added AcceptEnv (-A) support to pass environment variables from the client to the server

Author: Peter Szabo

c.sh

@@ -15,7 +15,7 @@ ls -l dropbearmulti
 #
 #   $ ssh-keygen -t rsa -b 4096 -N '' -C hostkey_rsa4096 -f hostkey_rsa4096
 #   $ ./dropbearmulti dropbearconvert openssh dropbear hostkey_rsa4096 dropbear_hostkey_rsa4096
-#   $ ./dropbearmulti dropbear -r dropbear_hostkey_rsa4096 -F -E -m -s -P '' -p 65522
+#   $ ./dropbearmulti dropbear -r dropbear_hostkey_rsa4096 -F -E -m -s -P '' -A WINDOW=,TZ=,COLORFGBG=,LANG=,LC_ -p 65522
 #   ...
 #   $ ssh -v -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -F /dev/null -i ...  -p 65522 127.0.0.1 id
 #

chansession.h

@@ -76,6 +76,10 @@ struct ChanSess {
 #ifdef ENABLE_SVR_PUBKEY_OPTIONS
 	char *original_command;
 #endif
+
+	unsigned env_capacity;
+	unsigned env_size;
+	char **env;
 };
 
 struct ChildPid {

runopts.h

@@ -120,6 +120,8 @@ typedef struct svr_runopts {
 	buffer * banner;
 	char * pidfile;
 
+	char *acceptenv;  /* Comma-separated. */
+
 } svr_runopts;
 
 extern svr_runopts svr_opts;

svr-chansession.c

@@ -61,6 +61,8 @@ static void send_msg_chansess_exitstatus(struct Channel * channel,
 static void send_msg_chansess_exitsignal(struct Channel * channel,
 		struct ChanSess * chansess);
 static void get_termmodes(struct ChanSess *chansess);
+static char *create_newvar(const char *param, const char *var);
+
 
 const struct ChanType svrchansess = {
 	0, /* sepfds */
@@ -305,6 +307,12 @@ static void closechansess(struct Channel *channel) {
 	m_free(chansess->original_command);
 #endif
 
+	if (chansess->env) {
+		char **p = chansess->env;
+		for (; *p; free(*p++)) {}
+		m_free(chansess->env);
+	}
+
 	if (chansess->tty) {
 		/* write the utmp/wtmp login record */
 		li = chansess_login_alloc(chansess);
@@ -339,6 +347,25 @@ static void closechansess(struct Channel *channel) {
 	TRACE(("leave closechansess"))
 }
 
+static char is_env_allowed(const char *name) {
+	char const *p = svr_opts.acceptenv, *q;
+	if (!name || name[0] == '\0' || strchr(name, '=')) return 0;
+	/* Comma-separated, LC_ means prefix, TZ= means 1 var. */
+	if (p) for (; *p != '\0'; ) {
+		for (q = p; *q != '\0' && *q != ','; ++q) {}
+		if (p != q) {
+			if (q[-1] == '=') {
+				const unsigned size = q - p - 1;
+				if (0 == memcmp(name, p, size) && name[size] == '\0') return 1;
+			} else {
+				if (0 == strncmp(name, p, q - p)) return 1;	/* Prefix match. */
+			}
+		}
+		p = q + 1;
+	}
+	return 0;
+}
+
 /* Handle requests for a channel. These can be execution requests,
  * or x11/authagent forwarding. These are passed to appropriate handlers */
 static void chansessionrequest(struct Channel *channel) {
@@ -383,8 +410,25 @@ static void chansessionrequest(struct Channel *channel) {
 #endif
 	} else if (strcmp(type, "signal") == 0) {
 		ret = sessionsignal(chansess);
+	} else if (strcmp(type, "env") == 0) {
+		char *name = buf_getstring(ses.payload, NULL);
+		char *value = buf_getstring(ses.payload, NULL);
+		if (name && value && is_env_allowed(name)) {
+			char *newvar = create_newvar(name, value);
+			if (chansess->env_size + 1 >= chansess->env_capacity) {
+				if (chansess->env) {
+					chansess->env = m_realloc(chansess->env, sizeof(*chansess->env) * (chansess->env_capacity <<= 1));
+				} else {
+					chansess->env = m_malloc(sizeof(*chansess->env) * (chansess->env_capacity = 16));
+				}
+			}
+			chansess->env[chansess->env_size++] = newvar;  /* Takes ownership. */
+			chansess->env[chansess->env_size] = NULL;
+		}
+		m_free(value);
+		m_free(name);
 	} else {
-		/* etc, todo "env", "subsystem" */
+		/* etc */
 	}
 
 out:
@@ -943,6 +987,12 @@ static void execchild(void *user_data) {
 		}
 	}
 
+	/* Call putenv here first, so "USER" etc. below will override it. */
+	if (chansess->env) {
+	  char **p = chansess->env;
+	  for (; *p; putenv(*p++)) {}
+	}
+
 	/* set env vars */
 	addnewvar("USER", ses.authstate.pw_name);
 	addnewvar("LOGNAME", ses.authstate.pw_name);
@@ -1013,9 +1063,7 @@ void svr_chansessinitialise() {
 
 }
 
-/* add a new environment variable, allocating space for the entry */
-void addnewvar(const char* param, const char* var) {
-
+static char *create_newvar(const char *param, const char *var) {
 	char* newvar = NULL;
 	int plen, vlen;
 
@@ -1027,8 +1075,13 @@ void addnewvar(const char* param, const char* var) {
 	newvar[plen] = '=';
 	memcpy(&newvar[plen+1], var, vlen);
 	newvar[plen+vlen+1] = '\0';
+	return newvar;
+}
+
+/* add a new environment variable, allocating space for the entry */
+void addnewvar(const char* param, const char* var) {
 	/* newvar is leaked here, but that's part of putenv()'s semantics */
-	if (putenv(newvar) < 0) {
+	if (putenv(create_newvar(param, var)) < 0) {
 		dropbear_exit("environ error");
 	}
 }

svr-runopts.c

@@ -96,6 +96,7 @@ static void printhelp(const char * progname) {
 					"		(default %d, larger may be faster, max 1MB)\n"
 					"-K keepalive	(0 is never, default %d, in seconds)\n"
 					"-I idle_timeout	(0 is never, default %d, in seconds)\n"
+					"-A env1=,env2  Environment varialbe names and prefixes to accept\n"
 					"-V		Print version and exit.\n"
 #ifdef DEBUG_TRACE
 					"-v		verbose (compiled with DEBUG_TRACE)\n"
@@ -139,6 +140,7 @@ void svr_getopts(int argc, char ** argv) {
 	svr_opts.inetdmode = 0;
 	svr_opts.portcount = 0;
 	svr_opts.hostkey = NULL;
+	svr_opts.acceptenv = NULL;
 #ifndef NOSYSHOSTKEYLOAD
 #ifdef DROPBEAR_DELAY_HOSTKEY
 	svr_opts.delay_hostkey = 0;
@@ -191,6 +193,9 @@ void svr_getopts(int argc, char ** argv) {
 				case 'r':
 					next = &keyfile;
 					break;
+				case 'A':
+					next = &svr_opts.acceptenv;
+					break;
 #ifndef NOSYSHOSTKEYLOAD
 #ifdef DROPBEAR_DELAY_HOSTKEY
 				case 'R':