openssh bugs - Oct 2006 - [Bug 1248] bug with HostbasedUsesNameFromPacketOnly

http://bugzilla.mindrot.org/show_bug.cgi?id=1248

           Summary: bug with HostbasedUsesNameFromPacketOnly
           Product: Portable OpenSSH
           Version: 4.4p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: res at qoxp.net


The server-side hostbased authentication logic strips any trailing dot
from the hostname supplied in the authentication request, which makes
sense because no one will enter hostnames with trailing dots in their
known-hosts lists.

The option HostbasedUsesNameFromPacketOnly has sshd skip checking the
reverse-lookup name of the client IP address against the
client-supplied hostname.  However, the current code also skips
removing the trailing dot, the result of which is that hostbased
authentication fails completely, unless you go and add dots to all your
hostnames in the known-hosts file.

I am including a patch to fix this behavior.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1248





------- Comment #1 from res at qoxp.net  2006-10-05 08:53 -------
Created an attachment (id=1198)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1198&action=view)
proposed patch




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1248


res at qoxp.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |res at qoxp.net




------- Comment #2 from res at qoxp.net  2006-10-05 08:54 -------
adding cc: myself




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1248


res at qoxp.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |DUPLICATE




------- Comment #3 from res at qoxp.net  2006-10-05 09:01 -------
Hm.  Completely forgot that I had already submitted this a few months
ago.

*** This bug has been marked as a duplicate of bug 1200 ***




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1248


dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED




------- Comment #4 from dtucker at zip.com.au  2006-10-07 11:46 -------
Change all RESOLVED bug to CLOSED with the exception of the ones fixed
post-4.4.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.