error in trimdomain(3)

Brooks Davis brooks at one-eyed-alien.net
Sat Oct 1 02:35:51 PDT 2005 

I discovered today that the trimdomain() implementation in libutil deviates
slightly from the manpage.  The manpage says:

     The function trimdomain() removes the current domain name from the passed
     fullhost name by writing a NUL character over the first period of the
                                                       ^^^^^^^^^^^^
     passed name.  The current domain name is determined by calling
     gethostname(3) and removing everything up to the first period.

which clearly indicates that trimdomain() should return either the
unmodified string or a host name with no domain.  In reality it will
remove the domain name even if the result is not a host name.  This
means that if the host b.com calls trimdomain with "a.b.com" as the
input string, the result is "a.b".  This causes rshd to fail when
a.b.com attempts to connect to b.com because rshd uses realhostname_sa
to check the rhosts file.  To make matters worse, rlogind does not do
this since it rolls it's own auth rather than using pam so "rsh b.com"
(really "rlogin b.com") works fine while "rsh b.com <command>" blows up
making for all sorts of hair pulling fun (particularly since the b.com
to a.b.com direction works just fine).

Fixing trimdomain is in fact trivial (turn a for loop into an if
statement), but I'm concerned that somewhere out there someone is
relying on the prior behavior.  Mostly trimdomain is used in logging
functions so it doesn't seem like a big issue.

Any objections to committing this change (along with a regression test)?

-- Brooks

http://perforce.freebsd.org/chv.cgi?CH=84604

Change 84604 by brooks at brooks_fellow on 2005/10/01 08:58:10

	Implement the documented behavior of trim domain.  The key
	change is that calling trimdomain with "a.b.com" on host "b.com"
	now leaves the input untouched instead of managling it to "a.b".
	
	This fixes rsh connections from a.b.com to b.com.  Because rsh
	uses an entierly different authentication implementation than
	rlogin, "rsh b.com" worked, but "rsh b.com command" did not.

Affected files ...

.. //depot/user/brooks/cleanup/lib/libutil/trimdomain.c#2 edit

Differences ...

==== //depot/user/brooks/cleanup/lib/libutil/trimdomain.c#2 (text+ko) ====

@@ -75,18 +75,16 @@
 
 	s = fullhost;
 	end = s + hostsize + 1;
-	for (; (s = memchr(s, '.', (size_t)(end - s))) != NULL; s++) {
+	if ((s = memchr(s, '.', (size_t)(end - s))) != NULL) {
 		if (strncasecmp(s + 1, domain, dlen) == 0) {
 			if (s[dlen + 1] == '\0') {
 				/* Found -- lose the domain. */
 				*s = '\0';
-				break;
 			} else if (s[dlen + 1] == ':' &&
 			    isDISP(s + dlen + 2) &&
 			    (len = strlen(s + dlen + 1)) < (size_t)(end - s)) {
 				/* Found -- shuffle the DISPLAY back. */
 				memmove(s, s + dlen + 1, len + 1);
-				break;
 			}
 		}
 	}

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20051001/ece417fa/attachment.bin

More information about the freebsd-arch mailing list