Another bug in SSH in FreeBSD 8.4 (sftp cannot create relative symlinks)

Miroslav Lachman 000.fbsd at quip.cz
Wed Jul 24 08:24:27 UTC 2013 

Xin Li wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 06/21/13 16:04, Miroslav Lachman wrote:
>> 1) Is there some way to create relative symlinks with OpenSSH 6.1?
>
> No.  It seems like a regression and can not be worked around.  I do
> have a patch (attached; against crypto/openssh/), and my test shows
> that it would fix the problem.
>
>> 2) Was OpenSSH 6.1 tested before importing in to the base of
>> FreeBSD 8.4 release? These two bugs seems serious to me.
>
> This code is not new: it was in OpenBSD 3 years ago, and in FreeBSD
> for more than 2 years (r221420 or 2011-05-04); OpenSSH 6.1 was
> imported last September.  This issue you have just raised have been
> there since FreeBSD 9.0-RELEASE.
>
> So to me it seems like that the two issues are either rarely hit by
> the general public (counting myself in: I have never used sftp to
> create symbolic link remotely and have thus learned something new
> today), or those who hit this have choose to keep silent about it.
> Fortunately we have you noticed and reported the problem.
>
> As a community effort, we really *need* people to grab in-development
> snapshots and provide us the feedback.
>
>> 3) Is there any chance to fix these bugs in FreeBSD repository, or
>> do we need to be "bug to bug" compatible with other systems using
>> OpenSSH 6.x?
>
> I can not make a promise as I am not the maintainer.  However, I have
> already reported this issue to upstream OpenBSD developers, so if this
> was accepted by the upstream, we will commit the change locally to fix
> the issue.
>
> Unfortunately, it is too late to fix this for 8.4-RELEASE, and unless
> we see widespread complain, I don't think the problem would affect a
> significant amount of users to warrant a "errata" for supported
> release (8.4-RELEASE, 9.1-RELEASE), however, if it would be fixed, the
> fix would be merged to 8-STABLE and 9-STABLE and will be shipped with
> future releases, if the fix enters the development branch before them.

Do you have any news from upstream about integrating your patch in to 
OpenSSH? I didn't test FreeBSD 9.2-BETA1 yet - will this fix be included 
in 9.2 RELEASE?
And last, is it possible to write a note about my reported problem with 
empty VersionAdendum in to Release Notes / Errata for 9.2 RELEASE?

kind regards

Miroslav Lachman

More information about the freebsd-stable mailing list