Attachment 3163 Details for Bug 1685 – suppress non-terminal error messages for AF mismatch between bind and target addresses

[patch] suppress non-terminal error messages for AF mismatch between bind and target addresses

bz1685.diff (text/plain), 3.47 KB, created by Damien Miller on 2018-07-12 12:49:13 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Damien Miller

Created: 2018-07-12 12:49:13 AEST

Size: 3.47 KB

patch

obsolete

>diff --git a/sshconnect.c b/sshconnect.c
>index 6c81891..65aecd8 100644
>--- a/sshconnect.c
>+++ b/sshconnect.c
>@@ -323,14 +323,16 @@ check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs,
> 
> /*
>  * Creates a (possibly privileged) socket for use as the ssh connection.
>+ * Returns socket on success.
>+ * On failure, returns -1 and either logs the error or sets errno.
>  */
> static int
> ssh_create_socket(int privileged, struct addrinfo *ai)
> {
>-	int sock, r, oerrno;
>+	int sock, r, oerrno, fail_errno = 0;
> 	struct sockaddr_storage bindaddr;
> 	socklen_t bindaddrlen = 0;
>-	struct addrinfo hints, *res = NULL;
>+	struct addrinfo hints, *res = NULL, *bind_ai;
> 	struct ifaddrs *ifaddrs = NULL;
> 	char ntop[NI_MAXHOST];
> 
>@@ -348,7 +350,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
> 
> 	if (options.bind_address != NULL) {
> 		memset(&hints, 0, sizeof(hints));
>-		hints.ai_family = ai->ai_family;
>+		hints.ai_family = AF_UNSPEC;
> 		hints.ai_socktype = ai->ai_socktype;
> 		hints.ai_protocol = ai->ai_protocol;
> 		hints.ai_flags = AI_PASSIVE;
>@@ -358,27 +360,34 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
> 			    ssh_gai_strerror(r));
> 			goto fail;
> 		}
>-		if (res == NULL) {
>-			error("getaddrinfo: no addrs");
>+		for (bind_ai = res; bind_ai != NULL;
>+		    bind_ai = bind_ai->ai_next) {
>+			if (bind_ai->ai_family == ai->ai_family)
>+				break;
>+		}
>+		if (bind_ai == NULL) {
>+			debug("%s: no suitable bind address", __func__);
>+			fail_errno = EADDRNOTAVAIL;
> 			goto fail;
> 		}
>-		if (res->ai_addrlen > sizeof(bindaddr)) {
>-			error("%s: addr doesn't fit", __func__);
>+		if (bind_ai->ai_addrlen > sizeof(bindaddr)) {
>+			error("%s: bind address doesn't fit", __func__);
> 			goto fail;
> 		}
>-		memcpy(&bindaddr, res->ai_addr, res->ai_addrlen);
>-		bindaddrlen = res->ai_addrlen;
>+		memcpy(&bindaddr, bind_ai->ai_addr, bind_ai->ai_addrlen);
>+		bindaddrlen = bind_ai->ai_addrlen;
> 	} else if (options.bind_interface != NULL) {
> 		if ((r = getifaddrs(&ifaddrs)) != 0) {
>-			error("getifaddrs: %s: %s", options.bind_interface,
>-			      strerror(errno));
>+			error("%s: BindInterface getifaddrs: %s: %s",
>+			    __func__, options.bind_interface, strerror(errno));
> 			goto fail;
> 		}
> 		bindaddrlen = sizeof(bindaddr);
> 		if (check_ifaddrs(options.bind_interface, ai->ai_family,
> 		    ifaddrs, &bindaddr, &bindaddrlen) != 0) {
>-			logit("getifaddrs: %s: no suitable addresses",
>-			      options.bind_interface);
>+			debug("%s: no suitable addresses from BindInterface %s",
>+			      __func__, options.bind_interface);
>+			fail_errno = EADDRNOTAVAIL;
> 			goto fail;
> 		}
> 	}
>@@ -399,8 +408,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
> 		oerrno = errno;
> 		PRIV_END;
> 		if (r < 0) {
>-			error("bindresvport_sa %s: %s", ntop,
>-			    strerror(oerrno));
>+			error("bindresvport_sa %s: %s", ntop, strerror(oerrno));
> 			goto fail;
> 		}
> 	} else if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
>@@ -418,6 +426,7 @@ fail:
> 		freeaddrinfo(res);
> 	if (ifaddrs != NULL)
> 		freeifaddrs(ifaddrs);
>+	errno = fail_errno;
> 	return sock;
> }
> 
>@@ -541,12 +550,8 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
> 				host, ntop, strport);
> 
> 			/* Create a socket for connecting. */
>-			sock = ssh_create_socket(needpriv, ai);
>-			if (sock < 0) {
>-				/* Any error is already output */
>-				errno = 0;
>+			if ((sock = ssh_create_socket(needpriv, ai)) < 0)
> 				continue;
>-			}
> 
> 			if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
> 			    timeout_ms) >= 0) {

Actions: View | Diff

Attachments on bug 1685: 3163