diff options
author | Mukund Sivaraman <muks@banu.com> | 2009-11-09 02:44:14 +0530 |
---|---|---|
committer | Mukund Sivaraman <muks@banu.com> | 2009-11-09 02:44:14 +0530 |
commit | c8c9abc669cc0324c4afb35bfae850e98904d7ae (patch) | |
tree | 0fbc9318755be511ef8a888cdfd90e92986f616e /src | |
parent | 6f93737d8e0e157df810cd83c1ecaaa818ed94c9 (diff) |
Fix validation of IPv6 addresses
Diffstat (limited to 'src')
-rw-r--r-- | src/conf.c | 31 |
1 files changed, 27 insertions, 4 deletions
@@ -52,6 +52,27 @@ #define ALNUM "([-a-z0-9._]+)" #define IP "((([0-9]{1,3})\\.){3}[0-9]{1,3})" #define IPMASK "(" IP "(/[[:digit:]]+)?)" +#define IPV6 "(" \ + "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}$)|" \ + "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}$)|" \ + "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}$)|" \ + "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}$)|" \ + "(^([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}$)|" \ + "(^([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}$)|" \ + "(^(([0-9a-f]{1,4}:){1,7}|:):$)|" \ + "(^:(:[0-9a-f]{1,4}){1,7}$)|" \ + "(^((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \ + "(^(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3})$)|" \ + "(^([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)|" \ + "(^:(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$)" \ + ")" + +#define IPV6MASK "(" IPV6 "(/[[:digit:]]+)?)" #define BEGIN "^[[:space:]]*" #define END "[[:space:]]*$" @@ -197,10 +218,12 @@ struct { STDCONF ("user", ALNUM, handle_user), STDCONF ("group", ALNUM, handle_group), /* ip arguments */ - STDCONF ("listen", IP, handle_listen), - STDCONF ("allow", "(" IPMASK "|" ALNUM ")", handle_allow), - STDCONF ("deny", "(" IPMASK "|" ALNUM ")", handle_deny), - STDCONF ("bind", IP, handle_bind), + STDCONF ("listen", "(" IP "|" IPV6 ")", handle_listen), + STDCONF ("allow", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")", + handle_allow), + STDCONF ("deny", "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")", + handle_deny), + STDCONF ("bind", "(" IP "|" IPV6 ")", handle_bind), /* error files */ STDCONF ("errorfile", INT WS STR, handle_errorfile), #ifdef FILTER_ENABLE |