From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 8 Jan 2024 16:42:48 +0000 (+0000)
Subject: Revert "proxy.cgi: Fix for Bug #12826 'squid >=5 crashes on literal IPv6 addresses'"
X-Git-Tag: v2.29-core183~44
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a1bb2fb5853f882e4a87397448bead7a9ebfa43d;p=ipfire-2.x.git

Revert "proxy.cgi: Fix for Bug #12826 'squid >=5 crashes on literal IPv6 addresses'"

This reverts commit e0be9eab47d621545e5498c32c0fef39f7ef84a9.

This change is now producing problems on IPv6-enabled systems as it will
deny access to any website that is IPv6-enabled as well, even if the
client connected using IPv4.

I have tested if squid is now running on fine on systems where IPv6 is
disabled and can confirm that its running just fine.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
---

diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index 71be315f63..c8e3576dfe 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3525,19 +3525,9 @@ END
 			$_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;
 			print FILE $_;
 		}
-		print FILE "\n#End of custom includes\n\n";
+		print FILE "\n#End of custom includes\n";
 		close (ACL);
 	}
-
-		print FILE <<END
-# Prevent ipv6 requests to avoid crash in squid > 5.x
-acl to_ipv6 dst ipv6
-acl from_ipv6 src ipv6
-http_access deny to_ipv6
-http_access deny from_ipv6
-END
-	;
-
 	if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; }
 
 	# Check if squidclamav is enabled.