Re: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused client hostname
- In reply to: Ed Maste : "git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused client hostname"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 19 Dec 2023 18:28:50 UTC
Ed, On Mon, Dec 18, 2023 at 05:36:17PM +0000, Ed Maste wrote: E> The branch stable/13 has been updated by emaste: E> E> URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433 E> E> commit 0fbec53dcfb8d31aa2e3734992e241422e152433 E> Author: Gleb Smirnoff <glebius@FreeBSD.org> E> AuthorDate: 2023-07-20 21:56:20 +0000 E> Commit: Ed Maste <emaste@FreeBSD.org> E> CommitDate: 2023-12-18 17:35:47 +0000 E> E> sshd: do not resolve refused client hostname E> E> This is a compromise between POLA and practical reasoning. We don't E> want to block the main server loop in an attempt to resolve. But we E> need to keep the format of the logged message as is, for sake of E> sshguard and other scripts. So let's print just the IP address twice, E> this is what libwrap's refuse() would do if it failed to resolve. E> E> Reviewed by: philip E> PR: 269456 E> Differential revision: https://reviews.freebsd.org/D40069 E> E> (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225) You probably also want to merge 1d9722de6f90c3edf286b077938bfa696e728d6c -- Gleb Smirnoff