OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

Merge sockets 2017/07/11 v3 

-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJZaN6PAAoJEL6G67QVEE/fEbUQAIO9MZiuXOiDj/1Vf+ktddS9
 pLyk7GllP0sMZGnIvI9xUs/iO4EaV8ggfxor8jPylKEOhts5ppkck+iOq6pSzuwa
 9WKtjAxNCfWmwouZfCGCdfW8sXx6T6sbFPQJrPsyKggl7WdS1WtXmsGDzx7LrIXZ
 r0Ox3xIKqqkocFWxupU3MZ8MWbVtGtip6xkzdaz73i5RGxMPTkr/+4cs7+sTZf7F
 GoNeQuUMPIGz5kWLUHBE+D9jOrnp4IJjQISi3i2B+4+S5YOsfdz94+qLqPVkSlww
 zIQla9WiIAtap8b1y4V7+3JmanYhTVNKmvUKEQtTTGDmRgi8gksmGoX32Q4nJXyg
 EK20/ZHfr+VteIpcxwj0+zvfUXJl5lYW1zEBMbdJv9i8v5ZH/kfv3V2LNcedgnke
 BbigZu2AGLZPxMvIQ5BqOmyJTTbasOtVRIOHYKF/j7qr9vZfsYZzkeH8ScB2GOt7
 F10zuEm1qAV6EljxrZd+tdeI/qOXUJUDr6QAfim7KvB6vSHEtmOudqzqNJfDZ1IR
 1ElKLvzFveyKNh4gRWLxbAucVG9R8eBr+tSAih1ZTPUWzrmJCOh8XPq5HLVCb+IT
 MFHavAxy5F1GxzD7z66xZOb7crdx4PGf7UCnj0Af9ivcHJniYH0wrQyWCG6o/Hm1
 KxhC5+bPMw7nKxydrjP3
 =kk0K
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/pull-sockets-2017-07-11-3' into staging

Merge sockets 2017/07/11 v3

# gpg: Signature made Fri 14 Jul 2017 16:09:03 BST
# gpg:                using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/pull-sockets-2017-07-11-3:
  io: preserve ipv4/ipv6 flags when resolving InetSocketAddress
  sockets: ensure we don't accept IPv4 clients when IPv4 is disabled
  sockets: don't block IPv4 clients when listening on "::"
  sockets: ensure we can bind to both ipv4 & ipv6 separately

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2017-07-14 16:13:29 +01:00
parent fbc8ea1ed0 563a3987b9
commit 23f87b9973
2 changed files with 56 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
io/dns-resolver.c
View File

@ -116,8 +116,10 @@ static int qio_dns_resolver_lookup_sync_inet(QIODNSResolver *resolver,
.numeric = true,
.has_to = iaddr->has_to,
.to = iaddr->to,
.has_ipv4 = false,
.has_ipv6 = false,
.has_ipv4 = iaddr->has_ipv4,
.ipv4 = iaddr->ipv4,
.has_ipv6 = iaddr->has_ipv6,
.ipv6 = iaddr->ipv6,
};
(*addrs)[i] = newaddr;

71
util/qemu-sockets.c
View File

@ -104,17 +104,16 @@ NetworkAddressFamily inet_netfamily(int family)
* f t PF_INET6
* t - PF_INET
* t f PF_INET
* t t PF_INET6
* t t PF_INET6/PF_UNSPEC
*
* NB, this matrix is only about getting the necessary results
* from getaddrinfo(). Some of the cases require further work
* after reading results from getaddrinfo in order to fully
* apply the logic the end user wants. eg with the last case
* ipv4=t + ipv6=t + PF_INET6, getaddrinfo alone can only
* guarantee the ipv6=t part of the request - we need more
* checks to provide ipv4=t part of the guarantee. This is
* outside scope of this method and not currently handled by
* callers at all.
* apply the logic the end user wants.
*
* In the first and last cases, we must set IPV6_V6ONLY=0
* when binding, to allow a single listener to potentially
* accept both IPv4+6 addresses.
*/
int inet_ai_family_from_address(InetSocketAddress *addr,
Error **errp)
@ -124,6 +123,23 @@ int inet_ai_family_from_address(InetSocketAddress *addr,
error_setg(errp, "Cannot disable IPv4 and IPv6 at same time");
return PF_UNSPEC;
}
if ((addr->has_ipv6 && addr->ipv6) && (addr->has_ipv4 && addr->ipv4)) {
/*
* Some backends can only do a single listener. In that case
* we want empty hostname to resolve to "::" and then use the
* flag IPV6_V6ONLY==0 to get both protocols on 1 socket. This
* doesn't work for addresses other than "", so they're just
* inevitably broken until multiple listeners can be used,
* and thus we honour getaddrinfo automatic protocol detection
* Once all backends do multi-listener, remove the PF_INET6
* branch entirely.
*/
if (!addr->host || g_str_equal(addr->host, "")) {
return PF_INET6;
} else {
return PF_UNSPEC;
}
}
if ((addr->has_ipv6 && addr->ipv6) || (addr->has_ipv4 && !addr->ipv4)) {
return PF_INET6;
}
@ -208,22 +224,43 @@ static int inet_listen_saddr(InetSocketAddress *saddr,
}
socket_set_fast_reuse(slisten);
#ifdef IPV6_V6ONLY
if (e->ai_family == PF_INET6) {
/* listen on both ipv4 and ipv6 */
const int off = 0;
qemu_setsockopt(slisten, IPPROTO_IPV6, IPV6_V6ONLY, &off,
sizeof(off));
}
#endif
port_min = inet_getport(e);
port_max = saddr->has_to ? saddr->to + port_offset : port_min;
for (p = port_min; p <= port_max; p++) {
#ifdef IPV6_V6ONLY
/*
* Deals with first & last cases in matrix in comment
* for inet_ai_family_from_address().
*/
int v6only =
((!saddr->has_ipv4 && !saddr->has_ipv6) ||
(saddr->has_ipv4 && saddr->ipv4 &&
saddr->has_ipv6 && saddr->ipv6)) ? 0 : 1;
#endif
inet_setport(e, p);
#ifdef IPV6_V6ONLY
rebind:
if (e->ai_family == PF_INET6) {
qemu_setsockopt(slisten, IPPROTO_IPV6, IPV6_V6ONLY, &v6only,
sizeof(v6only));
}
#endif
if (bind(slisten, e->ai_addr, e->ai_addrlen) == 0) {
goto listen;
}
#ifdef IPV6_V6ONLY
/* If we got EADDRINUSE from an IPv6 bind & V6ONLY is unset,
* it could be that the IPv4 port is already claimed, so retry
* with V6ONLY set
*/
if (e->ai_family == PF_INET6 && errno == EADDRINUSE && !v6only) {
v6only = 1;
goto rebind;
}
#endif
if (p == port_max) {
if (!e->ai_next) {
error_setg_errno(errp, errno, "Failed to bind socket");
@ -603,16 +640,12 @@ int inet_parse(InetSocketAddress *addr, const char *str, Error **errp)
error_setg(errp, "error parsing IPv6 address '%s'", str);
return -1;
}
addr->ipv6 = addr->has_ipv6 = true;
} else {
/* hostname or IPv4 addr */
if (sscanf(str, "%64[^:]:%32[^,]%n", host, port, &pos) != 2) {
error_setg(errp, "error parsing address '%s'", str);
return -1;
}
if (host[strspn(host, "0123456789.")] == '\0') {
addr->ipv4 = addr->has_ipv4 = true;
}
}
addr->host = g_strdup(host);