summaryrefslogtreecommitdiff
path: root/canohost.c
diff options
context:
space:
mode:
Diffstat (limited to 'canohost.c')
-rw-r--r--canohost.c44
1 files changed, 27 insertions, 17 deletions
diff --git a/canohost.c b/canohost.c
index 417d95c18..533f2c24a 100644
--- a/canohost.c
+++ b/canohost.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: canohost.c,v 1.36 2003/04/08 20:21:28 itojun Exp $"); 15RCSID("$OpenBSD: canohost.c,v 1.37 2003/06/02 09:17:34 markus Exp $");
16 16
17#include "packet.h" 17#include "packet.h"
18#include "xmalloc.h" 18#include "xmalloc.h"
@@ -27,7 +27,7 @@ static void check_ip_options(int, char *);
27 */ 27 */
28 28
29static char * 29static char *
30get_remote_hostname(int socket, int verify_reverse_mapping) 30get_remote_hostname(int socket, int use_dns)
31{ 31{
32 struct sockaddr_storage from; 32 struct sockaddr_storage from;
33 int i; 33 int i;
@@ -72,6 +72,9 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
72 NULL, 0, NI_NUMERICHOST) != 0) 72 NULL, 0, NI_NUMERICHOST) != 0)
73 fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); 73 fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
74 74
75 if (!use_dns)
76 return xstrdup(ntop);
77
75 if (from.ss_family == AF_INET) 78 if (from.ss_family == AF_INET)
76 check_ip_options(socket, ntop); 79 check_ip_options(socket, ntop);
77 80
@@ -80,14 +83,24 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
80 if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), 83 if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
81 NULL, 0, NI_NAMEREQD) != 0) { 84 NULL, 0, NI_NAMEREQD) != 0) {
82 /* Host name not found. Use ip address. */ 85 /* Host name not found. Use ip address. */
83#if 0
84 logit("Could not reverse map address %.100s.", ntop);
85#endif
86 return xstrdup(ntop); 86 return xstrdup(ntop);
87 } 87 }
88 88
89 /* Got host name. */ 89 /*
90 name[sizeof(name) - 1] = '\0'; 90 * if reverse lookup result looks like a numeric hostname,
91 * someone is trying to trick us by PTR record like following:
92 * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
93 */
94 memset(&hints, 0, sizeof(hints));
95 hints.ai_socktype = SOCK_DGRAM; /*dummy*/
96 hints.ai_flags = AI_NUMERICHOST;
97 if (getaddrinfo(name, "0", &hints, &ai) == 0) {
98 logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
99 name, ntop);
100 freeaddrinfo(ai);
101 return xstrdup(ntop);
102 }
103
91 /* 104 /*
92 * Convert it to all lowercase (which is expected by the rest 105 * Convert it to all lowercase (which is expected by the rest
93 * of this software). 106 * of this software).
@@ -95,9 +108,6 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
95 for (i = 0; name[i]; i++) 108 for (i = 0; name[i]; i++)
96 if (isupper(name[i])) 109 if (isupper(name[i]))
97 name[i] = tolower(name[i]); 110 name[i] = tolower(name[i]);
98
99 if (!verify_reverse_mapping)
100 return xstrdup(name);
101 /* 111 /*
102 * Map it back to an IP address and check that the given 112 * Map it back to an IP address and check that the given
103 * address actually is an address of this host. This is 113 * address actually is an address of this host. This is
@@ -180,14 +190,14 @@ check_ip_options(int socket, char *ipaddr)
180 */ 190 */
181 191
182const char * 192const char *
183get_canonical_hostname(int verify_reverse_mapping) 193get_canonical_hostname(int use_dns)
184{ 194{
185 static char *canonical_host_name = NULL; 195 static char *canonical_host_name = NULL;
186 static int verify_reverse_mapping_done = 0; 196 static int use_dns_done = 0;
187 197
188 /* Check if we have previously retrieved name with same option. */ 198 /* Check if we have previously retrieved name with same option. */
189 if (canonical_host_name != NULL) { 199 if (canonical_host_name != NULL) {
190 if (verify_reverse_mapping_done != verify_reverse_mapping) 200 if (use_dns_done != use_dns)
191 xfree(canonical_host_name); 201 xfree(canonical_host_name);
192 else 202 else
193 return canonical_host_name; 203 return canonical_host_name;
@@ -196,11 +206,11 @@ get_canonical_hostname(int verify_reverse_mapping)
196 /* Get the real hostname if socket; otherwise return UNKNOWN. */ 206 /* Get the real hostname if socket; otherwise return UNKNOWN. */
197 if (packet_connection_is_on_socket()) 207 if (packet_connection_is_on_socket())
198 canonical_host_name = get_remote_hostname( 208 canonical_host_name = get_remote_hostname(
199 packet_get_connection_in(), verify_reverse_mapping); 209 packet_get_connection_in(), use_dns);
200 else 210 else
201 canonical_host_name = xstrdup("UNKNOWN"); 211 canonical_host_name = xstrdup("UNKNOWN");
202 212
203 verify_reverse_mapping_done = verify_reverse_mapping; 213 use_dns_done = use_dns;
204 return canonical_host_name; 214 return canonical_host_name;
205} 215}
206 216
@@ -294,11 +304,11 @@ get_remote_ipaddr(void)
294} 304}
295 305
296const char * 306const char *
297get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping) 307get_remote_name_or_ip(u_int utmp_len, int use_dns)
298{ 308{
299 static const char *remote = ""; 309 static const char *remote = "";
300 if (utmp_len > 0) 310 if (utmp_len > 0)
301 remote = get_canonical_hostname(verify_reverse_mapping); 311 remote = get_canonical_hostname(use_dns);
302 if (utmp_len == 0 || strlen(remote) > utmp_len) 312 if (utmp_len == 0 || strlen(remote) > utmp_len)
303 remote = get_remote_ipaddr(); 313 remote = get_remote_ipaddr();
304 return remote; 314 return remote;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 17:55:47 +0000