---
channels.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/channels.c b/channels.c
index a84b487..396e192 100644
--- a/channels.c
+++ b/channels.c
@@ -3014,10 +3014,14 @@ channel_setup_fwd_listener_streamlocal(int type, struct
Forward *fwd,
debug3("%s: type %d path %s", __func__, type, fwd->listen_path);
+ /* Expand home directory if necessary */
+ char *expanded_path = tilde_expand_filename(fwd->listen_path, getuid());
+
/* Start a Unix domain listener. */
omask = umask(fwd_opts->streamlocal_bind_mask);
- sock = unix_listener(fwd->listen_path, SSH_LISTEN_BACKLOG,
+ sock = unix_listener(expanded_path, SSH_LISTEN_BACKLOG,
fwd_opts->streamlocal_bind_unlink);
+ free(expanded_path);
umask(omask);
if (sock < 0)
return 0;
--
1.9.1
Todd C. Miller
2015-Aug-17 19:14 UTC
[PATCH] Expand tilde for UNIX domain socket forwards.
I like the idea but tilde_expand_filename() calls fatal() if it cannot resolve ~foo. This is not terrible when using -L and -R on the normal command line but it seems pretty harsh to exit when -L or -R are used via the ~C escape or the streamlocal-forward at openssh.com request. Message-Id: <aea6cdc1d1b42d07 at courtesan.com> Perhaps we just need a non-fatal version of tilde_expand_filename(). Message-Id: <aea6cdc2c787751c at courtesan.com> - todd
On Mon, 17 Aug 2015, Todd C. Miller wrote:> I like the idea but tilde_expand_filename() calls fatal() if it > cannot resolve ~foo. This is not terrible when using -L and -R on > the normal command line but it seems pretty harsh to exit when -L > or -R are used via the ~C escape or the streamlocal-forward at openssh.com > request. > Message-Id: <aea6cdc1d1b42d07 at courtesan.com> > > Perhaps we just need a non-fatal version of tilde_expand_filename().Yeah, we should refactor it into a version that returns a ssherr.h code and (perhaps) leave the existing tilde_expand_filename() as a wrapper. -d