diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2024-01-03 19:36:51 +0100 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2024-01-03 19:42:45 +0100 |
commit | 7e45990c06adc32b7aaf196b36b20001c5f8ce42 (patch) | |
tree | 6196efb8d84cd1722f33ea050134fbcf02b7a8f2 /nixos/modules/services | |
parent | cb274aea01fed6dc9a6f78b3c927f4e6f24c7876 (diff) | |
download | nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar.gz nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar.bz2 nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar.lz nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar.xz nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.tar.zst nixlib-7e45990c06adc32b7aaf196b36b20001c5f8ce42.zip |
nixos/sshd: fix socket activated ports when using ListenAddress
Noticed that issue while reviewing #275633: when declaring `ListenAddress host` without a port, all ports declared by `Port`/`cfg.ports` will be used with `host` according to `sshd_config(5)`. However, if this is done and socket activation is used, only a socket for port 22 is created instead of a sockets for each port from `Port`/`cfg.ports`. This patch corrects that behavior. Also added a regression test for this case.
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 39793922ab51..aca8343b7d59 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -600,7 +600,11 @@ in { description = "SSH Socket"; wantedBy = [ "sockets.target" ]; socketConfig.ListenStream = if cfg.listenAddresses != [] then - map (l: "${l.addr}:${toString (if l.port != null then l.port else 22)}") cfg.listenAddresses + concatMap + ({ addr, port }: + if port != null then [ "${addr}:${toString port}" ] + else map (p: "${addr}:${toString p}") cfg.ports) + cfg.listenAddresses else cfg.ports; socketConfig.Accept = true; |