mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-02 07:35:26 +00:00
Code Issues Releases Wiki Activity

Explicitly enable IPV6_V6ONLY on the netmgr sockets

Browse Source 
Some operating systems (OpenBSD and DragonFly BSD) don't restrict the
IPv6 sockets to sending and receiving IPv6 packets only.  Explicitly
enable the IPV6_V6ONLY socket option on the IPv6 sockets to prevent
failures from using the IPv4-mapped IPv6 address.
This commit is contained in:
Ondřej Surý
2022-01-13 13:24:55 +01:00
parent 55a0d0880a
commit b5e086257d
7 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/ns/interfacemgr.c
View File

@@ -544,10 +544,6 @@ ns_interface_listentcp(ns_interface_t *ifp) {
}
#if 0
#ifndef ISC_ALLOW_MAPPED
isc_socket_ipv6only(ifp->tcpsocket, true);
#endif /* ifndef ISC_ALLOW_MAPPED */
if (ifp->dscp != -1) {
isc_socket_dscp(ifp->tcpsocket,ifp->dscp);
}
@@ -983,12 +979,10 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) {
* packets as the form of mapped addresses unintentionally
* unless explicitly allowed.
*/
#ifndef ISC_ALLOW_MAPPED
if (scan_ipv6 && isc_net_probe_ipv6only() != ISC_R_SUCCESS) {
ipv6only = false;
log_explicit = true;
}
#endif /* ifndef ISC_ALLOW_MAPPED */
if (scan_ipv6 && isc_net_probe_ipv6pktinfo() != ISC_R_SUCCESS) {
ipv6pktinfo = false;
log_explicit = true;