Centos 7 - Error when ipv6 is enabled #38
Description
Hello,
mod_auth_radius is not working when IPv6 is enabled.
PoC
Interface
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe80::a00:27ff:fef0:72b prefixlen 64 scopeid 0x20<link>
ether 08:00:27:f0:07:2b txqueuelen 1000 (Ethernet)
RX packets 12586 bytes 14295882 (13.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4866 bytes 351827 (343.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
A debug was added to the C script
/* RADIUS utility functions */
static struct in_addr *ip_addr_get(apr_pool_t *p,
const char *hostname)
{
struct hostent *hp;
char logmess[MAXLEN];
snprintf(logmess,MAXLEN-1,"HOSTNAME 001: %s",hostname);
openlog ("debugPOC", LOG_PID, LOG_LOCAL1);
syslog (LOG_INFO, logmess);
closelog ();
if ((hp = gethostbyname(hostname)) != NULL) {
struct in_addr *ipaddr = apr_pcalloc(p, sizeof(struct in_addr));
*ipaddr = *(struct in_addr *)hp->h_addr; /* make a local copy */
return ipaddr;
}
return NULL;
}
When you start the httpd server, a first access is done to the fonction:
Nov 17 16:13:37 debug-Centos7-vm debugPOC[10794]: HOSTNAME 001: 192.168.1.100
Nov 17 16:13:37 debug-Centos7-vm systemd: Started The Apache HTTP Server.
After accessing the webpage, enter user / password and clic Connect, the log is:
Nov 17 16:13:53 debug-Centos7-vm debugPOC[10796]: HOSTNAME 001: fe80::a00:27ff:fef0:72b
The remote hostname is not the same that the one in the config file and changed for the IPv6 local of the first interface.
After disabling IPv6, all good:
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
Nov 17 16:18:19 main-repo debugPOC[10861]: HOSTNAME 001: 192.168.1.100
Nov 17 16:18:19 main-repo systemd: Started The Apache HTTP Server.
Nov 17 16:18:31 main-repo debugPOC[10863]: HOSTNAME 001: 10.0.2.15
Thanks,
Ribellusmt