[stunnel-users] IPv4 and IPv6

• Previous message (by thread): [stunnel-users] IPv4 and IPv6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 31, 2016 at 08:04:24AM +0200, Micha?? Trojnara wrote:
> On 31.05.2016 00:42, Konstantin Belousov wrote:
> > I have a following configuration for the outgoing connection
> > [XXX-1]
> > client = yes
> > accept = 127.0.0.1:1564
> > connect = some-server:9999
> > local = some-other-address
> [cut]
> > The socket was created with INET6 address family, but bind was done for
> > INET AF.
> 
> This is pretty much expected if "some-server:9999" is an IPv6 address
> and "some-other-address" is an IPv4 address.  The "local" option indeed
> cannot handle a mix of IPv4 and IPv6 "connect" addresses.
Usually some-server is the list of addresses, one of them is IPv4, and
another is IPv6. This is the only reasonable way to name dual-stack
host.

> 
> What do you think might be a proper solution?

I would expect that the code which binds the socket for connect(2),
matched the address types before binding. A good implementation needs
to iterate over the results of getaddrinfo(3) for remote host to try to
connect to each returned address. In the same manner, when one outgoing
address is attempted to connect to, the getaddrinfo(3) list for the
local address would be iterated over, and first matched compatible
address selected for binding.

It seems that it is enough to match addrinfo pairs by
ai_family/ai_socktype/ai_protocol, but you might also need to e.g. pay
some attention to filter out IPv4 mapped to IPv6 entries.

I am not sure how much additional plumbing is required to have local
getaddrinfo(3) result in the local_bind().

• Previous message (by thread): [stunnel-users] IPv4 and IPv6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]