New subject: [Issue 9603] tcp wrappers no longer works with IPv6

1 Jul 2021


      https://bugs.openldap.org/show_bug.cgi?id=9603
Issue ID: 9603
           Summary: tcp wrappers no longer works with IPv6
           Product: OpenLDAP
           Version: 2.5.5
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: toby@inf.ed.ac.uk
  Target Milestone: ---
Hi,
OpenLDAP 2.5.5
Testing on Scientific Linux 7.9
It looks like slapd no longer passes an IPv6 address correctly to tcp wrappers.
Steps to Reproduce: connect to 2.5.5 slapd over IPv6 with tcp-wrappers enabled.
Actual Results: access is always denied
Expected Results: access permitted for IP addresses in /etc/hosts.allow
Additional information:
The problem seems to be that an IPv6 address is passed to hosts_ctl (~line 2324
in servers/slapd/daemon.c) as "[ipv6-address]" (with enclosing '[' and ']')  -
rather than "ipv6-address", e.g. the logged output is:
warning: can't resolve hostname ([2001:630:3c1:212:a2d3:c1ff:fe25:eec3]): Name
or service not known
fd=19 DENIED from unknown ([2001:630:3c1:212:a2d3:c1ff:fe25:eec3]
... when compared to a 2.4.59 slapd:
fd=19 DENIED from unknown (2001:630:3c1:212:a2d3:c1ff:fe25:eec3)
IPv4 connections work OK.
Thanks
Toby Blake
School of Informatics
University of Edinburgh
-- 
You are receiving this mail because:
You are on the CC list for the issue.

[Issue 9603] New: tcp wrappers no longer works with IPv6