| Summary: | Systems with IPV6_V6ONLY = 0 have unexpected behavior | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Gordon Stratton <gordon.stratton> | ||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | CLOSED FIXED | ||||||
| Severity: | normal | CC: | djm | ||||
| Priority: | P2 | ||||||
| Version: | 4.7p1 | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Bug Depends on: | |||||||
| Bug Blocks: | 1353 | ||||||
| Attachments: |
|
||||||
yes, that makes sense and matches what we already do in channels.c - applied, thanks! Fix shipped in 4.9/4.9p1 release. |
Created attachment 1382 [details] turn on IPV6_V6ONLY in sshd before binding for systems that support it I noticed that sshd on a Linux 2.6.23 system complains when it starts up: sshd[6292]: Server listening on :: port 22. sshd[6292]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. From what I understand, sshd is operating under the assumption that it will not accept IPv4 connections on an IPv6 socket and vice versa (e.g., -4 and -6 options that state that sshd will be forced to use IPv[46] addresses only). Currently, if I start sshd with the -6 flag, my expectation is that sshd will only be able to accept connections over IPv6, but that is not the case on Linux (v4-mapped addresses get used when a client connects to an IPv6 socket over IPv4). The attached patch turns on IPV6_V6ONLY if it is defined before binding to a socket using AF_INET6. This resolves the bind error that sshd logs on my system as well as giving users the (in my opinion) expected behavior for the -6 command line option and Listen options in sshd_config. Patch has been tested on Linux 2.6.23, and it is against openssh-SNAP-20071117