TYPO3 Core

We're relying on the IPv4 implementation of t3lib_div::cmpIP() in an extension to check access based on the request IP. This works fine for single IP addresses as for whole subnets, see example:

$validIpv4Addresses = '192.168.99.100,192.168.100.0/24';
$result = t3lib_div::cmpIP('192.168.100.42', $validIpV4Addresses);
=> $result == TRUE (matches the subnet)

The documentation of the cmpIP() method sounds like the same is/should be possible for IPv6 addresses and subnets, too. But it doesn't work as expected, at least not if you want to check against a whole subnet.

$validIpv6Addresses = '2001:67c:690:302/64';
$result = t3lib_div::cmpIP('2001:67c:690:302::100', $validIpV6Addresses);
=> $result == FALSE (the IPv6-address-string with the subnet does not pass t3lib_div::validIPv6() method call)

When looking at the code within cmpIPv6() it looks like whole subnets would be taken into account. But as the string '2001:67c:690:302/64' is not treated as a valid IPv6 address in validIPv6(), the whole further checking / address expansion of the subnet are not executed at all.

I think this should be changed to work similar to the variant in IPv4.