bugzilla-daemon at bugzilla.mindrot.org
2018-Nov-29 12:50 UTC
[Bug 2936] New: ssh tries to use empty $SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2936
Bug ID: 2936
Summary: ssh tries to use empty $SSH_AUTH_SOCK
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: ossman at cendio.se
If you do this:
> $ SSH_AUTH_SOCK= ssh foo at bar
Then ssh will try to connect to an agent at address "\0\0\0\0....",
which is a perfectly legal abstract socket address on Linux.
This was discovered by the fact that irqbalance 1.5.0 happens to listen
to that address:
https://github.com/Irqbalance/irqbalance/issues/85
The end result is that ssh hangs as it tries to talk to irqbalance,
believing it is an SSH agent.
This is a very confusing behaviour and I would have expected an empty
$SSH_AUTH_SOCK to be treated the same as if it was not set at all.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Nov-29 14:10 UTC
[Bug 2936] ssh tries to use empty $SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2936
Jakub Jelen <jjelen at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jjelen at redhat.com
--- Comment #1 from Jakub Jelen <jjelen at redhat.com> ---
The following patch should take care of this:
diff --git a/authfd.c b/authfd.c
index ecdd869a..972f1b5f 100644
--- a/authfd.c
+++ b/authfd.c
@@ -94,7 +94,7 @@ ssh_get_authentication_socket(int *fdp)
*fdp = -1;
authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
- if (!authsocket)
+ if (!authsocket || authsocket[0] == '\0')
return SSH_ERR_AGENT_NOT_PRESENT;
memset(&sunaddr, 0, sizeof(sunaddr));
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Dec-07 02:11 UTC
[Bug 2936] ssh tries to use empty $SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2936
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
CC| |djm at mindrot.org
Blocks| |2915
Status|NEW |RESOLVED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Fix committed - this will be in OpenSSH 8.0
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2915
[Bug 2915] Tracking bug for 8.0 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 05:09 UTC
[Bug 2936] ssh tries to use empty $SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2936
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Oct-13 14:41 UTC
[Bug 2936] ssh tries to use empty $SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2936
Ahmed Sayeed <ahmedsayeed1982 at yahoo.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ahmedsayeed1982 at yahoo.com
--- Comment #4 from Ahmed Sayeed <ahmedsayeed1982 at yahoo.com> ---
amd64-linux-siginfo.c: Adjust include order to avoid gnulib error
http://www.compilatori.com/computers/latest-car-deals/
On Fedora rawhide, after updating to glibc-2.33, I'm seeing the
following build failure:
http://www.acpirateradio.co.uk/travel/good/
CXX nat/amd64-linux-siginfo.o
In file included from /usr/include/bits/sigstksz.h:24,
http://www.logoarts.co.uk/services/affordable-printer/
from /usr/include/signal.h:315,
from ../gnulib/import/signal.h:52,
http://www.slipstone.co.uk/property/hp-of-cars/
from
/ironwood1/sourceware-git/rawhide-gnulib/bld/../../worktree-gnulib/gdbserver/../gdb/nat/amd64-linux-siginfo.c:20:
http://embermanchester.uk/services/whatsapp-number-change/
../gnulib/import/unistd.h:663:3: error: #error "Please include
config.h first."
663 | #error "Please include config.h first."
http://connstr.net/property/mars-researches/
| ^~~~~
glibc-2.33 has changed signal.h to now include <bits/sigstksz.h>
which,
in turn, includes <unistd.h>.
http://joerg.li/technology/b-class-cars/ For a gdb build, this causes
the gnulib
version of unistd.h to be pulled in first. The build failure shown
above happens because gnulib's config.h has not been included
before
the include of <signal.h>.
http://www.jopspeech.com/health/nvidia-rtx-2060/
The fix is simple - we just rearrange the order of the header file
includes to make sure that gdbsupport/commondefs.h is included
before
attempting to include signal.h. Note that gdbsupport/commondefs.h
includes <gnulib/config.h>.
http://www.wearelondonmade.com/health/check-ups/
Build and regression tested on Fedora 33. On Fedora rawhide, GDB
builds again.
https://waytowhatsnext.com/shopping/xbox-release-date/
gdb/ChangeLog:
glibc-2.33 has changed signal.h to now include <bits/sigstksz.h> which,
in turn, includes <unistd.h>.
http://www.iu-bloomington.com/computers/invisible-with-vpn/ For a gdb
build, this causes the gnulib
version of unistd.h to be pulled in first. The build failure shown
above happens because gnulib's
https://komiya-dental.com/crypto/new-coins/ config.h has not been
included before
the include of <signal.h>.
http://www-look-4.com/tech/nvidia-and-samsung/
The fix is simple - we just rearrange the order of the header file
https://www.webb-dev.co.uk/crypto/crypto-for-investing/
includes to make sure that gdbsupport/commondefs.h is included
before
attempting to include signal.h. Note that gdbsupport/commondefs.h
includes <gnulib/config.h>.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.