X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=authbind.git;a=blobdiff_plain;f=authbind.1;h=2cc5a7580760e953f252978c2bb0524bc899d180;hp=46abb3ab132b5d04b2759a8838bb216c68daf713;hb=c53d1583f0458572cbb113a33de9bc9280dd2817;hpb=1fe15d20963240b9cf021602eac927dfe97f7aaa

diff --git a/authbind.1 b/authbind.1
index 46abb3a..2cc5a75 100644
--- a/authbind.1
+++ b/authbind.1
@@ -89,13 +89,32 @@ Secondly, if that test fails to resolve the matter,
 is tested, in the same manner as above.  Here
 .I addr
 is as from
-.BR inet_ntop .
-Since this is not completely predictable for IPv6,
-for IPv6 a variant of
+.BR inet_ntop ,
+and
+.I port
+is the (local) TCP or UDP port number, expressed as an unsigned
+integer in the minimal non-zero number of digits.
+.PP
+Thirdly, for IPv6 only: since the textual representation from
+.B inet_ntop
+is complicated to predict, a variant of
 .I addr
-is also tested which does not contain any ommitted zeroes or colons.
+is also tested which does not use the double colon abbreviation:
+each 16-byte chunk expressed in the minimal nonzero number
+of hex digits (i.e. with leading zeroes removed), the chunks
+being separated by colons as is conventional.
+.PP
+So for example an attempt to bind to [2620:106:e002:f00f::21]:80
+would result in authbind calling
+.I access(2)
+on
+.B /etc/authbind/byport/80
+and then
+.B /etc/authbind/byaddr/2620:106:e002:f00f::21,80
+and then
+.BR /etc/authbind/byaddr/2620:106:e002:f00f:0:0:0:21,80 .
 .PP
-Thirdly, if the question is still unresolved, the file
+Fourthly, if the question is still unresolved, the file
 .BI /etc/authbind/byuid/ uid
 will be opened and read.  If the file does not exist then the binding
 is not authorised and
@@ -130,12 +149,6 @@ will fail with
 .B ENOENT
 .RI ( "No such file or directory" ).
 .PP
-In each case above,
-.TP
-.I port
-is the (local) TCP or UDP port number, expressed as an unsigned
-integer in the minimal non-zero number of digits, and
-.PP
 If a read error occurs, or the directory
 .B /etc/authbind
 cannot be accessed, then not only will
@@ -144,10 +157,10 @@ fail, but an error message will be printed to stderr.  Unrecognised
 lines in
 .BI /etc/authbind/byuid/ uid
 files are silently ignored (as are lines whose
-.I addr4
+.I addr
 has non-zero bits more than
 .I length
-from the top) or where
+from the top) or where some
 .I min
 is larger than
 .IR max .