openssh-2.9p2, short hostnames

Hans Werner Strube strube at physik3.gwdg.de
Tue Oct 2 01:08:53 EST 2001


> For systems where the local hostname is obtained as a short name without
> domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x
> from ssh.com.
Below there is a patch which implements this. But it does not abort (as
ssh-3.x does) if the host name is not FQDN, since within the local net
there is no need for this. By making the config entry conditional for names
with dots, a short "chost" name can be used within the local net and the
FQDN otherwise:
Host *.*
   DefaultDomain my.local.net
Host *
#  no DefaultDomain

> For the server, there might be a corresponding option in order to strip
> the domain name from the remote client name (if it matches the server's
> DefaultDomain) for use in auth_rhost2, since netgroups usually contain
> short names in this case.
If the resolvedname in auth2.c is short, this is not necessary if either a
short chost is used by the client (with the trailing dot stripped in auth2.c,
see thread "openssh-2.9.p2, auth2.c") or if HostbasedUsesNameFromPacketOnly
is *not* used in the server.

Patch (the line numbers are for 2.9.9p2):
*** readconf.c.ORI	Thu Sep 20 02:57:56 2001
--- readconf.c	Mon Oct  1 15:17:47 2001
***************
*** 116,121 ****
--- 116,122 ----
  	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
  	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
  	oClearAllForwardings
+ 	,oDefaultDomain
  } OpCodes;
  
  /* Textual representations of the tokens. */
***************
*** 186,191 ****
--- 187,193 ----
  	{ "bindaddress", oBindAddress },
  	{ "smartcarddevice", oSmartcardDevice },
  	{ "clearallforwardings", oClearAllForwardings }, 
+ 	{ "defaultdomain", oDefaultDomain }, 
  	{ NULL, 0 }
  };
  
***************
*** 488,493 ****
--- 490,499 ----
  		charptr = &options->smartcard_device;
  		goto parse_string;
  
+ 	case oDefaultDomain:
+ 		charptr = &options->default_domain;
+ 		goto parse_string;
+ 
  	case oProxyCommand:
  		charptr = &options->proxy_command;
  		string = xstrdup("");
***************
*** 793,798 ****
--- 799,805 ----
  	options->preferred_authentications = NULL;
  	options->bind_address = NULL;
  	options->smartcard_device = NULL;
+ 	options->default_domain = NULL;
  }
  
  /*
*** readconf.h.ORI	Thu Sep 20 02:57:56 2001
--- readconf.h	Mon Oct  1 15:18:28 2001
***************
*** 101,106 ****
--- 101,107 ----
  	int     num_remote_forwards;
  	Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
  	int	clear_forwardings;
+ 	char	*default_domain;
  }       Options;
  
  
*** sshconnect2.c.ORI	Wed Sep 12 20:29:01 2001
--- sshconnect2.c	Mon Oct  1 15:37:02 2001
***************
*** 842,850 ****
--- 842,859 ----
  		return 0;
  	}
  	len = strlen(p) + 2;
+ 	i = 0;
+ 	if (!strchr(p, '.') && options.default_domain) {
+ 		i = 1;
+ 		len += strlen(options.default_domain) + 1;
+ 	}
  	chost = xmalloc(len);
  	strlcpy(chost, p, len);
  	strlcat(chost, ".", len);
+ 	if(i > 0) {
+ 		strlcat(chost, options.default_domain, len);
+ 		strlcat(chost, ".", len);
+ 	}
  	debug2("userauth_hostbased: chost %s", chost);
  	/* check for a useful key */
  	for (i = 0; i < authctxt->nkeys; i++) {



More information about the openssh-unix-dev mailing list