[krbdev.mit.edu #8530] KDC/kadmind explicit wildcard listener addresses do not use pktinfo
Richard Basch via RT
rt-comment at krbdev.mit.edu
Sun Jan 8 12:05:54 EST 2017
I will be testing this weekend. Visually, the patch looks correct, though I wonder if pktinfo should be restricted to wildcard-only sockets.
If you bind to 127.0.0.1 but define the interface as 127.0.0.1/8, will it return on the correct address if you direct the query to 127.1.1.1. Certainly, this works with "ping", etc. so the traffic is definitely seen. It's an edge-case which most likely has impacts on systems responding to traffic directed to PtP links and Loopback addresses which do not use /32 masks and I think it is a condition which might not work without pktinfo being attempted. Personally, I suggest just attempting pktinfo for all UDP and not worry if it can't get the info since it will merely use the bound address in that case.
-----Original Message-----
From: Greg Hudson via RT [mailto:rt-comment at krbdev.mit.edu]
Sent: Friday, January 06, 2017 11:49 AM
To: Basch, Richard [Tech]
Subject: [krbdev.mit.edu #8530] KDC/kadmind explicit wildcard listener addresses do not use pktinfo
> I opened https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_krb5_krb5_pull_587&d=DgIBAg&c=7563p3e2zaQw0AB1wrFVgyagb2IE5rTZOYPxLxfZlX4&r=QM_TBIImy6WiEE26nxWZWvqm31sXIWCJn8HIwtrXMTw&m=ZMW6xJexylky1TzSZu5H2q7rwKRv4YFPYxwg1HEWWVk&s=lM2FT5WF38UC0NYU2m0lbvRZvU1M6KDgishGLWrDERk&e= with fixes the two
> issues
> discussed in this ticket.
Richard, do you think you could spare the time to test those patches against your system configuration?
More information about the krb5-bugs
mailing list