+/* $OpenBSD: canohost.c,v 1.65 2009/05/27 06:31:25 andreas Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
*/
#include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.42 2005/02/18 03:05:53 djm Exp $");
-#include "packet.h"
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include <ctype.h>
+#include <errno.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+
#include "xmalloc.h"
+#include "packet.h"
#include "log.h"
#include "canohost.h"
+#include "misc.h"
static void check_ip_options(int, char *);
+static char *canonical_host_ip = NULL;
+static int cached_port = -1;
/*
* Return the canonical name of the host at the other end of the socket. The
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_DGRAM; /*dummy*/
hints.ai_flags = AI_NUMERICHOST;
- if (getaddrinfo(name, "0", &hints, &ai) == 0) {
+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
name, ntop);
freeaddrinfo(ai);
*/
for (i = 0; name[i]; i++)
if (isupper(name[i]))
- name[i] = tolower(name[i]);
+ name[i] = (char)tolower(name[i]);
/*
* Map it back to an IP address and check that the given
* address actually is an address of this host. This is
hints.ai_socktype = SOCK_STREAM;
if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
logit("reverse mapping checking getaddrinfo for %.700s "
- "failed - POSSIBLE BREAKIN ATTEMPT!", name);
+ "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop);
return xstrdup(ntop);
}
/* Look for the address from the list of addresses. */
if (!ai) {
/* Address not found for the host name. */
logit("Address %.100s maps to %.600s, but this does not "
- "map back to the address - POSSIBLE BREAKIN ATTEMPT!",
+ "map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
ntop, name);
return xstrdup(ntop);
}
u_char options[200];
char text[sizeof(options) * 3 + 1];
socklen_t option_size;
- int i, ipproto;
+ u_int i;
+ int ipproto;
struct protoent *ip;
if ((ip = getprotobyname("ip")) != NULL)
for (i = 0; i < option_size; i++)
snprintf(text + i*3, sizeof(text) - i*3,
" %2.2x", options[i]);
- logit("Connection from %.100s with IP options:%.800s",
- ipaddr, text);
- packet_disconnect("Connection from %.100s with IP options:%.800s",
+ fatal("Connection from %.100s with IP options:%.800s",
ipaddr, text);
}
#endif /* IP_OPTIONS */
struct in_addr inaddr;
u_int16_t port;
- if (addr->ss_family != AF_INET6 ||
+ if (addr->ss_family != AF_INET6 ||
!IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr))
return;
const char *
get_canonical_hostname(int use_dns)
{
+ char *host;
static char *canonical_host_name = NULL;
- static int use_dns_done = 0;
+ static char *remote_ip = NULL;
/* Check if we have previously retrieved name with same option. */
- if (canonical_host_name != NULL) {
- if (use_dns_done != use_dns)
- xfree(canonical_host_name);
- else
- return canonical_host_name;
- }
+ if (use_dns && canonical_host_name != NULL)
+ return canonical_host_name;
+ if (!use_dns && remote_ip != NULL)
+ return remote_ip;
/* Get the real hostname if socket; otherwise return UNKNOWN. */
if (packet_connection_is_on_socket())
- canonical_host_name = get_remote_hostname(
- packet_get_connection_in(), use_dns);
+ host = get_remote_hostname(packet_get_connection_in(), use_dns);
else
- canonical_host_name = xstrdup("UNKNOWN");
+ host = "UNKNOWN";
- use_dns_done = use_dns;
- return canonical_host_name;
+ if (use_dns)
+ canonical_host_name = host;
+ else
+ remote_ip = host;
+ return host;
}
/*
if (addr.ss_family == AF_INET6)
addrlen = sizeof(struct sockaddr_in6);
+ ipv64_normalise_mapped(&addr, &addrlen);
+
/* Get the address in ascii. */
if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
sizeof(ntop), NULL, 0, flags)) != 0) {
error("get_socket_address: getnameinfo %d failed: %s", flags,
- r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+ ssh_gai_strerror(r));
return NULL;
}
return xstrdup(ntop);
return get_socket_address(sock, 0, NI_NAMEREQD);
}
+void
+clear_cached_addr(void)
+{
+ if (canonical_host_ip != NULL) {
+ xfree(canonical_host_ip);
+ canonical_host_ip = NULL;
+ }
+ cached_port = -1;
+}
+
/*
* Returns the IP-address of the remote host as a string. The returned
* string must not be freed.
const char *
get_remote_ipaddr(void)
{
- static char *canonical_host_ip = NULL;
-
/* Check whether we have cached the ipaddr. */
if (canonical_host_ip == NULL) {
if (packet_connection_is_on_socket()) {
/* Returns the local/remote port for the socket. */
-static int
+int
get_sock_port(int sock, int local)
{
struct sockaddr_storage from;
} else {
if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
debug("getpeername failed: %.100s", strerror(errno));
- cleanup_exit(255);
+ return -1;
}
}
if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
strport, sizeof(strport), NI_NUMERICSERV)) != 0)
fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s",
- r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+ ssh_gai_strerror(r));
return atoi(strport);
}
int
get_remote_port(void)
{
- static int port = -1;
-
/* Cache to avoid getpeername() on a dead connection */
- if (port == -1)
- port = get_port(0);
+ if (cached_port == -1)
+ cached_port = get_port(0);
- return port;
+ return cached_port;
}
int