From bfischer@Techfak.uni-bielefeld.de  Wed Apr  5 19:26:08 2000
Return-Path: <bfischer@Techfak.uni-bielefeld.de>
Received: from mail.uni-bielefeld.de (mail.uni-bielefeld.de [129.70.4.90])
	by hub.freebsd.org (Postfix) with ESMTP id 44AFB37B8BF
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  5 Apr 2000 19:26:07 -0700 (PDT)
	(envelope-from bfischer@Techfak.uni-bielefeld.de)
Received: from frolic.no-support.loc (ppp36-218.hrz.uni-bielefeld.de)
 by mail.uni-bielefeld.de
 (Sun Internet Mail Server sims.3.5.1999.05.24.18.28.p7)
 with ESMTP id <0FSK008AFPDL5I@mail.uni-bielefeld.de> for
 FreeBSD-gnats-submit@freebsd.org; Thu,  6 Apr 2000 04:25:58 +0200 (MET DST)
Received: (from bjoern@localhost) by frolic.no-support.loc (8.9.3/8.9.3)
 id EAA03408; Thu, 06 Apr 2000 04:21:46 +0200 (CEST envelope-from bjoern)
Message-Id: <200004060221.EAA03408@frolic.no-support.loc>
Date: Thu, 06 Apr 2000 04:21:46 +0200 (CEST)
From: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
Reply-To: bfischer@Techfak.Uni-Bielefeld.DE
To: FreeBSD-gnats-submit@freebsd.org
Subject: ssh X11 forward breaks with X11 not in /usr
X-Send-Pr-Version: 3.2

>Number:         17818
>Category:       bin
>Synopsis:       ssh X11 forward breaks with X11 not in /usr
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kris
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr  5 19:30:00 PDT 2000
>Closed-Date:    Wed Aug 23 02:39:21 PDT 2000
>Last-Modified:  Wed Aug 23 02:39:41 PDT 2000
>Originator:     Bjoern Fischer
>Release:        FreeBSD 4.0-STABLE i386
>Organization:
No-Support
>Environment:

The problem occurs on FreeBSD 4.0-STABLE i386 with USA_RESIDENT set to NO,
that is with international crypto.

>Description:

xauth is needed for the automatic X11 protocol forwarder within SSH. The
xauth path is hard compiled into SHH as `/usr/X11R6/bin/xauth' which will
break the X11 protocol forwarder when X11 is installed somewhere else.

FreeBSD's Makefiles for SSH do not make use of the variable X11BASE which
may be set in /etc/make.conf.

>How-To-Repeat:

See description.

>Fix:

The fix is obvious. See this patch (please review,
it is not `make world' tested!):

------------------------------------------------------------>8--------------
--- ./crypto/openssh/includes.h	2000/04/06 01:59:05	1.1
+++ ./crypto/openssh/includes.h	2000/04/06 01:59:32
@@ -58,7 +58,9 @@
 #include "version.h"
 
 /* Define this to be the path of the xauth program. */
+#ifndef XAUTH_PATH
 #define XAUTH_PATH "/usr/X11R6/bin/xauth"
+#endif
 
 /*
  * Define this to use pipes instead of socketpairs for communicating with the
--- ./secure/usr.bin/ssh/Makefile	2000/04/06 02:00:00	1.1
+++ ./secure/usr.bin/ssh/Makefile	2000/04/06 02:02:50
@@ -35,5 +35,9 @@
 
 .include <bsd.prog.mk>
 
+.if defined(X11BASE)
+CFLAGS+= -DXAUTH_PATH=${X11BASE}/bin/xauth
+.endif
+
 LDADD+=	-L${.OBJDIR}/../../lib/libssh -lssh -lcrypto -lutil -lz
 DPADD+=	${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
--- ./secure/usr.sbin/sshd/Makefile	2000/04/06 02:03:11	1.1
+++ ./secure/usr.sbin/sshd/Makefile	2000/04/06 02:03:25
@@ -39,5 +39,9 @@
 
 .include <bsd.prog.mk>
 
+.if defined(X11BASE)
+CFLAGS+= -DXAUTH_PATH=${X11BASE}/bin/xauth
+.endif
+
 LDADD+=	-L${.OBJDIR}/../../lib/libssh -lssh -lcrypt -lcrypto -lutil -lz -lwrap
 DPADD+=	${LIBCRYPT} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} ${LIBWRAP}


>Release-Note:
>Audit-Trail:

From: Bill Fenner <fenner@research.att.com>
To: bfischer@techfak.uni-bielefeld.de
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/17818: ssh X11 forward breaks with X11 not in /usr
Date: Thu, 13 Apr 2000 00:51:00 -0700

 Workaround: set XAuthLocation in /etc/ssh/sshd_config .
 
   Bill
 

From: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
To: Bill Fenner <fenner@research.att.com>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/17818: ssh X11 forward breaks with X11 not in /usr
Date: Thu, 13 Apr 2000 10:45:54 +0200

 On Thu, Apr 13, 2000 at 12:51:00AM -0700, Bill Fenner wrote:
 >=20
 > Workaround: set XAuthLocation in /etc/ssh/sshd_config .
 
 Uh, thanks. Maybe this info should be added to the man page.
 
   Bj=F6rn
 
 --=20
 -----BEGIN GEEK CODE BLOCK-----
 GCS d--(+) s++: a- C+++(-) UB++++OSI++++$ P+++(-) L---(++) !E W- N+ o>+
 K- !w !O !M !V  PS++  PE-  PGP++  t+++  !5 X++ tv- b+++ D++ G e+ h-- y+=20
 ------END GEEK CODE BLOCK------
 
Responsible-Changed-From-To: freebsd-bugs->kris 
Responsible-Changed-By: sheldonh 
Responsible-Changed-When: Thu Aug 3 02:10:46 PDT 2000 
Responsible-Changed-Why:  
Over to the maintainer (thanks, Johan). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17818 
State-Changed-From-To: open->closed 
State-Changed-By: kris 
State-Changed-When: Wed Aug 23 02:39:21 PDT 2000 
State-Changed-Why:  
Patch committed, thanks! I will merge it to 4.1-STABLE 
in a few days. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17818 
>Unformatted:
