Home Explore Help
Sign In
miti
/
graphene
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[Pal/{Linux,Linux-SGX}] Remove IPV6_V6ONLY flag on socket creation

Previously, PALs in Graphene set IPV6_V6ONLY = 1 on socket creation
in case of IPv6 protocol. This setting made Graphene silently ignore
connection requests from IPv4 clients. In particular, this made
Apache web server with SSL/TLS unresponsive to clients. There is no
reason to have this explicit setting, so this commit removes it.
Dmitrii Kuvaiskii 4 years ago
parent
b3cffe4f39
commit
b947fd400a
2 changed files with 1 additions and 30 deletions
Split View Show Diff Stats
  1. 1 10
      Pal/src/host/Linux-SGX/sgx_enclave.c
  2. 0 20
      Pal/src/host/Linux/db_sockets.c

+ 1 - 10
Pal/src/host/Linux-SGX/sgx_enclave.c
View File 

@@ -290,11 +290,7 @@ static int sgx_ocall_listen(void * pms)
 
         goto err;
 
 
     fd = ret;
 
-    if (ms->ms_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only,
 
-                       sizeof(int));
 
-    }
 
+
 
     /* must set the socket to be reuseable */
 
     int reuseaddr = 1;
 
     INLINE_SYSCALL(setsockopt, 5, fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr,
 
@@ -369,11 +365,6 @@ static int sgx_ocall_connect(void * pms)
 
         goto err;
 
 
     fd = ret;
 
-    if (ms->ms_addr && ms->ms_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only,
 
-                       sizeof(int));
 
-    }
 
 
     if (ms->ms_bind_addr && ms->ms_bind_addr->sa_family) {
 
         ret = INLINE_SYSCALL(bind, 3, fd, ms->ms_bind_addr,

+ 0 - 20
Pal/src/host/Linux/db_sockets.c
View File 

@@ -348,11 +348,6 @@ static int tcp_listen(PAL_HANDLE* handle, char* uri, int options) {
 
     if (IS_ERR(fd))
 
         return -PAL_ERROR_DENIED;
 
 
-    if (bind_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(int));
 
-    }
 
-
 
     /* must set the socket to be reuseable */
 
     int reuseaddr = 1;
 
     INLINE_SYSCALL(setsockopt, 5, fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(int));
 
@@ -480,11 +475,6 @@ static int tcp_connect(PAL_HANDLE* handle, char* uri, int options) {
 
         }
 
     }
 
 
-    if (dest_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(int));
 
-    }
 
-
 
     ret = INLINE_SYSCALL(connect, 3, fd, dest_addr, dest_addrlen);
 
 
     if (IS_ERR(ret) && ERRNO(ret) == EINPROGRESS) {
 
@@ -635,11 +625,6 @@ static int udp_bind(PAL_HANDLE* handle, char* uri, int options) {
 
     if (IS_ERR(fd))
 
         return -PAL_ERROR_DENIED;
 
 
-    if (bind_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(int));
 
-    }
 
-
 
     ret = INLINE_SYSCALL(bind, 3, fd, bind_addr, bind_addrlen);
 
 
     if (IS_ERR(ret)) {
 
@@ -694,11 +679,6 @@ static int udp_connect(PAL_HANDLE* handle, char* uri, int options) {
 
     if (IS_ERR(fd))
 
         return -PAL_ERROR_DENIED;
 
 
-    if (dest_addr && dest_addr->sa_family == AF_INET6) {
 
-        int ipv6only = 1;
 
-        INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(int));
 
-    }
 
-
 
     if (bind_addr) {
 
         ret = INLINE_SYSCALL(bind, 3, fd, bind_addr, bind_addrlen);