qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 3/5] sockets: ensure we don't accept IPv4 cli

From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH v2 3/5] sockets: ensure we don't accept IPv4 clients when IPv4 is disabled
Date: Mon, 22 May 2017 10:32:41 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 
On 05/19/2017 01:03 PM, Daniel P. Berrange wrote:
> Currently if you disable listening on IPv4 addresses, via the
> CLI flag ipv4=off, we still mistakenly accept IPv4 clients via
> the IPv6 listener socket due to IPV6_V6ONLY flag being unset.
> 
> We must ensure IPV6_V6ONLY is always set if ipv4=off
> 
> This fixes the following scenarios
> 
>   -incoming tcp::9000,ipv6=on
>   -incoming tcp:[::]:9000,ipv6=on
>   -chardev socket,id=cdev0,host=,port=9000,server,nowait,ipv4=off
>   -chardev socket,id=cdev0,host=,port=9000,server,nowait,ipv6=on
>   -chardev socket,id=cdev0,host=::,port=9000,server,nowait,ipv4=off
>   -chardev socket,id=cdev0,host=::,port=9000,server,nowait,ipv6=on
> 
> which all mistakenly accepted IPv4 clients
> 
> Signed-off-by: Daniel P. Berrange <address@hidden>
> ---
>  util/qemu-sockets.c | 40 +++++++++++++++++++++++++++++++---------
>  1 file changed, 31 insertions(+), 9 deletions(-)
> 

Reviewed-by: Eric Blake <address@hidden>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]