---------------------
PatchSet 5402 
Date: 2007/08/21 12:52:17
Author: amosjeffries
Branch: squid3-ipv6
Tag: (none) 
Log:
Add ability to force an IPAddress content to output as IPv4-only
Use that to force all transparent ports to listen on IPv4 sockets

Members: 
	include/IPAddress.h:1.1.2.34->1.1.2.35 
	lib/IPAddress.cc:1.1.2.65->1.1.2.66 
	src/cache_cf.cc:1.40.2.38->1.40.2.39 

Index: squid3/include/IPAddress.h
===================================================================
RCS file: /cvsroot/squid-sf//squid3/include/Attic/IPAddress.h,v
retrieving revision 1.1.2.34
retrieving revision 1.1.2.35
diff -u -r1.1.2.34 -r1.1.2.35
--- squid3/include/IPAddress.h	17 Aug 2007 00:30:40 -0000	1.1.2.34
+++ squid3/include/IPAddress.h	21 Aug 2007 12:52:17 -0000	1.1.2.35
@@ -1,5 +1,5 @@
 /*
- * $Id: IPAddress.h,v 1.1.2.34 2007/08/17 00:30:40 amosjeffries Exp $
+ * $Id: IPAddress.h,v 1.1.2.35 2007/08/21 12:52:17 amosjeffries Exp $
  *
  * DEBUG: section 14    IP Storage and Handling
  * AUTHOR: Amos Jeffries
@@ -206,6 +206,13 @@
     /// Fast reset of the stored content to what would be after default constructor.
     void SetEmpty();
 
+#if USE_IPV6
+    /// HACK: While transparent fails on IPv6 ports.
+    //		Partial-empty. Leaves the signature IPv4-mapped prefix.
+    //		Used to force a wildcard address to default as IPv4
+    //		when GetAddrInfo() is called for port binding.
+    bool SetIPv4();
+#endif
     /**
      *  Valid results IF and only IF the stored IP address is actually a network bitmask
      * \retval N number of bits which are set in the bitmask stored.
Index: squid3/lib/IPAddress.cc
===================================================================
RCS file: /cvsroot/squid-sf//squid3/lib/Attic/IPAddress.cc,v
retrieving revision 1.1.2.65
retrieving revision 1.1.2.66
diff -u -r1.1.2.65 -r1.1.2.66
--- squid3/lib/IPAddress.cc	17 Aug 2007 02:53:13 -0000	1.1.2.65
+++ squid3/lib/IPAddress.cc	21 Aug 2007 12:52:18 -0000	1.1.2.66
@@ -1,5 +1,5 @@
 /*
- * $Id: IPAddress.cc,v 1.1.2.65 2007/08/17 02:53:13 amosjeffries Exp $
+ * $Id: IPAddress.cc,v 1.1.2.66 2007/08/21 12:52:18 amosjeffries Exp $
  *
  * DEBUG: section 14   IP Storage and Handling
  * AUTHOR: Amos Jeffries
@@ -296,12 +296,40 @@
     memset(&m_SocketAddr.sin6_addr, 0, sizeof(m_SocketAddr.sin6_addr) );
 }
 
-/// NOTE: completely empties the IPAddres structure. Address, Port, Type, everything.
+/// NOTE: completely empties the IPAddress structure. Address, Port, Type, everything.
 void IPAddress::SetEmpty()
 {
     memset(&m_SocketAddr, 0, sizeof(m_SocketAddr) );
 }
 
+#if USE_IPV6
+// HACK: Force 'transparent' ports to be always IPv4-only.
+//		Leaves the signature IPv4-mapped prefix.
+//		used to force a wildcard address to default as IPv4
+//		when GetAddrInfo() is called for port binding.
+bool IPAddress::SetIPv4()
+{
+#if !IPV6_SPECIAL_LOCALHOST
+    if( IsLocalhost() ) {
+        m_SocketAddr.sin6_addr.s6_addr32[2] = htonl(0xffff);
+        m_SocketAddr.sin6_addr.s6_addr32[3] = htonl(0x7F000001);
+        return true;
+    }
+#endif
+
+    if( IsAnyAddr() ) {
+        m_SocketAddr.sin6_addr.s6_addr32[2] = htonl(0xffff);
+        return true;
+    }
+
+    if( IsIPv4())
+        return true;
+
+    // anything non-IPv4 and non-convertable is BAD.
+    return false;
+}
+#endif
+
 bool IPAddress::IsLocalhost() const
 {
 #if USE_IPV6
Index: squid3/src/cache_cf.cc
===================================================================
RCS file: /cvsroot/squid-sf//squid3/src/cache_cf.cc,v
retrieving revision 1.40.2.38
retrieving revision 1.40.2.39
diff -u -r1.40.2.38 -r1.40.2.39
--- squid3/src/cache_cf.cc	19 Aug 2007 11:03:09 -0000	1.40.2.38
+++ squid3/src/cache_cf.cc	21 Aug 2007 12:52:18 -0000	1.40.2.39
@@ -1,6 +1,6 @@
 
 /*
- * $Id: cache_cf.cc,v 1.40.2.38 2007/08/19 11:03:09 amosjeffries Exp $
+ * $Id: cache_cf.cc,v 1.40.2.39 2007/08/21 12:52:18 amosjeffries Exp $
  *
  * DEBUG: section 3     Configuration File Parsing
  * AUTHOR: Harvest Derived
@@ -2768,6 +2768,13 @@
         s->name = xstrdup(token + 5);
     } else if (strcmp(token, "transparent") == 0) {
         s->transparent = 1;
+#if USE_IPV6
+        /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */
+        if( !s->s.SetIPv4() ) {
+            debugs(3, 0, "http(s)_port: IPv6 addresses cannot be 'transparent' (protocol does not provide NAT)" << s->s );
+            self_destruct();
+        }
+#endif
     } else if (strcmp(token, "vhost") == 0) {
         s->vhost = 1;
         s->accel = 1;
@@ -2797,6 +2804,13 @@
     } else if (strcmp(token, "tproxy") == 0) {
         s->tproxy = 1;
         need_linux_tproxy = 1;
+#if USE_IPV6
+        /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */
+        if( s->s.IsIPv6() && !s->s.SetIPv4() ) {
+            debugs(3, 0, "http(s)_port: IPv6 addresses cannot be transparent (protocol does not provide NAT)" << s->s );
+            self_destruct();
+        }
+#endif
 #endif
 
     } else {