DatagramChannel::disconnect appears to rebind socket to the wildcard address
Kurt Miller
kurt at intricatesoftware.com
Thu Sep 26 12:15:45 UTC 2019
On Thu, 2019-09-26 at 07:38 +0100, Alan Bateman wrote:
> Thanks. One other issue that was found by the same combo test is
> JDK-8231258 [1] and it may be of interest. It's a somewhat nonsensical
> scenario but appears to demonstrates an issue on macOS where getsockname
> returns an expected local address. I don't know if it arises with
> OpenBSD or other BSDs.
>
> The scenario is an IPv6 UDP socket. IPV6_V6ONLY is disabled so dual
> stack. The socket is bound to a local IPv4 address (using an IPv4-mapped
> IPv6 address). The socket is connected to an IPv6 address. At this
> point, getsockname returns an IPv4 compatible IPv6 address (as in
> ::<ip4address>) rather than an IPv4-mapped IPv6 address (as in
> ::ffff:<ip4address>). It would be surprising if anything real world
> would create this same scenario, instead it's something that a test
> exercise all combinations of bind/connect finds.
Hi Alan,
This one I don't have any insight into. OpenBSD is like Windows
where it does not support IPv4-mapped IPv6 address at all. There
is no way to enable it with a knob (sysctl). Since the networking
implementation in the JVM on the Unix side of things depends on
this, OpenBSD can't support both IPv4 and IPv6 at the same time.
Ideally the dual socket implementation on the Windows side would
be utilized on the Unix side as well. The would allow for avoiding
the (perhaps debatable) security issues associated IPv4-mapped
IPv6 addresses that were raised by one of the initial pioneers of
IPv6, Itojun (Jun-ichiro Hagino) [1].
I believe both FreeBSD and NetBSD have sysctl's to enable IPv4-mapped
IPv6 address support, but is a system wide setting and puts an
administrator in the position of having to enable a less secure
setting to gain simultaneous IPv4 and IPv6 support in the JVM.
Sorry I've gone off on a tangent here, but I felt it was related
and perhaps could point out that the dual socket approach
on the Windows side of the JVM networking implementation would
likely be helpful for the Unix side as well.
Regards,
-Kurt
[1] https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02
More information about the bsd-port-dev
mailing list