IPv6 handling in SASL LDAP binding
Russ Allbery
rra at stanford.edu
Thu Aug 6 11:55:40 EDT 2009
"Xu, Qiang (FXSGSC)" <Qiang.Xu at fujixerox.com> writes:
> For example, the IPv6 address of the Kerberos server is
> "3ffe:2000:0:1:e0be:1872:d4f8:6b2c", and the authentication domain is
> "xcipv6.com". When this IPv6 address is passed in, the address would be
> looked on as in a form of "hostname:port", so would split the address at
> the first colon, and combine it with the domain name, to form an FQDN
> "3ffe.xcipv6.com". Then it would try to resolve this FQDN to get the
> IPv4 address. Of course, the resolving would lead to an error. And SASL
> binding can't go through.
I have no idea if Cyrus SASL supports IPv6 or not, but try using
[3ffe:2000:0:1:e0be:1872:d4f8:6b2c] instead. The brackets disambiguate
IPv6 address literals from hostnames with ports.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list