On 17/05/16(Tue) 16:16, Henning Brauer wrote: > * Gilles Chehade <[email protected]> [2016-05-17 15:56]: > > On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote: > > > This patch came by way of the openntpd github. Linux (and possibly others) > > > will attempt to bind to 0.0.0.0 when binding to '::' and return an error > > > if > > > it can't, unless IPV6_V6ONLY is set. See > > > https://github.com/openntpd-portable/openntpd-portable/issues/19 > > > > > > OK as an in-tree patch? OpenBSD seems to adopt a more liberal > > > interpretation and not return a failure in the same scenario. (The patch > > > against the 5.7 tree, but you get the idea) > > > > > > +#ifdef IPV6_V6ONLY > > > + if (la->sa.ss_family == AF_INET6 && setsockopt(la->fd, > > > + IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1) > > > + log_warn("setsockopt IPV6_V6ONLY"); > > > +#endif > > this is exactly what is supposed to live in the portable imho, to not > clutter the native sources.
Are you sure? What about systems with net.inet6.ip6.v6only=0? Brent if this ever goes in, pledge should be certainly told about IPV6_V6ONLY.
