Allow ssh(1) to connect through UNIX domain sockets on systems where getaddrinfo(3) supports AF_UNIX

ssh.c

@@ -1695,7 +1695,18 @@ main(int ac, char **av)
 
 	/* Log into the remote system.  Never returns if the login fails. */
 	ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr,
-	    options.port, pw, timeout_ms, cinfo);
+                  options.port, pw, timeout_ms, cinfo);
+
+	if (ssh_packet_connection_is_on_socket(ssh)) {
+		if (ssh_packet_connection_af(ssh) == AF_LOCAL) {
+			verbose("Authenticated to %s.", host);
+		} else {
+			verbose("Authenticated to %s ([%s]:%d).", host,
+			    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
+		}
+	} else {
+		verbose("Authenticated to %s (via proxy).", host);
+	}
 
 	/* We no longer need the private host keys.  Clear them now. */
 	if (sensitive_data.nkeys != 0) {

sshconnect.c

@@ -450,7 +450,8 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 {
 	int on = 1, saved_timeout_ms = *timeout_ms;
 	int oerrno, sock = -1, attempt;
-	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
+	char ntop[NI_MAXHOST];
+	char strport[6 /* strlen(" port ") */ + NI_MAXSERV];
 	struct addrinfo *ai;
 
 	debug3_f("entering");
@@ -469,7 +470,8 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 		 */
 		for (ai = aitop; ai; ai = ai->ai_next) {
 			if (ai->ai_family != AF_INET &&
-			    ai->ai_family != AF_INET6) {
+			    ai->ai_family != AF_INET6 &&
+			    ai->ai_family != AF_LOCAL) {
 				errno = EAFNOSUPPORT;
 				continue;
 			}
@@ -481,7 +483,13 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 				errno = oerrno;
 				continue;
 			}
-			debug("Connecting to %.200s [%.100s] port %s.",
+			if (ai->ai_family == AF_LOCAL) {
+				memset(strport, 0, sizeof(strport));
+			} else {
+				snprintf(strport, sizeof(strport), " port %s",
+				    strport);
+			}
+			debug("Connecting to %.200s [%.100s]%s.",
 				host, ntop, strport);
 
 			/* Create a socket for connecting. */
@@ -500,7 +508,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 				break;
 			} else {
 				oerrno = errno;
-				debug("connect to address %s port %s: %s",
+				debug("connect to %s%s: %s",
 				    ntop, strport, strerror(errno));
 				close(sock);
 				sock = -1;
@@ -513,7 +521,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 
 	/* Return failure if we didn't get a successful connection. */
 	if (sock == -1) {
-		error("ssh: connect to host %s port %s: %s",
+		error("ssh: connect to %s%s: %s",
 		    host, strport, errno == 0 ? "failure" : strerror(errno));
 		return -1;
 	}
@@ -1574,7 +1582,12 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost,
 
 	/* key exchange */
 	/* authenticate user */
-	debug("Authenticating to %s:%d as '%s'", host, port, server_user);
+	if (hostaddr->sa_family == AF_LOCAL) {
+		debug("Authenticating to %s as '%s'", host, server_user);
+	} else {
+		debug("Authenticating to %s:%d as '%s'", host, port,
+		    server_user);
+	}
 	ssh_kex2(ssh, host, hostaddr, port, cinfo);
 	ssh_userauth2(ssh, local_user, server_user, host, sensitive);
 	free(local_user);