freeipa

Clone
Source Code
GIT

#1869 network address formation is not IPv6 compatible
Closed: Fixed None Opened 12 years ago by jdennis.

Closed: Fixed
Reopen Issue

There are several places in our code which formulates a network address via the concatenation of (host,colon,port (e.g. host:port). Unfortunately this only works for IPv4, not IPv6 because colon is a reserved character in IPv6 hexadecimal addresses. This is a non-issue for DNS names, but if someone specifies an IPv6 hexadecimal address it would probably break.

We have an outstanding ticket to fix internationalized host names. The proposed solution is to introduce a hostname object that knows how to do presentation etc. A good idea would be to extend this to a network address object which not only knows about host name presentation but also the inet type and ports.

Here is a list of the places I found which form some type of network address using colon concatenation:

/home/jdennis/src/freeipa/ipapython/dogtag.py:75
uri = 'https://%s:%d%s' % (host, port, url)

/home/jdennis/src/freeipa/ipapython/dogtag.py:113
uri = 'http://%s:%s%s' % (host, port, url)

/home/jdennis/src/freeipa/install/tools/ipa-csreplica-manage:229
sys.exit("Unable to connect to %s:%d: %s" % (replica1, PORT, convert_error(e)))

/home/jdennis/src/freeipa/install/tools/ipa-csreplica-manage:340
sys.exit("Unable to connect to %s:%d %s" % (replica1, PORT, convert_error(e)))

/home/jdennis/src/freeipa/ipaserver/ipaldap.py:218
SimpleLDAPObject.init(self,'ldaps://%s:%d' % (self.host,self.port))

/home/jdennis/src/freeipa/ipaserver/ipaldap.py:223
SimpleLDAPObject.init(self,'ldap://%s:%d' % (self.host,self.port))

/home/jdennis/src/freeipa/ipaserver/ipaldap.py:333
return "ldap://%s:%d/" % (self.host,self.port)

/home/jdennis/src/freeipa/ipaserver/install/cainstance.py:666
args.append("https://%s:%d" % (self.master_host, 443))

/home/jdennis/src/freeipa/ipaserver/install/cainstance.py:750
'%s:%d' % (self.fqdn, AGENT_SECURE_PORT),

/home/jdennis/src/freeipa/ipaserver/install/cainstance.py:770
'%s:%d' % (self.fqdn, AGENT_SECURE_PORT),

/home/jdennis/src/freeipa/ipaserver/install/cainstance.py:813
ld = ldap.initialize("ldap://%s:%d" % (self.fqdn, self.ds_port))

/home/jdennis/src/freeipa/ipaserver/install/replication.py:337
return "ldap://%s:%d/" % (conn.host, conn.port)

master: 12bfed3[[BR]]
ipa-2-1: 087251c

Metadata Update from @jdennis:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 2.1.2 (bug fixing)
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
low
None
None
None
None
defect
None
None
IPA
None
1
None
None
None
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.