Attachment #689 for bug #898




static void add_listen_addr(ServerOptions *, char *, u_short);
static void add_one_listen_addr(ServerOptions *, char *, u_short);

/* AF_UNSPEC or AF_INET or AF_INET6 */
extern int IPv4or6;
/* Use of privilege separation or not */
extern int use_privsep;


	options->num_ports = 0;
	options->ports_from_cmdline = 0;
	options->listen_addrs = NULL;
	options->address_family = -1;
	options->num_host_key_files = 0;
	options->pid_file = NULL;
	options->server_key_bits = -1;

	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
	sKerberosGetAFSToken,
	sKerberosTgtPassing, sChallengeResponseAuthentication,
	sPasswordAuthentication, sKbdInteractiveAuthentication,
	sListenAddress, sAddressFamily,
	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
	sStrictModes, sEmptyPasswd, sTCPKeepAlive,

	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
	{ "checkmail", sDeprecated },
	{ "listenaddress", sListenAddress },
	{ "addressfamily", sAddressFamily },
	{ "printmotd", sPrintMotd },
	{ "printlastlog", sPrintLastLog },
	{ "ignorerhosts", sIgnoreRhosts },


	if (options->num_ports == 0)
		options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
	if (options->address_family == -1)
		options->address_family = AF_UNSPEC;
	if (port == 0)
		for (i = 0; i < options->num_ports; i++)
			add_one_listen_addr(options, addr, options->ports[i]);

	int gaierr;

	memset(&hints, 0, sizeof(hints));
	hints.ai_family = options->address_family;
	hints.ai_socktype = SOCK_STREAM;
	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
	snprintf(strport, sizeof strport, "%u", port);

			    filename, linenum);
		break;

	case sAddressFamily:
		arg = strdelim(&cp);
		intptr = &options->address_family;
		if (options->listen_addrs != NULL)
			fatal("%s line %d: address family must be specified before "
			    "ListenAddress.", filename, linenum);
		if (strcasecmp(arg, "inet") == 0)
			value = AF_INET;
		else if (strcasecmp(arg, "inet6") == 0)
			value = AF_INET6;
		else if (strcasecmp(arg, "any") == 0)
			value = AF_UNSPEC;
		else
			fatal("%s line %d: unsupported address family \"%s\".",
			    filename, linenum, arg);
		if (*intptr == -1)
			*intptr = value;
		break;

	case sHostKeyFile:
		intptr = &options->num_host_key_files;
		if (*intptr >= MAX_HOSTKEYS)

Lines 39-44 Link Here

(-)openssh-3.8.1p1.old/servconf.h (+1 lines)
39	u_short ports[MAX_PORTS]; /* Port number to listen on. */	39	u_short ports[MAX_PORTS]; /* Port number to listen on. */
40	char listen_addr; / Address on which the server listens. */	40	char listen_addr; / Address on which the server listens. */
41	struct addrinfo listen_addrs; / Addresses on which the server listens. */	41	struct addrinfo listen_addrs; / Addresses on which the server listens. */
		42	int address_family; /* Address family to use by default. */
42	char host_key_files[MAX_HOSTKEYS]; / Files containing host keys. */	43	char host_key_files[MAX_HOSTKEYS]; / Files containing host keys. */
43	int num_host_key_files; /* Number of files for host keys. */	44	int num_host_key_files; /* Number of files for host keys. */
44	char pid_file; / Where to put our pid */	45	char pid_file; / Where to put our pid */




 * Flag indicating whether IPv4 or IPv6.  This can be set on the command line.
 * Default value is AF_UNSPEC means both IPv4 and IPv6.
 */
#define IPv4or6 options.address_family

/*
 * Debug mode flag.  This can be set on the command line.  If debug

		}
	}
	SSLeay_add_all_algorithms();
	channel_set_af(IPv4or6);

	/*
	 * Force logging to stderr until we have loaded the private host


	/* Read server configuration options from the configuration file. */
	read_server_config(&options, config_file_name);
	channel_set_af(options.address_family);

	/* Fill in default values for those options not explicitly set. */
	fill_default_server_options(&options);

Lines 12-17 Link Here

(-)openssh-3.8.1p1.old/sshd_config (+1 lines)
12		12
13	#Port 22	13	#Port 22
14	#Protocol 2,1	14	#Protocol 2,1
		15	AddressFamily inet
15	#ListenAddress 0.0.0.0	16	#ListenAddress 0.0.0.0
16	#ListenAddress ::	17	#ListenAddress ::
17		18

Lines 61-66 Link Here

(-)openssh-3.8.1p1.old/sshd_config.5 (+8 lines)
61	keywords and their meanings are as follows (note that	61	keywords and their meanings are as follows (note that
62	keywords are case-insensitive and arguments are case-sensitive):	62	keywords are case-insensitive and arguments are case-sensitive):
63	.Bl -tag -width Ds	63	.Bl -tag -width Ds
		64	.It Cm AddressFamily
		65	Specifies which address family to use.
		66	Valid arguments are
		67	.Dq any ,
		68	.Dq inet
		69	(Use IPv4 only) or
		70	.Dq inet6
		71	(Use IPv6 only.)
64	.It Cm AllowGroups	72	.It Cm AllowGroups
65	This keyword can be followed by a list of group name patterns, separated	73	This keyword can be followed by a list of group name patterns, separated
66	by spaces.	74	by spaces.

Return to bug 898

Lines 27-34 Link Here

(-)openssh-3.8.1p1.old/servconf.c (-4 / +26 lines)
27	static void add_listen_addr(ServerOptions , char , u_short);	27	static void add_listen_addr(ServerOptions , char , u_short);
28	static void add_one_listen_addr(ServerOptions , char , u_short);	28	static void add_one_listen_addr(ServerOptions , char , u_short);
29		29
30	/* AF_UNSPEC or AF_INET or AF_INET6 */
31	extern int IPv4or6;
32	/* Use of privilege separation or not */	30	/* Use of privilege separation or not */
33	extern int use_privsep;	31	extern int use_privsep;
34		32
Lines 46-51 Link Here
46	options->num_ports = 0;	44	options->num_ports = 0;
47	options->ports_from_cmdline = 0;	45	options->ports_from_cmdline = 0;
48	options->listen_addrs = NULL;	46	options->listen_addrs = NULL;
		47	options->address_family = -1;
49	options->num_host_key_files = 0;	48	options->num_host_key_files = 0;
50	options->pid_file = NULL;	49	options->pid_file = NULL;
51	options->server_key_bits = -1;	50	options->server_key_bits = -1;
Lines 255-261 Link Here
255	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,	254	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
256	sKerberosGetAFSToken,	255	sKerberosGetAFSToken,
257	sKerberosTgtPassing, sChallengeResponseAuthentication,	256	sKerberosTgtPassing, sChallengeResponseAuthentication,
258	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,	257	sPasswordAuthentication, sKbdInteractiveAuthentication,
		258	sListenAddress, sAddressFamily,
259	sPrintMotd, sPrintLastLog, sIgnoreRhosts,	259	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
260	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,	260	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
261	sStrictModes, sEmptyPasswd, sTCPKeepAlive,	261	sStrictModes, sEmptyPasswd, sTCPKeepAlive,
Lines 331-336 Link Here
331	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */	331	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
332	{ "checkmail", sDeprecated },	332	{ "checkmail", sDeprecated },
333	{ "listenaddress", sListenAddress },	333	{ "listenaddress", sListenAddress },
		334	{ "addressfamily", sAddressFamily },
334	{ "printmotd", sPrintMotd },	335	{ "printmotd", sPrintMotd },
335	{ "printlastlog", sPrintLastLog },	336	{ "printlastlog", sPrintLastLog },
336	{ "ignorerhosts", sIgnoreRhosts },	337	{ "ignorerhosts", sIgnoreRhosts },
Lines 395-400 Link Here
395		396
396	if (options->num_ports == 0)	397	if (options->num_ports == 0)
397	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;	398	options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
		399	if (options->address_family == -1)
		400	options->address_family = AF_UNSPEC;
398	if (port == 0)	401	if (port == 0)
399	for (i = 0; i < options->num_ports; i++)	402	for (i = 0; i < options->num_ports; i++)
400	add_one_listen_addr(options, addr, options->ports[i]);	403	add_one_listen_addr(options, addr, options->ports[i]);
Lines 410-416 Link Here
410	int gaierr;	413	int gaierr;
411		414
412	memset(&hints, 0, sizeof(hints));	415	memset(&hints, 0, sizeof(hints));
413	hints.ai_family = IPv4or6;	416	hints.ai_family = options->address_family;
414	hints.ai_socktype = SOCK_STREAM;	417	hints.ai_socktype = SOCK_STREAM;
415	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;	418	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
416	snprintf(strport, sizeof strport, "%u", port);	419	snprintf(strport, sizeof strport, "%u", port);
Lines 538-543 Link Here
538	filename, linenum);	541	filename, linenum);
539	break;	542	break;
540		543
		544	case sAddressFamily:
		545	arg = strdelim(&cp);
		546	intptr = &options->address_family;
		547	if (options->listen_addrs != NULL)
		548	fatal("%s line %d: address family must be specified before "
		549	"ListenAddress.", filename, linenum);
		550	if (strcasecmp(arg, "inet") == 0)
		551	value = AF_INET;
		552	else if (strcasecmp(arg, "inet6") == 0)
		553	value = AF_INET6;
		554	else if (strcasecmp(arg, "any") == 0)
		555	value = AF_UNSPEC;
		556	else
		557	fatal("%s line %d: unsupported address family \"%s\".",
		558	filename, linenum, arg);
		559	if (*intptr == -1)
		560	*intptr = value;
		561	break;
		562
541	case sHostKeyFile:	563	case sHostKeyFile:
542	intptr = &options->num_host_key_files;	564	intptr = &options->num_host_key_files;
543	if (*intptr >= MAX_HOSTKEYS)	565	if (*intptr >= MAX_HOSTKEYS)

Lines 112-118 Link Here

(-)openssh-3.8.1p1.old/sshd.c (-2 / +2 lines)
112	* Flag indicating whether IPv4 or IPv6. This can be set on the command line.	112	* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
113	* Default value is AF_UNSPEC means both IPv4 and IPv6.	113	* Default value is AF_UNSPEC means both IPv4 and IPv6.
114	*/	114	*/
115	int IPv4or6 = AF_UNSPEC;	115	#define IPv4or6 options.address_family
116		116
117	/*	117	/*
118	* Debug mode flag. This can be set on the command line. If debug	118	* Debug mode flag. This can be set on the command line. If debug
Lines 915-921 Link Here
915	}	915	}
916	}	916	}
917	SSLeay_add_all_algorithms();	917	SSLeay_add_all_algorithms();
918	channel_set_af(IPv4or6);
919		918
920	/*	919	/*
921	* Force logging to stderr until we have loaded the private host	920	* Force logging to stderr until we have loaded the private host
Lines 946-951 Link Here
946		945
947	/* Read server configuration options from the configuration file. */	946	/* Read server configuration options from the configuration file. */
948	read_server_config(&options, config_file_name);	947	read_server_config(&options, config_file_name);
		948	channel_set_af(options.address_family);
949		949
950	/* Fill in default values for those options not explicitly set. */	950	/* Fill in default values for those options not explicitly set. */
951	fill_default_server_options(&options);	951	fill_default_server_options(&options);