sshd Failing New Inbound Connections
Steffen Nurpmeso
steffen at sdaoden.eu
Tue Mar 29 00:32:24 AEDT 2022
Hello Thorsten.
Thorsten Glaser wrote in
<cde1a8a-25b5-42d8-b4b-f1f595ea8bfc at tarent.de>:
|On Mon, 21 Mar 2022, Steffen Nurpmeso wrote:
|>|> actually even standardized that "octal numbers" are not supported
|>
|> ..inet_pton..
|
|Huh. Not that but inet_aton on GNU, and other functions apparently.
I did not know this one. But i want to go with standard ones,
otherwise i would have a parser myself, it is C++ but actually
that one is C. It requires "3 periods" for IPv4 though, and
always uses base 10.
|This is idiotic, and I guess the same POSIX that insists on octals
|for leading-zero numbers in shell, causing no small amount of bugs,
|is responsible. Hmph.
|
|>|> 127.000.000.001 in form fields etc.
|
|| $ ./a.out 226.000.000.037 # Last byte is in octal
|
|Given that these may be either decimal or octal, depending on where
|they come from, it’s probably for the best to reject them.
|
|(My RFC822-and-related-parser certainly does.)
Looking at the docu it seems even more strange, no end-user i know
would ever use octal or hexadecimal numbers in an IPv4 address,
let alone in a mixed fashion. I personally would only go for
"IPv4 dotted-decimal notation". Whatever.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the openssh-unix-dev
mailing list