Import of OpenSSH 4.3p1

[gssapi-openssh.git] / openssh / canohost.c

diff --git a/openssh/canohost.c b/openssh/canohost.c
index c27086bfdc59c36b43d2df408cff6e32ddcf840f..6ca60e6b448780adf3efb82a61230b207832a0ec 100644 (file)
--- a/openssh/canohost.c
+++ b/openssh/canohost.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.48 2005/12/28 22:46:06 stevesk Exp $");
 
 #include "packet.h"
 #include "xmalloc.h"
@@ -43,9 +43,6 @@ get_remote_hostname(int sock, int use_dns)
                cleanup_exit(255);
        }
 
-       if (from.ss_family == AF_INET)
-               check_ip_options(sock, ntop);
-
        ipv64_normalise_mapped(&from, &fromlen);
 
        if (from.ss_family == AF_INET6)
@@ -55,6 +52,9 @@ get_remote_hostname(int sock, int use_dns)
            NULL, 0, NI_NUMERICHOST) != 0)
                fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
 
+       if (from.ss_family == AF_INET)
+               check_ip_options(sock, ntop);
+
        if (!use_dns)
                return xstrdup(ntop);
 
@@ -102,7 +102,7 @@ get_remote_hostname(int sock, int use_dns)
        hints.ai_socktype = SOCK_STREAM;
        if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
                logit("reverse mapping checking getaddrinfo for %.700s "
-                   "failed - POSSIBLE BREAKIN ATTEMPT!", name);
+                   "failed - POSSIBLE BREAK-IN ATTEMPT!", name);
                return xstrdup(ntop);
        }
        /* Look for the address from the list of addresses. */
@@ -117,7 +117,7 @@ get_remote_hostname(int sock, int use_dns)
        if (!ai) {
                /* Address not found for the host name. */
                logit("Address %.100s maps to %.600s, but this does not "
-                   "map back to the address - POSSIBLE BREAKIN ATTEMPT!",
+                   "map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
                    ntop, name);
                return xstrdup(ntop);
        }
@@ -158,9 +158,7 @@ check_ip_options(int sock, char *ipaddr)
                for (i = 0; i < option_size; i++)
                        snprintf(text + i*3, sizeof(text) - i*3,
                            " %2.2x", options[i]);
-               logit("Connection from %.100s with IP options:%.800s",
-                   ipaddr, text);
-               packet_disconnect("Connection from %.100s with IP options:%.800s",
+               fatal("Connection from %.100s with IP options:%.800s",
                    ipaddr, text);
        }
 #endif /* IP_OPTIONS */
@@ -200,26 +198,27 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len)
 const char *
 get_canonical_hostname(int use_dns)
 {
+       char *host;
        static char *canonical_host_name = NULL;
-       static int use_dns_done = 0;
+       static char *remote_ip = NULL;
 
        /* Check if we have previously retrieved name with same option. */
-       if (canonical_host_name != NULL) {
-               if (use_dns_done != use_dns)
-                       xfree(canonical_host_name);
-               else
-                       return canonical_host_name;
-       }
+       if (use_dns && canonical_host_name != NULL)
+               return canonical_host_name;
+       if (!use_dns && remote_ip != NULL)
+               return remote_ip;
 
        /* Get the real hostname if socket; otherwise return UNKNOWN. */
        if (packet_connection_is_on_socket())
-               canonical_host_name = get_remote_hostname(
-                   packet_get_connection_in(), use_dns);
+               host = get_remote_hostname(packet_get_connection_in(), use_dns);
        else
-               canonical_host_name = xstrdup("UNKNOWN");
+               host = "UNKNOWN";
 
-       use_dns_done = use_dns;
-       return canonical_host_name;
+       if (use_dns)
+               canonical_host_name = host;
+       else
+               remote_ip = host;
+       return host;
 }
 
 /*