[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/05: services: openssh: Listen on IPv6 only when IPv6 is supported.
|
From: |
guix-commits |
|
Subject: |
02/05: services: openssh: Listen on IPv6 only when IPv6 is supported. |
|
Date: |
Fri, 1 Jul 2022 17:53:27 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit bf7e07d299b197891110fbd8c717badbab06a472
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Fri Jul 1 16:29:53 2022 +0200
services: openssh: Listen on IPv6 only when IPv6 is supported.
Fixes <https://issues.guix.gnu.org/56327>.
Reported by André Batista <nandre@riseup.net>.
* gnu/services/ssh.scm (openssh-shepherd-service)[ipv6-support?]: New
variable.
Use it in 'start' method.
---
gnu/services/ssh.scm | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 57d3ad218c..72e7183590 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -536,6 +536,15 @@ of user-name/file-like tuples."
#~(and (defined? 'make-inetd-constructor)
(not (string=? (@ (shepherd config) Version) "0.9.0"))))
+ (define ipv6-support?
+ ;; Expression that returns true if IPv6 support is available.
+ #~(catch 'system-error
+ (lambda ()
+ (let ((sock (socket AF_INET6 SOCK_STREAM 0)))
+ (close-port sock)
+ #t))
+ (const #f)))
+
(list (shepherd-service
(documentation "OpenSSH server.")
(requirement '(syslogd loopback))
@@ -544,12 +553,15 @@ of user-name/file-like tuples."
(start #~(if #$inetd-style?
(make-inetd-constructor
(append #$openssh-command '("-i"))
- (list (endpoint
+ (cons (endpoint
(make-socket-address AF_INET INADDR_ANY
#$port-number))
- (endpoint
- (make-socket-address AF_INET6 IN6ADDR_ANY
- #$port-number)))
+ (if #$ipv6-support?
+ (list
+ (endpoint
+ (make-socket-address AF_INET6 IN6ADDR_ANY
+ #$port-number)))
+ '()))
#:max-connections #$max-connections)
(make-forkexec-constructor #$openssh-command
#:pid-file #$pid-file)))