Package: gnutls-bin Version: 3.0.22-2 Severity: normal Tags: ipv6 patch On Linux with /proc/sys/net/ipv6/bindv6only == 0 (which is now the default), gnutls-serv cannot listen on ipv6:
$ gnutls-serv -p 5544 Set static Diffie-Hellman parameters, consider --dhparams. HTTP Server listening on IPv4 0.0.0.0 port 5544...done HTTP Server listening on IPv6 :: port 5544...bind() failed: Address already in use Attached patch fixes that: $ ./gnutls-serv -p 5555 Set static Diffie-Hellman parameters, consider --dhparams. HTTP Server listening on IPv4 0.0.0.0 port 5555...done HTTP Server listening on IPv6 :: port 5555...done The patch works both against 3.0.20-3 and 3.0.22-2. -- System Information: Debian Release: wheezy/sid Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gnutls-bin depends on: ii libc6 2.13-35 ii libgmp10 2:5.0.5+dfsg-2 ii libgnutls28 3.0.22-2 ii libhogweed2 2.4-2 ii libidn11 1.25-2 ii libnettle4 2.4-2 ii libopts25 1:5.12-0.1 ii libp11-kit0 0.12-3 ii libtasn1-3 2.13-2 ii zlib1g 1:1.2.7.dfsg-13 gnutls-bin recommends no packages. gnutls-bin suggests no packages. -- no debconf information
Author: Bernhard R. Link <[email protected]> Description: fix failure to listen on ipv6 addresses on Linux With /proc/sys/net/ipv6/bindv6only being 0 by default on Linux, gnutls-serv fails to listen on ipv6 as is first listens on ipv4. This patch sets the socket option to limit the ipv6 listening to ipv6 so it is no longer failing. --- gnutls28-3.0.20.orig/src/serv.c +++ gnutls28-3.0.20/src/serv.c @@ -730,6 +730,17 @@ listen_socket (const char *name, int lis continue; } +#ifdef HAVE_IPV6 + if (ptr->ai_family == AF_INET6) + { + yes = 1; + /* avoid listen on ipv6 addresses failing + * because already listening on ipv4 addresses: */ + setsockopt (s, IPPROTO_IPV6, IPV6_V6ONLY, + (const void *) &yes, sizeof (yes)); + } +#endif + if (socktype == SOCK_STREAM) { yes = 1;

