X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/d1cf9a87fafc26849daa2806f3c5b01a87652408..ca24b5507e1129858ef7c87a4549f0e44237a7b1:/canohost.c diff --git a/canohost.c b/canohost.c index c27086bf..ef94d915 100644 --- a/canohost.c +++ b/canohost.c @@ -1,3 +1,4 @@ +/* $OpenBSD: canohost.c,v 1.66 2010/01/13 01:20:20 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -12,14 +13,31 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $"); -#include "packet.h" +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + #include "xmalloc.h" +#include "packet.h" #include "log.h" #include "canohost.h" +#include "misc.h" static void check_ip_options(int, char *); +static char *canonical_host_ip = NULL; +static int cached_port = -1; /* * Return the canonical name of the host at the other end of the socket. The @@ -74,7 +92,7 @@ get_remote_hostname(int sock, int use_dns) memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_NUMERICHOST; - if (getaddrinfo(name, "0", &hints, &ai) == 0) { + if (getaddrinfo(name, NULL, &hints, &ai) == 0) { logit("Nasty PTR record \"%s\" is set up for %s, ignoring", name, ntop); freeaddrinfo(ai); @@ -87,7 +105,7 @@ get_remote_hostname(int sock, int use_dns) */ for (i = 0; name[i]; i++) if (isupper(name[i])) - name[i] = tolower(name[i]); + name[i] = (char)tolower(name[i]); /* * Map it back to an IP address and check that the given * address actually is an address of this host. This is @@ -102,7 +120,7 @@ get_remote_hostname(int sock, int use_dns) hints.ai_socktype = SOCK_STREAM; if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { logit("reverse mapping checking getaddrinfo for %.700s " - "failed - POSSIBLE BREAKIN ATTEMPT!", name); + "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop); return xstrdup(ntop); } /* Look for the address from the list of addresses. */ @@ -117,7 +135,7 @@ get_remote_hostname(int sock, int use_dns) if (!ai) { /* Address not found for the host name. */ logit("Address %.100s maps to %.600s, but this does not " - "map back to the address - POSSIBLE BREAKIN ATTEMPT!", + "map back to the address - POSSIBLE BREAK-IN ATTEMPT!", ntop, name); return xstrdup(ntop); } @@ -158,9 +176,7 @@ check_ip_options(int sock, char *ipaddr) for (i = 0; i < option_size; i++) snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", options[i]); - logit("Connection from %.100s with IP options:%.800s", - ipaddr, text); - packet_disconnect("Connection from %.100s with IP options:%.800s", + fatal("Connection from %.100s with IP options:%.800s", ipaddr, text); } #endif /* IP_OPTIONS */ @@ -200,26 +216,27 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) const char * get_canonical_hostname(int use_dns) { + char *host; static char *canonical_host_name = NULL; - static int use_dns_done = 0; + static char *remote_ip = NULL; /* Check if we have previously retrieved name with same option. */ - if (canonical_host_name != NULL) { - if (use_dns_done != use_dns) - xfree(canonical_host_name); - else - return canonical_host_name; - } + if (use_dns && canonical_host_name != NULL) + return canonical_host_name; + if (!use_dns && remote_ip != NULL) + return remote_ip; /* Get the real hostname if socket; otherwise return UNKNOWN. */ if (packet_connection_is_on_socket()) - canonical_host_name = get_remote_hostname( - packet_get_connection_in(), use_dns); + host = get_remote_hostname(packet_get_connection_in(), use_dns); else - canonical_host_name = xstrdup("UNKNOWN"); + host = "UNKNOWN"; - use_dns_done = use_dns; - return canonical_host_name; + if (use_dns) + canonical_host_name = host; + else + remote_ip = host; + return host; } /* @@ -258,7 +275,7 @@ get_socket_address(int sock, int remote, int flags) if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), NULL, 0, flags)) != 0) { error("get_socket_address: getnameinfo %d failed: %s", flags, - r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r)); + ssh_gai_strerror(r)); return NULL; } return xstrdup(ntop); @@ -285,9 +302,32 @@ get_local_ipaddr(int sock) } char * -get_local_name(int sock) +get_local_name(int fd) +{ + char *host, myname[NI_MAXHOST]; + + /* Assume we were passed a socket */ + if ((host = get_socket_address(fd, 0, NI_NAMEREQD)) != NULL) + return host; + + /* Handle the case where we were passed a pipe */ + if (gethostname(myname, sizeof(myname)) == -1) { + verbose("get_local_name: gethostname: %s", strerror(errno)); + } else { + host = xstrdup(myname); + } + + return host; +} + +void +clear_cached_addr(void) { - return get_socket_address(sock, 0, NI_NAMEREQD); + if (canonical_host_ip != NULL) { + xfree(canonical_host_ip); + canonical_host_ip = NULL; + } + cached_port = -1; } /* @@ -298,8 +338,6 @@ get_local_name(int sock) const char * get_remote_ipaddr(void) { - static char *canonical_host_ip = NULL; - /* Check whether we have cached the ipaddr. */ if (canonical_host_ip == NULL) { if (packet_connection_is_on_socket()) { @@ -328,7 +366,7 @@ get_remote_name_or_ip(u_int utmp_len, int use_dns) /* Returns the local/remote port for the socket. */ -static int +int get_sock_port(int sock, int local) { struct sockaddr_storage from; @@ -359,7 +397,7 @@ get_sock_port(int sock, int local) if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, strport, sizeof(strport), NI_NUMERICSERV)) != 0) fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s", - r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r)); + ssh_gai_strerror(r)); return atoi(strport); } @@ -388,13 +426,11 @@ get_peer_port(int sock) int get_remote_port(void) { - static int port = -1; - /* Cache to avoid getpeername() on a dead connection */ - if (port == -1) - port = get_port(0); + if (cached_port == -1) + cached_port = get_port(0); - return port; + return cached_port; } int