Re: StreamLocal forwarding

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 4 May 2016, Damien Miller wrote:

> On Tue, 3 May 2016, Rogan Dawes wrote:
> 
> > And, surprisingly, even having set the directive outside the Match block,
> > the following command still doesn't show streamlocalbindunlink set:
> > 
> > sshd -T -C "user=sshvpn,host=196.209.244.243,addr=196.209.244.243" | grep -i
> > stream
> > streamlocalbindmask 0177
> > allowstreamlocalforwarding yes
> 
> oh, that's a bug in the config dump support.

... and with that fixed the real bug reveals itself:

diff --git a/servconf.c b/servconf.c
index 6111c5a..5e8b7ca 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1994,6 +1994,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
 	M_CP_INTOPT(allow_agent_forwarding);
 	M_CP_INTOPT(permit_tun);
 	M_CP_INTOPT(fwd_opts.gateway_ports);
+	M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink);
 	M_CP_INTOPT(x11_display_offset);
 	M_CP_INTOPT(x11_forwarding);
 	M_CP_INTOPT(x11_use_localhost);
@@ -2006,6 +2007,12 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
 	M_CP_INTOPT(rekey_limit);
 	M_CP_INTOPT(rekey_interval);
 
+	/* This is a mode_t, so can't use M_CP_INTOPT */
+	if (src->fwd_opts.streamlocal_bind_mask == (mode_t)-1) {
+		dst->fwd_opts.streamlocal_bind_mask =
+		    src->fwd_opts.streamlocal_bind_mask;
+	}
+
 	/* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */
 #define M_CP_STROPT(n) do {\
 	if (src->n != NULL && dst->n != src->n) { \
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux