Another bug in SSH in FreeBSD 8.4 (sftp cannot create relative symlinks)

Sat Jun 22 00:54:46 UTC 2013

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/21/13 16:04, Miroslav Lachman wrote:
> 1) Is there some way to create relative symlinks with OpenSSH 6.1?

No.  It seems like a regression and can not be worked around.  I do
have a patch (attached; against crypto/openssh/), and my test shows
that it would fix the problem.

> 2) Was OpenSSH 6.1 tested before importing in to the base of
> FreeBSD 8.4 release? These two bugs seems serious to me.

This code is not new: it was in OpenBSD 3 years ago, and in FreeBSD
for more than 2 years (r221420 or 2011-05-04); OpenSSH 6.1 was
imported last September.  This issue you have just raised have been
there since FreeBSD 9.0-RELEASE.

So to me it seems like that the two issues are either rarely hit by
the general public (counting myself in: I have never used sftp to
create symbolic link remotely and have thus learned something new
today), or those who hit this have choose to keep silent about it.
Fortunately we have you noticed and reported the problem.

As a community effort, we really *need* people to grab in-development
snapshots and provide us the feedback.

> 3) Is there any chance to fix these bugs in FreeBSD repository, or
> do we need to be "bug to bug" compatible with other systems using
> OpenSSH 6.x?

I can not make a promise as I am not the maintainer.  However, I have
already reported this issue to upstream OpenBSD developers, so if this
was accepted by the upstream, we will commit the change locally to fix
the issue.

Unfortunately, it is too late to fix this for 8.4-RELEASE, and unless
we see widespread complain, I don't think the problem would affect a
significant amount of users to warrant a "errata" for supported
release (8.4-RELEASE, 9.1-RELEASE), however, if it would be fixed, the
fix would be merged to 8-STABLE and 9-STABLE and will be shipped with
future releases, if the fix enters the development branch before them.

Cheers,
- -- 
Xin LI <delphij at delphij.net>    https://www.delphij.net/
FreeBSD - The Power to Serve!           Live free or die
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJRxPXUAAoJEG80Jeu8UPuzzRAH/AnNKnmsb6vX9LCNRsLtb2SG
bk2J4lx5XLK3sCYEeSL/npBtpwShGLMRnfTeb7oAPBU0skzpppHDpvwp8aIZUAGB
uMwMrln2YPKYfUJvtkPdUC+5Jm8OHnxwoYepOXkZSQy8R3ii1Q2Kpk9uGbez1i2i
iFaP+bQoCJxX8NdTRE/WrPjpfgq8KvUOowBn21dGLZ+MGUL5RlffvrOgth8Py4rp
ByekHuvwNz0i5wxILmriPKg04MhI8Ljy6Y8KxjZhn6v3fjEO7D5FvVlJP8us9iu0
AsFbnkBOvaYxJFDCmlh7u4fumCcsvtwmsmNbiqFRdQVbDuyMdvf880kNrmgCb5k=
=vS/U
-----END PGP SIGNATURE-----
-------------- next part --------------
Index: usr.bin/ssh/sftp.c
===================================================================
RCS file: /home/openbsd/src/usr.bin/ssh/sftp.c,v
retrieving revision 1.143
diff -u -p -u -r1.143 sftp.c

--- usr.bin/ssh/sftp.c	18 Apr 2013 02:16:07 -0000	1.143
+++ usr.bin/ssh/sftp.c	22 Jun 2013 00:26:00 -0000
@@ -1313,7 +1313,6 @@ parse_dispatch_command(struct sftp_conn 
 	case I_SYMLINK:
 		sflag = 1;
 	case I_LINK:
-		path1 = make_absolute(path1, *pwd);
 		path2 = make_absolute(path2, *pwd);
 		err = (sflag ? do_symlink : do_hardlink)(conn, path1, path2);
 		break;
