wotwot / pdsh

Automatically exported from code.google.com/p/pdsh
GNU General Public License v2.0
0 stars 0 forks source link

[patch] usernames truncated at arbitrary limit of 17 in dsh.c #24

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
We were getting failed logins and wondering what was
happening::

    $ strace -qfs 30 -e execve \
      pdsh -w hmaster01 -l abcdefghijklmnopqrstuvwxyz true 2>&1 |
      grep `type -p ssh` | grep -v xyz | fmt

    execve("/usr/bin/ssh", ["ssh", "-oConnectTimeout=10",
    "-2", "-a", "-x", "-labcdefghijklmnop", "hmaster01", "true"],
    [/* 75 vars */]) = 0

note the truncated argument to '-l'.

set a break in pipecmd.c and noticed this was being
passed in truncated all the way from _rsh_thread()
args, as instantiated in the opt->ruser arg to
_thd_init() we get the opt_t struct in opt.h::

    #define MAX_USERNAME 17
    ...
    char ruser[MAX_USERNAME]; /* remote username (-l or default) */

seems arbitrary to limit it like that, granted our
usernames are long but this is not the first site
encountered with longer names.

Looked around on how this was properly defined and
ended up with following patch against r1322.

Please apply, thanks.

-- 
Scott

Original issue reported on code.google.com by scott.m....@gmail.com on 27 Apr 2011 at 12:44

Attachments:

GoogleCodeExporter commented 9 years ago
Thanks and nice find! That limit has been in there since 2003 and before that
I think it was 8 or 9!

I'm surprised nobody has ran into this before.

Original comment by mark.gro...@gmail.com on 27 Apr 2011 at 1:55

GoogleCodeExporter commented 9 years ago
Unfortunately, __UT_NAMESIZE doesn't appear to be portable. For example, AIX
has utmpx.h but __UT_NAMESIZE is not defined (they appear to hardcode to
256). I'm also a bit uncomfortable using double-underscore preprocessor defines
as that ~usually~ means 'reserved for internal use'.

Instead, let's make opt->ruser and opt->luser dynamically allocated at program
startup based on the value of sysconf(_SC_LOGIN_NAME_MAX) if available, 
otherwise
fall back to the old value.
See 

 http://pubs.opengroup.org/onlinepubs/009695399/functions/sysconf.html

Could you try the attached patch and verify that it still solves your problem

Original comment by mark.gro...@gmail.com on 27 Apr 2011 at 5:28

Attachments:

GoogleCodeExporter commented 9 years ago
Even better to do it at runtime, this is what they made
sysconf() for...

Double underscore looked funny but I thought it would
be hidden by protection of checking for utmpx.h instead
of utmp.h.

Builds and work perfect for me.  Thanks!

Original comment by scott.m....@gmail.com on 27 Apr 2011 at 6:25

GoogleCodeExporter commented 9 years ago
This issue was closed by revision r1326.

Original comment by mark.gro...@gmail.com on 28 Apr 2011 at 2:33