From f5c4526d2ff98e7b42ee3b61ad43cfa6f6385b32 Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Sat, 29 Jun 2002 11:21:58 +0000
Subject: Make sure the environment variables set by setusercontext() are
 passed on to the child process.

Reviewed by:	ache
Sponsored by:	DARPA, NAI Labs
---
 crypto/openssh/session.c | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

(limited to 'crypto')

diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c
index 6169f33..efed1fc 100644
--- a/crypto/openssh/session.c
+++ b/crypto/openssh/session.c
@@ -34,6 +34,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $");
+RCSID("$FreeBSD$");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -931,6 +932,10 @@ do_setup_env(Session *s, const char *shell)
 	char buf[256];
 	u_int i, envsize;
 	char **env;
+#ifdef HAVE_LOGIN_CAP
+	extern char **environ;
+	char **senv, **var;
+#endif
 	struct passwd *pw = s->pw;
 
 	/* Initialize the environment. */
@@ -946,14 +951,29 @@ do_setup_env(Session *s, const char *shell)
 	copy_environment(environ, &env, &envsize);
 #endif
 
+	if (getenv("TZ"))
+		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 	if (!options.use_login) {
 		/* Set basic environment. */
 		child_set_env(&env, &envsize, "USER", pw->pw_name);
 		child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
 		child_set_env(&env, &envsize, "HOME", pw->pw_dir);
+		snprintf(buf, sizeof buf, "%.200s/%.50s",
+			 _PATH_MAILDIR, pw->pw_name);
+		child_set_env(&env, &envsize, "MAIL", buf);
 #ifdef HAVE_LOGIN_CAP
-		(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
-		child_set_env(&env, &envsize, "PATH", getenv("PATH"));
+		child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
+		child_set_env(&env, &envsize, "TERM", "su");
+		senv = environ;
+		environ = xmalloc(sizeof(char *));
+		*environ = NULL;
+		(void) setusercontext(lc, pw, pw->pw_uid,
+		    LOGIN_SETENV|LOGIN_SETPATH);
+		copy_environment(environ, &env, &envsize);
+		for (var = environ; *var != NULL; ++var)
+			xfree(*var);
+		xfree(environ);
+		environ = senv;
 #else /* HAVE_LOGIN_CAP */
 # ifndef HAVE_CYGWIN
 		/*
@@ -971,15 +991,9 @@ do_setup_env(Session *s, const char *shell)
 # endif /* HAVE_CYGWIN */
 #endif /* HAVE_LOGIN_CAP */
 
-		snprintf(buf, sizeof buf, "%.200s/%.50s",
-			 _PATH_MAILDIR, pw->pw_name);
-		child_set_env(&env, &envsize, "MAIL", buf);
-
 		/* Normal systems set SHELL by default. */
 		child_set_env(&env, &envsize, "SHELL", shell);
 	}
-	if (getenv("TZ"))
-		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 
 	/* Set custom environment options from RSA authentication. */
 	if (!options.use_login) {
@@ -1162,7 +1176,7 @@ do_setusercontext(struct passwd *pw)
 #endif /* HAVE_SETPCRED */
 #ifdef HAVE_LOGIN_CAP
 		if (setusercontext(lc, pw, pw->pw_uid,
-		    (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
+		    (LOGIN_SETALL & ~(LOGIN_SETENV|LOGIN_SETPATH))) < 0) {
 			perror("unable to set user context");
 			exit(1);
 		}
-- 
cgit v1.1