[Bug 2516] ssh client shouldn't trust the DNS AD bit blindly

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Jul 8 14:26:51 AEST 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2516

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WONTFIX
             Status|NEW                         |RESOLVED

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Like I said, it's up to the resolver code. OpenSSH doesn't implement
name resolution.

We couldn't implement this even if we wanted to*, as the libc resolver
doesn't expose the AD information to its callers. 

* short of implementing a full resolver in OpenSSH, which isn't going
to happen.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list