[RFC] CIFS: Make sure IPv6 host uses numeric scope

Mon Sep 26 17:13:37 UTC 2016

On Mon, Sep 19, 2016 at 2:59 PM,  <"\"Per Forlin <per.forlin"@axis.com> wrote:
> From: Per Förlin <perfn at axis.com>
>
> Package: busybox
> Version: master (1_25_0+)
> Severity: medium
>
> The purpose of this draft patch is to highlight an
> issue concerning address scope in IPv6 and CIFS kernel implementation.
>
> Without this patch the following command fails:
> mount -t cifs //fe80::6a05:caff:fe3e:dbf5%eth0/test test

Uh oh.
I hoped to never need to learn what that thing is...

> Based on this post
> http://patchwork.sourceware.org/patch/1629/
> it seems like this topic has been up for discussion before.
> However it looks like the NI_NUMERICSCOPE flag for getnaminfo()
> never made it to glibc.
>
> getnameinfo() always returns the address scope using the
> name representation but the CIFS kernel implementation
> expects a numeric scope ID.

getnameinfo() returns *what* using the name representation?

"man getnameinfo" has precious little to reveal when I grep for "scope":

       Tatsuya Jinmei and Atsushi Onoe, An Extension  of  Format  for  IPv6
Scoped  Addresses,  internet  draft,  work  in  progress
ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipngwg-scopedaddr-format-02.txt

And that link is dead....

You looked at the problem for some time and what you probably
forgot is that your targeted audience _did not_ look at this problem,
and has little clue what you are talking about.

So. What you probably mean by thins is that struct sockaddr_in6 is:

           struct sockaddr_in6 {
               sa_family_t     sin6_family;   /* AF_INET6 */
               in_port_t       sin6_port;     /* port number */
               uint32_t        sin6_flowinfo; /* IPv6 flow information */
               struct in6_addr sin6_addr;     /* IPv6 address */
               uint32_t        sin6_scope_id; /* Scope ID (new in 2.4) */
           };

and whereas sin6_flowinfo is mostly harmless (looks like QoS thingy),
the sin6_scope_id is *not*. It is a part of the actual addresss, apparently,
and used to select the interface when machine has link-local IPv6
addresses, and therefore specifying just IPv6 address does not
remove the ambiquity.

(I have a feeling where does this go. Any admin clueless enough to set up
his network so that people *have to* use these iface suffixes to
get their programs to connect, will have some unpleasant and possibly even
physical interactions with his colleagues. This in time will make
this thing obsolete).

> There are different ways to approach this.

Approach _what_? Let's see

"mount -t cifs //fe80::6a05:caff:fe3e:dbf5%eth0/test test"

inserts "ip=..." option into kernel mount options, and since kernel
doesn't do DNS (I sure hope it still does not!), the IP must be numeric.
Okay up to now.

With IPv6 and scope_id, we need to also append scope id?
Also in numeric form? What is that form? XXXX:XXXX:..:XXXX%<decnum>
where <decnum> is interface id?