openssh unix dev - May 2002 - [PATCH] Strip trailing . when using HostbasedUsesNameFromPacketOnly

The following simple patch (against openssh-3.1) moves the test for a
trailing dot in the client-supplied hostname so that it is also stripped
when using the server option HostbasedUsesNameFromPacketOnly.

Please CC me on any replies, as I'm not subscribed to the list.

Cheers,

   Bill Rugolsky

--- ssh/auth2.c~	Sun Feb 24 14:14:59 2002
+++ ssh/auth2.c	Wed May  8 16:26:26 2002
@@ -709,15 +709,15 @@
 	debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",
 	    chost, resolvedname, ipaddr);
 
+	if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') {
+		debug2("stripping trailing dot from chost %s", chost);
+		chost[len - 1] = '\0';
+	}
 	if (options.hostbased_uses_name_from_packet_only) {
 		if (auth_rhosts2(pw, cuser, chost, chost) == 0)
 			return 0;
 		lookup = chost;
 	} else {
-		if (((len = strlen(chost)) > 0) && chost[len - 1] == '.')
{
-			debug2("stripping trailing dot from chost %s", chost);
-			chost[len - 1] = '\0';
-		}
 		if (strcasecmp(resolvedname, chost) != 0)
 			log("userauth_hostbased mismatch: "
 			    "client sends %s, but we resolve %s to %s",

HostbasedUsesNameFromPacketOnly is not documented
and experimental only. not sure about wether
we should strip the dot.

On Wed, May 08, 2002 at 04:41:19PM -0400, Bill Rugolsky Jr.
wrote:
> The following simple patch (against openssh-3.1) moves the test for a
> trailing dot in the client-supplied hostname so that it is also stripped
> when using the server option HostbasedUsesNameFromPacketOnly.
> 
> Please CC me on any replies, as I'm not subscribed to the list.
> 
> Cheers,
> 
>    Bill Rugolsky
> 
> --- ssh/auth2.c~	Sun Feb 24 14:14:59 2002
> +++ ssh/auth2.c	Wed May  8 16:26:26 2002
> @@ -709,15 +709,15 @@
>  	debug2("userauth_hostbased: chost %s resolvedname %s ipaddr
%s",
>  	    chost, resolvedname, ipaddr);
>  
> +	if (((len = strlen(chost)) > 0) && chost[len - 1] ==
'.') {
> +		debug2("stripping trailing dot from chost %s", chost);
> +		chost[len - 1] = '\0';
> +	}
>  	if (options.hostbased_uses_name_from_packet_only) {
>  		if (auth_rhosts2(pw, cuser, chost, chost) == 0)
>  			return 0;
>  		lookup = chost;
>  	} else {
> -		if (((len = strlen(chost)) > 0) && chost[len - 1] ==
'.') {
> -			debug2("stripping trailing dot from chost %s", chost);
> -			chost[len - 1] = '\0';
> -		}
>  		if (strcasecmp(resolvedname, chost) != 0)
>  			log("userauth_hostbased mismatch: "
>  			    "client sends %s, but we resolve %s to %s",
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev