Re: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused client hostname

In reply to: Ed Maste : "git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused client hostname"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Gleb Smirnoff <glebius_at_freebsd.org>
Date: Tue, 19 Dec 2023 18:28:50 UTC

  Ed,

On Mon, Dec 18, 2023 at 05:36:17PM +0000, Ed Maste wrote:
E> The branch stable/13 has been updated by emaste:
E> 
E> URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433
E> 
E> commit 0fbec53dcfb8d31aa2e3734992e241422e152433
E> Author:     Gleb Smirnoff <glebius@FreeBSD.org>
E> AuthorDate: 2023-07-20 21:56:20 +0000
E> Commit:     Ed Maste <emaste@FreeBSD.org>
E> CommitDate: 2023-12-18 17:35:47 +0000
E> 
E>     sshd: do not resolve refused client hostname
E>     
E>     This is a compromise between POLA and practical reasoning.  We don't
E>     want to block the main server loop in an attempt to resolve.  But we
E>     need to keep the format of the logged message as is, for sake of
E>     sshguard and other scripts.  So let's print just the IP address twice,
E>     this is what libwrap's refuse() would do if it failed to resolve.
E>     
E>     Reviewed by:            philip
E>     PR:                     269456
E>     Differential revision:  https://reviews.freebsd.org/D40069
E>     
E>     (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225)

You probably also want to merge 1d9722de6f90c3edf286b077938bfa696e728d6c

-- 
Gleb Smirnoff