From 795b86313f1f1aab9691666c4f2d5dae6e4acd50 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 21 May 2014 17:12:53 +1000 Subject: - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is available. It takes into account time spent suspended, thereby ensuring timeouts (e.g. for expiring agent keys) fire correctly. bz#2228 reported by John Haxby --- ChangeLog | 4 ++++ channels.c | 16 ++++++++++++++-- misc.c | 11 +++++++++-- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8ad8b1a4e..1a5e6c2e5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use vhangup on Linux. It doens't work for non-root users, and for them it just messes up the tty settings. + - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC + when it is available. It takes into account time spent suspended, + thereby ensuring timeouts (e.g. for expiring agent keys) fire + correctly. bz#2228 reported by John Haxby 20140519 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine diff --git a/channels.c b/channels.c index 1020071ff..ea79dd3c5 100644 --- a/channels.c +++ b/channels.c @@ -2700,6 +2700,7 @@ channel_set_af(int af) * "0.0.0.0" -> wildcard v4/v6 if SSH_OLD_FORWARD_ADDR * "" (empty string), "*" -> wildcard v4/v6 * "localhost" -> loopback v4/v6 + * "127.0.0.1" / "::1" -> accepted even if gateway_ports isn't set */ static const char * channel_fwd_bind_addr(const char *listen_addr, int *wildcardp, @@ -2729,9 +2730,20 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp, "\"%s\" overridden by server " "GatewayPorts", listen_addr); } - } - else if (strcmp(listen_addr, "localhost") != 0) + } else if (strcmp(listen_addr, "localhost") != 0 || + strcmp(listen_addr, "127.0.0.1") == 0 || + strcmp(listen_addr, "::1") == 0) { + /* Accept localhost address when GatewayPorts=yes */ addr = listen_addr; + } + } else if (strcmp(listen_addr, "127.0.0.1") == 0 || + strcmp(listen_addr, "::1") == 0) { + /* + * If a specific IPv4/IPv6 localhost address has been + * requested then accept it even if gateway_ports is in + * effect. This allows the client to prefer IPv4 or IPv6. + */ + addr = listen_addr; } if (wildcardp != NULL) *wildcardp = wildcard; diff --git a/misc.c b/misc.c index deb8768f3..099c4ef80 100644 --- a/misc.c +++ b/misc.c @@ -882,17 +882,24 @@ ms_to_timeval(struct timeval *tv, int ms) time_t monotime(void) { -#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_MONOTONIC) +#if defined(HAVE_CLOCK_GETTIME) && \ + (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME)) struct timespec ts; static int gettime_failed = 0; if (!gettime_failed) { +#if defined(CLOCK_BOOTTIME) + if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) + return (ts.tv_sec); +#endif +#if defined(CLOCK_MONOTONIC) if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) return (ts.tv_sec); +#endif debug3("clock_gettime: %s", strerror(errno)); gettime_failed = 1; } -#endif +#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */ return time(NULL); } -- cgit v1.2.3