Description: fix AcceptEnv wildcard environment restrictions bypass
Origin: upstream, http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.270;r2=1.271

Index: openssh-6.0p1/session.c
===================================================================
--- openssh-6.0p1.orig/session.c	2014-03-21 11:03:33.904069205 -0400
+++ openssh-6.0p1/session.c	2014-03-21 11:03:33.900069205 -0400
@@ -963,6 +963,11 @@
 		*envsizep = 1;
 	}
 
+	if (strchr(name, '=') != NULL) {
+		error("Invalid environment variable \"%.100s\"", name);
+		return;
+	}
+
 	/*
 	 * Find the slot where the value should be stored.  If the variable
 	 * already exists, we reuse the slot; otherwise we append a new slot
@@ -2186,8 +2191,8 @@
 	char *name, *val;
 	u_int name_len, val_len, i;
 
-	name = packet_get_string(&name_len);
-	val = packet_get_string(&val_len);
+	name = packet_get_cstring(&name_len);
+	val = packet_get_cstring(&val_len);
 	packet_check_eom();
 
 	/* Don't set too many environment variables */