ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2025-01-11 13:49:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

services: openssh: Listen on IPv6 only when IPv6 is supported.

Browse source 
Fixes <https://issues.guix.gnu.org/56327>.
Reported by André Batista <nandre@riseup.net>.

* gnu/services/ssh.scm (openssh-shepherd-service)[ipv6-support?]: New
variable.
Use it in 'start' method.
This commit is contained in:
Ludovic Courtès 2022-07-01 16:29:53 +02:00
parent b512dadfd6
commit bf7e07d299
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
gnu/services/ssh.scm
View file

@ -536,6 +536,15 @@ (define inetd-style?
#~(and (defined? 'make-inetd-constructor)
(not (string=? (@ (shepherd config) Version) "0.9.0"))))
(define ipv6-support?
;; Expression that returns true if IPv6 support is available.
#~(catch 'system-error
(lambda ()
(let ((sock (socket AF_INET6 SOCK_STREAM 0)))
(close-port sock)
#t))
(const #f)))
(list (shepherd-service
(documentation "OpenSSH server.")
(requirement '(syslogd loopback))
@ -544,12 +553,15 @@ (define inetd-style?
(start #~(if #$inetd-style?
(make-inetd-constructor
(append #$openssh-command '("-i"))
(list (endpoint
(cons (endpoint
(make-socket-address AF_INET INADDR_ANY
#$port-number))
(endpoint
(make-socket-address AF_INET6 IN6ADDR_ANY
#$port-number)))
(if #$ipv6-support?
(list
(endpoint
(make-socket-address AF_INET6 IN6ADDR_ANY
#$port-number)))
'()))
#:max-connections #$max-connections)
(make-forkexec-constructor #$openssh-command
#:pid-file #$pid-file)))