diff --git a/go.mod b/go.mod index cf46b992821..c4e5f8b76d2 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ go 1.22.6 require ( github.com/containerd/platforms v0.2.1 github.com/containernetworking/cni v1.2.3 - github.com/containers/common v0.61.0 + github.com/containers/common v0.61.1 github.com/containers/image/v5 v5.33.1 github.com/containers/luksy v0.0.0-20250106202729-a3a812db5b72 github.com/containers/ocicrypt v1.2.1 diff --git a/go.sum b/go.sum index fcef531bd05..037e31e730c 100644 --- a/go.sum +++ b/go.sum @@ -63,8 +63,8 @@ github.com/containernetworking/cni v1.2.3 h1:hhOcjNVUQTnzdRJ6alC5XF+wd9mfGIUaj8F github.com/containernetworking/cni v1.2.3/go.mod h1:DuLgF+aPd3DzcTQTtp/Nvl1Kim23oFKdm2okJzBQA5M= github.com/containernetworking/plugins v1.5.1 h1:T5ji+LPYjjgW0QM+KyrigZbLsZ8jaX+E5J/EcKOE4gQ= github.com/containernetworking/plugins v1.5.1/go.mod h1:MIQfgMayGuHYs0XdNudf31cLLAC+i242hNm6KuDGqCM= -github.com/containers/common v0.61.0 h1:j/84PTqZIKKYy42OEJsZmjZ4g4Kq2ERuC3tqp2yWdh4= -github.com/containers/common v0.61.0/go.mod h1:NGRISq2vTFPSbhNqj6MLwyes4tWSlCnqbJg7R77B8xc= +github.com/containers/common v0.61.1 h1:jpk385ZFEx3MAX+sjwOoTZElvpgsGi0YJHuRmrhF/j8= +github.com/containers/common v0.61.1/go.mod h1:C+TfkhTV+ADp1Hu+BMIAYPvSFix21swYo9PZuCKoSUM= github.com/containers/image/v5 v5.33.1 h1:nTWKwxAlY0aJrilvvhssqssJVnley6VqxkLiLzTEYIs= github.com/containers/image/v5 v5.33.1/go.mod h1:/FJiLlvVbeBxWNMPVPPIWJxHTAzwBoFvyN0a51zo1CE= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= diff --git a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go index 2ee6369efe5..33fbc35e6c9 100644 --- a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go +++ b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go @@ -110,13 +110,26 @@ func Setup(opts *SetupOptions) (*SetupResult, error) { return err } for _, addr := range addrs { - // make sure to skip localhost and other special addresses - if ipnet, ok := addr.(*net.IPNet); ok && ipnet.IP.IsGlobalUnicast() { - result.IPAddresses = append(result.IPAddresses, ipnet.IP) - if !ipv4 && util.IsIPv4(ipnet.IP) { + // make sure to skip loopback and multicast addresses + if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() && !ipnet.IP.IsMulticast() { + if util.IsIPv4(ipnet.IP) { + result.IPAddresses = append(result.IPAddresses, ipnet.IP) ipv4 = true - } - if !ipv6 && util.IsIPv6(ipnet.IP) { + } else if !ipnet.IP.IsLinkLocalUnicast() { + // Else must be ipv6. + // We shouldn't resolve hosts.containers.internal to IPv6 + // link-local addresses, for two reasons: + // 1. even if IPv6 is disabled in pasta (--ipv4-only), the + // kernel will configure an IPv6 link-local address in the + // container, but that doesn't mean that IPv6 connectivity + // is actually working + // 2. link-local addresses need to be suffixed by the zone + // (interface) to be of any use, but we can't do it here + // + // Thus, don't include IPv6 link-local addresses in + // IPAddresses: Podman uses them for /etc/hosts entries, and + // those need to be functional. + result.IPAddresses = append(result.IPAddresses, ipnet.IP) ipv6 = true } } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 98eee47e1a5..26ecbd14604 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.61.0" +const Version = "0.61.1" diff --git a/vendor/modules.txt b/vendor/modules.txt index d3d5d9ccb33..7147e860f9f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -99,7 +99,7 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.5.1 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/common v0.61.0 +# github.com/containers/common v0.61.1 ## explicit; go 1.22.6 github.com/containers/common/internal github.com/containers/common/internal/attributedstring