24525860 upgrade OpenSSH to 7.3p1
24320031 problem in UTILITY/OPENSSH
24461706 problem in UTILITY/OPENSSH
#
# Use AI_ADDRCONFIG flag for getaddrinfo() hints where
# the address family is AF_UNSPEC. See description of AI_ADDRCONFIG
# in getaddrinfo(3C).
#
# We have contributed back this fix to the OpenSSH upstream community. For
# more information, see https://bugzilla.mindrot.org/show_bug.cgi?id=2483
# In the future, if this fix is accepted by the upsteam in a later release, we
# will remove this patch when we upgrade to that release.
#
diff -pur old/canohost.c new/canohost.c
--- old/canohost.c
+++ new/canohost.c
@@ -274,6 +274,10 @@ remote_hostname(struct ssh *ssh)
memset(&hints, 0, sizeof(hints));
hints.ai_family = from.ss_family;
hints.ai_socktype = SOCK_STREAM;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags = AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
logit("reverse mapping checking getaddrinfo for %.700s "
"[%s] failed.", name, ntop);
diff -pur old/channels.c new/channels.c
--- old/channels.c
+++ new/channels.c
@@ -2856,8 +2856,12 @@ channel_setup_fwd_listener_tcpip(int typ
*/
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
- hints.ai_flags = wildcard ? AI_PASSIVE : 0;
hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = wildcard ? AI_PASSIVE : 0;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
snprintf(strport, sizeof strport, "%d", fwd->listen_port);
if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
if (addr == NULL) {
@@ -3740,6 +3744,10 @@ connect_to(const char *name, int port, c
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags = AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(name, strport, &hints, &cctx.aitop)) != 0) {
error("connect_to %.100s: unknown host (%s)", name,
@@ -3912,8 +3920,12 @@ x11_create_display_inet(int x11_display_
port = 6000 + display_number;
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
- hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE;
hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) {
error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr));
@@ -4094,6 +4106,10 @@ x11_connect_display(void)
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags = AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
snprintf(strport, sizeof strport, "%u", 6000 + display_number);
if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
error("%.100s: unknown host. (%s)", buf,
diff -pur old/regress/netcat.c new/regress/netcat.c
--- old/regress/netcat.c
+++ new/regress/netcat.c
@@ -334,6 +334,10 @@ main(int argc, char *argv[])
hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
if (nflag)
hints.ai_flags |= AI_NUMERICHOST;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
}
if (xflag) {
@@ -362,6 +366,10 @@ main(int argc, char *argv[])
proxyhints.ai_protocol = IPPROTO_TCP;
if (nflag)
proxyhints.ai_flags |= AI_NUMERICHOST;
+#ifdef AI_ADDRCONFIG
+ if (proxyhints.ai_family == AF_UNSPEC)
+ proxyhints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
}
if (lflag) {
@@ -636,6 +644,10 @@ remote_connect(const char *host, const c
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
ahints.ai_flags = AI_PASSIVE;
+#ifdef AI_ADDRCONFIG
+ if (ahints.ai_family == AF_UNSPEC)
+ ahints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
errx(1, "getaddrinfo: %s", gai_strerror(error));
@@ -1385,8 +1397,12 @@ decode_addrport(const char *h, const cha
bzero(&hints, sizeof(hints));
hints.ai_family = v4only ? PF_INET : PF_UNSPEC;
- hints.ai_flags = numeric ? AI_NUMERICHOST : 0;
hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = numeric ? AI_NUMERICHOST : 0;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
r = getaddrinfo(h, p, &hints, &res);
/* Don't fatal when attempting to convert a numeric address */
if (r != 0) {
diff -pur old/servconf.c new/servconf.c
--- old/servconf.c
+++ new/servconf.c
@@ -735,6 +735,10 @@ add_one_listen_addr(ServerOptions *optio
hints.ai_family = options->address_family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
fatal("bad addr or host: %s (%s)",
diff -pur old/ssh-keyscan.c new/ssh-keyscan.c
--- old/ssh-keyscan.c
+++ new/ssh-keyscan.c
@@ -365,6 +365,10 @@ tcpconnect(char *host)
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags = AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) {
error("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr));
return -1;
diff -pur old/ssh.c new/ssh.c
--- old/ssh.c
+++ new/ssh.c
@@ -254,6 +254,10 @@ resolve_host(const char *name, int port,
hints.ai_socktype = SOCK_STREAM;
if (cname != NULL)
hints.ai_flags = AI_CANONNAME;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) {
if (logerr || (gaierr != EAI_NONAME && gaierr != EAI_NODATA))
loglevel = SYSLOG_LEVEL_ERROR;
@@ -293,6 +297,10 @@ resolve_addr(const char *name, int port,
AF_UNSPEC : options.address_family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) {
debug2("%s: could not resolve name %.100s as address: %s",
__func__, name, ssh_gai_strerror(gaierr));
diff -pur old/sshconnect.c new/sshconnect.c
--- old/sshconnect.c
+++ new/sshconnect.c
@@ -293,6 +293,10 @@ ssh_create_socket(int privileged, struct
hints.ai_socktype = ai->ai_socktype;
hints.ai_protocol = ai->ai_protocol;
hints.ai_flags = AI_PASSIVE;
+#ifdef AI_ADDRCONFIG
+ if (hints.ai_family == AF_UNSPEC)
+ hints.ai_flags |= AI_ADDRCONFIG;
+#endif /* AI_ADDRCONFIG */
gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
if (gaierr) {
error("getaddrinfo: %s: %s", options.bind_address,