openssh bugs - Apr 2018 - [Bug 2857] New: ssh 7.7p1 does not find SSHFP records unless you supply the canonical hostname

https://bugzilla.mindrot.org/show_bug.cgi?id=2857

            Bug ID: 2857
           Summary: ssh 7.7p1 does not find SSHFP records unless you
                    supply the canonical hostname
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: FreeBSD
            Status: NEW
          Severity: major
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mindrot10 at xse.com

After upgrading from 7.6p1 to 7.7p1 via the FreeBSD port I found SSHFP
records were not being found unless the canonical, fully qualified
domain is used. Looking at dns queries, 7.6p1 correctly uses my the dns
search path and once it figures out the FQDN, it uses it to look up A,
AAAA and SSHFP records. 7.7p1 finds the FQDN and is able to look up the
A and AAAA records but uses the non-canonical version of the hostname
when looking up the SSHFP records.

I see that this block moved from main() to ssh_session2():

        /* Find canonic host name. */
        if (strchr(host, '.') == 0) {
                struct addrinfo hints;
                struct addrinfo *ai = NULL;
                int errgai;
                memset(&hints, 0, sizeof(hints));
                hints.ai_family = options.address_family;
                hints.ai_flags = AI_CANONNAME;
                hints.ai_socktype = SOCK_STREAM;
                errgai = getaddrinfo(host, NULL, &hints, &ai);
                if (errgai == 0) {
                        if (ai->ai_canonname != NULL)
                                host = xstrdup(ai->ai_canonname);
                        freeaddrinfo(ai);
                }
        }

I'm not sure why it was moved but it's the cause of this issue.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2857

Craig Leres <mindrot10 at xse.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED

--- Comment #1 from Craig Leres <mindrot10 at xse.com> ---
Oops. It looks like the real issue is with a broken FreeBSD port patch
and not with openssh-portable 7.7p1. Sorry for the noise!

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2857

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.