Bug 788755

Summary: FQDN set to nsslapd-listenhost makes the server start fail if IPv4-mapped-IPv6 address is given
Product: Red Hat Enterprise Linux 6 Reporter: Rich Megginson <rmeggins>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3CC: amsharma, jgalipea, nhosoi
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.10.0-1.el6 Doc Type: Bug Fix
Doc Text:
Cause: IPv4-mapped-IPv6 address was treated as an independent address. Consequence: If it conflicts with IPv4 address, the server complained it. Fix: When the address is IPv4-mapped-IPv6, cut the IPv4 part out of the address and use it to compare. Result: Even if IPv4-mapped-IPv6 is configured and conflict with IPv4, the server starts with no error.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 07:14:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rich Megginson 2012-02-08 23:08:59 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/52

https://bugzilla.redhat.com/show_bug.cgi?id=697669

{{{
Description of problem:
Setting FQDN to nsslapd-listenhost, the server fails to start as follows.  It
happens on my laptop, but not on my desktop.

    # /usr/lib/dirsrv/slapd-jiji/start-slapd -d 0
    [.] - 389-Directory/1.2.9.a1.git6d094d2 B2011.103.2056 starting up
    [.] - slapd started.  Listening on 2000::1:1234 port 10389 for LDAP
requests
    [.] - Listening on 10.14.54.140 port 10389 for LDAP requests
    [.] - Listening on 10.14.54.140 port 10389 for LDAP requests
    [.] slapd_daemon - PR_Listen() on 10.14.54.140 port 10389 failed: Netscape
Portable Runtime error -5982 (Local Network address is in use.)
    [.] - slapd shutting down - signaling operation threads
    [.] - slapd shutting down - waiting for 28 threads to terminate
    [.] - slapd shutting down - closing down internal subsystems and plugins
    [.] - Waiting for 4 database threads to stop
    [.] - All database threads now stopped
    [.] - userRoot: Cleaning up entry cache
    [.] - userRoot: Cleaning up dn cache
    [.] - slapd stopped.

The problem of my laptop is IPv4-mapped-IPv6 address is returned and the
address is added to the listen host array, which is basically identical to the
IPv4 address pf PR_Listen.  To avoid the problem, I think slapd_listenhost2addr
should check if the address is an IPv4 mapped IPv6 address or not.  And if it
is, it should not add it to the listen host array.

(gdb) p *(*addr)[0]
$15 = {raw = {family = 10,
    data = "\000\000\000\000\000\000 \000\000\000\000\000\000"}, inet = {
    family = 10, port = 0, ip = 0, pad = " \000\000\000\000\000\000"}, ipv6 = {
    family = 10, port = 0, flowinfo = 0, ip = {_S6_un = {
        _S6_u8 = " ", '\000' <repeats 12 times>, "\001\022\064", _S6_u16 = {
          32, 0, 0, 0, 0, 0, 256, 13330}, _S6_u32 = {32, 0, 0, 873595136},
        _S6_u64 = {32, 3752062539064672256}}}, scope_id = 0}, local = {
    family = 10,
    path = "\000\000\000\000\000\000 ", '\000' <repeats 12 times>,
"\001\022\064", '\000' <repeats 81 times>}}
(gdb) p addrbuf
$19 = 0xbffff32c "2000::1:1234"

(gdb) p *(*addr)[1]
$17 = {raw = {family = 2,
    data = "\000\000\n\016\066\214\000\000\000\000\000\000\000"}, inet = {
    family = 2, port = 0, ip = 2352352778,
    pad = "\000\000\000\000\000\000\000"}, ipv6 = {family = 2, port = 0,
    flowinfo = 2352352778, ip = {_S6_un = {_S6_u8 = '\000' <repeats 15 times>,
        _S6_u16 = {0, 0, 0, 0, 0, 0, 0, 0}, _S6_u32 = {0, 0, 0, 0}, _S6_u64 = {
          0, 0}}}, scope_id = 0}, local = {family = 2,
    path = "\000\000\n\016\066\214", '\000' <repeats 97 times>}}
p addrbuf
$20 = 0xbffff32c "10.14.54.140"

(gdb) p *(*addr)[2]
$18 = {raw = {family = 10, data = '\000' <repeats 13 times>}, inet = {
    family = 10, port = 0, ip = 0, pad = "\000\000\000\000\000\000\000"},
  ipv6 = {family = 10, port = 0, flowinfo = 0, ip = {_S6_un = {
        _S6_u8 =
"\000\000\000\000\000\000\000\000\000\000\377\377\n\016\066\214", _S6_u16 = {0,
0, 0, 0, 0, 65535, 3594, 35894}, _S6_u32 = {0, 0, 4294901760,
          2352352778}, _S6_u64 = {0, 10103278254459650048}}}, scope_id = 0},
  local = {family = 10,
    path = '\000' <repeats 16 times>"\377, \377\n\016\066\214", '\000' <repeats
81 times>}}
(gdb) p addrbuf
$21 = 0xbffff32c "::ffff:10.14.54.140"



2751         PRAddrInfo *infop = PR_GetAddrInfoByName( listenhost,
2752                         PR_AF_UNSPEC, (PR_AI_ADDRCONFIG|PR_AI_NOCANONNAME)
);
2753         if ( NULL != infop ) {
2754             void *iter = NULL;
2755             int addrcnt = 0;
2756             int i = 0;
2757             memset( netaddr, 0, sizeof( PRNetAddr ));
2758             /* need to count the address, first */
2759             while ( (iter = PR_EnumerateAddrInfo( iter, infop, 0, netaddr
)     )
2760                             != NULL ) {
2761                 addrcnt++;
2762             }
2763             if ( 0 == addrcnt ) {
2764                 slapi_log_error( SLAPI_LOG_FATAL, logname,
2765                     "PR_EnumerateAddrInfo for %s failed - %s error %d
(%s)\     n",
2766                     listenhost, SLAPI_COMPONENT_NAME_NSPR, prerr,
2767                     slapd_pr_strerror(prerr));
2768                 rval = -1;
2769             } else {
2770                 *addr = (PRNetAddr **)slapi_ch_calloc(addrcnt + 1, sizeof
(     PRNetAddr *));
2771                 iter = NULL; /* from the beginning */
2772                 memset( netaddr, 0, sizeof( PRNetAddr ));
2773                 for  ( i = 0; i < addrcnt; i++ ) {
2774                     iter = PR_EnumerateAddrInfo( iter, infop, 0, netaddr
);
2775                     if ( NULL == iter ) {
2776                         break;
2777                     }
2778                     (*addr)[i] = netaddr;
2779                     netaddr = (PRNetAddr *)slapi_ch_calloc(1,
sizeof(PRNetA     ddr));
2780                 }
2781                 slapi_ch_free((void **)&netaddr); /* not used */
2782             }
2783             PR_FreeAddrInfo( infop );
}}}
Comment 2 Noriko Hosoi 2012-05-10 17:43:44 UTC 
Adding a test case to tet.
Comment 3 Noriko Hosoi 2012-05-10 19:23:02 UTC 
Adding a test case bug788755 - FQDN set to nsslapd-listenhost makes 
the server start fail if IPv4-mapped-IPv6 address is given
--  --
M    ipv6/ipv6.sh

[IPv6 Test Case bug788755] server successfully started: PASS
TestCase [bug788755] result-> [PASS]

Clearing the NEEDINFO flag.
Comment 4 Amita Sharma 2012-05-17 10:09:24 UTC 
Marking as VERIFIED, based on above comment.
Comment 5 Noriko Hosoi 2012-05-24 22:45:47 UTC 
    Technical note added. If any revisions are required, please edit the
"Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content
Services team.

    New Contents:
Cause: IPv4-mapped-IPv6 address was treated as an independent address.
Consequence: If it conflicts with IPv4 address, the server complained it.
Fix: When the address is IPv4-mapped-IPv6, cut the IPv4 part out of the address and use it to compare.
Result: Even if IPv4-mapped-IPv6 is configured and conflict with IPv4, the server starts with no error.
Comment 6 Noriko Hosoi 2012-05-25 00:30:09 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause: IPv4-mapped-IPv6 address was treated as an independent address.
Consequence: If it conflicts with IPv4 address, the server complained it.
Fix: When the address is IPv4-mapped-IPv6, cut the IPv4 part out of the address and use it to compare.
Result: Even if IPv4-mapped-IPv6 is configured and conflict with IPv4, the server starts with no error.
Comment 7 errata-xmlrpc 2012-06-20 07:14:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0813.html