Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site mit-amt.MIT.EDU
Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!mit-amt!simsong
From: simsong@mit-amt.MIT.EDU (Simson Garfinkel)
Newsgroups: net.bugs.uucp
Subject: Re: 4.3 UUCP message: "You are unknown to me" prevents connection
Message-ID: <12@mit-amt.MIT.EDU>
Date: Sat, 28-Sep-85 22:13:38 EDT
Article-I.D.: mit-amt.12
Posted: Sat Sep 28 22:13:38 1985
Date-Received: Mon, 30-Sep-85 01:14:44 EDT
References: <911@turtlevax.UUCP>
Organization: MIT Media Lab, Cambridge, MA
Lines: 42
Summary: "You are unknown to me" problem

In article <911@turtlevax.UUCP>, ken@turtlevax.UUCP (Ken Turkowski) writes:
> Does anybody know why another site's 4.3BSD uucp won't let me log on,
> and instead returns the message, "You are unknown to me"?  How can this
> be fixed?  Does it have anything to do with turtlevax's longer-than 7
> or 8 character name?
> 
> -- 
> Ken Turkowski @ CADLINC, Menlo Park, CA
> UUCP: {amd,decwrl,hplabs,seismo,spar}!turtlevax!ken
> ARPA: turtlevax!ken@DECWRL.ARPA

We ran into this problem when we recompiled the 4.3 uucp software to use
the newly-fangled domain software. The problem is in the "cico.c" module
of the UUCP software. It makes the assumption that it is possible to
translate from an internet number to a hostname. This opperation is
possible if you have a hosttable, but it is not possible if you are
using nameservers. Going the other way is possible, but may give
problems with computers that have multiple internet numbers.

What we finally did was comment out the entire block of code that begins
with the following if statement:


	/* we must make sure they are really who they say they
	 * are. We compare the hostnumber with the number in the hosts
         * table for the site they claim to be.
	 */
	if (IsTcpIp) {

		/* bogous code follows */

The problem is that the logic of the program didn't work. We decided to
delete all of this "security" checking, anyway, since you wouldn't
normally get it over phone lines.... If people want "secure" mail, and
they are coming over the Internet, then they can use smtp.

Ever since we deleted the code, we have had no problems.

			Simson L. Garfinkel
			MEDIA-LAB.MIT.EDU