Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 98609 invoked from network); 31 Oct 2005 21:31:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 31 Oct 2005 21:31:40 -0000 Received: (qmail 13505 invoked by uid 500); 31 Oct 2005 21:31:35 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 13485 invoked by uid 500); 31 Oct 2005 21:31:35 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 13474 invoked by uid 99); 31 Oct 2005 21:31:35 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 31 Oct 2005 13:31:35 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [82.195.144.76] (HELO loughan.stdlib.net) (82.195.144.76) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 31 Oct 2005 13:31:31 -0800 Received: from colmmacc by loughan.stdlib.net with local (Exim 4.50) id 1EWhFH-00065n-Tk for dev@httpd.apache.org; Mon, 31 Oct 2005 21:31:11 +0000 Date: Mon, 31 Oct 2005 21:31:11 +0000 From: Colm MacCarthaigh To: dev@httpd.apache.org Subject: Re: [PATCH] IPv6: strip zone-id from hostname Message-ID: <20051031213111.GA23398@stdlib.net> Reply-To: colm@stdlib.net References: <1404e5910510311323m1ec04631y86764e64ba45e39a@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1404e5910510311323m1ec04631y86764e64ba45e39a@mail.gmail.com> User-Agent: Mutt/1.5.9i X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N On Mon, Oct 31, 2005 at 04:23:49PM -0500, Eric Covener wrote: > If httpd receives a connection on a link-local (perhaps site-local?) Only link-local, site-local won't matter (as is decrecated in unicast at least). > IPv6 socket, apr_getnameinfo()/ap_get_remote_host() can/will return > something like the following: myv6host.xyz.com%bge0 yes :) > There doesn't appear to be a way to tell the resolver not to append the zone. Nor should there be, it's part of the unique identification of the origin. > This can trip up mod_auth_access/mod_authz_host/others? when > performing a domain name match (Allow/Deny would have to be encoded > with interface names to match the return value of getnameinfo()) link local addresses should absolutely not be appearing in DNS, and it doesn't make much sense for them to be doing so. I would class this as a non-problem. When connected to on a link-local address, httpd should log the origin with the interface-id intact, otherwide there'd be no way to determine the origin on a multi-homed server :) > If httpd should be agnostic wrt zones, should ap_get_remote_host strip > off anything following a percent symbol? It shouldn't, and no :) -- Colm MacC�rthaigh Public Key: colm+pgp@stdlib.net