Re: Another bug in SSH in FreeBSD 8.4 (sftp cannot create relati

Xin Li wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 06/21/13 16:04, Miroslav Lachman wrote:
>> 1) Is there some way to create relative symlinks with OpenSSH 6.1?
>
> No.  It seems like a regression and can not be worked around.  I do
> have a patch (attached; against crypto/openssh/), and my test shows
> that it would fix the problem.
>
>> 2) Was OpenSSH 6.1 tested before importing in to the base of
>> FreeBSD 8.4 release? These two bugs seems serious to me.
>
> This code is not new: it was in OpenBSD 3 years ago, and in FreeBSD
> for more than 2 years (r221420 or 2011-05-04); OpenSSH 6.1 was
> imported last September.  This issue you have just raised have been
> there since FreeBSD 9.0-RELEASE.
>
> So to me it seems like that the two issues are either rarely hit by
> the general public (counting myself in: I have never used sftp to
> create symbolic link remotely and have thus learned something new
> today), or those who hit this have choose to keep silent about it.
> Fortunately we have you noticed and reported the problem.
>
> As a community effort, we really *need* people to grab in-development
> snapshots and provide us the feedback.

I have two machines with FreeBSD 9.1, SSH version is reported as 
SSH-2.0-OpenSSH_5.8p2_hpn13v11 and there is no problem with empty 
VersionAddendum.

You are right about the second problem - sftp symlinks. They are broken 
on this version as well but I didn't tried it before on this version.

>> 3) Is there any chance to fix these bugs in FreeBSD repository, or
>> do we need to be "bug to bug" compatible with other systems using
>> OpenSSH 6.x?
>
> I can not make a promise as I am not the maintainer.  However, I have
> already reported this issue to upstream OpenBSD developers, so if this
> was accepted by the upstream, we will commit the change locally to fix
> the issue.
>
> Unfortunately, it is too late to fix this for 8.4-RELEASE, and unless
> we see widespread complain, I don't think the problem would affect a
> significant amount of users to warrant a "errata" for supported
> release (8.4-RELEASE, 9.1-RELEASE), however, if it would be fixed, the
> fix would be merged to 8-STABLE and 9-STABLE and will be shipped with
> future releases, if the fix enters the development branch before them.

Thank you very much for your quick and kind response! I hope the fix 
will be accepted upstream.

The patch seems really simple and I know how to apply it, but I am not 
able to compile and install only fixed sftp command instead of the whole 
userland.
Can you push me to the right direction?

Thank you again!

Miroslav Lachman
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"