mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

Explicitly enable IPV6_V6ONLY on the netmgr sockets

Browse Source 
Some operating systems (OpenBSD and DragonFly BSD) don't restrict the
IPv6 sockets to sending and receiving IPv6 packets only.  Explicitly
enable the IPV6_V6ONLY socket option on the IPv6 sockets to prevent
failures from using the IPv4-mapped IPv6 address.
This commit is contained in:
Ondřej Surý
2022-01-13 13:24:55 +01:00
parent 55a0d0880a
commit b5e086257d
7 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/isc/netmgr/netmgr-int.h
View File

@@ -1849,6 +1849,12 @@ isc__nm_socket_disable_pmtud(uv_os_sock_t fd, sa_family_t sa_family);
* option, or setting the IP(V6)_MTU_DISCOVER socket option to IP_PMTUDISC_OMIT
*/
isc_result_t
isc__nm_socket_v6only(uv_os_sock_t fd, sa_family_t sa_family);
/*%<
* Restrict the socket to sending and receiving IPv6 packets only
*/
isc_result_t
isc__nm_socket_connectiontimeout(uv_os_sock_t fd, int timeout_ms);
/*%<

19
lib/isc/netmgr/netmgr.c
View File

@@ -3183,6 +3183,25 @@ isc__nm_socket_disable_pmtud(uv_os_sock_t fd, sa_family_t sa_family) {
return (ISC_R_NOTIMPLEMENTED);
}
isc_result_t
isc__nm_socket_v6only(uv_os_sock_t fd, sa_family_t sa_family) {
/*
* Enable the IPv6-only option on IPv6 sockets
*/
if (sa_family == AF_INET6) {
#if defined(IPV6_V6ONLY)
if (setsockopt_on(fd, IPPROTO_IPV6, IPV6_V6ONLY) == -1) {
return (ISC_R_FAILURE);
} else {
return (ISC_R_SUCCESS);
}
#else
UNUSED(fd);
#endif
}
return (ISC_R_NOTIMPLEMENTED);
}
isc_result_t
isc_nm_checkaddr(const isc_sockaddr_t *addr, isc_socktype_t type) {
int proto, pf, addrlen, fd, r;

1
lib/isc/netmgr/tcp.c
View File

@@ -367,6 +367,7 @@ isc__nm_tcp_lb_socket(sa_family_t sa_family) {
RUNTIME_CHECK(result == ISC_R_SUCCESS);
(void)isc__nm_socket_incoming_cpu(sock);
(void)isc__nm_socket_v6only(sock, sa_family);
/* FIXME: set mss */

1
lib/isc/netmgr/tcpdns.c
View File

@@ -334,6 +334,7 @@ isc__nm_tcpdns_lb_socket(sa_family_t sa_family) {
RUNTIME_CHECK(result == ISC_R_SUCCESS);
(void)isc__nm_socket_incoming_cpu(sock);
(void)isc__nm_socket_v6only(sock, sa_family);
/* FIXME: set mss */

1
lib/isc/netmgr/tlsdns.c
View File

@@ -401,6 +401,7 @@ isc__nm_tlsdns_lb_socket(sa_family_t sa_family) {
RUNTIME_CHECK(result == ISC_R_SUCCESS);
(void)isc__nm_socket_incoming_cpu(sock);
(void)isc__nm_socket_v6only(sock, sa_family);
/* FIXME: set mss */

1
lib/isc/netmgr/udp.c
View File

@@ -94,6 +94,7 @@ isc__nm_udp_lb_socket(sa_family_t sa_family) {
(void)isc__nm_socket_incoming_cpu(sock);
(void)isc__nm_socket_disable_pmtud(sock, sa_family);
(void)isc__nm_socket_v6only(sock, sa_family);
result = isc__nm_socket_reuse(sock);
RUNTIME_CHECK(result == ISC_R_SUCCESS);