As far as I know, for all implementations of libutempter, the
utempter_remove_added_record() function depends on the file descriptor
passed to utempter_add_record() to still be valid. The reason for this,
is that this file descriptor is propagated to the setuid utility that is
responsible for modifying utmpx.
Modify the code to remove the utmpx entry before closing the
pseudo-terminal master device. While there, simply use
utempter_remove_record(), which takes the file descriptor explicitly.
The advantage is that this prevents potential foot-shooting in the
future. Visual inspection of the source code will make it more obvious
that utempter depends on the file descriptor.
Closes#179.
Let users specify an ssh outside their PATH, or extra flags like -p or -i.
Modify the usage message to describe this feature and hint at the
semantic difference viz. --client=path\ to\ client vs --ssh="path\ to\
ssh".
Closes#53
[keithw@mit.edu -- applied fixes per Anders Kaseorg]
EL5 lacks htobe64 and friends. Using its byteswap.h requires an endianness
check in our headers, which is fragile and compiler-dependent. It's a fair
amount of code [1], and is only useful on EL5.
So instead, let's include a fallback implementation of these functions, and use
it whenever we can't find the (now-)standard Linux or OS X routines. The
fallback is endianness-independent and should work on any platform.
[1] https://github.com/rurban/mosh/commit/da1a5abd1e09f0c1e9295357bb480a643d9dc8e3
selfpipe already does a fine job of interfacing to signalfd. But Debian and
Ubuntu want us to depend on the skalibs-dev package rather than build libstddjb
ourselves. That would be fine except that skalibs-dev has static libraries
only, and they aren't built with -fPIC. This interferes with building
mosh-{client,server} as position-independent executables, which is a desirable
security measure.
So we have our own wrapper, which invokes either signalfd or selfpipe. And we
build it ourselves with our own flags, because it's part of the Mosh project
proper.
(closes#108)
configure's linker flag check also compiles a C++ program. g++ -pie informs
both the compiler and linker, but clang++ -Wl,-pie is only a linker flag, and
the linker will complain that the code hasn't been compiled as
position-independent.
clang was spewing warnings about the unrecognized -fno-default-inline. (Oddly,
it warns only with -c, not when compiling directly to an executable.) For
completeness we also check -pipe, even though clang is OK with that one.
It should be fine to omit either flag. gcc -fno-default-inline drops the
implicit 'inline' annotation on functions defined inside a class scope, but
'inline' is only a hint anyway. -fno-default-inline does not change linkage.
-pipe is merely a compile speed optimization.
Keith Winstein