An obscurity in host key lookup.

help-shishi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

An obscurity in host key lookup.

From:	Mats Erik Andersson
Subject:	An obscurity in host key lookup.
Date:	Thu, 11 Oct 2012 03:01:32 +0200
User-agent:	Mutt/1.5.18 (2008-05-17)

Hello again,

there are two important lookup calls

  shishi_hostkeys_for_server()

  shishi_hostkeys_for_serverrealm()

used in determining the host key of a server instance.
The documentation of the first one is in dire need of
some words indicating that it completely ignores whatever
value may be assigned to the default realm. Instead the
function only scans the allotted key file database
for the very first match of identical principal name.
The second function adds the identity of realms as
matching condition.

My point is that it is fairly natural to expect
shishi_hostkeys_for_server() to be looking for
the specified principal name paired with the
system default realm.  Since this is not how the
implementation works, the documentation should be
clearified, or the code should possibly be adjusted
to take care of this matter.

Best regards,
  Mats Erik Andersson

[Prev in Thread]

Current Thread

[Next in Thread]

An obscurity in host key lookup., Mats Erik Andersson <=

Prev by Date: shishi-1.0.1 build failure with glibc-2.16.0
Next by Date: pam_shishi: Logging and options.
Previous by thread: shishi-1.0.1 build failure with glibc-2.16.0
Next by thread: pam_shishi: Logging and options.
Index(es):
- Date
- Thread