patch for openssh-1.2.2p1

Hideaki YOSHIFUJI yoshfuji at ecei.tohoku.ac.jp
Wed Mar 8 03:00:04 EST 2000


Hi,

openssh-1.2.2p1 seems to have 2 problems on ipv6 (and
ipv4 mapped addresses).

 1. "BREAKIN ATTEMPT" warnings from ipv4 node
 2. X forwarding

The following patche fixes them.
Thanks.

diff -ru openssh-1.2.2p1/canohost.c openssh-1.2.2p1-20000308/canohost.c
--- openssh-1.2.2p1/canohost.c	Fri Jan 14 13:45:48 2000
+++ openssh-1.2.2p1-20000308/canohost.c	Wed Mar  8 00:25:18 2000
@@ -42,6 +42,22 @@
 		debug("getpeername failed: %.100s", strerror(errno));
 		fatal_cleanup();
 	}
+
+#ifdef IPV4_IN_IPV6
+	if (((struct sockaddr *)&from)->sa_family == AF_INET6 &&
+	    IN6_IS_ADDR_V4MAPPED((&((struct sockaddr_in6 *)&from)->sin6_addr))){
+		struct in_addr addr;
+		u_int16_t port;
+		memcpy(&addr, ((char *)&((struct sockaddr_in6 *)&from)->sin6_addr)+12,
+		       sizeof(addr));
+		port = ((struct sockaddr_in6 *)&from)->sin6_port;
+		memset(&from, 0, sizeof(from));
+		((struct sockaddr_in *)&from)->sin_family = AF_INET;
+		memcpy(&((struct sockaddr_in *)&from)->sin_addr, &addr, sizeof(addr));
+		((struct sockaddr_in *)&from)->sin_port = port;
+	}
+#endif
+
 	if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
 	     NULL, 0, NI_NUMERICHOST) != 0)
 		fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
diff -ru openssh-1.2.2p1/channels.c openssh-1.2.2p1-20000308/channels.c
--- openssh-1.2.2p1/channels.c	Fri Mar  3 20:35:33 2000
+++ openssh-1.2.2p1-20000308/channels.c	Wed Mar  8 00:25:18 2000
@@ -1215,8 +1215,12 @@
 				break;
 			}
 			socks[num_socks++] = sock;
+#ifndef DONT_TRY_OTHER_AF
 			if (num_socks == NUM_SOCKS)
 				break;
+#else
+			break;
+#endif
 		}
 		if (num_socks > 0)
 			break;
diff -ru openssh-1.2.2p1/config.h.in openssh-1.2.2p1-20000308/config.h.in
--- openssh-1.2.2p1/config.h.in	Tue Mar  7 20:05:59 2000
+++ openssh-1.2.2p1-20000308/config.h.in	Wed Mar  8 00:25:18 2000
@@ -131,6 +131,9 @@
 /* Use IPv4 for connection by default, IPv6 can still if explicity asked */
 #undef IPV4_DEFAULT
 
+/* Assume IPv4 mapped addresses IPv4 addresses */
+#undef IPV4_IN_IPV6
+
 /* getaddrinfo is broken (if present) */
 #undef BROKEN_GETADDRINFO
 
diff -ru openssh-1.2.2p1/configure.in openssh-1.2.2p1-20000308/configure.in
--- openssh-1.2.2p1/configure.in	Sun Mar  5 15:02:46 2000
+++ openssh-1.2.2p1-20000308/configure.in	Wed Mar  8 00:26:15 2000
@@ -56,6 +56,8 @@
 *-*-linux*)
 	no_dev_ptmx=1
 	need_pty_removed_on_close=1
+	CFLAGS="$CFLAGS -DDONT_TRY_OTHER_AF"
+	inet6_default_4in6=yes
 	;;
 *-*-netbsd*)
 	need_dash_r=1
@@ -778,6 +780,26 @@
 	[
 		if test "x$withval" != "xno" ; then	
 			AC_DEFINE(IPV4_DEFAULT)
+		fi
+	]
+)
+
+AC_MSG_CHECKING([whether we assume IPv6-mapped addresses IPv4 addresses])
+AC_ARG_WITH(ipv4-in-ipv6,
+	[  --with-ipv4-in-ipv6     assumes ipv4 mapped addresses ipv4 addresses],
+	[
+		if test "x$withval" != "xno" ; then
+			AC_MSG_RESULT(yes)
+			AC_DEFINE(IPV4_IN_IPV6)
+		else
+			AC_MSG_RESULT(no)
+		fi
+	],[
+		if test "x$inet6_default_4in6" = "xyes"; then
+			AC_MSG_RESULT([yes (default)])
+			AC_DEFINE(IPV4_IN_IPV6)
+		else
+			AC_MSG_RESULT([no (default)])
 		fi
 	]
 )

-- 
Hideaki YOSHIFUJI <yoshfuji at ecei.tohoku.ac.jp>
Web Page: http://www.ecei.tohoku.ac.jp/%7Eyoshfuji/
PGP5i FP: F731 6599 5EB2 BBA7 1515  1323 1806 A96F 5700 6B25 





More information about the openssh-unix-dev mailing list