fix(dns): Ignore link-local IPv6 address #99
No reviewers
Labels
No Label
Bug
Contributions welcome
Did not do
Duplicate
Feature
Module
Backups
Module
GraphQL
Priority
High
Priority
Low
Priority
Medium
Refactor
Severity
High
Severity
Low
Severity
Medium
No Milestone
No project
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: SelfPrivacy/selfprivacy-rest-api#99
Loading…
Reference in New Issue
There is no content yet.
Delete Branch "inex/fix-linklocal-ipv6"
Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?
Fixes a bug that caused some servers being inaccessible via IPv6 (because we deployed link-local addresses to the DNS provider...)
https://en.wikipedia.org/wiki/Link-local_address
@inex, does this fix currently work on DIgitalOcean deployments only? As we know NixOS machines on Hetzner currently lack public IPv6 on network interface.
With this fix. on Hetzner, the server won't advertise the AAAA records at all, if the proper IPv6 not found.
@ -45,2 +44,4 @@
return None
@staticmethod
def get_subdomain() -> str | None:
use Optional here
@ -25,2 +25,3 @@
)
ip6 = re.search(r"inet6 (\S+)\/\d+", ip6)
# We ignore link-local addresses
ip6 = re.search(r"inet6 (?!fe80:\S+)(\S+)\/\d+", ip6)
This is a convoluted regex that is hard to read and thus errorprone.
You may want to separate it in 2 filtering steps for it to be more understandable.
So you first get ALL ipv addresses, and then you get the global one.
I think the best would be to introduce is_local(ipv6: str) function
It may be a bit more code but it will be very clear what it does and how, and it can be reused somewhere else, too.
Maybe even better is to use python's builtin ipaddress library for address validation and classification.
@ -170,3 +170,3 @@
# more detailed testing of this is in test_graphql/test_system.py
def test_mailserver_with_dkim_returns_some_dns(dkim_file):
records = MailServer().get_dns_records()
records = MailServer().get_dns_records("203.0.113.3", "2001:db8::1")
Make a comment/variable name that mark these addresses as not important. (I got a bit confused here and tried to understand where they came from before consulting the function again)
@ -24,3 +25,3 @@
"utf-8"
)
ip6 = re.search(r"inet6 (\S+)\/\d+", ip6)
ip6 = re.findall(r"inet6 (\S+)\/\d+", ip6)
rename to ip6_addresses or something else plural