bugzilla-daemon at bugzilla.mindrot.org
2018-Feb-12 22:20 UTC
[Bug 2831] New: ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Bug ID: 2831 Summary: ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh Product: Portable OpenSSH Version: 7.6p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: phil.pennock at globnix.org On a system with an older release in /usr/bin and current OpenSSH in /usr/local/bin, but for $reasons keeping /usr/bin first in the $PATH, having "ssh" exec itself using "ssh" as argv[0] will execute the wrong SSH. That's what ProxyJump does. Encountered via: git using core.sshCommand as a setting, and a config file using ProxyJump. The child ssh will complain about the invalid configuration directive. Since config can be read by "sftp" etc, I suspect that one fix is to look for a path separator in "our" argv[0] and if found, then replace the last component with "ssh" and use the result as the new process' argv[0], otherwise fall back to "ssh". -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Feb-12 22:21 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Phil Pennock <phil.pennock at globnix.org> changed: What |Removed |Added ---------------------------------------------------------------------------- OS|Mac OS X |All CC| |phil.pennock at globnix.org Severity|enhancement |normal Hardware|68k |All -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 03:47 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2852 CC| |djm at mindrot.org Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2852 [Bug 2852] Tracking bug for OpenSSH 7.8 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-May-25 07:06 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org CC| |dtucker at dtucker.net Status|NEW |ASSIGNED Attachment #3157| |ok?(dtucker at dtucker.net) Flags| | --- Comment #1 from Damien Miller <djm at mindrot.org> --- Created attachment 3157 --> https://bugzilla.mindrot.org/attachment.cgi?id=3157&action=edit Prefer to use argv[0] for ProxyJump ssh binary -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-May-25 09:23 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3157|ok?(dtucker at dtucker.net) |ok+ Flags| | -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-May-26 02:14 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 --- Comment #2 from Phil Pennock <phil.pennock at globnix.org> --- By inspection, that will break sftp because argv[0] will refer to sftp and the ProxyJump will then try to execute sftp for the proxy connection. (Thanks for looking at this!) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-May-27 02:12 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 --- Comment #3 from Damien Miller <djm at mindrot.org> --- I don't follow - sftp exec()s ssh with argv[0] as /usr/sbin/ssh not sftp. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-May-28 05:37 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 --- Comment #4 from Phil Pennock <phil.pennock at globnix.org> --- Sorry. I was going from recollection that there was a scenario where something parsed an ssh_config(5) file with argv[0] not ending "/ssh". Looking again now, I only see ssh-keysign(1) doing so, and ProxyJump clearly doesn't apply to that. My mistake. Shutting up now. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Jun-01 03:12 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|ASSIGNED |RESOLVED --- Comment #5 from Damien Miller <djm at mindrot.org> --- Fix applied - this will be in OpenSSH 7.8 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Oct-19 06:17 UTC
[Bug 2831] ProxyJump self-exec construction ignores path-to-self, exec's wrong ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=2831 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Damien Miller <djm at mindrot.org> --- Close RESOLVED bugs with the release of openssh-8.0 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.