From nobody Tue Dec 19 18:28:50 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SvlZW6Rzvz54hPJ;
	Tue, 19 Dec 2023 18:28:51 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Received: from glebi.us (glebi.us [162.251.186.162])
	by mx1.freebsd.org (Postfix) with ESMTP id 4SvlZV6wXMz4Z02;
	Tue, 19 Dec 2023 18:28:50 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	spf=softfail (mx1.freebsd.org: 162.251.186.162 is neither permitted nor denied by domain of glebius@freebsd.org) smtp.mailfrom=glebius@freebsd.org;
	dmarc=none
Received: by glebi.us (Postfix, from userid 1000)
	id 3A0F35533D; Tue, 19 Dec 2023 10:28:50 -0800 (PST)
Date: Tue, 19 Dec 2023 10:28:50 -0800
From: Gleb Smirnoff <glebius@freebsd.org>
To: Ed Maste <emaste@freebsd.org>
Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org,
	dev-commits-src-branches@freebsd.org
Subject: Re: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused
 client hostname
Message-ID: <ZYHg4t12svqpfW5S@FreeBSD.org>
References: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
X-Spamd-Result: default: False [2.31 / 15.00];
	VIOLATED_DIRECT_SPF(3.50)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_SPAM_SHORT(0.71)[0.714];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_NO_TLS_LAST(0.10)[];
	ONCE_RECEIVED(0.10)[];
	MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org,dev-commits-src-branches@freebsd.org];
	FROM_EQ_ENVFROM(0.00)[];
	ASN(0.00)[asn:27348, ipnet:162.251.186.0/24, country:US];
	MIME_TRACE(0.00)[0:+];
	RCVD_COUNT_ONE(0.00)[1];
	R_DKIM_NA(0.00)[];
	R_SPF_SOFTFAIL(0.00)[~all];
	DMARC_NA(0.00)[freebsd.org];
	FROM_HAS_DN(0.00)[];
	FREEFALL_USER(0.00)[glebius];
	MID_RHS_MATCH_FROM(0.00)[];
	RCPT_COUNT_THREE(0.00)[4];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	TO_DN_SOME(0.00)[];
	ARC_NA(0.00)[]
X-Rspamd-Queue-Id: 4SvlZV6wXMz4Z02
X-Spamd-Bar: ++

  Ed,

On Mon, Dec 18, 2023 at 05:36:17PM +0000, Ed Maste wrote:
E> The branch stable/13 has been updated by emaste:
E> 
E> URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433
E> 
E> commit 0fbec53dcfb8d31aa2e3734992e241422e152433
E> Author:     Gleb Smirnoff <glebius@FreeBSD.org>
E> AuthorDate: 2023-07-20 21:56:20 +0000
E> Commit:     Ed Maste <emaste@FreeBSD.org>
E> CommitDate: 2023-12-18 17:35:47 +0000
E> 
E>     sshd: do not resolve refused client hostname
E>     
E>     This is a compromise between POLA and practical reasoning.  We don't
E>     want to block the main server loop in an attempt to resolve.  But we
E>     need to keep the format of the logged message as is, for sake of
E>     sshguard and other scripts.  So let's print just the IP address twice,
E>     this is what libwrap's refuse() would do if it failed to resolve.
E>     
E>     Reviewed by:            philip
E>     PR:                     269456
E>     Differential revision:  https://reviews.freebsd.org/D40069
E>     
E>     (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225)

You probably also want to merge 1d9722de6f90c3edf286b077938bfa696e728d6c

-- 
Gleb Smirnoff