Bug 1290

Summary:

sshd dies if passed host key with relative path on command line

Product:

Portable OpenSSH

Reporter:

Marc Bejarano <bugzilla.mindrot.org>

Component:

sshd

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

djm, dtucker

Priority:

Version:

4.5p1

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

1626

Attachments:

Description	Flags
require absolute paths	none
better patch	none
Working patch	dtucker: ok+
/home/djm/sshd-abspath.diff	dtucker: ok+

Description Marc Bejarano 2007-03-02 11:25:50 AEDT

the following works fine on linux:
root@ubuntu1:/test# /usr/sbin/sshd -D -h ssh_host_dsa_key -p 6789

on FreeBSD and OSX, once a client connects, the server exits.
changing the path for the host key to an absolute one allows the server to function normally:
beejmacbook:/test beej$ /opt/local/sbin/sshd -h /test/ssh_host_dsa_key -D -ddd -p 6789

Comment 1 Darren Tucker 2007-03-05 11:51:05 AEDT

What version is it that you're testing on Linux, and do you see the same results with a version built form vanilla source?

I suspect it's not dependant on the the OS but rather on whether or not re-exec is enabled.

Comment 2 Marc Bejarano 2007-03-05 16:15:05 AEDT

the testing i did for this bug report was with ubuntu's sshd 
OpenSSH_4.3p2 from their 4.3p2-5ubuntu1 deb.

anyway, using vanilla 4.5p1 source with all defaults on the same linux test box does indeed break things like the other OS's when using a relative path for host key.  and adding the -r flag fixes things again so you're right about this being related to re-exec :)

Comment 3 Damien Miller 2007-05-18 16:58:40 AEST

Created attachment 1288 [details]
require absolute paths

It is pretty easy to fix the specific case of the '-h' option not accepting relative paths, but fixing the more general problem of paths specified on the commandline using -oConfigItem=value or in configuration files is surprisingly tricky because of the way we pass the configuration between the original sshd instance and the re-executed child.

Rather than writing a lot of code to fix this edge case, I think it is better that we just make the requirement to use absolute paths explicit and provide error feedback when the daemon is started, not when it tries to accept a connection.

Comment 4 Damien Miller 2007-05-18 17:18:56 AEST

Created attachment 1289 [details]
better patch

Actually, the last patch had two bugs: it broke the AuthorizedKeysFile directive (which allows paths relative to $HOME) and absolute paths specified using ~/ or ~user/. This one fixes these problems.

Comment 5 Damien Miller 2007-05-18 17:25:37 AEST

Created attachment 1290 [details]
Working patch

It helps if one saves the file that one is working on before making a broken patch and posting it for the world to see...

Comment 6 Darren Tucker 2009-07-31 11:25:14 AEST

target for 5.4

Comment 7 Damien Miller 2010-01-13 14:32:05 AEDT

Created attachment 1776 [details]
/home/djm/sshd-abspath.diff

de-relativise host key paths

Comment 8 Damien Miller 2010-01-13 14:33:21 AEDT

Comment on attachment 1776 [details]
/home/djm/sshd-abspath.diff

ignore the Makefile.inc hunk

Comment 9 Darren Tucker 2010-01-13 14:47:13 AEDT

Comment on attachment 1776 [details]
/home/djm/sshd-abspath.diff

ok minus the XXX debugs.

Comment 10 Damien Miller 2010-01-13 14:48:51 AEDT

revised patch applied, so this will be in OpenSSH 5.4. Thanks for the report.

Comment 11 Darren Tucker 2010-03-26 10:51:25 AEDT

With the release of 5.4p1, this bug is now considered closed.