Anonymous committed 6e4389b

Apply ratbox3 workaround for too permissive inet_pton6():

Any kline (or various other things) containing * or ? is
a mask kline and not an IP kline. Ideally, rb_inet_pton_sock()
would return failure for those, but in practice this is not
always the case for IPv6.

Such a kline that is erroneously treated as an IP line
likely matches way fewer IPs than expected.

Comments (0)

Files changed (1)

 		addr = (struct rb_sockaddr_storage *)&xaddr;
 		addr = (struct rb_sockaddr_storage *)naddr;
+	if(strpbrk(ip, "*?") != NULL)
+	{
+		return HM_HOST;
+	}
 #ifdef RB_IPV6
 	if(strchr(ip, ':'))