Bug#65041: rfc1123

To: 65041@bugs.debian.org
Cc: gotom@debian.or.jp
Subject: Bug#65041: rfc1123
From: Justin Pryzby <justinpryzby@users.sourceforge.net>
Date: Tue, 3 Aug 2004 13:17:22 -0400
Message-id: <[🔎] 20040803171722.GA15424@andromeda>
Reply-to: Justin Pryzby <justinpryzby@users.sourceforge.net>, 65041@bugs.debian.org

I quote RFC 1123 Section 2.1 [1] in full:

<quote>
   2.1  Host Names and Numbers

      The syntax of a legal Internet host name was specified in RFC-952
      [DNS:4].  One aspect of host name syntax is hereby changed: the
      restriction on the first character is relaxed to allow either a
      letter or a digit.  Host software MUST support this more liberal
      syntax.

      Host software MUST handle host names of up to 63 characters and
      SHOULD handle host names of up to 255 characters.

      Whenever a user inputs the identity of an Internet host, it SHOULD
      be possible to enter either (1) a host domain name or (2) an IP
      address in dotted-decimal ("#.#.#.#") form.  The host SHOULD check
      the string syntactically for a dotted-decimal number before
      looking it up in the Domain Name System.

      DISCUSSION:
           This last requirement is not intended to specify the complete
           syntactic form for entering a dotted-decimal host number;
           that is considered to be a user-interface issue.  For
           example, a dotted-decimal number must be enclosed within
           "[ ]" brackets for SMTP mail (see Section 5.2.17).  This
           notation could be made universal within a host system,
           simplifying the syntactic checking for a dotted-decimal
           number.

           If a dotted-decimal number can be entered without such
           identifying delimiters, then a full syntactic check must be
           made, because a segment of a host domain name is now allowed
           to begin with a digit and could legally be entirely numeric
           (see Section 6.1.2.4).  However, a valid host name can never
           have the dotted-decimal form #.#.#.#, since at least the
           highest-level component label will be alphabetic.
</quote>

In summary,

	if (4==sscanf(user_input, "%d.%d.%d.%d", a,b,c,d)) {
		// Its an dotted quad IP address, do further checks to
		// make sure its valid, eg. if (a<256 && b<256 ...)
	} else {
		// Its a DNS name, and it should supposedly contain some
		// alphabet character [a-z].
	}

Its not entirely clear to me what this means if its not a FQDN.  Eg,
what happens in the example, Debian bug #65041?  Since hostname(1) is
getting a local hostname (short format), I guess it should accept any
alphanumeric character sequence (potentially multiple components,
separated by dots).

The only check needed for DNS names, then, is this:

	If there are exactly 4 '.' characters in user_input, ensure that
	the last component is not entirely numeric.

I don't actually understand where this condition comes from.  Seems
bogus to me: who says 4 levels of DNS names can't all be numeric?

-- 
Justin
aptitude install iraf saods9 eclipse xpa sextractor x11iraf wcstools pyraf
http://www.justinpryzby.com/debian/

References

[1] http://www.faqs.org/rfcs/rfc1123.html

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Processed: tagging 245836
Next by Date: Re: libc6-dbg
Previous by thread: Processed: tagging 245836
Next by thread: Re: libc6-dbg
Index(es):
- Date
- Thread