This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 832121 - Treat ::0 as a wildcard address
Treat ::0 as a wildcard address
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: virt-viewer (Show other bugs)
6.3
Unspecified Unspecified
medium Severity medium
: beta
: 6.4
Assigned To: Daniel Berrange
Virtualization Bugs
: ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-14 11:01 EDT by David Jaša
Modified: 2016-04-26 11:01 EDT (History)
10 users (show)

See Also:
Fixed In Version: virt-viewer-0.5.2-12.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 04:33:18 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description David Jaša 2012-06-14 11:01:13 EDT
Description of problem:
when connecting to remote libvirt-managed spice display that listens on ::0, virt-viewer doesn't treat it as a wildcard and tries to connect to it, leading to ultimate connection failure.


Version-Release number of selected component (if applicable):
virt-viewer-0.5.2-9

How reproducible:
always

Steps to Reproduce:
1. have libvirt that listens for remote tcp or tls connections
2. start a VM that will listen on ::0
    <graphics type='spice'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>
3. connect to the VM from remote machine
virt-viewer -c qemu+(tcp|tls)://ipv4_or_ipv6_address/system VM_NAME
  
Actual results:
virt-viewer will fail to connect with message that connection to ::0:PORT failed

Expected results:
virt-viewer connects to the VM

Additional info:
* doesn't occur on localhost
* you can also use host's ipv4 address in libvirt URI
* ::0 means by default that the program listens on both ipv4 and ipv6 so sticking the host address given in libvirt URI seem most sensible of possible addresses
* I used ipv4 address in libvirt URI in both cases (qemu+tcp://10.34.29.7)
* proposing as zstream as this can affect customers in dual-stack environments


--debug output with listen="::0"
================================

** (virt-viewer:3864): DEBUG: Guest graphics address is ::0:3000
** (virt-viewer:3864): DEBUG: Set connect info: 10.34.29.7,::0,3000,-1,tcp,(null),(null),0
** (virt-viewer:3864): DEBUG: Error operation virDomainOpenGraphics forbidden for read only access
** (virt-viewer:3864): DEBUG: After open connection callback fd=-1
** (virt-viewer:3864): DEBUG: Opening direct TCP connection to display at ::0:3000:-1


--debug output with listen="0.0.0.0"
====================================

** (virt-viewer:3945): DEBUG: Guest graphics address is 0.0.0.0:3000
** (virt-viewer:3945): DEBUG: Guest graphics listen '0.0.0.0' is NULL or a wildcard, replacing with '10.34.29.7'
** (virt-viewer:3945): DEBUG: Set connect info: 10.34.29.7,10.34.29.7,3000,-1,tcp,(null),(null),0
** (virt-viewer:3945): DEBUG: Error operation virDomainOpenGraphics forbidden for read only access
** (virt-viewer:3945): DEBUG: After open connection callback fd=-1
** (virt-viewer:3945): DEBUG: Opening direct TCP connection to display at 10.34.29.7:3000:-1
Comment 1 David Jaša 2012-06-14 11:02:33 EDT
the graphics elements in steps to reproduce should look like this of course:
    <graphics type='spice'>
      <listen type='address' address='::0'/>
    </graphics>
Comment 2 Daniel Berrange 2012-06-14 11:08:29 EDT
Hmm, we are already doing that:

    /* If the XML listen attribute shows a wildcard address, we need to
     * throw that away since you obviously can't 'connect(2)' to that
     * from a remote host. Instead we fallback to the hostname used in
     * the libvirt URI. This isn't perfect but it is better than nothing
     */
    if (!ghost ||
        (strcmp(ghost, "0.0.0.0") == 0 ||
         strcmp(ghost, "::") == 0)) {
        DEBUG_LOG("Guest graphics listen '%s' is NULL or a wildcard, replacing with '%s'",
                  ghost ? ghost : "", host);
        g_free(ghost);
        ghost = g_strdup(host);
    }

But it seems like "::" is not the only string format a IPv6 wildcard can take. Basically any combination of exclusively ':' and 0' is a wildcard eg

 ::
 ::0
 0:0:0:0:0:0:0:0
 0::0

and so on
Comment 3 RHEL Product and Program Management 2012-07-10 02:58:24 EDT
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 4 RHEL Product and Program Management 2012-07-10 22:02:05 EDT
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development.  This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Comment 7 Geyang Kong 2012-10-15 03:22:38 EDT
Verified pass on the following build:
virt-viewer-0.5.2-13.el6.x86_64

Reproduce steps:
1. Have a host with ipv6 address
2. Have a running guest.
3. Edit the guest xml, make sure the graphic device is listening to ::, 0::, and so on.
4. Run remote-viewer spice(or vnc)://[ipv6 address]:port

Actual:
1. Connect to guest successfully.

So mark as this bug as VERIFIED.
Comment 9 errata-xmlrpc 2013-02-21 04:33:18 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0361.html

Note You need to log in before you can comment on or make changes to this bug.