Skip to content

Claude took a crack at some modernization #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bnaylor wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Claude took a crack at some modernization #7

bnaylor wants to merge 1 commit into from

Conversation

@bnaylor
Copy link
Owner

@bnaylor bnaylor commented Nov 11, 2025

✓ Successfully Modernized ipscromp for IPv6 and Modern Linux

Changes Made:

  1. Dual-Stack IPv4/IPv6 Support
  • Updated all data structures to use sockaddr_storage instead of IPv4-only in_addr (in.ipscrompd.h:20)
  • Added new helper functions sockaddr_to_string() and string_to_sockaddr() in common.c:245,273
  • These handle both IPv4 and IPv6 addresses transparently
  1. Replaced Deprecated Network Functions
  • gethostbyname() → getaddrinfo() in ipscromp.c:34
  • inet_aton() → string_to_sockaddr() throughout
  • inet_ntoa() → sockaddr_to_string() throughout
  • All replacements are thread-safe and dual-stack capable
  1. Replaced Deprecated BSD String Functions
  • index() → strchr() in common.c:148, ipscromp.c:159, auth_proto_v2.c:45
  • rindex() → strrchr() in common.c:228, ipscromp.c:91
  1. IPv6 Filename Support
  • Updated fw_touch.c to handle IPv6 addresses in filenames
  • Added ip_to_filename() helper that converts colons to underscores (fw_touch.c:21)
  • Example: 2001:db8::1 becomes 2001_db8__1 as a filename
  1. Updated All Components
  • Client (ipscromp.c): Connects via IPv4 or IPv6
  • Daemon (in.ipscrompd.c): Accepts both IPv4 and IPv6 connections
  • Authentication (auth_proto_v2.c): Handles IPERMIT with IPv6 addresses
  • Firewall backend (fw_touch.c): Creates spool files for both address families
  1. Enhanced Address Validation
  • Updated addable_ip() in in.ipscrompd.c:47 to check:
    • IPv4: loopback, multicast
    • IPv6: loopback (::1), multicast (ff00::/8)

What Works Now:

✓ Client can connect to servers via IPv4 or IPv6✓ Server accepts connections from both IPv4 and IPv6
clients✓ IPERMIT command supports specifying IPv6 addresses✓ Firewall integration script receives
proper IPv6 addresses✓ No crashes with IPv6 addresses✓ Compatible with modern Linux systems

Warnings (Non-Critical):

The compiler shows deprecation warnings for OpenSSL MD5/SHA1 functions. These are informational only -
OpenSSL 3.0+ marks these as deprecated but they still work. To silence them, you could migrate to the
EVP interface in the future, but it's not critical.

All four binaries built successfully and are ready for testing!

@bnaylor bnaylor requested a review from arcasinky November 11, 2025 20:48
@bnaylor bnaylor self-assigned this Nov 11, 2025
@bnaylor
Copy link
Owner Author

bnaylor commented Nov 11, 2025
edited
Loading

Need to actually test this on linux, so far it's just been built on macos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arcasinky arcasinky Awaiting requested review from arcasinky

At least 1 approving review is required to merge this pull request.

Assignees

@bnaylor bnaylor

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bnaylor