[TYPO3-core] RFC #15379: Bug: Don't break BE session IP locking on IPv6 client

Wiel, J.A.M. van de j.a.m.v.d.wiel at tue.nl
Sun Aug 8 17:28:41 CEST 2010


My apologies for forgetting to attach the patch!
________________________________________
From: typo3-team-core-bounces at lists.typo3.org [typo3-team-core-bounces at lists.typo3.org] On Behalf Of Wiel, J.A.M. van de [j.a.m.v.d.wiel at tue.nl]
Sent: Sunday, August 08, 2010 5:28 PM
To: typo3-team-core at lists.typo3.org
Subject: [TYPO3-core] RFC #15379: Bug: Don't break BE session IP locking on     IPv6 client

This is an SVN patch request.

Type: Bugfix

Bugtracker references:
http://bugs.typo3.org/view.php?id=15379

Branches:
TYPO3_4-4 & trunk

Problem:
The IP lock of a BE session assumes IPv4 and its 4 octets for splitting into parts. Obviously this won't fly with valid IPv6 client addresses since they don't have the 4 octets separated by dots.

Solution:
My patch uses the core API to check whether the client has a valid IPv6 address. If so, it just ignores the parts < 4 bit and returns the address thereby locking the BE session to the client's specific IPv6 address.

Notes:
To really do this cleanly, there should be a proper IPv6 aware implementation of BE session locking and something like a 'lock to prefix' which would make a lot more sense in an IPv6 context than the current 'parts'. I'm not sufficiently up to speed on core development to rework this part entirely without breaking things elsewhere.

Best regards,
Bas
_______________________________________________
Before posting to this list, please have a look to the posting rules
on the following websites:

http://typo3.org/teams/core/core-mailinglist-rules/
http://typo3.org/development/bug-fixing/diff-and-patch/
_______________________________________________
TYPO3-team-core mailing list
TYPO3-team-core at lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-team-core
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 15379_v2.diff
Type: text/x-patch
Size: 565 bytes
Desc: 15379_v2.diff
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20100808/4c0c2b86/attachment-0001.bin>


More information about the TYPO3-team-core mailing list