Bug#533604: Doesn't bind to IPv6 addresses by default

[Fabian Knittel]

tag 533604 +patch
thanks

Hi,

Stefan Bauer wrote:
> Am 23.02.2010 12:15, Philipp Kern schrieb:
>> Stefan,
>> 
>> am Tue, Feb 23, 2010 at 12:06:04PM +0100 hast du folgendes geschrieben:
>>> i'm aware of that problem but still seeking for an easy solution as
>>> i'm not familiar with socket programming. bindv6only is a pain in
>>> the nack right now for several packages.

The attached patch activates bindv6only on all IPv6 sockets used by
oidentd. This should avoid the problem experienced by Michael and Phil.

>> but, after some thought I just activated "-a ::" for now (i.e. the proposal
>> mentioned in the initial mail of the bug report) which works well with both
>> IPv4 and IPv6.

BTW: With the patch applied, the work-around will no longer work, as "-a
::" will only listen on IPv6.

>>  I guess you need two sockets, one with AF_INET6 und one
>> with AF_INET

That's the approach already taken by oidentd - at least if you don't use
"-a".

With "-a" oidentd only uses a single socket and together with my patch
oidentd will only listen on either IPv6 or IPv4 (depending on what the
passed hostname resolves to).

So for some use cases, the patch might cause a slight regression and an
enhanced patch would be necessary. The patch would need to resolve the
hostname passed via -a to all possible IPv4 and IPv6 adresses (instead
of only the first) and create listening sockets for each address.

> and it should bail out if one of the two can be opened? :)

As far as I can tell, it currently only bails out if _none_ of the
sockets were successfully opened.

> Chainging directly the behavior on the socket should do the trick
> the best way. Maybe i will add the "-a ::" so called bind to all
> stanza in a newer release as default coz this seems by now to be the
> most comfortable "workaround".

Would that work on systems with blacklisted ipv6 linux kernel module?
(Some people still do that.)

Cheers
Fabian

diff --git a/src/oidentd_inet_util.c b/src/oidentd_inet_util.c
index fcc8a72..8497563 100644
--- a/src/oidentd_inet_util.c
+++ b/src/oidentd_inet_util.c
@@ -60,6 +60,12 @@ static int setup_bind(const struct addrinfo *ai, in_port_t listen_port) {
 #ifdef WANT_IPV6
 		case AF_INET6:
 			SIN6(ai->ai_addr)->sin6_port = listen_port;
+
+			if (setsockopt(listenfd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
+							sizeof(one)) != 0) {
+				debug("setsockopt IPV6_V6ONLY: %s", strerror(errno));
+				return (-1);
+			}
 			break;
 #endif