From bf7e07d299b197891110fbd8c717badbab06a472 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 1 Jul 2022 16:29:53 +0200 Subject: services: openssh: Listen on IPv6 only when IPv6 is supported. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes . Reported by André Batista . * gnu/services/ssh.scm (openssh-shepherd-service)[ipv6-support?]: New variable. Use it in 'start' method. --- gnu/services/ssh.scm | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 57d3ad218c..72e7183590 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -536,6 +536,15 @@ of user-name/file-like tuples." #~(and (defined? 'make-inetd-constructor) (not (string=? (@ (shepherd config) Version) "0.9.0")))) + (define ipv6-support? + ;; Expression that returns true if IPv6 support is available. + #~(catch 'system-error + (lambda () + (let ((sock (socket AF_INET6 SOCK_STREAM 0))) + (close-port sock) + #t)) + (const #f))) + (list (shepherd-service (documentation "OpenSSH server.") (requirement '(syslogd loopback)) @@ -544,12 +553,15 @@ of user-name/file-like tuples." (start #~(if #$inetd-style? (make-inetd-constructor (append #$openssh-command '("-i")) - (list (endpoint + (cons (endpoint (make-socket-address AF_INET INADDR_ANY #$port-number)) - (endpoint - (make-socket-address AF_INET6 IN6ADDR_ANY - #$port-number))) + (if #$ipv6-support? + (list + (endpoint + (make-socket-address AF_INET6 IN6ADDR_ANY + #$port-number))) + '())) #:max-connections #$max-connections) (make-forkexec-constructor #$openssh-command #:pid-file #$pid-file))) -- cgit 1.4.1