https://bugzilla.mindrot.org/show_bug.cgi?id=2846
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|3302 | --- Comment #12 from Damien Miller <[email protected]> --- actually, this is really fiddly to do properly. We can't reliably roundtrip through getaddrinfo/getnameinfo because the PermitOpen directives may refer to addresses scoped to interfaces that may happen not to be available at the time of sshd_config parsing (e.g. some sort of ephemeral tunnel interface). Attempting to scrub these addresses this way could cause them to be incorrectly rejected. So a better heuristic would be to detect the hostname case (i.e. not path and not address) and only lowercase those. We'd also need to do the same to hostnames coming in for forwarding requests, subject to similar rules. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3302 [Bug 3302] Tracking bug for openssh-8.7 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
