I'm seeing something similar to bug 1179 (https://bugzilla.mindrot.org/show_bug.cgi?id=1179), even with the reordered IP options check. For some reason, getsockopt is returning an IP options of length 2, value 00 00. Would Mark Weindling's original patch (https://bugzilla.mindrot.org/attachment.cgi?id=1105) break anything if I incorporated it? Platform: HP NonStop S7000 series (G-series RVU). ---- Scott Neugroschl XYPRO Technologies scott_n at xypro.com 805-583-2874 x121
In addition, there's an error in canohost.c/getremotehostname(), that the fix for 1179 introduced (to wit, the variable ntop is uninitialized at the point of call to check_ip_options). I've got to run off to a meeting, but I'll try to post a patch later today. From: Scott Neugroschl Sent: Thursday, August 21, 2008 12:34 PM To: openssh-unix-dev at mindrot.org Subject: IP options I'm seeing something similar to bug 1179 (https://bugzilla.mindrot.org/show_bug.cgi?id=1179), even with the reordered IP options check. For some reason, getsockopt is returning an IP options of length 2, value 00 00. Would Mark Weindling's original patch (https://bugzilla.mindrot.org/attachment.cgi?id=1105) break anything if I incorporated it? Platform: HP NonStop S7000 series (G-series RVU). ---- Scott Neugroschl XYPRO Technologies scott_n at xypro.com 805-583-2874 x121
>From: Scott Neugroschl > >In addition, there's an error in canohost.c/getremotehostname(), thatthe fix>for 1179 introduced (to wit, the variable ntop is uninitialized at thepoint>of call to check_ip_options). I've got to run off to a meeting, butI'll>try to post a patch later today.Here's the proposed patch: Index: canohost.c ==================================================================RCS file: /cvs/openssh/canohost.c,v retrieving revision 1.73 diff -u -r1.73 canohost.c --- canohost.c 12 Jun 2008 18:46:45 -0000 1.73 +++ canohost.c 21 Aug 2008 23:45:32 -0000 @@ -58,8 +58,13 @@ cleanup_exit(255); } - if (from.ss_family == AF_INET) + if (from.ss_family == AF_INET) { + if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), + NULL, 0, NI_NUMERICHOST) != 0) + fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); + check_ip_options(sock, ntop); + } ipv64_normalise_mapped(&from, &fromlen);