From: Amos Jeffries Date: Sat, 3 Mar 2012 23:35:08 +0000 (-0700) Subject: Fix IPv6 site-local IP detection X-Git-Tag: SQUID_3_2_0_16~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff7432455897739953f612e8879586bcc13a9f3c;p=thirdparty%2Fsquid.git Fix IPv6 site-local IP detection RFC 4193 the site-local allocated range is fc00::/7. Squid has been using IN6_IS_ADDR_SITELOCAL() but it turns out Linux and OpenBSD at least still define that to test for the long obsolete fec0::/10. --- diff --git a/src/ip/Address.cc b/src/ip/Address.cc index b577c75074..74521b2206 100644 --- a/src/ip/Address.cc +++ b/src/ip/Address.cc @@ -270,7 +270,11 @@ Ip::Address::SetLocalhost() bool Ip::Address::IsSiteLocal6() const { - return IN6_IS_ADDR_SITELOCAL( &m_SocketAddr.sin6_addr ); + // RFC 4193 the site-local allocated range is fc00::/7 + // with fd00::/8 as the only currently allocated range (so we test it first). + // BUG: as of 2010-02 Linux and BSD define IN6_IS_ADDR_SITELOCAL() to check for fec::/10 + return m_SocketAddr.sin6_addr.s6_addr[0] == static_cast(0xfd) || + m_SocketAddr.sin6_addr.s6_addr[0] == static_cast(0xfc); } bool diff --git a/src/ip/Address.h b/src/ip/Address.h index 512ffd40e7..9591aca462 100644 --- a/src/ip/Address.h +++ b/src/ip/Address.h @@ -165,9 +165,9 @@ public: bool IsLocalhost() const; /** Test whether content is an IPv6 Site-Local address. - \retval true if address begins with fe80::/10. + \retval true if address begins with fd00::/8. \retval false if --disable-ipv6 has been compiled. - \retval false if address does not match fe80::/10 + \retval false if address does not match fd00::/8 */ bool IsSiteLocal6() const;