From ec73b417f23352c66634b1c5fe598d451e12ee89 Mon Sep 17 00:00:00 2001 From: Julian Brost Date: Fri, 6 Aug 2021 10:43:38 +0200 Subject: [PATCH] ApiListener: Choose bind host default based on OS IPv6 support --- doc/09-object-types.md | 2 +- doc/17-language-reference.md | 2 +- lib/base/configuration.cpp | 15 ++++++++++++++- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/doc/09-object-types.md b/doc/09-object-types.md index b1273516c..554b8f794 100644 --- a/doc/09-object-types.md +++ b/doc/09-object-types.md @@ -1095,7 +1095,7 @@ Configuration Attributes: ca\_path | String | **Deprecated.** Path to the CA certificate file. ticket\_salt | String | **Optional.** Private key for [CSR auto-signing](06-distributed-monitoring.md#distributed-monitoring-setup-csr-auto-signing). **Required** for a signing master instance. crl\_path | String | **Optional.** Path to the CRL file. - bind\_host | String | **Optional.** The IP address the api listener should be bound to. If not specified, the ApiListener is bound to `::` and listens for both IPv4 and IPv6 connections. + bind\_host | String | **Optional.** The IP address the api listener should be bound to. If not specified, the ApiListener is bound to `::` and listens for both IPv4 and IPv6 connections or to `0.0.0.0` if IPv6 is not supported by the operating system. bind\_port | Number | **Optional.** The port the api listener should be bound to. Defaults to `5665`. accept\_config | Boolean | **Optional.** Accept zone configuration. Defaults to `false`. accept\_commands | Boolean | **Optional.** Accept remote commands. Defaults to `false`. diff --git a/doc/17-language-reference.md b/doc/17-language-reference.md index 7d732427e..02c49fd4c 100644 --- a/doc/17-language-reference.md +++ b/doc/17-language-reference.md @@ -504,7 +504,7 @@ Environment |**Read-write.** The name of the Icinga environment. Include RunAsUser |**Read-write.** Defines the user the Icinga 2 daemon is running as. Set in the Icinga 2 sysconfig. RunAsGroup |**Read-write.** Defines the group the Icinga 2 daemon is running as. Set in the Icinga 2 sysconfig. MaxConcurrentChecks |**Read-write.** The number of max checks run simultaneously. Defaults to `512`. -ApiBindHost |**Read-write.** Overrides the default value for the ApiListener `bind_host` attribute. Defaults to `::`. +ApiBindHost |**Read-write.** Overrides the default value for the ApiListener `bind_host` attribute. Defaults to `::` if IPv6 is supported by the operating system and to `0.0.0.0` otherwise. ApiBindPort |**Read-write.** Overrides the default value for the ApiListener `bind_port` attribute. Not set by default. #### Application Runtime Constants diff --git a/lib/base/configuration.cpp b/lib/base/configuration.cpp index 51486e41c..93996ba60 100644 --- a/lib/base/configuration.cpp +++ b/lib/base/configuration.cpp @@ -8,7 +8,20 @@ using namespace icinga; REGISTER_TYPE(Configuration); -String Configuration::ApiBindHost{"::"}; +String Configuration::ApiBindHost = []() { +#ifndef _WIN32 + // Automatically fall back to an IPv4 default if socket() tells us that IPv6 is not supported. + int fd = socket(AF_INET6, SOCK_STREAM, 0); + if (fd < 0 && errno == EAFNOSUPPORT) { + return "0.0.0.0"; + } else if (fd >= 0) { + close(fd); + } +#endif /* _WIN32 */ + + return "::"; +}(); + String Configuration::ApiBindPort{"5665"}; bool Configuration::AttachDebugger{false}; String Configuration::CacheDir;