Project

General

Profile

Feature #678

$SERVER["socket"] to bind to IPv6 by default

Added by Anonymous over 11 years ago. Updated over 1 year ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
core
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Missing in 1.5.x:

Description

I think $SERVER[[socket]] == ":1234" without explicitly specifying the host to bind to, should bind to IPv6 '::' instead of 0.0.0.0 when server.use-ipv6 = "enable" is specified.

I'm well aware that one can use "[[::]]:1234", but the behavior described above makes much more sense to me.

-- intgr

https-bind-to-IPv6.patch (386 Bytes) https-bind-to-IPv6.patch Patch to fix Ticket 678 -- prgaikar Anonymous, 2007-03-22 11:53

Associated revisions

Revision 2cdc017f (diff)
Added by gstrauss over 1 year ago

[config] inherit server.use-ipv6 and server.set-v6only (fixes #678)

inherit server.use-ipv6 and server.set-v6only from global scope
into $SERVER["socket"] blocks

(This potential behavior change was announced with lighttpd 1.4.40)

x-ref:
"$SERVER["socket"] to bind to IPv6 by default"
https://redmine.lighttpd.net/issues/678

History

#1

Updated by Anonymous about 9 years ago

This is not just for HTTPS but for all alternate socket directives.

-- malaiwah

#2

Updated by gstrauss over 1 year ago

  • Description updated (diff)
  • Target version set to 1.4.40

(repeating the issue, with proper brackets for accuracy)

I think `$SERVER["socket"] == ":1234"` without explicitly specifying the host to bind to, should bind to IPv6 '::' instead of 0.0.0.0 when `server.use-ipv6 = "enable"` is specified.

I'm well aware that one can use "[::]:1234", but the behavior described above makes much more sense to me.

-- intgr

This should already work if you specify server.use-ipv6 = "enable" within the $SERVER["socket"] condition.

The actual issue is not inheriting the setting from the global scope. The following patch fixes that, but might surprise people with existing configs who have server.use-ipv6 = "enable" in the global scope, and then do not set server.use-ipv6 = "disable" in $SERVER["socket"] conditionals where IPv4 is desired instead of IPv6-mapped IPv4.

diff --git a/src/configfile.c b/src/configfile.c
index 690713c..094ad83 100644
--- a/src/configfile.c
+++ b/src/configfile.c
@@ -207,8 +207,8 @@ static int config_insert(server *srv) {
                s->ssl_empty_fragments = 0;
                s->ssl_use_sslv2 = 0;
                s->ssl_use_sslv3 = 0;
-               s->use_ipv6      = 0;
-               s->set_v6only    = 1;
+               s->use_ipv6      = (0 != i) srv->config_storage[0]->use_ipv6 : 0;
+               s->set_v6only    = (0 != i) srv->config_storage[0]->set_v6only : 1;
                s->defer_accept  = 0;
 #ifdef HAVE_LSTAT
                s->follow_symlink = 1;

While I do not think that this change would affect a large number of users, and I think that those who have such specific configs with mixed IPv6 and IPv4 addresses will have the knowledge to recognize if this change affects them, backward compatibility with existing configs might mean that this patch will not be accepted into a release.

#3

Updated by gstrauss over 1 year ago

  • Status changed from New to Patch Pending
#4

Updated by stbuehler over 1 year ago

  • Description updated (diff)
  • Assignee deleted (jan)
#5

Updated by stbuehler over 1 year ago

  • Description updated (diff)
#6

Updated by stbuehler over 1 year ago

I'd rather get rid of both options. Maybe we could deprecate them, and show a warning when they are used and also warn that they are not inherited? And remove them in 1.4.41/42?

#7

Updated by gstrauss over 1 year ago

That sounds reasonable. Do I understand this correctly:
  • IPv6 requires an IPv6 address, and IPV6_V6ONLY is always used with IPv6 addresses
  • "[::]" for inaddr6_any (IPv6)
  • missing host (just port ":1234") defaults to IPv4
  • listen to all addresses (IPv4 and IPv6) requires two socket declarations, but admin need not put other config inside the SOCKET condition -- they can share global config

Should we special-case "*" for INADDR_ANY (IPv4)?

#9

Updated by gstrauss over 1 year ago

server.use-ipv6 is used in hints passed to getaddrinfo() if a name is provided instead of an IP address.

server.set-v6only = "enable" can be used to get deterministic behavior regardless of OS config, though OS config can override if set to "disable".

While the use of these flags should be discouraged except for advanced users with very specific config requirements, for the reasons above, I don't think we should remove them.

I do think that applying my patch above for sockets to inherit these settings from the global config is more intuitive to end-users, and so I plan to apply that patch.

#10

Updated by gstrauss over 1 year ago

  • Target version changed from 1.4.40 to 1.4.41
#11

Updated by gstrauss over 1 year ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100

Also available in: Atom