Tilman Schmidt wrote:
>
> James Porter (webmaster@aeonflux.net) wrote:
> > Can squid 2.2-stable3 handle DOTLESS IP Address such as
> >
> > http://3626046468/ or http://3518332314/
> >
> > or http://3626046468/ab2/cybercards/moreinfo.html
> >
> > ?? It never can seem to resolve them. Yet I can traceroute to the
> > dotless
> > address just fine.
>
> That's an old bug in the inet_aton() function traceroute and many
> other programs use to convert the dotted-quad form of IP addresses
> into the internal form: it accepts syntactically incorrect input
> (like the dotless numbers you listed) and makes a valid IP address
> from it. As this bug has security implications (there are programs
> which assume that if a hostname doesn't contain a dot then it must
> be in the local domain) you should be grateful that Squid does not
> have it!
One of my Linux box (Kernel 2.0.34) is running Squid 2.2STABLE3,
and there's no problem with such URL (http://3626046468/) when I
commented the following line in my squid.conf:
#append_domain swh.sk
Benarson.
Received on Fri Sep 03 1999 - 02:45:12 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:14 MST