From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <w.bumiller@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id B9C7279583
 for <pbs-devel@lists.proxmox.com>; Tue,  4 May 2021 13:17:49 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id A5C5D873B
 for <pbs-devel@lists.proxmox.com>; Tue,  4 May 2021 13:17:19 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 17B3A871F
 for <pbs-devel@lists.proxmox.com>; Tue,  4 May 2021 13:17:19 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id D6C0F42A26
 for <pbs-devel@lists.proxmox.com>; Tue,  4 May 2021 13:17:18 +0200 (CEST)
Date: Tue, 4 May 2021 13:17:18 +0200
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Dominik Csapak <d.csapak@proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Message-ID: <20210504111718.ow2wvety57jbb4x2@olga.proxmox.com>
References: <20210409081456.31189-1-d.csapak@proxmox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20210409081456.31189-1-d.csapak@proxmox.com>
User-Agent: NeoMutt/20180716
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.019 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [fe80::1]
 WEIRD_PORT              0.001 Uses non-standard port number for HTTP
Subject: Re: [pbs-devel] [PATCH proxmox-backup] client/http_client: add
 necessary brackets
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Tue, 04 May 2021 11:17:49 -0000

On Fri, Apr 09, 2021 at 10:14:56AM +0200, Dominik Csapak wrote:
> if we are given a 'naked' ipv6 without square brackets around it,
> we need to add them ourselves, since the address is ambigious otherwise
> when we add the port.
> 
> e.g. giving 'fe80::1' as address we arrive at the url (with the default port)
> 'https://fe80::1:8007/'
> 
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
> we could also only add it to the actual request if wanted, should not
> make much of a difference though

^ That would definitely be the better approach, because with the current
patch you're also changing the address for *everything* else
(load_fingerprint, store_fingerprint, store_ticket_info, ...)

The address is supposed to be just that, an address. The brackets are
part of the URL syntax and should therefore be limited to that and that
alone.

> 
>  src/client/http_client.rs | 16 ++++++++++++++--
>  1 file changed, 14 insertions(+), 2 deletions(-)
> 
> diff --git a/src/client/http_client.rs b/src/client/http_client.rs
> index 76ab0391..07e8cd83 100644
> --- a/src/client/http_client.rs
> +++ b/src/client/http_client.rs
> @@ -273,6 +273,16 @@ fn load_ticket_info(prefix: &str, server: &str, userid: &Userid) -> Option<(Stri
>      }
>  }
>  
> +fn map_ipv6(server: &str) -> String {
> +    let bytes = server.as_bytes();
> +    let len = bytes.len();
> +    if len > 3 && bytes.contains(&b':') && bytes[0] != b'[' && bytes[len-1] != b']' {
> +        format!("[{}]", server)
> +    } else {
> +        server.to_string()
> +    }
> +}
> +
>  impl HttpClient {
>      pub fn new(
>          server: &str,
> @@ -285,11 +295,13 @@ impl HttpClient {
>  
>          let mut fingerprint = options.fingerprint.take();
>  
> +        let server = map_ipv6(server);
> +
>          if fingerprint.is_some() {
>              // do not store fingerprints passed via options in cache
>              options.fingerprint_cache = false;
>          } else if options.fingerprint_cache && options.prefix.is_some() {
> -            fingerprint = load_fingerprint(options.prefix.as_ref().unwrap(), server);
> +            fingerprint = load_fingerprint(options.prefix.as_ref().unwrap(), &server);
>          }
>  
>          let mut ssl_connector_builder = SslConnector::builder(SslMethod::tls()).unwrap();
> @@ -344,7 +356,7 @@ impl HttpClient {
>              };
>              let mut ticket_info = None;
>              if use_ticket_cache {
> -                ticket_info = load_ticket_info(options.prefix.as_ref().unwrap(), server, userid);
> +                ticket_info = load_ticket_info(options.prefix.as_ref().unwrap(), &server, userid);
>              }
>              if let Some((ticket, _token)) = ticket_info {
>                  ticket
> -- 
> 2.20.1