Bug 45830
| Summary: | [kerberos] KDC has problems when listening to IPv6 and IPv4 addresses | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Michel Oosterhof <m.oosterhof> |
| Component: | bin | Assignee: | freebsd-bugs (Nobody) <bugs> |
| Status: | Open --- | ||
| Severity: | Affects Only Me | CC: | archit |
| Priority: | Normal | ||
| Version: | 4.7-PRERELEASE | ||
| Hardware: | Any | ||
| OS: | Any | ||
My initial report is missing one detail, when I do specify them in the order with the ipv6 address first, the KDC will attempt to bind to 2 addresses, port 88 for UDP and TCP. UDP succeeds, but TCP fails. This generates the following two log messages: Nov 28 23:48:53 hydrogen kdc[98434]: listening on IPv6:3ffe:8280:10:1050::1 port 88/udp Nov 28 23:48:53 hydrogen kdc[98434]: bind IPv6:3ffe:8280:10:1050::1/88: /var/heimdal/kdc.conf:0: can not open file Responsible Changed From-To: freebsd-bugs->nectar over to heimdal maintainer Responsible Changed From-To: nectar->freebsd-bugs Reset assignee; nectar is away from FreeBSD work at the moment. For bugs matching the following criteria: Status: In Progress Changed: (is less than) 2014-06-01 Reset to default assignee and clear in-progress tags. Mail being skipped Cannot reproduce on 12.1-RELEASE. I used simple krb5.conf files:
[kdc]
addresses = 2605:2700:0:1:abcd:1:2:3 127.0.0.1 12.23.34.45
and
[kdc]
addresses = 127.0.0.1 12.23.34.45 2605:2700:0:1:abcd:1:2:3
|
I'm trying to run the kdc (heimdal kerberos daemon), on a specific ipv6 address (and 2 ipv4 addresses). This works, if i specify the following in /etc/krb5.conf ... [kdc] addresses = 3ffe:8280:10:1050::1 10.1.1.1 127.0.0.1 ... However, if I configure this line as: ... [kdc] addresses = 10.1.1.1 127.0.0.1 3ffe:8280:10:1050::1 ... It will fail! Apparently there is some process that depends on the order of the entries. I classify this as a bug, the documentation does not mention there is any order dependency in here. Related to this are some confusing error messages (in the second scenario): Nov 28 23:41:30 hydrogen kdc[98309]: bind IPv6:3ffe:8280:10:1050::1/88: /var/heimdal/kdc.conf:0: can not open file Nov 28 23:41:30 hydrogen kdc[98309]: bind IPv6:3ffe:8280:10:1050::1/88: Can't assign requested addre ss Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:10.1.1.1 port 88/udp Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:127.0.0.1 port 88/udp Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:10.1.1.1 port 88/tcp Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:127.0.0.1 port 88/tcp The last four lines are normal, listening to the IPv4 ports is working. The first two lines confuse me. The first warning seems to be some cached warning about the configuration file, but this does not have to do anything with the ipv6 binding. (FYI, i only use /etc/krb5.conf, there is no /var/heimdal/kdc.conf file, all [kdc] entries are in /etc/krb5.conf) Fix: Workaround: list the ipv6 addresses first (could be a doc workaround). How-To-Repeat: Install heimdal kerberos on -STABLE, specify specific listening addresses and list the ipv6 address last.