From nobody@FreeBSD.org  Thu Apr 22 10:47:59 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 495CC1065675
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 22 Apr 2010 10:47:59 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 386DE8FC08
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 22 Apr 2010 10:47:59 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o3MAlwBB038223
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 22 Apr 2010 10:47:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o3MAlwGt038222;
	Thu, 22 Apr 2010 10:47:58 GMT
	(envelope-from nobody)
Message-Id: <201004221047.o3MAlwGt038222@www.freebsd.org>
Date: Thu, 22 Apr 2010 10:47:58 GMT
From: Andrei Lavreniyuk <andy.lavr@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         145940
>Category:       kern
>Synopsis:       [crypto] [patch] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    des
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 22 10:50:00 UTC 2010
>Closed-Date:    Fri Jul 15 11:06:05 UTC 2011
>Last-Modified:  Fri Jul 15 11:06:05 UTC 2011
>Originator:     Andrei Lavreniyuk
>Release:        FreeBSD 8.0-STABLE
>Organization:
Technica-03, Inc.
>Environment:
FreeBSD opensolaris.technica-03.local 8.0-STABLE FreeBSD 8.0-STABLE #0: Thu Apr 22 08:26:26 UTC 2010     root@opensolaris.technica-03.local:/usr/obj/usr/src/sys/SMP64R  amd64
>Description:
grab fixes from upstream for relative AuthorizedKeysFile handling

https://bugs.gentoo.org/308939

Author: djm <djm>
Date:   Sun Mar 21 18:53:04 2010 +0000

       - markus@cvs.openbsd.org 2010/03/12 11:37:40
         [servconf.c]
         do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths

Author: djm <djm>
Date:   Sun Mar 21 18:52:26 2010 +0000

       - djm@cvs.openbsd.org 2010/03/12 01:06:25
         [servconf.c]
         unbreak AuthorizedKeys option with a $HOME-relative path; reported by
         vinschen AT redhat.com, ok dtucker@



>How-To-Repeat:

>Fix:


Patch attached with submission follows:

--- crypto/openssh/servconf.c	4 Mar 2010 10:36:03 -0000	1.204
+++ crypto/openssh/servconf.c	12 Mar 2010 11:37:40 -0000	1.206
@@ -1180,7 +1180,17 @@ process_server_config_line(ServerOptions *options, cha
 		charptr = (opcode == sAuthorizedKeysFile) ?
 		    &options->authorized_keys_file :
 		    &options->authorized_keys_file2;
-		goto parse_filename;
+		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing file name.",
+			    filename, linenum);
+		if (*activep && *charptr == NULL) {
+			*charptr = tilde_expand_filename(arg, getuid());
+			/* increase optional counter */
+			if (intptr != NULL)
+				*intptr = *intptr + 1;
+		}
+		break;
 
 	case sClientAliveInterval:
 		intptr = &options->client_alive_interval;


>Release-Note:
>Audit-Trail:

From: "Andrei V. Lavreniyuk" <andy.lavr@reactor-xg.kiev.ua>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: amd64/145940: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile
 with getcwd(), unbreaks relative paths
Date: Thu, 22 Apr 2010 21:09:30 +0300

 Hi!
 
 
 OpenSSH-5.5p1
 
 
 
 20100410
   - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
     back so we disable the IPv6 tests if we don't have it.
 
 20100409
   - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
     ones.  Based on a patch from Roumen Petrov.
   - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags 
 if we
     have it and the path is not provided to --with-libedit.  Based on a 
 patch
     from Iain Morgan. 
 
   - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: 
 enable
     utmpx support on FreeBSD where possible.  Patch from Ed Schouten, ok 
 djm@
 
 20100326
   - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
     for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
   - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch 
 originally
     by Ingo Weinhold via Scott McCreary, ok djm@ 
 
   - (djm) OpenBSD CVS Sync 
 
     - djm@cvs.openbsd.org 2010/03/25 23:38:28 
 
       [servconf.c] 
 
       from portable: getcwd(NULL, 0) doesn't work on all platforms, so 
 
       use a stack buffer; ok dtucker@ 
 
     - djm@cvs.openbsd.org 2010/03/26 00:26:58 
 
       [ssh.1] 
 
       mention that -S none disables connection sharing; from Colin 
 Watson
   - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms 
 -
     set up SELinux execution context before chroot() call. From Russell 
 
     Coker via Colin watson; bz#1726 ok dtucker@ 
 
   - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; 
 bz#1721
     ok dtucker@ 
 
   - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 
 using
     pkg-config, patch from Colin Watson.  Needed for newer linkers (ie 
 gold).
   - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no 
 keys;
     bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ 
 
   - (dtucker) OpenBSD CVS Sync 
 
     - dtucker@cvs.openbsd.org 2010/03/26 01:06:13 
 
       [ssh_config.5] 
 
       Reformat default value of PreferredAuthentications entry (current 
 
       formatting implies ", " is acceptable as a separator, which it's not.
       ok djm@
 
 20100324
   - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
     containing the services file explicitely case-insensitive.  This 
 allows to
     tweak the Windows services file reliably.  Patch from vinschen at 
 redhat.
 
 20100321
   - (djm) OpenBSD CVS Sync
     - jmc@cvs.openbsd.org 2010/03/08 09:41:27
       [ssh-keygen.1]
       sort the list of constraints (to -O); ok djm
     - jmc@cvs.openbsd.org 2010/03/10 07:40:35
       [ssh-keygen.1]
       typos; from Ross Richardson
       closes prs 6334 and 6335
     - djm@cvs.openbsd.org 2010/03/10 23:27:17
       [auth2-pubkey.c]
       correct certificate logging and make it more consistent between
       authorized_keys and TrustedCAKeys; ok markus@
     - djm@cvs.openbsd.org 2010/03/12 01:06:25
       [servconf.c]
       unbreak AuthorizedKeys option with a $HOME-relative path; reported by
       vinschen AT redhat.com, ok dtucker@
     - markus@cvs.openbsd.org 2010/03/12 11:37:40
       [servconf.c]
       do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative 
 paths
       free() (not xfree()) the buffer returned by getcwd()
     - djm@cvs.openbsd.org 2010/03/13 21:10:38
       [clientloop.c]
       protocol conformance fix: send language tag when disconnecting 
 normally;
       spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
     - djm@cvs.openbsd.org 2010/03/13 21:45:46
       [ssh-keygen.1]
       Certificates are named *-cert.pub, not *_cert.pub; committing a diff
       from stevesk@ ok me
     - jmc@cvs.openbsd.org 2010/03/13 23:38:13
       [ssh-keygen.1]
       fix a formatting error (args need quoted); noted by stevesk
     - stevesk@cvs.openbsd.org 2010/03/15 19:40:02
       [key.c key.h ssh-keygen.c]
       also print certificate type (user or host) for ssh-keygen -L
       ok djm kettenis
     - stevesk@cvs.openbsd.org 2010/03/16 15:46:52
       [auth-options.c]
       spelling in error message. ok djm kettenis
     - djm@cvs.openbsd.org 2010/03/16 16:36:49
       [version.h]
       crank version to openssh-5.5 since we have a few fixes since 5.4;
       requested deraadt@ kettenis@
   - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
     [contrib/suse/openssh.spec] Crank version numbers
 
 20100314
   - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
     compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
     AT fefe.de
   - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
     ssh-pkcs11-helper to repair static builds (we do the same for
     ssh-keyscan). Reported by felix-mindrot AT fefe.de
 
 20100312
   - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
   - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
     Patch from Corinna Vinschen.
   - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to 
 install
     on a Cygwin installation. Patch from Corinna Vinschen.
 
 20100311
   - (tim) [contrib/suse/openssh.spec] crank version number here too.
     report by imorgan AT nas.nasa.gov
 
 20100309
   - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for 
 BROKEN_GETADDRINFO
     so setting it in CFLAGS correctly skips IPv6 tests.
 
 
 
 -- 
   Best regards, Andrei V. Lavreniyuk.
 

From: "Andrei V. Lavreniyuk" <andy.lavr@reactor-xg.kiev.ua>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: amd64/145940: [BUG] OpenSSH_5.4p1 - do not prepend AuthorizedKeysFile
 with getcwd(), unbreaks relative paths
Date: Thu, 22 Apr 2010 21:09:41 +0300

 Hi!
 
 
 OpenSSH-5.5p1
 
 
 
 20100410
   - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
     back so we disable the IPv6 tests if we don't have it.
 
 20100409
   - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
     ones.  Based on a patch from Roumen Petrov.
   - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags 
 if we
     have it and the path is not provided to --with-libedit.  Based on a 
 patch
     from Iain Morgan. 
 
   - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: 
 enable
     utmpx support on FreeBSD where possible.  Patch from Ed Schouten, ok 
 djm@
 
 20100326
   - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
     for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
   - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch 
 originally
     by Ingo Weinhold via Scott McCreary, ok djm@ 
 
   - (djm) OpenBSD CVS Sync 
 
     - djm@cvs.openbsd.org 2010/03/25 23:38:28 
 
       [servconf.c] 
 
       from portable: getcwd(NULL, 0) doesn't work on all platforms, so 
 
       use a stack buffer; ok dtucker@ 
 
     - djm@cvs.openbsd.org 2010/03/26 00:26:58 
 
       [ssh.1] 
 
       mention that -S none disables connection sharing; from Colin 
 Watson
   - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms 
 -
     set up SELinux execution context before chroot() call. From Russell 
 
     Coker via Colin watson; bz#1726 ok dtucker@ 
 
   - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; 
 bz#1721
     ok dtucker@ 
 
   - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 
 using
     pkg-config, patch from Colin Watson.  Needed for newer linkers (ie 
 gold).
   - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no 
 keys;
     bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@ 
 
   - (dtucker) OpenBSD CVS Sync 
 
     - dtucker@cvs.openbsd.org 2010/03/26 01:06:13 
 
       [ssh_config.5] 
 
       Reformat default value of PreferredAuthentications entry (current 
 
       formatting implies ", " is acceptable as a separator, which it's not.
       ok djm@
 
 20100324
   - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
     containing the services file explicitely case-insensitive.  This 
 allows to
     tweak the Windows services file reliably.  Patch from vinschen at 
 redhat.
 
 20100321
   - (djm) OpenBSD CVS Sync
     - jmc@cvs.openbsd.org 2010/03/08 09:41:27
       [ssh-keygen.1]
       sort the list of constraints (to -O); ok djm
     - jmc@cvs.openbsd.org 2010/03/10 07:40:35
       [ssh-keygen.1]
       typos; from Ross Richardson
       closes prs 6334 and 6335
     - djm@cvs.openbsd.org 2010/03/10 23:27:17
       [auth2-pubkey.c]
       correct certificate logging and make it more consistent between
       authorized_keys and TrustedCAKeys; ok markus@
     - djm@cvs.openbsd.org 2010/03/12 01:06:25
       [servconf.c]
       unbreak AuthorizedKeys option with a $HOME-relative path; reported by
       vinschen AT redhat.com, ok dtucker@
     - markus@cvs.openbsd.org 2010/03/12 11:37:40
       [servconf.c]
       do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative 
 paths
       free() (not xfree()) the buffer returned by getcwd()
     - djm@cvs.openbsd.org 2010/03/13 21:10:38
       [clientloop.c]
       protocol conformance fix: send language tag when disconnecting 
 normally;
       spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
     - djm@cvs.openbsd.org 2010/03/13 21:45:46
       [ssh-keygen.1]
       Certificates are named *-cert.pub, not *_cert.pub; committing a diff
       from stevesk@ ok me
     - jmc@cvs.openbsd.org 2010/03/13 23:38:13
       [ssh-keygen.1]
       fix a formatting error (args need quoted); noted by stevesk
     - stevesk@cvs.openbsd.org 2010/03/15 19:40:02
       [key.c key.h ssh-keygen.c]
       also print certificate type (user or host) for ssh-keygen -L
       ok djm kettenis
     - stevesk@cvs.openbsd.org 2010/03/16 15:46:52
       [auth-options.c]
       spelling in error message. ok djm kettenis
     - djm@cvs.openbsd.org 2010/03/16 16:36:49
       [version.h]
       crank version to openssh-5.5 since we have a few fixes since 5.4;
       requested deraadt@ kettenis@
   - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
     [contrib/suse/openssh.spec] Crank version numbers
 
 20100314
   - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
     compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
     AT fefe.de
   - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
     ssh-pkcs11-helper to repair static builds (we do the same for
     ssh-keyscan). Reported by felix-mindrot AT fefe.de
 
 20100312
   - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
   - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
     Patch from Corinna Vinschen.
   - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to 
 install
     on a Cygwin installation. Patch from Corinna Vinschen.
 
 20100311
   - (tim) [contrib/suse/openssh.spec] crank version number here too.
     report by imorgan AT nas.nasa.gov
 
 20100309
   - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for 
 BROKEN_GETADDRINFO
     so setting it in CFLAGS correctly skips IPv6 tests.
 
 
 
 -- 
   Best regards, Andrei V. Lavreniyuk.
 
Responsible-Changed-From-To: freebsd-amd64->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Apr 23 22:12:23 UTC 2010 
Responsible-Changed-Why:  
reclassify 

http://www.freebsd.org/cgi/query-pr.cgi?pr=145940 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/145940: commit references a PR
Date: Wed,  2 Jun 2010 10:26:52 +0000 (UTC)

 Author: des
 Date: Wed Jun  2 10:26:31 2010
 New Revision: 208735
 URL: http://svn.freebsd.org/changeset/base/208735
 
 Log:
   Fix expansion of AuthorizedKeysFile (upstream patch)
   
   PR:		146334, 145940
   Approved by:	re (kib@)
 
 Modified:
   stable/8/crypto/openssh/servconf.c
 
 Modified: stable/8/crypto/openssh/servconf.c
 ==============================================================================
 --- stable/8/crypto/openssh/servconf.c	Wed Jun  2 10:20:38 2010	(r208734)
 +++ stable/8/crypto/openssh/servconf.c	Wed Jun  2 10:26:31 2010	(r208735)
 @@ -1227,7 +1227,17 @@ process_server_config_line(ServerOptions
  		charptr = (opcode == sAuthorizedKeysFile) ?
  		    &options->authorized_keys_file :
  		    &options->authorized_keys_file2;
 -		goto parse_filename;
 +		arg = strdelim(&cp);
 +		if (!arg || *arg == '\0')
 +			fatal("%s line %d: missing file name.",
 +			    filename, linenum);
 +		if (*activep && *charptr == NULL) {
 +			*charptr = tilde_expand_filename(arg, getuid());
 +			/* increase optional counter */
 +			if (intptr != NULL)
 +				*intptr = *intptr + 1;
 +		}
 +		break;
  
  	case sClientAliveInterval:
  		intptr = &options->client_alive_interval;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
Responsible-Changed-From-To: freebsd-bugs->des 
Responsible-Changed-By: des 
Responsible-Changed-When: Wed Jun 2 11:10:13 UTC 2010 
Responsible-Changed-Why:  
mine 

http://www.freebsd.org/cgi/query-pr.cgi?pr=145940 

From: Andrei Lavreniyuk <andy.lavr@gmail.com>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: kern/145940: [crypto] [patch] OpenSSH_5.4p1 - do not prepend
 AuthorizedKeysFile with getcwd(), unbreaks relative paths
Date: Wed, 13 Jul 2011 09:49:33 +0300

 Hi!
 
 
 Please close PR. Thanks.
 
 
 ---
 Best regards, Andrei Lavreniyuk.
State-Changed-From-To: open->closed 
State-Changed-By: des 
State-Changed-When: Fri Jul 15 11:06:04 UTC 2011 
State-Changed-Why:  
Fixed 

http://www.freebsd.org/cgi/query-pr.cgi?pr=145940 
>Unformatted:
