winbind not working over IPv6 logs to follow...
Günther any updates on this? Are you able to reproduce it with v3-5-test?
I can reliably reproduce it even with master. Here are some fixes that were required to make it work for a simple setup: http://git.samba.org/?p=gd/samba/.git;a=shortlog;h=master-ipv6 (w2k8r2 ipv6 only, and only ipv6 dns in winbinds resolv.conf)
Must have bit-rotted then, as this used to work. Thanks for your efforts on this ! Jeremy.
Guenther - are these enough to fix it for master and 3.5.x ? I've reviewed the patches, and they look correct to me. (I remember testing an IPv6 kdc address with SLES, so I thought that worked on that distro). If you confirm they're enough, I'll ack the patches and re-assign to Karolin for 3.5.3. Push them to master if they're working for you please. Jeremy.
sorry, this is a blocker. actively testing my patches in more ipv6 networks now.
ok, tests succeeded in another ipv6 network.
Created attachment 5710 [details] v3-5-test: getpeername check
Created attachment 5711 [details] v3-5-test: avoid ipv6 addr in krb5.conf creation
adding http://krbdev.mit.edu/rt/Ticket/Display.html?id=6562#lasttrans which simo found. As it seems, putting ipv6 addresses into krb5.conf is still not supported in MIT krb5 (which reflects testing experiences).
Comment on attachment 5710 [details] v3-5-test: getpeername check Looks good to me.
Comment on attachment 5711 [details] v3-5-test: avoid ipv6 addr in krb5.conf creation Looks good to me. Jeremy.
Re-assigning to Karolin for inclusion in 3.5.x.
As IPv6 support did not work in any of the 3.5 releases, I vote to fix this one for 3.5.4 instead of delaying 3.5.3 which is scheduled for tomorrow. Are there any objections?
(In reply to comment #13) > As IPv6 support did not work in any of the 3.5 releases, I vote to fix this one > for 3.5.4 instead of delaying 3.5.3 which is scheduled for tomorrow. Are there > any objections? Fine by me, really your decision. Jeremy ? Oh and btw. 3.4 has the same problem, backports to follow...
Created attachment 5714 [details] v3-4-test: getpeername check
Created attachment 5715 [details] v3-4-test: avoid ipv6 addr in krb5.conf creation
Karolin, you're the boss on this. If you want to wait until 3.5.4 that's ok with me. Thanks, Jeremy.
The alternative is to delay 3.5.3 for a week or two. Volker
What do the distro maintainers think (Jim, Simo, Guenther - or the debian guys) ? Jeremy.
On the one hand it is a bad regression, on the other it has been around for quite a while. So I think Karolin should decide what's best. We will carry the patch in RHEL until upstream has it and we re-import a new version from upstream.
We are in the same situation. We will not change any delivery schedule of ours based on this, but merely include the patches until the upstream version which we ship contains the fix.
I suggest to stay with the release schedule of 3.5.3 as planed. The release notes should reference this issue and include a pointer to a patch set addressing the issue. This might make the life for vendors a bit more easy.
Pushed patches to v3-5-test. Will be included in 3.5.4, not in 3.5.3. Waiting for review of the 3.4 versions.
Karolin, the v3-4-test patches are really 1:1 to the v3-5-test ones (sorry, I should have pointed out that). So no additional review is needed, IMHO. Thanks a lot of being cautious about these sort of things ;-)
(In reply to comment #24) > Karolin, the v3-4-test patches are really 1:1 to the v3-5-test ones (sorry, I > should have pointed out that). So no additional review is needed, IMHO. Pushed to v3-4-test. Closing out bug report. > Thanks a lot of being cautious about these sort of things ;-) Getting paranoid... ;-) Thanks!