Bug 1323094 - [RFE] telnet is logging hostname in utmp not IP address.
Summary: [RFE] telnet is logging hostname in utmp not IP address.
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: telnet
Version: 7.4
Hardware: All
OS: Linux
high
medium
Target Milestone: rc
: 7.4
Assignee: Martin Sehnoutka
QA Contact: Andrej Dzilský
Aneta Šteflová Petrová
URL:
Whiteboard:
Keywords: FutureFeature, Patch
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-01 09:25 UTC by Mohit Agrawal
Modified: 2016-11-04 08:24 UTC (History)
8 users (show)

(edit)
*telnet* now accepts "-i" to use an IP address when calling *login*

When a computer on a network has multiple IP addresses, it was previously possible to use one address to connect to the *telnet* server, but the other addresses were saved in the `/var/run/utmp` file. To prevent the *telnet* utility from performing a DNS lookup and ensure that *telnet* uses a particular IP address when calling the *login* utility, you can now use the "-i" option. Note that "-i" works in the same way as the "-N" option on Debian systems.
Clone Of:
(edit)
Last Closed: 2016-11-04 08:24:42 UTC


Attachments (Terms of Use)
Proposed patch (2.31 KB, patch)
2016-07-07 07:07 UTC, Martin Sehnoutka
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2016:2543 normal SHIPPED_LIVE telnet enhancement update 2016-11-03 14:19:15 UTC

Description Mohit Agrawal 2016-04-01 09:25:22 UTC
Description of problem:
telnet is logging hostname in utmp not IP address.telnetd does not provide any option for remote connection to avoid dns calls.

Version-Release number of selected component (if applicable):
telnet-server-0.17-59.el7_2

How reproducible:
Always

Steps to Reproduce:
1.Create some remote connection from telnel client to server
2.On server then check utmp database utmpdump /var/run/utmp | grep "telnet user name"
3.It will show hostname in login records in utmp.

Actual results:

Currently telnet does not provide any option to avoid dns calls for remote logins.
Expected results:
It needs to be update in telnet.

Additional info:

Comment 1 Mohit Agrawal 2016-04-01 09:29:59 UTC
Hi,

After share the test package having below patch it is successfully able to avoid dns calls.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>.

--- netkit-telnet-0.17/telnetd/telnetd.c	2016-03-19 15:30:52.292560751 +0530
+++ netkit-telnet-0.17_bkp/telnetd/telnetd.c	2016-03-20 09:20:04.311186347 +0530
@@ -87,6 +87,7 @@ int keepalive = 1;
 char *loginprg = _PATH_LOGIN;
 char *progname;
 int lookupself = 1;
+int numeric_hosts=0;
 
 extern void usage(void);
 
@@ -216,6 +217,7 @@ main(int argc, char *argv[], char *env[]
 			break;
 
                 case 'N':
+			numeric_hosts=1;
                         lookupself = 0;
                         break;
 
@@ -662,8 +664,7 @@ doit(struct sockaddr *who, socklen_t who
 	/* get name of connected client */
 	int error = -1;
 	char namebuf[255];
-
-	error = getnameinfo(who, wholen, namebuf, sizeof(namebuf), NULL, 0, 0);
+	error = getnameinfo(who, wholen, namebuf, sizeof(namebuf), NULL, 0, numeric_hosts ? NI_NUMERICHOST : 0);
 	
 	/* if we can't get a hostname now, settle for an address */	
 	if(error == EAI_AGAIN)
@@ -676,8 +677,11 @@ doit(struct sockaddr *who, socklen_t who
 		exit(1);		
 	}
 	
-	host = namebuf;
-
+	if (strncmp(namebuf, "::ffff:", sizeof("::ffff:") - 1) == 0)
+    		host = namebuf + sizeof("::ffff:") - 1;
+	else
+    		host = namebuf;
+     
 	/*
 	 * We must make a copy because Kerberos is probably going
 	 * to also do a gethost* and overwrite the static data...
@@ -688,6 +692,7 @@ doit(struct sockaddr *who, socklen_t who
 		remote_host_name[sizeof(remote_host_name)-1] = 0;
 
 		/* Disallow funnies. */
+		if(!numeric_hosts)
 		for (i=0; remote_host_name[i]; i++) {
 		    if (remote_host_name[i]<=32 || remote_host_name[i]>126) 
 			remote_host_name[i] = '?';

>>>>>>>>>>>>>>>>>>>>>>>>>>>..

I think we can release same patch in official telnet errata along with update in man page also for -N option

>>>>>>>>>>>>>>>>>

-N           Do not use DNS to canonicalize the local hostname; gethostname(2) returns a fully qualified name.

>>>>>>>>>>>>>>>>>>>>>>>>.


Regards
Mohit Agrawal

Comment 8 Martin Sehnoutka 2016-07-07 07:07 UTC
Created attachment 1177192 [details]
Proposed patch

Comment 15 errata-xmlrpc 2016-11-04 08:24:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2543.html


Note You need to log in before you can comment on or make changes to this bug.