[31342] in Kerberos
Re: IPv6 handling in SASL LDAP binding
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Aug 6 11:56:15 2009
To: "kerberos\@mit.edu" <kerberos@mit.edu>
In-Reply-To: <D8C9BC7FFCF8154FB7141EB8DB609C172E71BC1EA0@SGPAPHQ-EXSCC01.dc01.fujixerox.net>
(Qiang Xu's message of "Thu\, 6 Aug 2009 16\:36\:50 +0800")
From: Russ Allbery <rra@stanford.edu>
Date: Thu, 06 Aug 2009 08:55:40 -0700
Message-ID: <87ocqtdjib.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
"Xu, Qiang (FXSGSC)" <Qiang.Xu@fujixerox.com> writes:
> For example, the IPv6 address of the Kerberos server is
> "3ffe:2000:0:1:e0be:1872:d4f8:6b2c", and the authentication domain is
> "xcipv6.com". When this IPv6 address is passed in, the address would be
> looked on as in a form of "hostname:port", so would split the address at
> the first colon, and combine it with the domain name, to form an FQDN
> "3ffe.xcipv6.com". Then it would try to resolve this FQDN to get the
> IPv4 address. Of course, the resolving would lead to an error. And SASL
> binding can't go through.
I have no idea if Cyrus SASL supports IPv6 or not, but try using
[3ffe:2000:0:1:e0be:1872:d4f8:6b2c] instead. The brackets disambiguate
IPv6 address literals from hostnames with ports.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
