krb5 commit [krb5-1.15]: Fix KDC/kadmind startup on some IPv4-only systems

Mon Jan 9 15:30:42 EST 2017

https://github.com/krb5/krb5/commit/552a129fb857e7f6fa734011d69785ad912b3fc5
commit 552a129fb857e7f6fa734011d69785ad912b3fc5
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Dec 26 15:09:24 2016 -0500

    Fix KDC/kadmind startup on some IPv4-only systems
    
    getaddrinfo(NULL, ...) may yield an IPv6 wildcard address on IPv4-only
    systems, and creating a socket for that address may result in an
    EAFNOSUPPORT error.  Tolerate that error as long as we can bind at
    least one socket for the address.
    
    (cherry picked from commit 04c2bb56f5203b296b24314810eca02f5dc7e491)
    
    ticket: 8531
    version_fixed: 1.15.1

 src/lib/apputils/net-server.c |   16 +++++++++++++---
 1 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 171ecc4..d64ffdd 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -834,7 +834,7 @@ setup_addresses(struct socksetup *data)
     };
     krb5_error_code ret = 0;
     size_t i;
-    int err;
+    int err, bound_any;
     struct bind_address addr;
     struct addrinfo hints, *ai_list = NULL, *ai = NULL;
     verto_callback vcb;
@@ -871,8 +871,12 @@ setup_addresses(struct socksetup *data)
          * Loop through all the sockets that getaddrinfo could find to match
          * the requested address.  For wildcard listeners, this should usually
          * have two results, one for each of IPv4 and IPv6, or one or the
-         * other, depending on the system.
+         * other, depending on the system.  On IPv4-only systems, getaddrinfo()
+         * may return both IPv4 and IPv6 addresses, but creating an IPv6 socket
+         * may give an EAFNOSUPPORT error, so tolerate that error as long as we
+         * can bind at least one socket.
          */
+        bound_any = 0;
         for (ai = ai_list; ai != NULL; ai = ai->ai_next) {
             /* Make sure getaddrinfo returned a socket with the same type that
              * was requested. */
@@ -889,9 +893,15 @@ setup_addresses(struct socksetup *data)
                                  _("Failed setting up a %s socket (for %s)"),
                                  bind_type_names[addr.type],
                                  paddr(ai->ai_addr));
-                goto cleanup;
+                if (ret != EAFNOSUPPORT)
+                    goto cleanup;
+            } else {
+                bound_any = 1;
             }
         }
+        if (!bound_any)
+            goto cleanup;
+        ret = 0;
 
         if (ai_list != NULL)
             freeaddrinfo(ai_list);
