openssh unix dev - Jun 2002 - [PATCH] forwarding environment vars ala RFC2026

I have coded a patch witch allows to forward environment variables
from the client to the server.
To specify forwarding in your ssh client add the option

ForwardEnv varname		# forward varname with value
				# as in environment of the
				# ssh client. If variable is
				# not defined in the environment
				# of the ssh client nothing will
				# be forwarded.
ForwardEnv varname=value	# forward varname with value
UnforwardEnv varname		# override ForwardEnv in
				# /etc/ssh/ssh_config
to your ssh_config file.
The patch must be applied on top of the
openssh-3.2.3p1-gssapi-20020527.diff patch.

Location is
http://home.t-online.de/home/joachim_falk/openssh-3.2.3p1-forwardenv.diff

WARNING:
This patch has only been tested on my linux system.

Best regards
Joachim Falk
--

I have updated the patch to include documentation for
environment forwarding in the manpages ssh(1) sshd(8) .

If there is interest for the patch on plain vanilla
OpenSSH-3.2.3p1 i will adapt the patch. Interested people
should mail me !

The patch is located at
http://home.t-online.de/home/joachim_falk/patches/index.html

Best regards
Joachim Falk

how is this related to RFC2026?

On Wed, 5 Jun 2002, Markus Friedl wrote:
> how is this related to RFC2026?
>
Red Face time.

You are right i have looked only for a RFC number in the
draft-ietf-secsh-connect-15.txt. The environment forwarding
is specified in this draft. Relevant sections included.

[DRAFT snippet]
Network Working Group                                          T. Ylonen
Internet-Draft                                                T. Kivinen
Expires: August 1, 2002                 SSH Communications Security Corp
                                                             M. Saarinen
                                                 University of Jyvaskyla
                                                                T. Rinne
                                                             S. Lehtinen
                                        SSH Communications Security Corp
                                                        January 31, 2002

                        SSH Connection Protocol
                    draft-ietf-secsh-connect-15.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

[snipped much text]

4.4 Environment Variable Passing

   Environment variables may be passed to the shell/command to be
   started later.  Uncontrolled setting of environment variables in a
   privileged process can be a security hazard.  It is recommended that
   implementations either maintain a list of allowable variable names or
   only set environment variables after the server process has dropped
   sufficient privileges.

     byte      SSH_MSG_CHANNEL_REQUEST
     uint32    recipient channel
     string    "env"
     boolean   want reply
     string    variable name
     string    variable value

[snipped much text]
[END DRAFT]

Best Regards
Joachim Falk

--