IPv6 handling in SASL LDAP binding

Russ Allbery rra at stanford.edu
Thu Aug 6 11:55:40 EDT 2009


"Xu, Qiang (FXSGSC)" <Qiang.Xu at fujixerox.com> writes:

> For example, the IPv6 address of the Kerberos server is
> "3ffe:2000:0:1:e0be:1872:d4f8:6b2c", and the authentication domain is
> "xcipv6.com". When this IPv6 address is passed in, the address would be
> looked on as in a form of "hostname:port", so would split the address at
> the first colon, and combine it with the domain name, to form an FQDN
> "3ffe.xcipv6.com". Then it would try to resolve this FQDN to get the
> IPv4 address. Of course, the resolving would lead to an error. And SASL
> binding can't go through.

I have no idea if Cyrus SASL supports IPv6 or not, but try using
[3ffe:2000:0:1:e0be:1872:d4f8:6b2c] instead.  The brackets disambiguate
IPv6 address literals from hostnames with ports.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list