Re: ipcacheAddEntryFromHosts - problem with ip6 info in /etc/hosts

Hmmm... I think my mail from yesterday to Robert didn't end up on the
list as well. Pertinent part follows:
-------------
The issue is that the IPv6 work depends on OS library support, so we
can't just use the appropriate library calls to handle this (although it
will only actually appear on systems that have the library support
presumably)
-------------

Currently the IPv6 squid work doesn't have sufficient smarts to verify
for sure that a given IPv6 address is valid (there are a lot of formats,
eg. ffoo::, fec0::1, 2002:0123:34:2352::239:abcd,
2002:314::123.123.123.123...), it merely relies on the system libraries,
but unless compiled on a recent O/S with --enable-ipv6 we can't rely on
that being in place... I agree though, a slightly changed message is of
dubious value. I'll see how much code it comes to in order to
exhaustively conclude that the address is a safe IPv6 address.

** BTW I remembered as going to sleep last night that MAXIPSTRLEN isn't
found outside of the IPv6 branch at the moment - the patch won't work on
HEAD unless MAXIPSTRLEN is defined.

Roger.

----- Original Message -----
From: hno@marasystems.com
Date: Wednesday, October 31, 2001 1:20 am
Subject: Re: ipcacheAddEntryFromHosts - problem with ip6 info in /etc/hosts

> Hmm.. this will also skip some invalid IPv6 addresses.. and thus
> we need
> to still log the event at loglevel 1, which makes the whole idea of
> patching only to get another message somewhat pointless I'd say.. but
> other than this it looks good.
>
> If the IPv6 detector could be fixed to only trigger on addresses that
> very likely are IPv6 then we could consider changing the log level
> to 2,
> which makes the patch quite appealing.
>
> Regards
> Henrik
>
>
> Roger Venning wrote:
>
> > diff -u ipcache.c.fake ipcache.c
> > --- ipcache.c.fake Sun Jun 17 13:43:52 2001
> > +++ ipcache.c Tue Oct 30 22:35:11 2001
> > @@ -845,14 +845,21 @@
> > * adds a "static" entry from /etc/hosts.
> > * returns 0 upon success, 1 if the ip address is invalid
> > */
> > +#define V6ADDR "%[0123456789abcdefABCDEF.:]"
> > +
> > int
> > ipcacheAddEntryFromHosts(const char *name, const char *ipaddr)
> > {
> > + LOCAL_ARRAY(char, v6test, 256);
> > ipcache_entry *i;
> > struct in_addr ip;
> > if (!safe_inet_addr(ipaddr, &ip)) {
> > - debug(14, 1) ("ipcacheAddEntryFromHosts: bad IP address
> '%s'\n",> - ipaddr);
> > + if (strlen(ipaddr) <= MAXIPSTRLEN && sscanf(ipaddr, V6ADDR,
> > v6test) == 1)
> > + debug(14, 1) ("ipcacheAddEntryFromHosts: this Squid
> does> not have IPv6 support - skipping '%s'\n",
> > + ipaddr);
> > + else
> > + debug(14, 1) ("ipcacheAddEntryFromHosts: bad IP address
> '%s'\n",> + ipaddr);
> > return 1;
> > }
> > if ((i = ipcache_get(name))) {
>
 
Received on Tue Oct 30 2001 - 17:57:13 MST