diff options
Diffstat (limited to 'canohost.c')
-rw-r--r-- | canohost.c | 79 |
1 files changed, 47 insertions, 32 deletions
diff --git a/canohost.c b/canohost.c index 3179ddc25..4209b6ab8 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -14,14 +14,16 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$Id: canohost.c,v 1.3 1999/11/24 13:26:22 damien Exp $"); | 17 | RCSID("$Id: canohost.c,v 1.4 1999/11/25 00:54:58 damien Exp $"); |
18 | 18 | ||
19 | #include "packet.h" | 19 | #include "packet.h" |
20 | #include "xmalloc.h" | 20 | #include "xmalloc.h" |
21 | #include "ssh.h" | 21 | #include "ssh.h" |
22 | 22 | ||
23 | /* Return the canonical name of the host at the other end of the socket. | 23 | /* |
24 | The caller should free the returned string with xfree. */ | 24 | * Return the canonical name of the host at the other end of the socket. The |
25 | * caller should free the returned string with xfree. | ||
26 | */ | ||
25 | 27 | ||
26 | char * | 28 | char * |
27 | get_remote_hostname(int socket) | 29 | get_remote_hostname(int socket) |
@@ -52,19 +54,23 @@ get_remote_hostname(int socket) | |||
52 | else | 54 | else |
53 | strlcpy(name, hp->h_name, sizeof(name)); | 55 | strlcpy(name, hp->h_name, sizeof(name)); |
54 | 56 | ||
55 | /* Convert it to all lowercase (which is expected by the | 57 | /* |
56 | rest of this software). */ | 58 | * Convert it to all lowercase (which is expected by the rest |
59 | * of this software). | ||
60 | */ | ||
57 | for (i = 0; name[i]; i++) | 61 | for (i = 0; name[i]; i++) |
58 | if (isupper(name[i])) | 62 | if (isupper(name[i])) |
59 | name[i] = tolower(name[i]); | 63 | name[i] = tolower(name[i]); |
60 | 64 | ||
61 | /* Map it back to an IP address and check that the given | 65 | /* |
62 | address actually is an address of this host. This is | 66 | * Map it back to an IP address and check that the given |
63 | necessary because anyone with access to a name server | 67 | * address actually is an address of this host. This is |
64 | can define arbitrary names for an IP address. Mapping | 68 | * necessary because anyone with access to a name server can |
65 | from name to IP address can be trusted better (but can | 69 | * define arbitrary names for an IP address. Mapping from |
66 | still be fooled if the intruder has access to the name | 70 | * name to IP address can be trusted better (but can still be |
67 | server of the domain). */ | 71 | * fooled if the intruder has access to the name server of |
72 | * the domain). | ||
73 | */ | ||
68 | hp = gethostbyname(name); | 74 | hp = gethostbyname(name); |
69 | if (!hp) { | 75 | if (!hp) { |
70 | log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name); | 76 | log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name); |
@@ -76,8 +82,10 @@ get_remote_hostname(int socket) | |||
76 | if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr)) | 82 | if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr)) |
77 | == 0) | 83 | == 0) |
78 | break; | 84 | break; |
79 | /* If we reached the end of the list, the address was not | 85 | /* |
80 | there. */ | 86 | * If we reached the end of the list, the address was not |
87 | * there. | ||
88 | */ | ||
81 | if (!hp->h_addr_list[i]) { | 89 | if (!hp->h_addr_list[i]) { |
82 | /* Address not found for the host name. */ | 90 | /* Address not found for the host name. */ |
83 | log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!", | 91 | log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!", |
@@ -94,16 +102,17 @@ get_remote_hostname(int socket) | |||
94 | 102 | ||
95 | check_ip_options: | 103 | check_ip_options: |
96 | 104 | ||
97 | /* If IP options are supported, make sure there are none (log and | 105 | /* |
98 | disconnect them if any are found). Basically we are worried | 106 | * If IP options are supported, make sure there are none (log and |
99 | about source routing; it can be used to pretend you are | 107 | * disconnect them if any are found). Basically we are worried about |
100 | somebody (ip-address) you are not. That itself may be "almost | 108 | * source routing; it can be used to pretend you are somebody |
101 | acceptable" under certain circumstances, but rhosts | 109 | * (ip-address) you are not. That itself may be "almost acceptable" |
102 | autentication is useless if source routing is accepted. Notice | 110 | * under certain circumstances, but rhosts autentication is useless |
103 | also that if we just dropped source routing here, the other | 111 | * if source routing is accepted. Notice also that if we just dropped |
104 | side could use IP spoofing to do rest of the interaction and | 112 | * source routing here, the other side could use IP spoofing to do |
105 | could still bypass security. So we exit here if we detect any | 113 | * rest of the interaction and could still bypass security. So we |
106 | IP options. */ | 114 | * exit here if we detect any IP options. |
115 | */ | ||
107 | { | 116 | { |
108 | unsigned char options[200], *ucp; | 117 | unsigned char options[200], *ucp; |
109 | char text[1024], *cp; | 118 | char text[1024], *cp; |
@@ -134,9 +143,11 @@ check_ip_options: | |||
134 | static char *canonical_host_name = NULL; | 143 | static char *canonical_host_name = NULL; |
135 | static char *canonical_host_ip = NULL; | 144 | static char *canonical_host_ip = NULL; |
136 | 145 | ||
137 | /* Return the canonical name of the host in the other side of the current | 146 | /* |
138 | connection. The host name is cached, so it is efficient to call this | 147 | * Return the canonical name of the host in the other side of the current |
139 | several times. */ | 148 | * connection. The host name is cached, so it is efficient to call this |
149 | * several times. | ||
150 | */ | ||
140 | 151 | ||
141 | const char * | 152 | const char * |
142 | get_canonical_hostname() | 153 | get_canonical_hostname() |
@@ -154,8 +165,10 @@ get_canonical_hostname() | |||
154 | return canonical_host_name; | 165 | return canonical_host_name; |
155 | } | 166 | } |
156 | 167 | ||
157 | /* Returns the IP-address of the remote host as a string. The returned | 168 | /* |
158 | string need not be freed. */ | 169 | * Returns the IP-address of the remote host as a string. The returned |
170 | * string need not be freed. | ||
171 | */ | ||
159 | 172 | ||
160 | const char * | 173 | const char * |
161 | get_remote_ipaddr() | 174 | get_remote_ipaddr() |
@@ -163,7 +176,7 @@ get_remote_ipaddr() | |||
163 | struct sockaddr_in from; | 176 | struct sockaddr_in from; |
164 | int fromlen, socket; | 177 | int fromlen, socket; |
165 | 178 | ||
166 | /* Check if we have previously retrieved this same name. */ | 179 | /* Check whether we have chached the name. */ |
167 | if (canonical_host_ip != NULL) | 180 | if (canonical_host_ip != NULL) |
168 | return canonical_host_ip; | 181 | return canonical_host_ip; |
169 | 182 | ||
@@ -215,8 +228,10 @@ get_remote_port() | |||
215 | { | 228 | { |
216 | int socket; | 229 | int socket; |
217 | 230 | ||
218 | /* If the connection is not a socket, return 65535. This is | 231 | /* |
219 | intentionally chosen to be an unprivileged port number. */ | 232 | * If the connection is not a socket, return 65535. This is |
233 | * intentionally chosen to be an unprivileged port number. | ||
234 | */ | ||
220 | if (packet_get_connection_in() != packet_get_connection_out()) | 235 | if (packet_get_connection_in() != packet_get_connection_out()) |
221 | return 65535; | 236 | return 65535; |
222 | 237 | ||