[2238] in Kerberos-V5-bugs
krb5b7: Don't process XDISPLOC if DISPLAY is unexported
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Tue Sep 17 17:10:35 1996
Date: Tue, 17 Sep 1996 17:10:07 -0400
From: "Jonathan I. Kamens" <jik@jik.tiac.net>
To: krb5-bugs@MIT.EDU, kerberos@MIT.EDU
The patch below prevents the XDISPLOC option from being processed if
the DISPLAY environment variable is unexported by the user. In other
words, it makes it possible for the user to prevent the DISPLAY
environment variable from being sent to the remote host by unexporting
it.
--- telnet/commands.c 1996/09/17 19:55:36 1.3
+++ telnet/commands.c 1996/09/17 19:56:23 1.4
@@ -1872,6 +1872,17 @@
return(NULL);
}
+ int
+env_is_exported(var)
+ unsigned char *var;
+{
+ register struct env_lst *ep;
+
+ if ((ep = env_find(var)))
+ return ep->export;
+ return 0;
+}
+
#if defined(OLD_ENVIRON) && defined(ENV_HACK)
void
env_varval(what)
--- telnet/externs.h 1996/09/17 20:00:35 1.2
+++ telnet/externs.h 1996/09/17 20:01:08 1.3
@@ -324,6 +324,9 @@
*env_getvalue P((unsigned char *));
extern int
+ env_is_exported P((unsigned char *));
+
+extern int
get_status P((void)),
dosynch P((void));
--- telnet/telnet.c 1996/09/17 20:05:03 1.1
+++ telnet/telnet.c 1996/09/17 20:05:19 1.2
@@ -521,7 +521,8 @@
#endif
case TELOPT_XDISPLOC: /* X Display location */
- if (env_getvalue((unsigned char *)"DISPLAY"))
+ if (env_getvalue((unsigned char *)"DISPLAY") &&
+ env_is_exported((unsigned char *)"DISPLAY"))
new_state_ok = 1;
break;
@@ -954,7 +955,8 @@
unsigned char temp[50], *dp;
int len;
- if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) {
+ if (((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) ||
+ (! env_is_exported((unsigned char *)"DISPLAY"))) {
/*
* Something happened, we no longer have a DISPLAY
* variable. So, turn off the option.
@@ -2286,7 +2288,8 @@
send_will(TELOPT_LINEMODE, 1);
send_will(TELOPT_NEW_ENVIRON, 1);
send_do(TELOPT_STATUS, 1);
- if (env_getvalue((unsigned char *)"DISPLAY"))
+ if (env_getvalue((unsigned char *)"DISPLAY") &&
+ env_is_exported((unsigned char *)"DISPLAY"))
send_will(TELOPT_XDISPLOC, 1);
if (eight)
tel_enter_binary(eight);
