net/haproxy: Backend Server unable to use IPV6 Address. Syntax Checking fails.

[zombielinux]

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

• [X] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
• [X] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
• [X] The title contains the plugin to which this issue belongs

Describe the bug Setting a backend server's ip address to a valid IPV6 address results in a message like 'server $SERVER' : invalid character '$CHAR' in port number '$HEXTET' in '$IPV6_ADDRESS'

Adding brackets is impossible, otherwise the "Edit Server" dialog returns Please specify a valid servername or IP address.

To Reproduce Steps to reproduce the behavior:

1. Go to 'Services -> HAProxy -> Settings'
2. Click on 'Real Servers'
3. Click on 'Add'
4. Enter IPv6 address in 'Static Server -> IP or FQDN'

Expected behavior Expected IPV6 address to be accepted and syntax test to pass.

Additional context HAProxy is being used to load balance multiple servers not located on the OPNSense box. I see some validation on line 262 here, but it doesn't look like that's where the actual validation and parsing is taking place.

After sleeping on it, it seems the code (wherever it is) reads the string from right to left, and treats the first colon as the delineation between the server address and port number.

Environment OPNsense 21.7.7-amd64 Intel(R) Xeon(R) CPU E31225 @ 3.10GHz (4 cores)

[zombielinux]

Another update:

Link local addresses seem to work without issue. EXCEPT if the first digit in the last hextet is a letter (a-f). Therefore, the parsing check seems to work well as long as the last hextet of your address starts with a number. It WILL, however drop the last hextet.

Trailing a ': ' at the end of the backend address, however, works just fine.

[MPStudyly]

Another update:

Link local addresses seem to work without issue. EXCEPT if the first digit in the last hextet is a letter (a-f). Therefore, the parsing check seems to work well as long as the last hextet of your address starts with a number. It WILL, however drop the last hextet.

Trailing a ': ' at the end of the backend address, however, works just fine.

I think I just encountered this exact issue while trying to make an IPv6 only host available via public IPv4. Your hint about the workaround seems to work just fine, even though the final config actually contains this trailing ':' instead of it being removed somewhen along the way. Is this expected or did this behavior actually change?