HomeFreeBSD
Diffusion FreeBSD src repository 0fbec53dcfb8

sshd: do not resolve refused client hostname
0fbec53dcfb8
Actions

Description

sshd: do not resolve refused client hostname

This is a compromise between POLA and practical reasoning. We don't
want to block the main server loop in an attempt to resolve. But we
need to keep the format of the logged message as is, for sake of
sshguard and other scripts. So let's print just the IP address twice,
this is what libwrap's refuse() would do if it failed to resolve.

Reviewed by: philip
PR: 269456
Differential revision: https://reviews.freebsd.org/D40069

(cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225)

Details

Provenance
glebiusAuthored on Jul 20 2023, 9:56 PM
emasteCommitted on Dec 18 2023, 5:35 PM
Reviewer
philip
Differential Revision
D40069: sshd: do not resolve refused client hostname
Parents
rG052f6ec95bf5: sshd: remove unneeded initialization of libwrap logging severities
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
crypto/
openssh/

rG0fbec53dcfb8

View Options

crypto/openssh/sshd.c

Loading...