Uppity: clear some key environment vars in subprocesses.

My helper scripts for invoking Uppity have been manually unsetting
things like XAUTHORITY and SSH_AUTH_SOCK, to avoid accidentally
passing them through from my primary login session, so that I don't
get confused about whether agent forwarding is happening, or end up
with one DISPLAY going with a different XAUTHORITY.

Now I clear these within Uppity itself, so the wrapping script won't
have to.

sesschan.c

@@ -280,9 +280,24 @@ static void sesschan_set_input_wanted(Channel *chan, bool wanted)
 
 static void sesschan_start_backend(sesschan *sess, const char *cmd)
 {
+    /*
+     * List of environment variables that we should not pass through
+     * from the login session Uppity was run in (which, it being a
+     * test server, there will usually be one of). These variables
+     * will be set as part of X or agent forwarding, and shouldn't be
+     * confusingly set in the absence of that.
+     *
+     * (DISPLAY must also be cleared, but uxpty.c will do that anyway
+     * when our get_x_display method returns NULL.)
+     */
+    static const char *const env_to_unset[] = {
+        "XAUTHORITY", "SSH_AUTH_SOCK", "SSH_AGENT_PID",
+        NULL /* terminator */
+    };
+
     sess->backend = pty_backend_create(
         &sess->seat, sess->child_logctx, sess->conf, NULL, cmd,
-        sess->ttymodes, !sess->want_pty);
+        sess->ttymodes, !sess->want_pty, env_to_unset);
     backend_size(sess->backend, sess->wc, sess->hc);
 }
 

sshserver.h

@@ -102,7 +102,8 @@ Channel *sesschan_new(SshChannel *c, LogContext *logctx,
 
 Backend *pty_backend_create(
     Seat *seat, LogContext *logctx, Conf *conf, char **argv, const char *cmd,
-    struct ssh_ttymodes ttymodes, bool pipes_instead_of_pty);
+    struct ssh_ttymodes ttymodes, bool pipes_instead_of_pty,
+    const char *const *env_vars_to_unset);
 int pty_backend_exit_signum(Backend *be);
 ptrlen pty_backend_exit_signame(Backend *be, char **aux_msg);
 

unix/uxpty.c

@@ -857,7 +857,8 @@ static void copy_ttymodes_into_termios(
  */
 Backend *pty_backend_create(
     Seat *seat, LogContext *logctx, Conf *conf, char **argv, const char *cmd,
-    struct ssh_ttymodes ttymodes, bool pipes_instead)
+    struct ssh_ttymodes ttymodes, bool pipes_instead,
+    const char *const *env_vars_to_unset)
 {
     int slavefd;
     pid_t pid, pgrp;
@@ -1088,6 +1089,11 @@ Backend *pty_backend_create(
                 close(ptyfd);
         }
 	setpgid(pgrp, pgrp);
+
+        if (env_vars_to_unset)
+            for (const char *const *p = env_vars_to_unset; *p; p++)
+                unsetenv(*p);
+
 	if (!pipes_instead) {
 	    char *term_env_var = dupprintf("TERM=%s",
 					   conf_get_str(conf, CONF_termtype));
@@ -1268,7 +1274,7 @@ static const char *pty_init(Seat *seat, Backend **backend_handle,
         cmd = pty_argv[0];
 
     *backend_handle= pty_backend_create(
-        seat, logctx, conf, pty_argv, cmd, modes, false);
+        seat, logctx, conf, pty_argv, cmd, modes, false, NULL);
     *realhost = dupstr("");
     return NULL;
 }