From 95344c257412b51199ead18d54eaed5bafb75617 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 3 Jul 2018 10:59:35 +0000 Subject: upstream: allow sshd_config PermitUserEnvironment to accept a pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@ OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24 --- servconf.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'servconf.h') diff --git a/servconf.h b/servconf.h index db8362c6..73327135 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.134 2018/06/09 03:03:10 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.135 2018/07/03 10:59:35 djm Exp $ */ /* * Author: Tatu Ylonen @@ -133,6 +133,7 @@ typedef struct { int permit_empty_passwd; /* If false, do not permit empty * passwords. */ int permit_user_env; /* If true, read ~/.ssh/environment */ + char *permit_user_env_whitelist; /* pattern-list whitelist */ int compression; /* If true, compression is allowed */ int allow_tcp_forwarding; /* One of FORWARD_* */ int allow_streamlocal_forwarding; /* One of FORWARD_* */ @@ -242,6 +243,7 @@ struct connection_info { M_CP_STROPT(hostbased_key_types); \ M_CP_STROPT(pubkey_key_types); \ M_CP_STROPT(routing_domain); \ + M_CP_STROPT(permit_user_env_whitelist); \ M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ M_CP_STRARRAYOPT(allow_users, num_allow_users); \ M_CP_STRARRAYOPT(deny_users, num_deny_users); \ -- cgit v1.2.1