https://bugzilla.mindrot.org/show_bug.cgi?id=2846
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2852 CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> --- It would be better to compare FQDNs case-insensitively. There are some corner cases that make implementation a bit more tricky: The same ForwardPermission members are used for FQDNs, addresses (which are treated as strings anyway) and Unix domain socket paths. FQDNs are the only ones of these that should be simply compared case-insensitively. Paths are obviously case-sensitive, but surprisingly addresses can be too: IPv6 addresses may have an interface scope that is case-sensitive on some platforms. See bug #2763 for an example of this. IMO the best way to approach this would be when we are parsing the configuration by doing something similar to what ssh does with hostnames. If it's a Unix domain socket path, leave it alone. If it looks like address, give it a round-trip through getaddrinfo w/AI_NUMERICHOST and getnameinfo. To render it as a canonical string. Otherwise, it's a fqdn and lowercase it. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2852 [Bug 2852] Tracking bug for OpenSSH 7.8 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
