Skip site navigation (1)Skip section navigation (2)
Date:      24 Dec 2002 06:17:38 -0000
From:      Matt Anderson <matt@malloc.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        matt@malloc.org
Subject:   ports/46510: sshd does not correctly store the remote host in wtmp
Message-ID:  <20021224061738.71905.qmail@eris.discordians.net>

next in thread | raw e-mail | index | archive | help

>Number:         46510
>Category:       ports
>Synopsis:       sshd does not correctly store the remote host in wtmp
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 23 22:30:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Matt Anderson
>Release:        FreeBSD 4.6-RELEASE i386
>Organization:
Eris
>Environment:
System: FreeBSD eris.discordians.net 4.6-RELEASE FreeBSD 4.6-RELEASE #3: Tue Oct 22 11:04:23 EDT 2002 baughj@eris.discordians.net:/usr/src/sys/compile/ERIS i386
The files in ports were cvs'ed on or around December 17th 2002.

>Description:

There is a problem with how ssh from the ports tree stores the remote
host name in the wtmp log.  The logic in the code compares the value of
MAXHOSTNAME with the length of the hostname of the remote host and if
the hostname is shorter then it uses the hostname, otherwise it uses the
IP address.  The problem is that the field in the wtmp file is only a
char[16] while MAXHOSTNAME is set to 254, so the entry in the wtmp file
is only the first 16 characters of the hostname.

>How-To-Repeat:

Just look at the output from `last` and note how the hostname is almost
truncated.

>Fix:

here is an updated patch-sshd.c

--- /home/bright/ssh/ssh/sshd.c	Thu Aug 17 13:06:34 2000
+++ sshd.c	Fri Feb  9 11:19:08 2001
@@ -49,6 +49,12 @@
 int deny_severity = LOG_WARNING;
 #endif /* LIBWRAP */
 
+#ifdef __FreeBSD__
+#include <libutil.h>
+#include <syslog.h>
+#include <time.h>
+#include <utmp.h>
+#endif /* __FreeBSD__ */
+
 #ifndef O_NOCTTY
 #define O_NOCTTY	0
 #endif
@@ -188,7 +189,7 @@
 int session_id2_len = 0;
 
 /* record remote hostname or ip */
-u_int utmp_len = MAXHOSTNAMELEN;
+u_int utmp_len = UT_HOSTSIZE;
 
 /* options.max_startup sized array of fd ints */
 int *startup_pipes = NULL;
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021224061738.71905.qmail>