Subject: Re: kernel option for "socket: Protocol not supported"
To: Ignatios Souvatzis <is@netbsd.org>
From: Ignatios Souvatzis <is@netbsd.org>
List: tech-security
Date: 02/22/2006 11:31:53
On Tue, Feb 21, 2006 at 10:20:53PM +0100, Ignatios Souvatzis wrote:
> On Tue, Feb 21, 2006 at 01:11:52PM -0800, jonathan@dsg.stanford.edu wrote:
> > 
> > In message <20060221210414.GA27831@beverly.kleinbus.org>,
> > Ignatios Souvatzis writes:
> > 
> > >On Tue, Feb 21, 2006 at 03:42:57PM -0500, George Georgalis wrote:
> > >> On Tue, Feb 21, 2006 at 11:54:38AM -0800, Jonathan Stone wrote:
> > >Uhm... in George's case, disabling it was what created the error. 
> > >Enabling it and the lo0 device would have made it succeed ;-)
> > 
> > But only if you *want* local IPv6, and by removing options INET6,
> > George is saying quite clearly that he doesn't.
> 
> Yes, and that error message is bogus as you noted: [...]

I've looked at the code - IMHO there is a clean one-line patch:

RCS file: /cvsroot/src/crypto/dist/ssh/sshconnect.c,v
retrieving revision 1.31
diff -u -r1.31 sshconnect.c
--- sshconnect.c        23 Apr 2005 16:53:29 -0000      1.31
+++ sshconnect.c        22 Feb 2006 10:29:20 -0000
@@ -188,7 +188,7 @@
        }
        sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
        if (sock < 0)
-               error("socket: %.100s", strerror(errno));
+               debug("socket: %.100s", strerror(errno));
 
        /* Bind the socket to an alternative local IP address */
        if (options.bind_address == NULL)

Note that the last setting of errno is printed after the for loop in the 
function ssh_connect(), anyway - see line 395, so if _no_ address has a
supported address family, the user would be notified.

Regards,
	-is