[openssh.git] / canohost.c

/*
 * 
 * canohost.c
 * 
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * 
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * 
 * Created: Sun Jul  2 17:52:22 1995 ylo
 * 
 * Functions for returning the canonical host name of the remote site.
 * 
 */

#include "includes.h"
RCSID("$Id$");

#include "packet.h"
#include "xmalloc.h"
#include "ssh.h"

/* Return the canonical name of the host at the other end of the socket.
   The caller should free the returned string with xfree. */

char *
get_remote_hostname(int socket)
{
	struct sockaddr_in from;
	int fromlen, i;
	struct hostent *hp;
	char name[MAXHOSTNAMELEN];

	/* Get IP address of client. */
	fromlen = sizeof(from);
	memset(&from, 0, sizeof(from));
	if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
		debug("getpeername failed: %.100s", strerror(errno));
		fatal_cleanup();
	}
	/* Map the IP address to a host name. */
	hp = gethostbyaddr((char *) &from.sin_addr, sizeof(struct in_addr),
			   from.sin_family);
	if (hp) {
		/* Got host name, find canonic host name. */
		if (strchr(hp->h_name, '.') != 0)
			strlcpy(name, hp->h_name, sizeof(name));
		else if (hp->h_aliases != 0
			 && hp->h_aliases[0] != 0
			 && strchr(hp->h_aliases[0], '.') != 0)
			strlcpy(name, hp->h_aliases[0], sizeof(name));
		else
			strlcpy(name, hp->h_name, sizeof(name));

		/* Convert it to all lowercase (which is expected by the
		   rest of this software). */
		for (i = 0; name[i]; i++)
			if (isupper(name[i]))
				name[i] = tolower(name[i]);

		/* Map it back to an IP address and check that the given
		   address actually is an address of this host.  This is
		   necessary because anyone with access to a name server
		   can define arbitrary names for an IP address. Mapping
		   from name to IP address can be trusted better (but can
		   still be fooled if the intruder has access to the name
		   server of the domain). */
		hp = gethostbyname(name);
		if (!hp) {
			log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name);
			strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
			goto check_ip_options;
		}
		/* Look for the address from the list of addresses. */
		for (i = 0; hp->h_addr_list[i]; i++)
			if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr))
			    == 0)
				break;
		/* If we reached the end of the list, the address was not
		   there. */
		if (!hp->h_addr_list[i]) {
			/* Address not found for the host name. */
			log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!",
			    inet_ntoa(from.sin_addr), name);
			strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
			goto check_ip_options;
		}
		/* Address was found for the host name.  We accept the host name. */
	} else {
		/* Host name not found.  Use ascii representation of the address. */
		strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
		log("Could not reverse map address %.100s.", name);
	}

check_ip_options:

	/* If IP options are supported, make sure there are none (log and
	   disconnect them if any are found).  Basically we are worried
	   about source routing; it can be used to pretend you are
	   somebody (ip-address) you are not. That itself may be "almost
	   acceptable" under certain circumstances, but rhosts
	   autentication is useless if source routing is accepted. Notice
	   also that if we just dropped source routing here, the other
	   side could use IP spoofing to do rest of the interaction and
	   could still bypass security.  So we exit here if we detect any
	   IP options. */
	{
		unsigned char options[200], *ucp;
		char text[1024], *cp;
		int option_size, ipproto;
		struct protoent *ip;

		if ((ip = getprotobyname("ip")) != NULL)
			ipproto = ip->p_proto;
		else
			ipproto = IPPROTO_IP;
		option_size = sizeof(options);
		if (getsockopt(0, ipproto, IP_OPTIONS, (char *) options,
			       &option_size) >= 0 && option_size != 0) {
			cp = text;
			/* Note: "text" buffer must be at least 3x as big as options. */
			for (ucp = options; option_size > 0; ucp++, option_size--, cp += 3)
				sprintf(cp, " %2.2x", *ucp);
			log("Connection from %.100s with IP options:%.800s",
			    inet_ntoa(from.sin_addr), text);
			packet_disconnect("Connection from %.100s with IP options:%.800s",
					  inet_ntoa(from.sin_addr), text);
		}
	}

	return xstrdup(name);
}

static char *canonical_host_name = NULL;
static char *canonical_host_ip = NULL;

/* Return the canonical name of the host in the other side of the current
   connection.  The host name is cached, so it is efficient to call this
   several times. */

const char *
get_canonical_hostname()
{
	/* Check if we have previously retrieved this same name. */
	if (canonical_host_name != NULL)
		return canonical_host_name;

	/* Get the real hostname if socket; otherwise return UNKNOWN. */
	if (packet_get_connection_in() == packet_get_connection_out())
		canonical_host_name = get_remote_hostname(packet_get_connection_in());
	else
		canonical_host_name = xstrdup("UNKNOWN");

	return canonical_host_name;
}

/* Returns the IP-address of the remote host as a string.  The returned
   string need not be freed. */

const char *
get_remote_ipaddr()
{
	struct sockaddr_in from;
	int fromlen, socket;

	/* Check if we have previously retrieved this same name. */
	if (canonical_host_ip != NULL)
		return canonical_host_ip;

	/* If not a socket, return UNKNOWN. */
	if (packet_get_connection_in() != packet_get_connection_out()) {
		canonical_host_ip = xstrdup("UNKNOWN");
		return canonical_host_ip;
	}
	/* Get client socket. */
	socket = packet_get_connection_in();

	/* Get IP address of client. */
	fromlen = sizeof(from);
	memset(&from, 0, sizeof(from));
	if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
		debug("getpeername failed: %.100s", strerror(errno));
		fatal_cleanup();
	}
	/* Get the IP address in ascii. */
	canonical_host_ip = xstrdup(inet_ntoa(from.sin_addr));

	/* Return ip address string. */
	return canonical_host_ip;
}

/* Returns the port of the peer of the socket. */

int 
get_peer_port(int sock)
{
	struct sockaddr_in from;
	int fromlen;

	/* Get IP address of client. */
	fromlen = sizeof(from);
	memset(&from, 0, sizeof(from));
	if (getpeername(sock, (struct sockaddr *) & from, &fromlen) < 0) {
		debug("getpeername failed: %.100s", strerror(errno));
		fatal_cleanup();
	}
	/* Return port number. */
	return ntohs(from.sin_port);
}

/* Returns the port number of the remote host.  */

int 
get_remote_port()
{
	int socket;

	/* If the connection is not a socket, return 65535.  This is
	   intentionally chosen to be an unprivileged port number. */
	if (packet_get_connection_in() != packet_get_connection_out())
		return 65535;

	/* Get client socket. */
	socket = packet_get_connection_in();

	/* Get and return the peer port number. */
	return get_peer_port(socket);
}
Commit	Line	Data
8efc0c15	1	/*
5260325f	2	*
	3	* canohost.c
	4	*
	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	*
	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	* All rights reserved
	9	*
	10	* Created: Sun Jul 2 17:52:22 1995 ylo
	11	*
	12	* Functions for returning the canonical host name of the remote site.
	13	*
	14	*/
8efc0c15	15
	16	#include "includes.h"
	17	RCSID("$Id$");
	18
	19	#include "packet.h"
	20	#include "xmalloc.h"
	21	#include "ssh.h"
	22
5260325f	23	/* Return the canonical name of the host at the other end of the socket.
8efc0c15	24	The caller should free the returned string with xfree. */
8efc0c15	25
5260325f	26	char *
5260325f	27	get_remote_hostname(int socket)
8efc0c15	28	{
5260325f	29	struct sockaddr_in from;
	30	int fromlen, i;
	31	struct hostent *hp;
	32	char name[MAXHOSTNAMELEN];
	33
	34	/* Get IP address of client. */
	35	fromlen = sizeof(from);
	36	memset(&from, 0, sizeof(from));
	37	if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
	38	debug("getpeername failed: %.100s", strerror(errno));
	39	fatal_cleanup();
	40	}
	41	/* Map the IP address to a host name. */
	42	hp = gethostbyaddr((char *) &from.sin_addr, sizeof(struct in_addr),
	43	from.sin_family);
	44	if (hp) {
	45	/* Got host name, find canonic host name. */
	46	if (strchr(hp->h_name, '.') != 0)
	47	strlcpy(name, hp->h_name, sizeof(name));
	48	else if (hp->h_aliases != 0
	49	&& hp->h_aliases[0] != 0
	50	&& strchr(hp->h_aliases[0], '.') != 0)
	51	strlcpy(name, hp->h_aliases[0], sizeof(name));
	52	else
	53	strlcpy(name, hp->h_name, sizeof(name));
	54
	55	/* Convert it to all lowercase (which is expected by the
	56	rest of this software). */
	57	for (i = 0; name[i]; i++)
	58	if (isupper(name[i]))
	59	name[i] = tolower(name[i]);
	60
	61	/* Map it back to an IP address and check that the given
	62	address actually is an address of this host. This is
	63	necessary because anyone with access to a name server
	64	can define arbitrary names for an IP address. Mapping
	65	from name to IP address can be trusted better (but can
	66	still be fooled if the intruder has access to the name
	67	server of the domain). */
	68	hp = gethostbyname(name);
	69	if (!hp) {
	70	log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name);
	71	strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
	72	goto check_ip_options;
	73	}
	74	/* Look for the address from the list of addresses. */
	75	for (i = 0; hp->h_addr_list[i]; i++)
	76	if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr))
	77	== 0)
	78	break;
	79	/* If we reached the end of the list, the address was not
	80	there. */
	81	if (!hp->h_addr_list[i]) {
	82	/* Address not found for the host name. */
	83	log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!",
	84	inet_ntoa(from.sin_addr), name);
	85	strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
	86	goto check_ip_options;
	87	}
	88	/* Address was found for the host name. We accept the host name. */
	89	} else {
	90	/* Host name not found. Use ascii representation of the address. */
	91	strlcpy(name, inet_ntoa(from.sin_addr), sizeof name);
	92	log("Could not reverse map address %.100s.", name);
8efc0c15	93	}
5260325f	94
	95	check_ip_options:
	96
	97	/* If IP options are supported, make sure there are none (log and
	98	disconnect them if any are found). Basically we are worried
	99	about source routing; it can be used to pretend you are
	100	somebody (ip-address) you are not. That itself may be "almost
	101	acceptable" under certain circumstances, but rhosts
	102	autentication is useless if source routing is accepted. Notice
	103	also that if we just dropped source routing here, the other
	104	side could use IP spoofing to do rest of the interaction and
	105	could still bypass security. So we exit here if we detect any
	106	IP options. */
8efc0c15	107	{
5260325f	108	unsigned char options[200], *ucp;
	109	char text[1024], *cp;
	110	int option_size, ipproto;
	111	struct protoent *ip;
	112
	113	if ((ip = getprotobyname("ip")) != NULL)
	114	ipproto = ip->p_proto;
	115	else
	116	ipproto = IPPROTO_IP;
	117	option_size = sizeof(options);
	118	if (getsockopt(0, ipproto, IP_OPTIONS, (char *) options,
	119	&option_size) >= 0 && option_size != 0) {
	120	cp = text;
	121	/* Note: "text" buffer must be at least 3x as big as options. */
	122	for (ucp = options; option_size > 0; ucp++, option_size--, cp += 3)
	123	sprintf(cp, " %2.2x", *ucp);
	124	log("Connection from %.100s with IP options:%.800s",
	125	inet_ntoa(from.sin_addr), text);
	126	packet_disconnect("Connection from %.100s with IP options:%.800s",
	127	inet_ntoa(from.sin_addr), text);
	128	}
8efc0c15	129	}
5260325f	130
5260325f	131	return xstrdup(name);
8efc0c15	132	}
	133
	134	static char *canonical_host_name = NULL;
	135	static char *canonical_host_ip = NULL;
	136
	137	/* Return the canonical name of the host in the other side of the current
5260325f	138	connection. The host name is cached, so it is efficient to call this
8efc0c15	139	several times. */
8efc0c15	140
5260325f	141	const char *
5260325f	142	get_canonical_hostname()
8efc0c15	143	{
5260325f	144	/* Check if we have previously retrieved this same name. */
	145	if (canonical_host_name != NULL)
	146	return canonical_host_name;
8efc0c15	147
5260325f	148	/* Get the real hostname if socket; otherwise return UNKNOWN. */
	149	if (packet_get_connection_in() == packet_get_connection_out())
	150	canonical_host_name = get_remote_hostname(packet_get_connection_in());
	151	else
	152	canonical_host_name = xstrdup("UNKNOWN");
8efc0c15	153
5260325f	154	return canonical_host_name;
8efc0c15	155	}
	156
	157	/* Returns the IP-address of the remote host as a string. The returned
	158	string need not be freed. */
	159
5260325f	160	const char *
5260325f	161	get_remote_ipaddr()
8efc0c15	162	{
5260325f	163	struct sockaddr_in from;
	164	int fromlen, socket;
	165
	166	/* Check if we have previously retrieved this same name. */
	167	if (canonical_host_ip != NULL)
	168	return canonical_host_ip;
	169
	170	/* If not a socket, return UNKNOWN. */
	171	if (packet_get_connection_in() != packet_get_connection_out()) {
	172	canonical_host_ip = xstrdup("UNKNOWN");
	173	return canonical_host_ip;
	174	}
	175	/* Get client socket. */
	176	socket = packet_get_connection_in();
	177
	178	/* Get IP address of client. */
	179	fromlen = sizeof(from);
	180	memset(&from, 0, sizeof(from));
	181	if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
	182	debug("getpeername failed: %.100s", strerror(errno));
	183	fatal_cleanup();
	184	}
	185	/* Get the IP address in ascii. */
	186	canonical_host_ip = xstrdup(inet_ntoa(from.sin_addr));
	187
	188	/* Return ip address string. */
	189	return canonical_host_ip;
8efc0c15	190	}
	191
	192	/* Returns the port of the peer of the socket. */
	193
5260325f	194	int
5260325f	195	get_peer_port(int sock)
8efc0c15	196	{
5260325f	197	struct sockaddr_in from;
	198	int fromlen;
	199
	200	/* Get IP address of client. */
	201	fromlen = sizeof(from);
	202	memset(&from, 0, sizeof(from));
	203	if (getpeername(sock, (struct sockaddr *) & from, &fromlen) < 0) {
	204	debug("getpeername failed: %.100s", strerror(errno));
	205	fatal_cleanup();
	206	}
	207	/* Return port number. */
	208	return ntohs(from.sin_port);
8efc0c15	209	}
	210
	211	/* Returns the port number of the remote host. */
	212
5260325f	213	int
5260325f	214	get_remote_port()
8efc0c15	215	{
5260325f	216	int socket;
8efc0c15	217
5260325f	218	/* If the connection is not a socket, return 65535. This is
	219	intentionally chosen to be an unprivileged port number. */
	220	if (packet_get_connection_in() != packet_get_connection_out())
	221	return 65535;
8efc0c15	222
5260325f	223	/* Get client socket. */
5260325f	224	socket = packet_get_connection_in();
8efc0c15	225
5260325f	226	/* Get and return the peer port number. */
5260325f	227	return get_peer_port(socket);
8efc0c15	228	}