[PATCH] Use canonical hostname for DNS SSHFP lookup

Damien Miller djm at mindrot.org
Sat Apr 2 08:11:31 EST 2011


On Fri, 1 Apr 2011, Iain Morgan wrote:

> > I have just learned that Windows 7 has a flag that does exactly what we
> > need here: AI_FQDN. This is its description:
> > 
> > > If the AI_FQDN is set and a flat name (single label) is specified,
> > > GetAddrInfoW will return the fully qualified domain name that the name
> > > eventually resolved to. The fully qualified domain name is returned in
> > > the ai_canonname member in the associated addrinfoW structure. This
> > > is different than AI_CANONNAME bit flag that returns the canonical
> > > name registered in DNS which may be different than the fully qualified
> > > domain name that the flat name resolved to. Only one of the AI_FQDN
> > > and AI_CANONNAME bits can be set. The GetAddrInfoW function will fail
> > > if both flags are present with EAI_BADFLAGS.
> > 
> > Now we just need the Unix variants to follow...
> > 
> > -d
> > _______________________________________________
> 
> Perhaps OpenBSD 5.0 can start the trend? ;-)

A colleague is already working on it :)


More information about the openssh-unix-dev mailing list