X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/a56cebd3fd1985dd121d9d822c44db88c7c96f5a..823221b29186882ad56bfb9bf95c6b2dc86e8bbe:/canohost.c diff --git a/canohost.c b/canohost.c index 94d66643..6ca60e6b 100644 --- a/canohost.c +++ b/canohost.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.42 2005/02/18 03:05:53 djm Exp $"); +RCSID("$OpenBSD: canohost.c,v 1.48 2005/12/28 22:46:06 stevesk Exp $"); #include "packet.h" #include "xmalloc.h" @@ -43,9 +43,6 @@ get_remote_hostname(int sock, int use_dns) cleanup_exit(255); } - if (from.ss_family == AF_INET) - check_ip_options(sock, ntop); - ipv64_normalise_mapped(&from, &fromlen); if (from.ss_family == AF_INET6) @@ -55,6 +52,9 @@ get_remote_hostname(int sock, int use_dns) NULL, 0, NI_NUMERICHOST) != 0) fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); + if (from.ss_family == AF_INET) + check_ip_options(sock, ntop); + if (!use_dns) return xstrdup(ntop); @@ -102,7 +102,7 @@ get_remote_hostname(int sock, int use_dns) hints.ai_socktype = SOCK_STREAM; if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { logit("reverse mapping checking getaddrinfo for %.700s " - "failed - POSSIBLE BREAKIN ATTEMPT!", name); + "failed - POSSIBLE BREAK-IN ATTEMPT!", name); return xstrdup(ntop); } /* Look for the address from the list of addresses. */ @@ -117,7 +117,7 @@ get_remote_hostname(int sock, int use_dns) if (!ai) { /* Address not found for the host name. */ logit("Address %.100s maps to %.600s, but this does not " - "map back to the address - POSSIBLE BREAKIN ATTEMPT!", + "map back to the address - POSSIBLE BREAK-IN ATTEMPT!", ntop, name); return xstrdup(ntop); } @@ -143,7 +143,8 @@ check_ip_options(int sock, char *ipaddr) u_char options[200]; char text[sizeof(options) * 3 + 1]; socklen_t option_size; - int i, ipproto; + u_int i; + int ipproto; struct protoent *ip; if ((ip = getprotobyname("ip")) != NULL) @@ -157,9 +158,7 @@ check_ip_options(int sock, char *ipaddr) for (i = 0; i < option_size; i++) snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", options[i]); - logit("Connection from %.100s with IP options:%.800s", - ipaddr, text); - packet_disconnect("Connection from %.100s with IP options:%.800s", + fatal("Connection from %.100s with IP options:%.800s", ipaddr, text); } #endif /* IP_OPTIONS */ @@ -173,7 +172,7 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) struct in_addr inaddr; u_int16_t port; - if (addr->ss_family != AF_INET6 || + if (addr->ss_family != AF_INET6 || !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr)) return; @@ -199,26 +198,27 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) const char * get_canonical_hostname(int use_dns) { + char *host; static char *canonical_host_name = NULL; - static int use_dns_done = 0; + static char *remote_ip = NULL; /* Check if we have previously retrieved name with same option. */ - if (canonical_host_name != NULL) { - if (use_dns_done != use_dns) - xfree(canonical_host_name); - else - return canonical_host_name; - } + if (use_dns && canonical_host_name != NULL) + return canonical_host_name; + if (!use_dns && remote_ip != NULL) + return remote_ip; /* Get the real hostname if socket; otherwise return UNKNOWN. */ if (packet_connection_is_on_socket()) - canonical_host_name = get_remote_hostname( - packet_get_connection_in(), use_dns); + host = get_remote_hostname(packet_get_connection_in(), use_dns); else - canonical_host_name = xstrdup("UNKNOWN"); + host = "UNKNOWN"; - use_dns_done = use_dns; - return canonical_host_name; + if (use_dns) + canonical_host_name = host; + else + remote_ip = host; + return host; } /* @@ -346,7 +346,7 @@ get_sock_port(int sock, int local) } else { if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { debug("getpeername failed: %.100s", strerror(errno)); - cleanup_exit(255); + return -1; } }