Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 1 Oct 2005 02:35:50 -0700
From:      Brooks Davis <brooks@one-eyed-alien.net>
To:        arch@freebsd.org
Subject:   error in trimdomain(3)
Message-ID:  <20051001093550.GA32354@odin.ac.hmc.edu>

next in thread | raw e-mail | index | archive | help

--TB36FDmn/VVEgNH/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

I discovered today that the trimdomain() implementation in libutil deviates
slightly from the manpage.  The manpage says:

     The function trimdomain() removes the current domain name from the pas=
sed
     fullhost name by writing a NUL character over the first period of the
                                                       ^^^^^^^^^^^^
     passed name.  The current domain name is determined by calling
     gethostname(3) and removing everything up to the first period.

which clearly indicates that trimdomain() should return either the
unmodified string or a host name with no domain.  In reality it will
remove the domain name even if the result is not a host name.  This
means that if the host b.com calls trimdomain with "a.b.com" as the
input string, the result is "a.b".  This causes rshd to fail when
a.b.com attempts to connect to b.com because rshd uses realhostname_sa
to check the rhosts file.  To make matters worse, rlogind does not do
this since it rolls it's own auth rather than using pam so "rsh b.com"
(really "rlogin b.com") works fine while "rsh b.com <command>" blows up
making for all sorts of hair pulling fun (particularly since the b.com
to a.b.com direction works just fine).

Fixing trimdomain is in fact trivial (turn a for loop into an if
statement), but I'm concerned that somewhere out there someone is
relying on the prior behavior.  Mostly trimdomain is used in logging
functions so it doesn't seem like a big issue.

Any objections to committing this change (along with a regression test)?

-- Brooks

http://perforce.freebsd.org/chv.cgi?CH=3D84604

Change 84604 by brooks@brooks_fellow on 2005/10/01 08:58:10

	Implement the documented behavior of trim domain.  The key
	change is that calling trimdomain with "a.b.com" on host "b.com"
	now leaves the input untouched instead of managling it to "a.b".
=09
	This fixes rsh connections from a.b.com to b.com.  Because rsh
	uses an entierly different authentication implementation than
	rlogin, "rsh b.com" worked, but "rsh b.com command" did not.

Affected files ...

=2E. //depot/user/brooks/cleanup/lib/libutil/trimdomain.c#2 edit

Differences ...

=3D=3D=3D=3D //depot/user/brooks/cleanup/lib/libutil/trimdomain.c#2 (text+k=
o) =3D=3D=3D=3D

@@ -75,18 +75,16 @@
=20
 	s =3D fullhost;
 	end =3D s + hostsize + 1;
-	for (; (s =3D memchr(s, '.', (size_t)(end - s))) !=3D NULL; s++) {
+	if ((s =3D memchr(s, '.', (size_t)(end - s))) !=3D NULL) {
 		if (strncasecmp(s + 1, domain, dlen) =3D=3D 0) {
 			if (s[dlen + 1] =3D=3D '\0') {
 				/* Found -- lose the domain. */
 				*s =3D '\0';
-				break;
 			} else if (s[dlen + 1] =3D=3D ':' &&
 			    isDISP(s + dlen + 2) &&
 			    (len =3D strlen(s + dlen + 1)) < (size_t)(end - s)) {
 				/* Found -- shuffle the DISPLAY back. */
 				memmove(s, s + dlen + 1, len + 1);
-				break;
 			}
 		}
 	}

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--TB36FDmn/VVEgNH/
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFDPlh1XY6L6fI4GtQRAvsBAKCc8tqF4GspUsdg2H09d4aBMjMTQgCgzSFD
4aB2nkz7+b0kX1bDprV2oC4=
=/YZr
-----END PGP SIGNATURE-----

--TB36FDmn/VVEgNH/--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051001093550.GA32354>