On Fri, 29 Sep 2017, Iain Morgan wrote: > Actually, according to OpenBSD's printenv(1) man page, it first appeared > in 2BSD. The man page on OS X claims it was BSD 3.0. However, it doesn't > appear to be part of any standard. > > Your suggestion ran into the same issue as the original test, but > escaping the evaluation by the user's shell appears to work: > > 'test -z `sh -c "echo \$SSH_USER_AUTH"`' || fail "SSH_USER_AUTH present" How about: diff --git a/regress/authinfo.sh b/regress/authinfo.sh index e725296c..b47f4e5a 100644 --- a/regress/authinfo.sh +++ b/regress/authinfo.sh @@ -5,8 +5,10 @@ tid="authinfo" # Ensure the environment variable doesn't leak when ExposeAuthInfo=no. verbose "ExposeAuthInfo=no" + env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \ - 'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present" + "exec sh -c 'test -z \"\$SSH_USER_AUTH\"'" || \ + fail "SSH_USER_AUTH present" verbose "ExposeAuthInfo=yes" echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev