Ok guys, you are getting the logic wrong from everything I've seen. Here
is what you really want to do:
errv6 = attempt to bind to v6 socket
errv4 = attempt to bind to v4 socket
if ( errv6 && errv4 )
error!
else
success!
this will work on linux, bsd, and any system, without having to guess what
is supported.
The `linux feature/bug/buggy feature' however you wish to say it needs to
change, but that is another discussion, and the above logic will work for
every case, before and after any future transition.
Matthieu forwarded an email from Itojun to this effect, but I suspect those
reading this thread will not have noticed it. Therefore I'll include it
inline here:
--- forwarded email from Itojun ---
Date: Wed, 23 Jul 2003 16:46:38 +0900
From: Jun-ichiro itojun Hagino <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: IPv6 problems on Linux
(todd and matthieu, if this does not go through please forward it)
>I wasn't suggesting to use it on Linux. My suggestion was to revert to
>using a single socket on all platforms and use the above code to enable
>accepting IPv4 connections on *BSD.
there is security risk in using single socket, as outlined in
draft-cmetz-v6ops-v4mapped-api-harmful-00.txt
draft-itojun-v6ops-v4mapped-harmful-01.txt
therefore, there are platforms which does not have IPV6_V6ONLY sysctl,
and there are platforms which does not work at all with single socket
(IPv4 packet does not get routed to IPv6).
therefore, i suggest
- on all platforms try to open 2 sockets, AF_INET6 then AF_INET
- ignore error from socket(2) and bind(2) on both cases
- raise error only if both attempt fails
by doing this,
- userland code works with IPv4-only kernel, IPv6-only kernel or
IPv4/v6 dual stack kernel (independence from kernel configuration)
- with linux IPv4/v6 dual stack case, it will use single AF_INET6
socket (with security risk described above)
- other platforms should work with two sockets
itojun
--- end forwarded email from Itojun ---
Thanks,
--
Todd Fries .. [EMAIL PROTECTED]
Free Daemon Consulting, LLC Land: 405-748-4596
http://FreeDaemonConsulting.com Mobile: 405-203-6124
"..in support of free software solutions."
Key fingerprint: 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A
Key: http://todd.fries.net/pgp.txt
(last updated 2003/03/13 07:14:10)
Penned by Fabio Massimo Di Nitto on Wed, Jul 23, 2003 at 02:52:24PM +0200, we have:
| On Wed, 23 Jul 2003, Egbert Eich wrote:
|
| > Fabio Massimo Di Nitto writes:
| > > On Tue, 22 Jul 2003, Matthias Scheler wrote:
| > >
| > > > On Tue, Jul 22, 2003 at 08:03:35PM +0200, Egbert Eich wrote:
| > > > > The current CVS code produces the error:
| > > > >
| > > > > _XSERVTransSocketINETCreateListener: ...SocketCreateListener() failed
| > > > > _XSERVTransMakeAllCOTSServerListeners: server already running
| > > > >
| > > > > Fatal server error:
| > > > > Cannot establish any listening sockets - Make sure an X server isn't
already running
| > > > >
| > > > > bind() returns an EADDRINUSE error when binding to the second IP
| > > > > protocol (in CVS it is IPv6).
| > > > >
| > > > > When I switch the order of initialization around and skip the IPv4
| > > > > protocol if IPv6 initialization was successful, everything works:
| > > > > I can connect thru IPv6 and IPv4.
| > > >
| > > > This sounds like a bug in Linux's socket implementation.
| > >
| > > Not really. Linux has been always working like this. the USAGI patch for
| > > linux kernel implements a runtime configurable option to separate ipv6 and
| > > ipv4 bindings.
| >
| >
| > Something like:
| >
| > int off = 0;
| > [...]
| > if (setsockopt(listen_socket, IPPROTO_IPV6, IPV6_V6ONLY, &off,
| > sizeof (off)) < 0) {
| >
| > ?
| > This of course would help, however it wouldn't address the problem on
| > the existing systems.
| >
|
| I didn't check/produce any code but the easiest way to implement in linux
| is something like (if the user does not specify --nolisten):
|
| bind to ipv6
| if it works ok
| otherwise fail silently
| bind to ipv4
| if it works ok
| otherwise fail with error message.
|
| specifing --nolisten the "fail" conditions might change their behaviour.
|
| This is basically what i did when i first tried the ipv6 kame patch for X.
|
| Fabio
|
| --
| Our mission: make IPv6 the default IP protocol
| "We are on a mission from God" - Elwood Blues
|
| http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
| _______________________________________________
| Devel mailing list
| [EMAIL PROTECTED]
| http://XFree86.Org/mailman/listinfo/devel
_______________________________________________
Devel mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/devel
