File openssh-6.6p1-audit8-libaudit_dns_timeouts.patch of Package openssh.10219

# HG changeset patch
# Parent  0aafaabead5f4326c68890565a784943bc3d671c
# bnc#752354, bnc#757360
# prevent timeouts in libaudit code caused by DNS misconfiguration by
# explicitely disabling DNS lookups in libaudit when UseDNS is false.
# Note that this particular solution causes the logs to always contain
# "hostname=?, addr=?" when DNS lookups are disabled.

diff --git a/openssh-6.6p1/audit-linux.c b/openssh-6.6p1/audit-linux.c
--- a/openssh-6.6p1/audit-linux.c
+++ b/openssh-6.6p1/audit-linux.c
@@ -61,17 +61,17 @@ linux_audit_user_logxxx(int uid, const c
 		if (errno == EINVAL || errno == EPROTONOSUPPORT ||
 		    errno == EAFNOSUPPORT)
 			return; /* No audit support in kernel */
 		else
 			goto fatal_report; /* Must prevent login */
 	}
 	rc = audit_log_acct_message(audit_fd, event,
 	    NULL, "login", username ? username : "(unknown)",
-	    username == NULL ? uid : -1, hostname, ip, ttyn, success);
+	    username == NULL ? uid : -1, options.use_dns ? hostname : NULL, ip, ttyn, success);
 	saved_errno = errno;
 	close(audit_fd);
 	/*
 	 * Do not report error if the error is EPERM and sshd is run as non
 	 * root user.
 	 */
 	if ((rc == -EPERM) && (geteuid() != 0))
 		rc = 0;
@@ -113,17 +113,17 @@ linux_audit_user_auth(int uid, const cha
 			goto fatal_report; /* Must prevent login */
 	}
 	
 	if ((event < 0) || (event > SSH_AUDIT_UNKNOWN))
 		event = SSH_AUDIT_UNKNOWN;
 
 	rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH,
 	    NULL, event_name[event], username ? username : "(unknown)",
-	    username == NULL ? uid : -1, hostname, ip, ttyn, success);
+	    username == NULL ? uid : -1, options.use_dns ? hostname : NULL, ip, ttyn, success);
 	saved_errno = errno;
 	close(audit_fd);
 	/*
 	 * Do not report error if the error is EPERM and sshd is run as non
 	 * root user.
 	 */
 	if ((rc == -EPERM) && (geteuid() != 0))
 		rc = 0;
openSUSE Build Service is sponsored by