On Wed, 4 May 2016, Damien Miller wrote: > On Tue, 3 May 2016, Rogan Dawes wrote: > > > And, surprisingly, even having set the directive outside the Match block, > > the following command still doesn't show streamlocalbindunlink set: > > > > sshd -T -C "user=sshvpn,host=196.209.244.243,addr=196.209.244.243" | grep -i > > stream > > streamlocalbindmask 0177 > > allowstreamlocalforwarding yes > > oh, that's a bug in the config dump support. ... and with that fixed the real bug reveals itself: diff --git a/servconf.c b/servconf.c index 6111c5a..5e8b7ca 100644 --- a/servconf.c +++ b/servconf.c @@ -1994,6 +1994,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(allow_agent_forwarding); M_CP_INTOPT(permit_tun); M_CP_INTOPT(fwd_opts.gateway_ports); + M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); M_CP_INTOPT(x11_display_offset); M_CP_INTOPT(x11_forwarding); M_CP_INTOPT(x11_use_localhost); @@ -2006,6 +2007,12 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); + /* This is a mode_t, so can't use M_CP_INTOPT */ + if (src->fwd_opts.streamlocal_bind_mask == (mode_t)-1) { + dst->fwd_opts.streamlocal_bind_mask = + src->fwd_opts.streamlocal_bind_mask; + } + /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ #define M_CP_STROPT(n) do {\ if (src->n != NULL && dst->n != src->n) { \ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev