commit 2bffd6fd1b27351c0be1df55e42d5f616dccb051
author Ben Lindstrom <mouring@eviladmin.org> Thu Apr 19 20:35:40 2001 +0000
committer Ben Lindstrom <mouring@eviladmin.org> Thu Apr 19 20:35:40 2001 +0000
tree b71c24b396baa3889e87a2f795381f66c19c5d4d
parent 5eb97b6f3d878e6b40cfa73a18bacc293ea6b1ad

   - markus@cvs.openbsd.org 2001/04/18 22:03:45
     [auth2.c sshconnect2.c]
     use FDQN with trailing dot in the hostbased auth packets, ok deraadt@

auth2.c

diff --git a/auth2.c b/auth2.c
index cd6b276..be07be9 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.52 2001/04/12 19:15:24 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.53 2001/04/18 22:03:44 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -799,19 +799,23 @@
 	const char *resolvedname, *ipaddr, *lookup;
 	struct stat st;
 	char *user_hostfile;
-	int host_status;
+	int host_status, len;
 
 	resolvedname = get_canonical_hostname(options.reverse_mapping_check);
 	ipaddr = get_remote_ipaddr();
 
-	debug2("userauth_hostbased: resolvedname %s ipaddr %s",
-	    resolvedname, ipaddr);
+	debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",
+	    chost, resolvedname, ipaddr);
 
 	if (options.hostbased_uses_name_from_packet_only) {
 		if (auth_rhosts2(pw, cuser, chost, chost) == 0)
 			return 0;
 		lookup = chost;
 	} else {
+		if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') {
+			debug2("stripping trailing dot from chost %s", chost);
+			chost[len - 1] = '\0';
+		}
 		if (strcasecmp(resolvedname, chost) != 0)
 			log("userauth_hostbased mismatch: "
 			    "client sends %s, but we resolve %s to %s",