summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/lsh-fix-x11-forwarding.patch20
-rw-r--r--gnu/packages/ssh.scm6
3 files changed, 25 insertions, 2 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index f00485f668..59cad38504 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1290,6 +1290,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/lm-sensors-hwmon-attrs.patch		\
   %D%/packages/patches/lrcalc-includes.patch    		\
   %D%/packages/patches/lrzip-CVE-2017-8842.patch		\
+  %D%/packages/patches/lsh-fix-x11-forwarding.patch		\
   %D%/packages/patches/lua-CVE-2014-5461.patch                      \
   %D%/packages/patches/lua-pkgconfig.patch                      \
   %D%/packages/patches/lua51-liblua-so.patch                    \
diff --git a/gnu/packages/patches/lsh-fix-x11-forwarding.patch b/gnu/packages/patches/lsh-fix-x11-forwarding.patch
new file mode 100644
index 0000000000..fd56a5bafd
--- /dev/null
+++ b/gnu/packages/patches/lsh-fix-x11-forwarding.patch
@@ -0,0 +1,20 @@
+--- a/src/server_x11.c	2016-08-01 11:58:54.714647794 +0200
++++ b/src/server_x11.c	2016-08-01 11:58:46.606563478 +0200
+@@ -151,7 +151,7 @@ DEFINE_COMMAND(open_forwarded_x11)
+ #define X11_MIN_DISPLAY 10
+ #define X11_MAX_DISPLAY 1000
+ 
+-/* FIXME: Create the /tmp/.X11-unix directory, if needed. Figure out
++/* FIXME: Figure out
+  * if and how we should use /tmp/.X17-lock. Consider using display
+  * "unix:17" instead of just ":17".
+  */
+@@ -253,6 +253,7 @@ open_x11_socket(struct ssh_channel *chan
+ 
+   old_umask = umask(0077);
+   
++  mkdir(X11_SOCKET_DIR, S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX);
+   old_cd = lsh_pushd(X11_SOCKET_DIR, &dir, 0, 0);
+   if (old_cd < 0)
+     {
+
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index d28e3ef83c..e660c1cc5f 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -594,7 +594,8 @@ basis for almost any application.")
 
                   (substitute* "src/testsuite/login-auth-test"
                     (("/bin/cat") "cat"))
-                  #t))))
+                  #t))
+              (patches (search-patches "lsh-fix-x11-forwarding.patch"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("m4" ,m4)
@@ -615,7 +616,8 @@ basis for almost any application.")
 
        ;; The server (lshd) invokes xauth when X11 forwarding is requested.
        ;; This adds 24 MiB (or 27%) to the closure of lsh.
-       ("xauth" ,xauth)))
+       ("xauth" ,xauth)
+       ("libxau" ,libxau)))             ;also required for x11-forwarding
     (arguments
      '(;; Skip the `configure' test that checks whether /dev/ptmx &
        ;; co. work as expected, because it relies on impurities (for