On 08.03.2012 00:13, Marios Makassikis wrote:
<snip>
I tried to find where the problem might be coming from, but I haven't
found anything.
Using debug_options, I had this message at some point:
comm_openex: Opened socket local=[ client_ipv6_address ] remote=[::]
FD 14 flags=1 : family=24, type=1, protocol=6
Write.cc(132) HandleWrite: FD 14 write failure: (32) Broken pipe.
write(2) manpage says the following:
[EPIPE] An attempt is made to write to a socket of
type
SOCK_STREAM that is not connected to a peer
socket.
Which seems to confirm my suspicions.
Is the remote address reported by comm_openex normal? I'd expect to
see the destination's
IP in there.
Your expectation is correct.
For outgoing connections comm_openex() should always receive a
destination IP address and port in the remote field.
<snip>
diff --git a/src/ip/Intercept.cc b/src/ip/Intercept.cc
index 446b3ea..64e0891 100644
--- a/src/ip/Intercept.cc
+++ b/src/ip/Intercept.cc
<snip>
@@ -428,8 +428,36 @@ Ip::Intercept::ProbeForTproxy(Ip::Address &test)
}
}
-#else /* undefined IP_TRANSPARENT */
- debugs(3, 3, "setsockopt(IP_TRANSPARENT) not supported on this
platform. Disabling TPROXYv4.");
+#elif _SQUID_OPENBSD_
+ debugs(3, 3, "Detect BINDANY support on port " << test);
+
+ int tos = 1;
+ int tmp_sock = -1;
+
+ if (test.IsIPv6()) {
+ debugs(3, 3, "...Probing for IPv6 SO_BINDANY support.");
+
+ struct sockaddr_in6 tmp_ipv6;
+ struct in6_addr tempaddr = { };
+ if (!IN6_IS_ADDR_UNSPECIFIED(&tempaddr)) {
+ inet_pton(AF_INET6, "2001:db8:100::1", &tempaddr);
+ }
The above is wrong. tempaddr should always meet the not-set test
immediately after being allocated.
+ struct in6_addr tempaddr = { };
+ inet_pton(AF_INET6, "2001:db8:100::1", &tempaddr);
Please also use an identifiably bogus address provided the test still
works reliably with it. The Linux tests use ::2 for this purpose.
Amos
