On 8/27/25 11:48 AM, Joe Orton wrote:
> On Tue, Aug 26, 2025 at 12:16:35PM +0200, Ruediger Pluem wrote:
> ...
>> @@ -134,7 +144,11 @@
>> size_t offset;
>> char *hostcopy;
>>
>> - if (s == NULL) {
>> + if ((s == NULL) || strncasecmp(uptr->hostname, "fe80:", 5)) {
>> + /*
>> + * Scope id's are only allowed for link-local addresses under prefix
>> + * fe80::/10.
>> + */
>> return uptr->hostname;
>> }
>>
>>
>> Hence we only do all this for fe80::/10 networks. For other networks we
>> don't care and leave everything as is as we did before the
>> initial patch. Still or further concerns?
>
> That is testing for fe80::/16 rather than /10, might need to push it
> through apr_ipsubnet_* to test for /10?
This is unfortunately true. I am having a bit of trouble how to get a
apr_sockaddr_t struct of my IPV6 address needed as input for
apr_ipsubnet_test. Hence would the following be fine as well?
Index: uri/apr_uri.c
===================================================================
--- uri/apr_uri.c (revision 1928028)
+++ uri/apr_uri.c (working copy)
@@ -70,6 +70,12 @@
{ NULL, 0xFFFF } /* unknown port */
};
+#define LINK_LOCAL(ipv6addr) ((strlen(ipv6addr) >= 5) && \
+ ((ipv6addr)[4] == ':') && \
+ !strncasecmp(ipv6addr, "fe", 2) && \
+ strchr("89aAbB", (ipv6addr)[2]) && \
+ strchr("0123456789aAbBcCdDeEfF", (ipv6addr)[3]))
+
/*
* *only* for IPv6 addresses with a zone identifier according to RFC6874
*/
@@ -89,7 +95,7 @@
return APR_SUCCESS;
}
- if (strncasecmp(ipv6addr, "fe80:", 5)) {
+ if (!LINK_LOCAL(ipv6addr)) {
/*
* Scope id's are only allowed for link-local addresses under prefix
* fe80::/10.
@@ -144,7 +150,7 @@
size_t offset;
char *hostcopy;
- if ((s == NULL) || strncasecmp(uptr->hostname, "fe80:", 5)) {
+ if ((s == NULL) || !LINK_LOCAL(uptr->hostname)) {
/*
* Scope id's are only allowed for link-local addresses under prefix
* fe80::/10.
Regards
RĂ¼diger
