[Bug 8060] New: "hosts allow" in rsyncd.conf doesn't handle IPv6 subnets smaller than /64.

samba-bugs at samba.org samba-bugs at samba.org
Tue Apr 5 04:04:18 MDT 2011 

https://bugzilla.samba.org/show_bug.cgi?id=8060

           Summary: "hosts allow" in rsyncd.conf doesn't handle IPv6
                    subnets smaller than /64.
           Product: rsync
           Version: 3.0.8
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: core
        AssignedTo: wayned at samba.org
        ReportedBy: kumba at gentoo.org
         QAContact: rsync-qa at samba.org


So if I read the IPv6 specs right, I can chop a chosen /64 subnet block up
however which way I choose.  This will involve subnets smaller than /64, like
/96 or /120.

So given a IPv6 addressing scheme like fd77:beef::ac10:0/120 (for simplicity
sake, I am ignoring all precepts of ULA and that globally unique mess)
specified in my rsyncd.conf file, then a server in that subnet and a client
cannot talk.

I.e., if an rsyncd server with IPv6 address fd77:beef::ac10:cb6f and an rsync
client with IPv6 address of fd77:beef::ac10:cb9e try to talk, the server will
reject with the following error:

>>> Starting rsync with rsync://[fd77:beef::ac10:cb6f]/gentoo-portage...
>>> Checking server timestamp ...
@ERROR: access denied to gentoo-portage from unknown (fd77:beef::ac10:cb9e)
rsync error: error starting client-server protocol (code 5) at main.c(1506)
[Receiver=3.0.7]
>>> Retrying...
!!! Exhausted addresses for [fd77:beef::ac10:cb6f]


However, if I edit my "hosts allow" line in /etc/rsyncd.conf to be just a /64
(hosts allow = fd77:beef::ac10:0/64, ::1), it works fine:

>>> Starting rsync with rsync://[fd77:beef::ac10:cb6f]/gentoo-portage...
>>> Checking server timestamp ...
receiving incremental file list
timestamp.chk

Number of files: 1
Number of files transferred: 1
Total file size: 32 bytes
Total transferred file size: 32 bytes
Literal data: 32 bytes
Matched data: 0 bytes
File list size: 27
File list generation time: 0.001 seconds
File list transfer time: 0.000 seconds
Total bytes sent: 98
Total bytes received: 134
[snip]


It looks like Samba and rsync share some bits of code.  The flaw seems to be in
rsync's access.c file, and I already tested Samba out and it works fine with
small IPv6 subnets between a Windows box and my main Linux box.  Might it be
possible to just copy that version, with appropriate edits, over into rsync's
code?  Note: I haven't tried this myself yet.

-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the rsync mailing list