From 2ad52c57f8d4529bc55146fbdbab1dce9db8e59a Mon Sep 17 00:00:00 2001
From: Tore Anderson <tore@fud.no>
Date: Sat, 8 Feb 2025 09:31:19 +0100
Subject: [PATCH] Use IPv6 sockets when querying IPv4 nameservers

This works around a bug in Net::DNS (or arguably in IO::Socket::IP)
which causes it to refuse to send queries to IPv4 nameservers (even
localhost), when running on IPv6-only hosts. Since IPv6-only hosts are
the primary use case for clatd, and most modern Linux distributions are
shipping with systemd-resolved listening on 127.0.0.53 by default, this
prevents PLAT prefix discovery from working correctly out of the box.

Forcing Net::DNS to use an IPv6 socket, by simply substituting all IPv4
addresses in the name server as IPv4-mapped IPv6 addreses, successfully
works around this problem.

This bug has been present in Net::DNS since version 1.03 (more
specifically since SVN r1406, dated 2015-10-05). This version started
defaulting to using IO::Socket::IP for all sockets, so it is no longer
necessary to require it explicitly in clatd.

For more info:

https://rt.cpan.org/Public/Bug/Display.html?id=158714 (Net::DNS)
https://rt.cpan.org/Public/Bug/Display.html?id=132760 (IO::Socket::IP)
---
 Makefile |  4 ++--
 clatd    | 11 ++++++++++-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 4ed9e8e..ce2fe60 100644
--- a/Makefile
+++ b/Makefile
@@ -20,8 +20,8 @@ install:
 
 installdeps:
 	# .deb/apt-get based distros
-	if test -x "$(APT_GET)"; then $(APT_GET) -y install perl-base perl-modules libnet-ip-perl libnet-dns-perl libio-socket-ip-perl iproute2 nftables tayga; fi
+	if test -x "$(APT_GET)"; then $(APT_GET) -y install perl-base perl-modules libnet-ip-perl libnet-dns-perl iproute2 nftables tayga; fi
 	# .rpm/DNF/YUM-based distros
-	if test -x "$(DNF_OR_YUM)"; then $(DNF_OR_YUM) -y install perl perl-IPC-Cmd perl-Net-IP perl-Net-DNS perl-IO-Socket-IP perl-File-Temp iproute nftables; fi
+	if test -x "$(DNF_OR_YUM)"; then $(DNF_OR_YUM) -y install perl perl-IPC-Cmd perl-Net-IP perl-Net-DNS perl-File-Temp iproute nftables; fi
 	# If necessary, try to install the TAYGA .rpm using dnf/yum. It is unfortunately not available in all .rpm based distros (in particular CentOS/RHEL).
 	if test -x "$(DNF_OR_YUM)" && test ! -x "$(TAYGA)"; then $(DNF_OR_YUM) -y install tayga || echo "ERROR: Failed to install TAYGA using dnf/yum, the package is probably not included in your distro. Try enabling the EPEL repo <URL: https://fedoraproject.org/wiki/EPEL> and try again, or install TAYGA <URL: http://www.litech.org/tayga> directly from source."; exit 1; fi
diff --git a/clatd b/clatd
index 8ded271..468c040 100755
--- a/clatd
+++ b/clatd
@@ -332,7 +332,6 @@ sub find_rfc7050_wka {
 sub get_plat_prefix {
   p("Performing DNS64-based PLAT prefix discovery (cf. RFC 7050)");
 
-  require IO::Socket::IP; # needed by Net::DNS for querying IPv6 servers
   require Net::DNS;
 
   my @dns64_servers = split(",", cfg("dns64-servers") || "");
@@ -349,6 +348,16 @@ sub get_plat_prefix {
       $res = Net::DNS::Resolver->new();
     }
     $res->dnssec(0); # RFC 7050 section 3
+
+    # Force use of AF_INET6 socket with IPv4-mapped addresses when querying
+    # an IPv4 name server (e.g., systemd-resolved listening on 127.0.0.53).
+    # This works around https://rt.cpan.org/Public/Bug/Display.html?id=158714
+    # (and/or https://rt.cpan.org/Public/Bug/Display.html?id=132760).
+    $res->nameservers(map {
+      Net::IP->new($_)->version() == 4 ? "::ffff:$_" : $_;
+    } $res->nameservers);
+    d2("Nameservers after Net::DNS bug workaround: ", $res->nameservers);
+
     my $pkt = $res->query('ipv4only.arpa', 'AAAA');
     if(!$pkt) {
       d("No AAAA records was returned for 'ipv4only.arpa'");