Make code and documentation for --remote-random-hostname consistent.

Documentation examples, description and code were disagreeing on what
this option actually does.  Now they will all agree that it will
*prepend* a random-byte string to the hostname name before resolving
to work around DNS caching (needs a "*" wildcard record in the zone).

Fix trac #143

Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1384698620-27946-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7999
(cherry picked from commit 7de8f3f322c1a1c13022a0243267624930dac5c9)

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index c9bd482b05fcae359f73f6fe1ed105c195a2dc4d..17ea2205a31e51bec284f2d4b258a439bf4de1da 100644 (file)
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -271,7 +271,7 @@ failover capability.
 .\"*********************************************************
 .TP
 .B \-\-remote-random-hostname
-Add a random string (6 characters) to first DNS label of hostname to prevent
+Prepend a random string (6 bytes, 12 hex characters) to hostname to prevent
 DNS caching.  For example, "foo.bar.gov" would be modified to
 "<random-chars>.foo.bar.gov".
 .\"*********************************************************

diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index fa327f8c7315216308b6d93f55e4103444f7f82d..56a01a6110bad30a1aafe044212da6a2101d4094 100644 (file)
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -934,32 +934,23 @@ create_temp_file (const char *directory, const char *prefix, struct gc_arena *gc
 }
 
 /*
- * Add a random string to first DNS label of hostname to prevent DNS caching.
+ * Prepend a random string to hostname to prevent DNS caching.
  * For example, foo.bar.gov would be modified to <random-chars>.foo.bar.gov.
- * Of course, this requires explicit support in the DNS server.
+ * Of course, this requires explicit support in the DNS server (wildcard).
  */
 const char *
 hostname_randomize(const char *hostname, struct gc_arena *gc)
 {
 # define n_rnd_bytes 6
 
-  char *hst = string_alloc(hostname, gc);
-  char *dot = strchr(hst, '.');
+  uint8_t rnd_bytes[n_rnd_bytes];
+  const char *rnd_str;
+  struct buffer hname = alloc_buf_gc (strlen(hostname)+sizeof(rnd_bytes)*2+4, gc);
 
-  if (dot)
-    {
-      uint8_t rnd_bytes[n_rnd_bytes];
-      const char *rnd_str;
-      struct buffer hname = alloc_buf_gc (strlen(hostname)+sizeof(rnd_bytes)*2+4, gc);
-
-      *dot++ = '\0';
-      prng_bytes (rnd_bytes, sizeof (rnd_bytes));
-      rnd_str = format_hex_ex (rnd_bytes, sizeof (rnd_bytes), 40, 0, NULL, gc);
-      buf_printf(&hname, "%s-0x%s.%s", hst, rnd_str, dot);
-      return BSTR(&hname);
-    }
-  else
-    return hostname;
+  prng_bytes (rnd_bytes, sizeof (rnd_bytes));
+  rnd_str = format_hex_ex (rnd_bytes, sizeof (rnd_bytes), 40, 0, NULL, gc);
+  buf_printf(&hname, "%s.%s", rnd_str, hostname);
+  return BSTR(&hname);
 # undef n_rnd_bytes
 }