Date: Tue, 19 Dec 2023 10:28:50 -0800 From: Gleb Smirnoff <glebius@freebsd.org> To: Ed Maste <emaste@freebsd.org> Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-branches@freebsd.org Subject: Re: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused client hostname Message-ID: <ZYHg4t12svqpfW5S@FreeBSD.org> In-Reply-To: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org> References: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ed, On Mon, Dec 18, 2023 at 05:36:17PM +0000, Ed Maste wrote: E> The branch stable/13 has been updated by emaste: E> E> URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433 E> E> commit 0fbec53dcfb8d31aa2e3734992e241422e152433 E> Author: Gleb Smirnoff <glebius@FreeBSD.org> E> AuthorDate: 2023-07-20 21:56:20 +0000 E> Commit: Ed Maste <emaste@FreeBSD.org> E> CommitDate: 2023-12-18 17:35:47 +0000 E> E> sshd: do not resolve refused client hostname E> E> This is a compromise between POLA and practical reasoning. We don't E> want to block the main server loop in an attempt to resolve. But we E> need to keep the format of the logged message as is, for sake of E> sshguard and other scripts. So let's print just the IP address twice, E> this is what libwrap's refuse() would do if it failed to resolve. E> E> Reviewed by: philip E> PR: 269456 E> Differential revision: https://reviews.freebsd.org/D40069 E> E> (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225) You probably also want to merge 1d9722de6f90c3edf286b077938bfa696e728d6c -- Gleb Smirnoff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZYHg4t12svqpfW5S>