- djm@cvs.openbsd.org 2010/01/30 02:54:53

[openssh.git] / dns.c

diff --git a/dns.c b/dns.c
index 4ff9ef3f4966634fb617fa4c01eb60d4a4e13bad..a7da03fa3efd14ce5feb2199995a2f344d01dbe0 100644 (file)
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $        */
+/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -25,25 +25,21 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-
 #include "includes.h"
 
-#include <openssl/bn.h>
-#ifdef LWRES
-#include <lwres/netdb.h>
-#include <dns/result.h>
-#else /* LWRES */
+#include <sys/types.h>
+#include <sys/socket.h>
+
 #include <netdb.h>
-#endif /* LWRES */
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
 
 #include "xmalloc.h"
 #include "key.h"
 #include "dns.h"
 #include "log.h"
 
-RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $");
-
-#ifndef LWRES
 static const char *errset_text[] = {
        "success",              /* 0 ERRSET_SUCCESS */
        "out of memory",        /* 1 ERRSET_NOMEMORY */
@@ -73,8 +69,6 @@ dns_result_totext(unsigned int res)
                return "unknown error";
        }
 }
-#endif /* LWRES */
-
 
 /*
  * Read SSHFP parameters from key buffer.
@@ -133,7 +127,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
                        *digest = (u_char *) xmalloc(*digest_len);
                        memcpy(*digest, rdata + 2, *digest_len);
                } else {
-                       *digest = xstrdup("");
+                       *digest = (u_char *)xstrdup("");
                }
 
                success = 1;
@@ -151,11 +145,20 @@ is_numeric_hostname(const char *hostname)
 {
        struct addrinfo hints, *ai;
 
+       /*
+        * We shouldn't ever get a null host but if we do then log an error
+        * and return -1 which stops DNS key fingerprint processing.
+        */
+       if (hostname == NULL) {
+               error("is_numeric_hostname called with NULL hostname");
+               return -1;
+       }
+
        memset(&hints, 0, sizeof(hints));
        hints.ai_socktype = SOCK_DGRAM;
        hints.ai_flags = AI_NUMERICHOST;
 
-       if (getaddrinfo(hostname, "0", &hints, &ai) == 0) {
+       if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) {
                freeaddrinfo(ai);
                return -1;
        }
@@ -187,7 +190,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
 
        *flags = 0;
 
-       debug3("verify_hostkey_dns");
+       debug3("verify_host_key_dns");
        if (hostkey == NULL)
                fatal("No key to look up!");
 
@@ -223,7 +226,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
        if (fingerprints->rri_nrdatas)
                *flags |= DNS_VERIFY_FOUND;
 
-       for (counter = 0; counter < fingerprints->rri_nrdatas; counter++)  {
+       for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) {
                /*
                 * Extract the key from the answer. Ignore any badly
                 * formatted fingerprints.
@@ -264,7 +267,6 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
        return 0;
 }
 
-
 /*
  * Export the fingerprint of a key as a DNS resource record
  */
@@ -280,7 +282,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
        int success = 0;
 
        if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type,
-                        &rdata_digest, &rdata_digest_len, key)) {
+           &rdata_digest, &rdata_digest_len, key)) {
 
                if (generic)
                        fprintf(f, "%s IN TYPE%d \\# %d %02x %02x ", hostname,
@@ -296,7 +298,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
                xfree(rdata_digest); /* from key_fingerprint_raw() */
                success = 1;
        } else {
-               error("dns_export_rr: unsupported algorithm");
+               error("export_dns_rr: unsupported algorithm");
        }
 
        return success;