summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-10-25 00:15:35 +0000
committerDamien Miller <djm@mindrot.org>2017-10-25 12:26:06 +1100
commitacf559e1cffbd1d6167cc1742729fc381069f06b (patch)
treefc127e0bce21056c96dec59ebdc9e2ff9f5b1e4a /sshd.c
parentb9903ee8ee8671b447fc260c2bee3761e26c7227 (diff)
upstream commit
Add optional rdomain qualifier to sshd_config's ListenAddress option to allow listening on a different rdomain(4), e.g. ListenAddress 0.0.0.0 rdomain 4 Upstream-ID: 24b6622c376feeed9e9be8b9605e593695ac9091
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c45
1 files changed, 32 insertions, 13 deletions
diff --git a/sshd.c b/sshd.c
index 0e3ac26db..93b02b6c8 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.493 2017/10/05 15:52:03 djm Exp $ */ 1/* $OpenBSD: sshd.c,v 1.494 2017/10/25 00:15:35 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1015,13 +1015,13 @@ server_accept_inetd(int *sock_in, int *sock_out)
1015 * Listen for TCP connections 1015 * Listen for TCP connections
1016 */ 1016 */
1017static void 1017static void
1018server_listen(void) 1018listen_on_addrs(struct listenaddr *la)
1019{ 1019{
1020 int ret, listen_sock, on = 1; 1020 int ret, listen_sock;
1021 struct addrinfo *ai; 1021 struct addrinfo *ai;
1022 char ntop[NI_MAXHOST], strport[NI_MAXSERV]; 1022 char ntop[NI_MAXHOST], strport[NI_MAXSERV];
1023 1023
1024 for (ai = options.listen_addrs; ai; ai = ai->ai_next) { 1024 for (ai = la->addrs; ai; ai = ai->ai_next) {
1025 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1025 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1026 continue; 1026 continue;
1027 if (num_listen_socks >= MAX_LISTEN_SOCKS) 1027 if (num_listen_socks >= MAX_LISTEN_SOCKS)
@@ -1051,13 +1051,13 @@ server_listen(void)
1051 close(listen_sock); 1051 close(listen_sock);
1052 continue; 1052 continue;
1053 } 1053 }
1054 /* 1054 /* Socket options */
1055 * Set socket options. 1055 set_reuseaddr(listen_sock);
1056 * Allow local port reuse in TIME_WAIT. 1056 if (la->rdomain != NULL &&
1057 */ 1057 set_rdomain(listen_sock, la->rdomain) == -1) {
1058 if (setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, 1058 close(listen_sock);
1059 &on, sizeof(on)) == -1) 1059 continue;
1060 error("setsockopt SO_REUSEADDR: %s", strerror(errno)); 1060 }
1061 1061
1062 /* Only communicate in IPv6 over AF_INET6 sockets. */ 1062 /* Only communicate in IPv6 over AF_INET6 sockets. */
1063 if (ai->ai_family == AF_INET6) 1063 if (ai->ai_family == AF_INET6)
@@ -1079,9 +1079,28 @@ server_listen(void)
1079 if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0) 1079 if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0)
1080 fatal("listen on [%s]:%s: %.100s", 1080 fatal("listen on [%s]:%s: %.100s",
1081 ntop, strport, strerror(errno)); 1081 ntop, strport, strerror(errno));
1082 logit("Server listening on %s port %s.", ntop, strport); 1082 logit("Server listening on %s port %s%s%s.",
1083 ntop, strport,
1084 la->rdomain == NULL ? "" : " rdomain ",
1085 la->rdomain == NULL ? "" : la->rdomain);
1086 }
1087}
1088
1089static void
1090server_listen(void)
1091{
1092 u_int i;
1093
1094 for (i = 0; i < options.num_listen_addrs; i++) {
1095 listen_on_addrs(&options.listen_addrs[i]);
1096 freeaddrinfo(options.listen_addrs[i].addrs);
1097 free(options.listen_addrs[i].rdomain);
1098 memset(&options.listen_addrs[i], 0,
1099 sizeof(options.listen_addrs[i]));
1083 } 1100 }
1084 freeaddrinfo(options.listen_addrs); 1101 free(options.listen_addrs);
1102 options.listen_addrs = NULL;
1103 options.num_listen_addrs = 0;
1085 1104
1086 if (!num_listen_socks) 1105 if (!num_listen_socks)
1087 fatal("Cannot bind any address."); 1106 fatal("Cannot bind any address.");
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-24 13:06:47 +0000