[IPv6] [RegisterThrottle] registration_ip.ipaddress field truncates IPv6 addresses
[IPv6] [RegisterThrottle] registration_ip.ipaddress field truncates IPv6 addresses
| Issue ID: | 2981 |
| Issue Category: | bug |
| Component: | plugin |
| Priority: | normal |
| Status: | active |
| Assigned: | Unassigned |
Clients connecting to a server over IPv6 will have their IPv6 address recorded; however registration_ip.ipaddress is only a 15-character field.
This leads to truncation such as:
+---------+-----------------+---------------------+
| user_id | ipaddress | created |
+---------+-----------------+---------------------+
| 524 | fe80::21c:42ff: | 2011-01-05 12:17:52 |
+---------+-----------------+---------------------+
when the full address is something like fe80::21c:42ff:fe00:8 or even longer.
This means that querying the database for a matching address will fail, allowing IPv6 clients to evade the throttle.
(Most internet sites will still be on IPv4 at this time so it's not a huge deal, but it makes testing more difficult as LANs often auto-configure local IPv6.)
Updates
#1
The longest IPv6 address is 39 characters right? Including the colons without netmask. To make it possible to use netmasks (maybe filter on blocks in the future), 4 more characters may be added, resulting in 43 characters maximum length.
To enable this, RegisterThrottle's database should be updated to allow for 43 characters stored in the table registration_ip and column 'ipaddress'. An easy fix.
Are there any other recommended ways of doing this? Maybe avoid using a varchar field and store byte values etc... But that'd require more rewriting and as such is less desirable.
You can also subscribe to the
RSS feed for updates to this issue.