Hi,
openssh-1.2.2p1 seems to have 2 problems on ipv6 (and
ipv4 mapped addresses).
1. "BREAKIN ATTEMPT" warnings from ipv4 node
2. X forwarding
The following patche fixes them.
Thanks.
diff -ru openssh-1.2.2p1/canohost.c openssh-1.2.2p1-20000308/canohost.c
--- openssh-1.2.2p1/canohost.c Fri Jan 14 13:45:48 2000
+++ openssh-1.2.2p1-20000308/canohost.c Wed Mar 8 00:25:18 2000
@@ -42,6 +42,22 @@
debug("getpeername failed: %.100s", strerror(errno));
fatal_cleanup();
}
+
+#ifdef IPV4_IN_IPV6
+ if (((struct sockaddr *)&from)->sa_family == AF_INET6 &&
+ IN6_IS_ADDR_V4MAPPED((&((struct sockaddr_in6 *)&from)->sin6_addr))){
+ struct in_addr addr;
+ u_int16_t port;
+ memcpy(&addr, ((char *)&((struct sockaddr_in6 *)&from)->sin6_addr)+12,
+ sizeof(addr));
+ port = ((struct sockaddr_in6 *)&from)->sin6_port;
+ memset(&from, 0, sizeof(from));
+ ((struct sockaddr_in *)&from)->sin_family = AF_INET;
+ memcpy(&((struct sockaddr_in *)&from)->sin_addr, &addr, sizeof(addr));
+ ((struct sockaddr_in *)&from)->sin_port = port;
+ }
+#endif
+
if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
NULL, 0, NI_NUMERICHOST) != 0)
fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
diff -ru openssh-1.2.2p1/channels.c openssh-1.2.2p1-20000308/channels.c
--- openssh-1.2.2p1/channels.c Fri Mar 3 20:35:33 2000
+++ openssh-1.2.2p1-20000308/channels.c Wed Mar 8 00:25:18 2000
@@ -1215,8 +1215,12 @@
break;
}
socks[num_socks++] = sock;
+#ifndef DONT_TRY_OTHER_AF
if (num_socks == NUM_SOCKS)
break;
+#else
+ break;
+#endif
}
if (num_socks > 0)
break;
diff -ru openssh-1.2.2p1/config.h.in openssh-1.2.2p1-20000308/config.h.in
--- openssh-1.2.2p1/config.h.in Tue Mar 7 20:05:59 2000
+++ openssh-1.2.2p1-20000308/config.h.in Wed Mar 8 00:25:18 2000
@@ -131,6 +131,9 @@
/* Use IPv4 for connection by default, IPv6 can still if explicity asked */
#undef IPV4_DEFAULT
+/* Assume IPv4 mapped addresses IPv4 addresses */
+#undef IPV4_IN_IPV6
+
/* getaddrinfo is broken (if present) */
#undef BROKEN_GETADDRINFO
diff -ru openssh-1.2.2p1/configure.in openssh-1.2.2p1-20000308/configure.in
--- openssh-1.2.2p1/configure.in Sun Mar 5 15:02:46 2000
+++ openssh-1.2.2p1-20000308/configure.in Wed Mar 8 00:26:15 2000
@@ -56,6 +56,8 @@
*-*-linux*)
no_dev_ptmx=1
need_pty_removed_on_close=1
+ CFLAGS="$CFLAGS -DDONT_TRY_OTHER_AF"
+ inet6_default_4in6=yes
;;
*-*-netbsd*)
need_dash_r=1
@@ -778,6 +780,26 @@
[.
if test "x$withval" != "xno" ; then
AC_DEFINE(IPV4_DEFAULT)
+ fi
+ ]
+)
+
+AC_MSG_CHECKING([whether we assume IPv6-mapped addresses IPv4 addresses])
+AC_ARG_WITH(ipv4-in-ipv6,
+ [ --with-ipv4-in-ipv6 assumes ipv4 mapped addresses ipv4 addresses],
+ [.
+ if test "x$withval" != "xno" ; then
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(IPV4_IN_IPV6)
+ else
+ AC_MSG_RESULT(no)
+ fi
+ ],[.
+ if test "x$inet6_default_4in6" = "xyes"; then
+ AC_MSG_RESULT([yes (default)])
+ AC_DEFINE(IPV4_IN_IPV6)
+ else
+ AC_MSG_RESULT([no (default)])
fi
]
)
--
Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Web Page: http://www.ecei.tohoku.ac.jp/%7Eyoshfuji/
PGP5i FP: F731 6599 5EB2 BBA7 1515 1323 1806 A96F 5700 6B25
openssh-1.2.2p1 seems to have 2 problems on ipv6 (and
ipv4 mapped addresses).
1. "BREAKIN ATTEMPT" warnings from ipv4 node
2. X forwarding
The following patche fixes them.
Thanks.
diff -ru openssh-1.2.2p1/canohost.c openssh-1.2.2p1-20000308/canohost.c
--- openssh-1.2.2p1/canohost.c Fri Jan 14 13:45:48 2000
+++ openssh-1.2.2p1-20000308/canohost.c Wed Mar 8 00:25:18 2000
@@ -42,6 +42,22 @@
debug("getpeername failed: %.100s", strerror(errno));
fatal_cleanup();
}
+
+#ifdef IPV4_IN_IPV6
+ if (((struct sockaddr *)&from)->sa_family == AF_INET6 &&
+ IN6_IS_ADDR_V4MAPPED((&((struct sockaddr_in6 *)&from)->sin6_addr))){
+ struct in_addr addr;
+ u_int16_t port;
+ memcpy(&addr, ((char *)&((struct sockaddr_in6 *)&from)->sin6_addr)+12,
+ sizeof(addr));
+ port = ((struct sockaddr_in6 *)&from)->sin6_port;
+ memset(&from, 0, sizeof(from));
+ ((struct sockaddr_in *)&from)->sin_family = AF_INET;
+ memcpy(&((struct sockaddr_in *)&from)->sin_addr, &addr, sizeof(addr));
+ ((struct sockaddr_in *)&from)->sin_port = port;
+ }
+#endif
+
if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
NULL, 0, NI_NUMERICHOST) != 0)
fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
diff -ru openssh-1.2.2p1/channels.c openssh-1.2.2p1-20000308/channels.c
--- openssh-1.2.2p1/channels.c Fri Mar 3 20:35:33 2000
+++ openssh-1.2.2p1-20000308/channels.c Wed Mar 8 00:25:18 2000
@@ -1215,8 +1215,12 @@
break;
}
socks[num_socks++] = sock;
+#ifndef DONT_TRY_OTHER_AF
if (num_socks == NUM_SOCKS)
break;
+#else
+ break;
+#endif
}
if (num_socks > 0)
break;
diff -ru openssh-1.2.2p1/config.h.in openssh-1.2.2p1-20000308/config.h.in
--- openssh-1.2.2p1/config.h.in Tue Mar 7 20:05:59 2000
+++ openssh-1.2.2p1-20000308/config.h.in Wed Mar 8 00:25:18 2000
@@ -131,6 +131,9 @@
/* Use IPv4 for connection by default, IPv6 can still if explicity asked */
#undef IPV4_DEFAULT
+/* Assume IPv4 mapped addresses IPv4 addresses */
+#undef IPV4_IN_IPV6
+
/* getaddrinfo is broken (if present) */
#undef BROKEN_GETADDRINFO
diff -ru openssh-1.2.2p1/configure.in openssh-1.2.2p1-20000308/configure.in
--- openssh-1.2.2p1/configure.in Sun Mar 5 15:02:46 2000
+++ openssh-1.2.2p1-20000308/configure.in Wed Mar 8 00:26:15 2000
@@ -56,6 +56,8 @@
*-*-linux*)
no_dev_ptmx=1
need_pty_removed_on_close=1
+ CFLAGS="$CFLAGS -DDONT_TRY_OTHER_AF"
+ inet6_default_4in6=yes
;;
*-*-netbsd*)
need_dash_r=1
@@ -778,6 +780,26 @@
[.
if test "x$withval" != "xno" ; then
AC_DEFINE(IPV4_DEFAULT)
+ fi
+ ]
+)
+
+AC_MSG_CHECKING([whether we assume IPv6-mapped addresses IPv4 addresses])
+AC_ARG_WITH(ipv4-in-ipv6,
+ [ --with-ipv4-in-ipv6 assumes ipv4 mapped addresses ipv4 addresses],
+ [.
+ if test "x$withval" != "xno" ; then
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(IPV4_IN_IPV6)
+ else
+ AC_MSG_RESULT(no)
+ fi
+ ],[.
+ if test "x$inet6_default_4in6" = "xyes"; then
+ AC_MSG_RESULT([yes (default)])
+ AC_DEFINE(IPV4_IN_IPV6)
+ else
+ AC_MSG_RESULT([no (default)])
fi
]
)
--
Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Web Page: http://www.ecei.tohoku.ac.jp/%7Eyoshfuji/
PGP5i FP: F731 6599 5EB2 BBA7 1515 1323 1806 A96F 5700 6B25
