--- Begin Message ---
(todd and matthieu, if this does not go through please forward it)
>I wasn't suggesting to use it on Linux. My suggestion was to revert to
>using a single socket on all platforms and use the above code to enable
>accepting IPv4 connections on *BSD.
there is security risk in using single socket, as outlined in
draft-cmetz-v6ops-v4mapped-api-harmful-00.txt
draft-itojun-v6ops-v4mapped-harmful-01.txt
therefore, there are platforms which does not have IPV6_V6ONLY sysctl,
and there are platforms which does not work at all with single socket
(IPv4 packet does not get routed to IPv6).
therefore, i suggest
- on all platforms try to open 2 sockets, AF_INET6 then AF_INET
- ignore error from socket(2) and bind(2) on both cases
- raise error only if both attempt fails
by doing this,
- userland code works with IPv4-only kernel, IPv6-only kernel or
IPv4/v6 dual stack kernel (independence from kernel configuration)
- with linux IPv4/v6 dual stack case, it will use single AF_INET6
socket (with security risk described above)
- other platforms should work with two sockets
itojun
_______________________________________________
Devel mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/devel
--- End Message ---
