515 – BindAddress and -b not working

Bug 515 - BindAddress and -b not working

Summary: BindAddress and -b not working

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	-current
Hardware:	UltraSPARC Solaris

Importance:	P2 normal
Assignee:	OpenSSH Bugzilla mailing list

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-03-21 15:01 AEDT by Craig
Modified:	2004-04-14 12:24 AEST (History)
CC List:	0 users

See Also:

Attachments
Comment out AI_PASSIVE from sshconnect.c (461 bytes, patch) 2003-03-24 01:07 AEDT, Darren Tucker	no flags	Details \| Diff
Try to fix AI_PASSIVE support (762 bytes, patch) 2003-03-24 10:20 AEDT, Damien Miller	no flags	Details \| Diff
Fixed patch (808 bytes, patch) 2003-03-24 13:34 AEDT, Damien Miller	no flags	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Craig 2003-03-21 15:01:25 AEDT

I'm trying to install the OpenSSH3.4p1 on an UltraSparc running SunOS 5.6. The
program compiled and runs fine with one problem... The system has two IP
addresses, one on a secure network and one facing the outside world. I need to
have the ssh client use one of these addresses for its outbound connections.
With the old SSH 1.2.x I was able to use the SourceAddress directive in
ssh_config to do this. Using OpenSSH3.4p1, neither the BindAddress directive in
ssh_config nor the -b commandline switch seem to function on Solaris.

A search of Bugzilla found that this was a known problem on Solaris with an
older version of OpenSSH about one year ago, but there was no mention of a fix
or workaround. It is still not working for me. This is something I need
functional for work pretty quickly. Please advise if there is a known fix.

Comment 1 Darren Tucker 2003-03-23 20:59:59 AEDT

Confirmed with 3.5p1 on Solaris 2.6.  Does not occur on Solaris 8 (ie -b works 
as expected).

I note that Solaris 8 has a real getaddrinfo whereas 2.6 does not and uses the 
compatibility one from openbsd-compat, so there may be something funny 
going on there.

Comment 2 Darren Tucker 2003-03-24 01:07:25 AEDT

Created attachment 253 [details]
Comment out AI_PASSIVE from sshconnect.c

It looks like getaddrinfo() in openbsd-compat doesn't do the right thing when
AI_PASSIVE is set.  It will always return a null address even when an address
is specified (either via ssh -b or sshd's ListenAddress).

The patch fixes the ssh -b thing (should AI_PASSIVE be set on a socket that's
not going to be listening?) but fake-getaddrinfo seems to need some work for
the sshd ListenAddress case too.

Comment 3 Damien Miller 2003-03-24 10:20:29 AEDT

Created attachment 254 [details]
Try to fix AI_PASSIVE support

This (untested) patch may help to fix fake-getaddrinfo's AI_PASSIVE support

Comment 4 Darren Tucker 2003-03-24 12:05:34 AEDT

Don't have a copy of the CVS tree on my Solaris 2.6 machine.  Applied patch to 
3.5p1 (minor reject of "u_long addr;", easily fixed).

Apart from a missing semicolon at the end of "addr = htonl(0x00000000)" this 
works for ssh -b and sshd -o ListenAddress.

Comment 5 Damien Miller 2003-03-24 13:34:50 AEDT

Created attachment 255 [details]
Fixed patch

Here is a corrected patch. It will be applied to -current. Users of 3.6p1 (and
earlier) will want to apply this if using BindAddress.

Comment 6 Damien Miller 2003-03-24 13:36:19 AEDT

Applied to -current

Comment 7 Damien Miller 2004-04-14 12:24:18 AEST

Mass change of RESOLVED bugs to CLOSED