<mouring@etoh.eviladmin.org> writes: > I still don't get why this is even an issue.. basically, the issue is that openssh-p uses MAXHOSTNAMELEN in a way that is not compatible with POSIX. If you want to be portable to all POSIX systems, you have to handle the case that it is not defined. > if gethostname() returns failures if the hostname is greater then > MAXHOSTNAMELEN then this whole issue is moot, [...] Not the case for the Hurd. > If OpenBSD or other platforms hack the hostname off to match the current > variable size, and they do not return some type of failure then the OS is > broken. Also not the case here. (I was going to add "modulo bugs" to the above two statements, but went ahead and set my hostname to a 596 character string. The C library works as expected.) > And it should be fixed in their code not our application since we > have no way of detecting such evilness (Also, consider a hostname getting > hacked to: "somehost.open" now.. How in the world do you use that > correctly for key verification or X11 DISPLAY setting?! You end up having > to make educated guess based on limited knowledge which can bite us in the > ass later on). As is stands, x11_create_display_inet *does* cut off hostnames when it massages them into a display spec. This won't be a problem for platforms where MAXHOSTNAMELEN <= 400. But if I ssh -X into my host-with-long-name DISPLAY will be set wrong (xauth will also choke, but that's not openssh's fault). > I still have to ask the same question I did the last time this was brought > up.. Who in their right mind would have a hostname/FQDN that is over 256 > characters (using OpenBSD's documented limit)?! That is over 3 lines > worth of information to type!!! There are days I wish I would have bought > a shorter name then 'eviladmin.org' =) First, you can have aliases, so calling your host <something-long> does not necessarily induce carpal tunnel syndrome. Second, we're using computers, not everything has to be manual. Perhaps somebody comes up with a clever use for long hostnames that we do not know of yet (something along the trick of encoding CGI parameters into hostnames, that was actually patented). If you still believe that noone ever needs more than 256 chars, then go ahead and define MAXHOSTNAMELEN for openssh if the OS does not supply it. > I have no problems if we handle ENAMETOOLONG using xgethostname() > (mirroring naming already used for replacement functions [xstrdup, > xmalloc, etc]). xgethostname() would be a good solution, I think. > However, since OpenBSD currently does not suppot ENAMETOOLONG [...] Out of interest: what does happen, when I call gethostname(str, 2)? Or is it simply forbidden to use a parameter smaller than MAXHOSTNAMELEN. > The less core code that can be changed between the portable and the > OpenBSD tree the happier I become. Certainly. xgethostname() should be small enough a change. -- Robbe
Attachment:
signature.ng
Description: PGP signature