Diffusion FreeBSD src repository 9ff45b8ed847

sshd: do not resolve refused client hostname
9ff45b8ed847
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

sshd: do not resolve refused client hostname

This is a compromise between POLA and practical reasoning. We don't
want to block the main server loop in an attempt to resolve. But we
need to keep the format of the logged message as is, for sake of
sshguard and other scripts. So let's print just the IP address twice,
this is what libwrap's refuse() would do if it failed to resolve.

Reviewed by: philip
PR: 269456
Differential revision: https://reviews.freebsd.org/D40069

Details

Provenance

Authored on Jul 20 2023, 9:56 PM

Reviewer

Differential Revision

D40069: sshd: do not resolve refused client hostname

Parents

rG90f10db8a996: sshd: remove unneeded initialization of libwrap logging severities

Branches

Unknown

Tags

Unknown

Event Timeline

glebius committed rG9ff45b8ed847: sshd: do not resolve refused client hostname (authored by glebius).Jul 20 2023, 9:56 PM

glebius added an edge: D40069: sshd: do not resolve refused client hostname.Jul 20 2023, 9:59 PM

emaste mentioned this in rG0fbec53dcfb8: sshd: do not resolve refused client hostname.Dec 18 2023, 5:37 PM

Changes (1)

Path

Size

crypto/

openssh/

rG9ff45b8ed847

crypto/openssh/sshd.c

Loading...