- (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC

when it is available. It takes into account time spent suspended, thereby ensuring timeouts (e.g. for expiring agent keys) fire correctly. bz#2228 reported by John Haxby
2014-05-21 17:12:53 +10:00 · 2014-05-21 17:12:53 +10:00 · 795b86313f
parent 18912775cb
commit 795b86313f
3 changed files with 27 additions and 4 deletions
--- a/4
+++ b/4
@ -2,6 +2,10 @@
 - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
   vhangup on Linux. It doens't work for non-root users, and for them
   it just messes up the tty settings.
+ - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
+   when it is available. It takes into account time spent suspended,
+   thereby ensuring timeouts (e.g. for expiring agent keys) fire
+   correctly. bz#2228 reported by John Haxby

 20140519
 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
--- a/channels.c
+++ b/channels.c
@ -2700,6 +2700,7 @@ channel_set_af(int af)
 * "0.0.0.0"               -> wildcard v4/v6 if SSH_OLD_FORWARD_ADDR
 * "" (empty string), "*"  -> wildcard v4/v6
 * "localhost"             -> loopback v4/v6
+ * "127.0.0.1" / "::1"     -> accepted even if gateway_ports isn't set
 */
 static const char *
 channel_fwd_bind_addr(const char *listen_addr, int *wildcardp,
@ -2729,9 +2730,20 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp,
 				    "\"%s\" overridden by server "
 				    "GatewayPorts", listen_addr);
 			}
-		}
-		else if (strcmp(listen_addr, "localhost") != 0)
+		} else if (strcmp(listen_addr, "localhost") != 0 ||
+		    strcmp(listen_addr, "127.0.0.1") == 0 ||
+		    strcmp(listen_addr, "::1") == 0) {
+			/* Accept localhost address when GatewayPorts=yes */
 			addr = listen_addr;
+		}
+	} else if (strcmp(listen_addr, "127.0.0.1") == 0 ||
+	    strcmp(listen_addr, "::1") == 0) {
+		/*
+		 * If a specific IPv4/IPv6 localhost address has been
+		 * requested then accept it even if gateway_ports is in
+		 * effect. This allows the client to prefer IPv4 or IPv6.
+		 */
+		addr = listen_addr;
 	}
 	if (wildcardp != NULL)
 		*wildcardp = wildcard;
--- a/misc.c
+++ b/misc.c
@ -882,17 +882,24 @@ ms_to_timeval(struct timeval *tv, int ms)
 time_t
 monotime(void)
 {
-#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_MONOTONIC)
+#if defined(HAVE_CLOCK_GETTIME) && \
+    (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME))
 	struct timespec ts;
 	static int gettime_failed = 0;

 	if (!gettime_failed) {
+#if defined(CLOCK_BOOTTIME)
+		if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0)
+			return (ts.tv_sec);
+#endif
+#if defined(CLOCK_MONOTONIC)
 		if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
 			return (ts.tv_sec);
+#endif
 		debug3("clock_gettime: %s", strerror(errno));
 		gettime_failed = 1;
 	}
-#endif
+#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */

 	return time(NULL);
 }