For long hostnames, use a hash of the hostname to generate the socket file for ssh connection caching.

This is ok to do now that the socket filename never needs to be mapped back
to a hostname.

Short hostnames will still appear in the clear, which is less obfuscated.
So this cannot possibly make ssh connection caching fail for a hostname it
used to work for.

Annex/Ssh.hs

@@ -15,6 +15,7 @@ module Annex.Ssh (
 ) where
 
 import qualified Data.Map as M
+import Data.Hash.MD5
 
 import Common.Annex
 import Annex.LockPool
@@ -127,9 +128,17 @@ sshCleanup = go =<< sshCacheDir
 		-- Cannot remove the lock file; other processes may
 		-- be waiting on our exclusive lock to use it.
 
+{- This needs to be as short as possible, due to limitations on the length
+ - of the path to a socket file. At the same time, it needs to be unique
+ - for each host.
+ -}
 hostport2socket :: String -> Maybe Integer -> FilePath
-hostport2socket host Nothing = host
+hostport2socket host Nothing = hostport2socket' host
-hostport2socket host (Just port) = host ++ "!" ++ show port
+hostport2socket host (Just port) = hostport2socket' $ host ++ "!" ++ show port
+hostport2socket' :: String -> FilePath
+hostport2socket' s
+	| length s > 32 = md5s (Str s)
+	| otherwise = s
 
 socket2lock :: FilePath -> FilePath
 socket2lock socket = socket ++ lockExt

debian/changelog

@@ -30,6 +30,8 @@ git-annex (4.20130710) UNRELEASED; urgency=low
     conflicts with other existing (or deleted) remotes with the same name.
   * When an XMPP server has SRV records, try them, but don't then fall
     back to the regular host if they all fail.
+  * For long hostnames, use a hash of the hostname to generate the socket
+    file for ssh connection caching.
 
  -- Joey Hess <joeyh@debian.org>  Tue, 09 Jul 2013 19:17:13 -0400