| Summary: | oidentd does not support IPv6 connections | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ian Pilcher <ipilcher> |
| Component: | oidentd | Assignee: | Matthias Saou <matthias> |
| Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 15 | CC: | matthias |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-08-07 17:01:46 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
With further experimentation and reflection ... things are not bad. Once I added "-a ::" to OIDENTD_OPTIONS in /etc/sysconfig/oidentd, everything works as expected, including "mapped IPv4" addresses. So it looks like that option should be added to /etc/sysconfig/oidentd (or the behavior of the daemon should be changed to make that the default). (The reflection part was me realizing that 127.0.0.1 and ::1 are *not* the same address. Duh!) Thanks for the details. Before adding "-a ::" the first thing would be to test how that would affect existing IPv4 only systems, as it's quite likely startup would fail with a bind error. This message is a notice that Fedora 15 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 15. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At this time, all open bugs with a Fedora 'version' of '15' have been closed as WONTFIX. (Please note: Our normal process is to give advanced warning of this occurring, but we forgot to do that. A thousand apologies.) Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, feel free to reopen this bug and simply change the 'version' to a later Fedora version. Bug Reporter: Thank you for reporting this issue and we are sorry that we were unable to fix it before Fedora 15 reached end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" (top right of this page) and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping |
Description of problem: oidentd returns a NO-USER error when queried about an existing IPv6 connection, including "IPv4-mapped" addresses. If I make a IPv4 connection to PostgreSQL with "psql -h 127.0.0.1", oidentd works: netstat --inet --inet6 -n | grep 5432 tcp 0 0 127.0.0.1:5432 127.0.0.1:37916 ESTABLISHED tcp 0 0 127.0.0.1:37916 127.0.0.1:5432 ESTABLISHED [pilcher@ian ~]$ telnet localhost auth Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 37916, 5432 37916,5432:USERID:UNIX:pilcher Connection closed by foreign host. If I make a "mapped" connection with "psql -h ::ffff:127.0.0.1", oidentd fails: [pilcher@ian ~]$ netstat --inet --inet6 -n | grep 5432 tcp 0 0 127.0.0.1:5432 127.0.0.1:55509 ESTABLISHED tcp 0 0 ::ffff:127.0.0.1:55509 ::ffff:127.0.0.1:5432 ESTABLISHED [pilcher@ian ~]$ telnet localhost auth Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 55509, 5432 55509,5432:ERROR:NO-USER Connection closed by foreign host. Similarly, a "pure" IPv6 connection ("psql -h ::1") also causes oidentd to fail: [pilcher@ian ~]$ netstat --inet --inet6 -n | grep 5432 tcp 0 0 ::1:43607 ::1:5432 ESTABLISHED tcp 0 0 ::1:5432 ::1:43607 ESTABLISHED [pilcher@ian ~]$ telnet localhost auth Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 43607, 5432 43607,5432:ERROR:NO-USER Connection closed by foreign host. Version-Release number of selected component (if applicable): oidentd-2.0.8-9.fc15.x86_64 How reproducible: 100% Steps to Reproduce: 1. Query oidentd about any IPv6 connection. Actual results: oidentd will return a NO-USER error. Expected results: oidentd should return the correct result (assuming it is configured to do so). Additional info: This is a real problem for many IPv6-capable applications (including all Java applications), since they will use a "mapped" address whenever told to connect to an IPv4 address.