https://bugs.openldap.org/show_bug.cgi?id=9603
Issue ID: 9603
Summary: tcp wrappers no longer works with IPv6
Product: OpenLDAP
Version: 2.5.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: slapd
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Hi,
OpenLDAP 2.5.5
Testing on Scientific Linux 7.9
It looks like slapd no longer passes an IPv6 address correctly to tcp wrappers.
Steps to Reproduce: connect to 2.5.5 slapd over IPv6 with tcp-wrappers enabled.
Actual Results: access is always denied
Expected Results: access permitted for IP addresses in /etc/hosts.allow
Additional information:
The problem seems to be that an IPv6 address is passed to hosts_ctl (~line 2324
in servers/slapd/daemon.c) as "[ipv6-address]" (with enclosing '[' and ']') -
rather than "ipv6-address", e.g. the logged output is:
warning: can't resolve hostname ([2001:630:3c1:212:a2d3:c1ff:fe25:eec3]): Name
or service not known
fd=19 DENIED from unknown ([2001:630:3c1:212:a2d3:c1ff:fe25:eec3]
... when compared to a 2.4.59 slapd:
fd=19 DENIED from unknown (2001:630:3c1:212:a2d3:c1ff:fe25:eec3)
IPv4 connections work OK.
Thanks
Toby Blake
School of Informatics
University of Edinburgh
--
You are receiving this mail because:
You are on the CC list for the issue.
