[
https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12504991
]
Dag H. Wanvik commented on DERBY-2811:
--------------------------------------
Checking up on IPv6 address syntax a bit, I see the
unspecified address in IPv6 can also be legally written, say, as
0:0:0:0:0:0:0:0 (preferred form)
and in many other ways, I think, cf. http://www.faqs.org/rfcs/rfc2373.html, sec
2.2.
The form "::" is a special syntax for a sequence of consecutive
of zeros in an IPv6 address (can be used only once).
The rfc mentions both "0:0:0:0:0:0:0:0" and "::" as examples on "unspecified
address".
For that matter, I guess even in IPv4, one could use leading zeros..
000.000.000.000
so for a safe recognition of "unspecified address" one would need to parse the
IP address fully.
> Specifying -h 0.0.0.0 with default security manager bars clients from
> connecting from any host
> ----------------------------------------------------------------------------------------------
>
> Key: DERBY-2811
> URL: https://issues.apache.org/jira/browse/DERBY-2811
> Project: Derby
> Issue Type: Bug
> Components: Network Server, Security
> Affects Versions: 10.3.0.0
> Reporter: Dag H. Wanvik
> Assignee: Rick Hillegas
> Attachments: derby-2811-01.diff
>
>
> The default policy file installed has this stanza:
> :
> permission java.net.SocketPermission "${derby.drda.host}:*", "accept";
> :
> Normally, specifying -h 0.0.0.0 to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
