I quote RFC 1123 Section 2.1 [1] in full: <quote> 2.1 Host Names and Numbers The syntax of a legal Internet host name was specified in RFC-952 [DNS:4]. One aspect of host name syntax is hereby changed: the restriction on the first character is relaxed to allow either a letter or a digit. Host software MUST support this more liberal syntax. Host software MUST handle host names of up to 63 characters and SHOULD handle host names of up to 255 characters. Whenever a user inputs the identity of an Internet host, it SHOULD be possible to enter either (1) a host domain name or (2) an IP address in dotted-decimal ("#.#.#.#") form. The host SHOULD check the string syntactically for a dotted-decimal number before looking it up in the Domain Name System. DISCUSSION: This last requirement is not intended to specify the complete syntactic form for entering a dotted-decimal host number; that is considered to be a user-interface issue. For example, a dotted-decimal number must be enclosed within "[ ]" brackets for SMTP mail (see Section 5.2.17). This notation could be made universal within a host system, simplifying the syntactic checking for a dotted-decimal number. If a dotted-decimal number can be entered without such identifying delimiters, then a full syntactic check must be made, because a segment of a host domain name is now allowed to begin with a digit and could legally be entirely numeric (see Section 6.1.2.4). However, a valid host name can never have the dotted-decimal form #.#.#.#, since at least the highest-level component label will be alphabetic. </quote> In summary, if (4==sscanf(user_input, "%d.%d.%d.%d", a,b,c,d)) { // Its an dotted quad IP address, do further checks to // make sure its valid, eg. if (a<256 && b<256 ...) } else { // Its a DNS name, and it should supposedly contain some // alphabet character [a-z]. } Its not entirely clear to me what this means if its not a FQDN. Eg, what happens in the example, Debian bug #65041? Since hostname(1) is getting a local hostname (short format), I guess it should accept any alphanumeric character sequence (potentially multiple components, separated by dots). The only check needed for DNS names, then, is this: If there are exactly 4 '.' characters in user_input, ensure that the last component is not entirely numeric. I don't actually understand where this condition comes from. Seems bogus to me: who says 4 levels of DNS names can't all be numeric? -- Justin aptitude install iraf saods9 eclipse xpa sextractor x11iraf wcstools pyraf http://www.justinpryzby.com/debian/ References [1] http://www.faqs.org/rfcs/rfc1123.html
Attachment:
signature.asc
Description: Digital signature