[PATCH] Accept pre-configured environment variables

[Alexey Kotlyarov]

Read /etc/dropbear/environment for environment variables to add to new client
sessions.
---
  chansession.h     |  4 ++++
  dbutil.c          |  8 +++----
  options.h         |  9 ++++++++
  svr-chansession.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
  4 files changed, 79 insertions(+), 4 deletions(-)

diff --git a/chansession.h b/chansession.h
index ef252ea..ac68f3c 100644
--- a/chansession.h
+++ b/chansession.h
@@ -83,6 +83,10 @@ struct ChildPid {
  
  void addnewvar(const char* param, const char* var);
  
+#ifdef ENABLE_EXTRA_ENVIRONMENT
+void addextravars();
+#endif
+
  void cli_send_chansess_request();
  void cli_tty_cleanup();
  void cli_chansess_winchange();
diff --git a/dbutil.c b/dbutil.c
index 145bc33..e723488 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -781,11 +781,11 @@ int buf_readfile(buffer* buf, const char* filename) {
  	return ret;
  }
  
-/* get a line from the file into buffer in the style expected for an
- * authkeys file.
+/* get a line from the file into buffer.
   * Will return DROPBEAR_SUCCESS if data is read, or DROPBEAR_FAILURE on EOF.*/
-/* Only used for ~/.ssh/known_hosts and ~/.ssh/authorized_keys */
-#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
+/* Only used for ~/.ssh/known_hosts, ~/.ssh/authorized_keys and
+ * /etc/dropbear/environment */
+#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH) || defined(ENABLE_EXTRA_ENVIRONMENT)
  int buf_getline(buffer * line, FILE * authfile) {
  
  	int c = EOF;
diff --git a/options.h b/options.h
index 44d6d23..4ff63ba 100644
--- a/options.h
+++ b/options.h
@@ -30,6 +30,11 @@
  #define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
  #endif
  
+/* Environment file path */
+#ifndef EXTRA_ENV_FILENAME
+#define EXTRA_ENV_FILENAME "/etc/dropbear/environment"
+#endif
+
  /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
   * on chosen ports and keeps accepting connections. This is the default.
   *
@@ -207,6 +212,10 @@ much traffic. */
  #define ENABLE_CLI_PUBKEY_AUTH
  #define ENABLE_CLI_INTERACT_AUTH
  
+/* Whether to read extra environment from
+ * /etc/dropbear/environment */
+#define ENABLE_EXTRA_ENVIRONMENT
+
  /* This variable can be used to set a password for client
   * authentication on the commandline. Beware of platforms
   * that don't protect environment variables of processes etc. Also
diff --git a/svr-chansession.c b/svr-chansession.c
index 63e56a8..aead1d7 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -939,6 +939,10 @@ static void execchild(void *user_data) {
  	}
  #endif
  
+#ifdef ENABLE_EXTRA_ENVIRONMENT
+	addextravars();
+#endif
+
  	/* change directory */
  	if (chdir(ses.authstate.pw_dir) < 0) {
  		dropbear_exit("Error changing directory");
@@ -1010,3 +1014,61 @@ void addnewvar(const char* param, const char* var) {
  		dropbear_exit("environ error");
  	}
  }
+
+#ifdef ENABLE_EXTRA_ENVIRONMENT
+/* add custom environment variables */
+void addextravars() {
+	FILE * extraenv = NULL;
+	buffer * buf = NULL;
+	char * name_value = NULL;
+	char* value_pos = NULL;
+	char* name = NULL;
+	char* value = NULL;
+
+	extraenv = fopen(EXTRA_ENV_FILENAME, "r");
+	if (extraenv == NULL) {
+		goto out;
+	}
+
+	do {
+		if (buf) {
+			buf_free(buf);
+			buf = NULL;
+		}
+		if (name_value) {
+			m_free(name_value);
+		}
+		buf = buf_new(1000);
+
+		if (buf_getline(buf, extraenv) == DROPBEAR_FAILURE) {
+			break;
+		}
+
+		name_value = m_malloc(buf->len + 1);
+		memcpy(name_value, buf_getptr(buf, buf->len), buf->len);
+		name_value[buf->len] = '\0';
+
+		value_pos = strchr(name_value, '=');
+		if (value_pos == NULL) {
+			continue;
+		}
+
+		*value_pos = '\0';
+		name = name_value;
+		value = value_pos + 1;
+
+		addnewvar(name, value);
+	} while (1);
+
+out:
+	if (extraenv) {
+		fclose(extraenv);
+	}
+	if (buf) {
+		buf_free(buf);
+	}
+	if (name_value) {
+		m_free(name_value);
+	}
+}
+#endif
-- 
1.9.3