The '[3ffe::102]' hostname libvirt passes to SSH here is coming from

    priv->hostname = strdup (conn->uri && conn->uri->server ?
                             conn->uri->server : "localhost");


The conn->uri is the xmlURIPtr struct with the parsed URI. The '[' and ']' are *not* part of the hostname, they are the special URI string encoding for numeric addresses, and thus shouldn't have been in the xmlURIPtr parsed hostname. Thus this looks like a libxml bug to me.

This issue has been proposed when we are only considering blocker
issues in the current Red Hat Enterprise Linux release.

** If you would still like this issue considered for the current
release, ask your support representative to file as a blocker on
your behalf. Otherwise ask that it be considered for the next
Red Hat Enterprise Linux release. **

Created attachment 439089 [details]
Demonstrate missing escaping of ':' in hostnames

This demo program shows the escaping problem in xmlURIPtr handling. While it correctly escapes & unescapes '?' in the path component, it does not escape or unescape ':' in the server component. In this example program, libxml2 generates a URI that it cannot then parse, because it misses the '[' and ']' to protect the hostname containing ':'. Even if it had added these, it then fails to remove them when parsing.

Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Red Hat Enterprise Linux. Unfortunately, we
are unable to address this request in the current release. Because we
are in the final stage of Red Hat Enterprise Linux 6 development, only
significant, release-blocking issues involving serious regressions and
data corruption can be considered.

If you believe this issue meets the release blocking criteria as
defined and communicated to you by your Red Hat Support representative,
please ask your representative to file this issue as a blocker for the
current release. Otherwise, ask that it be evaluated for inclusion in
the next minor release of Red Hat Enterprise Linux.

*** Bug 670725 has been marked as a duplicate of this bug. ***

What's the correct fix here?  It doesn't matter at all to me where a fix gets done, either in libxml2 or libvirt, but libvirt is broken until we have a solution.

IMHO we need to deal with this in libvirt.

Ok, I've changed the component to libvirt.

DV, what's going on with this BZ?

This upstream commit should solve things:

commit 9f748277bbd17d031f80d28e6d2fc4b52e8d5715
Author: Martin Kletzander <mkletzan>
Date:   Fri Feb 24 19:48:55 2012 +0100

    Fixed URI parsing
    
    Function xmlParseURI does not remove square brackets around IPv6
    address when parsing. One of the solutions is making wrappers around
    functions working with xmlURI*. This assures that uri->server will be
    always properly assigned and it doesn't have to be changed when used
    on some new place in the code.
    For this purpose, functions virParseURI and virSaveURI were
    added. These function are wrappers around xmlParseURI and xmlSaveUri
    respectively.
    Also there is one new syntax check function to prohibit these functions
    anywhere else.
    
    File changes:
     - src/util/viruri.h        -- declaration
     - src/util/viruri.c        -- definition
     - src/libvirt_private.syms -- symbol export
     - src/Makefile.am          -- added source and header files
     - cfg.mk                   -- added sc_prohibit_xmlURI
     - all others               -- ID name and include fixes

Ok, I'm closing this as a dup of BZ 785164

*** This bug has been marked as a duplicate of bug 785164 ***