lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 12 Apr 2010 21:22:41 -0400
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	netdev@...r.kernel.org
Cc:	bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org, charles@....org
Subject: Re: [Bugme-new] [Bug 15720] New: IPv6's ipv4-compatibility
 addresses don't bind


(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Wed, 7 Apr 2010 23:17:32 GMT bugzilla-daemon@...zilla.kernel.org wrote:

> https://bugzilla.kernel.org/show_bug.cgi?id=15720
> 
>            Summary: IPv6's ipv4-compatibility addresses don't bind

A 2.6.9 -> 2.6.32 regression ;)

>            Product: Networking
>            Version: 2.5
>     Kernel Version: 2.6.32-2-686-bigmem
>           Platform: All
>         OS/Version: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: IPV6
>         AssignedTo: yoshfuji@...ux-ipv6.org
>         ReportedBy: charles@....org
>         Regression: Yes
> 
> 
> When attempting to bind to an address using ipv4-compatibility, for example,
> "::ffff:127.0.0.1", Linux refuses to bind to that address when
> /proc/sys/net/ipv6/bindv6only is set.
> 
> Yes, you could say "but you specifically told ipv6 to not bind to ipv4
> addresses!" However, ::ffff:127.0.0.1 is *clearly* an ipv4 address, it's not an
> alternate representation of an ipv6 address, it's an ipv4 address and only
> ipv4.
> 
> This seems to not have been the case as of linux 2.6.9, although I'm not sure
> at what version this changed.
> 
> It seems to me that the intent of "bindv6only" was to not bind to the ipv4
> address when you bind to all addresses (specifically ipv6 address "::"). So
> when you bind to ::, an ipv4 client connects to you, and it appears to be
> connecting from ::ffff:192.168.5.5. I don't think its intent was to effectively
> disable binding to ::ffff:x.x.x.x addresses - just breaking that feature makes
> no sense.
> 
> The Linux 2.6.9 approach seems to match MacOS's (and I'm pretty sure Solaris's,
> too).


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ