OpenBSD 4.4 gnutls-serv IPv6 Only Bug
Simon Josefsson
simon at josefsson.org
Fri Apr 24 19:47:36 CEST 2009
Joe Orton <joe at manyfish.co.uk> writes:
> On Fri, Apr 17, 2009 at 05:08:21PM +0200, Simon Josefsson wrote:
>> Peter Hendrickson <pdh at wiredyne.com> writes:
>>
>> > Using GnuTLS 2.6.5 under OpenBSD 4.4, there is a bug in gnutls-serv.
>> > It only listens for connection on an IPv6 port and ignores all IPv4
>> > requests. This can be seen by running something as simple as
>> > "gnutls-serv --http". The patch below illustrates the problem and
>> > supplies a quick fix.
>>
>> Hi. Thanks for the report. I'm not sure the patch is the right thing,
>> supporting only IPv4 seems like a step backwards. Isn't there a way to
>> listen on all address families?
>
> Yes, but it's somewhat complicated, you have to create a socket for each
> returned addrinfo structure, bind them all, set them non-blocking, and
> then poll across them to wait for a connection, and cope with the edge
> cases with v6-mapped IPv4 addresses which make it not that simple.
I tried to implement that:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6ccb2ccaf7d0e8a5391433a6654eef08059f686c
Peter, can you test the latest daily snapshot?
http://daily.josefsson.org/gnutls/gnutls-20090424.tar.gz
There seems to be a cosmetic problem, though, on my normal debian
machine:
jas at mocca:~/src/gnutls/src master$ ./gnutls-serv
Set static Diffie Hellman parameters, consider --dhparams.
Echo Server listening to 0.0.0.0:5556 (family 2)...done
Echo Server listening to :::5556 (family 10)...bind() failed: Invalid argument
^CExiting via signal 2
jas at mocca:~/src/gnutls/src master$
It seems bind fail on my IPv6 interface, which is probably right because
I haven't setup IPv6 here. Is ignoring bind failures the right thing?
I'm not sure why getaddrinfo returns the IPv6 interface at all.
I'm not sure what you mean with v6-mapped IPv4 addresses, though. Is
there anything extra the code needs to do?
Is there a syscall for printing a human readable address family name? I
was hoping for getnameinfo, but no luck. I'd like to print 'IPv4'
instead of 'family 2'..
/Simon
More information about the Gnutls-devel
mailing list