Date: | Thu, 28 Jul 2016 07:51:39 +1000 (AEST) |
From: | David Shrimpton <d.shrimpton@its.uq.edu.au> |
To: | krb5-bugs@mit.edu |
Subject: | "Cannot create TCP" logged for failed UDP socket on krb5kdc startup |
Hi,
small bug in net-server.c code.
Note: the kdc.conf has kdc_tcp_ports = ""
to disable tcp .
On startup krb5kdc logs:
Jul 27 16:12:38 myhostname krb5kdc[26223](info): setting up network...
Jul 27 16:12:38 myhostname krb5kdc[26223](info): listening on fd 7: udp 0.0.0.0.88 (pktinfo)
krb5kdc: Address family not supported by protocol - Cannot create TCP server socket on ::.88
Jul 27 16:12:38 myhostname krb5kdc[26223](info): set up 1 sockets
Jul 27 16:12:38 myhostname krb5kdc[26226](info): commencing operation
strace shows a call to socket to match the "::.88" log entry:
socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = -1 EAFNOSUPPORT (Address family not supported by protocol)
write(3, "krb5kdc: Address family not supp"..., 93) = 93
I think this may be showing a small bug in lib/apputils/net-server.c.
1. The log message should show UDP not TCP as a UDP socket is being attempted
to be created. The code logs TCP always regardless of whether UDP or TCP
socket is being created. This is confusing in the situation above where
tcp has been disabled in kdc.conf.
--
David Shrimpton
Information Technology Services | The University of Queensland
small bug in net-server.c code.
Note: the kdc.conf has kdc_tcp_ports = ""
to disable tcp .
On startup krb5kdc logs:
Jul 27 16:12:38 myhostname krb5kdc[26223](info): setting up network...
Jul 27 16:12:38 myhostname krb5kdc[26223](info): listening on fd 7: udp 0.0.0.0.88 (pktinfo)
krb5kdc: Address family not supported by protocol - Cannot create TCP server socket on ::.88
Jul 27 16:12:38 myhostname krb5kdc[26223](info): set up 1 sockets
Jul 27 16:12:38 myhostname krb5kdc[26226](info): commencing operation
strace shows a call to socket to match the "::.88" log entry:
socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = -1 EAFNOSUPPORT (Address family not supported by protocol)
write(3, "krb5kdc: Address family not supp"..., 93) = 93
I think this may be showing a small bug in lib/apputils/net-server.c.
1. The log message should show UDP not TCP as a UDP socket is being attempted
to be created. The code logs TCP always regardless of whether UDP or TCP
socket is being created. This is confusing in the situation above where
tcp has been disabled in kdc.conf.
--
David Shrimpton
Information Technology Services | The University of Queensland