Fix validation of IPv6 addresses

2009-11-09 02:44:14 +05:30 · 2009-11-09 02:44:14 +05:30 · c8c9abc669
commit c8c9abc669
parent 6f93737d8e
1 changed files with 27 additions and 4 deletions
--- a/src/conf.c
+++ b/src/conf.c
@ -52,6 +52,27 @@
 #define ALNUM "([-a-z0-9._]+)"
 #define IP "((([0-9]{1,3})\\.){3}[0-9]{1,3})"
 #define IPMASK "(" IP "(/[[:digit:]]+)?)"
+#define IPV6 "(" \
+        "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}$)|" \
+        "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}$)|" \
+        "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}$)|" \
+        "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}$)|" \
+        "(^([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}$)|" \
+        "(^([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}$)|" \
+        "(^(([0-9a-f]{1,4}:){1,7}|:):$)|" \
+        "(^:(:[0-9a-f]{1,4}){1,7}$)|" \
+        "(^((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \
+        "(^(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \
+        "(^([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+        "(^:(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)" \
+        ")"
+
+#define IPV6MASK "(" IPV6 "(/[[:digit:]]+)?)"
 #define BEGIN "^[[:space:]]*"
 #define END "[[:space:]]*$"

@ -197,10 +218,12 @@ struct {
        STDCONF ("user", ALNUM, handle_user),
        STDCONF ("group", ALNUM, handle_group),
        /* ip arguments */
-        STDCONF ("listen", IP, handle_listen),
-        STDCONF ("allow", "(" IPMASK "|" ALNUM ")", handle_allow),
-        STDCONF ("deny", "(" IPMASK "|" ALNUM ")", handle_deny),
-        STDCONF ("bind", IP, handle_bind),
+        STDCONF ("listen", "(" IP "|" IPV6 ")", handle_listen),
+        STDCONF ("allow", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")",
+                 handle_allow),
+        STDCONF ("deny", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")",
+                 handle_deny),
+        STDCONF ("bind", "(" IP "|" IPV6 ")", handle_bind),
        /* error files */
        STDCONF ("errorfile", INT WS STR, handle_errorfile),
 #ifdef FILTER_ENABLE