Bugzilla – Attachment 3079 Details for
Bug 2784
Add native support for routing domains / VRF
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
linux vrf support for ssh client
0002-ssh-add-support-for-Linux-VRF-via-r.patch (text/plain), 2.57 KB, created by
Luca Boccassi
on 2017-10-24 04:14:30 AEDT
(
hide
)
Description:
linux vrf support for ssh client
Filename:
MIME Type:
Creator:
Luca Boccassi
Created:
2017-10-24 04:14:30 AEDT
Size:
2.57 KB
patch
obsolete
>From 0227e190acfa76b9a131d20af88da54df33600b6 Mon Sep 17 00:00:00 2001 >From: Luca Boccassi <luca.boccassi@gmail.com> >Date: Mon, 23 Oct 2017 17:48:54 +0100 >Subject: [PATCH 2/2] ssh: add support for Linux VRF via -r > >In the past couple of years the Linux kernel gained support for VRF. >Applications can bind to a specific VRF via the SO_BINDTODEVICE socket >option. >Use the -r option, that on BSD is used to bind to a routing domain, to >bind to a VRF on Linux. >https://www.kernel.org/doc/Documentation/networking/vrf.txt > >Original mailing list thread asking for this feature: >https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-November/034525.html >--- > ssh.1 | 2 +- > ssh_config.5 | 2 +- > sshconnect.c | 16 ++++++++++++++++ > 3 files changed, 18 insertions(+), 2 deletions(-) > >diff --git a/ssh.1 b/ssh.1 >index 32dd6b7d..7ccf2729 100644 >--- a/ssh.1 >+++ b/ssh.1 >@@ -652,7 +652,7 @@ When used together with > the allocated port will be printed to the standard output. > .Pp > .It Fl r Ar routing_domain >-Specifies an explicit routing domain that is applied to the connection. >+Specifies an explicit routing domain (BSD) or VRF (Linux) that is applied to the connection. > The user session will be bound to this > .Xr rdomain 4 . > .Pp >diff --git a/ssh_config.5 b/ssh_config.5 >index 252dfb36..e05045a1 100644 >--- a/ssh_config.5 >+++ b/ssh_config.5 >@@ -1262,7 +1262,7 @@ The argument to this keyword must be > or > .Cm no . > .It Cm RDomain >-Specifies an explicit routing domain that is applied to the connection. >+Specifies an explicit routing domain (BSD) or VRF (Linux) that is applied to the connection. > The user session will be bound to this > .Xr rdomain 4 . > .It Cm RekeyLimit >diff --git a/sshconnect.c b/sshconnect.c >index 9d39e28a..a67febdc 100644 >--- a/sshconnect.c >+++ b/sshconnect.c >@@ -287,6 +287,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai) > fcntl(sock, F_SETFD, FD_CLOEXEC); > > if (options.rdomain != NULL) { >+#if defined(SO_RTABLE) > int rtable; > const char *errstr; > >@@ -306,6 +307,21 @@ ssh_create_socket(int privileged, struct addrinfo *ai) > return -1; > } > debug("Bound to routing domain: %d", rtable); >+#elif defined(SO_BINDTODEVICE) >+ if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, >+ options.rdomain, strlen(options.rdomain)) == -1) { >+ error("Failed to bind to device %s on fd %d: %s", >+ options.rdomain, sock, strerror(errno)); >+ close(sock); >+ return -1; >+ } >+ debug("Bound to device: %s", options.rdomain); >+#else >+ error("No SO_RTABLE nor SO_BINDTODEVICE, cannot use: %s", >+ options.rdomain); >+ close(sock); >+ return -1; >+#endif > } > > >-- >2.11.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3079">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2784
:
3061
|
3064
|
3070
|
3071
|
3072
|
3075
|
3076
|
3077
|
3078
|
3079
|
3080
|
3081
|
3082