lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200711081901.59334.agruen@suse.de>
Date:	Thu, 8 Nov 2007 19:01:59 +0100
From:	Andreas Gruenbacher <agruen@...e.de>
To:	Vlad Yasevich <vladislav.yasevich@...com>
Cc:	Jiri Bohac <jbohac@...e.cz>, netdev@...r.kernel.org,
	yoshfuji@...ux-ipv6.org, kkeil@...e.de
Subject: Re: Why does a connect to IPv6 LLA address fail ?

On Wednesday 07 November 2007 20:42, Vlad Yasevich wrote:
> The reason is that 2 different hosts may have the same link-local
> address as long as they are on different links.  If the sender is
> connected to both links then it may send the packet to the wrong
> destination.

Good point.

What's confusing is that connect(2) fails even if the host itself has the 
specified address. This isn't necessary.

What's even more confusing is that the kernel doesn't seem to honor the 
interface in all cases: with
   fe80::20f:20ff:fe3b:e9c3 on eth0 and
   ::1 on lo,
I get the following:

  ping6 fe80::20f:20ff:fe3b:e9c3		fails with EINVAL
  ping6 fe80::20f:20ff:fe3b:e9c3%eth0		succeeds
  ping6 fe80::20f:20ff:fe3b:e9c3%lo		succeeds

At least the last ping should fail, shouldn't it?

> A different and some might say 'better' alternative is to define a
> default link.  Thus when the zone id is not specified the default is used.
> This will work fine for link-scoped addresses.  A default zone would also
> need to be defined for other scopes as well.  That's just one idea.

I think at least for host with only one link (in addition to loopback), 
selecting that link for non-local addresses would make sense.

Thanks,
Andreas
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ