retitle 595779 unblock: cvsd/1.0.21 thanks On Tue, 2010-09-07 at 23:03 +0200, Julien Cristau wrote: > On Tue, Sep 7, 2010 at 21:50:14 +0200, Arthur de Jong wrote: > > The daemon does a call to getaddrinfo() to figure out which addresses it > > should listen on and tries each one. Currently at least one bind() of > > the returned addresses should succeed, other failures are ignored. > > I can't see any reason for bind() failure to not be fatal... I think when the original code was written I implemented in a similar fashion as other daemons at the time. At least sshd currently still only logs bind() failures and doesn't bail out. It only bails out if no address can be bound at all (which cvsd also does). > > Ignoring bind() failures used to be necessary when not using > > IPV6_V6ONLY. Without it both IPv6 and IPv4 addresses were returned and > > the bind on the IPv4 address would always fail if the IPv6 one > > succeeded. cvsd 1.0.20 only changes which failures are ignored. > > They should both succeed if done in the right order, iirc (meaning the > order they're returned from getaddrinfo() with AI_PASSIVE). And in any > case they should both succeed with IPV6_V6ONLY set. If getaddrinfo() returns an IPv6 address and an IPv4 address the bind() for the IPv4 address will fail unless IPV6_V6ONLY is set or the net.ipv6.bindv6only sysctl is set to 1. Between lenny and squeeze getaddrinf() was changed to return the IPv4 address first. Without IPV6_V6ONLY and the sysctl the second bind() will still fail. Anyway, I've uploaded cvsd 1.0.21 to unstable that logs an error on any bind() failure and bails out. -- -- arthur - adejong@debian.org - http://people.debian.org/~adejong --
Attachment:
signature.asc
Description: This is a digitally signed message part