diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | dns.c | 29 |
2 files changed, 31 insertions, 3 deletions
| @@ -20,6 +20,9 @@ | |||
| 20 | [ssh.1] | 20 | [ssh.1] |
| 21 | arg to -b is an address, not if_name; | 21 | arg to -b is an address, not if_name; |
| 22 | ok markus@ | 22 | ok markus@ |
| 23 | - jakob@cvs.openbsd.org 2005/04/20 10:05:45 | ||
| 24 | [dns.c] | ||
| 25 | do not try to look up SSHFP for numerical hostname. ok djm@ | ||
| 23 | 26 | ||
| 24 | 20050524 | 27 | 20050524 |
| 25 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | 28 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| @@ -2519,4 +2522,4 @@ | |||
| 2519 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2522 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
| 2520 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2523 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
| 2521 | 2524 | ||
| 2522 | $Id: ChangeLog,v 1.3766 2005/05/26 02:03:15 djm Exp $ | 2525 | $Id: ChangeLog,v 1.3767 2005/05/26 02:03:31 djm Exp $ |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
| @@ -43,7 +43,7 @@ | |||
| 43 | #include "uuencode.h" | 43 | #include "uuencode.h" |
| 44 | 44 | ||
| 45 | extern char *__progname; | 45 | extern char *__progname; |
| 46 | RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $"); |
| 47 | 47 | ||
| 48 | #ifndef LWRES | 48 | #ifndef LWRES |
| 49 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
| @@ -142,6 +142,26 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, | |||
| 142 | return success; | 142 | return success; |
| 143 | } | 143 | } |
| 144 | 144 | ||
| 145 | /* | ||
| 146 | * Check if hostname is numerical. | ||
| 147 | * Returns -1 if hostname is numeric, 0 otherwise | ||
| 148 | */ | ||
| 149 | static int | ||
| 150 | is_numeric_hostname(const char *hostname) | ||
| 151 | { | ||
| 152 | struct addrinfo hints, *ai; | ||
| 153 | |||
| 154 | memset(&hints, 0, sizeof(hints)); | ||
| 155 | hints.ai_socktype = SOCK_DGRAM; | ||
| 156 | hints.ai_flags = AI_NUMERICHOST; | ||
| 157 | |||
| 158 | if (getaddrinfo(hostname, "0", &hints, &ai) == 0) { | ||
| 159 | freeaddrinfo(ai); | ||
| 160 | return -1; | ||
| 161 | } | ||
| 162 | |||
| 163 | return 0; | ||
| 164 | } | ||
| 145 | 165 | ||
| 146 | /* | 166 | /* |
| 147 | * Verify the given hostname, address and host key using DNS. | 167 | * Verify the given hostname, address and host key using DNS. |
| @@ -171,6 +191,11 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, | |||
| 171 | if (hostkey == NULL) | 191 | if (hostkey == NULL) |
| 172 | fatal("No key to look up!"); | 192 | fatal("No key to look up!"); |
| 173 | 193 | ||
| 194 | if (is_numeric_hostname(hostname)) { | ||
| 195 | debug("skipped DNS lookup for numerical hostname"); | ||
| 196 | return -1; | ||
| 197 | } | ||
| 198 | |||
| 174 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, | 199 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, |
| 175 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); | 200 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); |
| 176 | if (result) { | 201 | if (result) { |