sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] IPv4 vs. IPv6? -- Reconciliation attempt from unauthorized h

From: Daniel Kahn Gillmor
Subject: [Sks-devel] IPv4 vs. IPv6? -- Reconciliation attempt from unauthorized host, but host is authorized
Date: Wed, 27 Nov 2013 12:57:05 -0500
User-agent: Notmuch/0.16 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-pc-linux-gnu) 
i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64)
platform.

I see the following situation in the logs of the recon process (this is
just an example, it seems to happen to all my IPv4 peers):

2013-11-27 12:37:17 address for sks-peer.spodhuis.org:11370 changed from [] to 
[<ADDR_INET [2a02:898:31:0:48:4558:73:6b73]:11370>, <ADDR_INET 
[94.142.241.93]:11370>]
2013-11-27 12:37:17 Reconciliation attempt from unauthorized host <ADDR_INET 
[::ffff:94.142.241.93]:54518>.  Ignoring

note that these are actually matching addresses (both are
94.142.241.93), but one is expressed in IPv4-embedded-in-IPv6 address
form.

I note that both messages seem to eventually be calling
Unix.string_of_inet_addr to display the socket, so the fact that they're
presented differently (one prefixed with ::ffff: ) makes me worried that
they're not being compared properly internally either in
Membership.test.

Can anyone with a dual-stack machine (both IPv6 and IPv4) verify a
successful connection from an IPv4-only peer in their recon logs?

           --dkg

Attachment: pgpuxVgH5cyhv.pgp
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]