Apply ratbox3 workaround for too permissive inet_pton6():
Any kline (or various other things) containing * or ? is a mask kline and not an IP kline. Ideally, rb_inet_pton_sock() would return failure for those, but in practice this is not always the case for IPv6. Such a kline that is erroneously treated as an IP line likely matches way fewer IPs than expected.
This commit is contained in:
parent
11dff8a423
commit
17e4b48b55
1 changed files with 5 additions and 1 deletions
|
@ -62,7 +62,11 @@ parse_netmask(const char *text, struct sockaddr *naddr, int *nb)
|
|||
addr = (struct rb_sockaddr_storage *)&xaddr;
|
||||
else
|
||||
addr = (struct rb_sockaddr_storage *)naddr;
|
||||
|
||||
|
||||
if(strpbrk(ip, "*?") != NULL)
|
||||
{
|
||||
return HM_HOST;
|
||||
}
|
||||
#ifdef RB_IPV6
|
||||
if(strchr(ip, ':'))
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue