openssh-2.9p2, short hostnames
Hans Werner Strube
strube at physik3.gwdg.de
Tue Oct 2 01:08:53 EST 2001
> For systems where the local hostname is obtained as a short name without
> domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x
> from ssh.com.
Below there is a patch which implements this. But it does not abort (as
ssh-3.x does) if the host name is not FQDN, since within the local net
there is no need for this. By making the config entry conditional for names
with dots, a short "chost" name can be used within the local net and the
FQDN otherwise:
Host *.*
DefaultDomain my.local.net
Host *
# no DefaultDomain
> For the server, there might be a corresponding option in order to strip
> the domain name from the remote client name (if it matches the server's
> DefaultDomain) for use in auth_rhost2, since netgroups usually contain
> short names in this case.
If the resolvedname in auth2.c is short, this is not necessary if either a
short chost is used by the client (with the trailing dot stripped in auth2.c,
see thread "openssh-2.9.p2, auth2.c") or if HostbasedUsesNameFromPacketOnly
is *not* used in the server.
Patch (the line numbers are for 2.9.9p2):
*** readconf.c.ORI Thu Sep 20 02:57:56 2001
--- readconf.c Mon Oct 1 15:17:47 2001
***************
*** 116,121 ****
--- 116,122 ----
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
oClearAllForwardings
+ ,oDefaultDomain
} OpCodes;
/* Textual representations of the tokens. */
***************
*** 186,191 ****
--- 187,193 ----
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
{ "clearallforwardings", oClearAllForwardings },
+ { "defaultdomain", oDefaultDomain },
{ NULL, 0 }
};
***************
*** 488,493 ****
--- 490,499 ----
charptr = &options->smartcard_device;
goto parse_string;
+ case oDefaultDomain:
+ charptr = &options->default_domain;
+ goto parse_string;
+
case oProxyCommand:
charptr = &options->proxy_command;
string = xstrdup("");
***************
*** 793,798 ****
--- 799,805 ----
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->smartcard_device = NULL;
+ options->default_domain = NULL;
}
/*
*** readconf.h.ORI Thu Sep 20 02:57:56 2001
--- readconf.h Mon Oct 1 15:18:28 2001
***************
*** 101,106 ****
--- 101,107 ----
int num_remote_forwards;
Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
int clear_forwardings;
+ char *default_domain;
} Options;
*** sshconnect2.c.ORI Wed Sep 12 20:29:01 2001
--- sshconnect2.c Mon Oct 1 15:37:02 2001
***************
*** 842,850 ****
--- 842,859 ----
return 0;
}
len = strlen(p) + 2;
+ i = 0;
+ if (!strchr(p, '.') && options.default_domain) {
+ i = 1;
+ len += strlen(options.default_domain) + 1;
+ }
chost = xmalloc(len);
strlcpy(chost, p, len);
strlcat(chost, ".", len);
+ if(i > 0) {
+ strlcat(chost, options.default_domain, len);
+ strlcat(chost, ".", len);
+ }
debug2("userauth_hostbased: chost %s", chost);
/* check for a useful key */
for (i = 0; i < authctxt->nkeys; i++) {
More information about the openssh-unix-dev
mailing list