From: dtucker Date: Tue, 3 May 2005 09:05:32 +0000 (+0000) Subject: - (dtucker) [canohost.c] normalise socket addresses returned by X-Git-Tag: V_4_1_P1~11 X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/a56cebd3fd1985dd121d9d822c44db88c7c96f5a - (dtucker) [canohost.c] normalise socket addresses returned by get_remote_hostname(). This means that IPv4 addresses in log messages on IPv6 enabled machines will no longer be prefixed by "::ffff:" and AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style addresses only for 4-in-6 mapped connections, regardless of whether or not the machine is IPv6 enabled. ok djm@ --- diff --git a/ChangeLog b/ChangeLog index 0efc77cf..cfad7d12 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +20050503 + - (dtucker) [canohost.c] normalise socket addresses returned by + get_remote_hostname(). This means that IPv4 addresses in log messages + on IPv6 enabled machines will no longer be prefixed by "::ffff:" and + AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style + addresses only for 4-in-6 mapped connections, regardless of whether + or not the machine is IPv6 enabled. ok djm@ + 20050425 - (dtucker) [regress/multiplex.sh] Use "kill -0 $pid" to check for the existence of a process since it's more portable. Found by jbasney at diff --git a/canohost.c b/canohost.c index 1c22d477..94d66643 100644 --- a/canohost.c +++ b/canohost.c @@ -251,6 +251,8 @@ get_socket_address(int sock, int remote, int flags) if (addr.ss_family == AF_INET6) addrlen = sizeof(struct sockaddr_in6); + ipv64_normalise_mapped(&addr, &addrlen); + /* Get the address in ascii. */ if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), NULL, 0, flags)) != 0) {