From owner-freebsd-bugs@FreeBSD.ORG  Fri Aug 31 02:10:02 2007
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0A48616A41B
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 31 Aug 2007 02:10:02 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id D116913C468
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 31 Aug 2007 02:10:01 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l7V2A1Ca083811
	for <freebsd-bugs@freefall.freebsd.org>; Fri, 31 Aug 2007 02:10:01 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l7V2A1I6083810;
	Fri, 31 Aug 2007 02:10:01 GMT (envelope-from gnats)
Resent-Date: Fri, 31 Aug 2007 02:10:01 GMT
Resent-Message-Id: <200708310210.l7V2A1I6083810@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Mark Andrews <marka@isc.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F34D816A421
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 31 Aug 2007 02:03:06 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (drugs.dv.isc.org
	[IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc])
	by mx1.freebsd.org (Postfix) with ESMTP id A331B13C46E
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 31 Aug 2007 02:03:06 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1])
	by drugs.dv.isc.org (8.14.1/8.14.1) with ESMTP id l7V233AX002299
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 31 Aug 2007 12:03:04 +1000 (EST)
	(envelope-from marka@drugs.dv.isc.org)
Received: (from marka@localhost)
	by drugs.dv.isc.org (8.14.1/8.14.1/Submit) id l7U7lRNn002375;
	Thu, 30 Aug 2007 17:47:27 +1000 (EST) (envelope-from marka)
Message-Id: <200708300747.l7U7lRNn002375@drugs.dv.isc.org>
Date: Thu, 30 Aug 2007 17:47:27 +1000 (EST)
From: Mark Andrews <marka@isc.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: bin/115960: sshd's X11 forwarding broken on IPv6 only machine
	[patch].
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Mark Andrews <marka@isc.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2007 02:10:02 -0000


>Number:         115960
>Category:       bin
>Synopsis:       sshd's X11 forwarding broken on IPv6 only machine [patch].
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 31 02:10:01 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Mark Andrews
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
ISC
>Environment:
System: FreeBSD drugs.dv.isc.org 6.2-STABLE FreeBSD 6.2-STABLE #17: Fri Aug 3 08:01:36 EST 2007 marka@drugs.dv.isc.org:/usr/obj/usr/src/sys/DRUGS i386


>Description:

	OpenSSH X11 forwarding fails on system without IPv4
	interfaces.
	
>How-To-Repeat:

	Disable the IPv4 interface setup, including lo0.

	e.g.
		ifconfig_lo0=up
		ifconfig_xxx0=NOAUTO

	You should end up something like this.

% ifconfig
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=1b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING>
        inet6 fe80::214:22ff:fed9:fbdc%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:1f00:820:214:22ff:fed9:fbdc prefixlen 64 autoconf 
        ether 00:14:22:d9:fb:dc
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: active
iwi0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        ether 00:16:6f:46:b7:5d
        media: IEEE 802.11 Wireless Ethernet autoselect
        status: no carrier
        ssid "" channel 1
        authmode OPEN privacy OFF txpowmax 100 bmiss 10 protmode CTS
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 
% 

	Attempt to ssh into the machine and forward X11.

>Fix:

	The existing code works if and only if the address family that
	fails is *not* the last address family in the list returned
	by getaddrinfo().

	The solution is to look at errno to decide if the bind(2) failure
	should cause sshd to move to the next port or not.

	Mark

Index: crypto/openssh/channels.c
===================================================================
RCS file: /home/ncvs/src/crypto/openssh/channels.c,v
retrieving revision 1.20.2.2
diff -u -r1.20.2.2 channels.c
--- crypto/openssh/channels.c	6 Oct 2006 14:07:12 -0000	1.20.2.2
+++ crypto/openssh/channels.c	30 Aug 2007 07:33:12 -0000
@@ -2892,10 +2892,11 @@
 #endif
 			channel_set_reuseaddr(sock);
 			if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+				int save_errno = errno;
 				debug2("bind port %d: %.100s", port, strerror(errno));
 				close(sock);
 
-				if (ai->ai_next)
+				if (save_errno == EADDRNOTAVAIL)
 					continue;
 
 				for (n = 0; n < num_socks; n++) {

>Release-Note:
>Audit-Trail:
>Unformatted: