Mac OS X BROKEN_GETADDRINFO detection patch

Sergio Gelato Sergio.Gelato at astro.su.se
Mon Mar 8 04:28:39 EST 2004


* Damien Miller [2004-03-06 09:25:10 +1100]:
> We should be making another portable release soon for this bug and a couple 
> of others.

I guess I should submit the following patch now rather than later, then.
Improves detection of broken getaddrinfo() on Mac OS X. Still not as
comprehensive as one might wish, but detects the one extant bug
I'm aware of in that platform's getaddrinfo(). Among the features broken
by this bug is the ability to use non-numeric hostnames in from= clauses
in the authorized_keys file.

Note, however, that since getaddrinfo is in a dynamic library there is no
guarantee that the version available to sshd at run time will be as bug-free
as the one it was built against. It may therefore be safer to define
BROKEN_GETADDRINFO unconditionally on this platform.

I'd love to report the underlying issues to Apple, but the only channel
I've found that might work (the feedback form didn't) involves a vaguely 
NDA-like piece of legalese which I have no wish to touch. If anyone else 
knows a better way (or has already signed that contract), let me know.

--- orig/configure.ac
+++ mod/configure.ac
@@ -142,10 +142,19 @@
 *-*-darwin*)
 	AC_MSG_CHECKING(if we have working getaddrinfo)
 	AC_TRY_RUN([#include <mach-o/dyld.h>
-main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
-		exit(0);
-	else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+main() { 
+	struct addrinfo hints, *ai;
+	if (NSVersionOfRunTimeLibrary("System") < (60 << 16))
 		exit(1);
+	memset(&hints,0,sizeof(hints));
+	hints.ai_family = PF_UNSPEC;
+	hints.ai_flags = AI_NUMERICHOST;
+	if (getaddrinfo("localhost","0",&hints,&ai) != EAI_NONAME)
+		exit(2);
+	exit(0);
 }], [AC_MSG_RESULT(working)],
 	[AC_MSG_RESULT(buggy)
 	AC_DEFINE(BROKEN_GETADDRINFO)],






More information about the openssh-unix-dev mailing list