/*
- * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
#include "squid.h"
#include "Debug.h"
+#include "ip/Address.h"
#include "ip/tools.h"
#if HAVE_UNISTD_H
void
Ip::ProbeTransport()
{
-#if USE_IPV6
// check for usable IPv6 sockets
int s = socket(PF_INET6, SOCK_STREAM, 0);
if (s < 0) {
debugs(3, 2, "Missing RFC 3493 compliance - attempting split IPv4 and IPv6 stacks ...");
EnableIpv6 |= IPV6_SPECIAL_SPLITSTACK;
#endif
+
+ // Test for IPv6 loopback/localhost address binding
+ Ip::Address ip;
+ ip.setLocalhost();
+ if (ip.isIPv6()) { // paranoid; always succeeds if we got this far
+ struct sockaddr_in6 sin;
+ ip.getSockAddr(sin);
+ if (bind(s, reinterpret_cast<struct sockaddr *>(&sin), sizeof(sin)) != 0) {
+ debugs(3, DBG_CRITICAL, "WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.");
+ EnableIpv6 = IPV6_OFF;
+ } else {
+ debugs(3, 2, "Detected functional IPv6 loopback ...");
+ }
+ }
+
close(s);
+#if USE_IPV6
debugs(3, 2, "IPv6 transport " << (EnableIpv6?"Enabled":"Disabled"));
#else
- debugs(3, 2, "IPv6 transport forced OFF by build parameters.");
- EnableIpv6 = IPV6_OFF;
+ debugs(3, 2, "IPv6 transport " << (EnableIpv6?"Available":"Disabled"));
+ if (EnableIpv6 != IPV6_OFF) {
+ debugs(3, DBG_CRITICAL, "WARNING: BCP 177 violation. IPv6 transport forced OFF by build parameters.");
+ EnableIpv6 = IPV6_OFF;
+ }
#endif
}
+
projects / thirdparty / squid.git / blobdiff