Hello, Henning Meier-Geinitz <henn...@meier-geinitz.de> writes:
> With "vortex" in saned.conf: > > Sep 21 21:38:20 hmg1 saned[20554]: my name: hmg1 > Sep 21 21:38:20 hmg1 saned[20554]: checking for: vortex > Sep 21 21:38:20 hmg1 saned[20554]: peer name: vortex > Sep 21 21:38:20 hmg1 saned[20554]: peer name alias: vortex.swb.de > Sep 21 21:38:20 hmg1 saned[20554]: access by root@vortex accepted > > So it finds the name for both cases, name and alias. With "incubus.snv.jussieu.fr" in saned.conf: Sep 24 14:26:56 inova saned[17031]: checking for: incubus.snv.jussieu.fr Sep 24 14:26:56 inova saned[17031]: peer name: incubus.snv.jussieu.fr Sep 24 14:26:56 inova saned[17031]: access by saned-u...@incubus.snv.jussieu.fr accepted Sep 24 14:27:34 inova saned[17031]: exiting With "incubus" in saned.conf: Sep 24 14:27:55 inova saned[17037]: checking for: incubus Sep 24 14:27:55 inova saned[17037]: peer name: incubus.snv.jussieu.fr Sep 24 14:27:55 inova saned[17037]: access by saned-u...@incubus.snv.jussieu.fr rejected Sep 24 14:27:55 inova saned[17037]: exiting > The difference seems to be that for me the peer name is sent without > the domain. My gethostbyaddr seems to give the peer name with the domain, and no alias... The version of libc on my computer is the GNU C Library 2.2.4 provided in Debian without any change, so something rather common and recent. I searched for 'gethostbyaddr' in GNU libc bugs page and found nothing. Looking at bugs.debian.org for libc6, one of the bugs is : I use telnetd-ssl (0.17.13+0.1-1) on a testing machine, that is in a small home lan (4 pc's + 1 laptop, all with debian): when I upgraded libc6 to the latest revision available (2.2.4-1), I couldn't telnet anymore to that machine, nor locally (telnet localhost or telnet <name> or telnet 192.168.0.10) neither from the other pc's. The message says that the connection is refused by host and i get the prompt; if i try again, telnet-ssl/telnet hangs and <CTRL-c> doesn't work, i must kill it from another vt. I downgraded libc6 to the previous revision (2.2.3-9) and the problem disappeared; I also changed telnetd-ssl with telnet and it worked. I don't know if this is related, but maybe gethostbyaddr as changed its behaviour in recent versions of libc? There must be a correct way to use it however since most of my network programs (ssh, telnet, ftp...) work correctly with short names (well, they don't use something as saned.conf either). bye -- Sébastien Sablé <sebastien.sa...@snv.jussieu.fr> http://inova.snv.jussieu.fr/~sable/
