openssh: Don't attempt to connect to unsupported addresses

When iterating over known addresses for the requested target host name,
skip those that are not supported by the running kernel.

MFC after:	1 week
PR:		195231
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D53588

crypto/openssh/FREEBSD-upgrade

@@ -181,6 +181,13 @@
    skip setting DISABLE_LASTLOG which we've applied for FreeBSD, but the
    autoconf machinery really ought to be reworked.  Reported upstream at
    https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-May/040242.html
+
+11) Protocol selection
+
+   We use the non-portable feature_present(3) API to determine which
+   internet protocols are supported by the kernel before trying to
+   connect to the target host.  This avoids confusing the user with
+   spurious error messages.
 
 
 This port was brought to you by (in no particular order) DARPA, NAI

crypto/openssh/sshconnect.c

@@ -458,6 +458,8 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 	memset(ntop, 0, sizeof(ntop));
 	memset(strport, 0, sizeof(strport));
 
+	int inet_supported = feature_present("inet");
+	int inet6_supported = feature_present("inet6");
 	for (attempt = 0; attempt < connection_attempts; attempt++) {
 		if (attempt > 0) {
 			/* Sleep a moment before retrying. */
@@ -482,6 +484,13 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 				errno = oerrno;
 				continue;
 			}
+			if ((ai->ai_family == AF_INET && !inet_supported) ||
+			    (ai->ai_family == AF_INET6 && !inet6_supported)) {
+				debug2_f("skipping address [%s]:%s: "
+				    "unsupported address family", ntop, strport);
+				errno = EAFNOSUPPORT;
+				continue;
+			}
 			if (options.address_family != AF_UNSPEC &&
 			    ai->ai_family != options.address_family) {
 				debug2_f("skipping address [%s]:%s: "