From 20b5fab9f773b3d3c7f06cb15b8f69a2c081ee80 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 3 Jul 2020 07:02:37 +0000
Subject: [PATCH] upstream: avoid tilde_expand_filename() in expanding
 ~/.ssh/rc - if

sshd is in chroot mode, the likely absence of a password database will cause
tilde_expand_filename() to fatal; ok dtucker@

OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
---
 session.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/session.c b/session.c
index a37eb4ae2..84d3286c4 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.321 2020/07/03 06:46:41 djm Exp $ */
+/* $OpenBSD: session.c,v 1.322 2020/07/03 07:02:37 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1212,7 +1212,7 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
 
 	do_xauth =
 	    s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL;
-	user_rc = tilde_expand_filename("~/" _PATH_SSH_USER_RC, getuid());
+	xasprintf(&user_rc, "%s/%s", s->pw->pw_dir, _PATH_SSH_USER_RC);
 
 	/* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */
 	if (!s->is_subsystem && options.adm_forced_command == NULL &&