Overview: The function derelativise_path() in servconf.c calls getcwd(NULL,0) and using zero for the size argument is unsupported on Solaris. Steps to Reproduce: 1) uncomment #AuthorizedKeysFile %h/.ssh/authorized_keys from /etc/ssh/sshd_config 2) restart sshd Actual Results: sshd failed to start with the following message derelativise_path: getcwd: Invalid argument Expected Results: sshd starts with no error messages Build Date & Platform: Build 2010-03-23 on Solaris 9 sun4u OpenSSH_5.4p1, OpenSSL 0.9.8m
Created attachment 1821 [details] A little patch to fix the getcwd function usage Here is a little patch to solve this bug. It just passes PATH_MAX as the size argument instead of 0. The allocated space will be often a lot bigger than needed but: - the cwd string variable is very short-lived so that is not so important, - when passed a 0 size argument, getcwd under linux seems to allocate PATH_MAX bytes and realloc to exact string size once it has retrieved the current directory. So it seems we just avoid a realloc call by using PATH_MAX instead of 0.
I posted a patch to solve the bug reported but I uncovered another issue while testing it. It seems the Authorized_keys filename argument is now derelativised when the configuration file is read. As a result, an argument like '.ssh/authorized_keys' is now transformed into '/.ssh/autorized_keys' by the derelativise_path function and is not anymore interpreted as being relative to the user home, contrary to what the man page says: "After expansion, AuthorizedKeysFile is taken to be an absolute path or one relative to the user's home directory"
Created attachment 1822 [details] Don't try to derelativise the AuthorizedKeysFile value A little patch to fix the second issue.
Thanks - this is fixed in openssh-5.5p1, due shortly.
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1