[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Aug 8 09:56:00 AEST 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=1008

Colin Watson <cjwatson at debian.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |cjwatson at debian.org

--- Comment #15 from Colin Watson <cjwatson at debian.org> ---
I think it would make a degree of sense to move remote_hostname back to
canohost.c and give it external linkage.  The commit message for that
refactoring said that it was removing all the caching from canohost.c,
but only (auth_)get_canonical_hostname has that, not the underlying
remote_hostname function.

Given that, it's easy to make the GSSAPI bits use remote_hostname
rather than get_canonical_hostname, although I think it's best to also
make kex->gss_host be allocated rather than relying on sharing memory
with something else.  I've done this in the latest Debian patch set.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list