- Set $SSH_CONNECTION

- Document environment variables in the manpage

--HG--
extra : convert_revision : 1a93c6112f00730f5cd21a853d3bd5ca8079f725

3 files changed, 60 insertions, 2 deletions

diff --git a/chansession.h b/chansession.h
index b9d1995..924518b 100644
--- a/chansession.h
+++ b/chansession.h
@@ -50,6 +50,10 @@ struct ChanSess {
 
 	/* exit details */
 	struct exitinfo exit;
+
+	/* Used to set $SSH_CONNECTION in the child session. 
+	Is only set temporarily before forking */
+	char *connection_string;
 	
 #ifndef DISABLE_X11FWD
 	struct Listener * x11listener;
diff --git a/dropbear.8 b/dropbear.8
index ecbad31..7d02e12 100644
--- a/dropbear.8
+++ b/dropbear.8
@@ -154,6 +154,34 @@ By default the file /etc/motd will be printed for any login shell (unless
 disabled at compile-time). This can also be disabled per-user
 by creating a file ~/.hushlogin .
 
+.SH ENVIRONMENT VARIABLES
+Dropbear sets the standard variables USER, LOGNAME, HOME, SHELL, PATH, and TERM.
+
+The variables below are set for sessions as appropriate. 
+
+.TP
+.B SSH_TTY
+This is set to the allocated TTY if a PTY was used.
+
+.TP
+.B SSH_CONNECTION
+Contains "<remote_ip> <remote_port> <local_ip> <local_port>".
+
+.TP
+.B DISPLAY
+Set X11 forwarding is used.
+
+.TP
+.B SSH_ORIGINAL_COMMAND
+If a 'command=' authorized_keys option was used, the original command is specified
+in this variable. If a shell was requested this is set to an empty value.
+
+.TP
+.B SSH_AUTH_SOCK
+Set to a forwarded ssh-agent connection.
+
+
+
 .SH AUTHOR
 Matt Johnston (matt@ucc.asn.au).
 .br
diff --git a/svr-chansession.c b/svr-chansession.c
index 503e789..782e97f 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -222,6 +222,7 @@ static int newchansess(struct Channel *channel) {
 
 	chansess = (struct ChanSess*)m_malloc(sizeof(struct ChanSess));
 	chansess->cmd = NULL;
+	chansess->connection_string = NULL;
 	chansess->pid = 0;
 
 	/* pty details */
@@ -580,6 +581,21 @@ static int sessionpty(struct ChanSess * chansess) {
 	return DROPBEAR_SUCCESS;
 }
 
+static char* make_connection_string() {
+	char *local_ip, *local_port, *remote_ip, *remote_port;
+	size_t len;
+	char *ret;
+	get_socket_address(ses.sock_in, &local_ip, &local_port, &remote_ip, &remote_port, 0);
+	len = strlen(local_ip) + strlen(local_port) + strlen(remote_ip) + strlen(remote_port) + 4;
+	ret = m_malloc(len);
+	snprintf(ret, len, "%s %s %s %s", remote_ip, remote_port, local_ip, local_port);
+	m_free(local_ip);
+	m_free(local_port);
+	m_free(remote_ip);
+	m_free(remote_port);
+	return ret;
+}
+
 /* Handle a command request from the client. This is used for both shell
  * and command-execution requests, and passes the command to
  * noptycommand or ptycommand as appropriate.
@@ -637,7 +653,11 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess,
 	}
 #endif
 
-	// XXX set SSH_CONNECTION string here, since about to close socket...
+	/* uClinux will vfork(), so there'll be a race as 
+	connection_string is freed below. */
+#ifndef __uClinux__
+	chansess->connection_string = make_connection_string();
+#endif
 
 	if (chansess->term == NULL) {
 		/* no pty */
@@ -647,6 +667,10 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess,
 		ret = ptycommand(channel, chansess);
 	}
 
+#ifndef __uClinux__	
+	m_free(chansess->connection_string);
+#endif
+
 	if (ret == DROPBEAR_FAILURE) {
 		m_free(chansess->cmd);
 	}
@@ -896,7 +920,9 @@ static void execchild(void *user_data) {
 		addnewvar("SSH_TTY", chansess->tty);
 	}
 	
-	
+	if (chansess->connection_string) {
+		addnewvar("SSH_CONNECTION", chansess->connection_string);
+	}
 	
 #ifdef ENABLE_SVR_PUBKEY_OPTIONS
 	if (ses.authstate.pubkey_options &&