Historically, AIX's IPv6 support hasn't worked well enough to use for OpenSSH, so currently BROKEN_GETADDRINFO is defined for all AIXes. Recent Maintenance Levels (eg 5.2 ML2) work (almost) well enough for OpenSSH to use, so a build-time test should be added (like the HP-UX getaddrinfo test) and IPv6 enabled if a working impementation is found.
Created attachment 809 [details] Test for badly broken getaddrinfo on AIX and work around partially busted getnameinfo This patch tests for badly broken getaddrinfo on AIX enables IPv6 if it tests OK. Additionally, AIX's getnameinfo (on 5.2 ML2, anyway) will refuse to resolve the all-zeros IPv6 address, so the patch has a hackish workaround for that too. If this is fixed (or going to be fixed) the hack ought to be discarded. Even without the hack, 5.2's get{name,addr}info functions are at least as capable as the ones in the compat library. Tested on AIX 5.2 ML2 (detects IPv6 ok), 5.1 ML4 (detects broken getaddrinfo) and AIX 4.3.3 (unknown ML, detects broken getaddrinfo). The loginmsg bits are not intended for long-term use, there's just a work around for a linker problem until it can be (separately) fixed properly. If you try this you will need to run "autoreconf" after applying the patch.
Just re-tested with AIX 5.2 ML5 (latest available at the time of writing) and it has the same behaviour for getnameinfo (fail for all-zeros IPv6 address) so the hack is still needed for IPv6 to be useful. BTW1: the patch #809 does not enable the hack by default, to use it you will need to add -DAIX_GETNAMEINFO_HACK to CFLAGS. BTW2: AIX does not permit listening on both INET and INET6 sockets on the same port, so you will need to put "AddressFamily inet6" into your sshd_config file. This will also accept INET connections (presumably via 4-in-6 mapped addresses).
Comment on attachment 809 [details] Test for badly broken getaddrinfo on AIX and work around partially busted getnameinfo ugh. IBM hasn't fixed this trivial bug with any patches? If there isn't an easy patch to eliminate this, then OK.
They don't seem to think it's a bug. If you squint while reading RFC 3493 at an angle in bad light then it might be compliant behaviour, depending on which of these parts of the getnameinfo definition takes precedence: [quote] Note: The IPv6 unspecified address ("::") and the IPv6 loopback address ("::1") are not IPv4-compatible addresses. If the address is the IPv6 unspecified address ("::"), a lookup is not performed, and the [EAI_NONAME] error is returned. [snip] - If the flag bit NI_NUMERICHOST is set, the numeric form of the host's address shall be returned instead of its name, under all circumstances. [/quote]
Created attachment 813 [details] Test for badly broken getaddrinfo on AIX and work around partially busted getnameinfo Fix a couple of bugs that crept in and enable the hack in configure.
Comment on attachment 813 [details] Test for badly broken getaddrinfo on AIX and work around partially busted getnameinfo I think that this hunk: >+# if defined(HAVE_GETNAMEINFO) && defined(AIX_GETNAMEINFO_HACK) >+# undef getnameinfo >+/* >+ * For some reason, AIX's getnameinfo will refuse to resolve the all-zeros >+ * IPv6 address into its textual representation ("::"), so we wrap it >+ * with a function that will. >+ */ >+int >+sshaix_getnameinfo(const struct sockaddr *sa, size_t salen, char *host, >+ size_t hostlen, char *serv, size_t servlen, int flags) ... should be at the end of its file, to prevent the #undef from having unintended consequences in the future. Otherwise OK.
Thanks, applied.
With the release of OpenSSH 4.0, these bugs are now closed. For details, see: http://www.openssh.com/txt/release-4.0