Today's accomplishment: got sufficiently irritated by Go failing self-tests on stock FreeBSD systems that I finally filed a report on the second issue: https://github.com/golang/go/issues/77411
The first issue on stock FreeBSD is https://github.com/golang/go/issues/70702
It's very obvious that approximately nobody runs Go's all.bash on real FreeBSD systems. At best it is "tested" on Go's builder machines, which are clearly non-standard in multiple ways.
My "Go failing selftests for its net package on FreeBSD" issue¹ turns out to be specific to FreeBSD 15. Evidently there's some networking change that is doing something different from what Go is counting on. If I'm energetic, I can peruse FreeBSD changelogs and stuff.
(It's possible all of the failures involve IPv6 / IPv4 interactions.)
I believe I've found the FreeBSD 15 networking change that breaks Go's net package self-tests, and it's an interesting one¹. As described in the release notes²:
Making a connection to INADDR_ANY, i.e., using it as an alias for localhost, is now disabled by default. This functionality can be re-enabled by setting the net.inet.ip.connect_inaddr_wild sysctl to 1.
I can see the point, even though this is a behavior change.
¹ https://cgit.freebsd.org/src/commit/?id=cd240957d7ba
² https://www.freebsd.org/releases/15.0R/relnotes/#network-general
For proper credit (or if you prefer, blame), I learned about 'ssh 0' from a comment @lyda left on my techblog. But now that I've seen it I can't unsee it. What else will accept '0' as a hostname? Feel free to try it today.
(Firefox will, it looks like.)
Bonus round: this 'ssh 0' behavior also works for the IPv6 equivalent, 'ssh ::0' or 'ssh ::'. That means it will probably also work in browsers.
Surprise: blocking DNS rebinding to localhost requires screening out more than 127/8 and ::1 answers. This is my face.
Everything that can accept human-readable IPv4 addresses in place of hostnames, and that does so by using the conventional C library inet_aton() or inet_pton() functions.
A single (32-bit) number has been an accepted human-readable form from the start, back in the 4.3BSD days. It's a thing that gets regularly rediscovered.
(Bernstein's networking tools use a ip4_scan() function that only supports strict 4-decimal-numbers form. But several of them special case and re-map the string "0" before calling this function. libowfat's scan_ip4() is similar to ip4_scan(). As is ip4_scan() in @ska's libstddjb.)
This and three other accepted formats are explained in all of the #FreeBSD, #OpenBSD, #NetBSD, and Linux GNU libc manual pages. They also explain why 0x00000000 and 0x7F000001 and 0177.1 will work as IPv4 addresses with such programs.
@JdeBP @cks @lyda @ska and it seems as part of the ASR resolver within libc getaddrinfo() will call inet_pton rather than inet_aton — see sockaddr_from_str — this is why e.g. “ssh 0” gives a “no address associated with name” error. This looks like it’s been around for ~14 years, so this hasn’t worked on OpenBSD for a long time.
Of course because it doesn’t special case numeric addresses putting:
localhost 127.0.0.1 0
in /etc/hosts works. But don’t do that.
@dgl @JdeBP @lyda @ska Actually I believe connecting to 0.0.0.0 itself does still work on OpenBSD (or at least it does in testing for me). You need a tool and a tool environment that will do it (which stock OpenBSD SSH doesn't seem to), but given such a tool¹ it appears to work.
¹ I use https://github.com/siebenmann/call but that's because I wrote it, and also it's in Go so it bypasses some of the OpenBSD C library restrictions on what it will map to 0.0.0.0.
@dgl @JdeBP @lyda @ska Oh, nice. I tried to find something doing that in the net package but clearly didn't look deeply enough. That hopefully means fixing it for FreeBSD might be feasible for Go 1.26, or maybe 1.26.1.
(I was thinking it was going to need major changes which would definitely be a no-go for 1.26.)
The special case explains why my Go program worked, oops; I was assuming it used INADDR_ANY when Go is cleverer.
In the majority of cases there actually is no separate inet_pton() manual page.
https://man.freebsd.org/cgi/man.cgi?query=inet_pton&sektion=3
https://man.netbsd.org/inet_pton.3
http://tribblix.org/man/man3c/inet_pton.html
https://man.omnios.org/man3c/inet.3c
http://uw714doc.xinuos.com/en/man/html.3N/inet.3N.html
Although most of those call out inet_pton(), SCO #UnixWare in fact documented the four human-readable IPv4 formats for inet_pton(), and did not even have an inet_aton().
In #NetBSD, the internal inet_pton4() function was indeed updated by Christos Zoulas from the old Paul Vixie code to support the four human-readable formats of inet_aton(), 22 years ago; although it's not clear where this additional IPv4 conversion functionality is actually used.
The old Paul Vixie code from 1996 is retained in GNU libc, #FreeBSD, & #OpenBSD; this being code from the BIND DNS client library.
It was superseded by a from-scratch reimplementation based around a str2inet_addr() function in #Solaris/ #Illumos/ #Tribblix/ #OmniOS. musl libc also has its own from-scratch version.
Chris Siebenmann
إمي ❄️🏳️⚧️🇵🇸
mirabilos
reggie seidman
Justin Azoff
penguin42
Kevin Lyda
JdeBP
David Leadbeater
Robert Pluim 🇪🇺