diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2017-10-25 00:15:36 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2017-10-25 00:15:36 +0000 |
| commit | a8cc86a7e0de53165cacc1023814833aed836e36 (patch) | |
| tree | 306e9e02d497a90e4236928bb779d25127b197fc /usr.bin/ssh/sshd.c | |
| parent | 2394b8cc83b8d7a81c7c4ffc7e4215363ae7a38e (diff) | |
Add optional rdomain qualifier to sshd_config's ListenAddress option
to allow listening on a different rdomain(4), e.g.
ListenAddress 0.0.0.0 rdomain 4
Diffstat (limited to 'usr.bin/ssh/sshd.c')
| -rw-r--r-- | usr.bin/ssh/sshd.c | 45 |
1 files changed, 32 insertions, 13 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 72e6d871204..4c280fcc65b 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.493 2017/10/05 15:52:03 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.494 2017/10/25 00:15:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -962,13 +962,13 @@ server_accept_inetd(int *sock_in, int *sock_out) * Listen for TCP connections */ static void -server_listen(void) +listen_on_addrs(struct listenaddr *la) { - int ret, listen_sock, on = 1; + int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; - for (ai = options.listen_addrs; ai; ai = ai->ai_next) { + for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) continue; if (num_listen_socks >= MAX_LISTEN_SOCKS) @@ -998,13 +998,13 @@ server_listen(void) close(listen_sock); continue; } - /* - * Set socket options. - * Allow local port reuse in TIME_WAIT. - */ - if (setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, - &on, sizeof(on)) == -1) - error("setsockopt SO_REUSEADDR: %s", strerror(errno)); + /* Socket options */ + set_reuseaddr(listen_sock); + if (la->rdomain != NULL && + set_rdomain(listen_sock, la->rdomain) == -1) { + close(listen_sock); + continue; + } debug("Bind to port %s on %s.", strport, ntop); @@ -1022,9 +1022,28 @@ server_listen(void) if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0) fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror(errno)); - logit("Server listening on %s port %s.", ntop, strport); + logit("Server listening on %s port %s%s%s.", + ntop, strport, + la->rdomain == NULL ? "" : " rdomain ", + la->rdomain == NULL ? "" : la->rdomain); + } +} + +static void +server_listen(void) +{ + u_int i; + + for (i = 0; i < options.num_listen_addrs; i++) { + listen_on_addrs(&options.listen_addrs[i]); + freeaddrinfo(options.listen_addrs[i].addrs); + free(options.listen_addrs[i].rdomain); + memset(&options.listen_addrs[i], 0, + sizeof(options.listen_addrs[i])); } - freeaddrinfo(options.listen_addrs); + free(options.listen_addrs); + options.listen_addrs = NULL; + options.num_listen_addrs = 0; if (!num_listen_socks) fatal("Cannot bind any address."); |