The original InetSocketAddress struct may have has_ipv4 and
has_ipv6 fields set, which will control both the ai_family
used during DNS resolution, and later use of the V6ONLY
flag.
Currently the standalone DNS resolver code drops the
has_ipv4 & has_ipv6 flags after resolving, which means
the later bind() code won't correctly set V6ONLY.
This fixes the following scenarios
-vnc :0,ipv4=off
-vnc :0,ipv6=on
-vnc :::0,ipv4=off
-vnc :::0,ipv6=on
which all mistakenly accepted IPv4 clients
Acked-by: Gerd Hoffmann <kra...@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <f4...@amsat.org>
Reviewed-by: Eric Blake <ebl...@redhat.com>
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
---
io/dns-resolver.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/io/dns-resolver.c b/io/dns-resolver.c
index 57a8896..c072d12 100644
--- a/io/dns-resolver.c
+++ b/io/dns-resolver.c
@@ -116,8 +116,10 @@ static int
qio_dns_resolver_lookup_sync_inet(QIODNSResolver *resolver,
.numeric = true,
.has_to = iaddr->has_to,
.to = iaddr->to,
- .has_ipv4 = false,
- .has_ipv6 = false,
+ .has_ipv4 = iaddr->has_ipv4,
+ .ipv4 = iaddr->ipv4,
+ .has_ipv6 = iaddr->has_ipv6,
+ .ipv6 = iaddr->ipv6,
};
(*addrs)[i] = newaddr;
--
2.9.3
