dns_server: fix ipv6 check permission issue.

src/dns_server.c

@@ -3128,10 +3128,10 @@ static void _dns_server_ping_result(struct ping_host_struct *ping_host, const ch
 			return;
 		}
 
-		if (is_ipv6_ready) {
-			if (error == EADDRNOTAVAIL || errno == EACCES) {
+		if (is_ipv6_ready == 1 && (error == EADDRNOTAVAIL || errno == EACCES)) {
+			if (is_private_addr_sockaddr(addr, addr_len) == 0) {
 				is_ipv6_ready = 0;
-				tlog(TLOG_ERROR, "IPV6 is not ready, disable all ipv6 feature, recheck after %ds",
+				tlog(TLOG_WARN, "IPV6 is not ready, disable all ipv6 feature, recheck after %ds",
 					 IPV6_READY_CHECK_TIME);
 			}
 		}

src/util.c

@@ -376,6 +376,32 @@ int is_private_addr(const unsigned char *addr, int addr_len)
 	return 0;
 }
 
+int is_private_addr_sockaddr(struct sockaddr *addr, socklen_t addr_len)
+{
+	switch (addr->sa_family) {
+	case AF_INET: {
+		struct sockaddr_in *addr_in = NULL;
+		addr_in = (struct sockaddr_in *)addr;
+		return is_private_addr((const unsigned char *)&addr_in->sin_addr.s_addr, IPV4_ADDR_LEN);
+	} break;
+	case AF_INET6: {
+		struct sockaddr_in6 *addr_in6 = NULL;
+		addr_in6 = (struct sockaddr_in6 *)addr;
+		if (IN6_IS_ADDR_V4MAPPED(&addr_in6->sin6_addr)) {
+			return is_private_addr(addr_in6->sin6_addr.s6_addr + 12, IPV4_ADDR_LEN);
+		} else {
+			return is_private_addr(addr_in6->sin6_addr.s6_addr, IPV6_ADDR_LEN);
+		}
+	} break;
+	default:
+		goto errout;
+		break;
+	}
+
+errout:
+	return 0;
+}
+
 int getaddr_by_host(const char *host, struct sockaddr *addr, socklen_t *addr_len)
 {
 	struct addrinfo hints;

src/util.h

@@ -72,6 +72,8 @@ int generate_addr_map(const unsigned char *addr_from, const unsigned char *addr_
 
 int is_private_addr(const unsigned char *addr, int addr_len);
 
+int is_private_addr_sockaddr(struct sockaddr *addr, socklen_t addr_len);
+
 int getaddr_by_host(const char *host, struct sockaddr *addr, socklen_t *addr_len);
 
 int get_raw_addr_by_ip(const char *ip, unsigned char *raw_addr, int *raw_addr_len);