From d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 7 Feb 2014 09:24:33 +1100
Subject:    - djm@cvs.openbsd.org 2014/02/06 22:21:01      [sshconnect.c]     
 in ssh_create_socket(), only do the getaddrinfo for BindAddress when     
 BindAddress is actually specified. Fixes regression in 6.5 for     
 UsePrivilegedPort=yes; patch from Corinna Vinschen

---
 ChangeLog    |  5 +++++
 sshconnect.c | 33 ++++++++++++++++++---------------
 2 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index cdb5ca4d..e3b5fd28 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,11 @@
      [ssh-keygen.1 ssh-keygen.c]
      tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
      while here, fix ordering in usage(); requested by jmc@
+   - djm@cvs.openbsd.org 2014/02/06 22:21:01
+     [sshconnect.c]
+     in ssh_create_socket(), only do the getaddrinfo for BindAddress when
+     BindAddress is actually specified. Fixes regression in 6.5 for
+     UsePrivilegedPort=yes; patch from Corinna Vinschen
 
 20140206
  - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
diff --git a/sshconnect.c b/sshconnect.c
index 3781eaf3..573d7a8e 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.245 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.246 2014/02/06 22:21:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -269,7 +269,7 @@ static int
 ssh_create_socket(int privileged, struct addrinfo *ai)
 {
 	int sock, r, gaierr;
-	struct addrinfo hints, *res;
+	struct addrinfo hints, *res = NULL;
 
 	sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
 	if (sock < 0) {
@@ -282,17 +282,19 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
 	if (options.bind_address == NULL && !privileged)
 		return sock;
 
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_family = ai->ai_family;
-	hints.ai_socktype = ai->ai_socktype;
-	hints.ai_protocol = ai->ai_protocol;
-	hints.ai_flags = AI_PASSIVE;
-	gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
-	if (gaierr) {
-		error("getaddrinfo: %s: %s", options.bind_address,
-		    ssh_gai_strerror(gaierr));
-		close(sock);
-		return -1;
+	if (options.bind_address) {
+		memset(&hints, 0, sizeof(hints));
+		hints.ai_family = ai->ai_family;
+		hints.ai_socktype = ai->ai_socktype;
+		hints.ai_protocol = ai->ai_protocol;
+		hints.ai_flags = AI_PASSIVE;
+		gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
+		if (gaierr) {
+			error("getaddrinfo: %s: %s", options.bind_address,
+			    ssh_gai_strerror(gaierr));
+			close(sock);
+			return -1;
+		}
 	}
 	/*
 	 * If we are running as root and want to connect to a privileged
@@ -300,7 +302,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
 	 */
 	if (privileged) {
 		PRIV_START;
-		r = bindresvport_sa(sock, res->ai_addr);
+		r = bindresvport_sa(sock, res ? res->ai_addr : NULL);
 		PRIV_END;
 		if (r < 0) {
 			error("bindresvport_sa: af=%d %s", ai->ai_family,
@@ -317,7 +319,8 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
 			return -1;
 		}
 	}
-	freeaddrinfo(res);
+	if (res != NULL)
+		freeaddrinfo(res);
 	return sock;
 }
 
-- 
cgit v1.2.3