From c7b7c67ff40df9f1e8c4430d720f33a8302763ac Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 26 Jul 2021 17:53:44 +0200 Subject: [PATCH] normalize ipv6 addresses to avoid possible comparison problems; fixes #965 Signed-off-by: Michael Kaufmann --- install/froxlor.sql | 2 +- install/lib/class.FroxlorInstall.php | 4 +++- .../updates/froxlor/0.10/update_0.10.inc.php | 21 +++++++++++++++++++ lib/Froxlor/Api/Commands/IpsAndPorts.php | 6 ++++++ lib/Froxlor/Froxlor.php | 2 +- lib/Froxlor/PhpHelper.php | 8 +++++-- tests/IpsAndPorts/IpsAndPortsTest.php | 4 ++-- 7 files changed, 40 insertions(+), 7 deletions(-) diff --git a/install/froxlor.sql b/install/froxlor.sql index 0df87d0d..5b7e8274 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -721,7 +721,7 @@ opcache.interned_strings_buffer'), ('panel', 'logo_overridetheme', '0'), ('panel', 'logo_overridecustom', '0'), ('panel', 'version', '0.10.27'), - ('panel', 'db_version', '202107210'); + ('panel', 'db_version', '202107260'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/lib/class.FroxlorInstall.php b/install/lib/class.FroxlorInstall.php index 6b27e62a..350e4277 100644 --- a/install/lib/class.FroxlorInstall.php +++ b/install/lib/class.FroxlorInstall.php @@ -687,7 +687,7 @@ class FroxlorInstall if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) { // create user $stmt = $db_root->prepare(" - CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password + CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password BY :password "); $stmt->execute(array( "password" => $password @@ -1310,10 +1310,12 @@ class FroxlorInstall // from form if (! empty($_POST['serverip'])) { $this->_data['serverip'] = $_POST['serverip']; + $this->_data['serverip'] = inet_ntop(inet_pton($this->_data['serverip'])); return; // from $_SERVER } elseif (! empty($_SERVER['SERVER_ADDR'])) { $this->_data['serverip'] = $_SERVER['SERVER_ADDR']; + $this->_data['serverip'] = inet_ntop(inet_pton($this->_data['serverip'])); return; } // empty diff --git a/install/updates/froxlor/0.10/update_0.10.inc.php b/install/updates/froxlor/0.10/update_0.10.inc.php index b94e5add..aac737f2 100644 --- a/install/updates/froxlor/0.10/update_0.10.inc.php +++ b/install/updates/froxlor/0.10/update_0.10.inc.php @@ -1,6 +1,7 @@ fetch(\PDO::FETCH_ASSOC)) { + if (Validate::is_ipv6($iprow['ip'])) { + $ip = inet_ntop(inet_pton($iprow['ip'])); + Database::pexecute($upd_stmt, [ + 'ip' => $ip, + 'id' => $iprow['id'] + ]); + } + } + lastStepStatus(0); + \Froxlor\Froxlor::updateToDbVersion('202107260'); +} diff --git a/lib/Froxlor/Api/Commands/IpsAndPorts.php b/lib/Froxlor/Api/Commands/IpsAndPorts.php index b4213ed0..40531c0f 100644 --- a/lib/Froxlor/Api/Commands/IpsAndPorts.php +++ b/lib/Froxlor/Api/Commands/IpsAndPorts.php @@ -247,6 +247,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour $docroot = ''; } + // always use compressed ipv6 format + $ip = inet_ntop(inet_pton($ip)); + $result_checkfordouble_stmt = Database::prepare(" SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip` = :ip AND `port` = :port"); @@ -462,6 +465,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour $docroot = ''; } + // always use compressed ipv6 format + $ip = inet_ntop(inet_pton($ip)); + if ($result['ip'] != $ip && $result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport == false) { \Froxlor\UI\Response::standard_error('cantchangesystemip', '', true); } elseif ($result_checkfordouble && $result_checkfordouble['id'] != '' && $result_checkfordouble['id'] != $id) { diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index ebfd295f..f5d799fd 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -10,7 +10,7 @@ final class Froxlor const VERSION = '0.10.27'; // Database version (YYYYMMDDC where C is a daily counter) - const DBVERSION = '202107210'; + const DBVERSION = '202107260'; // Distribution branding-tag (used for Debian etc.) const BRANDING = ''; diff --git a/lib/Froxlor/PhpHelper.php b/lib/Froxlor/PhpHelper.php index d938adf8..5b7c0b14 100644 --- a/lib/Froxlor/PhpHelper.php +++ b/lib/Froxlor/PhpHelper.php @@ -241,10 +241,14 @@ class PhpHelper $ips = array(); foreach ($dns as $record) { if ($record["type"] == "A") { - $ips[] = $record["ip"]; + // always use compressed ipv6 format + $ip = inet_ntop(inet_pton($record["ip"])); + $ips[] = $ip; } if ($record["type"] == "AAAA") { - $ips[] = $record["ipv6"]; + // always use compressed ipv6 format + $ip = inet_ntop(inet_pton($record["ipv6"])); + $ips[] = $ip; } } if (count($ips) < 1) { diff --git a/tests/IpsAndPorts/IpsAndPortsTest.php b/tests/IpsAndPorts/IpsAndPortsTest.php index f5e59614..6b67922e 100644 --- a/tests/IpsAndPorts/IpsAndPortsTest.php +++ b/tests/IpsAndPorts/IpsAndPortsTest.php @@ -72,12 +72,12 @@ class IpsAndPortsTest extends TestCase { global $admin_userdata; $data = [ - 'ip' => '2a01:440:1:12:82:149:225:46', + 'ip' => '2a01:0440:0000:0012:0082:0149:0225:0046', 'docroot' => '/var/www/html' ]; $json_result = IpsAndPorts::getLocal($admin_userdata, $data)->add(); $result = json_decode($json_result, true)['data']; - $this->assertEquals(4, $result['id']); + $this->assertEquals('2a01:440:0:12:82:149:225:46', $result['ip']); $this->assertEquals('/var/www/html/', $result['docroot']); }