(ommitted for IPv4; the fixed string
.B 6
for IPv6).
-The address and port should be hex strings,
+.I addr4-hex
+and
+.I port-hex
+should be hex strings,
.I without
leading
.BR 0x ,
-of exactly the right length (8 or 32, and 4, digits, respectively), being
-a pairs of hex digits for each byte in the address or port number when
+of exactly the right length (8 and 4 digits, respectively), being
+a pair of hex digits for each byte in the address or port number when
expressed in host byte order. For example, the port argument is the
result of something like
.B sprintf(arg,
.B """%04X"",
.BR sin.sin_port) .
+.I addr6-hex
+should be a string of 32 hex digits, being a pair for each byte in
+the address, in network byte order.
.SH EXIT STATUS
.B helper
will exit with code 0 on success.
is tested, in the same manner as above. Here
.I addr
is as from
-.BR inet_ntop .
-Since this is not completely predictable for IPv6,
-for IPv6 a variant of
+.BR inet_ntop ,
+and
+.I port
+is the (local) TCP or UDP port number, expressed as an unsigned
+integer in the minimal non-zero number of digits.
+.PP
+Thirdly, for IPv6 only: since the textual representation from
+.B inet_ntop
+is complicated to predict, a variant of
.I addr
-is also tested which does not contain any ommitted zeroes or colons.
+is also tested which does not use the double colon abbreviation:
+each 16-byte chunk expressed in the minimal nonzero number
+of hex digits (i.e. with leading zeroes removed), the chunks
+being separated by colons as is conventional.
.PP
-Thirdly, if the question is still unresolved, the file
+Fourthly, if the question is still unresolved, the file
.BI /etc/authbind/byuid/ uid
will be opened and read. If the file does not exist then the binding
is not authorised and
.B ENOENT
.RI ( "No such file or directory" ).
.PP
-In each case above,
-.TP
-.I port
-is the (local) TCP or UDP port number, expressed as an unsigned
-integer in the minimal non-zero number of digits, and
-.PP
If a read error occurs, or the directory
.B /etc/authbind
cannot be accessed, then not only will
lines in
.BI /etc/authbind/byuid/ uid
files are silently ignored (as are lines whose
-.I addr4
+.I addr
has non-zero bits more than
.I length
-from the top) or where
+from the top) or where some
.I min
is larger than
.IR max .
+authbind (2.1.0~~iwj) unstable; urgency=low
+
+ * Permissions file lines can contain IPv6 mask/length.
+ * Permissions file lines need only contain one port number.
+ * Manpage improvements.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sun, 03 Jun 2012 12:27:49 +0100
+
authbind (2.0.1) unstable; urgency=low
Bugfix: