problem with DNS lookups on non-IPv4-only-mode?
Damien Miller
djm at mindrot.org
Thu Jun 10 08:11:05 EST 2004
Dan Kaminsky wrote:
> 2) Doing a DNS lookup for a non-existent target.
That will freeze, because there isn't a good cross-platform async
DNS API.
> This is ultimately a fundamental weakness in the sshd architecture,
I don't think this is an architectural problem - we already do
everything else in an event-driven manner, If there was a decent
async DNS API we could do this too.
It would be possible to fake one up - fork a child for DNS resolution
and have it send back a list of { af, addr }. One would need to be
careful wrt limits on the number of such children, reaping them, etc.
> the only ironclad solution
For now, don't use hostname is forwarding specifications.
-d
More information about the openssh-unix-dev
mailing list