1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
diff -uNr -r sudo-1.7.0rc1.orig/logging.c sudo-1.7.0rc1/logging.c
--- sudo-1.7.0rc1.orig/logging.c 2008-03-18 21:00:52.000000000 +0100
+++ sudo-1.7.0rc1/logging.c 2008-05-22 16:12:11.000000000 +0200
@@ -613,6 +613,7 @@
#define LL_GROUP_STR "GROUP="
#define LL_ENV_STR "ENV="
#define LL_CMND_STR "COMMAND="
+#define LL_ENV_SSH_CLIENT "SSH_CLIENT="
/*
* Allocate and fill in a new logline.
@@ -642,6 +643,8 @@
len += sizeof(LL_USER_STR) + 2 + strlen(runas_pw->pw_name);
if (runas_gr != NULL)
len += sizeof(LL_GROUP_STR) + 2 + strlen(runas_gr->gr_name);
+ if (user_ssh_client != NULL)
+ len += sizeof(LL_ENV_SSH_CLIENT) + 2 + strlen(user_ssh_client);
if (sudo_user.env_vars != NULL) {
size_t evlen = 0;
struct list_member *cur;
@@ -710,6 +713,13 @@
strlcat(line, user_args, len) >= len)
goto toobig;
}
+ if (user_ssh_client != NULL) {
+ if (strlcat(line, " ; ", len) >= len ||
+ strlcat(line, LL_ENV_SSH_CLIENT, len) >= len ||
+ strlcat(line, user_ssh_client, len) >= len)
+ goto toobig;
+ efree(evstr);
+ }
return (line);
toobig:
diff -uNr -r sudo-1.7.0rc1.orig/sudo.c sudo-1.7.0rc1/sudo.c
--- sudo-1.7.0rc1.orig/sudo.c 2008-05-03 02:53:20.000000000 +0200
+++ sudo-1.7.0rc1/sudo.c 2008-05-22 16:10:26.000000000 +0200
@@ -632,6 +632,8 @@
prev_user = *ep + 10;
else if (strncmp("SUDO_ASKPASS=", *ep, 13) == 0)
user_askpass = *ep + 13;
+ else if (strncmp("SSH_CLIENT=", *ep, 11) == 0)
+ user_ssh_client = *ep + 11;
break;
}
}
diff -uNr -r sudo-1.7.0rc1.orig/sudo.h sudo-1.7.0rc1/sudo.h
--- sudo-1.7.0rc1.orig/sudo.h 2008-05-03 02:53:20.000000000 +0200
+++ sudo-1.7.0rc1/sudo.h 2008-05-22 16:08:30.000000000 +0200
@@ -43,6 +43,7 @@
struct stat *cmnd_stat;
char *path;
char *shell;
+ char *user_ssh_client;
char *tty;
char *ttypath;
char *host;
@@ -161,6 +162,7 @@
#define runas_gr (sudo_user._runas_gr)
#define user_role (sudo_user.role)
#define user_type (sudo_user.type)
+#define user_ssh_client (sudo_user.user_ssh_client)
/*
* We used to use the system definition of PASS_MAX or _PASSWD_LEN,
|