Bug #6918
closed
Javascript Lowercase for IPv6 addresses prevents use of aliases with capital letters
100%
Description
If you have an alias, say "Blah", and try to enter it in a field on a firewall rule, it is automatically translated to lowercase in JavaScript. Since "blah" is not the name of the alias (they are case-sensitive), input validation fails.
Affects master, RELENG_2_3 (2.3.3), and RELENG_2_3_2 (2.3.2_x).
Updated by Andrew - about 8 years ago
Yes. Confirmed on:
2.3.3-DEVELOPMENT (amd64)
built on Fri Nov 11 16:36:08 CST 2016
FreeBSD 10.3-RELEASE-p12
This essentially prevents creating any rules/NAT etc with aliases with capital letters, so a major issue!
Thanks.
Updated by Phillip Davis about 8 years ago
See pull request https://github.com/pfsense/pfsense/pull/3225 for a suggested fix.
Updated by Jim Pingle about 8 years ago
- Status changed from New to Feedback
The PR looks good, appears to do the proper thing in each case. I just merged it in.
Updated by Phillip Davis about 8 years ago
- % Done changed from 0 to 100
Applied in changeset 9444a281f051e11d5456cc37b2a3f56fc8a7bc33.
Updated by
Updated by Kill Bill about 8 years ago
I'm sorry but this is still broken. I go to Firewall - NAT - Port Forward, there's a rule with an alias called "RAS" used for source. On clicking edit, it gets lowercased to "ras". On saving, it naturally bombs out with "ras is not a valid source IP address or alias."
What's the point of all this messing with letter case?! :(
Updated by Jim Pingle about 8 years ago
- Status changed from Feedback to New
- Assignee changed from Jim Pingle to Anonymous
There are more related pending PRs that may help, but I was talking to sbeaver earlier and he had some ideas on how it might be done better.
Kill Bill wrote:
What's the point of all this messing with letter case?! :(
IPv6 spec says addresses must be lowercase, so we have to find a way to properly handle these cases without breaking the spec.
Updated by Luiz Souza about 8 years ago
I reverted all these changes until the proper solution is committed.
The 'real' solution here is convert the IPv6 to binary in PHP (compress (?) in PHP dialect) after that, the IPv6 is sanitized and can be saved and printed as requested by spec.
Updated by Anonymous about 8 years ago
I have added a new function addretolower() to detect if a string is a valid IPv6 address, and if so convert it to lower case. I plan to make my way though the pages that need it over the next few days.