diff options
author | Damien Miller <djm@mindrot.org> | 2001-01-30 09:19:34 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-01-30 09:19:34 +1100 |
commit | d83ff35d66e11978e0b821ecbfa07011ddcb8868 (patch) | |
tree | b4c757a1a9acd2a1acd074a00fce71b30ff2ee48 | |
parent | 5e953217f13b340d8a5fbcd771a1dbaf43354f20 (diff) |
- (djm) OpenBSD CVS Sync:
- markus@cvs.openbsd.org 2001/01/29 12:42:35
[canohost.c canohost.h channels.c clientloop.c]
add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | canohost.c | 59 | ||||
-rw-r--r-- | canohost.h | 9 | ||||
-rw-r--r-- | channels.c | 14 | ||||
-rw-r--r-- | clientloop.c | 4 |
5 files changed, 52 insertions, 37 deletions
@@ -3,6 +3,9 @@ | |||
3 | - markus@cvs.openbsd.org 2001/01/29 09:55:37 | 3 | - markus@cvs.openbsd.org 2001/01/29 09:55:37 |
4 | [channels.c channels.h clientloop.c serverloop.c] | 4 | [channels.c channels.h clientloop.c serverloop.c] |
5 | fix select overflow; ok deraadt@ and stevesk@ | 5 | fix select overflow; ok deraadt@ and stevesk@ |
6 | - markus@cvs.openbsd.org 2001/01/29 12:42:35 | ||
7 | [canohost.c canohost.h channels.c clientloop.c] | ||
8 | add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS | ||
6 | 9 | ||
7 | 20000129 | 10 | 20000129 |
8 | - (stevesk) sftp-server.c: use %lld vs. %qd | 11 | - (stevesk) sftp-server.c: use %lld vs. %qd |
diff --git a/canohost.c b/canohost.c index 9fa33c260..f3a659328 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: canohost.c,v 1.18 2001/01/21 19:05:45 markus Exp $"); | 15 | RCSID("$OpenBSD: canohost.c,v 1.19 2001/01/29 19:42:33 markus Exp $"); |
16 | 16 | ||
17 | #include "packet.h" | 17 | #include "packet.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -188,46 +188,55 @@ get_canonical_hostname() | |||
188 | } | 188 | } |
189 | 189 | ||
190 | /* | 190 | /* |
191 | * Returns the IP-address of the remote host as a string. The returned | 191 | * Returns the remote IP-address of socket as a string. The returned |
192 | * string must not be freed. | 192 | * string must be freed. |
193 | */ | 193 | */ |
194 | 194 | ||
195 | const char * | 195 | char * |
196 | get_remote_ipaddr() | 196 | get_peer_ipaddr(int socket) |
197 | { | 197 | { |
198 | static char *canonical_host_ip = NULL; | ||
199 | struct sockaddr_storage from; | 198 | struct sockaddr_storage from; |
200 | socklen_t fromlen; | 199 | socklen_t fromlen; |
201 | int socket; | ||
202 | char ntop[NI_MAXHOST]; | 200 | char ntop[NI_MAXHOST]; |
203 | 201 | ||
204 | /* Check whether we have chached the name. */ | ||
205 | if (canonical_host_ip != NULL) | ||
206 | return canonical_host_ip; | ||
207 | |||
208 | /* If not a socket, return UNKNOWN. */ | ||
209 | if (!packet_connection_is_on_socket()) { | ||
210 | canonical_host_ip = xstrdup("UNKNOWN"); | ||
211 | return canonical_host_ip; | ||
212 | } | ||
213 | /* Get client socket. */ | ||
214 | socket = packet_get_connection_in(); | ||
215 | |||
216 | /* Get IP address of client. */ | 202 | /* Get IP address of client. */ |
217 | fromlen = sizeof(from); | 203 | fromlen = sizeof(from); |
218 | memset(&from, 0, sizeof(from)); | 204 | memset(&from, 0, sizeof(from)); |
219 | if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) { | 205 | if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) { |
220 | debug("getpeername failed: %.100s", strerror(errno)); | 206 | debug("get_peer_ipaddr: getpeername failed: %.100s", strerror(errno)); |
221 | fatal_cleanup(); | 207 | return NULL; |
222 | } | 208 | } |
223 | /* Get the IP address in ascii. */ | 209 | /* Get the IP address in ascii. */ |
224 | if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), | 210 | if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), |
225 | NULL, 0, NI_NUMERICHOST) != 0) | 211 | NULL, 0, NI_NUMERICHOST) != 0) { |
226 | fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); | 212 | error("get_peer_ipaddr: getnameinfo NI_NUMERICHOST failed"); |
213 | return NULL; | ||
214 | } | ||
215 | return xstrdup(ntop); | ||
216 | } | ||
227 | 217 | ||
228 | canonical_host_ip = xstrdup(ntop); | 218 | /* |
219 | * Returns the IP-address of the remote host as a string. The returned | ||
220 | * string must not be freed. | ||
221 | */ | ||
229 | 222 | ||
230 | /* Return ip address string. */ | 223 | const char * |
224 | get_remote_ipaddr() | ||
225 | { | ||
226 | static char *canonical_host_ip = NULL; | ||
227 | |||
228 | /* Check whether we have cached the ipaddr. */ | ||
229 | if (canonical_host_ip == NULL) { | ||
230 | if (packet_connection_is_on_socket()) { | ||
231 | canonical_host_ip = | ||
232 | get_peer_ipaddr(packet_get_connection_in()); | ||
233 | if (canonical_host_ip == NULL) | ||
234 | fatal_cleanup(); | ||
235 | } else { | ||
236 | /* If not on socket, return UNKNOWN. */ | ||
237 | canonical_host_ip = xstrdup("UNKNOWN"); | ||
238 | } | ||
239 | } | ||
231 | return canonical_host_ip; | 240 | return canonical_host_ip; |
232 | } | 241 | } |
233 | 242 | ||
diff --git a/canohost.h b/canohost.h index ba04c59f5..982ec5949 100644 --- a/canohost.h +++ b/canohost.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: canohost.h,v 1.2 2001/01/29 01:58:15 niklas Exp $ */ | 1 | /* $OpenBSD: canohost.h,v 1.3 2001/01/29 19:42:35 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -25,12 +25,13 @@ char *get_remote_hostname(int socket); | |||
25 | const char *get_canonical_hostname(void); | 25 | const char *get_canonical_hostname(void); |
26 | 26 | ||
27 | /* | 27 | /* |
28 | * Returns the remote IP address as an ascii string. The value need not be | 28 | * Returns the IP-address of the remote host as a string. The returned |
29 | * freed by the caller. | 29 | * string must not be freed. |
30 | */ | 30 | */ |
31 | const char *get_remote_ipaddr(void); | 31 | const char *get_remote_ipaddr(void); |
32 | 32 | ||
33 | /* Returns the port number of the peer of the socket. */ | 33 | /* Returns the ipaddr/port number of the peer of the socket. */ |
34 | char * get_peer_ipaddr(int socket); | ||
34 | int get_peer_port(int sock); | 35 | int get_peer_port(int sock); |
35 | 36 | ||
36 | /* Returns the port number of the remote/local host. */ | 37 | /* Returns the port number of the remote/local host. */ |
diff --git a/channels.c b/channels.c index 6aafc3dc3..82a2db05e 100644 --- a/channels.c +++ b/channels.c | |||
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: channels.c,v 1.84 2001/01/29 16:55:36 markus Exp $"); | 43 | RCSID("$OpenBSD: channels.c,v 1.85 2001/01/29 19:42:35 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/rsa.h> | 45 | #include <openssl/rsa.h> |
46 | #include <openssl/dsa.h> | 46 | #include <openssl/dsa.h> |
@@ -546,7 +546,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
546 | struct sockaddr addr; | 546 | struct sockaddr addr; |
547 | int newsock, newch; | 547 | int newsock, newch; |
548 | socklen_t addrlen; | 548 | socklen_t addrlen; |
549 | char buf[16384], *remote_hostname; | 549 | char buf[16384], *remote_ipaddr; |
550 | int remote_port; | 550 | int remote_port; |
551 | 551 | ||
552 | if (FD_ISSET(c->sock, readset)) { | 552 | if (FD_ISSET(c->sock, readset)) { |
@@ -557,10 +557,10 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
557 | error("accept: %.100s", strerror(errno)); | 557 | error("accept: %.100s", strerror(errno)); |
558 | return; | 558 | return; |
559 | } | 559 | } |
560 | remote_hostname = get_remote_hostname(newsock); | 560 | remote_ipaddr = get_peer_ipaddr(newsock); |
561 | remote_port = get_peer_port(newsock); | 561 | remote_port = get_peer_port(newsock); |
562 | snprintf(buf, sizeof buf, "X11 connection from %.200s port %d", | 562 | snprintf(buf, sizeof buf, "X11 connection from %.200s port %d", |
563 | remote_hostname, remote_port); | 563 | remote_ipaddr, remote_port); |
564 | 564 | ||
565 | newch = channel_new("x11", | 565 | newch = channel_new("x11", |
566 | SSH_CHANNEL_OPENING, newsock, newsock, -1, | 566 | SSH_CHANNEL_OPENING, newsock, newsock, -1, |
@@ -572,8 +572,8 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
572 | packet_put_int(newch); | 572 | packet_put_int(newch); |
573 | packet_put_int(c->local_window_max); | 573 | packet_put_int(c->local_window_max); |
574 | packet_put_int(c->local_maxpacket); | 574 | packet_put_int(c->local_maxpacket); |
575 | /* originator host and port */ | 575 | /* originator ipaddr and port */ |
576 | packet_put_cstring(remote_hostname); | 576 | packet_put_cstring(remote_ipaddr); |
577 | if (datafellows & SSH_BUG_X11FWD) { | 577 | if (datafellows & SSH_BUG_X11FWD) { |
578 | debug("ssh2 x11 bug compat mode"); | 578 | debug("ssh2 x11 bug compat mode"); |
579 | } else { | 579 | } else { |
@@ -587,7 +587,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
587 | packet_put_string(buf, strlen(buf)); | 587 | packet_put_string(buf, strlen(buf)); |
588 | packet_send(); | 588 | packet_send(); |
589 | } | 589 | } |
590 | xfree(remote_hostname); | 590 | xfree(remote_ipaddr); |
591 | } | 591 | } |
592 | } | 592 | } |
593 | 593 | ||
diff --git a/clientloop.c b/clientloop.c index 49a943a73..721c27905 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.46 2001/01/29 16:55:36 markus Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.47 2001/01/29 19:42:35 markus Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -1069,6 +1069,8 @@ client_request_x11(const char *request_type, int rchan) | |||
1069 | } | 1069 | } |
1070 | packet_done(); | 1070 | packet_done(); |
1071 | /* XXX check permission */ | 1071 | /* XXX check permission */ |
1072 | debug("client_request_x11: request from %s %d", originator, | ||
1073 | originator_port); | ||
1072 | sock = x11_connect_display(); | 1074 | sock = x11_connect_display(); |
1073 | if (sock >= 0) { | 1075 | if (sock >= 0) { |
1074 | newch = channel_new("x11", | 1076 | newch = channel_new("x11", |