Bugzilla – Attachment 1947 Details for
Bug 1809
ssh-agent doesnt respect $TMPDIR
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
/home/djm/ssh-tmpdir.diff
ssh-tmpdir.diff (text/plain), 4.29 KB, created by
Damien Miller
on 2010-11-05 11:15:23 AEDT
(
hide
)
Description:
/home/djm/ssh-tmpdir.diff
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2010-11-05 11:15:23 AEDT
Size:
4.29 KB
patch
obsolete
>Index: misc.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.c,v >retrieving revision 1.82 >diff -u -p -r1.82 misc.c >--- misc.c 24 Sep 2010 13:33:00 -0000 1.82 >+++ misc.c 5 Nov 2010 00:14:42 -0000 >@@ -893,3 +893,20 @@ bandwidth_limit(struct bwlimit *bw, size > bw->lamt = 0; > gettimeofday(&bw->bwstart, NULL); > } >+ >+/* Make a template filename for mk[sd]temp() */ >+void >+mktemp_proto(char *s, size_t len) >+{ >+ const char *tmpdir; >+ int r; >+ >+ if ((tmpdir = getenv("TMPDIR")) != NULL) { >+ r = snprintf(s, len, "%s/ssh-XXXXXXXXXXXX", tmpdir); >+ if (r > 0 && (size_t)r < len) >+ return; >+ } >+ r = snprintf(s, len, "/tmp/ssh-XXXXXXXXXXXX"); >+ if (r < 0 || (size_t)r >= len) >+ fatal("%s: template string too short", __func__); >+} >Index: misc.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.h,v >retrieving revision 1.45 >diff -u -p -r1.45 misc.h >--- misc.h 24 Sep 2010 13:33:00 -0000 1.45 >+++ misc.h 5 Nov 2010 00:14:42 -0000 >@@ -87,6 +87,7 @@ struct bwlimit { > void bandwidth_limit_init(struct bwlimit *, u_int64_t, size_t); > void bandwidth_limit(struct bwlimit *, size_t); > >+void mktemp_proto(char *, size_t); > > /* readpass.c */ > >Index: ssh-agent.1 >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh-agent.1,v >retrieving revision 1.52 >diff -u -p -r1.52 ssh-agent.1 >--- ssh-agent.1 31 Aug 2010 17:40:54 -0000 1.52 >+++ ssh-agent.1 5 Nov 2010 00:14:42 -0000 >@@ -72,7 +72,7 @@ Bind the agent to the > socket > .Ar bind_address . > The default is >-.Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt . >+.Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt . > .It Fl c > Generate C-shell commands on > .Dv stdout . >@@ -192,7 +192,7 @@ Contains the protocol version 2 DSA auth > Contains the protocol version 2 ECDSA authentication identity of the user. > .It Pa ~/.ssh/id_rsa > Contains the protocol version 2 RSA authentication identity of the user. >-.It Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt >+.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt > .Ux Ns -domain > sockets used to contain the connection to the authentication agent. > These sockets should only be readable by the owner. >Index: ssh-agent.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v >retrieving revision 1.170 >diff -u -p -r1.170 ssh-agent.c >--- ssh-agent.c 31 Aug 2010 12:33:38 -0000 1.170 >+++ ssh-agent.c 5 Nov 2010 00:14:43 -0000 >@@ -1199,7 +1199,7 @@ main(int ac, char **av) > > if (agentsocket == NULL) { > /* Create private directory for agent socket */ >- strlcpy(socket_dir, "/tmp/ssh-XXXXXXXXXX", sizeof socket_dir); >+ mktemp_proto(socket_dir, sizeof(socket_dir)); > if (mkdtemp(socket_dir) == NULL) { > perror("mkdtemp: private socket dir"); > exit(1); >Index: session.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/session.c,v >retrieving revision 1.256 >diff -u -p -r1.256 session.c >--- session.c 25 Jun 2010 07:20:04 -0000 1.256 >+++ session.c 5 Nov 2010 00:14:44 -0000 >@@ -165,6 +165,7 @@ auth_input_request_forwarding(struct pas > Channel *nc; > int sock = -1; > struct sockaddr_un sunaddr; >+ char socket_dir[MAXPATHLEN]; > > if (auth_sock_name != NULL) { > error("authentication forwarding requested twice."); >@@ -175,7 +176,8 @@ auth_input_request_forwarding(struct pas > temporarily_use_uid(pw); > > /* Allocate a buffer for the socket name, and format the name. */ >- auth_sock_dir = xstrdup("/tmp/ssh-XXXXXXXXXX"); >+ mktemp_proto(socket_dir, sizeof(socket_dir)); >+ auth_sock_dir = xstrdup(socket_dir); > > /* Create private directory for socket */ > if (mkdtemp(auth_sock_dir) == NULL) { >Index: clientloop.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v >retrieving revision 1.223 >diff -u -p -r1.223 clientloop.c >--- clientloop.c 6 Oct 2010 06:39:28 -0000 1.223 >+++ clientloop.c 5 Nov 2010 00:14:44 -0000 >@@ -317,7 +317,7 @@ client_x11_get_proto(const char *display > if (trusted == 0) { > xauthdir = xmalloc(MAXPATHLEN); > xauthfile = xmalloc(MAXPATHLEN); >- strlcpy(xauthdir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN); >+ mktemp_proto(xauthdir, MAXPATHLEN); > if (mkdtemp(xauthdir) != NULL) { > do_unlink = 1; > snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile",
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1947">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1809
:
1913
| 1947