Bug 45830 - [kerberos] KDC has problems when listening to IPv6 and IPv4 addresses
Summary: [kerberos] KDC has problems when listening to IPv6 and IPv4 addresses
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 4.7-PRERELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-11-28 22:50 UTC by Michel Oosterhof
Modified: 2020-10-09 02:18 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michel Oosterhof 2002-11-28 22:50:02 UTC
I'm trying to run the kdc (heimdal kerberos daemon), on a specific ipv6 address (and 2 ipv4 addresses).
This works, if i specify the following in /etc/krb5.conf

...
[kdc]
        addresses = 3ffe:8280:10:1050::1 10.1.1.1 127.0.0.1
...

However, if I configure this line as: 

...
[kdc]
        addresses = 10.1.1.1 127.0.0.1 3ffe:8280:10:1050::1 
...

It will fail! Apparently there is some process that depends on the order of the entries.
I classify this as a bug, the documentation does not mention there is any order
dependency in here.

Related to this are some confusing error messages (in the second scenario):

Nov 28 23:41:30 hydrogen kdc[98309]: bind IPv6:3ffe:8280:10:1050::1/88: /var/heimdal/kdc.conf:0: can
not open file
Nov 28 23:41:30 hydrogen kdc[98309]: bind IPv6:3ffe:8280:10:1050::1/88: Can't assign requested addre
ss
Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:10.1.1.1 port 88/udp
Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:127.0.0.1 port 88/udp
Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:10.1.1.1 port 88/tcp
Nov 28 23:41:30 hydrogen kdc[98309]: listening on IPv4:127.0.0.1 port 88/tcp

The last four lines are normal, listening to the IPv4 ports is working. The first two lines
confuse me. The first warning seems to be some cached warning about the configuration file, 
but this does not have to do anything with the ipv6 binding. (FYI, i only use /etc/krb5.conf, 
there is no /var/heimdal/kdc.conf file, all [kdc] entries are in /etc/krb5.conf)

Fix: 

Workaround: list the ipv6 addresses first (could be a doc workaround).
How-To-Repeat:  
Install heimdal kerberos on -STABLE, specify specific listening addresses and list the ipv6 
address last.
Comment 1 Michel Oosterhof 2002-11-28 22:55:03 UTC
My initial report is missing one detail, when I do specify them in the order with
the ipv6 address first, the KDC will attempt to bind to 2 addresses, port 88 for UDP
and TCP. UDP succeeds, but TCP fails. This generates the following two log messages:

Nov 28 23:48:53 hydrogen kdc[98434]: listening on IPv6:3ffe:8280:10:1050::1 port 88/udp
Nov 28 23:48:53 hydrogen kdc[98434]: bind IPv6:3ffe:8280:10:1050::1/88: /var/heimdal/kdc.conf:0: can
not open file
Comment 2 Tilman Keskinoz freebsd_committer 2004-07-23 14:28:50 UTC
Responsible Changed
From-To: freebsd-bugs->nectar

over to heimdal maintainer
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2006-03-24 05:46:02 UTC
Responsible Changed
From-To: nectar->freebsd-bugs

Reset assignee; nectar is away from FreeBSD work at the moment.
Comment 4 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:40 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 5 Archit Shah 2020-10-09 02:18:50 UTC
Cannot reproduce on 12.1-RELEASE.  I used simple krb5.conf files:

[kdc]
        addresses = 2605:2700:0:1:abcd:1:2:3 127.0.0.1 12.23.34.45 

and

[kdc]
        addresses = 127.0.0.1 12.23.34.45 2605:2700:0:1:abcd:1:2:3