[sslh] SSLH 1.16 issue: Cannot bind for IPv4 and IPv6 simultaneously

[Maddes]

On 26.02.2015 11:14, Yves Rutschle wrote:
> Hi Matthias,
> 
> On Wed, Feb 25, 2015 at 10:39:08PM +0100, Matthias Buecher / Germany wrote:
>> I want to bind SSLH to port 444 for an all IP addresses of IPv4 and IPv6.
>> So I used "-p 0.0.0.0:444 -p :::444" but this fails as it says that port
>> 444 is already bound.
>> If I check with netstat then there's nothing on port 444 bound.
>> And when I start 2 instances, one for IPv4 and the other for IPv6, then
>> second fails too.
> 
> According to another Matt, it works:
> http://rutschle.net/pipermail/sslh/2015-February/000569.html
> 
> I don't usually bind to 0.0.0.0 but are you sure that
> doesn't also bind the IPv6 addresses? That would explain
> your behaviour...
> 
> Either way, it's worth trying to bind each IP address
> explicitely.
> 
> Cheers,
> Y.

Salut Yves,

personal constraints kept me away from most nerdy things, so sorry for
this very late reply.

Dear all,

I just setup a Debian 8 "Jessie" based system recently and experienced
the same issue.
Using "--listen 0.0.0.0:444" and "--listen :::444" in one or two
separate instances will fail for the second listen option.

The post from Matt Smith in Feb 2015 you mentioned uses two explicit
IPs, while I want SSLH to listen to all IPv4 and IPv6 addresses.

When using "--listen 0.0.0.0:444" it only binds to all IPv4 addresses,
but not to any IPv6 address.
netstat only show SSLH listening on tcp 444, but not on tcp6 444.
For "--listen :::444" it's the other way around.

I would assume that the IP determination within SSLH has a small glitch,
but did not have a look at the code myself yet.

Kind regards
Maddes