From a94be73154a7efefd465c13145fbdefb35003fae Mon Sep 17 00:00:00 2001 From: sukun Date: Mon, 10 Jul 2023 17:27:17 +0530 Subject: [PATCH 1/3] fix nat64 well-known prefix check --- net/ip.go | 18 ++++++++++++------ net/ip_test.go | 5 +++++ 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/net/ip.go b/net/ip.go index f4b7275..849a077 100644 --- a/net/ip.go +++ b/net/ip.go @@ -1,7 +1,6 @@ package manet import ( - "bytes" "net" ma "github.com/multiformats/go-multiaddr" @@ -118,13 +117,20 @@ func zoneless(m ma.Multiaddr) ma.Multiaddr { } } -var NAT64WellKnownPrefix = [4]byte{0x0, 0x64, 0xff, 0x9b} +var NAT64WellKnownPrefix *net.IPNet -// IsNAT64IPv4ConvertedIPv6Addr returns whether addr is an IPv6 address that begins with -// the well-known prefix "64:ff9b" used for NAT64 Translation -// see RFC 6052 +func init() { + var err error + _, NAT64WellKnownPrefix, err = net.ParseCIDR("64:ff9b::/96") + if err != nil { + panic(err) + } +} + +// IsNAT64IPv4ConvertedIPv6Addr returns whether addr is a well-known prefix "64:ff9b::/96" addr +// used for NAT64 Translation. See RFC 6052 func IsNAT64IPv4ConvertedIPv6Addr(addr ma.Multiaddr) bool { c, _ := ma.SplitFirst(addr) return c != nil && c.Protocol().Code == ma.P_IP6 && - bytes.HasPrefix(c.RawValue(), NAT64WellKnownPrefix[:]) + NAT64WellKnownPrefix.Contains(net.IP(c.RawValue())) } diff --git a/net/ip_test.go b/net/ip_test.go index a388d75..9aa9954 100644 --- a/net/ip_test.go +++ b/net/ip_test.go @@ -33,6 +33,11 @@ func TestIsWellKnownPrefixIPv4ConvertedIPv6Address(t *testing.T) { want: true, failureReason: "ip6 address begins with well-known prefix", }, + { + addr: ma.StringCast("/ip6/64:ff9b::1:192.0.1.2/tcp/1234"), + want: false, + failureReason: "64:ff9b::1 is not well-known prefix", + }, } for i, tc := range cases { t.Run(fmt.Sprintf("%d", i), func(t *testing.T) { From 264cf79c65d706002f5b8f98e294b88d892d78c9 Mon Sep 17 00:00:00 2001 From: sukun Date: Tue, 11 Jul 2023 01:09:15 +0530 Subject: [PATCH 2/3] don't use pointer --- net/ip.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/ip.go b/net/ip.go index 849a077..30ff37d 100644 --- a/net/ip.go +++ b/net/ip.go @@ -117,14 +117,15 @@ func zoneless(m ma.Multiaddr) ma.Multiaddr { } } -var NAT64WellKnownPrefix *net.IPNet +var NAT64WellKnownPrefix net.IPNet func init() { var err error - _, NAT64WellKnownPrefix, err = net.ParseCIDR("64:ff9b::/96") + _, np, err := net.ParseCIDR("64:ff9b::/96") if err != nil { panic(err) } + NAT64WellKnownPrefix = *np } // IsNAT64IPv4ConvertedIPv6Addr returns whether addr is a well-known prefix "64:ff9b::/96" addr From 29a03fac780a5640cf467ccb3f5bdbfe3b18b218 Mon Sep 17 00:00:00 2001 From: sukun Date: Tue, 11 Jul 2023 01:19:40 +0530 Subject: [PATCH 3/3] make NAT64WellKnownPrefix private --- net/ip.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/ip.go b/net/ip.go index 30ff37d..66f9197 100644 --- a/net/ip.go +++ b/net/ip.go @@ -117,15 +117,14 @@ func zoneless(m ma.Multiaddr) ma.Multiaddr { } } -var NAT64WellKnownPrefix net.IPNet +var nat64WellKnownPrefix net.IPNet func init() { - var err error _, np, err := net.ParseCIDR("64:ff9b::/96") if err != nil { panic(err) } - NAT64WellKnownPrefix = *np + nat64WellKnownPrefix = *np } // IsNAT64IPv4ConvertedIPv6Addr returns whether addr is a well-known prefix "64:ff9b::/96" addr @@ -133,5 +132,5 @@ func init() { func IsNAT64IPv4ConvertedIPv6Addr(addr ma.Multiaddr) bool { c, _ := ma.SplitFirst(addr) return c != nil && c.Protocol().Code == ma.P_IP6 && - NAT64WellKnownPrefix.Contains(net.IP(c.RawValue())) + nat64WellKnownPrefix.Contains(net.IP(c.RawValue())) }