fix
tag 82468 patch
thanks
This patch fixes the problems with IPv6 support in ssh and 2.2 kernels
by disabling by default IPv6 support on these systems. It can be
explicitly turned on with -6 on the command line like with the current
package, but anybody serious about IPv6 will not even try a 2.2 kernel
anyway.
If you think this solution is satisfactory please let me know when you
plan to apply this patch.
diff -ur openssh-3.4p1/channels.c openssh-3.4p1+IPv6/channels.c
--- openssh-3.4p1/channels.c Wed Jun 26 11:14:43 2002
+++ openssh-3.4p1+IPv6/channels.c Sat Aug 3 13:51:54 2002
@@ -2351,7 +2351,7 @@
display_number++) {
port = 6000 + display_number;
memset(&hints, 0, sizeof(hints));
- hints.ai_family = IPv4or6;
+ hints.ai_family = AF_INET; /* xlib does not support IPv6 */
hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE;
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%d", port);
diff -ur openssh-3.4p1/debian/rules openssh-3.4p1+IPv6/debian/rules
--- openssh-3.4p1/debian/rules Sat Aug 3 14:21:09 2002
+++ openssh-3.4p1+IPv6/debian/rules Sat Aug 3 14:15:59 2002
@@ -21,7 +21,7 @@
then mv version.h version.h.upstream; mv version.h.new version.h; \
else echo "Version number change failed"; exit 1; \
fi
- ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/lib --mandir=/usr/share/man --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin --with-pam --with-4in6 --with-ipv4-default \
+ ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/lib --mandir=/usr/share/man --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin --with-pam --with-4in6 \
--with-privsep-path=/var/run/sshd --without-rand-helper
$(MAKE) -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='-O2 -Wall -DLOGIN_PROGRAM=\"/bin/login\" -DSSHD_PAM_SERVICE=\"ssh\" -D__FILE_OFFSET_BITS=64 -DHAVE_MMAP_ANON_SHARED' \
SSH_KEYSIGN='/usr/lib/ssh-keysign'
diff -ur openssh-3.4p1/ssh-keyscan.c openssh-3.4p1+IPv6/ssh-keyscan.c
--- openssh-3.4p1/ssh-keyscan.c Sat Aug 3 14:21:09 2002
+++ openssh-3.4p1+IPv6/ssh-keyscan.c Sat Aug 3 14:13:32 2002
@@ -12,6 +12,7 @@
#include "openbsd-compat/fake-queue.h"
#include <openssl/bn.h>
+#include <sys/utsname.h>
#include <setjmp.h>
#include "xmalloc.h"
@@ -784,6 +785,12 @@
fdlim_set(maxfd);
fdcon = xmalloc(maxfd * sizeof(con));
memset(fdcon, 0, maxfd * sizeof(con));
+
+ if (IPv4or6 == AF_UNSPEC) {
+ struct utsname un;
+ if (uname(&un) == 0 && strncmp("2.2.", un.release, 4) == 0)
+ IPv4or6 = AF_INET;
+ }
read_wait_size = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
read_wait = xmalloc(read_wait_size);
diff -ur openssh-3.4p1/ssh.c openssh-3.4p1+IPv6/ssh.c
--- openssh-3.4p1/ssh.c Sat Aug 3 14:21:09 2002
+++ openssh-3.4p1+IPv6/ssh.c Sat Aug 3 14:05:28 2002
@@ -44,6 +44,7 @@
#include <openssl/evp.h>
#include <openssl/err.h>
+#include <sys/utsname.h>
#include "ssh.h"
#include "ssh1.h"
@@ -520,6 +521,12 @@
if (!host)
usage();
+ if (IPv4or6 == AF_UNSPEC) {
+ struct utsname un;
+ if (uname(&un) == 0 && strncmp("2.2.", un.release, 4) == 0)
+ IPv4or6 = AF_INET;
+ }
+
SSLeay_add_all_algorithms();
ERR_load_crypto_strings();
channel_set_af(IPv4or6);
diff -ur openssh-3.4p1/sshd.c openssh-3.4p1+IPv6/sshd.c
--- openssh-3.4p1/sshd.c Sat Aug 3 14:21:09 2002
+++ openssh-3.4p1+IPv6/sshd.c Sat Aug 3 14:15:00 2002
@@ -52,6 +52,7 @@
#include <sys/security.h>
#include <prot.h>
#endif
+#include <sys/utsname.h>
#include "ssh.h"
#include "ssh1.h"
@@ -923,6 +924,13 @@
break;
}
}
+
+ if (IPv4or6 == AF_UNSPEC) {
+ struct utsname un;
+ if (uname(&un) == 0 && strncmp("2.2.", un.release, 4) == 0)
+ IPv4or6 = AF_INET;
+ }
+
SSLeay_add_all_algorithms();
channel_set_af(IPv4or6);
--
ciao,
Marco
Reply to:
- Follow-Ups:
- Re: fix
- From: Wichert Akkerman <wichert@wiggy.net>