From: Ondřej Surý Date: Tue, 20 Aug 2024 09:48:04 +0000 (+0200) Subject: Assume IPV6_V6ONLY is universally available X-Git-Tag: v9.21.3~9^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b273b5726d98d98d53420fdd6d7b899ca92c0d4;p=thirdparty%2Fbind9.git Assume IPV6_V6ONLY is universally available In 2024, IPV6_V6ONLY socket option is either available or the operating system is just not going to be supported. --- diff --git a/lib/isc/include/isc/net.h b/lib/isc/include/isc/net.h index eda799c60d2..322584c3af3 100644 --- a/lib/isc/include/isc/net.h +++ b/lib/isc/include/isc/net.h @@ -211,18 +211,6 @@ isc_net_probeipv6(void); *\li #ISC_R_UNEXPECTED */ -isc_result_t -isc_net_probe_ipv6only(void); -/*%< - * Check if the system's kernel supports the IPV6_V6ONLY socket option. - * - * Returns: - * - *\li #ISC_R_SUCCESS the option is supported for both TCP and UDP. - *\li #ISC_R_NOTFOUND IPv6 itself or the option is not supported. - *\li #ISC_R_UNEXPECTED - */ - isc_result_t isc_net_probe_ipv6pktinfo(void); /* diff --git a/lib/isc/net.c b/lib/isc/net.c index adae0fef83e..d0ab37316bc 100644 --- a/lib/isc/net.c +++ b/lib/isc/net.c @@ -89,7 +89,6 @@ #endif /* HAVE_SYSCTLBYNAME */ -static isc_once_t once_ipv6only = ISC_ONCE_INIT; #ifdef __notyet__ static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; #endif /* ifdef __notyet__ */ @@ -106,7 +105,6 @@ static isc_once_t once = ISC_ONCE_INIT; static isc_result_t ipv4_result = ISC_R_NOTFOUND; static isc_result_t ipv6_result = ISC_R_NOTFOUND; -static isc_result_t ipv6only_result = ISC_R_NOTFOUND; static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; static isc_result_t @@ -200,66 +198,6 @@ isc_net_probeipv6(void) { return ipv6_result; } -static void -try_ipv6only(void) { -#ifdef IPV6_V6ONLY - int s, on; -#endif /* ifdef IPV6_V6ONLY */ - isc_result_t result; - - result = isc_net_probeipv6(); - if (result != ISC_R_SUCCESS) { - ipv6only_result = result; - return; - } - -#ifndef IPV6_V6ONLY - ipv6only_result = ISC_R_NOTFOUND; - return; -#else /* ifndef IPV6_V6ONLY */ - /* check for TCP sockets */ - s = socket(PF_INET6, SOCK_STREAM, 0); - if (s == -1) { - UNEXPECTED_SYSERROR(errno, "socket()"); - ipv6only_result = ISC_R_UNEXPECTED; - return; - } - - on = 1; - if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { - ipv6only_result = ISC_R_NOTFOUND; - goto close; - } - - close(s); - - /* check for UDP sockets */ - s = socket(PF_INET6, SOCK_DGRAM, 0); - if (s == -1) { - UNEXPECTED_SYSERROR(errno, "socket()"); - ipv6only_result = ISC_R_UNEXPECTED; - return; - } - - on = 1; - if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { - ipv6only_result = ISC_R_NOTFOUND; - goto close; - } - - ipv6only_result = ISC_R_SUCCESS; - -close: - close(s); - return; -#endif /* IPV6_V6ONLY */ -} - -static void -initialize_ipv6only(void) { - isc_once_do(&once_ipv6only, try_ipv6only); -} - #ifdef __notyet__ static void try_ipv6pktinfo(void) { @@ -305,12 +243,6 @@ initialize_ipv6pktinfo(void) { } #endif /* ifdef __notyet__ */ -isc_result_t -isc_net_probe_ipv6only(void) { - initialize_ipv6only(); - return ipv6only_result; -} - isc_result_t isc_net_probe_ipv6pktinfo(void) { /* diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 836ee05a853..7902b1a0da9 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -1085,7 +1085,6 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) { isc_interfaceiter_t *iter = NULL; bool scan_ipv4 = false; bool scan_ipv6 = false; - bool ipv6only = true; bool ipv6pktinfo = true; isc_result_t result; isc_netaddr_t zero_address, zero_address6; @@ -1124,15 +1123,11 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) { * packets as the form of mapped addresses unintentionally * unless explicitly allowed. */ - if (scan_ipv6 && isc_net_probe_ipv6only() != ISC_R_SUCCESS) { - ipv6only = false; - log_explicit = true; - } if (scan_ipv6 && isc_net_probe_ipv6pktinfo() != ISC_R_SUCCESS) { ipv6pktinfo = false; log_explicit = true; } - if (scan_ipv6 && ipv6only && ipv6pktinfo) { + if (scan_ipv6 && ipv6pktinfo) { for (le = ISC_LIST_HEAD(mgr->listenon6->elts); le != NULL; le = ISC_LIST_NEXT(le, link)) { @@ -1283,7 +1278,7 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) { * The case of "any" IPv6 address will require * special considerations later, so remember it. */ - if (family == AF_INET6 && ipv6only && ipv6pktinfo && + if (family == AF_INET6 && ipv6pktinfo && listenon_is_ip6_any(le)) { ipv6_wildcard = true;