Michael Sweet wrote:
> Nicolás Lichtmaier wrote:
>>> My attached patch differs from his that users must explicitely
>>> enable IPv6 if they want svnserve to listen on an IPv6 socket. It passes
>>> the svncheck and svncheck6 (using --ipv6) on OpenBSD/i386 -current.
>>> Existing IPv6 users of svnserve have to add --ipv6 as option to
>>> svnserve, so for them this patch is a regression.
>> IMO this is not correct. The ipv6 API is designed so that its use is
>> automatic, and people get IPv6 without even knowing about it. Yes,
>> there have been issues now and then, and some programs included a
>> "ipv4-only" switch. But the default should always be the future proof
>> solution. I then propose a "--ipv4-only" switch that could be used
>> when people with weird configurations have trouble...
> FWIW, my experience with CUPS is that it is possible to default to
> IPv6 for typical configurations (listening on all interfaces) and
> disable the IPv6-only mode to allow IPv4 clients to connect as well,
> transparently. The only time this doesn't work is if the user has
> specifically disabled the IPv4-to-IPv6 gateway stuff in the kernel.
> My vote (not that I have one) would be to use the IPV6_V6ONLY socket
> option when it is defined, and to add a --ipv4-only switch as you
> have proposed. That will allow for non-conforming configurations to
> continue working in IPv4-only mode while providing out-of-the-box
> IPv6 support.
The IPV6_V6ONLY socket option will not solve this on OpenBSD,
as may be seen from ip6(4):
IPV6_V6ONLY int *
Get or set whether only IPv6 connections can be made to this
socket. For wildcard sockets, this can restrict connections to
IPv6 only. With OpenBSD IPv6 sockets are always IPv6-only, so
the socket option is read-only (not modifiable).
This is due to security concerns:
To unsubscribe, e-mail: firstname.lastname@example.org
For additional commands, e-mail: email@example.com
Received on Thu Sep 22 20:31:06 2005