From nobody@FreeBSD.org  Fri May 19 16:58:41 2006
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8D68C16A421
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 19 May 2006 16:58:41 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5885843D46
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 19 May 2006 16:58:41 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k4JGwfOB032562
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 19 May 2006 16:58:41 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id k4JGwfKC032561;
	Fri, 19 May 2006 16:58:41 GMT
	(envelope-from nobody)
Message-Id: <200605191658.k4JGwfKC032561@www.freebsd.org>
Date: Fri, 19 May 2006 16:58:41 GMT
From: Arnold Lee <arnoldlee_chn@yahoo.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: one of sshd_config options doesnot work
X-Send-Pr-Version: www-2.3

>Number:         97499
>Category:       bin
>Synopsis:       [patch] one of sshd_config(5) options does not work
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 19 17:00:36 GMT 2006
>Closed-Date:    Tue Oct 28 14:56:18 UTC 2008
>Last-Modified:  Tue Oct 28 14:56:18 UTC 2008
>Originator:     Arnold Lee
>Release:        Fb 6.1 release
>Organization:
SOHO
>Environment:
FreeBSD vBSD 6.1-STABLE FreeBSD 6.1-STABLE #0: Sun May 14 00:29:50 UTC 2006     root@vBSD:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
I use adsl to access internet with mpd's dial on demand. In freebsd 6.0,
I use the option "UseDNS no" in the /etc/ssh/sshd_config, it works -----
when I use secureCRT to login, sshd doesnot look up dns, mpd doesn't auto
dial.

In another computer, I installed fb 6.1-stable with the same sshd_config.
But the option "UseDNS no" has no effect! Whenever I login use securecrt,
mpd will automatically dial out to internet to access the dns! What is more,
the sshd versions in fb 6.0 and fb 6.1 are the same! So I think maybe there
are something wrong with the operating system.
>How-To-Repeat:
edit /etc/ssh/sshd_config, change "#UseDNS yes" to "UseDNS no", and set
/etc/resolv.conf properly("nameserver Your.DNS.IP.Addr"). Now login using
ssh2 protocol via sshd, you can capture packets sshd sends to dns server(s).
>Fix:

>Release-Note:
>Audit-Trail:

From: Bruce Cran <bruce@cran.org.uk>
To: bug-followup@FreeBSD.org, arnoldlee_chn@yahoo.com
Cc:  
Subject: Re: bin/97499: one of sshd_config(5) options does not work
Date: Mon, 03 Mar 2008 21:58:10 +0000

 The UseDNS option doesn't enable/disable DNS lookups, but 
 enables/disables validation of connections
 based on host information.  As discussed at 
 http://lists.freebsd.org/pipermail/freebsd-stable/2006-November/030886.html
 there are more reasons a DNS lookup may be done.  I'm not sure why the 
 behaviour would have changed
 between 6.0 and 6.1 though.  I've checked that setting UseDNS to "no" on 
 6.3 results in DNS lookups being
 done even with the sshd flag "-u0". I'll try 6.0 and see if I can track 
 down what's changed.
 
 --
 Bruce

From: Bruce Cran <bruce@cran.org.uk>
To: bug-followup@FreeBSD.org, arnoldlee_chn@yahoo.com
Cc:  
Subject: Re: bin/97499: one of sshd_config(5) options does not work
Date: Fri, 28 Mar 2008 23:37:54 +0000

 FreeBSD uses a local patch which calls realhostname_sa in construct_utmp 
 (loginrec.c line 691) which is done regardless of the UseDNS or -u0 
 settings.  The default OpenSSH behaviour is to call 
 get_remote_name_or_ip in session.c, passing in the utmp_len and use_dns 
 values; construct_utmp then just copies the string into the utmp 
 structure instead of doing a DNS lookup itself.  Rev 1.2 of loginrec.c 
 changed this in FreeBSD to avoid overflowing the utmp record.
 
 --
 Bruce

From: Bruce Cran <bruce@cran.org.uk>
To: bug-followup@FreeBSD.org, arnoldlee_chn@yahoo.com
Cc:  
Subject: Re: bin/97499: one of sshd_config(5) options does not work
Date: Mon, 31 Mar 2008 21:58:31 +0100

 This is a multi-part message in MIME format.
 --------------020704090400020909060705
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 
 The attached patches should fix the problem.  There are other places in 
 the code where MAXHOSTNAMELEN is used instead of UT_HOSTSIZE but unless 
 the user overrides utmp_len with the -u command-line switch the existing 
 behaviour will be retained.
 
 
 --------------020704090400020909060705
 Content-Type: text/plain;
  name="loginrec.c.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="loginrec.c.diff"
 
 --- /usr/src/crypto/openssh/loginrec.c	2006-09-30 14:38:04.000000000 +0100
 +++ loginrec.c	2008-03-31 21:45:37.000000000 +0100
 @@ -688,8 +688,8 @@
  	strncpy(ut->ut_name, li->username,
  	    MIN_SIZEOF(ut->ut_name, li->username));
  # ifdef HAVE_HOST_IN_UTMP
 -	realhostname_sa(ut->ut_host, sizeof ut->ut_host,
 -	    &li->hostaddr.sa, li->hostaddr.sa.sa_len);
 +	strncpy(ut->ut_host, li->hostname,
 +	    MIN_SIZEOF(ut->ut_host, li->hostname));
  # endif
  # ifdef HAVE_ADDR_IN_UTMP
  	/* this is just a 32-bit IP address */
 
 --------------020704090400020909060705
 Content-Type: text/plain;
  name="sshd.c.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="sshd.c.diff"
 
 --- /usr/src/crypto/openssh/sshd.c	2006-11-10 16:52:41.000000000 +0000
 +++ sshd.c	2008-03-31 21:45:41.000000000 +0100
 @@ -71,6 +71,7 @@
  #include <stdlib.h>
  #include <string.h>
  #include <unistd.h>
 +#include <utmp.h>
  
  #include <openssl/dh.h>
  #include <openssl/bn.h>
 @@ -235,7 +236,7 @@
  u_int session_id2_len = 0;
  
  /* record remote hostname or ip */
 -u_int utmp_len = MAXHOSTNAMELEN;
 +u_int utmp_len = UT_HOSTSIZE;
  
  /* options.max_startup sized array of fd ints */
  int *startup_pipes = NULL;
 
 --------------020704090400020909060705--

From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: freebsd-gnats-submit@freebsd.org 
Cc:  
Subject: Re: bin/97499: [patch] one of sshd_config(5) options does not work
Date: Wed, 24 Sep 2008 23:23:56 +0200

 The second part of the patch should be submitted upstream.  There may be
 portability issues.
 
 DES
 --=20
 Dag-Erling Sm=C3=B8rgrav - des@des.no
State-Changed-From-To: open->patched 
State-Changed-By: des 
State-Changed-When: Tue Oct 21 11:59:47 UTC 2008 
State-Changed-Why:  
No response from upstream. Committed to head. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97499 
State-Changed-From-To: patched->closed 
State-Changed-By: des 
State-Changed-When: Tue Oct 28 14:56:17 UTC 2008 
State-Changed-Why:  
MFCed 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97499 
>Unformatted:
