Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Apr 2010 10:47:58 GMT
From:      Andrei Lavreniyuk <andy.lavr@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   amd64/145940: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
Message-ID:  <201004221047.o3MAlwGt038222@www.freebsd.org>
Resent-Message-ID: <201004221050.o3MAo0D4093984@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         145940
>Category:       amd64
>Synopsis:       [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-amd64
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 22 10:50:00 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Andrei Lavreniyuk
>Release:        FreeBSD 8.0-STABLE
>Organization:
Technica-03, Inc.
>Environment:
FreeBSD opensolaris.technica-03.local 8.0-STABLE FreeBSD 8.0-STABLE #0: Thu Apr 22 08:26:26 UTC 2010     root@opensolaris.technica-03.local:/usr/obj/usr/src/sys/SMP64R  amd64
>Description:
grab fixes from upstream for relative AuthorizedKeysFile handling

https://bugs.gentoo.org/308939

Author: djm <djm>
Date:   Sun Mar 21 18:53:04 2010 +0000

       - markus@cvs.openbsd.org 2010/03/12 11:37:40
         [servconf.c]
         do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths

Author: djm <djm>
Date:   Sun Mar 21 18:52:26 2010 +0000

       - djm@cvs.openbsd.org 2010/03/12 01:06:25
         [servconf.c]
         unbreak AuthorizedKeys option with a $HOME-relative path; reported by
         vinschen AT redhat.com, ok dtucker@



>How-To-Repeat:

>Fix:


Patch attached with submission follows:

--- crypto/openssh/servconf.c	4 Mar 2010 10:36:03 -0000	1.204
+++ crypto/openssh/servconf.c	12 Mar 2010 11:37:40 -0000	1.206
@@ -1180,7 +1180,17 @@ process_server_config_line(ServerOptions *options, cha
 		charptr = (opcode == sAuthorizedKeysFile) ?
 		    &options->authorized_keys_file :
 		    &options->authorized_keys_file2;
-		goto parse_filename;
+		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing file name.",
+			    filename, linenum);
+		if (*activep && *charptr == NULL) {
+			*charptr = tilde_expand_filename(arg, getuid());
+			/* increase optional counter */
+			if (intptr != NULL)
+				*intptr = *intptr + 1;
+		}
+		break;
 
 	case sClientAliveInterval:
 		intptr = &options->client_alive_interval;


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004221047.o3MAlwGt038222>