Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: OPENBSD_6_6
Revision 1.327 / (download) - annotate - [select for diffs], Wed Jul 24 08:57:00 2019 UTC (4 years, 10 months ago) by mestre
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.326: +2 -2 lines
Diff to previous 1.326 (colored)
When using a combination of a Yubikey+GnuPG+remote forwarding the gpg-agent (and options ControlMaster+RemoteForward in ssh_config(5)) then the codepath taken will call mux_client_request_session -> mm_send_fd -> sendmsg(2). Since sendmsg(2) is not allowed in that codepath then pledge(2) kills the process. The solution is to add "sendfd" to pledge(2), which is not too bad considering a little bit later we reduce pledge(2) to only "stdio proc tty" in that codepath. Problem reported and diff provided by Timothy Brown <tbrown at freeshell.org> OK deraadt@