From owner-cvs-all Fri Jul 14 11:26:29 2000 Delivered-To: cvs-all@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A027937B5E7; Fri, 14 Jul 2000 11:26:21 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id OAA86690; Fri, 14 Jul 2000 14:26:20 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Fri, 14 Jul 2000 14:26:20 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Hajimu UMEMOTO Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libutil realhostname.c In-Reply-To: <200007141808.LAA07166@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 14 Jul 2000, Hajimu UMEMOTO wrote: > Sshd writes connected host into utmp directly. If the connection is > via IPv6, the hostname is trimed due to the length of IPv6 address. > This change saves it as possible. > I have a grudge against the shortage of UT_HOSTSIZE. I believe BSD/OS switched to a model where they retain both a hostname and an address. I don't know if their address field can hold an IPv6 address. Rant: Nothing irritates me more than seeing "Invalid address" in wtmp, when DNS fails and login stamps that in. How utterly useless. In my mind, if we store one thing, it should be the IP address (v4 or v6 or whatever), and if two, then also the hostname at the time that the connection occurred. Furthermore, it would be nice if an authenticity parameter was present for both fields: (1) protection assuring that the IP was accurate (based on IPsec somehow), and (2) protection assuring the name for the IP was accurate (based on DNSsec). I don't see either happening soon, but we can and should fix the incorrect/inappropriate use of wtmp and utmp. sshd currently puts IP addresses in the logs; we should change other programs to do the same. And we should fix UT_HOSTSIZE. :-) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message