For those who are concerned ....
for both
* tcpserver and
* sslserver
in the respective packages (ucspi-ssl-0.95b and ucspi-tcp6-1.00a) the 'paranoid' setting will fail - in fact will produce wrong results and will under certain conditions reject a connection - if the incoming protocol is based on IPv4 and a DNS AAAA record has been deployed for the very same FQDN identified by means of the PTR query.
The current versions take care of this and can be found here:
http://fehcom.de/ipnet/ipnet_en.html
The basic reason is, that IPv6 informations do have precedence over IPv4. This needed some tweaking.
regards.
--eh.
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id: EE00CF65
for both
* tcpserver and
* sslserver
in the respective packages (ucspi-ssl-0.95b and ucspi-tcp6-1.00a) the 'paranoid' setting will fail - in fact will produce wrong results and will under certain conditions reject a connection - if the incoming protocol is based on IPv4 and a DNS AAAA record has been deployed for the very same FQDN identified by means of the PTR query.
The current versions take care of this and can be found here:
http://fehcom.de/ipnet/ipnet_en.html
The basic reason is, that IPv6 informations do have precedence over IPv4. This needed some tweaking.
regards.
--eh.
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id: EE00CF65
Attached Files:
-
signature.asc (0.82 KB)