Unix socket forwarding

William Ahern william at 25thandClement.com
Tue Mar 6 08:11:37 EST 2012


On Mon, Mar 05, 2012 at 03:08:16PM -0500, Daniel Kahn Gillmor wrote:
> On 03/05/2012 02:44 PM, William Ahern wrote:
> 
> > If there's real interest by the team to accept the feature, I'd be happy to
> > update my patch and workout any integration issues and misgivings. But for
> > years there's been nothing but stone cold silence concerning this feature.
> 
> While i understand your frustration, i think the way to demonstrate that
> a feature is actively desired is to keep the patch up-to-date, and try
> to encourage people to try it out and give feedback.

I'm not frustrated. The patch has been used on tens of thousands of machines
across the globe for going on half a decade now without a single known
issue. It's always nicer, of course, to have a feature committed upstream,
but what can you do?

It's always more frustrating as a maintainer of a large project because
everybody and their cousin submits patches. You're often reticent to accept
even the good patches because it just adds to the overall cognitive burden.
I get that.

It just seems to me like the developers just aren't that interested in the
feature, period, and for whatever reasons they've silently kept that opinion
to themselves. That's a perfectly reasonable judgment call.

Whenever the subject comes up I renew my offer to revamp, but unless and
until there's some interest from the core developers I'm not going to spend
time on it. It's very time consuming integrating a large patch into an
upstream project; impossible, in fact, without feedback from the developers.

> I'm not on the OpenSSH dev team, so i can't guarantee their responses,
> but certainly having an active group of people using such a feature (and
> having a well-written, up-to-date patch that simplifies things and
> minimizes configuration complexity) would be a good thing.
> 
> Some devil-is-in-the-details questions:

I'm intimately aware of the details. Outside of the core developers and a
small cadre of hackers I probably became more familiar with the OpenSSH
codebase than anyone else. It's an intrusive patch and required additions to
the underlying protocol, fixes to options parsing code, and a refactoring of
several data structures and related code. The fact that X11 forwarding
already exists--as pointed out by the OP--turns out to not matter one iota
because of the SSH protocol spec and the architecture of OpenSSH in
particular.

As for having an active group, that's hard to quantify. How would you define
the active group for port forwarding? You really can't. It's used by a
large, disparate group of people for all manner of random purposes. Domain
socket forwarding may in fact be a poor feature for inclusion given the
alternatives. The fact that everybody but the core developers think it's a
good idea, and yet I've been the only one to cook up a patch, tends to
suggest a lack of substantive demand. Or perhaps my patch sufficed for the
those who really needed the feature, which lessed pressure for inclusion or
addition upstream. Who knows?


More information about the openssh-unix-dev mailing list