| commit | 8b59c73386ddb64331ee03c29925a18dae547733 | |
| author | Carlos O'Donell <carlos@systemhalted.org> | |
| Wed, 8 Jul 2015 06:42:11 +0000 (8 02:42 -0400) | ||
| committer | Carlos O'Donell <carlos@systemhalted.org> | |
| Wed, 8 Jul 2015 06:42:11 +0000 (8 02:42 -0400) | ||
| tree | 7e74e2c9e0325cc6e9b5fe138180b6df386708c6 | treesnapshot (tar.gz zip) |
| parent | 02d5e5d94a78d32e940dfb3b58ab7f06c31b0f76 | commitdiff |
Fix ruserok scalability with large ~/.rhosts file.
Fixes bug 18557.
The ruserok API does hosts checks first while it walks the
user's ~/.rhosts file. This results in lots of DNS queries
that could have been skipped if we short-circuit test the
user portion first to see if would have had a failed match.
This supports configurations where rlogin is used on internal
secure networks with large numbers of users and machines.
The Red Hat QE team did extensive testing on various rlogin
combinations to validate this change, and in fact we found
a defect in the first version which is fixed in this version.
Fixes bug 18557.
The ruserok API does hosts checks first while it walks the
user's ~/.rhosts file. This results in lots of DNS queries
that could have been skipped if we short-circuit test the
user portion first to see if would have had a failed match.
This supports configurations where rlogin is used on internal
secure networks with large numbers of users and machines.
The Red Hat QE team did extensive testing on various rlogin
combinations to validate this change, and in fact we found
a defect in the first version which is fixed in this version.
| ChangeLog | diffblobblamehistory | |
| NEWS | diffblobblamehistory | |
| inet/rcmd.c | diffblobblamehistory |