Add dual-stack socket support for FTL

[DL6ER]

By submitting this pull request, I confirm the following (please check boxes, eg [X]) Failure to fill the template will close your PR:

Please submit all pull requests against the development branch. Failure to do so will delay or deny your request

• I have read and understood the contributors guide.
• I have checked that another pull request for this purpose does not exist.
• I have considered, and confirmed that this submission will be valuable to others.
• I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
• I give this submission freely, and claim no ownership to its content.

How familiar are you with the codebase?:

10

---

This pull request adds full dual-stack support for FTL's telnet-like socket. Previously, we bound only to an IPv4 port, now we bind to both the IPv4 and IPv6 port spaces.

In case no IPv6 interface is available (e.g. in docker), FTL will bind only to the IPv4 port - just as it did before.

This template was created based on the work of udemy-dl.

[DL6ER]

Before this pull request:

$ echo ">quit" | nc -v 127.0.0.1 4711
Connection to 127.0.0.1 4711 port [tcp/*] succeeded!

$ echo ">quit" | nc -v ::1 4711
nc: connect to ::1 port 4711 (tcp) failed: Connection refused

With the proposed changes:

$ echo ">quit" | nc -v 127.0.0.1 4711
Connection to 127.0.0.1 4711 port [tcp/*] succeeded!

$ echo ">quit" | nc -v ::1 4711
Connection to ::1 4711 port [tcp/*] succeeded!

[DL6ER]

Resolved merge conflicts, what you you think? @Mcat12 @dschaper

[AzureMarker]

The == true can be removed since dualstack is a boolean already.

[AzureMarker]

On a non-IPv6 system this would produce 20 lines of errors saying it can't bind to a port. Is there a quicker way to figure out if we have IPv6 access?

[DL6ER]

I'm not sure how to detect if the system has a working ipv6 interface. If we cannot find out how to do it, we could also change the error reporting (don't report on the Individual failures, but only once at the end when we couldn't find at least one port).

[DL6ER]

Marking as [WIP]

While in6addr_any accepts IPv4 and IPv6 connections simultaneously, in6addr_loopback only accepts connections to ::1. Have to further investigate on this.

[DL6ER]

Completely re-wrote this feature.

In case you are interested , here is the result of my research:
An IPv4 client can connect to INADDR_LOOPBACK (a.k.a. 127.0.0.1) on an dual-stack listening socket *if the listening socket is bound to IN6ADDR_ANY (a.k.a. ::). This is very convenient and allows to write more simple code that can live in both, the IPv4 and the IPv6 world at the same time.

However, an essential security feature of FTL (that can be disabled trough the config file) is that FTL does, by default, only bind to the lo interface such that data is only available locally and not from anywhere else in the network.
However, when binding a dual-stack socket to IN6ADDR_LOOPBACK (a.k.a. ::1), this will prevent IPv4 clients from being able to connect. Although he reason is simple it not very obvious: First, we have to understand that the socket lives in the IPv6 world, i.e. when an IPv4 client connects, it will be seen by the socket as connecting from the corresponding IPv4-mapped IPv6 address. Hence, when connecting to/from 127.0.0.1 the dual-stack socket will see the connection going to the IPv4-mapped IPv6 address ::FFFF:7F00:0001 (the equivalent of 127.0.0.1). However, as the dual-stack socket is explicitly bound to ::1 (and not ::) the IPv4 client cannot connect.

[AzureMarker]

This comment is no longer valid

[AzureMarker]

Unix is capitalized elsewhere.

[AzureMarker]

Should use IPv4 to distinguish this from appearing to be telnet version 4 API.

[AzureMarker]

See above.