On Tue, Aug 12, 2003 at 09:04:05AM -0700, Justin Erenkrantz wrote:
> >If IPv6 has been enabled, that should bind to :: , this is the standard
> >behaviour of all IPv6 apps, and to not do so would be utterly broken.
> >If by some quirk the OS doesn't support IPv4 over IPv6 sockets, then
> >getaddrinfo PF_UNSPEC magic should return the correct linked list to
> >handle this.
>
> Um, then wouldn't it only be listening on IPv6 sockets, not IPv4?
Yep :)
> Surely that can't be right. -- justin
It is, in fact it's the only way you can do it on some stacks (Linux
is an example of one). The socket will accept IPv4 addresses and
treat them as IPv4 mapped IPv6 addresses. They look like:
::ffff:193.1.219.90
Apache handles these just fine for the most part, and the addresses
are translated into the correct AF for logging and so on. E.g on
Linux:
[EMAIL PROTECTED]:~$ netstat -an | grep 80
tcp 0 0 :::80 :::* LISTEN
byron:/home/colmmacc# tail -1 /var/log/apache/access.log
193.1.219.104 - - [15/May/2003:11:22:39 +0100] "GET / HTTP/1.0" 200 4110
"-" "check_http/1.32.2.6 (netsaint-plugins 1.2.9-4)"
Allthough on some platforms (Tru64) I'm tracking down a bug which
seems to leave the addresses mapped for variables like REMOTE_ADDR.
There's also some slight Access List type problems in that IPv4
ACLs don't get applied properly in some situations because of
this, and also mapped addresses in access lists never seem to work.
I can't allow/deny ::ffff:$something for example, which really
I should be able to.
I have an AF-indepentent access list implementation which I wrote
for NSD which I'm working on utilising in APR for apache which should
fix a lot of these niggly problems, but havnt had much time to work
on it lately.
--
Colm MacCárthaigh Public Key: [EMAIL PROTECTED]
[EMAIL PROTECTED] http://www.stdlib.net/
