upstream commit

Make sure we only call getnameinfo() for AF_INET or AF_INET6 sockets. getpeername() of a Unix domain socket may return without error on some systems without actually setting ss_family so getnameinfo() was getting called with ss_family set to AF_UNSPEC. OK djm@
author: millert@openbsd.org <millert@openbsd.org> 2015-03-01 15:44:40 +0000
committer: Damien Miller <djm@mindrot.org> 2015-03-03 04:45:01 +1100
commit: 39e2f1229562e1195169905607bc12290d21f021 (patch)
tree: 55573799b3fa7afc981f085ad84135af47782bdf /canohost.c
parent: e47536ba9692d271b8ad89078abdecf0a1c11707 (diff)
1 files changed, 20 insertions, 15 deletions
diff --git a/canohost.c b/canohost.c
index a3e3bbff8..223964ea3 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.71 2014/07/15 15:54:14 millert Exp $ */
+/* $OpenBSD: canohost.c,v 1.72 2015/03/01 15:44:40 millert Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -260,24 +260,29 @@ get_socket_address(int sock, int remote, int flags)
        }
        /* Work around Linux IPv6 weirdness */
-        if (addr.ss_family == AF_INET6)
+        if (addr.ss_family == AF_INET6) {
                addrlen = sizeof(struct sockaddr_in6);
+                ipv64_normalise_mapped(&addr, &addrlen);
+        }
-        if (addr.ss_family == AF_UNIX) {
+        switch (addr.ss_family) {
+        case AF_INET:
+        case AF_INET6:
+                /* Get the address in ascii. */
+                if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
+                    sizeof(ntop), NULL, 0, flags)) != 0) {
+                        error("get_socket_address: getnameinfo %d failed: %s",
+                            flags, ssh_gai_strerror(r));
+                        return NULL;
+                }
+                return xstrdup(ntop);
+        case AF_UNIX:
                /* Get the Unix domain socket path. */
                return xstrdup(((struct sockaddr_un *)&addr)->sun_path);
-        }
+        default:
+                /* We can't look up remote Unix domain sockets. */
-        ipv64_normalise_mapped(&addr, &addrlen);
-        /* Get the address in ascii. */
-        if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
-            sizeof(ntop), NULL, 0, flags)) != 0) {
-                error("get_socket_address: getnameinfo %d failed: %s", flags,
-                    ssh_gai_strerror(r));
                return NULL;
        }
-        return xstrdup(ntop);
 }
 char *
@@ -390,8 +395,8 @@ get_sock_port(int sock, int local)
        if (from.ss_family == AF_INET6)
                fromlen = sizeof(struct sockaddr_in6);
-        /* Unix domain sockets don't have a port number. */
+        /* Non-inet sockets don't have a port number. */
-        if (from.ss_family == AF_UNIX)
+        if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
                return 0;
        /* Return port number. */
author	millert@openbsd.org <millert@openbsd.org>	2015-03-01 15:44:40 +0000
committer	Damien Miller <djm@mindrot.org>	2015-03-03 04:45:01 +1100
commit	39e2f1229562e1195169905607bc12290d21f021 (patch)
tree	55573799b3fa7afc981f085ad84135af47782bdf /canohost.c
parent	e47536ba9692d271b8ad89078abdecf0a1c11707 (diff)

diff --git a/canohost.c b/canohost.c index a3e3bbff8..223964ea3 100644 --- a/canohost.c +++ b/canohost.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: canohost.c,v 1.71 2014/07/15 15:54:14 millert Exp $ */	1	/* $OpenBSD: canohost.c,v 1.72 2015/03/01 15:44:40 millert Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -260,24 +260,29 @@ get_socket_address(int sock, int remote, int flags)
260	}	260	}
261		261
262	/* Work around Linux IPv6 weirdness */	262	/* Work around Linux IPv6 weirdness */
263	if (addr.ss_family == AF_INET6)	263	if (addr.ss_family == AF_INET6) {
264	addrlen = sizeof(struct sockaddr_in6);	264	addrlen = sizeof(struct sockaddr_in6);
		265	ipv64_normalise_mapped(&addr, &addrlen);
		266	}
265		267
266	if (addr.ss_family == AF_UNIX) {	268	switch (addr.ss_family) {
		269	case AF_INET:
		270	case AF_INET6:
		271	/* Get the address in ascii. */
		272	if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
		273	sizeof(ntop), NULL, 0, flags)) != 0) {
		274	error("get_socket_address: getnameinfo %d failed: %s",
		275	flags, ssh_gai_strerror(r));
		276	return NULL;
		277	}
		278	return xstrdup(ntop);
		279	case AF_UNIX:
267	/* Get the Unix domain socket path. */	280	/* Get the Unix domain socket path. */
268	return xstrdup(((struct sockaddr_un *)&addr)->sun_path);	281	return xstrdup(((struct sockaddr_un *)&addr)->sun_path);
269	}	282	default:
270		283	/* We can't look up remote Unix domain sockets. */
271	ipv64_normalise_mapped(&addr, &addrlen);
272
273	/* Get the address in ascii. */
274	if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
275	sizeof(ntop), NULL, 0, flags)) != 0) {
276	error("get_socket_address: getnameinfo %d failed: %s", flags,
277	ssh_gai_strerror(r));
278	return NULL;	284	return NULL;
279	}	285	}
280	return xstrdup(ntop);
281	}	286	}
282		287
283	char *	288	char *
@@ -390,8 +395,8 @@ get_sock_port(int sock, int local)
390	if (from.ss_family == AF_INET6)	395	if (from.ss_family == AF_INET6)
391	fromlen = sizeof(struct sockaddr_in6);	396	fromlen = sizeof(struct sockaddr_in6);
392		397
393	/* Unix domain sockets don't have a port number. */	398	/* Non-inet sockets don't have a port number. */
394	if (from.ss_family == AF_UNIX)	399	if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
395	return 0;	400	return 0;
396		401
397	/* Return port number. */	402	/* Return port number. */