summaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
authorMukund Sivaraman <muks@banu.com>2009-11-09 02:44:14 +0530
committerMukund Sivaraman <muks@banu.com>2009-11-09 02:44:14 +0530
commitc8c9abc669cc0324c4afb35bfae850e98904d7ae (patch)
tree0fbc9318755be511ef8a888cdfd90e92986f616e /src
parent6f93737d8e0e157df810cd83c1ecaaa818ed94c9 (diff)
Fix validation of IPv6 addresses
Diffstat (limited to 'src')
-rw-r--r--src/conf.c31
1 files changed, 27 insertions, 4 deletions
diff --git a/src/conf.c b/src/conf.c
index ca2172f..edd0970 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -52,6 +52,27 @@
#define ALNUM "([-a-z0-9._]+)"
#define IP "((([0-9]{1,3})\\.){3}[0-9]{1,3})"
#define IPMASK "(" IP "(/[[:digit:]]+)?)"
+#define IPV6 "(" \
+ "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}$)|" \
+ "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}$)|" \
+ "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}$)|" \
+ "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}$)|" \
+ "(^([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}$)|" \
+ "(^([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}$)|" \
+ "(^(([0-9a-f]{1,4}:){1,7}|:):$)|" \
+ "(^:(:[0-9a-f]{1,4}){1,7}$)|" \
+ "(^((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \
+ "(^(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \
+ "(^([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \
+ "(^:(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)" \
+ ")"
+
+#define IPV6MASK "(" IPV6 "(/[[:digit:]]+)?)"
#define BEGIN "^[[:space:]]*"
#define END "[[:space:]]*$"
@@ -197,10 +218,12 @@ struct {
STDCONF ("user", ALNUM, handle_user),
STDCONF ("group", ALNUM, handle_group),
/* ip arguments */
- STDCONF ("listen", IP, handle_listen),
- STDCONF ("allow", "(" IPMASK "|" ALNUM ")", handle_allow),
- STDCONF ("deny", "(" IPMASK "|" ALNUM ")", handle_deny),
- STDCONF ("bind", IP, handle_bind),
+ STDCONF ("listen", "(" IP "|" IPV6 ")", handle_listen),
+ STDCONF ("allow", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")",
+ handle_allow),
+ STDCONF ("deny", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")",
+ handle_deny),
+ STDCONF ("bind", "(" IP "|" IPV6 ")", handle_bind),
/* error files */
STDCONF ("errorfile", INT WS STR, handle_errorfile),
#ifdef FILTER_ENABLE