whether or not Apache expects to handle IPv4 connections
on IPv6 listening sockets. Either setting will work on
systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
must be used on systems that always allow IPv4 connections on
IPv6 listening sockets.
Note: As the ssl config file is not automatically generated and
it is expected to require editing anyway to work, the only
change there was to suggest the required Listen statements
in a comment.
PR: PR 14037 (Bugzilla), PR 7492 (Gnats), various dups of these PRs
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97516
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.44
+ *) Add --[enable|disable]-v4-mapped configure option to control
+ whether or not Apache expects to handle IPv4 connections
+ on IPv6 listening sockets. Either setting will work on
+ systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
+ must be used on systems that always allow IPv4 connections on
+ IPv6 listening sockets. PR 14037 (Bugzilla), PR 7492 (Gnats)
+ [Jeff Trawick]
+
*) This fixes a problem where the underlying cache code
indicated that there was one more element on the cache
than there actually was. This happened since element 0
APACHE_SUBST(MODULE_DIRS)
APACHE_SUBST(MODULE_CLEANDIRS)
APACHE_SUBST(PORT)
+ APACHE_SUBST(nonssl_listen_stmt_1)
+ APACHE_SUBST(nonssl_listen_stmt_2)
APACHE_SUBST(CORE_IMPLIB_FILE)
APACHE_SUBST(CORE_IMPLIB)
APACHE_SUBST(SH_LIBS)
[if test "$withval" = "yes"; then AC_MSG_ERROR('option --with-port requires a value (the TCP port number)'); else PORT="$withval"; fi],
[PORT=80])
+dnl ## See if APR has IPv6 support
+ap_old_cppflags=$CPPFLAGS
+CPPFLAGS="$CPPFLAGS -I$APR_SOURCE_DIR/include -I$abs_builddir/srclib/apr/include"
+AC_TRY_COMPILE([#include <apr.h>], [
+#if !APR_HAVE_IPV6
+#error APR does not have IPv6 support
+#endif], apr_have_ipv6=yes, apr_have_ipv6=no)
+CPPFLAGS=$ap_old_cppflags
+
+AC_ARG_ENABLE(v4-mapped,APACHE_HELP_STRING(--enable-v4-mapped,Allow IPv6 sockets to handle IPv4 connections),
+[
+ v4mapped=$enableval
+],
+[
+ case $host in
+ *freebsd5*|*netbsd*|*openbsd*)
+ v4mapped=no
+ ;;
+ *)
+ v4mapped=yes
+ ;;
+esac
+])
+
+if test $v4mapped = "yes" -o $apr_have_ipv6 = "no"; then
+ nonssl_listen_stmt_1=""
+ nonssl_listen_stmt_2="Listen @@Port@@"
+ if test $apr_have_ipv6 = "yes"; then
+ AC_DEFINE(AP_ENABLE_V4_MAPPED, 1,
+ [Allow IPv4 connections on IPv6 listening sockets])
+ fi
+else
+ nonssl_listen_stmt_1="Listen 0.0.0.0:@@Port@@"
+ nonssl_listen_stmt_2="Listen [[::]]:@@Port@@"
+fi
+
AC_ARG_ENABLE(maintainer-mode,APACHE_HELP_STRING(--enable-maintainer-mode,Turn on debugging and compile time warnings),
[
APR_ADDTO(CPPFLAGS, -DAP_DEBUG)
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen @@Port@@
+@nonssl_listen_stmt_1@
+@nonssl_listen_stmt_2@
#
# Dynamic Shared Object (DSO) Support
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
+# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
+# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
+#
Listen 443
#
{
apr_socket_t *s = server->sd;
int one = 1;
+#if APR_HAVE_IPV6
+#ifdef AP_ENABLE_V4_MAPPED
+ int v6only_setting = 0;
+#else
+ int v6only_setting = 1;
+#endif
+#endif
apr_status_t stat;
#ifndef WIN32
return stat;
}
+#if APR_HAVE_IPV6
+ stat = apr_socket_opt_set(s, APR_IPV6_V6ONLY, v6only_setting);
+ if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
+ ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
+ "make_sock: for address %pI, apr_socket_opt_set: "
+ "(IPV6_V6ONLY)",
+ server->bind_addr);
+ apr_socket_close(s);
+ return stat;
+ }
+#endif
+
/*
* To send data over high bandwidth-delay connections at full
* speed we must force the TCP window to open wide enough to keep the