Skip Menu |
 

Subject: KDC/kadmind may fail to start on IPv4-only systems
The 1.15 net-server.c code was written with the assumption that on an
IPv4-only system, getaddrinfo(NULL, ...) will return only an IPv4
wildcard address. According to discussion in ticket 8530, this is not
the case; we may get an IPv6 wildcard address as well, and binding to
that address can give an EAFNOSUPPORT error. (I assume the
EAFNOSUPPORT occurs because there is no IPv6 loopback address, not
because the kernel was confgured without IPv6 support, but I'm not
certain.)

Specifying AI_ADDRCONFIG in hints at first seems like it might work
around this problem, but (at least in glibc) AI_ADDRCONFIG does not
respect loopback addresses, and we want to accept connections on
loopback. So using AI_ADDRCONFIG is probably not a good idea.

A better workaround is to tolerate EAFNOSUPPORT errors when setting up
sockets, as long as we can bind to at least one address returned by
gettadrinfo().
From: ghudson@mit.edu
Subject: git commit

Fix KDC/kadmind startup on some IPv4-only systems

getaddrinfo(NULL, ...) may yield an IPv6 wildcard address on IPv4-only
systems, and creating a socket for that address may result in an
EAFNOSUPPORT error. Tolerate that error as long as we can bind at
least one socket for the address.

https://github.com/krb5/krb5/commit/04c2bb56f5203b296b24314810eca02f5dc7e491
Author: Greg Hudson <ghudson@mit.edu>
Commit: 04c2bb56f5203b296b24314810eca02f5dc7e491
Branch: master
src/lib/apputils/net-server.c | 16 +++++++++++++---
1 files changed, 13 insertions(+), 3 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Fix KDC/kadmind startup on some IPv4-only systems

getaddrinfo(NULL, ...) may yield an IPv6 wildcard address on IPv4-only
systems, and creating a socket for that address may result in an
EAFNOSUPPORT error. Tolerate that error as long as we can bind at
least one socket for the address.

(cherry picked from commit 04c2bb56f5203b296b24314810eca02f5dc7e491)

https://github.com/krb5/krb5/commit/552a129fb857e7f6fa734011d69785ad912b3fc5
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 552a129fb857e7f6fa734011d69785ad912b3fc5
Branch: krb5-1.15
src/lib/apputils/net-server.c | 16 +++++++++++++---
1 files changed, 13 insertions(+), 3 deletions(-)