6 # We have contributed back this fix to the OpenSSH upstream community. For |
6 # We have contributed back this fix to the OpenSSH upstream community. For |
7 # more information, see https://bugzilla.mindrot.org/show_bug.cgi?id=2483 |
7 # more information, see https://bugzilla.mindrot.org/show_bug.cgi?id=2483 |
8 # In the future, if this fix is accepted by the upsteam in a later release, we |
8 # In the future, if this fix is accepted by the upsteam in a later release, we |
9 # will remove this patch when we upgrade to that release. |
9 # will remove this patch when we upgrade to that release. |
10 # |
10 # |
11 --- a/canohost.c Sun Oct 25 20:11:35 2015 |
11 diff -pur old/canohost.c new/canohost.c |
12 +++ b/canohost.c Sun Oct 25 20:11:57 2015 |
12 --- old/canohost.c |
13 @@ -113,6 +113,10 @@ |
13 +++ new/canohost.c |
|
14 @@ -274,6 +274,10 @@ remote_hostname(struct ssh *ssh) |
14 memset(&hints, 0, sizeof(hints)); |
15 memset(&hints, 0, sizeof(hints)); |
15 hints.ai_family = from.ss_family; |
16 hints.ai_family = from.ss_family; |
16 hints.ai_socktype = SOCK_STREAM; |
17 hints.ai_socktype = SOCK_STREAM; |
17 +#ifdef AI_ADDRCONFIG |
18 +#ifdef AI_ADDRCONFIG |
18 + if (hints.ai_family == AF_UNSPEC) |
19 + if (hints.ai_family == AF_UNSPEC) |
19 + hints.ai_flags = AI_ADDRCONFIG; |
20 + hints.ai_flags = AI_ADDRCONFIG; |
20 +#endif /* AI_ADDRCONFIG */ |
21 +#endif /* AI_ADDRCONFIG */ |
21 if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { |
22 if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { |
22 logit("reverse mapping checking getaddrinfo for %.700s " |
23 logit("reverse mapping checking getaddrinfo for %.700s " |
23 "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop); |
24 "[%s] failed.", name, ntop); |
24 --- a/channels.c Sun Oct 25 19:30:33 2015 |
25 diff -pur old/channels.c new/channels.c |
25 +++ b/channels.c Sun Oct 25 19:54:36 2015 |
26 --- old/channels.c |
26 @@ -2853,8 +2853,12 @@ |
27 +++ new/channels.c |
|
28 @@ -2856,8 +2856,12 @@ channel_setup_fwd_listener_tcpip(int typ |
27 */ |
29 */ |
28 memset(&hints, 0, sizeof(hints)); |
30 memset(&hints, 0, sizeof(hints)); |
29 hints.ai_family = IPv4or6; |
31 hints.ai_family = IPv4or6; |
30 - hints.ai_flags = wildcard ? AI_PASSIVE : 0; |
32 - hints.ai_flags = wildcard ? AI_PASSIVE : 0; |
31 hints.ai_socktype = SOCK_STREAM; |
33 hints.ai_socktype = SOCK_STREAM; |
35 + hints.ai_flags |= AI_ADDRCONFIG; |
37 + hints.ai_flags |= AI_ADDRCONFIG; |
36 +#endif /* AI_ADDRCONFIG */ |
38 +#endif /* AI_ADDRCONFIG */ |
37 snprintf(strport, sizeof strport, "%d", fwd->listen_port); |
39 snprintf(strport, sizeof strport, "%d", fwd->listen_port); |
38 if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { |
40 if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { |
39 if (addr == NULL) { |
41 if (addr == NULL) { |
40 @@ -3736,6 +3740,10 @@ |
42 @@ -3740,6 +3744,10 @@ connect_to(const char *name, int port, c |
41 memset(&hints, 0, sizeof(hints)); |
43 memset(&hints, 0, sizeof(hints)); |
42 hints.ai_family = IPv4or6; |
44 hints.ai_family = IPv4or6; |
43 hints.ai_socktype = SOCK_STREAM; |
45 hints.ai_socktype = SOCK_STREAM; |
44 +#ifdef AI_ADDRCONFIG |
46 +#ifdef AI_ADDRCONFIG |
45 + if (hints.ai_family == AF_UNSPEC) |
47 + if (hints.ai_family == AF_UNSPEC) |
46 + hints.ai_flags = AI_ADDRCONFIG; |
48 + hints.ai_flags = AI_ADDRCONFIG; |
47 +#endif /* AI_ADDRCONFIG */ |
49 +#endif /* AI_ADDRCONFIG */ |
48 snprintf(strport, sizeof strport, "%d", port); |
50 snprintf(strport, sizeof strport, "%d", port); |
49 if ((gaierr = getaddrinfo(name, strport, &hints, &cctx.aitop)) != 0) { |
51 if ((gaierr = getaddrinfo(name, strport, &hints, &cctx.aitop)) != 0) { |
50 error("connect_to %.100s: unknown host (%s)", name, |
52 error("connect_to %.100s: unknown host (%s)", name, |
51 @@ -3908,8 +3916,12 @@ |
53 @@ -3912,8 +3920,12 @@ x11_create_display_inet(int x11_display_ |
52 port = 6000 + display_number; |
54 port = 6000 + display_number; |
53 memset(&hints, 0, sizeof(hints)); |
55 memset(&hints, 0, sizeof(hints)); |
54 hints.ai_family = IPv4or6; |
56 hints.ai_family = IPv4or6; |
55 - hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE; |
57 - hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE; |
56 hints.ai_socktype = SOCK_STREAM; |
58 hints.ai_socktype = SOCK_STREAM; |
60 + hints.ai_flags |= AI_ADDRCONFIG; |
62 + hints.ai_flags |= AI_ADDRCONFIG; |
61 +#endif /* AI_ADDRCONFIG */ |
63 +#endif /* AI_ADDRCONFIG */ |
62 snprintf(strport, sizeof strport, "%d", port); |
64 snprintf(strport, sizeof strport, "%d", port); |
63 if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { |
65 if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { |
64 error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr)); |
66 error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr)); |
65 @@ -4090,6 +4102,10 @@ |
67 @@ -4094,6 +4106,10 @@ x11_connect_display(void) |
66 memset(&hints, 0, sizeof(hints)); |
68 memset(&hints, 0, sizeof(hints)); |
67 hints.ai_family = IPv4or6; |
69 hints.ai_family = IPv4or6; |
68 hints.ai_socktype = SOCK_STREAM; |
70 hints.ai_socktype = SOCK_STREAM; |
69 +#ifdef AI_ADDRCONFIG |
71 +#ifdef AI_ADDRCONFIG |
70 + if (hints.ai_family == AF_UNSPEC) |
72 + if (hints.ai_family == AF_UNSPEC) |
71 + hints.ai_flags = AI_ADDRCONFIG; |
73 + hints.ai_flags = AI_ADDRCONFIG; |
72 +#endif /* AI_ADDRCONFIG */ |
74 +#endif /* AI_ADDRCONFIG */ |
73 snprintf(strport, sizeof strport, "%u", 6000 + display_number); |
75 snprintf(strport, sizeof strport, "%u", 6000 + display_number); |
74 if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { |
76 if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { |
75 error("%.100s: unknown host. (%s)", buf, |
77 error("%.100s: unknown host. (%s)", buf, |
76 --- a/servconf.c Sun Oct 25 19:39:38 2015 |
78 diff -pur old/regress/netcat.c new/regress/netcat.c |
77 +++ b/servconf.c Sun Oct 25 19:45:16 2015 |
79 --- old/regress/netcat.c |
78 @@ -722,6 +722,10 @@ |
80 +++ new/regress/netcat.c |
79 hints.ai_family = options->address_family; |
81 @@ -334,6 +334,10 @@ main(int argc, char *argv[]) |
80 hints.ai_socktype = SOCK_STREAM; |
|
81 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
|
82 +#ifdef AI_ADDRCONFIG |
|
83 + if (hints.ai_family == AF_UNSPEC) |
|
84 + hints.ai_flags |= AI_ADDRCONFIG; |
|
85 +#endif /* AI_ADDRCONFIG */ |
|
86 snprintf(strport, sizeof strport, "%d", port); |
|
87 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
|
88 fatal("bad addr or host: %s (%s)", |
|
89 --- a/ssh-keyscan.c Sun Oct 25 19:46:28 2015 |
|
90 +++ b/ssh-keyscan.c Sun Oct 25 19:54:55 2015 |
|
91 @@ -326,6 +326,10 @@ |
|
92 memset(&hints, 0, sizeof(hints)); |
|
93 hints.ai_family = IPv4or6; |
|
94 hints.ai_socktype = SOCK_STREAM; |
|
95 +#ifdef AI_ADDRCONFIG |
|
96 + if (hints.ai_family == AF_UNSPEC) |
|
97 + hints.ai_flags = AI_ADDRCONFIG; |
|
98 +#endif /* AI_ADDRCONFIG */ |
|
99 if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) { |
|
100 error("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr)); |
|
101 return -1; |
|
102 --- a/ssh.c Sun Oct 25 19:49:46 2015 |
|
103 +++ b/ssh.c Sun Oct 25 19:55:15 2015 |
|
104 @@ -259,6 +259,10 @@ |
|
105 hints.ai_socktype = SOCK_STREAM; |
|
106 if (cname != NULL) |
|
107 hints.ai_flags = AI_CANONNAME; |
|
108 +#ifdef AI_ADDRCONFIG |
|
109 + if (hints.ai_family == AF_UNSPEC) |
|
110 + hints.ai_flags |= AI_ADDRCONFIG; |
|
111 +#endif /* AI_ADDRCONFIG */ |
|
112 if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { |
|
113 if (logerr || (gaierr != EAI_NONAME && gaierr != EAI_NODATA)) |
|
114 loglevel = SYSLOG_LEVEL_ERROR; |
|
115 @@ -298,6 +302,10 @@ |
|
116 AF_UNSPEC : options.address_family; |
|
117 hints.ai_socktype = SOCK_STREAM; |
|
118 hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV; |
|
119 +#ifdef AI_ADDRCONFIG |
|
120 + if (hints.ai_family == AF_UNSPEC) |
|
121 + hints.ai_flags |= AI_ADDRCONFIG; |
|
122 +#endif /* AI_ADDRCONFIG */ |
|
123 if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { |
|
124 debug2("%s: could not resolve name %.100s as address: %s", |
|
125 __func__, name, ssh_gai_strerror(gaierr)); |
|
126 --- a/sshconnect.c Sun Oct 25 19:57:46 2015 |
|
127 +++ b/sshconnect.c Sun Oct 25 19:58:19 2015 |
|
128 @@ -292,6 +292,10 @@ |
|
129 hints.ai_socktype = ai->ai_socktype; |
|
130 hints.ai_protocol = ai->ai_protocol; |
|
131 hints.ai_flags = AI_PASSIVE; |
|
132 +#ifdef AI_ADDRCONFIG |
|
133 + if (hints.ai_family == AF_UNSPEC) |
|
134 + hints.ai_flags |= AI_ADDRCONFIG; |
|
135 +#endif /* AI_ADDRCONFIG */ |
|
136 gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); |
|
137 if (gaierr) { |
|
138 error("getaddrinfo: %s: %s", options.bind_address, |
|
139 --- a/regress/netcat.c Sun Oct 25 19:59:44 2015 |
|
140 +++ b/regress/netcat.c Sun Oct 25 20:07:05 2015 |
|
141 @@ -371,6 +371,10 @@ |
|
142 hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; |
82 hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; |
143 if (nflag) |
83 if (nflag) |
144 hints.ai_flags |= AI_NUMERICHOST; |
84 hints.ai_flags |= AI_NUMERICHOST; |
145 +#ifdef AI_ADDRCONFIG |
85 +#ifdef AI_ADDRCONFIG |
146 + if (hints.ai_family == AF_UNSPEC) |
86 + if (hints.ai_family == AF_UNSPEC) |
147 + hints.ai_flags |= AI_ADDRCONFIG; |
87 + hints.ai_flags |= AI_ADDRCONFIG; |
148 +#endif /* AI_ADDRCONFIG */ |
88 +#endif /* AI_ADDRCONFIG */ |
149 } |
89 } |
150 |
90 |
151 if (xflag) { |
91 if (xflag) { |
152 @@ -399,6 +403,10 @@ |
92 @@ -362,6 +366,10 @@ main(int argc, char *argv[]) |
153 proxyhints.ai_protocol = IPPROTO_TCP; |
93 proxyhints.ai_protocol = IPPROTO_TCP; |
154 if (nflag) |
94 if (nflag) |
155 proxyhints.ai_flags |= AI_NUMERICHOST; |
95 proxyhints.ai_flags |= AI_NUMERICHOST; |
156 +#ifdef AI_ADDRCONFIG |
96 +#ifdef AI_ADDRCONFIG |
157 + if (proxyhints.ai_family == AF_UNSPEC) |
97 + if (proxyhints.ai_family == AF_UNSPEC) |
158 + proxyhints.ai_flags |= AI_ADDRCONFIG; |
98 + proxyhints.ai_flags |= AI_ADDRCONFIG; |
159 +#endif /* AI_ADDRCONFIG */ |
99 +#endif /* AI_ADDRCONFIG */ |
160 } |
100 } |
161 |
101 |
162 if (lflag) { |
102 if (lflag) { |
163 @@ -673,6 +681,10 @@ |
103 @@ -636,6 +644,10 @@ remote_connect(const char *host, const c |
164 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; |
104 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; |
165 ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; |
105 ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; |
166 ahints.ai_flags = AI_PASSIVE; |
106 ahints.ai_flags = AI_PASSIVE; |
167 +#ifdef AI_ADDRCONFIG |
107 +#ifdef AI_ADDRCONFIG |
168 + if (ahints.ai_family == AF_UNSPEC) |
108 + if (ahints.ai_family == AF_UNSPEC) |
169 + ahints.ai_flags |= AI_ADDRCONFIG; |
109 + ahints.ai_flags |= AI_ADDRCONFIG; |
170 +#endif /* AI_ADDRCONFIG */ |
110 +#endif /* AI_ADDRCONFIG */ |
171 if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) |
111 if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) |
172 errx(1, "getaddrinfo: %s", gai_strerror(error)); |
112 errx(1, "getaddrinfo: %s", gai_strerror(error)); |
173 |
113 |
174 @@ -1422,8 +1434,12 @@ |
114 @@ -1385,8 +1397,12 @@ decode_addrport(const char *h, const cha |
175 |
115 |
176 bzero(&hints, sizeof(hints)); |
116 bzero(&hints, sizeof(hints)); |
177 hints.ai_family = v4only ? PF_INET : PF_UNSPEC; |
117 hints.ai_family = v4only ? PF_INET : PF_UNSPEC; |
178 - hints.ai_flags = numeric ? AI_NUMERICHOST : 0; |
118 - hints.ai_flags = numeric ? AI_NUMERICHOST : 0; |
179 hints.ai_socktype = SOCK_STREAM; |
119 hints.ai_socktype = SOCK_STREAM; |
183 + hints.ai_flags |= AI_ADDRCONFIG; |
123 + hints.ai_flags |= AI_ADDRCONFIG; |
184 +#endif /* AI_ADDRCONFIG */ |
124 +#endif /* AI_ADDRCONFIG */ |
185 r = getaddrinfo(h, p, &hints, &res); |
125 r = getaddrinfo(h, p, &hints, &res); |
186 /* Don't fatal when attempting to convert a numeric address */ |
126 /* Don't fatal when attempting to convert a numeric address */ |
187 if (r != 0) { |
127 if (r != 0) { |
|
128 diff -pur old/servconf.c new/servconf.c |
|
129 --- old/servconf.c |
|
130 +++ new/servconf.c |
|
131 @@ -735,6 +735,10 @@ add_one_listen_addr(ServerOptions *optio |
|
132 hints.ai_family = options->address_family; |
|
133 hints.ai_socktype = SOCK_STREAM; |
|
134 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
|
135 +#ifdef AI_ADDRCONFIG |
|
136 + if (hints.ai_family == AF_UNSPEC) |
|
137 + hints.ai_flags |= AI_ADDRCONFIG; |
|
138 +#endif /* AI_ADDRCONFIG */ |
|
139 snprintf(strport, sizeof strport, "%d", port); |
|
140 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) |
|
141 fatal("bad addr or host: %s (%s)", |
|
142 diff -pur old/ssh-keyscan.c new/ssh-keyscan.c |
|
143 --- old/ssh-keyscan.c |
|
144 +++ new/ssh-keyscan.c |
|
145 @@ -365,6 +365,10 @@ tcpconnect(char *host) |
|
146 memset(&hints, 0, sizeof(hints)); |
|
147 hints.ai_family = IPv4or6; |
|
148 hints.ai_socktype = SOCK_STREAM; |
|
149 +#ifdef AI_ADDRCONFIG |
|
150 + if (hints.ai_family == AF_UNSPEC) |
|
151 + hints.ai_flags = AI_ADDRCONFIG; |
|
152 +#endif /* AI_ADDRCONFIG */ |
|
153 if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) { |
|
154 error("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr)); |
|
155 return -1; |
|
156 diff -pur old/ssh.c new/ssh.c |
|
157 --- old/ssh.c |
|
158 +++ new/ssh.c |
|
159 @@ -254,6 +254,10 @@ resolve_host(const char *name, int port, |
|
160 hints.ai_socktype = SOCK_STREAM; |
|
161 if (cname != NULL) |
|
162 hints.ai_flags = AI_CANONNAME; |
|
163 +#ifdef AI_ADDRCONFIG |
|
164 + if (hints.ai_family == AF_UNSPEC) |
|
165 + hints.ai_flags |= AI_ADDRCONFIG; |
|
166 +#endif /* AI_ADDRCONFIG */ |
|
167 if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { |
|
168 if (logerr || (gaierr != EAI_NONAME && gaierr != EAI_NODATA)) |
|
169 loglevel = SYSLOG_LEVEL_ERROR; |
|
170 @@ -293,6 +297,10 @@ resolve_addr(const char *name, int port, |
|
171 AF_UNSPEC : options.address_family; |
|
172 hints.ai_socktype = SOCK_STREAM; |
|
173 hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV; |
|
174 +#ifdef AI_ADDRCONFIG |
|
175 + if (hints.ai_family == AF_UNSPEC) |
|
176 + hints.ai_flags |= AI_ADDRCONFIG; |
|
177 +#endif /* AI_ADDRCONFIG */ |
|
178 if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { |
|
179 debug2("%s: could not resolve name %.100s as address: %s", |
|
180 __func__, name, ssh_gai_strerror(gaierr)); |
|
181 diff -pur old/sshconnect.c new/sshconnect.c |
|
182 --- old/sshconnect.c |
|
183 +++ new/sshconnect.c |
|
184 @@ -293,6 +293,10 @@ ssh_create_socket(int privileged, struct |
|
185 hints.ai_socktype = ai->ai_socktype; |
|
186 hints.ai_protocol = ai->ai_protocol; |
|
187 hints.ai_flags = AI_PASSIVE; |
|
188 +#ifdef AI_ADDRCONFIG |
|
189 + if (hints.ai_family == AF_UNSPEC) |
|
190 + hints.ai_flags |= AI_ADDRCONFIG; |
|
191 +#endif /* AI_ADDRCONFIG */ |
|
192 gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); |
|
193 if (gaierr) { |
|
194 error("getaddrinfo: %s: %s", options.bind_address, |