fe4b9578b0627667f8bce69d4d938a88324c (diff) | |
download | openssh-git-95344c257412b51199ead18d54eaed5bafb75617.tar.gz |
upstream: allow sshd_config PermitUserEnvironment to accept a
pattern-list of whitelisted environment variable names in addition to yes|no.
bz#1800, feedback and ok markus@
OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
Diffstat (limited to 'servconf.h')
-rw-r--r-- | servconf.h | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.134 2018/06/09 03:03:10 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.135 2018/07/03 10:59:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -133,6 +133,7 @@ typedef struct { int permit_empty_passwd; /* If false, do not permit empty * passwords. */ int permit_user_env; /* If true, read ~/.ssh/environment */ + char *permit_user_env_whitelist; /* pattern-list whitelist */ int compression; /* If true, compression is allowed */ int allow_tcp_forwarding; /* One of FORWARD_* */ int allow_streamlocal_forwarding; /* One of FORWARD_* */ @@ -242,6 +243,7 @@ struct connection_info { M_CP_STROPT(hostbased_key_types); \ M_CP_STROPT(pubkey_key_types); \ M_CP_STROPT(routing_domain); \ + M_CP_STROPT(permit_user_env_whitelist); \ M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ M_CP_STRARRAYOPT(allow_users, num_allow_users); \ M_CP_STRARRAYOPT(deny_users, num_deny_users); \ |