From owner-freebsd-stable@FreeBSD.ORG Mon Jun 24 22:11:23 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 2FB1C564 for ; Mon, 24 Jun 2013 22:11:23 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id E649A122A for ; Mon, 24 Jun 2013 22:11:22 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 4556D28427; Tue, 25 Jun 2013 00:11:15 +0200 (CEST) Received: from [192.168.1.2] (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 0DA9928422; Tue, 25 Jun 2013 00:11:13 +0200 (CEST) Message-ID: <51C8C400.7080009@quip.cz> Date: Tue, 25 Jun 2013 00:11:12 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14 MIME-Version: 1.0 To: d@delphij.net Subject: Re: Another bug in SSH in FreeBSD 8.4 (sftp cannot create relative symlinks) References: <51C4DBFE.1010809@quip.cz> <51C4F5D4.6000802@delphij.net> In-Reply-To: <51C4F5D4.6000802@delphij.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable@FreeBSD.org, Xin Li X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jun 2013 22:11:23 -0000 Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 06/21/13 16:04, Miroslav Lachman wrote: >> 1) Is there some way to create relative symlinks with OpenSSH 6.1? > > No. It seems like a regression and can not be worked around. I do > have a patch (attached; against crypto/openssh/), and my test shows > that it would fix the problem. > >> 2) Was OpenSSH 6.1 tested before importing in to the base of >> FreeBSD 8.4 release? These two bugs seems serious to me. > > This code is not new: it was in OpenBSD 3 years ago, and in FreeBSD > for more than 2 years (r221420 or 2011-05-04); OpenSSH 6.1 was > imported last September. This issue you have just raised have been > there since FreeBSD 9.0-RELEASE. > > So to me it seems like that the two issues are either rarely hit by > the general public (counting myself in: I have never used sftp to > create symbolic link remotely and have thus learned something new > today), or those who hit this have choose to keep silent about it. > Fortunately we have you noticed and reported the problem. > > As a community effort, we really *need* people to grab in-development > snapshots and provide us the feedback. I have two machines with FreeBSD 9.1, SSH version is reported as SSH-2.0-OpenSSH_5.8p2_hpn13v11 and there is no problem with empty VersionAddendum. You are right about the second problem - sftp symlinks. They are broken on this version as well but I didn't tried it before on this version. >> 3) Is there any chance to fix these bugs in FreeBSD repository, or >> do we need to be "bug to bug" compatible with other systems using >> OpenSSH 6.x? > > I can not make a promise as I am not the maintainer. However, I have > already reported this issue to upstream OpenBSD developers, so if this > was accepted by the upstream, we will commit the change locally to fix > the issue. > > Unfortunately, it is too late to fix this for 8.4-RELEASE, and unless > we see widespread complain, I don't think the problem would affect a > significant amount of users to warrant a "errata" for supported > release (8.4-RELEASE, 9.1-RELEASE), however, if it would be fixed, the > fix would be merged to 8-STABLE and 9-STABLE and will be shipped with > future releases, if the fix enters the development branch before them. Thank you very much for your quick and kind response! I hope the fix will be accepted upstream. The patch seems really simple and I know how to apply it, but I am not able to compile and install only fixed sftp command instead of the whole userland. Can you push me to the right direction? Thank you again! Miroslav Lachman