-
Notifications
You must be signed in to change notification settings - Fork 553
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix validation of IPv4-mapped IPv6 addresses #100
Conversation
Thanks, 😄 |
Fix validation of IPv4-mapped IPv6 addresses
@@ -458,13 +458,13 @@ func IsIP(str string) bool { | |||
// IsIPv4 check if the string is an IP version 4. | |||
func IsIPv4(str string) bool { | |||
ip := net.ParseIP(str) | |||
return ip != nil && ip.To4() != nil | |||
return ip != nil && strings.Contains(str, ".") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
::FFFF:127.0.0.1
is a valid IPv6 address that contains .
You could swap it for return ip != nil && !strings.Contains(str, ":")
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If ports could be appended at the end, both method would need to be changed to strings.Count(str, ":") < 2
and strings.Count(str, ":") >= 2
respectively.
Previously, we tried to provision a NodePort service for IPv6 depending on whether `--enable-ipv6` was set to true which was wrong, as enabling IPv6 does not mean that each Service definition will be in IPv6. Unfortunately, "net.ParseIP([...]).To{4,16}()" is not reliable enough to determine whether a clusterIP is in IPv6 or IPv4, thus the hack: asaskevich/govalidator#100. Fixes: 64568ff ("k8s: Add NodePorts field to Service struct") Signed-off-by: Martynas Pumputis <m@lambda.lt>
Previously, we tried to provision a NodePort service for IPv6 depending on whether `--enable-ipv6` was set to true which was wrong, as enabling IPv6 does not mean that each Service definition will be in IPv6. Unfortunately, "net.ParseIP([...]).To{4,16}()" is not reliable enough to determine whether a clusterIP is in IPv6 or IPv4, thus the hack: asaskevich/govalidator#100. Fixes: 64568ff ("k8s: Add NodePorts field to Service struct") Signed-off-by: Martynas Pumputis <m@lambda.lt>
Hello,
Addresses like ::ffff:c0a8:101 are marked as invalid IPv6 addresses and valid IPv4 addresses :
http://play.golang.org/p/4tNuUR7_yq
This is related to the way addresses are handled in the net/ip package ([16]byte array for both types).
Seems the easiest way to deal with this, is to check if the string is an IP address and, depending on the type, if it contains a dot or a column.
Ref: This discussion on stackoverflow, this issue and the code of ParseIP