Bug 5204 - Fault in Handling IPv6 Addresses in Name Resolution
Fault in Handling IPv6 Addresses in Name Resolution
Status: RESOLVED FIXED
Product: Samba 3.2
Classification: Unclassified
Component: Nmbd
3.2.0
All All
: P3 major
: ---
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-16 06:53 UTC by David Holder
Modified: 2008-02-25 14:34 UTC (History)
0 users

See Also:


Attachments
net ads join -d 10 -U Administrator with IPv6 (31.11 KB, text/plain)
2008-01-16 06:57 UTC, David Holder
no flags Details
Pcap (24.73 KB, application/octet-stream)
2008-01-16 13:28 UTC, David Holder
no flags Details
Strace of the failure (191.71 KB, text/plain)
2008-01-16 14:00 UTC, David Holder
no flags Details
kerberos file (127 bytes, text/plain)
2008-01-16 14:09 UTC, David Holder
no flags Details
Patch (4.78 KB, patch)
2008-01-16 15:14 UTC, Jeremy Allison
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description David Holder 2008-01-16 06:53:47 UTC
Samba 3.2 attempts to resolve names for servers that are a corrupted form of the IPv6 plus the domain name.

For example, when connecting to a Windows Server 2008 server called w2008rc1.s32ip6.com with an IPv6 address of 3000::2 the following happens.

Samba attempts to resolve A and AAAA records for the name [3000.s32ip6.com and yes the name does include a left square bracket at the start.

Attached is a trace. gencache has an entry of [3000::2] this has a key of NBT/S32IP6.COM#1C. However, there is no such thing of NBT over IPv6 so surely this entry should not exist in the first place?

I will attach a trace of an attempt to join a W2008 RC1 domain.
Comment 1 David Holder 2008-01-16 06:57:47 UTC
Created attachment 3099 [details]
net ads join -d 10 -U Administrator with IPv6

This is trace of an attempt to join a W2008 DC that is IPv6 enabled. I was not attempting to join over IPv6 as I cannot currently join over IPv4! However, the DNS lookup errors mentioned in this bug are not restricted to joins. I have observed them when Samba 3.2 is filesharing to Windows Vista Ultimate over IPv6. The common denominator is that the machine Samba is communicating with has an IPv6 address assocaited with its DNS name.
Comment 2 David Holder 2008-01-16 13:28:44 UTC
Created attachment 3101 [details]
Pcap

Pcap wireshark of failure
Comment 3 Jeremy Allison 2008-01-16 13:46:06 UTC
Ok, I took a look at the namecache code. It explicitly strips off the leading and trailing '[' characters when dealing with IPv6 addresses.
Is it possible that the call :


getnameinfo((const struct sockaddr *)psa,
                        psalen,
                        dest, destlen,
                        NULL, 0,
                        NI_NUMERICHOST);

would print an address IPv6 address as [IPv6]:portnumber on some systems ?

Jeremy.
Comment 4 David Holder 2008-01-16 13:58:03 UTC
Jeremy,
> Is it possible that the call :
> getnameinfo((const struct sockaddr *)psa,
>                         psalen,
>                         dest, destlen,
>                         NULL, 0,
>                         NI_NUMERICHOST);
> would print an address IPv6 address as [IPv6]:portnumber on some systems ?
> Jeremy.

No. Should never do this. Especially on Linux which has a pretty reasonable implementation now. It must be something else.

I also did an strace on the failure. I'll load that up too it might help.
Comment 5 David Holder 2008-01-16 14:00:24 UTC
Created attachment 3102 [details]
Strace of the failure

Attached is an strace of the failure (taken with the same parameters and settings as the packet capture).
Comment 6 David Holder 2008-01-16 14:09:48 UTC
Created attachment 3103 [details]
kerberos file
Comment 7 Jeremy Allison 2008-01-16 15:14:16 UTC
Created attachment 3105 [details]
Patch

Took me a little longer than I expected. Here is the patch (applied to the 3.2 git-tree).
Jeremy.
Comment 8 Volker Lendecke 2008-02-25 14:16:34 UTC
Closing this bug -- the patch is pushed. David, Jeremy, please re-open if there's still a problem.

Volker
Comment 9 Volker Lendecke 2008-02-25 14:34:36 UTC
Actually closing