]>
Commit | Line | Data |
---|---|---|
177b938a MT |
1 | diff --git a/server/confpars.c b/server/confpars.c |
2 | index 12ab0e6..4454be9 100644 | |
3 | --- a/server/confpars.c | |
4 | +++ b/server/confpars.c | |
5 | @@ -3756,6 +3756,19 @@ add_ipv6_pool_to_subnet(struct subnet *subnet, u_int16_t type, | |
6 | share->ipv6_pools[num_pools+1] = NULL; | |
7 | } | |
8 | ||
9 | +static void | |
10 | +check_addr_in_subnet(struct subnet *subnet, struct iaddr *addr) { | |
11 | + char lowbuf [INET6_ADDRSTRLEN], netbuf [INET6_ADDRSTRLEN]; | |
12 | + | |
13 | + if (!addr_eq(subnet->net, subnet_number(*addr, subnet->netmask))) { | |
14 | + strcpy(lowbuf, piaddr(*addr)); | |
15 | + strcpy(netbuf, piaddr(subnet->net)); | |
16 | + log_fatal("bad range6, address %s not in subnet6 %s/%d", | |
17 | + lowbuf, netbuf, subnet->prefix_len); | |
18 | + } | |
19 | + | |
20 | +} | |
21 | + | |
22 | /* address-range6-declaration :== ip-address6 ip-address6 SEMI | |
23 | | ip-address6 SLASH number SEMI | |
24 | | ip-address6 [SLASH number] TEMPORARY SEMI */ | |
25 | @@ -3788,6 +3801,8 @@ parse_address_range6(struct parse *cfile, struct group *group) { | |
26 | return; | |
27 | } | |
28 | ||
29 | + check_addr_in_subnet(group->subnet, &lo); | |
30 | + | |
31 | /* | |
32 | * See if we we're using range or CIDR notation or TEMPORARY | |
33 | */ | |
34 | @@ -3855,6 +3870,8 @@ parse_address_range6(struct parse *cfile, struct group *group) { | |
35 | return; | |
36 | } | |
37 | ||
38 | + check_addr_in_subnet(group->subnet, &hi); | |
39 | + | |
40 | /* | |
41 | * Convert our range to a set of CIDR networks. | |
42 | */ |