[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Regression in svnserve: IPv6 causes IPv4 not to work [was: Branching for 1.3.]

From: Sigfred Håversen <bsdlist_at_mumak.com>
Date: 2005-09-22 20:26:57 CEST

Michael Sweet wrote:
> Nicolás Lichtmaier wrote:
>
>>
>>> My attached patch differs from his that users must explicitely
>>> enable IPv6 if they want svnserve to listen on an IPv6 socket. It passes
>>> the svncheck and svncheck6 (using --ipv6) on OpenBSD/i386 -current.
>>>
>>> Existing IPv6 users of svnserve have to add --ipv6 as option to
>>> svnserve, so for them this patch is a regression.
>>
>>
>>
>>
>> IMO this is not correct. The ipv6 API is designed so that its use is
>> automatic, and people get IPv6 without even knowing about it. Yes,
>> there have been issues now and then, and some programs included a
>> "ipv4-only" switch. But the default should always be the future proof
>> solution. I then propose a "--ipv4-only" switch that could be used
>> when people with weird configurations have trouble...
>
>
> FWIW, my experience with CUPS is that it is possible to default to
> IPv6 for typical configurations (listening on all interfaces) and
> disable the IPv6-only mode to allow IPv4 clients to connect as well,
> transparently. The only time this doesn't work is if the user has
> specifically disabled the IPv4-to-IPv6 gateway stuff in the kernel.
>
> My vote (not that I have one) would be to use the IPV6_V6ONLY socket
> option when it is defined, and to add a --ipv4-only switch as you
> have proposed. That will allow for non-conforming configurations to
> continue working in IPv4-only mode while providing out-of-the-box
> IPv6 support.
>

The IPV6_V6ONLY socket option will not solve this on OpenBSD,
as may be seen from ip6(4):

http://www.openbsd.org/cgi-bin/man.cgi?query=ip6&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

    IPV6_V6ONLY int *
              Get or set whether only IPv6 connections can be made to this
              socket. For wildcard sockets, this can restrict connections to
              IPv6 only. With OpenBSD IPv6 sockets are always IPv6-only, so
              the socket option is read-only (not modifiable).

This is due to security concerns:

http://mail-index.netbsd.org/tech-net/2003/10/29/0001.html

/Sigfred

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Sep 22 20:31:06 2005

This is an archived mail posted to the Subversion Dev mailing list.