Integrate patch including functionality from David Borman's latest

author Sam Hartman <hartmans@mit.edu>

Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)

committer Sam Hartman <hartmans@mit.edu>

Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)
author Sam Hartman <hartmans@mit.edu>
Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)
committer Sam Hartman <hartmans@mit.edu>
Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)
diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog

index da63e0e126c66fc741cc151750881841757e211b..21393afe6d2060af96d5689b3b9272d977b9d883 100644 (file)
--- a/src/appl/telnet/telnetd/ChangeLog
+++ b/src/appl/telnet/telnetd/ChangeLog
@@ -1,3 +1,10 @@
+Thu Oct 19 01:28:23 1995  Mark W. Eichin  <eichin@cygnus.com>
+
+       * state.c (envvarok): New function, checks environment variables
+       for exceptions that should not be passed to login.
+       (suboption): don't do anything to propagated environment variables
+       if they fail the exception test above.
+
  Mon Oct  9 23:01:36 1995  Sam Hartman  <hartmans@tertius.mit.edu>
  
         * telnetd.c (getterminaltype): If ENCRYPTION defined, send do
diff --git a/src/appl/telnet/telnetd/state.c b/src/appl/telnet/telnetd/state.c

index 420c96de034be0da0ec1ba45652a4ec6dbfaa1f8..8394dee48c5d7b2347513b93275d4c0798ecdaf7 100644 (file)
--- a/src/appl/telnet/telnetd/state.c
+++ b/src/appl/telnet/telnetd/state.c
@@ -1078,6 +1078,24 @@ int env_ovalue = -1;
  # define env_ovalue OLD_ENV_VALUE
  #endif /* ENV_HACK */
  
+/* envvarok(char*) */
+/* check that variable is safe to pass to login or shell */
+static int
+envvarok(varp)
+       char *varp;
+{
+       if (strncmp(varp, "LD_", strlen("LD_")) &&
+           strncmp(varp, "_RLD_", strlen("_RLD_")) &&
+           strcmp(varp, "LIBPATH") &&
+           strcmp(varp, "IFS")) {
+               return 1;
+       } else {
+               /* optionally syslog(LOG_INFO) here */
+               return 0;
+       }
+
+}
+
  /*
   * suboption()
   *
@@ -1416,10 +1434,12 @@ suboption()
                 case NEW_ENV_VAR:
                 case ENV_USERVAR:
                         *cp = '\0';
+                       if (envvarok(varp)) {
                         if (valp)
                                 (void)setenv(varp, valp, 1);
                         else
                                 unsetenv(varp);
+                       }
                         cp = varp = (char *)subpointer;
                         valp = 0;
                         break;
@@ -1435,10 +1455,12 @@ suboption()
                 }
         }
         *cp = '\0';
+       if (envvarok(varp)) {
         if (valp)
                 (void)setenv(varp, valp, 1);
         else
                 unsetenv(varp);
+       }
         break;
      }  /* end of case TELOPT_NEW_ENVIRON */
  #if    defined(AUTHENTICATION)
author	Sam Hartman <hartmans@mit.edu>
	Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)
committer	Sam Hartman <hartmans@mit.edu>
	Sat, 21 Oct 1995 20:36:25 +0000 (20:36 +0000)
src/appl/telnet/telnetd/ChangeLog		patch \| blob \| history
src/appl/telnet/telnetd/state.c		patch \| blob \| history