ikos server doesn't listen on IPv6, resulting in hangs #158
Comments
|
Interestingly, there is no mention of IPv4 or IPv6 in the code. The server is handled by ikos/analyzer/python/ikos/scan.py Line 631 in 72c70c7 The client is ikos/analyzer/python/ikos/scan.py Line 592 in 72c70c7 As a quick fix, try using ikos/analyzer/python/ikos/scan.py Line 902 in 72c70c7 I won't be able to commit on this project until I get the approval from my new employer. |
|
There are two files we'd have to change: At least on linux, creating a subclass of |
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4.
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported.
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4.
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported.
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4.
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported.
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4.
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported.
|
@valpackett Could you please check if #229 solves your issue? The PR is marked as a draft but that's just so that it's not merged accidentally before you try it. |
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4.
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported.
|
Woah, it's been 3 years! I haven't really been using ikos lately… Interestingly I cannot reproduce the hang, not sure what changed where, but v6 errors out on an ioctl instead of hanging and it goes to v4: With #229 it does connect over v6 in the end: I'm a bit concerned about how #229 would behave on a v4-only system though. Maybe would be better to ask @yurivict who maintains the package in FreeBSD Ports right now for more testing :) I have found an unrelated issue though.. (#230) |
On a system with no support for IPv6, it'll give you the following error: $ ikos-view output.db
[ERROR] Could not start the HTTP server: [Errno 97] Address family not supported by protocolIt should be trivial to catch this exception and try IPv4 as a fallback, if that (IPv4-only OSs) is a scenario we care to support. |
This commit re-defines the IPv6 HTTP server class to attempt to open a server listing only on IPv4 if IPv6 is not available.
This commit adds a new class HTTPServerIPv6 that inherits from HTTPServer, but selects IPv6. In systems with dual stack (e.g., default on linux), opening a server in IPv6 also listens in IPv4. [ci skip]
This commit replaces uses of HTTPServer, which by default only listens in IPv4 interfaces, with calls to a custom class HTTPServerIPv6, which listens to IPv6, as well as IPv4 whenever dual-stack is supported. [ci skip]
This commit re-defines the IPv6 HTTP server class to attempt to open a server listing only on IPv4 if IPv6 is not available. [ci skip]
Cannot import OSError from os. [ci skip]
Use self to refer to the object variable. Otherwise, it's just a new variable. [ci skip]
…name (NASA-SW-VnV#158). Use super().__init__. Will keep working even if we inherit from something else. [ci skip]
|
I have updated my PR to also handle the case where the machine only supports IPv4. I have tried it with a linux machine with IPv6 enabled and with no IPv6 (disabled at kernel level during book using Please try it @valpackett . I intend to merge that PR and close this issue in a few days if we can't identify any cases for which it doesn't work. (I'll squash/clean the changes before I merge.) Thanks. |
Cannot import OSError from os. [ci skip]
Use self to refer to the object variable. Otherwise, it's just a new variable. [ci skip]
…name (NASA-SW-VnV#158). Use super().__init__. Will keep working even if we inherit from something else. [ci skip]
This commit makes ikos-scan and ikos-view use IPv6 when available. More specifically, it replaces uses of HTTPServer, which by default only listens on IPv4 interfaces, with calls to a custom class HTTPServerIPv6. The latter listens on IPv6 when available, as well as IPv4 whenever dual-stack is supported. If IPv6 is not available, the server defaults to the old behavior implemented by HTTPServer. [ci skip]
This commit makes ikos-scan and ikos-view use IPv6 when available. More specifically, it replaces uses of HTTPServer, which by default only listens on IPv4 interfaces, with calls to a custom class HTTPServerIPv6. The latter listens on IPv6 when available, as well as IPv4 whenever dual-stack is supported. If IPv6 is not available, the server defaults to the old behavior implemented by HTTPServer.
This commit makes ikos-scan and ikos-view use IPv6 when available. More specifically, it replaces uses of HTTPServer, which by default only listens on IPv4 interfaces, with calls to a custom class HTTPServerIPv6. The latter listens on IPv6 when available, as well as IPv4 whenever dual-stack is supported. If IPv6 is not available, the server defaults to the old behavior implemented by HTTPServer.
This commit makes ikos-scan and ikos-view use IPv6 when available. More specifically, it replaces uses of HTTPServer, which by default only listens on IPv4 interfaces, with calls to a custom class HTTPServerIPv6. The latter listens on IPv6 when available, as well as IPv4 whenever dual-stack is supported. If IPv6 is not available, the server defaults to the old behavior implemented by HTTPServer.
|
I have cleaned and prepared the PR for merging. If you try it, let me know how it goes. |
In an environment created by
ikos-scan,IKOS_SCAN_SERVERis set likehttp://localhost:8433.On a dualstack system,
localhostusually resolves to both V4 and V6 addresses. E.g. curl tries both:The ikos server only listens on V4:
But the
ikos-scan-ccclient tries to access V6:and hangs. (This is on FreeBSD.)
The text was updated successfully, but these errors were encountered: