RT RT/krbdev.mit.edu: Ticket #8531 KDC/kadmind may fail to start on IPv4-only systems Signed in as guest.
[Logout]

[Home] [Search] [Configuration]

[Display] [History] [Basics] [Dates] [People] [Links] [Jumbo]

 
 

 The Basics  
Id
8531
Status
resolved
Worked
0 min
Priority
0/0
Queue
krb5
 

 Keyword Selections  
Component
Tags
Version_reported
  • 1.15
Version_Fixed
  • 1.15.1
Target_Version
  • 1.15-next
 

 Relationships  
Depends on:
Depended on by:
Parents:
Children:

Refers to:
  • 8530: (ghudson) KDC/kadmind explicit wildcard listener addresses do not use pktinfo [resolved]
Referred to by:
 
 Dates  
Created: Mon Dec 26 13:55:23 2016
Starts: Not set
Started: Not set
Last Contact: Mon Jan 9 15:30:43 2017
Due: Not set
Updated: Mon Jan 9 17:54:43 2017 by tlyu
 

 People  
Owner
 ghudson
Requestors
 ghudson@mit.edu
Cc
 
AdminCc
 
 

 More about Greg Hudson  
Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:
 

History   Display mode: [Brief headers] [Full headers]
      Mon Dec 26 13:55:23 2016  ghudson - Ticket created    
     
Subject: KDC/kadmind may fail to start on IPv4-only systems

The 1.15 net-server.c code was written with the assumption that on an
IPv4-only system, getaddrinfo(NULL, ...) will return only an IPv4
wildcard address.  According to discussion in ticket 8530, this is not
the case; we may get an IPv6 wildcard address as well, and binding to
that address can give an EAFNOSUPPORT error.  (I assume the
EAFNOSUPPORT occurs because there is no IPv6 loopback address, not
because the kernel was confgured without IPv6 support, but I'm not
certain.)

Specifying AI_ADDRCONFIG in hints at first seems like it might work
around this problem, but (at least in glibc) AI_ADDRCONFIG does not
respect loopback addresses, and we want to accept connections on
loopback.  So using AI_ADDRCONFIG is probably not a good idea.

A better workaround is to tolerate EAFNOSUPPORT errors when setting up
sockets, as long as we can bind to at least one address returned by
gettadrinfo().


Download (untitled) 913b
      Mon Dec 26 13:55:35 2016  ghudson - Ticket 8531 RefersTo ticket 8530.    
      Mon Jan  9 11:07:19 2017  ghudson - Given to ghudson    
      Mon Jan  9 11:07:20 2017  ghudson - Target_Version 1.15-next added    
      Mon Jan  9 11:07:20 2017  ghudson - Status changed from open to review    
      Mon Jan  9 11:07:20 2017  ghudson - Tags pullup added    
      Mon Jan  9 11:07:20 2017  ghudson - Correspondence added    
     
From: ghudson@mit.edu
Subject: git commit


Fix KDC/kadmind startup on some IPv4-only systems

getaddrinfo(NULL, ...) may yield an IPv6 wildcard address on IPv4-only
systems, and creating a socket for that address may result in an
EAFNOSUPPORT error.  Tolerate that error as long as we can bind at
least one socket for the address.

https://github.com/krb5/krb5/commit/04c2bb56f5203b296b24314810eca02f5dc7e491
Author: Greg Hudson <ghudson@mit.edu>
Commit: 04c2bb56f5203b296b24314810eca02f5dc7e491
Branch: master
 src/lib/apputils/net-server.c |   16 +++++++++++++---
 1 files changed, 13 insertions(+), 3 deletions(-)


Download (untitled) 575b
      Mon Jan  9 15:30:42 2017  tlyu - Version_Fixed 1.15.1 added    
      Mon Jan  9 15:30:42 2017  tlyu - Correspondence added    
     
From: tlyu@mit.edu
Subject: git commit


Fix KDC/kadmind startup on some IPv4-only systems

getaddrinfo(NULL, ...) may yield an IPv6 wildcard address on IPv4-only
systems, and creating a socket for that address may result in an
EAFNOSUPPORT error.  Tolerate that error as long as we can bind at
least one socket for the address.

(cherry picked from commit 04c2bb56f5203b296b24314810eca02f5dc7e491)

https://github.com/krb5/krb5/commit/552a129fb857e7f6fa734011d69785ad912b3fc5
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 552a129fb857e7f6fa734011d69785ad912b3fc5
Branch: krb5-1.15
 src/lib/apputils/net-server.c |   16 +++++++++++++---
 1 files changed, 13 insertions(+), 3 deletions(-)


Download (untitled) 681b
      Mon Jan  9 17:54:43 2017  tlyu - Status changed from review to resolved    
      Mon Jan  9 17:54:43 2017  tlyu - Keyword pullup deleted