Attachment 689 Details for Bug 898 – AddressFamily support in sshd_config

[patch] AddressFamily support in sshd_config

openssh-3.8.1p1-addrfam.patch (text/plain), 5.26 KB, created by Pavel Kankovsky on 2004-07-21 07:02:47 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Pavel Kankovsky

Created: 2004-07-21 07:02:47 AEST

Size: 5.26 KB

patch

obsolete

>diff -urN -x'*:ORIG' openssh-3.8.1p1.old/servconf.c openssh-3.8.1p1/servconf.c
>--- openssh-3.8.1p1.old/servconf.c	Fri Jan 23 12:03:10 2004
>+++ openssh-3.8.1p1/servconf.c	Sun Jul 11 14:04:28 2004
>@@ -27,8 +27,6 @@
> static void add_listen_addr(ServerOptions *, char *, u_short);
> static void add_one_listen_addr(ServerOptions *, char *, u_short);
> 
>-/* AF_UNSPEC or AF_INET or AF_INET6 */
>-extern int IPv4or6;
> /* Use of privilege separation or not */
> extern int use_privsep;
> 
>@@ -46,6 +44,7 @@
> 	options->num_ports = 0;
> 	options->ports_from_cmdline = 0;
> 	options->listen_addrs = NULL;
>+	options->address_family = -1;
> 	options->num_host_key_files = 0;
> 	options->pid_file = NULL;
> 	options->server_key_bits = -1;
>@@ -255,7 +254,8 @@
> 	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
> 	sKerberosGetAFSToken,
> 	sKerberosTgtPassing, sChallengeResponseAuthentication,
>-	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
>+	sPasswordAuthentication, sKbdInteractiveAuthentication,
>+	sListenAddress, sAddressFamily,
> 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
> 	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
> 	sStrictModes, sEmptyPasswd, sTCPKeepAlive,
>@@ -331,6 +331,7 @@
> 	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
> 	{ "checkmail", sDeprecated },
> 	{ "listenaddress", sListenAddress },
>+	{ "addressfamily", sAddressFamily },
> 	{ "printmotd", sPrintMotd },
> 	{ "printlastlog", sPrintLastLog },
> 	{ "ignorerhosts", sIgnoreRhosts },
>@@ -395,6 +396,8 @@
> 
> 	if (options->num_ports == 0)
> 		options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
>+	if (options->address_family == -1)
>+		options->address_family = AF_UNSPEC;
> 	if (port == 0)
> 		for (i = 0; i < options->num_ports; i++)
> 			add_one_listen_addr(options, addr, options->ports[i]);
>@@ -410,7 +413,7 @@
> 	int gaierr;
> 
> 	memset(&hints, 0, sizeof(hints));
>-	hints.ai_family = IPv4or6;
>+	hints.ai_family = options->address_family;
> 	hints.ai_socktype = SOCK_STREAM;
> 	hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
> 	snprintf(strport, sizeof strport, "%u", port);
>@@ -538,6 +541,25 @@
> 			    filename, linenum);
> 		break;
> 
>+	case sAddressFamily:
>+		arg = strdelim(&cp);
>+		intptr = &options->address_family;
>+		if (options->listen_addrs != NULL)
>+			fatal("%s line %d: address family must be specified before "
>+			    "ListenAddress.", filename, linenum);
>+		if (strcasecmp(arg, "inet") == 0)
>+			value = AF_INET;
>+		else if (strcasecmp(arg, "inet6") == 0)
>+			value = AF_INET6;
>+		else if (strcasecmp(arg, "any") == 0)
>+			value = AF_UNSPEC;
>+		else
>+			fatal("%s line %d: unsupported address family \"%s\".",
>+			    filename, linenum, arg);
>+		if (*intptr == -1)
>+			*intptr = value;
>+		break;
>+
> 	case sHostKeyFile:
> 		intptr = &options->num_host_key_files;
> 		if (*intptr >= MAX_HOSTKEYS)
>diff -urN -x'*:ORIG' openssh-3.8.1p1.old/servconf.h openssh-3.8.1p1/servconf.h
>--- openssh-3.8.1p1.old/servconf.h	Wed Dec 31 01:37:34 2003
>+++ openssh-3.8.1p1/servconf.h	Sun Jul 11 13:15:15 2004
>@@ -39,6 +39,7 @@
> 	u_short ports[MAX_PORTS];	/* Port number to listen on. */
> 	char   *listen_addr;		/* Address on which the server listens. */
> 	struct addrinfo *listen_addrs;	/* Addresses on which the server listens. */
>+	int     address_family;		/* Address family to use by default. */
> 	char   *host_key_files[MAX_HOSTKEYS];	/* Files containing host keys. */
> 	int     num_host_key_files;     /* Number of files for host keys. */
> 	char   *pid_file;	/* Where to put our pid */
>diff -urN -x'*:ORIG' openssh-3.8.1p1.old/sshd.c openssh-3.8.1p1/sshd.c
>--- openssh-3.8.1p1.old/sshd.c	Sun Mar 21 23:36:01 2004
>+++ openssh-3.8.1p1/sshd.c	Sun Jul 11 14:04:29 2004
>@@ -112,7 +112,7 @@
>  * Flag indicating whether IPv4 or IPv6.  This can be set on the command line.
>  * Default value is AF_UNSPEC means both IPv4 and IPv6.
>  */
>-int IPv4or6 = AF_UNSPEC;
>+#define IPv4or6 options.address_family
> 
> /*
>  * Debug mode flag.  This can be set on the command line.  If debug
>@@ -915,7 +915,6 @@
> 		}
> 	}
> 	SSLeay_add_all_algorithms();
>-	channel_set_af(IPv4or6);
> 
> 	/*
> 	 * Force logging to stderr until we have loaded the private host
>@@ -946,6 +945,7 @@
> 
> 	/* Read server configuration options from the configuration file. */
> 	read_server_config(&options, config_file_name);
>+	channel_set_af(options.address_family);
> 
> 	/* Fill in default values for those options not explicitly set. */
> 	fill_default_server_options(&options);
>diff -urN -x'*:ORIG' openssh-3.8.1p1.old/sshd_config openssh-3.8.1p1/sshd_config
>--- openssh-3.8.1p1.old/sshd_config	Wed Dec 31 01:38:32 2003
>+++ openssh-3.8.1p1/sshd_config	Sun Jul 11 14:06:07 2004
>@@ -12,6 +12,7 @@
> 
> #Port 22
> #Protocol 2,1
>+AddressFamily inet
> #ListenAddress 0.0.0.0
> #ListenAddress ::
> 
>diff -urN -x'*:ORIG' openssh-3.8.1p1.old/sshd_config.5 openssh-3.8.1p1/sshd_config.5
>--- openssh-3.8.1p1.old/sshd_config.5	Wed Apr 14 05:04:36 2004
>+++ openssh-3.8.1p1/sshd_config.5	Sun Jul 11 14:09:10 2004
>@@ -61,6 +61,14 @@
> keywords and their meanings are as follows (note that
> keywords are case-insensitive and arguments are case-sensitive):
> .Bl -tag -width Ds
>+.It Cm AddressFamily
>+Specifies which address family to use.
>+Valid arguments are
>+.Dq any ,
>+.Dq inet
>+(Use IPv4 only) or
>+.Dq inet6
>+(Use IPv6 only.)
> .It Cm AllowGroups
> This keyword can be followed by a list of group name patterns, separated
> by spaces.

Actions: View | Diff

Attachments on bug 898: 689 | 694 | 752