Bug 2279 - ListenAddress option does not allow IPv6 link-local addresses
Summary: ListenAddress option does not allow IPv6 link-local addresses
Status: CLOSED INVALID
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 6.6p1
Hardware: Other Other
: P5 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-09-18 06:18 AEST by Garrett Lee
Modified: 2016-08-02 10:41 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Garrett Lee 2014-09-18 06:18:36 AEST 
When a link-local address is used with ListenAddress, the resulting bind() will fail with error as per the following log entry:
error: Bind to port 22 on fe80::202:5555:fe01:dddd failed: Invalid argument.

When using link-local, the sin6_scope_id must be set to specify which interface should be used with the link-local address.  There does not appear to be any handling for this in server_listen() function.

I believe the ListenAddress should allow a link-local with %<zone_id> allowing the interface name or index to be specified as per RFC4007.  The specified interface needs to then result in a sin6_scope_id assignment prior to the bind() in server_listen().  (Since the inclusion of an interface name would result in longer strings, the code needs to be checked that longer addresses with ListenAddress will be accepted.)  The if_nametoindex() function may be needed to convert an interface name into its respective index which gets used as the sin6_scope_id value.
Comment 1 Garrett Lee 2014-11-01 07:59:33 AEDT 
After revisiting this issue I am now discovering that, indeed, IPv6 link-local addresses can be used with ListenAddress as long as they include the RFC4007 format. This does not appear to be a bug.
Comment 2 Damien Miller 2016-08-02 10:41:09 AEST 
Close all resolved bugs after 7.3p1 release