StreamLocal forwarding
Damien Miller
djm at mindrot.org
Wed May 4 01:59:57 AEST 2016
On Wed, 4 May 2016, Damien Miller wrote:
> On Wed, 4 May 2016, Damien Miller wrote:
>
> > On Tue, 3 May 2016, Rogan Dawes wrote:
> >
> > > And, surprisingly, even having set the directive outside the Match block,
> > > the following command still doesn't show streamlocalbindunlink set:
> > >
> > > sshd -T -C "user=sshvpn,host=196.209.244.243,addr=196.209.244.243" | grep -i
> > > stream
> > > streamlocalbindmask 0177
> > > allowstreamlocalforwarding yes
> >
> > oh, that's a bug in the config dump support.
>
> ... and with that fixed the real bug reveals itself:
both fixes committed and in HEAD:
commit cfefbcea1057c2623e76c579174a4107a0b6e6cd
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue May 3 15:57:39 2016 +0000
upstream commit
fix overriding of StreamLocalBindMask and
StreamLocalBindUnlink in Match blocks; found the hard way by Rogan Dawes
Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue May 3 15:25:06 2016 +0000
upstream commit
don't forget to include StreamLocalBindUnlink in the
config dump output
Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
More information about the openssh-unix-dev
mailing list