Hi tech@,
I have been noticing coredumps from telnet on my laptop for some time
now and finally found an evening to investigate it.
The typical use case:
$ telnet localhost 22
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.2
^]
telnet> quit
Connection closed.
Abort trap (core dumped)
$
Plus the following in dmesg:
telnet(67078): syscall 97 "dns"
The bug was reproducible by me both by calling quit or close in the
telnet> prompt but no one else I asked was able to reproduce it.
Rebuilding the code with debug symbols and grabbing the backtrace
revealed this fine piece of code:
/* If this is not the full name, try to get it via DNS */
if (strchr(hbuf, '.') == 0) {
struct hostent *he = gethostbyname(hbuf);
if (he != 0)
strncpy(hbuf, he->h_name, sizeof hbuf-1);
hbuf[sizeof hbuf-1] = '\0';
}
Full backtrace:
https://gist.github.com/mulander/392bce616de89830f64aaf72b9cab56d
Which was added in 12-March-98 by art@ while adding encryption support
from kth-krb (kerberos only) plus doing some tweaks for better
binary/8-bit support
(http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/telnet/commands.c#rev1.10).
The reason for entering that code path is me having a not fully
qualified name for my host. Setting up a proper name (napalm.local
instead of napalm) makes telnet happy again. Regardless I don't see a
reason why telnet should be doing this check. Here is the rationale:
- It's not performed and required on initial run (either by running
telnet + telnet> open host port or by running telnet host port
directly)
- It breaks the pledge assumption of not needing DNS after the
connection is established
I would like to just drop that part of code. Any OK's, comments?
Index: commands.c
===
RCS file: /cvs/src/usr.bin/telnet/commands.c,v
retrieving revision 1.83
diff -u -p -r1.83 commands.c
--- commands.c 16 Mar 2016 15:41:11 - 1.83
+++ commands.c 3 May 2016 00:24:51 -
@@ -1445,14 +1445,6 @@ env_init(void)
gethostname(hbuf, sizeof hbuf);
- /* If this is not the full name, try to get it via DNS */
- if (strchr(hbuf, '.') == 0) {
- struct hostent *he = gethostbyname(hbuf);
- if (he != 0)
- strncpy(hbuf, he->h_name, sizeof hbuf-1);
- hbuf[sizeof hbuf-1] = '\0';
- }
-
if (asprintf (, "%s%s", hbuf, cp2) == -1)
err(1, "asprintf");